A study on blockchain architecture design decisions and their security attacks and threats

Sabreen Ahmadjee, Carlos MERA-GÓMEZ, Rami Bahsoon, RICK KAZMAN

Research output: Contribution to journalArticlepeer-review

540 Downloads (Pure)


Blockchain is a disruptive technology intended to implement secure decentralised distributed systems, in which transactional data can be shared, stored and verified by participants of the system without needing a central authentication/verification authority. Blockchain-based systems have several architectural components and variants, which architects can leverage to build secure software systems. However, there is a lack of studies to assist architects in making architecture design and configuration decisions for blockchain-based systems. This knowledge gap may increase the chance of making unsuitable design decisions and producing configurations prone to potential security risks. To address this limitation, we report our comprehensive systematic literature review to derive a taxonomy of commonly used architecture design decisions in blockchain-based systems. We map each of these decisions to potential security attacks and their posed threats. The Microsoft STRIDE threat modelling approach is used to systematically classify threats and their associated attacks to identify potential threats in blockchain-based systems. Our mapping approach aims to guide architects to make justifiable design decisions that will result in more secure implementations.
Original languageEnglish
Article number36e
Number of pages45
JournalACM Transactions on Software Engineering and Methodology
Issue number2
Publication statusPublished - 1 Apr 2022


  • Blockchain
  • architecture decision
  • design decisions
  • security hreat classification,


Dive into the research topics of 'A study on blockchain architecture design decisions and their security attacks and threats'. Together they form a unique fingerprint.

Cite this