Understanding Analysis Modules

Architecto's analysis modules help you evaluate your architecture against multiple critical dimensions before deployment. Each module focuses on a specific aspect: cost, scalability, security, performance, or compliance.

Analysis Overview

Think of analysis modules like a peer review with specialists:

Finance Auditor → Cost Estimator
Performance Engineer → Scalability Analyzer, Performance Simulator
Security Architect → Threat Modeler, Security Posture
Operations Lead → Drift Detector
Compliance Officer → Compliance Checker

Together, they give you confidence that your architecture is production-ready.

Cost Estimator

Question: "How much will this cost?"

The Cost Estimator models your monthly cloud bill at different scale points.

How It Works

You input your architecture and target scale (1k → 1M users)
Architecto calculates compute, storage, database, and data transfer costs
It models how costs change as you scale
Identifies cost inflection points — Where costs suddenly jump
Suggests optimization strategies

Understanding Cost Curves

Your cost typically follows patterns:

                   Cost
                     ^
                     |     /
                     |    /
                     |   /
                     |  /_____ Cost knee
                     | /
                     |/
                     +-----> Users

The "cost knee" is where your architecture becomes financially unsustainable. For example:

At 10k users: $200/month ✓ Healthy
At 50k users: $500/month ✓ Still okay
At 100k users: $2,000/month ⚠️ Cost knee
At 200k users: $5,000/month ✗ Unsustainable

Cost Reduction Strategies

Common optimizations the Cost Estimator suggests:

Strategy	Example	Impact
Reserved Instances	1-year commitment on EC2	20-40% savings
Caching	Add Redis for hot data	30-50% DB cost reduction
Autoscaling	Scale down at night	10-20% compute savings
Data Transfer	Use CDN for static assets	20-40% data transfer savings
Database Optimization	Use RDS read replicas, connection pooling	15-30% DB costs
Spot Instances	For non-critical workloads	70% compute savings

Scalability Analyzer

Question: "How many users can this handle? Where's the bottleneck?"

The Scalability Analyzer uses queuing theory and stress-testing models to predict how your architecture handles load.

Key Metrics

Metric	Definition	Example
Throughput	Requests/second the system can handle	5,000 req/s
Latency	Response time for average request	200ms
Bottleneck	Component that limits throughput	RDS primary database
Scaling Limit	Max users before quality degrades	100,000 concurrent

Identifying Bottlenecks

Different components bottleneck at different scales:

10k users:   API Server (add more servers)
50k users:   Database (add read replicas, caching)
100k users:  Network bandwidth (add CDN, optimize queries)
1M users:    Distributed systems complexity (redesign for microservices)

The Scalability Analyzer pinpoints exactly which component becomes your constraint.

Scaling Recommendations

Once bottlenecks are identified:

Add Read Replicas (databases)
- Readers go to replicas, writers to primary
- Scales read throughput linearly
- Typical: 3-5 replicas handles 20-50k users
Horizontal Scaling (servers)
- Add more instances behind load balancer
- Typical: Each instance handles 500-2,000 concurrent users
Caching Layer (Redis/Memcached)
- Cache frequently-accessed data
- Reduces database load by 50-80%
- Typical: Cache layer handles 10-100x more traffic
Sharding (databases)
- Split data by key (user ID, region, date)
- Each shard handles subset of data
- Enables scaling to millions of users
Connection Pooling (databases)
- Reuse database connections
- Reduces connection overhead
- Typical: 2-3x throughput improvement

Threat Modeler

Question: "What could go wrong? How do we prevent attacks?"

The Threat Modeler uses STRIDE methodology to identify security threats and suggest mitigations.

STRIDE Framework

Threat	Definition	Example
Spoofing	Attacker pretends to be someone else	Fake user login, forged API requests
Tampering	Attacker modifies data in transit or at rest	Man-in-the-middle attack, database corruption
Repudiation	Attacker denies performing an action	Denies deleting data, denies making transfer
Information Disclosure	Attacker reads data they shouldn't	Exposure of API keys, customer data leak
Denial of Service	Attacker prevents legitimate users from accessing service	DDoS, resource exhaustion
Elevation of Privilege	Attacker gains higher-level access than allowed	SQL injection to read all data, privilege escalation

Example Threat Analysis

For your e-commerce architecture:

Spoofing Threat:

Attacker impersonates another user
Accesses their orders and payment methods
Mitigation: MFA on login, OAuth 2.0, session tokens

Tampering Threat:

Attacker modifies order price during checkout
Changes $100 order to $1
Mitigation: Cryptographic signatures, server-side validation, encrypted communication

Information Disclosure:

Attacker reads database backup
Steals customer credit cards and personal data
Mitigation: Encrypt database at-rest (AWS KMS), encrypt backups, access controls

Denial of Service:

Attacker floods API with requests
Legitimate users get HTTP 503 errors
Mitigation: Rate limiting, CloudFront DDoS protection, WAF, auto-scaling

Security Best Practices

Architecto recommends:

Authentication — MFA, OAuth 2.0, passkeys
Encryption — TLS 1.3 for transit, AES-256 for data at rest
Authorization — Least-privilege IAM, role-based access control
Network Security — VPC isolation, security groups, NACLs
Data Protection — Tokenization of PII, masking in logs
Monitoring — CloudTrail for audit logs, CloudWatch for anomalies

Architecture Diff

Question: "What changed between versions? What's the impact?"

The Architecture Diff shows semantic differences between two versions of your architecture.

What It Compares

Added Components — New services, databases, etc.
Removed Components — Deprecated services
Modified Components — Configuration changes (instance type, scaling, etc.)
Connection Changes — New/removed data flows

Example Diff

Version 1:
- Single RDS database (no replicas)
- Single EC2 instance
- No caching layer
- Direct database access from app

Version 2:
+ Added 2 RDS read replicas
+ Added autoscaling group (3-10 instances)
+ Added Redis cache layer
+ Added connection pooling
~ Changed database instance type (t3.medium → r5.large)

Impact Analysis

The diff explains impacts:

Cost Impact: +$500/month (for additional replicas and cache)
Scalability Impact: +400% (can now handle 5x more users)
Availability Impact: +99.9% (multi-AZ failover now configured)
Complexity Impact: Medium (added cache and replicas to manage)

Performance Simulator

Question: "How will latency and throughput perform under load?"

(Coming soon: Full performance simulation with latency modeling)

The Performance Simulator predicts how each component behaves under different loads.

Compliance Checker

Question: "Does this meet compliance requirements?"

(Coming soon: SOC2, HIPAA, PCI DSS, GDPR validation)

The Compliance Checker validates your architecture against standards.

Drift Detector

Question: "Has our infrastructure drifted from the designed architecture?"

(Coming soon: Continuous monitoring for configuration drift)

Running Complete Analysis

All-in-One Review

Click "Analyze All" (coming soon)
Architecto runs all applicable modules:
- Cost estimate (1k, 10k, 100k, 1M users)
- Scalability bottleneck analysis
- Complete STRIDE threat review
- Compliance check
- Performance simulation
Generates comprehensive Architecture Review Report:
- Executive summary (score 1-10)
- Detailed findings from each module
- Critical issues requiring attention
- Recommended next steps
- Cost/benefit of each recommendation

Tracking Analysis Over Time

Save multiple analysis runs to track:

How architecture improves
Cost trends
Scaling readiness improvements
Security posture improvements

Next Steps

Create Your First Architecture → First Architecture
Learn Best Practices → Best Practices
Explore All Features → Features Guide

Key Takeaway:
Analysis modules aren't just reports—they're your architecture review board. Use them to catch problems early, optimize costs, and build confidence before deployment.

Understanding Analysis Modules

On this page