Defensive Architecture — Why Am I So Defensive?

Defensive Architecture
Defensive Architecture

Defensive Architecture is your best approach.

Defensive Architecture

When you’re delivering cutting edge projects you’re balancing on multiple knife edges. We’re asked all the time to deliver faster than possible and we generally do well. Sometimes there are corners that we can cut (e.g. polish the UI/UX later, shift some of the logging to later sprints, delay features) — but there are times where I stand like a rock. It drives them insane.

Defensive Architecture is one of these areas.

So… what the heck is DefensiveArchitecture?

In my potentially naive sounding way I define Defensive Architecture as using architecture to protect the system you’re creating from itself. Any large system has many pieces and those pieces change over time. There are many reasons for change but I’ll focus in on the two reasons that create the most catastrophic impacts.

You see, when something fundamental to your system changes it shakes the whole system.

So what do you do? You put it in a box that protects you from the change. That’s Defensive Architecture.

Those two cases that I mentioned — where Defensive Architecture is an absolute requirement with no exceptions — are:

  • Bleeding Edge Tech
  • Avoiding Vendor Lock-in

Defensive Architecture for Bleeding Edge Tech

Some groups get upset that the underlying components are changing — and to them I say that they may be playing in the wrong space. Innovators understand that the biggest innovations have churn. It’s normal, expected, and natural. The dumb move is pretending that you know everything. Nobody does.

Defensive Architecture to Avoid Vendor Lock-In

  • Business focus change — It is quite possible that your vendor may change their business focus — what happens if they shift their focus and aren’t quite the same fit or that their API/SDK drifts enough that it is different enough that it breaks all over our system?
  • Allow future options — There may be better options in the future. New players arrive on scene all the time.
  • Contract stranglehold — the worst contract negotiation results come when there is one side that know the other requires them. I’d far rather know that my partner wants to work together in good faith. If they know that my system is dead without them bad things are going to happen.

So building a box helps here — meaning if the relationship with a partner changes they can be replaced. Changing out a technology partner will never be painless but if you don’t plan for it your system will likely be fatally wounded when something major shifts.

An Example of Defensive Architecture

We’re using Sovrin on this project to be our anchor point for the Verifiable Credentials that the VON holds for corporations. Sovrin and the Verifiable Credential approach have really been moving targets. Sovrin for example, has started to find its own but to say it has evolved a bit understates some of the massive changes that have happened. I need to add that this churn is completely natural. Sovrin today is maturing — but that’s like saying that your kid can finally sort of walk. We all know that in a year Sovrin will look quite different. If we don’t plan for that change — some evolutionary and some revolutionary likely — we’re not being smart.

Some changes in Sovrin have resulted in some genuine headaches — but those are the ones where we are well aware of the learning and paradigm shifts that have come. This team is active and knows which parts are relatively solid and which ones are, to use one of my favourite technical terms, “squishy”.

The Downsides of Defensive Architecture

ummm …

OK — there may be one downside. The initial effort can be considered “higher”. But that thought and line of thinking is deeply flawed. As I’ve said before there are many areas that Defensive Architecture applies to and some are required. Even the “optional” use for me, mandates using Defensive Architecture. Frankly I consider it as a filter about the pragmatism and sophistication of the company or client that I am working with. If there is a steadfast refusal to use Defensive Architecture or an insistence that it will take too much time and should be cut I see red flags. Those red flags almost always manifest and I’ve learned to walk away or stand fast. If standing fast isn’t an option, I move on to other projects.

So where am I seeing this approach? Everywhere.

So protect yourself. Use Defensive Architecture.


Originally published at Continuum Loop Inc..

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store