9. ATAM Phase 2

ATAM Phase 2

Bring the producers and consumers together to ensure that there are no discrepancies.

Write Risk Themes early at least start risk themes documentations early – and try to stick to 5. Not all risks map to a theme, there can be some outliers. The following are two groups of activities in Phase 2:

1. Testing – involves checking the results to date against the needs of all relevant stakeholders

2. Reporting –involves presenting the results of the ATAM

Phase 2 involves bottom-up information gathering and analysis.

- Consumers of the system

o End users

o Application builder

o External entities

- Servicers of the system

o System Admin

o Network Admin

o Maintainers

Review Step 1 -6 with the Phase 2 group. Why? This helps Step 7 because these materials are useful in brainstorming. Do not constrain the group, and changes can be made to the utility tree and other artifacts.

Note: Ask for any documentation (architecture) that was requested in Phase 1. Do accept new documentation created “just for Phase 2”. Just a new view, ensure that existing views are not changed/upgraded or modifying the architecture.

Risk Theme

A risk theme is a summarization of multiple similar risks discovered during the analysis of qualified attribute scenarios.

The point out bigger issues in the architecture and are

- Either Commission – i.e. multiple questionable decisions made in the architecture

- Or Omission – i.e. decisions NOT made or requirements not included in the architecture

E.g. Risk Theme: “There is no holistic approach to resource management…” Impacts Business Goals: “Cost, time-to-market, ability to compete with competitors”.

8. ATAM Scenario Documentation example

Scenario Documentation

The following are templates filled out for scenarios for illustration not completeness.

(H,H) Scenario	Port new to Operating System
Attributes	Portability
Environment	Operating system
Stimulus	New Device
Response	The developers deliver a production quality PAMD Image that supports new device within two months.
Architectural Decisions	Sensitivity	Tradeoff	Risk	Nonrisk

(H,H) Scenario	Port new hardware to existing infrastructure and operating system(s)>\.
Attributes	Portability
Environment	N/A for now
Stimulus	A new device is selected to inclusion into the ecosystem.
Response	PAMD developers deliver a production quality PAMD images is developed for the new device within 2 months (business) or 1 year (IT Arch). [Negotiated to 6 months between Business Owner and IT Architect]
Architectural Decisions	Sensitivity	Tradeoff	Risk	Nonrisk

(H,H) Scenario	Data type incompatibility
Attributes	Reliability
Environment	Run-time
Stimulus	The data type understood by the application changes, without an updated plug-in
Response	The system raises an error, informing the user that the data type is incompatible.
Architectural Decisions	Sensitivity	Tradeoff	Risk	Nonrisk

(H,H) Scenario	Loading PAMD plug-ins and applications
Attributes	Reliability
Environment
Stimulus	User loads 1 additional plug-in or applications that exceeds the system capacity limits.
Response	The system responds by loading the new plug-in or application without crashing.
Architectural Decisions	Sensitivity	Tradeoff	Risk	Nonrisk

Here is the clearest definitions I could come up with:

Risk – a clear risk to the architectural design relative to a single quality attribute.

Nonrisk – a good decision.

Tradeoff – two quality attributes are being balanced here.

Sensitivity Point – a single quality attribute is impacted by

7. ATAM Utility Tree Example

I think a utility tree is a visualization of quality attribute exposures for a given architecture, however it can get pretty cumbersome and the details will loose the big picture. In practice, it really depends on the people reading this and how well familiar they are. Chances are they will not be and the goal will be then for the architect to familiarize the stakeholders or create an alternate artifact.

5. ATAM Phase 0: Evaluation

 

Purpose: Partnership & Preparation: Usually present the ATAM to a small group. Get the Business Drivers.

Step 1: Purpose to ensure that the client understands the mechanics of the evaluation method; make sure the client understands the CBA of an architecture evaluation. Record questions for possible FAQ list. Consultants may write up work plans. 75 man days for evaluation team effort– duration best case is 3 weeks.

Step 2: Initial description of the candidate system. Client provides existing documentation describing the system. Client conveys main architectural drivers e.g. business goals, requirements, constraints etc.

Client and evaluation organization agree on necessary architecture documentation – “3 main views”.

NDA – for evaluation team is done at this step.

Evaluators record general business goals, quality attributes, architectural constraints and list of architecture documentation to be delivered to the evaluation team.

Step 3: Go/No-Go decision with respect to conducting ATAM.

Evaluation organization representatives understand the state of the architecture well enough to make a decision and ensure that the candidate system is ready for evaluation.

Evaluation team takes a look at the context drawing and multiple views of the system (e.g. run time etc.)

The list of named participants and their roles with respect to the system must be provided.

Step 4: SOW presentation and negotiation.

Step 5: Form core evaluation team. Aim for 4-6 evaluators.

Modifiability – coupling, encapsulation, contract based interactions, cohesion etc.

Step 6: Conduct evaluation team kick-off meeting.

Team Leader: establishes the time and place for the meeting.

Stickies on a board that can be grouped by risk themes are helpful…or use “Mind Maps”.

Tools like “Enterprise Architect” are used for evaluation in some companies.

Step 7: Prepare and Plan for Phase 1.

Review the purpose of the ATAM phases with the client.

Confirm the time and place for the evaluation for the client to present the system architecture & business goals, architect to present the system architecture and arrange for supplies.

Step 8: Preliminary review of the system’s software architecture.

Hold a brief post-mortem.

4. ATAM Phases Overview

 

There are 4 phases of the ATAM evaluation: Phase 0-3.

Phase 0: Partnership & Preparation

· Usually present the ATAM to a small group. Get the Business Drivers.

Phase 1: Initial Evaluation: Step 1-6

· Steps 1-5: We don’t pre-judge here. Just gather information and focus on the pros.

· Step 6: This is still phase 1. Ask questions about the architectural decisions, and do they map back to business drivers?

Phase 2: Complete Evaluation: Step 7-9

· Step 7: (Brainstorm & Prioritize) – Phase 2: Show Phase 1 scenarios, you recap.

· Step 8: Analyze Architectural Approaches: You have more stakeholders.

· Step 9: Report out

Phase 3: Follow-up

3. The Benefits of ATAM Evaluations

 The following are the benefits of Architecture Tradeoff Analysis Methodology (ATAM) -

· Clarified Quality Attribute Requirements

· Improved Architecture documentation

· Documented basis for architectural decisions

· Identify risks early in the life cycle

· Increased communication among stakeholder

· The results are dramatically improved software and solution architectures.

2. ATAM Conceptual Model

The Architecture Tradeoff Analysis Method (ATAM) is a facilitated, stakeholder-driven evaluation process designed to surface risks, non-risks, sensitivity points, and trade-offs in an architecture. Its value lies in creating a structured conversation that aligns technical decisions with business drivers and quality attributes.

Core Concepts

Sensitivity Points

Definition: A property of one or more components that is critical to achieving a specific quality attribute response.

Example: Queue depth is a sensitivity point. Adjusting it directly influences scalability and throughput.

Trade-offs

Definition: A property that simultaneously affects multiple quality attributes, often requiring explicit prioritization.

Example: Persistent vs. non-persistent queues impact durability, availability, and throughput—forcing a conscious trade-off among them.

Conceptual Flow

The ATAM process decouples business drivers and scenarios from the architectural plan and decisions, ensuring a traceable line of reasoning.

A more accurate flow in practice is:

Architectural Plan / Presentation

→ Architectural Approaches (candidate solutions and patterns)

→ Quality Attribute Requirements (QARs) tied to those approaches

→ Architectural Decisions made explicit and evaluated against QARs

Practitioner Advice

Phase Separation: Never run Phase 1 (eliciting drivers and scenarios) and Phase 2 (detailed analysis and trade-offs) in the same week.

Allow 1–2 weeks between phases for participants to reflect, refine scenarios, and prepare.

This gap leads to sharper analysis and more meaningful stakeholder engagement.

Why It Matters for Architects

Brings clarity and rigor to architectural decisions by making implicit trade-offs explicit.

Provides a shared vocabulary for stakeholders and technologists to discuss quality attributes (scalability, availability, performance, etc.).

Ensures that architecture is justified by business drivers, not just technical preference.

See Conceptual Model here: http://www.sei.cmu.edu/architecture/tools/evaluate/atam.cfm

Understanding Architectures with Pictures

 

“Pictures speak a 1024 words.” – this is a quote I used a lot for the past 10 years or so. Why? Well this is because architectures need to be visualized. Bredemeyer Consulting’s Visual Architecting Process, SEI’s SAPP, RUP’s UML, Zachman, TOGAF etc. all dwell on visualizing abstractions. But how do you translate that to real projects, and especially those that claim to be agile and misunderstand that to mean no design and no plans? As one of the many signatories of the agile manifesto it is clear to me that those projects that do not know what the architecture is can not deliver software in a timely manner with good quality attributes.

Software Architecture should be represented by a set of views that support its analysis. Usually the following views are most often used:

Advice: At least 3-views recommended by SEI:

1. Module View

2. Component View

3. Deployment View

Plus a sequence diagram can be added as the forth.

Multiple views of a software architecture allow it to be understandable without any confusion by the entire team and its stakeholders.

Architect with security in mind as a first thought

So if you’re doing a solution architecture review, make sure you first look at the security design of the system including authentication, digital signatures, secret key cryptography, public key cryptography, authorization, and non-repudiation from the perspective of a digital firm. Authentication and authorization are the founding stones of security which needs to be understood and deployed across the enterprise.

The use of digital signatures has seen tremendous growth in recent years and with the onset of new technologies, in particular Web-services, promises to be the dominant area in security. Corporate espionage is on the rise, and security can not be overlooked.
Ensure your system vulnerabilities are checked - Cross Site Scripting seems to be the worst offender in modern systems. Make sure your internet-facing applications are hosted on supported and patched platforms. Approach it with an outside-in, basic-first strategy for your IT department instead of focussing on obtuse things like bit-encryption levels first, ensure you can prioritize defenses against the most probably threat vectors first.

Software Architectures need to be evaluated.

What constitutes an architecture?

“You employ stone, wood and concrete, and with these materials you build houses and palaces. That is construction. Ingenuity is at work.

But suddenly you touch my heart, you do me good, I am happy and I say ‘This is beautiful’. That is Architecture.”

- Le Corbusier, 1923

- Quoted in Architecture: From Prehistory to Post-modernism

Well, then what is software architecture?

There is no universal agreed upon formal definition of software architecture, however, the Software Engineering Institute (SEI) has defined it as follows:

“The software architecture of a system is the structure of structures of the system, which comprise software components, the externally visible properties of those components and the relationships among them.” - SEI’s definition of Software Architecture.

- It is a vehicle for communication among stakeholders.

- It is the manifestation of the earliest design decisions.

- It is a reusable, transferable abstraction.

Software elements – modules, components etc. Externally visible properties – does provide for internal flexibility. E.g. a contract is externally visible.

All designs involve tradeoffs. Architecture is the earliest life-cycle artifact that embodies significant design decisions: choices and tradeoffs.

Predict a system’s quality attributes by studying its architecture. We can analyze architecture for achievement of quality attributes – it determines risk not a “grade”.

Bottom line: an evaluation should result in architectural “Risks Themes”. See SEI’s web-site for details.

Embrace Change Don't Just Criticize The Architecture

I love change when it fuels positive growth and innovation. It excites me because I can see ideas that once lived only in my head transform into real products. I enjoy crafting solutions that people can hold, use, and benefit from. That moment, when vision becomes reality, is deeply rewarding to me. The creativity offered by software architecture, user interface design, and backend engineering hits the sweet spot for me.

But in my journey, I’ve often come across software architectures that didn’t start with a vision. They simply “evolved out of need.” Sometimes teams “end up” with architectures that just happened to them, patch by patch, release by release. Other times, projects begin with a neatly sketched design, but even those evolve under the weight of deadlines, tradeoffs, and shifting requirements: Technical Debt.

And that’s not necessarily a failure. Every architecture tells a story of its context.

When speaking to decision makers, I often use analogies. Think about it like buildings. You might look at a structure and think, “Wow, that looks ugly.” But to the contractor, it may be a lucrative project. To the people living inside, the aesthetics may not matter at all. They may say if it ain't broken don't fix it. Architecture, whether in concrete or code, is always a balance between risks, non-risks, tradeoffs, and sensitivity points. I learned that at Carnegie Mellon's Software Engineering Institute. These aren’t just abstract concepts; they are the risk themes that give us the clarity to make informed design decisions.

As a seasoned IT Architect, here's what I believe: no architecture is inherently good or bad. It only becomes meaningful when evaluated through the lens of context and risk. Once risks are surfaced, explained, and understood, the decision shifts from being “good versus bad” to “fit for purpose.”