Application Architecture
itEnterprise architecture and integration
Application Architecture
Application architecture is the set of important decisions about an application's structure and behavior. It identifies the major parts, the responsibilities each part owns, and the relationships that let the parts work together.
The word important carries weight. A local function name is usually a code-design choice. A decision that shapes deployment, data ownership, security boundaries, or change cost is architectural. You invest more care in decisions that are expensive to reverse.
Application architecture sits between two neighboring scopes. Enterprise architecture coordinates capabilities, information, and technology across an organization. Detailed software design shapes classes, functions, and algorithms inside a component. Application architecture focuses on one application and its surrounding systems.
The mental model: a set of boundaries and flows
Start with the work the application performs, not a diagram style or a product list. Trace one useful flow from an actor to an outcome:
actor or system
|
v
entry point -> business capability -> state change or query
| | |
v v v
identity integrations data store
\_______________ runtime platform ______/
The boxes matter because they own responsibilities. The arrows matter because they create dependencies. Every arrow needs a contract, a failure model, and an owner.
You then inspect the same application through three views:
- Static structure — applications, data stores, components, and their dependencies.
- Runtime behavior — requests, messages, events, data movement, retries, and failures over time.
- Deployment structure — processes, nodes, networks, trust boundaries, and release units.
One view cannot answer every question. A product owner needs a different view from an operator or a security reviewer. ISO/IEC/IEEE 42010 treats this explicitly: stakeholders hold concerns, viewpoints frame those concerns, and views express the architecture from those viewpoints.
Begin with drivers, not styles
An architecture is fit only in a specific context. Collect the drivers before selecting a style.
Functional requirements describe the outcomes the application must produce. Quality attributes describe how well it must produce them. Availability, modifiability, security, performance, operability, and cost can all shape the structure.
Turn vague qualities into scenarios you can evaluate:
stimulus Black Friday traffic rises to five times normal.
response Checkout continues without losing accepted orders.
measure The agreed error rate and recovery targets remain satisfied.
The numbers come from your stakeholders and workload. They do not come from an architecture pattern. A useful scenario names a stimulus, the affected part of the application, the expected response, and a measurable result.
Rank the scenarios. Architecture is trade-off work. A design optimized for independent deployment can add network calls and operational overhead. A design optimized for immediate consistency can reduce availability during a partition. SEI's Architecture Tradeoff Analysis Method exists because quality attributes interact rather than improve together automatically.
Separate the boundary types
Teams often use service, module, and component as if they mean the same thing. Ask which boundary is actually under discussion.
| Boundary | Question it answers | Typical evidence |
|---|---|---|
| Responsibility | What work belongs together? | capability map, component view |
| Code | What can depend on what? | module graph, dependency tests |
| Runtime | What executes and fails together? | process view, runtime trace |
| Deployment | What can be released independently? | deployment pipeline, artifact map |
| Data | Who owns each fact and invariant? | data model, write path, schema contract |
| Trust | Where does identity or privilege change? | data-flow diagram, threat model |
These boundaries may align, but alignment is a design choice. Two modules can run in one process. Two processes can share a deployment. A service can own several internal components. A shared database can silently couple otherwise separate services.
Good boundaries follow change. Put behavior and data that change for the same reasons close together. Expose stable contracts where separate concerns must collaborate. Keep internal choices behind those contracts so a local change stays local.
Choose constraints that earn their cost
An architecture style is a family of designs with shared constraints. The constraint creates both the benefit and the cost.
Layered and N-tier
A layered design separates concerns such as presentation, business logic, and data access. In an N-tier deployment, some layers also occupy separate physical tiers. The model is familiar and gives dependencies a clear direction.
Horizontal layers can spread one business change across several parts. They can also become pass-through layers with no real responsibility. Use the style when its separation matches the work, not because every application needs three named folders.
Web-queue-worker
A web front end handles interactive requests. A queue buffers work for a background worker. This separates user response time from resource-intensive or long-running processing and lets the two sides scale independently.
The queue introduces asynchronous behavior. You must define duplicate handling, retry policy, failure visibility, and the point at which the user considers work accepted.
Independently deployed services
A service-oriented decomposition places business capabilities behind explicit network contracts. Independent deployment and fault isolation become possible when services also control their own data and release cycles.
The network makes each dependency slower and less reliable than an in-process call. Cross-service changes need contract management. Cross-service data changes need an explicit consistency strategy. Split the application only when those costs buy a capability you need.
Event-driven collaboration
Producers publish facts about things that happened. Consumers react without a direct call from the producer. This reduces direct coupling and supports independent consumers.
Event delivery adds questions about ordering, duplication, schema evolution, observability, and eventual consistency. An event is not a remote command with a past-tense name. It should describe a fact that consumers can interpret without controlling the producer.
Styles compose. An application can use layers inside one deployment, a queue for background work, and events at an integration boundary. Architectural purity is not a business outcome.
Treat data as part of the architecture
Data choices are structural choices. For each important fact, identify:
- The authoritative owner.
- The write path that enforces its invariants.
- The read paths and their freshness needs.
- The retention, privacy, and recovery requirements.
- The contracts used to share it.
Shared data can make reporting and transactions easier. It can also couple release schedules and expose internal schemas. Separate data ownership improves autonomy. It also creates synchronization work and makes some queries harder. Neither arrangement wins without a specific driver.
Choose synchronous calls when the caller needs an immediate answer and can tolerate the dependency's latency and availability. Choose asynchronous messaging when work can be deferred, buffered, retried, or fanned out. Define timeouts, idempotency, and recovery in either case.
Make quality visible in the structure
Quality attributes become real through concrete mechanisms and evidence.
| Concern | Structural questions | Evidence after delivery |
|---|---|---|
| Reliability | Where can failure be isolated? What state must recover? | recovery tests, error budgets, incident data |
| Security | Where are trust boundaries? Who can perform each action? | threat model, access tests, audit records |
| Performance | Which paths have latency budgets? Where can work queue? | load tests, traces, saturation metrics |
| Modifiability | Which changes cross boundaries? Are contracts stable? | change lead time, dependency analysis |
| Operability | Can operators see state and control failure safely? | dashboards, runbooks, deployment results |
| Cost | Which choices dominate consumption and staffing? | workload cost, capacity data, support load |
Cloud well-architected frameworks group these concerns differently, but they share the same discipline: assess the workload through several quality lenses and make trade-offs in context.
Document decisions for use
An architecture description is a working set of views and decisions, not one poster.
Use a system-context view to show actors and external systems. Use a container view to show the application's deployable units and data stores. Add component, runtime, or deployment views only when they answer a real concern. The C4 model provides these levels of zoom without requiring a particular notation or tool.
Record consequential choices in architecture decision records. A useful record captures the decision, its context, and its significant consequences. When the decision changes, add a superseding record so the reasoning remains visible.
Keep the description close enough to delivery that the team can maintain it. A diagram contradicted by the running system is historical evidence, not current architecture.
Evaluate before and after implementation
Review candidate designs against the ranked quality scenarios. For each scenario:
- Trace the relevant path through the views.
- Identify the decisions that enable the response.
- Find sensitivity points where one choice strongly affects a quality.
- Expose trade-offs where one choice helps one quality and harms another.
- Record risks, assumptions, and the evidence needed next.
Then test the assumptions. Use prototypes for unknown technology behavior. Use load and failure tests for runtime qualities. Use dependency rules for code boundaries. Use production telemetry and incidents to compare the intended architecture with the deployed application.
Architecture continues after the first release. Revisit a decision when its driver changes, evidence contradicts an assumption, or accumulated exceptions weaken a boundary.
Where this skill is useful
Application architecture helps when you start a product, split a growing codebase, or modernize a legacy application. It also helps when you add a major integration, change a data model, or prepare for new scale and reliability targets. It gives delivery, security, operations, and product teams a shared map for discussing risk.
It cannot replace detailed design, domain knowledge, threat modeling, capacity work, or delivery discipline. A named style does not guarantee a quality. A diagram does not enforce a boundary. Architecture creates testable hypotheses about structure; implementation and operation supply the evidence.
A practical learning path
- Practice identifying stakeholders, concerns, and measurable quality scenarios.
- Draw context, container, runtime, and deployment views of an existing application.
- Trace responsibility, runtime, deployment, data, and trust boundaries separately.
- Compare two candidate structures against the same prioritized scenarios.
- Record one consequential choice as an architecture decision record.
- Add tests and telemetry that check the most important architectural assumptions.
- Study focused courses on software architecture, distributed systems, data architecture, security architecture, and architecture decision records.
