The software architecture is one of the most important artifacts created in the lifecycle of an application. Architectural decisions directly impact the achievement of business goals, as well as functional and quality requirements. Yet once the architecture has been designed, most architectural descriptions are seldom verified or maintained over time. Architecture compliance checking is a sound application risk management strategy that can detect deviations between the intended architecture and the implemented architecture.
The ability to detail such deviations is an effective method to proactively identify system weakness and vulnerabilities. The CAST Architecture Checker document provides a review of the increasing challenges to architectural compliance along with a brief walkthrough of some of its capabilities.
Architectural challenges impacting application risks: