CGI, October 2020

At the time when the project CyberTrust is progressing towards the implementation of the pilots, it’s timely to talk about the architecture methodology chosen by the consortium of the project CyberTrust which is the backbone of the technological platform has been built. Important interim validated outcome is that the CyberTrust architecture is robust and resilient. The conclusive outcomes will be reported when the pilots are completed.

Architecture in the digital world is not just a good idea; it is an essential discipline to safeguard the quality and future proofs of modern, complex IT-based solutions. Therefore, it is essential to choose the most efficient methodology for CyberTrust system architecture design which is very complex by its nature.

The architecture of CyberTrust is modular on open APIs, with flexibility to adapt and connect to existing police CAD/DBMS and provide tailor-made (cherry picking) solution. As a modular design, CyberTrust system is composed of separate components that can be connected together. The beauty of CyberTrust modular architecture is that we can replace or add any one component (module) without affecting the rest of the system.

Therefore, the choice of the architectural method, which is a recognized method in the Open Group Certified Architect program, that is used in CyberTrust is the proven Risk- and Cost-Driven Architecture (RCDA), an agile solution architecture approach, which is a relatively new approach. It was developed to close the gaps between enter­prise and software architecture. Existing software architecture practices often are too limited in scope for the solutions that need to be archi­tected. However, enterprise architecture practices are too heavy for the agility required to manage time pressures and frequently occurring changes and uncertainty. RCDA incorporates a number of aspects from agile software development prac­tices, such as the use of a backlog of architectural concerns, to be frequently reprioritized based on economic factors like risk and cost.

During the CyberTrust system architecture design, RCDA method supported the architects throughout the process of interpreting stakeholders’ requirements, and subsequently designing and delivering the best fitting solution in a lean, mean and agile manner. Architectural concerns and architectural decisions are weighed throughout the process, and stakeholder requirements are constantly taken into account.

When viewed as a risk and cost management discipline, architecture does not need to obstruct agility. RCDA offers a proven approach to solution architecture that is well-suited to today’s agile end-users needs which is essential for CyberTrust. 

Figure 1: RCDA’s architecting workflow: a backlog of architectural concerns is used to increase agility

Applying the RCDA method, setting up the CyberTrust architecture different practice sets are identified (requirement analysis, solution shaping, architecture validation and architecture fulfilment).

The application of RCDA brings various advantages to CyberTrust:

  • It smoothens communication between solution architects and business stakeholders – RCDA-trained architects communicate about architectural decisions and trade-offs
  • A clear and agreed set of architectural requirements for design decisions, using objective and economically oriented trade-offs, rather than hypes or personal preferences.
  • It reduces the risk of delayed delivery and budget overruns – RCDA sees architecture as a risk- and cost management discipline with economic awareness in the design process and avoiding “gold-plating”.
  • It enhances the quality of solutions – RCDA practices are CMMI (Capability Maturity Model Integration) compliant, and contain guidance for early and effective evaluation of quality attributes.
  • It creates transparency in costing structures – RCDA provides traceability from architectural requirements to the costing model for the whole solution and its parts.

After the validation of the architecture, the platform development took place successfully. At this stage the pilots are ongoing. As per nature of RCDA architecture method, CyberTrust system is continuously being applied the principles of the method until the system is complete and operational. More information about the progress can be found in https://cyber-trust.eu/