Lab Data Automation System (LDAS) is built on a modern, multi-grained microservices architecture that prioritizes security, scalability, and operational efficiency. Developed to address the practical demands of contemporary laboratory environments, LDAS incorporates proven technologies and established protocols to ensure a reliable, adaptable, and high-performing system. The following sections outline the key components and design strategies that enable these capabilities.

Secure Service Communication

LDAS enforces a layered security model across its architecture:

External Gateway: This gateway acts like a secure front door, ensuring that only authorized traffic gets through. By having a single-entry point, it helps reduce potential risks and ensures that strict security rules are consistently applied. Additionally, it leverages Transport Layer Security (TLS) to encrypt data in transit, protecting sensitive information from interception or tampering as it moves between clients and services.
OAuth 2.0 Authorization: LDAS uses OAuth 2.0 for secure, delegated access. Authorization tokens validate identity and permissions between APIs and services, ensuring secure interactions without exposing sensitive credentials.
Internal Gateway with mTLS: Communication between internal services is managed using gRPC, a high-performance protocol. This ensures efficient data exchange between services within the system. By using gRPC, the architecture supports scalable and reliable service-to-service communication, helping protect sensitive data and maintain system integrity.

Multi-Grained Microservices Ecosystem

Microservices Architecture. LDAS is built using a modular approach, where each part of the system—called a microservice—handles a specific business function and can be deployed independently. This design offers two key advantages:

Horizontal Scalability: Because each service operates on its own, the system can respond to increased demand by scaling only the parts that need it—making resource use more efficient.
Clear Separation of Concerns: Each service communicates through well-defined gRPC endpoints, which helps keep the system organized and easier to maintain. This separation ensures that changes in one part don’t disrupt others, improving reliability and flexibility over time.

Technology Stack

LDAS leverages a combination of modern technologies to support speed, automation, and real-time processing. Each component was selected based on its suitability for specific system requirements:

Quarkus

A lightweight Java framework that allows applications to start quickly and use fewer resources. This is especially useful in cloud environments where performance and cost-efficiency matter.

Camunda

A workflow engine that helps us model and automate lab processes. It makes complex operations easier to visualize, manage, and adapt over time, reducing manual steps and improving consistency.

Apache NiFi

A tool for managing how data moves between systems. It allows us to automate data flows without writing custom code, making integrations faster and more reliable.

Apache Kafka

A messaging system that enables real-time communication between different parts of the platform. It ensures that events like test results or status updates are processed instantly and reliably.

Angular

A front-end framework used to build the user interface. It helps us deliver a responsive and user-friendly experience for lab staff and other users.

Data Storage Strategy

LDAS uses a diverse set of storage solutions each selected to suit the nature of the data and how it's used within the system.

MongoDB & PostgreSQL

These databases handle configuration settings and transactional records. MongoDB is well-suited for flexible, document-based data, while PostgreSQL offers strong consistency and relational structure. Together, they provide a reliable foundation for storing and retrieving core system data efficiently.

Elasticsearch

Used for indexing logs and enabling fast search across large datasets. This enables fast, scalable search and log indexing for operational insights for end users.

AWS S3-Compatible Object Storage

This storage is designed for durability and scalability, making it ideal for long-term retention and compliance with data governance standards.

Architectural Considerations

Security by Design: Adheres to OWASP standards and implements AES-GCM encryption, token-based access, and secure communication protocols.
Scalability & Flexibility: Microservices architecture allows dynamic scaling and modular enhancements.
Operational Efficiency: Automation and real-time messaging features help reduce manual effort and improves system responsiveness.
Resilience & Maintainability: Independent services and robust error handling ensure that each part of the system works independently, so issues in one area don’t affect the rest.