Sidebar
This is an old revision of the document!
Table of Contents
4.2.3.4 Modifiability
- [char]Please Review
About
Modifiability is characteristic of a system to successfully support:
- Extensibility
- Updateability
- Deletability
In other words, it is a system or products ability and receptiveness to adapt to future and often unexpected changes. Planning for Modifiability is a bit like looking into a crystal ball about the product, its place within the ecosystem and its ability to adapt to changes in the environment. An easy way to consider Modifiability of a system or product is to ask a series of questions: McGovern et al. 1) suggested the following questions:
| Questions proposed by McGovern et al. | Considerations |
|---|---|
| How often is it expected that a system change will be required? | This question is trying to understand the maturity (see 4.3.2.1 Maturity) associated with the system or product. It is not just about the product, but the maturity of the domain knowledge surrounding the system or product. For example, the accounting domain has been around for thousands of years and is well documented and understood while the use of applications to address Blockchains is less than a decade. |
| What is the usual extent of the change? | This question also relates to maturity (see 4.3.2.1 Maturity) of the domain associated with the system or product. It also has to has to do with how conservative the attitude is towards changes. For example, changes made to an end-user entertainment application such as TicTok are easily tolerated while changes made to accounting records that can adversely effect an individual's wealth are frowned upon. |
| Who is expected to make the changes? | If the changes are to made by a single individual with minimal review and testing the ability to modify the system is high, but the risk of failure is increased. Modifiability must consider these risks in context of the domain. In essence, the better the governance over changes, the higher the success (see 3 Governance). An individual can be extremely disciplined and can be a positive when it comes to adapting to changes. Organizations can be sloppy. So, the maturity of the domain is important, but also the maturity of the organization (even if its a single person) is important. See ISO 90003-2018 and Capability Maturity Model Integration (CMMI). |
| Is it necessary for the system to use current platform versions? | This addresses the End-of-life (EoL) issues associated with any product (see 4.3.5 Manageability and 4.3.1.3 Replaceability). As the system ages, more and more EoL problems arise. The more Commercial Off-The-Shelf (COTS), Government Off-The-Shelf (GOTS), Modified Off-The-Shelf (MOTS), and NATO Off-The-Shelf (NOTS) products used by the system and the longer the system exists there is an increase in risk to the system because each subsystem, component or modular need to be managed. As a case in point, in mid-2020, roughly 200 million PCs worldwide will still be running older Windows versions, mostly Windows 7[https://www.zdnet.com/article/how-many-pcs-are-still-running-windows-7-today/]]. Many of these are probably not modifiable any more. |
Zarnekow et al. 2) did a detailed study of 30 applications in 2015 and found the following time and cost characteristics found that almost 45% of the cost of the projects was spent in production. Most of this cause can be attributed to maintenance and support. Underlining the reason why Modifiability is so important. All too often when a project gets started, the problem is “kicked down the road” with the idea that “we'll cross the bridge when we get there”.
| Time | Actual Cost (in Mill of Euro) | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| # of Users | # of Transactions/yr | Total | Init Dev | Prod | Total Cost | Planning | Init Dev | More Dev | Prod | Shutdown | |
| Minimum | 160 | 23,900 | 2.0 | 0.3 | 0.4 | 0.50 | 0.01 | 0.13 | 0.00 | 0.14 | 0.00 |
| Maximum | 135,500 | 91,250,000,000 | 16.4 | 3.0 | 12.4 | 137.33 | 50.00 | 85.00 | 38.00 | 117.8 | 0.13 |
| Average | 5.6 | 1.7 | 3.1 | 35.74 | 2.97 | 11.57 | 5.52 | 15.6 | 0.08 | ||
| % of total | 100.0% | 30.3% | 55.3% | 100.00% | 8.31% | 32.37% | 15.44% | 43.65% | 0.2% | ||
Another paper published by Björklund 3) reported the cost of software maintenance as 67%.
| Lifecycle Phase | Percent of Cos |
|---|---|
| Requirements Definition | 3% |
| Preliminary Design | 3% |
| Detailed Design | 5% |
| Implementation | 7% |
| Testing | 15% |
| Maintenance | 67% |
* Note:
- Another study found at least 50% of the effort spent on maintenance
- Another study found between 65% and 75% on maintenance
- In embedded real-time systems, maintenance costs may be up to 4 times development costs
Regardless of the actual numbers for a system or a program, all the numbers point to one conclusion: the cost of maintenance is a major driver in the total cost of ownership for systems or projects. Much of the maintenance cost for many projects is not planning or considering Modifiability throughout the project lifecycle, especially early on. Modifiability is closely correlated to creating layered, modular and loosely coupled systems or programs. Fortunately, there are tools which can analyze a system or a program during all phases (see 4.3.3.1 Modularity and 4.3.5 Manageability).
Layering involves separating the system or programs based on technical responsibilities, usually using a N-Tier Architecture. Generally, the tiers are the referred to as the presentation tier, processing tier and data management tier. Often the tiers are both logically and physically separated with each tier running on its own dedicated platforms. In a distributed system, the tiers do not follow the client-server architecture but use a Peer-to-Peer (P2P) architecture. However, the peers can be categorized as fulfilling presentation, processing, and data management functionality.
In addition, systems or programs that are declarative and configurable are more modifiable, especially if the configuration describes the details of connectivity between the modules (or peers). In other words, the descriptions provides the context should address the 5-Ws of who, what, when, where and why and should also consider the how. For example:
| W | context |
|---|---|
| who | Who can access the module (peer) including privileges. developer, a business user, an analyst, or some combination of these is responsible |
| what | What is the module (peer) name, version, download URI. |
| when | When can the module (peer) be accessed. event, calendar, time, etc. |
| where | Where can the module (peer) be found. paths, endpoints, etc. |
| why | Why is the module (peer) defined, documentation, rules, filters, etc. |
| how | How is the module (peer) accessed. Library, RESTFul, Remote Procedure Call (RPC), DDS, Message queue, etc. |
Expectations of frequent changes driven by business-related changes can be more modifiable if the rules are not codified into software but stored as machine readable rules that can be interpreted at run time. For example, rule engines. However, the downside of a data-rule driven system is that changes in data or rules can result in crashes which will adversely effect stability (see 4.3.5 Manageability).
DIDO Specifics
