For over fifty years the industry has known the principles of how to build software correctly.
- Code that is flexible and stable enough to get the job done.
- Code that is secure from all known threats.
- Code that is maintainable for at least a decade or more.
The reality has always been: “Pick two.”
Allow me to share a proposed architecture that not only says “I’ll take all three, thank you.”, but also adds in reduced workload and burnout of the engineers; developer and security. It incorporates four principles that we have always desired.
• Testable input and output that is locked in before writing code.
• The best language for the job.
• Secure at the code level, not just the network level.
• Longevity.
I've built a methodology that makes all four default, not aspirational. The key was AI. And not the way most are using it. But as a partner. With it I’ve put together a process that bakes in compliance at all levels with:
• Contracts
• Jobs (microservices ++)
• Code-level security compliance as well as mTLS on all inter-service calls.
• Rewrites of application code that are on a 3-year cycle.
Plus one more: Observability at the inter-service level.
I’m proposing TCA, Tessellated Constellation Architecture.
While I put this together primarily from the developer side, when I started looking at it I realized it also fulfilled quite a few of the dreams of security engineers as well. And in a manner that does not constrain the developer but rather empowers them exponentially.
And here’s the clincher. This isn’t theory. The repo I link to below is the proof. 12 services, 6 languages, ~10,000 lines, under 40 hours. With each service/Job rewritable in an afternoon.
Pelentan
/
tca-blackjack
This is a proof-of-concept / prototype for a new application architecture I'm calling "Swarm".
TCA Blackjack
Proof-of-Concept: Polyglot Microservices · Zero Trust · AI-Augmented Development
What is Tessellated Constellation Architecture (TCA)
I'm working on a white paper to explain the Tessellated Constellation Architecture concept in detail, but I'll try to cover it briefly here. I've been working on developing how the IT arena should be working with AI. Not theorizing. But developing working examples of what can be done. Not what might work. What does work. I did my first example here: https://github.com/Pelentan/lora-dataset-prep. In this project I wanted to try out what I thought was a whole new way of creating an application that was only feasible with an AI partner. Ah… Age and memory. It was only when I finished and looked closer that I realized I was standing on the shoulders of giants. Almost every aspect of this architecture has been around for a while and I was only half-remembering them…
Check it out and let me know what you think.
Top comments (0)