In any complex software system, strong interdependencies exist between requirements and software architecture. Requirements drive architectural choices while also being constrained by the existing architecture and by what is economically feasible. This makes it advisable to concurrently specify the requirements, devise and compare alternative architectural design solutions, and ultimately make a series of design decisions to satisfy each of the quality concerns.

Unfortunately, anecdotal evidence has shown that architectural knowledge tends to be tacit in nature, stored in the heads of people, and lost over time. Therefore, developers often lack comprehensive knowledge of underlying architectural design decisions and inadvertently degrade the quality of the architecture while performing maintenance activities. In practice, this problem can be addressed through preserving the relationships between the requirements, architectural design decisions and their implementations in the source code, and then using this information to keep developers aware of critical architectural aspects of the code.

In this talk I will present a novel approach that utilizes machine learning techniques to recover and preserve the relationships between architecturally significant requirements, architectural decisions and their realizations in the implemented code. I will also present the Archie tool suite, initially funded by the National Science Foundation, and further developed under the sponsorship of the Department of Homeland Security (DHS). Archie is designed to detect security-related architectural design decisions in the code and to protect them from potential degradation during maintenance activities. Finally, I will talk about the integration of Archie’s component with the DHS’s Software Assurance Market Place (SWAMP) to advance research and development of secure software systems.

Mehdi Mirakhorli is a doctoral candidate at DePaul University with a research background in software architecture design, requirements engineering, and application of data mining in software engineering. Previously, he worked as a software architect on large data-intensive software systems in the banking, meteorological and health care domains. He has served on the Program Committees for several workshops and conferences and as Guest Editor for a special edition of IEEE Software on the Twin Peaks of Requirements and Architecture. Mehdi has received two ACM SIGSOFT Distinguished Paper Awards at the International Conference on Software Engineering and has engaged in research projects with the US Department of Homeland Security (DHS).