LCN Wafer Inspection

Appearance

Architecture trade-offs in .NET systems

When people first learn software architecture, it often sounds like there is a correct answer for everything.

Use Clean Architecture. Use CQRS. Use async everywhere. Abstract every dependency. Make it extensible. Make it scalable.

Real systems do not work like that.

In production, architecture is mostly the art of choosing which problems you are willing to have.

You are never choosing between “good” and “bad.” You are usually choosing between:

  • faster now vs safer later
  • simpler code vs more reusable code
  • lower latency vs higher memory usage
  • tight control vs faster development
  • elegant design vs operational reliability

That is why strong architects do not sound ideological. They sound practical. They ask:

“What are we optimizing for?” “What failure are we trying to prevent?” “What cost are we introducing?” “What happens in production, not on the whiteboard?”

I will explain this from the perspective of a WPF desktop application controlling a wafer inspection machine, because that is where architecture trade-offs become very real.

Part 1 — Big picture

Why architecture is about trade-offs, not “best practices”

“Best practice” is often just a pattern that worked well under certain conditions.

But conditions change.

A pattern that is excellent for a cloud API may be awkward for a desktop machine-control app. A design that is great for a large platform team may slow down a 5-person product team. An abstraction that helps with testing may also add latency, indirection, and confusion.

Architecture is really about balancing forces.

In a real .NET system, you are balancing things like:

  • machine safety
  • operator experience
  • maintainability
  • recovery from failure
  • performance under continuous load
  • team skill level
  • release pressure
  • vendor SDK limitations

So the question is not:

“What is the best architecture?”

The better question is:

“What architecture fits this system’s risks and constraints?”

That is much closer to how senior engineers think.

Why every decision has cost

Every architectural decision creates a bill. Sometimes you pay now. Sometimes you pay later.

For example:

If you add abstraction layers everywhere, you may gain testability and replaceability. But you also pay with more files, more indirection, more onboarding difficulty, and sometimes worse debugging.

If you skip abstraction and call the SDK directly, you move faster at first. But later, testing becomes harder, vendor lock-in becomes stronger, and SDK quirks leak into your whole codebase.

If you keep all inspection data in memory, the UI feels fast and users can scroll history instantly. But after hours of production, memory pressure rises, GC pauses get worse, and the app becomes unstable.

If you persist everything immediately, memory stays controlled. But I/O grows, latency increases, and the operator may feel the system is sluggish.

So architecture is really cost allocation.

You are deciding:

  • where to absorb complexity
  • where to accept risk
  • where to keep optionality
  • where to be deliberately simple

A weak architect tries to remove all trade-offs. A strong architect accepts that trade-offs exist and chooses them consciously.

Part 2 — Common trade-off areas

1. Simplicity vs flexibility

This is one of the most common design tensions.

Simple design usually means:

  • fewer abstractions
  • fewer extension points
  • clearer control flow
  • easier debugging
  • faster onboarding

Flexible design usually means:

  • interchangeable components
  • more interfaces
  • more configuration
  • plugin-style behavior
  • easier adaptation later

The problem is that flexibility is rarely free.

A simple service might look like this in spirit:

  • MachineController talks directly to VendorSdk
  • InspectionCoordinator calls MachineController
  • MainViewModel subscribes to inspection status

Very understandable. Very direct.

But if later you need:

  • simulation mode
  • different machine vendors
  • offline replay
  • automated testing without hardware

then that direct design starts to hurt.

So what is the trade-off?

If variation is real and likely, some flexibility is worth it. If variation is hypothetical, premature flexibility becomes architecture tax.

A very common mistake is designing for five future scenarios that never happen.

A better approach is:

  • keep today’s path simple
  • isolate the highest-risk dependencies
  • add extension points where change is likely, not everywhere

That is pragmatic flexibility.

2. Performance vs maintainability

Highly maintainable code is often clean, layered, and readable.

Highly optimized code is often more specialized:

  • pooled buffers
  • custom scheduling
  • less allocation
  • fewer abstractions in hot paths
  • more careful memory ownership
  • more complex coordination logic

That means optimization often reduces readability.

For example, in an inspection pipeline:

  • A maintainable version may use LINQ, immutable models, and clean event propagation.
  • A high-performance version may use ArrayPool<T>, mutable structs, bounded channels, and minimal-copy pipelines.

The second version may be much faster. It may also be harder to understand, harder to modify, and easier to break.

So the real question is not “Should we optimize?” It is “Which part deserves optimization?”

In production systems, the right answer is usually:

  • keep most of the system boring and maintainable
  • aggressively optimize the few hot paths that truly matter

That is a very senior trade-off.

3. Abstraction vs complexity

Abstraction is powerful when it hides complexity that should be hidden.

It is harmful when it hides reality that engineers need to see.

For example, an abstraction over a machine SDK can be good if it hides:

  • ugly COM interop
  • unreliable callback APIs
  • error code translation
  • connection lifecycle quirks

That is useful hiding.

But abstraction becomes harmful if it pretends the underlying hardware is generic when it is not.

Suppose one machine vendor supports:

  • streaming events
  • partial image retrieval
  • hardware-triggered inspection

Another vendor only supports:

  • polling
  • full frame retrieval
  • manual trigger sequences

If you force both into one overly generic interface, you may end up with a fake abstraction that leaks everywhere.

So the lesson is:

Good abstraction reduces accidental complexity. Bad abstraction hides important truth and adds accidental complexity of its own.

4. Consistency vs speed of delivery

Consistency matters because it reduces cognitive load.

If every service uses the same logging style, error handling pattern, and DI approach, the codebase becomes easier to navigate.

But consistency also slows teams down when enforced too rigidly.

For example:

  • insisting every feature must use the full architecture stack
  • requiring every workflow to go through the same generic framework
  • rejecting simple solutions because they are not “aligned”

That can create delivery drag.

In real systems, consistency is valuable most in high-impact areas:

  • error handling
  • logging
  • threading rules
  • state transitions
  • persistence boundaries
  • naming conventions for important concepts

But not every part of the system deserves the same level of uniformity.

A senior engineer knows where consistency buys safety and where it just becomes ceremony.

Part 3 — Real problems in this system

Now let’s make it concrete.

System: A WPF desktop app controlling a wafer inspection machine

This kind of system usually has all the hard things together:

  • hardware integration
  • real-time UI
  • long-running sessions
  • large image/data flows
  • operator-driven workflows
  • strict reliability expectations
  • limited tolerance for freezes or strange behavior

This is exactly where architecture trade-offs become non-academic.

1. Direct SDK calls vs abstraction layer

Direct SDK calls

Advantages

  • fast to build
  • fewer layers
  • easier to follow initially
  • lower ceremony
  • good when only one vendor/device exists

Disadvantages

  • SDK quirks leak everywhere
  • hard to test without hardware
  • hard to simulate failures
  • vendor lock-in spreads through the codebase
  • refactoring later becomes painful

In practice, this often starts well and ends badly. Teams directly call the vendor SDK from services, view models, or even code-behind. Then later they discover:

  • the SDK blocks unpredictably
  • callbacks arrive on random threads
  • error codes need translation
  • reconnect logic is duplicated
  • unit tests are almost impossible

Abstraction layer

Advantages

  • isolates vendor-specific behavior
  • makes simulation possible
  • supports testing without machine access
  • gives one place for retries, timeouts, error mapping
  • prevents SDK concepts from infecting business logic

Disadvantages

  • more code
  • more design effort
  • can become fake-generic if overdone
  • debugging sometimes requires jumping through layers

Pragmatic answer

Usually, for a machine-control desktop app, an abstraction layer is worth it, but not a giant “universal hardware platform.”

A good middle ground is:

  • define a focused machine-facing boundary
  • hide SDK ugliness
  • keep machine-specific capabilities explicit
  • expose domain-friendly operations and events
  • support both real and simulated implementations

That gives you isolation without pretending every machine is the same.

2. Synchronous vs async design

This is a very real trade-off in desktop apps.

Synchronous design

Advantages

  • easier to reason about
  • clearer order of execution
  • simpler debugging
  • useful for short, critical command sequences

Disadvantages

  • can block UI
  • poor responsiveness under slow I/O
  • fragile when SDK calls take unpredictable time
  • encourages thread misuse to “work around” blocking

Async design

Advantages

  • better responsiveness
  • better handling of I/O waits
  • easier composition of background operations
  • supports cancellation and timeouts more naturally

Disadvantages

  • more complicated control flow
  • more race conditions
  • more state coordination problems
  • async around bad SDKs can become messy
  • not all vendor SDKs are truly async

A common production reality: the SDK itself is synchronous and blocking.

So the real question is not “async everywhere?” The real question is:

“Where do we need async boundaries to protect the UI and control long-running operations?”

A pragmatic design is often:

  • keep the UI non-blocking
  • wrap blocking SDK work behind worker services
  • use async for orchestration and coordination
  • keep truly sequential hardware command paths explicit
  • do not force fake async on everything

This is much healthier than either extreme.

3. Real-time UI updates vs batching

In industrial apps, there is a temptation to show everything immediately:

  • every sensor tick
  • every status update
  • every inspection result
  • every defect found
  • every image fragment arrival

That sounds good, but the UI cannot absorb infinite update frequency.

If you push updates too aggressively:

  • dispatcher gets flooded
  • rendering cost spikes
  • bindings churn
  • collection change notifications explode
  • UI becomes jerky or freezes

Real-time per-event updates

Advantages

  • freshest possible view
  • immediate operator feedback
  • useful for critical alarms and status changes

Disadvantages

  • expensive on UI thread
  • hard to scale with high event rates
  • can drown important signals in noise

Batched/coalesced updates

Advantages

  • smoother UI
  • fewer renders
  • better throughput
  • lower CPU pressure
  • easier to control memory churn

Disadvantages

  • slightly stale display
  • more buffering logic
  • operator may not see every micro-event immediately

The right answer is usually mixed:

  • alarms and machine state changes: immediate
  • defect list updates: batched
  • thumbnails: progressive or windowed loading
  • telemetry charts: sampled or throttled
  • logs: buffered append, not per-message UI mutation

This is a classic architectural trade-off: not all “real time” data deserves real-time UI rendering.

4. Memory usage vs data retention

Wafer inspection systems often generate huge data volumes:

  • raw images
  • stitched images
  • defect thumbnails
  • analysis results
  • metadata
  • logs
  • replay or trace data

You cannot keep everything forever in memory.

Keep more data in memory

Advantages

  • fast navigation
  • instant filtering
  • smooth operator experience
  • easier drill-down into recent history

Disadvantages

  • large working set
  • GC pressure
  • LOH fragmentation risk
  • long-session instability
  • risk of eventual slowdown or crash

Persist early / evict aggressively

Advantages

  • stable memory footprint
  • safer for long-running use
  • easier recovery
  • more predictable runtime behavior

Disadvantages

  • more I/O
  • slower revisit of historical data
  • more complexity around caching and reload
  • possible user frustration if old data reloads slowly

A real production answer is usually tiered retention:

  • hot recent data in memory
  • warm data in local persisted cache
  • cold data archived to disk or backend storage
  • UI loads only visible or requested slices

That is much better than choosing either “keep everything” or “save everything immediately and forget it.”

5. Strict state machine vs flexible workflows

Machine-control systems often behave better when workflow is explicit:

  • Idle
  • Preparing
  • Ready
  • Running
  • Paused
  • Stopping
  • Error
  • Recovering
  • Completed

Strict state machine

Advantages

  • safer transitions
  • easier reasoning
  • fewer illegal states
  • better testability
  • clearer operational behavior

Disadvantages

  • more up-front modeling effort
  • more friction when workflows evolve
  • teams may feel it is “too rigid”
  • one-off operator exceptions become harder

Flexible workflow logic

This often means looser flags and conditional branching.

Advantages

  • quick to implement
  • easy to patch for special cases
  • less ceremony early on

Disadvantages

  • invalid state combinations appear
  • edge cases multiply
  • debugging becomes painful
  • operator behavior becomes inconsistent
  • recovery logic becomes fragile

In a wafer inspection machine app, strictness is usually worth it for machine and workflow control. Flexibility is better applied at the edges:

  • configurable inspection recipes
  • optional review steps
  • operator permissions
  • retry/recovery policies

In other words:

Be strict where safety and correctness matter. Be flexible where business variation matters.

That is a strong architectural principle.

Part 4 — How we make decisions

Senior architecture decisions should not start with patterns. They should start with constraints.

1. Evaluate constraints

In a real .NET desktop machine system, I would first look at:

Hardware constraints

  • Is the SDK blocking or event-driven?
  • Are callbacks reliable?
  • Are there thread affinity requirements?
  • Is the device single-command-at-a-time?
  • What are timeout and reconnect behaviors?

Performance constraints

  • How much data arrives per second?
  • How large are images?
  • What latency matters to the operator?
  • What is acceptable UI lag?
  • How long does the app stay open continuously?

Team constraints

  • How experienced is the team with async, WPF threading, and concurrency?
  • Can they maintain a highly abstracted design?
  • Are they comfortable debugging reactive/event-driven flows?
  • Is test automation mature?

Operational constraints

  • Does the app run in customer factories with limited diagnostics?
  • How easy is remote support?
  • How often does hardware fail or disconnect?
  • Can the app restart safely?
  • What happens if persistence fails mid-run?

Architecture must fit all four, not just code elegance.

2. Identify risks first

A useful senior habit is to ask:

“What failure would be most expensive here?”

For a wafer inspection app, the biggest risks may be:

  • UI freeze during live run
  • hardware command sequencing bug
  • memory growth over long sessions
  • inconsistent workflow state after machine fault
  • inability to diagnose field issues
  • losing inspection results during save

Those risks should shape architecture more than generic style preferences.

For example:

If UI freeze is a top risk, then async boundaries, background isolation, and UI throttling become important.

If machine state corruption is a top risk, then explicit workflow/state modeling becomes important.

If long-session memory growth is a top risk, then retention strategy matters more than pretty layering.

If field debugging is a top risk, then structured logging and event correlation may matter more than fancy abstractions.

3. Choose pragmatic solutions

Pragmatic architecture usually means selective investment.

Not “build the most advanced framework.” Not “do the minimum possible.” But “put complexity where it protects the system.”

Example 1: SDK integration

Instead of:

  • direct SDK calls everywhere

or

  • giant universal hardware platform

choose:

  • one adapter/service boundary around the SDK
  • explicit machine operations
  • simulator implementation
  • centralized timeout/retry/error translation

That is enough architecture to reduce risk without building a platform too early.

Example 2: UI update strategy

Instead of:

  • push every event to the UI instantly

choose:

  • critical state changes immediate
  • telemetry sampled
  • heavy result updates batched
  • image loading virtualized
  • UI collections updated in chunks

This is a pragmatic balance between responsiveness and stability.

Example 3: Persistence

Instead of:

  • keep all results in RAM

or

  • flush every tiny event synchronously to disk

choose:

  • bounded in-memory buffer
  • asynchronous persistence pipeline
  • checkpointing for recovery
  • explicit backpressure strategy when disk is slow

This is what real-world architecture looks like.

Part 5 — Common mistakes

1. Over-engineering

This is probably the most common architecture mistake among strong developers.

Because they know many patterns, they are tempted to use them all.

You see this when a desktop app suddenly has:

  • CQRS everywhere
  • mediator for every local method call
  • generic repositories over everything
  • plugin systems nobody uses
  • multiple abstraction layers for a single vendor SDK
  • complicated event bus for purely in-process flows

The app looks architecturally sophisticated. But everyday development becomes slower.

Over-engineering usually happens when teams optimize for imagined future change instead of current operational pain.

Good architecture solves real pressure. Over-engineering solves hypothetical pressure.

2. Premature optimization

The opposite mistake is optimizing too early in the wrong place.

Examples:

  • hand-optimizing low-frequency code paths
  • replacing readable code with pooling everywhere before profiling
  • building custom schedulers before proving ThreadPool or Channels are insufficient
  • flattening all abstractions because “virtual calls are slow”

This often creates complex code without solving actual bottlenecks.

In production .NET systems, performance work should usually follow this order:

  1. measure
  2. find hot path
  3. confirm business impact
  4. optimize surgically
  5. re-measure

Not all slowness deserves architectural change.

3. Blindly following patterns

Patterns are tools, not laws.

For example:

Clean Architecture is useful, but if applied too rigidly in a WPF machine app, it can make simple flows feel fragmented and difficult to trace.

CQRS is useful when reads and writes truly differ in behavior and scaling needs. It is overkill if you just split every method into command/query handlers without benefit.

Event-driven design is useful when decoupling matters. It becomes harmful when everything becomes indirect and nobody can follow execution.

Async all the way is a great principle for many systems, but forcing async wrappers around bad synchronous native SDKs can make control flow harder without real gain.

Senior engineers use patterns selectively and explain why.

4. Ignoring operational realities

This is the architecture mistake that hurts most in the field.

A design can look beautiful in code review and still fail in production because it ignores reality:

  • machine disconnects are common
  • customer PCs have limited RAM
  • disk I/O may be slow
  • operators may click unexpected sequences
  • vendor SDKs may deadlock
  • support teams need actionable logs
  • sessions may run for 12 hours straight

If you ignore those realities, architecture becomes decorative.

Production architecture must respect:

  • runtime behavior
  • failure modes
  • supportability
  • observability
  • operator workflow
  • long-session stability

That is why experienced architects spend so much time understanding the environment, not just drawing boxes.

Part 6 — Performance & scalability trade-offs

In desktop industrial systems, scalability is not only “how many users.” It is also:

  • how much data per second
  • how long the app runs
  • how many screens or streams it manages
  • how responsive it stays under sustained load

1. Latency vs throughput

These are related but different.

Latency = how fast one action completes Throughput = how much total work the system handles over time

You often cannot optimize both equally.

Example

If you process every inspection result immediately and push it to the UI, you minimize latency for each item. But overall throughput may drop because UI churn and synchronization overhead become too high.

If you batch results, overall throughput improves. But individual items appear a little later.

So the right choice depends on what matters more.

For:

  • emergency stop status
  • machine fault
  • operator command acknowledgement

latency matters most.

For:

  • defect summary updates
  • bulk image metadata persistence
  • historical list refresh

throughput often matters more.

A senior engineer separates these categories instead of treating all data equally.

2. Memory vs speed

Caching improves speed. Buffering improves throughput. Preloading improves responsiveness.

All of them cost memory.

Examples:

  • caching thumbnails speeds review screens
  • buffering image chunks smooths pipeline processing
  • preloading results makes operator navigation faster

But memory is not free, especially in long-lived desktop apps.

More memory means:

  • larger GC work
  • higher promotion to Gen 2
  • more LOH pressure for large arrays/images
  • greater instability over long sessions

So the key question is not “cache or not?” It is “what should be cached, how much, and with what eviction policy?”

Senior design usually prefers bounded strategies:

  • bounded queues
  • capped caches
  • time-based or size-based eviction
  • windowed history
  • progressive loading

Bounded systems are more predictable than “keep everything until memory becomes a problem.”

3. CPU vs responsiveness

A desktop app can use CPU heavily and still be “correct,” but feel broken to the operator.

For example:

  • image post-processing on the UI thread
  • frequent collection updates
  • synchronous logging or serialization during active inspection
  • expensive converters in WPF bindings
  • too many background tasks contending for CPU

The result is poor responsiveness:

  • laggy buttons
  • delayed alarms
  • jerky screen updates
  • apparent freezing

This is why responsiveness is not just about average CPU usage. It is about where CPU is spent and whether critical threads stay free.

A common senior mindset is:

  • reserve UI thread for UI work
  • keep hot compute off the dispatcher
  • throttle nonessential updates
  • prioritize operator-visible actions over background convenience work

That is architecture too, not only implementation detail.

Part 7 — Senior engineer thinking

How experienced engineers reason about trade-offs

Experienced engineers usually reason in this order:

1. Understand the system’s purpose

What is the app actually trying to do?

In this case:

  • safely control inspection flow
  • keep operators informed
  • process and persist inspection results
  • survive long-running sessions
  • support diagnosis when things go wrong

That purpose should drive design.

2. Identify what must never fail

Examples:

  • invalid machine command sequence
  • frozen operator controls during critical operations
  • corrupted workflow state
  • silent data loss
  • unbounded memory growth

These “must not fail” areas deserve stricter architecture.

3. Separate critical paths from non-critical paths

Not everything deserves the same engineering weight.

Critical:

  • machine control
  • workflow transitions
  • alarm handling
  • save/recovery correctness

Less critical:

  • cosmetic UI refresh details
  • optional extensibility
  • elegant generic frameworks
  • minor convenience abstractions

Senior engineers protect the core first.

4. Optimize for current reality, while keeping reasonable escape paths

This is subtle.

Do not overbuild for imaginary futures. But do not paint yourself into a corner.

For example:

  • isolate the SDK now, because hardware replacement/testing is likely
  • do not build a full multi-vendor plugin ecosystem until there is a second vendor
  • use batching for high-volume UI updates now
  • do not build distributed infrastructure for a single desktop app unless needed

This is how mature systems evolve well.

How to justify decisions in interviews

In interviews, weak answers sound like this:

  • “I would use Clean Architecture because it is best practice.”
  • “I would make everything async.”
  • “I would add abstraction for flexibility.”
  • “I would use CQRS for separation.”

These answers are too generic.

Stronger answers sound like this:

  • “I would isolate the vendor SDK behind a focused adapter because hardware behavior is unreliable, testing without the machine matters, and I do not want SDK threading quirks leaking into the UI and workflow layers.”
  • “I would not make every path async blindly. I would keep the UI and orchestration async, but I would be careful around hardware command sequencing where deterministic order matters and the vendor SDK may still be synchronous.”
  • “I would batch high-frequency result updates before they hit WPF, because immediate per-item UI updates often look real-time on paper but overwhelm the dispatcher in production.”
  • “I would model machine and workflow state explicitly because correctness and recovery matter more than short-term coding speed in this kind of system.”

That kind of answer shows judgment.

A good interview answer usually contains four things:

  1. the context
  2. the trade-off
  3. the decision
  4. the reason

For example:

“In a wafer inspection desktop app, I would choose a stricter state machine for machine control. It adds modeling overhead, but it reduces invalid transitions, makes recovery safer, and helps debugging under failure. I would keep flexibility in recipe configuration instead of in core machine state.”

That is strong senior-level reasoning.

How to adapt design over time

One of the most important architecture skills is knowing that architecture is not frozen.

A good architecture today may become a bad one later because the system changed.

For example:

Early stage

  • one machine vendor
  • one workflow
  • small team
  • modest data volume

Best choice:

  • keep it simple
  • focused abstractions
  • direct flows
  • avoid framework-heavy design

Growth stage

  • more workflows
  • more device variants
  • more production issues
  • more data and longer sessions

Best choice:

  • formalize state machine
  • strengthen observability
  • add simulation and test seams
  • introduce bounded pipelines and retention policies

Mature stage

  • multiple product variants
  • strong support burden
  • performance pressure
  • larger team

Best choice:

  • standardize patterns in critical areas
  • optimize hot paths
  • tighten contracts between layers
  • invest in operational diagnostics and reliability tooling

So architecture maturity should match product maturity.

The wrong move is either:

  • staying too simplistic when complexity is now real
  • or building mature-system architecture before the product has earned it

Both are forms of bad judgment.

Final takeaway

Architecture trade-offs in .NET systems are not about choosing fashionable patterns.

They are about making the system survivable under real conditions.

In a WPF desktop app controlling a wafer inspection machine, good architecture is not the one with the most layers or the cleanest diagram. It is the one that:

  • keeps the UI responsive
  • keeps machine behavior correct
  • handles long-running load safely
  • manages memory predictably
  • makes failures diagnosable
  • stays understandable for the team

That usually means:

  • abstracting where reality is unstable
  • simplifying where change is unlikely
  • optimizing only the true hot paths
  • being strict where correctness matters
  • being flexible where business variation matters
  • evolving the design as the system grows

That is how senior engineers think.

They do not ask, “What is the perfect architecture?” They ask, “What problems are most dangerous here, and what design gives us the best balance of safety, speed, and maintainability?”

That is the mindset interviewers usually want to hear.

I can also turn this into a mock interview Q&A version with strong sample answers for technical leadership interviews.

Docs-first project memory for AI-assisted implementation.

LCN Wafer Inspection Prototype