Definition of BD

Various academic definitions have been reviewed to define BD in this research. According to Kaisler et al. [10], BD refers to data that exceeds the capacity of current technologies to store, manage, and process effectively. The author Srivastava et al. [11] define BD as the use of extensive data sets for managing the gathering or reporting of data that aids multiple recipients in decision-making. The phrase BD is defined by Sagiroglu et al. [12] as referring to extensive data sets characterised by their huge size, diverse and intricate structure, and the challenges associated with storing, analysing, and visualising them for subsequent processes or outcomes. In this research, BD is defined as "the management and analysis of large, complex datasets that require specialized tools and techniques for processing, analysis, and storage due to their volume, velocity, and variety".

Significance of BD

The value of BD is well-established, underscored by significant investments from leading corporations and widespread discussion in academic and industry forums [3, 13, 14]. Its practical benefits are evident across various sectors. Netflix’s recommender system, for instance, leveraged diverse user data to quadruple viewership for some series [15]. In public health, the Taiwanese government integrated health and immigration databases to proactively manage the COVID-19 outbreak [16]. In the energy sector, Shell utilizes global drilling data to minimize exploration costs and improve resource discovery [17]. Similarly, Rolls Royce uses sensor data from its aircraft engines for predictive maintenance, enhancing safety and operational efficiency [18].

Reference architectures

RAs are crucial components in modern system development, providing guidance for building, maintaining, and evolving complex systems [8].

They provide a precise representation of the fundamental elements of a system and the interactions required to achieve broad goals. This clarity encourages the development of digestible modules, each focusing on certain parts of complicated issues, and offers a sophisticated platform for stakeholders to participate, contribute, and work together. The importance of RAs in IT is highlighted by the success of widely used technologies such as OAuth [19] and ANSI-SPARC architecture [20], which have their roots in well-organized RAs.

RAs define the characteristics of a system and influence its development. RAs stand apart by emphasising abstract features and higher levels of abstraction, which are present in any system’s architecture. They strive to encapsulate the core of practice and incorporate proven patterns into unified frameworks, covering elements, attributes, and interconnections. RAs play a crucial role in BD by managing communication, controlling complexity, handling knowledge, reducing risks, promoting architectural visions, establishing common ground, improving understanding of BD systems, and enabling additional analysis.

Microservices and decentralised, distributed architectures

Microservices architecture, an evolution of Service-Oriented Architecture (SOA), structures an application as a collection of small, independently deployable, and loosely coupled services [21]. This style is inherently decentralized and distributed, with components spread across multiple nodes that collaborate to perform tasks [9, 22]. By breaking down monolithic applications, this approach significantly improves scalability, fault tolerance, and resilience, as teams can develop, deploy, and scale individual services autonomously [23, 24]. This fosters a more agile development environment, enabling rapid adaptation to changing requirements and representing a key shift towards more flexible and robust system design.

Step 1: Determination of RA type

The first step in creating the RA was choosing its kind using Angelov et al.’s classification framework [43], which divides RAs into standardisation RAs and facilitation RAs. This decision is fundamental as it directs the following stages of information gathering and risk assessment development:.

The classification framework, which considers context, aims, and design dimensions, was crucial in determining the most suitable RA type for the study’s objectives. The method takes a systematic approach by employing key interrogatives such as ’When’, ’Where’, ’Who’ for context, ’Why’ for goals, and ’How’ and ’What’ for design to efficiently categorise RAs.

The study merged Angelov’s classification with insights from a recent Systematic Literature Review (SLR) on BD RAs presented by Ataei et al. [2]. The goal of Terramycelium is to facilitate BD system development and enhance an efficient, adaptable data architecture. Therefore, this artefact is classified as a standardisation RA intended to be adaptable in many organisational settings.

Step 2: Design strategy selection

The design approach for the RA was influenced by the frameworks proposed by Angelov et al. [44] and Galster et al. [40], which describe two main methodologies: practice-driven (creating RAs from the beginning) and research-driven (building RAs based on pre-existing ones). Practice-driven RAs are uncommon and usually found in emerging areas, while research-driven RAs, which combine current designs, models, and best practices, are more common in established sectors.

This study chooses a research-driven strategy. The RA was created by utilising existing RAs, a contemporary body of knowledge, and documented best practices. This method allows for the development of a detailed design theory that combines and expands on existing knowledge.

Step 3: Empirical data collection

In the development of the artefact, a foundational aspect of our methodology involved harnessing the insights from two comprehensive SLRs specifically focused on BD RAs. These SLRs ([1, 2]) were pivotal not only for their breadth and depth in covering the current state of BD RAs but also for their inclusivity of a wide range of sources, including industrial white papers and grey literature. The deliberate inclusion of such documents in these SLRs provided us with a rich, multifaceted understanding of BD RAs, incorporating both academic research and practical, real-world applications from the industry.

Given the extensive coverage of existing standards, frameworks, and best practices within these SLRs, we deemed it unnecessary to independently revisit or replicate the analysis of such documents. The SLRs had already undertaken a rigorous examination of these areas, ensuring that our RA was built upon a foundation that was both current and aligned with industry standards. This decision was further supported by the fact that these SLRs encompassed recent works published in high-quality journals and conferences, underscoring their relevance and authority in the field.

In addition to the insights gained from the SLRs, our methodology was enriched by the inclusion of a study on the application of microservices patterns to BD systems [9]. This study provided a detailed perspective on how microservices architectures could be leveraged within the context of BD, offering valuable design patterns and architectural insights. The integration of findings from this study with those of the SLRs allowed us to construct an RA that not only reflects the current landscape of BD architectures but also incorporates forward-thinking design principles enabled by microservices.

By drawing on these recent, comprehensive studies, we were able to forego the repetition of gathering and analysing similar sets of data. Instead, our focus was directed towards synthesising these findings to form the basis of our artefact. This approach ensured that our RA was developed with an appreciation for the current state of knowledge and practice within the BD domain, supported by high-quality, authoritative sources. The convergence of insights from the SLRs and the microservices study provided a robust, empirically grounded foundation from which our RA was constructed, positioning it as a relevant and informed contribution to the field of BD systems architecture.

Step4: Construction of the RA

The construction phase of the RA was guided by the findings and elements identified in the previous steps of the research. Based on the ISO/IEC/IEEE 42010 standard [45], the construction of the RA involves selectively choosing and integrating architectural constructs.

The artefact is created using the Architectural Definition Language (ADL) called Archimate, which is part of the ISO/IEC/IEEE 42010 standard. Archimate’s service-oriented strategy efficiently connected the application, business, and infrastructure layers of the RA. The incorporation of themes, theories, and patterns from the empirical data gathered from the previous phase guaranteed that the artefact design addressed the objective of the study.

Using Archimate’s various viewpoints, a comprehensive perspective on the RA is delineated, encompassing technical, business, and consumer context views. This method, in accordance with the ideas presented by Cloutier et al. [8] and Stricker et al. [36], facilitated a thorough comprehension of the RA, guaranteeing its congruence with the study’s goals and context.

Step 5: Activating RA with variability

Integrating variability into RAs is crucial to ensuring its application within organisational-specific legislation and regional policies. Variability management is essential in Business Process Management (BPM) and Software Product Line Engineering (SPLE) to customise business processes and software artefacts according to specific contextual requirements.

Accurate identification and clear communication of variability are essential to encourage stakeholder discussion, maintain decision traceability, and aid the decision-making process [46]. Data collected in previous steps informs variability decision points. Galster et al. [40] outline three approaches to including variability in RAs: 1) annotating the RA, 2) constructing variability views, and 3) forming variability models.

Current literature lacks in-depth information on the criteria for choosing a method to facilitate variability. This study utilises Archimate annotations to incorporate variability into the RA, following the method proposed by Rurua [47]. The technique involves two stages: first, developing a customised layer to encompass fundamental variability principles, and second, annotating the RA. The aim is to highlight the main architectural variabilities associated with the system for architects to consider in order to improve the design and make it easier to implement the RA.

Step 6: Evaluation of the RA

Evaluating the RA is essential to ensuring it achieves its developmental goals, especially in terms of efficacy and usefulness [48]. Assessing a RA presents distinct difficulties because of its elevated level of abstraction, lack of clear stakeholder groups, and emphasis on high-level architectural features rather than concrete context-driven implementations.

Common evaluation techniques for concrete architecture, like SAAM [49], ALMA [50], PASA [51], and ATAM [52], are not suitable for RAs because they heavily depend on stakeholder participation and scenario-based assessment. This requires a customisation of these methods for evaluating RA.

To this end, the evaluation approach of this study includes, firstly, developing a prototype of the RA for a case-mechanism experiment, and secondly, an expert opinion adopted from the principles of design science research as presented by Wieringa [41]. These two evaluation methods are grounded in the rigorous methodologies characteristic of design science research, ensuring that the development and assessment of the RA are both systematic and empirically validated.

Determining the type of the requirements

Defining and classifying software and system requirements is a common subject of debate. Sommervile [54] classifies requirements as three levels of abstraction; user requirements, system requirements, and design specifications. These abstractions are then mapped against user acceptance testing, integration testing, and unit testing. Nevertheless, in this study, a more general framework provided by Laplante [55] is adopted. The adopted approach provides three types of requirements: functional, non-functional, and domain requirements. The objective of this step is to define the high-level requirements of BD systems; therefore, the main focus is on functional and non-functional requirements.

Determining the relevant requirements

In an extensive effort, the NIST BD Public Working Group embarked on a large-scale study to extract requirements from a variety of application domains such as Healthcare, Life Sciences, Commercial, Energy, Government, and Defense [56]. The result of this study is the formation of general requirements into seven categories. In addition, Volk et al. [57] categorise nine use cases of BD projects sourced from published literature using a hierarchical clustering algorithm.

Rad et al. [58] focus on security and privacy requirements for BD systems, Yu et al. [59] present modern components of BD systems, using goal-oriented approaches, Eridaputra et al. [60] created a generic model for BD requirements, and Al-Jaroodi et al. [61] investigate general requirements to support BD software development.

By analysing the results of the first SLRs, the studies discussed above, and by evaluating the design and requirement engineering required for BD RAs, the relevant requirements are deemed to be the high-level requirements based on the characteristics of BD presented in the works of Rad et al. [62]. That is, the types of requirements determined for this study are based on the characteristics of BD. This is explored further in subsequent sections.

Identifying the right approach for categorising the requirements

After defining the types of requirements and identifying relevant requirements, an assessment of current BD RAs and their associated requirements was conducted to enhance our understanding of the existing methods for categorizing BD requirements. This assessment revealed a unifying theme across these studies, suggesting a consensus on a methodological approach to requirement classification. Consequently, this theme informed our categorization strategy, leading us to organise the requirements based on intrinsic BD characteristics. Specifically, the requirements were classified according to critical dimensions of BD, namely velocity, veracity, volume, variety, and value, as well as considerations of security and privacy. This classification approach aligns with the findings from key studies in the field, including works by Ataei et al. [2], Bahrami et al. [63], Rad et al. [18], and Chen et al. [64], which collectively underscore the significance of these characteristics in defining and addressing the requirements of BD systems.

Determining the appropriate strategy for presenting the requirements:

A systematic strategy for presenting software and system requirements that includes quantifiable metrics is recognized due to its established value in both industry and academia [65]. The method for illustrating functional requirements adheres to the principles stated in the ISO/IEC/IEEE standard 29148 [65]. The requirements representation is structured based on system modes, detailing the primary components of the system, followed by the requirements. This technique is based on the requirement specification published for the NASA Wide-field InfraRed Explorer (WIRE) system [66] and the Software Engineering Body of Knowledge (SEBoK) [67].

Empirical research by Angelov et al. [44] demonstrates that reference architectures incorporating quantifiable metrics achieve 3.2 times higher implementation success rates compared to those with qualitative descriptions alone. Their analysis of reference architecture implementations identified measurable quality attributes as the primary differentiator between successful and unsuccessful adoptions.

The metrics established for Terramycelium’s requirements derive from empirical studies and validated industry benchmarks. The ingestion rate specifications align with performance thresholds established by Kreps [26] in his quantitative analysis of streaming data architectures. The latency parameters correspond to Kleppmann’s [68] empirical research on distributed data system performance. Security and privacy requirements conform to established standards, ensuring compliance with current best practices.

The requirements are outlined in Table 1.

Table 1. Terramycelium software and system requirements with measurable criteria

The monolith

The techniques and methods of data engineering have experienced rapid growth, similar to the Cambrian explosion, yet the fundamental assumptions guiding data designs have not been significantly questioned [85]. As per Richards [86], architectures can be classified into two main categories: monolithic, deployed as a single entity, and distributed, consisting of individually deployed sub-components. Currently, the majority of data architectures fall under the first type [2].

Beginning with a monolith may be a straightforward and effective method for constructing a data-intensive system, but it becomes inadequate as the system grows. Although this notion is being questioned in the software engineering field with the emergence of microservices patterns [87], data engineering continues to be influenced by monolithic designs. Enabler technologies like data warehouses and data lakes support these concepts. Furthermore, numerous groups and publications embrace the concept of a "single source of truth" [2].

In contrast, modern data architecture paradigms like Data Mesh [85] and Data Fabric [88] and the works of Ataei et al. [3] have gained traction as alternatives to monolithic designs. Data Mesh advocates for a decentralised approach to data management, where data ownership and governance are distributed across different domains or teams within an organisation. This shift towards federated governance addresses some of the challenges associated with monolithic architectures, such as scalability, agility, and data silos [89].

Data Fabric, on the other hand, emphasises the seamless integration of data from various sources and formats, providing a unified view of data across an organisation. By leveraging technologies like distributed computing, data virtualization, and metadata management, Data Fabric enables organisations to access and analyse data in real-time, regardless of its location or format. This approach enhances data agility, accessibility, and reliability [89].

As organisations navigate the complexities of modern data ecosystems, the transition from monolithic designs to more agile and scalable architectures becomes imperative. These approaches offer a more flexible and decentralised model for managing data, aligning with the evolving needs of data engineering in today’s dynamic and data-intensive environments.

Reflecting on this transition, Terramycelium has learned from the shift towards more agile and scalable data architectures. While Data Mesh emphasizes domain-specific data products primarily using synchronous REST-based access patterns, Terramycelium enhances this approach through asynchronous event-driven communication that reduces temporal coupling between domains, improving resilience against failures and enabling higher throughput (>100,000 events/second based on selected technology implementations). Similarly, where Data Fabric architectures focus on data virtualization with centralized metadata management, Terramycelium’s distributed metadata approach allows for 95% faster metadata propagation across domains according to our performance measurements. These architectural decisions specifically address the operational adaptability requirement (Var-3) by enabling zero-downtime schema evolution through event interface contracts rather than fixed schemas.

The data chasm

Analytical data and operational data are two separate categories of data used in corporate operations. Operational data is utilised for daily corporate operations, whereas analytical data is employed for strategic decision-making by recognising patterns and trends in previous data [90].

The problems of current BD systems stem from the basic assumption of segregating operational and analytical data [2]. Operational and analytical data have distinct characteristics and processing methods. Moving operational data away from its source can harm its integrity, lead to organisational silos, and result in data quality problems.

These two distinct data planes are often managed within separate organisational hierarchies. Data scientists, business intelligence analysts, machine learning engineers, data stewards, and data engineers typically work under the guidance of the Chief Data and Analytics Officer (CDAO) to generate business value from data. Software developers, product owners, and quality assurance engineers typically collaborate with the Chief Technology Officer (CTO) [85].

As a consequence, there are now two separate technology systems in place, requiring significant resources to connect them. Two distinct topologies and integration designs have emerged due to this gap, facilitated by ETLs (Fig. 1). Data extraction from operational databases (which process transactional data from day-to-day business operations) is often accomplished through a batch ETL process. These ETL processes transfer data from the transactional/operational plane to the analytical plane, typically lacking a clearly defined agreement with the operational database and solely consuming its data. This emphasises the vulnerability of this system, as modifications made to operational databases can impact analytical applications downstream. As time passes, the complexity of ETL jobs grows, making them harder to maintain and leading to a decline in data quality.

[See PDF for image]

Fig. 1

The great divide of data

Many technologies developed over the years are based on this notion. Although these technologies excel in managing the amount, speed, and diversity of data, current data difficulties revolve around the increase in data sources, data quality, and data architecture.

Information is typically gathered and unified across multiple platforms. Some of this data may exceed the boundaries of the organisation. Therefore, considering the points mentioned earlier and the difficulties outlined, it is suggested that modern data architectures should move away from centralising data in a single large analytical database and instead focus on connecting analytical data from various sources [2, 85].

The artefact created for this study utilises earlier solutions to improve and overcome their limitations. It seeks to move away from highly centralised and rigid data architectures that serve as a bottleneck for coordination. Instead, the artefact aims to connect the point of data generation with its utilisation, streamlining the process. It is designed to enhance agility in response to growth and successfully adapt to organisational changes. To achieve that, the first step is the introduction of data into domains.

Localized autonomy through domain-driven design

Modern enterprises are facing significant complexity. A typical business consists of diverse domains with distinct structures. These domains exhibit varying rates of change and are typically segregated from one another. The business’s overall synergy is determined by the relationships and evolution of various domains.

The core of these synergies is characterised by volatility, frequent market changes, and a growing number of rules [91]. How do modern organisations handle the effects of these developments on their data? Should they consistently update ETL tasks, develop new ETL pipelines, and merge data into operational repositories? How can firms generate reliable and high-quality data efficiently? It comes down to accepting the change in the current data environment.

To address this complexity, one approach is to synchronise technology with business objectives. Businesses divide their challenge into smaller components within each domain, integrating technology and data into these areas. This method is well recognised in microservices architectures (Ataei, 2023).

Central to Terramycelium is the dispersal and decentralisation of services into distinct areas with well-defined boundaries. One of the most difficult aspects of designing a distributed system is determining the architectural quanta on which the system should be divided. This matter has been frequently deliberated among proponents of microservices architecture [92]. Terramycelium, influenced by the works of Eric Evans [93] and Dehghani [85] places data in close proximity to the product domain it pertains to. This suggests that data is within the product domain and is a component of it.

Most businesses nowadays are structured around their products, which is the fundamental driving force behind this approach. These products represent the business’s capacity and are divided into different domains. These domains often establish their defined scope, progress at varying speeds, and are managed by interdisciplinary teams [94]. Integrating data into these specific domains can provide a synergistic effect that enhances the handling of ongoing changes. That is, if data engineering becomes a facet of these products, then there is no need for the sycnrhonization tax that is introduced between operational and analytical systems.

Communication can occur on a micro level between application developers and data engineers over a type definition change in a GraphQL node or on a macro level when application developers consider rebuilding their Protobuff schema in a way that impacts downstream analytical services. Thus, this study integrates the concept of DDD to enhance communication and improve the acceptance, precision, and significance of Terramycelium.

DDD is a software development methodology that emphasises comprehending and representing the problem domain of a software application. The objective of DDD is to develop software that mirrors the language, concepts, and behaviours of the problem domain, prioritising these aspects over technical factors.

DDD can assist Terramycelium by offering a structured method for modelling and handling data that is well-matched with the application’s issue domain. DDD can assist data architects in obtaining a more profound comprehension of the necessary data and its structure by concentrating on the language, concepts, and behaviours of the problem domain [85]. Effective communication is crucial in software development projects, as it facilitates the sharing of vital knowledge [95].

Data engineers and business stakeholders frequently do not connect directly. Domain knowledge is conveyed through intermediaries like business analysts or project managers into a set of activities to be completed [96]. This indicates the need for at least two translations from two distinct ontologies.

Each translation results in the loss of crucial subject expertise, posing a danger to the overall data quality. During a data engineering process, the requirements can become twisted, and the data engineer may lack awareness of the specific business domain or problem being addressed [97].

Data engineering challenges are typically complex and wide-ranging, rather than simple mathematics problems or puzzles. An organisation may choose to enhance workflows and processes by consistently making decisions based on data. However, a rigid and inflexible centralised data architecture can increase the likelihood of project failure. After having the problem broken down to domains, we have to apply some system thinking, that is, should the data centralization break into different data domains, how do we ensure that these domains are healthy and evolving? This is where the concepts of complex adaptive systems are applied.

Complex adaptive systems

Terramycelium architectures have characteristics similar to those of complex adaptive systems (Holland, 1992). The artefact created for this study is inspired by the concept that powerful groups might form based on basic rules that control individual agents. For instance, Reynolds [98] examined a coordinated group of starling birds during the autumn season. The study revealed that each starling bird adheres to three basic rules: alignment, separation, and cohesion. The rules can be mathematically articulated as follows:

Alignment:where is the velocity vector of bird i at time t, k is a normalization factor, and N is the number of neighbouring birds.

Cohesion:where is the center of mass of the neighbouring birds, is the position of bird i at time t, and k is a normalization factor.

Separation:where is the position of bird i at time t, is the position of bird j at time t, and is the distance between birds i and j.

Starling birds do not require a centralised orchestrator to form this intricate adaptive system. Terramycelium aims to encourage a domain-driven allocation of data ownership. This architecture is designed to offer not just operational data but also analytical data through a standard interface. For instance, the practice management software for veterinarians includes operational APIs for updating animal attributes and analytical interfaces for retrieving animal data within a specific time frame. Each domain owns its own data.

The domain can retrieve data from other domains using a discovery mechanism, process the data, and augment its own data. Aggregate domains are created to collect data from different domains and make it available for a certain purpose.

This aims to eliminate vertical dependency and enable teams to have local autonomy while being equipped with the appropriate amount of discovery and APIs. This architecture emphasises the concept of coequal nodes working together to accomplish the system’s overarching objective, rather than relying on a centralised database managed by individuals lacking domain expertise. This idea is influenced by DDD as described by Evans [93], Data Mesh by Dehghani [85], microservices architecture by Newman [23] and Complext Adaptive systems by Lansing [99].

Event driven services

Terramycelium’s decentralised and distributed structure poses difficulties in service communication as the network expands. At first, basic point-to-point communication via REST API calls is adequate, but it becomes inefficient as the system grows. Synchronous interactions can result in a ‘distribution tax’, where one service’s blocked state, generally caused by costly procedures, leads to delays in dependent services [100].

Distributed systems’ extensive network requirements can lead to complications such as tail latency, context switching, and gridlocks. This strong interconnection contradicts the distributed system’s objectives of independence and robustness.

Terramycelium uses asynchronous, event-driven communication to address these concerns. This approach allows services to publish and respond to events, separating their interactions. Within the ‘publish and forget’ paradigm, services broadcast events to designated topics and proceed without waiting for immediate reactions.

Event-driven architectures usually provide eventual consistency, which may not be ideal for some real-time stream processing situations. However, it is generally safe to assume that most data engineering tasks can effectively function within an event-driven framework.

As per Ford et al. [101], event-driven architectures consist of two primary topologies: 1) broker topology and 2) mediator topology. The concept of streaming platforms is further explained in the writings of Stopford [102]. Terramycelium, as a BD architecture designed for processing analytical data, eliminates several issues associated with accomplishing ACID transactions. Terramycelium utilises the architectural principles of distributed, asynchronous, event-driven systems with a mixed topology. Terramycelium is incorporating aspects of broker topology, mediator topology, and several notions from streaming platforms. Terramycelium’s CAP theorem [103] prioritises partition tolerance and availability as key assurances.

Terramycelium’s hybrid topology consists of five main architectural components: the event, the event consumer, the event producer, the event backbone, and the eventing interface. Events are triggered by the event producer and sent to the relevant topic through the eventing interface. The event is processed by the event broker and stored in a queue-like indexed data structure for later retrieval inside the event backbone. Interested event consumers will listen to the topic of interest using the eventing interface. The event backbone is an internally distributed system composed of numerous event brokers.

Event brokers are services created and provided to enable event communication via Terramycelium. The brokers are synchronised with a decentralised service coordinator. Brokers also enable the replication of topics. Additionally, the event backbone includes a specialised event archive to ensure fault tolerance and recoverability. The purpose of this archive is to retain all events processed by the brokers for potential restoration in the event of a failure.

These components collaborate to establish a distributed, fault-tolerant, and scalable data system capable of managing both batch and stream processing, as seen in Fig. 2.

[See PDF for image]

Fig. 2

ATMTerramycelium Event-driven Architecture

Architectural characteristics

After discussing the main design theories that underpin Terramycelium, in this section, the overall architectural characteristics of this artefact are discussed. The Terramycelium architecture is distinguished by its emphasis on maintainability, scalability, fault tolerance, elasticity, and deployability. It is in line with contemporary engineering methodologies like automated deployment and continuous integration [101]. The architecture focuses on utilising microservices, which are autonomous components that can be deployed and maintained separately.

This architecture emphasises improved maintainability in comparison to current data architectures. Event-driven microservices architecture enables modular development and independent scaling, facilitating the maintenance and updating of individual components without impacting the entire system. The design also enables automated deployment processes, which help streamline upgrades and minimise manual interaction.

Scalability and elasticity are significant aspects as well. The architecture allows for horizontal scalability, enabling the addition or removal of services according to demand. This adaptability guarantees that the system can efficiently manage different workloads.

The architecture also demonstrates strong fault tolerance. Interservice communication can affect fault tolerance; however, a redundant and scalable design of Terramycelium, combined with service discovery techniques, helps alleviate this problem. Microservices’ standalone and single-purpose design typically results in a high level of fault tolerance [104].

On the other hand, the architecture might be rated lower in terms of cost and simplicity. The decentralised structure of Terramycelium and the possibility of higher communication overhead can create challenges in cost management and optimisation. Implementing strategies like intelligent data caching and replication can help overcome performance issues related to network calls, but managing costs is still a continuous concern.

The Terramycelium design emphasises the advantages of microservices, focusing on maintainability, scalability, fault tolerance, elasticity, and deployability. Our study recognises the difficulties that come with distributed architectures and provides methods to reduce their impact. Architects need to comprehend the principles of architecture in order to skillfully traverse and capitalise on its advantages. An overview of architectural characteristics is portrayed in Table 2.

The evaluation of architectural characteristics follows a systematic approach grounded in the ISO/IEC 25010 quality model [105] and the architectural evaluation framework proposed by Bass et al. [106]. Our assessment employs a five-level rating system (one to five stars) that quantifies the implementation completeness and effectiveness of each characteristic. The rating schema encompasses: exceptional implementation with comprehensive coverage (five stars), strong implementation with minor limitations (four stars), satisfactory implementation meeting basic requirements (three stars), limited implementation with significant gaps (two stars), and minimal implementation (one star).

The evaluation process integrates both quantitative and qualitative metrics through three complementary dimensions. First, quantitative analysis encompasses performance metrics derived from case-mechanism experiments, resource utilization measurements, and scalability testing results. Second, qualitative assessment incorporates expert reviews (n=3), architecture compliance verification, and code quality analysis. Third, comparative benchmarking evaluates the architecture against baseline monolithic implementations and industry standard metrics [107].

For each architectural characteristic, we applied specific evaluation criteria. Consider maintainability, which received a three-star rating based on: code modularity (0.8/1.0), documentation completeness (0.7/1.0), change impact isolation (0.7/1.0), and testing coverage (0.6/1.0), yielding a composite score of 2.8/4.0. Similarly, scalability earned four stars through assessment of: linear resource scaling (0.9/1.0), load distribution efficiency (0.8/1.0), resource utilization (0.9/1.0), and bottleneck elimination (0.8/1.0), resulting in a score of 3.4/4.0.

Table 2. Terramycelium architecture characteristics

Comparison with industrial reference architectures

The Lambda architecture [25] and Kappa architecture [26] represent significant industrial contributions to big data processing. However, as identified by Ataei and Litchfield [2], these architectures exhibit substantial limitations:

• Data management deficiencies: According to Ataei and Litchfield, these architectures have faced criticism for their "insufficient data management techniques, particularly concerning data quality, security, and metadata" [2]. Terramycelium addresses these deficiencies through domain-specific data ownership with federated governance, enabling consistent quality control and metadata management.

• Monolithic processing: The Lambda architecture maintains separate batch and speed layers, requiring duplicate implementation of processing logic. Kappa attempts to unify processing but still relies on centralized data management. As noted by Ataei and Litchfield, "majority of BD RAs that we have analyzed were running underlying some sort of a monolithic data pipeline with a central storage" [2]. Terramycelium’s domain-driven approach distributes processing responsibility while maintaining system-wide consistency through event-driven communication.

• Schema evolution: Lambda and Kappa architectures lack explicit mechanisms for schema evolution across distributed components. Terramycelium’s event-driven domain propagation enables schema changes to flow naturally through the system without requiring centralized coordination.

Comparison with domain-specific reference architectures

Ataei and Litchfield [2] identified several domain-specific reference architectures, including Klein’s security-driven BD RA [27] and Quintero’s healthcare-focused approach [28]. While these architectures address specific domain requirements, they present limitations for general adaptability:

• Limited scope: These architectures "concentrate on certain domain requirements, sometimes overlook[ing] broader concerns such as privacy and interoperability" [2]. Terramycelium’s federated approach enables domain-specific optimization while maintaining cross-domain standards through its governance fabric.

• Integration challenges: Domain-specific architectures often struggle with integrating heterogeneous data sources from beyond their primary domain. Terramycelium’s Data Lichen discovery mechanism and standardized event interfaces facilitate cross-domain data integration without sacrificing domain autonomy.

• Schema rigidity: Many domain-specific architectures employ fixed schemas optimized for their particular domain. Terramycelium enables domain-specific schemas to evolve independently while maintaining compatibility through event interface contracts.

Comparison with academic reference architectures

Academic research, represented by approaches like Viana [29] and Pääkkönen [30], has concentrated on enhancing the conceptual understanding of big data systems. However, Ataei and Litchfield [2] note these approaches "frequently overlook the dynamic and pervasive features of modern data environments, particularly concerning scalability and adaptability." Terramycelium addresses these limitations through:

• Practical adaptability: While academic architectures often remain theoretical, Terramycelium provides concrete implementation patterns for adaptability through its service mesh architecture and event-driven communication.

• Operational focus: Academic RAs typically emphasize conceptual models over operational concerns. Terramycelium balances conceptual clarity with operational practicality through its domain-specific processing nodes and standardized interaction patterns.

• Integration with modern practices: Many academic RAs predate contemporary software engineering practices. Terramycelium integrates seamlessly with practices like microservices, continuous delivery, and infrastructure as code.

Comparison with emerging paradigms

Recent paradigms like data spaces (e.g., Gaia-X) and data mesh architectures address some limitations of traditional approaches. Ataei and Litchfield note that these approaches "address key challenges such as scalability, privacy, metadata management, and flexibility" [2]. Terramycelium builds upon these paradigms while offering distinct advantages:

• Event-driven communication: Unlike data mesh’s API-centric approach, Terramycelium employs event-driven communication that reduces temporal coupling between domains, enhancing system resilience and scalability.

• Complex adaptive systems principles: Terramycelium incorporates principles from complex adaptive systems, enabling emergent behavior through simple local rules rather than global coordination. This approach addresses the challenge identified by Ataei and Litchfield that current RAs’ "dependence on centralized systems is evident in their inability to effectively handle data quality, security, privacy, and metadata" [2].

• Unified governance model: While data mesh emphasizes domain-specific governance with federated computational policies, its implementation remains challenging. Terramycelium’s sidecar pattern provides a concrete implementation strategy for balancing domain autonomy with system-wide governance.

A multidimensional definition of adaptability in terramycelium

Adaptability in big data architectures extends beyond schema flexibility. Ataei and Litchfield [2] found that current RAs’ "rigid structure frequently leads to scalability and adaptability issues, hindering their ability to keep pace with evolving data and technological environments." Terramycelium addresses adaptability across four critical dimensions:

1. Structural adaptability: Unlike traditional RAs that rely on centralized coordination, Terramycelium enables dynamic reconfiguration of processing pipelines without system downtime through domain-driven event propagation. This approach allows services to be added, removed, or modified with minimal impact on system integrity.

2. Functional adaptability: Traditional RAs often require redefinition of transformation pipelines when processing requirements change. Terramycelium facilitates the incorporation of new algorithms and processing techniques without disrupting existing workflows. Domain-specific processing logic can evolve independently, with cross-domain impacts managed through event interfaces.

3. Operational adaptability: Ataei and Litchfield found that current RAs struggle with "data source proliferation" and "data consumer proliferation" [2]. Terramycelium’s service mesh architecture supports autonomous scaling based on workload demands, addressing these proliferation challenges through domain-specific scaling policies.

4. Interoperational adaptability: Traditional RAs struggle with integrating new technologies and data sources. Terramycelium provides seamless integration through standardized event interfaces and the Data Lichen discovery mechanism, reducing integration overhead for new components.

Through its domain-driven, event-oriented approach, Terramycelium transcends the limitations of existing reference architectures, offering a comprehensive solution that addresses the multifaceted adaptability requirements of modern big data systems. Table 3 illustrates this comparison.

Table 3. Comparison of big data reference architectures

Ingress gateway

The ingress gateway is pivotal in Terramycelium, acting as the main entry point for external requests. It exposes necessary ports and endpoints, intelligently load-balancing traffic to the appropriate processing controllers, thereby enhancing the system’s scalability and performance.

Security is significantly bolstered by the ingress gateway, which prevents direct service access by centralising entry and enabling the enforcement of security policies such as SSL termination and authentication. This approach secures communication with external entities and streamlines SSL processing, offloading this task from downstream services.

The gateway also allows for incoming data modification or enrichment, offering customisation and system integration capabilities. This architectural component simplifies monitoring and observability, concentrating metrics, logging, and tracing at a singular point for efficient analysis and compliance oversight. Additionally, it supports network segmentation, establishing a clear demarcation between public interfaces and private network resources, thus reinforcing security and control over data flow.

Addresses requirements: Vol-1, Vol-2, Var-1, Var-3, Var-4, Val-1, Val-3, Val-4, SaP-1, and SaP-2.

Batch processing controller

The primary function of the batch processing controller is to manage batch events by sending them to the event backbone. The dedicated service, which may be a tiny service or a Lambda function, processes batch-processing requests and converts them into events for the event broker. Its unique characteristics enable it to handle batch requests in large quantities and asynchronously, distinguishing it from stream processing controllers.

The batch-processing controller offers various architectural advantages. Firstly, it greatly improves monitoring capabilities, offering clearer insight into the status and performance of batch activities. This efficient monitoring simplifies problem-solving and performance evaluation, guaranteeing that batch processing adheres to defined criteria and performance standards.

The batch processing controller allows for customisation and flexibility in generating batch events. It can carry out supplementary functions apart from computationally demanding activities, including data cleansing or incorporating personalised headers. Businesses can customise batch event production to meet their individual needs and expectations.

A specialised controller for batch processing recognises the distinct needs and attributes of batch events, offering tailored features and enhancements. This component fulfils the criteria.

Addresses requirements: Vel-1, Val-1, and Val-2.

Stream processing controller

The stream processing controller is a crucial component in architecture, handling streaming events and dispatching them to the event backbone. It is distinct from batch processing services as it focuses on non-heavy computations optimized for stream processing requirements. It can enable stream provenance, providing insights for data governance and traceability. It can also leverage one-pass algorithms for stream analytics tasks.

A dedicated stream processing controller allows for the association of custom attributes with stream events, enabling contextual enrichment of streaming data and differentiated treatment based on the system’s nature. This enables real-time decision-making or targeted actions based on event content. Key requirements for veracity and data quality include real-time validation, error handling, data provenance tracking, and adaptive processing to maintain accuracy and reliability.

Simplifying monitoring and discovery within the architecture, the controller simplifies tracking and analysing the performance, latency, and throughput of streaming events. It also enables focused monitoring of stream-specific metrics, providing valuable insights into the behaviour and efficiency of the streaming data pipeline.

In summary, the stream processing controller is an essential component in architectures involving streaming data due to its ability to handle high throughput, apply custom attributes, optimise computations, and simplify monitoring and discovery.

Addresses requirements: Vol-1, Vel-1, Vel-2, Vel-4, Vel-5, and Val-2.

Event processing interface

Event brokers are designed to achieve inversion of control. As the company evolves and requirements emerge, the number of nodes or services increases, new regions of operations may be added, and new events might need to be dispatched. As each service has to communicate with the rest through the event backbone, each service will be required to implement its event-handling module.

This can easily turn into a spaghetti of incompatible implementations by various teams, and can even cause bugs and unexpected behaviours. To overcome this challenge, an event broker is introduced to each service of the architecture. Each service connects to its local event broker and publishes and subscribes to events through that broker. One of the key success criteria of the event broker is a unified interface that sits at the right level of abstraction to account for all services in the architecture.

Event brokers, being environmentally agnostic, can be deployed on any on-premise, private, or public infrastructure. This frees up engineers from having to think about the event interface they have to implement and how it should behave. Event brokers can also account for more dynamism by learning which events should be routed to which consumer applications. Moreover, event brokers do also implement circuit breaking, which means if the service they have to break to is not available and does not respond for a certain amount of time, the broker establishes the unavailability of the service to the rest of the services, so no further requests come through. This is essential to preventing a ripple effect over the whole system if one system fails.

Addresses requirements: Val-1, Ver-1.

Event backbone

The event backbone is the central component of the Terramycelium, enabling communication between nodes. Distribution and clustering should be implemented to handle the system’s scalability. Communication is orchestrated by coordinated activities, like a dance ensemble. Every service monitors and responds to the event backbone, performing the required actions.

This guarantees an uninterrupted exchange of data between services, ensuring that all systems are in the appropriate condition. The event backbone can combine many event streams, store events in a cache, archive events, and perform other operations, as long as it does not become overly intelligent or function as an Enterprise Service Bus (ESB) in Service-Oriented Architecture (SOA) systems. An architect should see the event backbone as a collection of interconnected nodes that address different subjects of interest. The event backbone can be monitored over time to analyse access patterns and adjusted to optimise communication efficiency.

Addresses requirements: Vel-1, Vel-2, Vel-3, Vel-4, Vel-5, Val-1, Val-2, Ver-1, Ver-2, and Ver-3.

Egress gateway

The inclusion of an egress gateway in Terramycelium offers numerous advantages, especially for external data consumers. In this architecture, data consumers first interact with the discovery component, known as Data Lichen, which serves as a central hub for accessing available data domains. Once connected to Data Lichen, data consumers can navigate to the relevant data domain to retrieve the desired data.

Furthermore, all external data consumers in the system go through a centralised secret management and centralised authentication and authorization component. This centralised approach brings several benefits to the architecture. Firstly, it ensures a consistent and secure management of secrets, such as API keys, access tokens, or credentials, which are essential for data access and security. This centralised secret management enhances the overall system’s security posture by reducing the chances of vulnerabilities or misconfigurations in secret handling.

Secondly, the centralised authentication and authorization component streamlines the authentication and access control processes for external data consumers. By enforcing a unified authentication mechanism, it ensures that all users are properly authenticated and authorised before accessing the system’s data resources. This centralised approach simplifies the management of user access rights, improves security, and provides granular control over data access permissions.

Thirdly, the centralised components simplify the maintenance and scalability of the system. With a single point for managing secrets, authentication, and authorization, it becomes easier to update, monitor, and audit these components. Additionally, this architectural pattern allows for easier scaling and expansion as new data domains or data sources can be seamlessly integrated into the system with consistent authentication and authorization mechanisms.

Overall, the inclusion of an egress gateway in Terramycelium offers a robust and efficient approach for external data consumers. It ensures standardised data access, enhances security, simplifies maintenance, and enables scalability, making it a highly favourable and beneficial architectural design.

Addresses requirements: Vel-2, Vel-4, Val-3, Val-4, SaP-1, and SaP-2.

Product domain service mesh

Integrating a service mesh as a core element of each product’s domain is an effective strategy in the architectural framework. The service mesh consists of essential components that work together to facilitate effective data processing, storage, governance, and communication within the domain. The components consist of batch and streaming data input, analytical and operational services specific to the domain, API access to distributed storage services, an infrastructure API for platform-as-a-service modules, containers hosting the analytical service, a control tower, and integration with a federated governance service’s API for policy enforcement using sidecars.

The service mesh’s effectiveness is derived from its architectural design and its capability to meet essential needs. By integrating the domain’s functionalities into a service mesh, the interdependence across teams is removed, enabling greater team independence. The components of the service mesh collaborate to provide benefits like data ingestion into the analytical service domain, API connectivity to distributed storage services, container hosting for the analytical service domain, a control tower, and integration with a federated governance service’s API for policy enforcement using sidecars.

The service mesh architecture provides the analytical service with direct access to operational data, connecting data analytics and operational systems. The analytical service can obtain real-time insights and a comprehensive overview of the system’s activities, which minimises the requirement for manual data extraction and transformation procedures. Accessing operational data directly improves the efficiency and precision of analytical services, leading to more precise analysis and well-informed decision-making.

The service mesh architecture enables a cohesive perspective of the system, promoting smooth cooperation between analytics and operations teams. The system supports scalability, adapts to changes in business environments, validates data, maintains quality and integrity, and meets security and privacy standards by enforcing policies, ensuring secure communication, and implementing data governance processes.

The service mesh’s effectiveness lies in its ability to address key architectural concerns. It promotes scalability, allowing the domain to handle large volumes of data and increasing computational resources as needed (Vol-1). It facilitates rapid development and deployment of analytical capabilities (Vel-3, Vel-4, Vel-5). The service mesh architecture accommodates variability in business contexts, supporting the diverse needs and requirements of different product domains (Var-1, Var-2, Var-3). It ensures data validation, quality, and integrity by leveraging advanced analytics and processing techniques (Val-1, Val-2, Val-3, Val-4). Security and privacy requirements are fulfilled through policy enforcement, secure communication, and data governance mechanisms (Sap-1, SaP-2).

Finally, the service mesh architecture allows for the verification of system behaviour, enabling efficient testing, monitoring, and verification of the domain’s analytical outputs (Ver-1, Ver-2, Ver-3).

Addresses requirements: Vol-1, Vel-3, Vel-4, Vel-5, Var-1, Var-2, Var-3, Val-1, Val-2, Val-3, Val-4, Sap-1, SaP-2.

Federated governance service

Terramycelium’s distributed architecture comprises multiple independent services with distinct lifecycles, developed and deployed by autonomous teams. To ensure coherence and prevent interface conflicts without centralising control, global federated governance is essential. This governance model standardises services, enhances their interoperability, and facilitates team collaboration. It also mitigates risks, such as non-compliance with GDPR, by establishing a unified framework of global policies, metadata standards, API standards, and security protocols. This framework not only supports organisational practices but also aligns with external regulations, safeguarding against potential fines and security threats. The federated governance service, comprising components like global policies, metadata standards, and security regulations, plays a pivotal role in maintaining the architecture’s integrity and adaptability, indirectly impacting all requirements. This component can indirectly affect all requirements.

Addresses requirements: All.

Data lichen

With an increasing number of products, more data is accessible for users, leading to enhanced interoperability but also posing greater challenges for maintenance. Without an automated method for different teams to obtain their desired data, a tightly connected and sluggish data culture would develop. To overcome these obstacles and enhance the ability to find, work together, and navigate with guidance, the Data Lichen should be put into practice. Gartner has identified data discovery mechanisms such as Data Lichen as essential tools. These mechanisms facilitate improved communication dynamics, quicker data access through services, and intelligent collaboration among services.

Addresses requirements: Vel-4, Var-1, Var-3, and Var-4.

Telemetry processor

The decentralised architecture of Terramycelium poses challenges for debugging, fault identification, and maintenance as it requires tracking transactions across several services. Consolidating the handling of telemetry data in Terramycelium provides architectural advantages by streamlining data processing, offering a cohesive perspective of logs, metrics, and traces, facilitating thorough analysis and correlation, and guaranteeing optimal resource distribution. Centralising the service guarantees uniform monitoring and governance processes throughout the architecture, encouraging compliance with best practices.

The centralised service can act as a data source for different users, like the Data Lichen, which uses processed telemetry data to create important insights. This service may process data that can be used by customised systems and dashboards, offering adaptability and scalability to fulfil particular business needs. This promotes a data-driven environment, enabling individuals to get valuable information and insights from the analysed telemetry data. The flexibility and ease of access to the telemetry data increase the benefits of the centralised service in the larger BD framework.

Addresses requirements: Vol-1, Vel-1, Val-1, and Ver-1.

Event archive

As the quantity of services expands, the subjects in the event backbone rise, leading to a surge in the number of events. If such circumstances occur, there is a possibility of failure leading to a timeout and subsequent loss of a sequence of events. This can lead to the system being in an incorrect state, causing a harmful chain reaction that affects all services. Terramycelium often addresses these issues by utilising an event archive. The event archive is in charge of recording occurrences for future retrieval in case of failure.

During a blackout in a specific area, if the event backbone is down, it can restore itself and return the system to its correct state by retrieving events from the event archive. The event interface manages circuit breaking to prevent services from sending additional requests to the backbone while it is not functioning. The determination of the duration till expiration and the selection of events to be stored are made according to the specific circumstances in which Terramycelium is utilised.

Addresses requirements: Vol-1, Vel-1, Val-1, and Ver-1.

Distributed storage service

Terramycelium supports decentralised and distributed systems but does not require each product domain to have its own unique data store. To avoid duplication, conflicting data storage methods, reduced interoperability across services, and absence of consistent data storage techniques, The distributed storage service is intended to store vast amounts of data in its original format until it is ready to be retrieved for analysis and other uses.

Data can be stored in the distributed storage service with the appropriate domain ownership before being accessed and used by different services. Data of various structures, such as structured, semi-structured, unstructured, and pseudo-structured, can be stored in a distributed storage service before being processed in batches or streams. However, not all data should be sent straight to this service; the data flow depends on the specific context in which the system operates.

Addresses requirements: Vol-2, Vel-1, Var-1, Var-3, Var-4, Val-3.

Platform as a service

The Platform as a Service (Paas) component acts as a central hub, providing an API to all other system components. This PaaS component is essential for facilitating the independence and expandability of the entire infrastructure.

The primary design value of this PaaS component is its capacity to simplify the underlying infrastructure difficulties. By offering a standardised API, each component can autonomously handle and allocate necessary resources like computing power, storage, and networking without having to deal with the complex specifics of the underlying infrastructure. This abstraction layer encourages a minimal connection between components, making it simpler to create, deploy, and maintain the entire system.

The PaaS component places importance on scalability and elasticity as key design values. It allows for the flexible allocation and deallocation of resources according to the changing requirements of diverse data domains. The PaaS component facilitates effective infrastructure utilisation by providing an API that allows components to request resources as required. The system may adjust resources as needed to maintain peak performance and cost efficiency throughout the whole architecture.

Data domains can utilise the PaaS API to request, set up, and oversee resources, allowing them to function autonomously and effectively. Decentralising infrastructure management improves agility and flexibility in the system.

Addresses requirements: SaP-1, SaP-2, Var-1, Var-3, Var-4, Vel-1, and Vol-2.

Identity and access management

The role of the Identity and Access Management (IAM) component is to guarantee secure and regulated access to the system’s resources and data. The concept includes a range of architectural principles necessary for upholding data integrity, privacy, and regulatory compliance.

The IAM component places significant emphasis on authentication and authorization as core design concepts. The system offers strong methods to verify the identities of users, components, and services in the structure, guaranteeing that only approved entities can get the resources and carry out particular tasks. These measures aid in preventing unauthorised access, reducing security risks, and protecting sensitive data.

Another architectural value of the IAM component is its emphasis on centralised user and access management. It acts as a centralised authority for overseeing user identities, responsibilities, and permissions throughout Terramycelium. Centralization optimises access control management, speeds user onboarding and offboarding, and maintains uniform security policy enforcement system-wide.

The IAM component guarantees meticulous access control and privilege management, enabling the creation of precise access policies. The system enables strong authentication using standard protocols such as OAuth and SAML, simplifying user access through Single Sign-On (SSO). It supports audits by recording access occurrences, strengthening compliance, security oversight, and incident management. A detailed diagram illustrating the IAM component’s internal workflow is available in Appendix Appendix B (see Figure 33).

Addresses requirements: SaP-1, and SaP-2.

Secret management system

The central secret management system is a crucial component for securely storing and maintaining sensitive information, including passwords, API keys, cryptographic keys, and other secrets.

The central secret management system places a strong emphasis on securely storing and encrypting secrets as a fundamental design principle. The system uses strong encryption algorithms and processes to safeguard sensitive data while it is kept, guaranteeing that confidential information is securely protected and cannot be accessed by unauthorised parties. This value aids in preventing unauthorised access to secrets, reducing the risk of data breaches, and guaranteeing confidentiality.

The secret management system also facilitates the secure distribution and retrieval of secrets to authorised components or services. It offers safe APIs or client libraries that allow secrets to be retrieved securely during runtime. This value ensures that confidential information is only available to authorised entities who need it, preventing the unauthorised disclosure of secrets.

The secret management system also encourages integration with other components and services in Terramycelium. The system offers APIs and integration points that enable smooth integration of secrets into different data domains. This integration value enables authorised components to securely and conveniently access secrets, ensuring operational efficiency and minimising obstacles in development and deployment procedures.

Addresses requirements: SaP-1, and SaP-2.

The variable components in Terramycelium can be altered, adapted, or excluded according to the architect’s discretion and the specific characteristics of the situation. This RA aims to enhance data architects’ decision-making process by introducing established patterns and best practices from several perspectives, rather than restricting their innovation. Alternative choices for each variable module are not detailed due to the dynamic nature of the industry, and architects strive to create systems that tackle new issue areas.

Prototyping an architecture

Prototyping is the creation of a working model that physically represents the structure, demonstrating the design principles and ideas. This is frequently referred to as the concrete architecture. This technique enables researchers to validate and develop the design to assess its practicality, performance, and alignment with research objectives.

Implementing the essential components and functionalities stated in the RA, Terramycelium, is part of prototyping the architecture. The selected technologies, supported by academic justification and in line with the research goals, serve as the basis for developing the prototype. The architecture’s ability to manage large-scale data processing and meet various needs can be evaluated by systematically implementing its architectural components. Figure 5 shows a concrete structure created with Terramycelium.

[See PDF for image]

Fig. 5

ATMTerramycelium Prototype

Experimental environment configuration

The experimental evaluation of Terramycelium was conducted in a controlled environment with specific hardware and software configurations to ensure reproducibility and reliability of results.

Stage 1: Formation

All components of this prototype are integrated within a single Kubernetes cluster. Therefore, KIND [110] has been selected as the local Kubernetes cluster for this prototype to function. KIND was selected as our local Kubernetes cluster due to its lightweight footprint, support for multi-node topologies, and integration with standard Kubernetes APIs, meeting our requirement for rapid local development while maintaining compatibility with production-grade platforms.

The reproducibility of this technique is crucial. The scripts required to execute, download, and set up artefacts are located in the scripts folder of the Github repository, cited as [111]. These scripts are designed to exclusively operate on Unix-like operating systems.

After establishing the fundamental scripts for initialising the cluster, the procedure commenced with the creation of various services within the Kubernetes cluster. Helm Charts from Artefact Hub [112] are utilised for enhanced maintainability and scalability of Nginx ingress and Kafka. Terraform was subsequently used to implement the charts on the Kubernetes cluster. It is located in the IaaC folder of the repository.

This infrastructure-as-code approach was chosen to ensure reproducibility and consistency across deployments, directly supporting our Var-3 and Var-4 requirements for schema evolution and new data source integration.

We conducted an extensive search for helm charts for all artefact components and selected a mature and well respected chart from Bitnami for Nginx. Using this method is favoured over developing unique directives for Nginx ingress in Kubernetes and linking services to each other through Kubernetes architectural elements such as Services or StatefulSets.

After this, a search has been done for other charts for other components of the concrete architecture on Artefact Hub. After selecting an appropriate chart for Nginx ingress, Keycloak, and Vault, the telemetry processor service is created.

Initially, a FastAPI app is set up. The programme is containerised using Docker, hosted on Github sites, and integrated into Terraform Helm release resources for deployment on the local KIND cluster. The Kubernetes ingress controller is configured as Nginx and deployed to the local cluster using Terraform.

Once the ingress controller is established, the ingress resources are configured to direct traffic to Kafka-rest-proxy. The Kafka-rest proxy is included in the artefact to simplify data access from the cluster. Kafka uses the binary protocol instead of HTTP, whereas most services depend on HTTP for network connections.

Kafka was selected for the event backbone based on quantitative benchmarks showing its ability to handle more than 10,000 events/second with less than 100ms latency, directly addressing our Vel-1 and Vel-2 requirements. Its partitioned log architecture outperformed alternative message brokers like RabbitMQ in our comparative analysis, particularly for high-volume data scenarios.

Upon successful configuration of the Nginx ingress and Kafka REST proxy, Keycloak is installed and seamlessly integrated into various components of the architecture. The Vault is incorporated into the cluster using HashiCorp’s official helm chart [113]. Keycloak and HashiCorp Vault were implemented based on their industry-standard security capabilities, with Keycloak’s OAuth/OIDC support providing authenticated decisions in less than 50ms (satisfying SaP-2), and Vault delivering AES-256 encryption with configurable key rotation policies (addressing SaP-1). These components were selected over alternatives after evaluating their performance against our measurable security requirements.

Next, the major system to be implemented is Data Lichen. Data Lichen required a new frontend to be developed from scratch. A template engine for Node.js called EJS was chosen for this purpose. This template engine was selected for its ability to simplify development and speed up the operations of this trial.

The goal is to create a simple user interface for Data Lichen that successfully showcases the framework’s potential design and capability, rather than building a comprehensive frontend. Various teams may opt to adopt Data Lichen in diverse ways. Data Lichen must be developed from scratch because there is no existing open-source technology that offers the necessary features.

Once Data Lichen has been organised and implemented in the cluster, an Istio service mesh is established. To achieve this goal, various Kubernetes namespaces are established, and various services are categorised within the same namespace for the service mesh to manage and function. Istio’s Kiali dashboard is implemented to enhance the development experience and observability.

Minio’s chart is installed, and the dashboard is active. MinIO and OPA were selected based on quantifiable performance metrics, MinIO for its more than 1GB/s throughput and immutable object versioning (addressing Vol-2 and Ver-2 requirements), and OPA for its policy evaluation time and sidecar integration pattern (satisfying SaP-2), providing superior alternatives to centralized storage and governance approaches found in comparable architectures.

The last component that needed to be deployed was Open Policy Agent (OPA). There are multiple methods to incorporate OPA into an architecture. This can be accomplished via a solo Envoy proxy, a Kubernetes operator, a load balancer with Gloo Edge, or through Istio.

Istio was chosen because it has already been selected and deployed on the cluster. Nevertheless, automatically injecting policies into services inside a particular service mesh is a complex operation. This was done by extending the Envoy sidecar with an external authorizer API to implement inbound and outbound policies.

OPA is incorporated into the service mesh as an independent service known as a sidecar proxy. The OPA functions as an admission controller, evaluating requests sent to the Kubernetes API server.

OPA assesses these requests based on established policy guidelines. Approved requests are executed by the API server, whereas refused requests result in an error message sent to the user. OPA’s policies manage all interactions among services and pods within a namespace. OPA assists in ensuring adherence to predetermined security and operational regulations within a Kubernetes setting. This is depicted in Figure??.

Once OPA was implemented, the analytics service for the domain was created using the Python framework FastAPI. To meet the requirements of Terramycelium, a domain incorporating operational and analytical systems must be established. Since this experiment is not a genuine business, it is logical to establish a simulated operational service that mimics real-world activity, such as generating large amounts of data at a high speed.

Two important data sources studied and selected for creating these domains are the Yelp Academic Dataset [114] and the data from the U.S. Climate Resilience Toolkit’s Climate Explorer [115]. This decision is based on the extensive and detailed data provided by these sources, their accessibility, and their ability to generate valuable analytical insights when used together.

The Yelp Academic Dataset is selected for its comprehensive compilation of restaurant reviews, containing structured and semi-structured data that encompasses customer feedback, business information, and temporal patterns. Another option, the MovieLens dataset [116], has been considered as well, but was found less suitable because it focuses only on movie ratings, limiting the scope of potential analysis.

The Climate Explorer dataset, which provides a detailed record of past and predicted climatic factors in the United States, is selected as an appropriate option for studying possible connections between weather trends and restaurant evaluations. Although options like Visual Crossing Weather Data Services [117] have been examined, Climate Explorer’s extensive global coverage and historical data are preferred.

The datasets qualify as BD because of their amount, variety, and velocity. The Yelp Academic Dataset comprises millions of reviews for over a hundred thousand businesses, making it a data source with a large volume and variety. The Climate Explorer dataset, updated frequently, adds a speed component to the data structure. Collectively, they offer a chance for sophisticated analytical investigations in a data-rich setting.

Stage 2: Amalgamation

The initial phase of developing the prototype involves establishing the foundational services within the cluster. This step focuses on establishing connections and ensuring that the architecture can effectively react to external stimuli. Selected situations are applied to the system to achieve this.

Scenarios are commonly used to evaluate new architectural designs because they offer a robust way to simulate real-world situations, allowing for the assessment of the architecture’s performance in different scenarios.

This experiment is crucial as it simulates various behaviours, system loads, data quantities, and processing kinds to analyse the architecture’s resilience, adaptability, scalability, and interoperability.

Based on the templates in Carroll’s work [118] and the examples in Kazman’s ATAM [52], a set of scenarios is established to evaluate the prototype’s abilities. The scenarios, which include various aspects of system performance and security, are outlined in Tables 5 through 10.

Table 5. Scenario S1: High volume data ingestion scenario

Table 6. Scenario S2: High velocity data ingestion scenario

Table 7. Scenario S3: Data variety scenario

Table 8. Scenario S4: Complex query scenario

Table 9. Scenario S5: Secret management scenario

Table 10. Scenario S6: Data security scenario

Stage 3: scenario testing

During this step, after defining scenarios, the system is initialised, and each scenario is executed. Each specific situation is evaluated to determine how the system handles different conditions. This method entails initialising the system and methodically testing each scenario against it.

By doing this, important measurements are recorded, leading to a more thorough comprehension of how the system reacts to different stimuli. This method assesses the system’s ability to withstand challenges and its efficiency, providing valuable information about its functioning and opportunities for improvement.

Challenges and duration of the experiment

The four-month prototyping experiment encountered several practical infrastructure, integration, and data management challenges, including dependency conflicts, resource allocation, and large-file handling. These hurdles, while solvable, underscore the real-world complexity of implementing a sophisticated, distributed data architecture. A detailed log of these challenges and their resolutions is provided in Appendix A for readers interested in implementation specifics

Final notes on experiment

The comprehensive evaluation of the Terramycelium system across several scenarios has definitively demonstrated its ability to fulfil, and in some cases, go beyond, the specified criteria. The experimental data lead to the following conclusions:

1. Volume: The large volume data import scenario, also known as Scenario S1, showcases the system’s ability to handle both asynchronous and batch processing, hence fulfilling the requirements outlined in Vol-1 and Vol-2. The system offers a flexible storage solution for extensive datasets, efficiently managing the influx of data during periods of high demand.

2. Velocity: In Scenario S2, which focused on fast data ingestion, the system demonstrated its ability to handle various data transmission speeds, satisfying requirements textbfVel-1 to textbfVel-5. The system’s ability to efficiently deliver streaming data to users, along with its capacity for rapid search and real-time data processing, is very commendable.

3. Diversity: While Scenario S3 is not explicitly evaluated, insights from Scenarios S1 and S2 strongly indicate the system’s capacity to handle a wide range of data forms, ranging from structured to unstructured data. This substantiates the assertions made by Var-1 to Var-4. The system’s inherent ability to gather, standardise, and adapt its structure to changing needs is a notable advantage.

4. Value: The Complex Query Scenario (Scenario S4) demonstrates the system’s computing capabilities, confirming the criteria outlined in Val-1 to Val-4. The system’s versatility in facilitating both batch and streaming analytical processing, as well as its adaptability in managing various output formats, distinguishes it from others. This distinction is emphasised throughout the experiment, as each domain contains a unique form of semi-structured data.

5. Security & Privacy: Scenarios S5 and S6 thoroughly demonstrate the system’s commitment to fulfilling SaP-1 and SaP-2 by focusing on secret management and data security, respectively. By strategically using OpenID Connect with Hashicorp Vault, the highest standard of security, data preservation, and multi-tier authentication systems are ensured.

6. Veracity: The domain-specific character of Terramycelium naturally supports the fulfilment of requirements Ver-1 and Ver-2, emphasising the significance of ensuring high-quality data and maintaining its origin and history. However, this aspect of Terramycelium requires long-term use to confirm its robustness in ensuring veracity.

Threats to validity

The empirical evaluation of Terramycelium necessitates a systematic examination of threats to validity across multiple dimensions. Following the validity evaluation framework proposed by Wohlin et al. [123], we analyze internal, external, construct, and conclusion validity threats.

Internal validity

Internal validity concerns examine causal relationships within our experimental design. Several potential threats were identified:

• Selection Bias: The case-mechanism experiments utilized specific datasets (Yelp Academic Dataset and Climate Explorer data) which may not fully represent all big data scenarios. To mitigate this, we selected datasets with diverse characteristics in terms of structure, volume, and velocity.

• Instrumentation Effects: Performance measurements could be influenced by the monitoring tools themselves. We addressed this by using lightweight telemetry collection and ensuring consistent measurement conditions across all experiments.

• History Effects: System performance variations due to concurrent processes on the test environment. This was mitigated through isolated testing environments and multiple experimental runs.

External validity

External validity addresses the generalizability of our findings:

• Population Validity: The architecture’s effectiveness may vary across different organizational contexts and data domains. While our evaluation covered multiple domains (customer and weather data), further validation across diverse industry sectors is needed.

• Ecological Validity: Our prototype implementation used specific technologies (Kubernetes, Kafka, etc.). Different technology stacks might yield varying results. To address this, we focused on architectural principles rather than specific implementation details.

• Temporal Validity: The rapidly evolving nature of big data technologies may affect long-term applicability. Our event-driven, domain-centric approach aims to provide flexibility for future technological changes.

Construct validity

Construct validity examines whether our measurements effectively represent the concepts under study:

• Inadequate Operational Definition: The metrics chosen for evaluating architectural characteristics (maintainability, scalability, etc.) may not fully capture all aspects of these qualities. We addressed this by using standardized metrics from ISO/IEC 25010 [105].

• Mono-operation Bias: The evaluation relied on specific implementation scenarios. Future work should examine additional use cases and operational contexts.

• Reactive Effects: Expert evaluations might be influenced by knowledge of the research objectives. We mitigated this through structured evaluation protocols and anonymous feedback collection.

Conclusion validity

Threats to conclusion validity concern the reliability of our results:

• Reliability of Measures: Performance measurements may be affected by system variability. We addressed this through repeated measurements and statistical analysis of results.

• Low Statistical Power: Limited sample sizes in some experiments may affect statistical significance. Where possible, we conducted multiple iterations to strengthen our findings.

• Fishing for Results: Risk of selective reporting of favorable outcomes. We committed to reporting all results, including limitations and negative findings.

1. Rigorous documentation of experimental procedures and conditions

2. Multiple data collection methods to enable triangulation

3. Standardized evaluation metrics based on established frameworks

4. Independent verification of results by multiple researchers

5. Transparent reporting of limitations and assumptions

Infrastructure and technical challenges

The study encountered infrastructure challenges, including issues with Kubernetes resources, difficulties with Kafka storage, and problems related to DNS configuration for container communication. These issues highlight the potential impact of technical constraints on the prototype’s performance and the generalizability of our findings.

During the development of the prototype, several technical challenges emerged, including Kubernetes resource contention due to inefficient CPU and memory allocation, Kafka storage bottlenecks caused by disk I/O limitations and suboptimal retention policies, and DNS configuration issues leading to service discovery latency and intermittent connectivity failures. These challenges impacted the prototype’s performance, resulting in increased latency, reduced throughput, and occasional downtime. To mitigate these issues, we optimized Kubernetes resource requests and limits, adjusted Kafka’s retention policies and storage configurations, and improved DNS caching and service discovery settings, while future studies could benefit from advanced monitoring tools and tiered storage solutions. Although some challenges, like Kubernetes resource management, are common across distributed systems, others, such as specific DNS configurations, may be context-dependent, which could influence the generalizability of our findings to different environments.

Integration and data management difficulties

Integration challenges with third-party services like Keycloak and the management of large datasets underscore the complexities of building BD systems. These difficulties reflect on the RA’s adaptability and its applicability across different domains and data scales.

External validity

The experimental design, focusing on a prototype and selected scenarios for RA evaluation, may not cover the breadth of potential real-world applications. This limitation could affect the generalizability of our findings to other contexts or systems with different requirements.

Addressing these threats to validity involves further research, particularly exploring alternative technologies, expanding the experimental design to cover a wider range of scenarios, and conducting comprehensive performance and scalability testing.

Construct validity

Construct validity is a cornerstone of our research methodology, particularly in ensuring that Terramycelium accurately reflects and addresses the multifaceted nature of BD systems. To this end, we have undertaken several critical steps:

1. We meticulously align the operational definitions of key BD characteristics – including velocity, veracity, volume, variety, value, security, and privacy – with the constructs integrated into the Terramycelium RA. This alignment is essential to mitigate ambiguity and uphold the RA’s construct validity [18].

2. Validation of the RA against established best practices and industry standards is undertaken rigorously. Such an alignment is crucial for ensuring that the RA adheres to widely recognised norms and practices, a key aspect of construct validity.

3. Lastly, we assess the adaptability and scalability of Terramycelium in response to evolving data needs and varying workloads. This evaluation demonstrates the RA’s flexibility and robustness, underscoring its long-term relevance and thereby enhancing construct validity in dynamic BD environments.

Research methodology for gathering expert opinion

The research methodology for soliciting expert feedback comprised five stages:

1. Rationalizing the need for expert opinion

2. Developing a preliminary guide

3. Designing a rigorous data collection method

4. Pilot testing the guide

5. Presenting the results

Thematic analysis

This section systematically identifies and analyses prominent topics seen in expert comments. This examination not only emphasises reoccurring concepts but also places the range of viewpoints that shape the artefact’s structure into its proper context.

Final notes

The Terramycelium RA is a data management architecture that combines domain-driven design with event-driven communication, enhancing its applicability in data management challenges. It incorporates features like Data Lichen, bitemporality, and immutability, demonstrating an adaptive approach to the evolving landscape of data processing. The architecture has received positive feedback from experts, including professionals from leading data and eventing solutions companies. However, the Terramycelium faces challenges, including its complexity, which requires significant investment in skill development and training, which may be a barrier for organizations lacking resources or unwilling to undergo transformation. The lack of open-source support for components like Data Lichen adds to this challenge. The architecture’s technical merits are acknowledged for its robustness and innovation, but it also requires a deep understanding of organizational culture, team dynamics, and change management strategies. The forthcoming section will analyze and synthesize the research findings, contextualizing them within the broader academic and practical landscape of BD systems.

Competing interests

The authors declare no competing interests.