Professional Summary
I'm an AWS-certified Lead Technologist with 10.8+ years of hands-on expertise designing and delivering enterprise-grade software across FinTech, Healthcare, Aerospace, and E-Commerce domains. My core craft is Java & Spring Boot microservices — building event-driven, cloud-native systems that handle millions of transactions reliably.
At IBM, I architected a platform processing 50M+ baggage events per day at 99.99% uptime across international airports. At Cygnet Infotech, I lead the technical strategy for a PCI/GDPR-compliant payments platform and mentor a team of 12+ engineers on distributed systems and cloud-native patterns.
I'm equally passionate about AI integration — actively exploring LangChain4j, Spring AI, RAG architectures, and MCP for building intelligent Java applications.
Core Strengths
Cloud-native microservices architecture (AWS & Azure)
Event-driven design with Apache Kafka at scale
Distributed systems — CQRS, Saga, Outbox patterns
PCI DSS / GDPR / HIPAA compliant system design
Leading & mentoring cross-functional engineering teams
AI integration — LangChain4j, RAG, MCP, Prompt Engineering
DevSecOps — security-first CI/CD pipelines
Performance tuning — JVM, DB, cache, Kubernetes HPA
Domain Expertise
Aviation-Grade Distributed Systems for Global Fleets
High-Throughput IoT Telemetry Processing
Zero Trust Cloud Security (Istio Service Mesh on OpenShift)
AI-Powered Predictive Maintenance for Complex Parts
Immutable Audit Trails via CQRS and Event Sourcing
Education
B.E. Information Technology
Gujarat Technological University
Diploma of Engineering
Gujarat Technological University
Lead Technologist
Cygnet Infotech Private Limited
Architect enterprise solutions in E-Commerce, FinTech & Payment domain with PCI, GDPR, HIPAA compliance
Led monolith-to-microservices migration reducing deployment time by 70%
Designed cloud architecture on AWS/Azure with auto-scaling, load balancing & disaster recovery
Implemented DevSecOps pipelines using Jenkins, GitLab CI/CD, Docker, and Kubernetes
Mentored 12+ engineers on advanced Java, Spring ecosystem, and cloud-native patterns
Established coding standards improving overall code quality by 40%
Advisory System Analyst
IBM Corporation
Architected BagODS airport operations platform using Quarkus reactive programming
Implemented event-driven microservices with 15+ services handling 50M+ daily events at 99.99% uptime
Designed cloud-native solutions on AWS ROSA with OpenShift and Kubernetes
Built real-time analytics pipelines using Kafka Streams, DynamoDB, and AWS Lambda
Led technical reviews ensuring enterprise architecture standards and security protocol adherence
Java Software Engineer
Cygnet Infotech Private Limited
Developed HBB middleware platform using Spring Boot microservices and AWS RDS
Built SalesPlus POS system supporting 700+ stores with real-time inventory management
Achieved 95% test coverage using JUnit 5, Mockito, and Spring Boot Test
Built monitoring dashboards using ELK stack for application performance and error tracking
Java Software Engineer
Netweb Softwares Private Limited
Architected Identity Theft Management using Spring Boot, JPA, MySQL with master-slave replication
Integrated credit bureau APIs — Experian, CIBIL, Equifax — with secure certificate authentication
Built MLE BI platform with Spring Batch ETL and Azure Cognitive Services for NLP
Led a team of 4 developers on Spring ecosystem and database optimization
Sr. Software Engineer
Jalhar Solutions
Designed ProfileFactory recruitment portal for European market using JSF, PrimeFaces, and EJB
Built scalable architecture supporting 10K+ concurrent users using WildFly clustering
Developed complex business workflows using JBoss jBPM and Drools rule engine
Software Engineer
Kailash Export and Import
Built BI ERP system using Spring Boot, Spring MVC, Spring Data JPA with PostgreSQL
Implemented GST/taxation compliance modules with complex business rules
Built payment automation system integrating with multiple payment gateways and banks
☕ Java Ecosystem
Java 8/11/17/21Spring Boot 3.xSpring SecuritySpring CloudSpring BatchQuarkusHibernateJPAJAX-RS
☁️ Cloud & Infrastructure
AWS (EC2, EKS, RDS, Lambda)Azure (AKS, APIM, Functions)KubernetesDockerHelmOpenShiftTerraform
🗄️ Data & Messaging
Apache KafkaPostgreSQLRedisDynamoDBElasticsearchMongoDBApache SparkRabbitMQ
⚙️ DevOps & Observability
JenkinsGitLab CI/CDGitHub ActionsELK StackPrometheusGrafanaSonarQubeFlyway
🔐 Security & Auth
OAuth 2.0JWT / RS256SAML 2.0OpenID ConnectSpring SecurityHashiCorp VaultOWASP
🤖 AI & Emerging Tech
LangChain4jSpring AIOpenAI APIAnthropic ClaudeRAG ArchitectureMCPPrompt Engineering
Proficiency Levels
BagODS – Airport Operations Platform
Aug 2021 – Dec 2023
🎯 50M+ events/day at 99.99% uptime
Event-driven microservices platform revolutionizing baggage handling for international airports using Quarkus reactive programming on AWS ROSA.
Asset Management System
Jan 2025 – Present
🎯 10M+ asset records on Azure
Cloud-native enterprise asset lifecycle platform on Azure AKS with virtual threads, Cosmos DB partitioning, and serverless Azure Functions.
J2 Billing & eFax Platform
Dec 2023 – Jan 2025
🎯 100+ enterprise clients, PCI compliant
Multi-tenant SaaS billing and communication platform with Salesforce integration, Oracle AQ messaging, and AWS Lambda serverless billing.
Healthcare Revenue Management (MLE BI)
🎯 100K+ medical claims/day via NLP
Revenue cycle management platform with Azure Cognitive Services NLP, Spring Batch ETL for 5M+ records nightly, and Tableau embedded dashboards.
Financial Services Integration Platform
Jan 2019 – Aug 2020
🎯 1M+ daily transactions, PCI/GDPR
Enterprise credit bureau integration with Experian, CIBIL, Equifax using Apache Camel (25+ routes), real-time fraud detection, and blue-green K8s deployments.
SalesPlus POS System
Aug 2020 – Aug 2021
🎯 700+ stores, real-time inventory
High-throughput Point-of-Sale middleware with Redis caching, AWS RDS connection pooling, and ELK-powered monitoring dashboards achieving 95% test coverage.
AWS Certified Cloud Practitioner
Amazon Web Services
AWS Certified Developer
Amazon Web Services
Enterprise Design Thinking Co-creator
IBM
AI-Team Essentials & Practitioner
IBM
Agile Explorer & Practitioner
IBM
Methodologies & Practices
Personal Details
Date of Birth
April 8, 1991
Languages
English · Hindi · Gujarati
Location
India
Interests
Emerging Tech · Sports · Music · Technical Literature
Architecting the Future of Flight: Building an AI-Driven, Event-Sourced Digital Twin for Commercial Aviation
Commercial aircraft are modern marvels of engineering, but they are also massive, flying data centers. A modern twin-engine jet generates terabytes of telemetry data per flight, monitoring everything from engine exhaust temperatures to hydraulic pressure and vibration frequencies.
For software leads and architects aiming to enter the aerospace and defense sector (including giants like Lockheed Martin, Airbus, or Boeing), the challenge isn’t just capturing this data. It’s about building a system that is resilient at massive scale, secure by default, and maintaining an immutable, FAA-compliant audit history of every automated decision.
In this post, I will share the step-by-step blueprint I designed to address these core aerospace constraints, moving from basic data ingestion to an AI-powered, Zero Trust architectural proof-of-concept.
The Overall Architecture: From Edge to Ground
To keep a complex fleet running safely, ground crews need a unified system that securely ingests high-frequency data from the aircraft, analyzes it instantly, and provides actionable, auditable repair plans.
I designed this architecture using a robust stack of modern Java technologies, event-driven patterns, and cloud-native security. The diagram below illustrates the end-to-end flow.
Why This System Never "Crashes": Resilience & Scalability
In aviation, "down-time" isn't an option. This architecture is built with specific patterns to handle massive load and service failures.
1. Horizontal Scalability (Elasticity)
The system is designed to grow with your fleet. Because we use Kafka Consumer Groups, we can scale the processing power simply by adding more Spring Boot instances.
2. Self-Healing Infrastructure
On OpenShift, every service is monitored by "Liveness" and "Readiness" probes. If the Ingestion Service crashes due to a memory leak, OpenShift kills the container and restarts it instantly. The service then reconnects to Kafka and picks up exactly where it left off.
3. Graceful Degradation (Circuit Breakers)
What if the AI model or the Neo4j database goes down? In a standard app, the whole system might hang. Here, we use Resilience4j Circuit Breakers.
The Pattern: If the AI service fails repeatedly, the "Circuit" opens.
The Fallback: The system stops trying to reach the AI and instead routes the alert to a "Manual Review" queue for a human engineer. The telemetry ingestion continues unaffected—nothing is lost, only the AI "intelligence" is temporarily paused.
The Pattern: If the AI service fails repeatedly, the "Circuit" opens.
The Fallback: The system stops trying to reach the AI and instead routes the alert to a "Manual Review" queue for a human engineer. The telemetry ingestion continues unaffected—nothing is lost, only the AI "intelligence" is temporarily paused.
4. Backpressure Handling
When an aircraft lands and dumps 8 hours of flight data at once, it could overwhelm a database. Kafka acts as a Backpressure buffer. The Ingestion Service can write to Kafka at 100,000 messages per second, while the Database Sink reads at a steady 10,000 messages per second until the backlog is cleared.
Here is how we bring this blueprint to life, phase by phase.
Phase 1: High-Throughput IoT Telemetry Ingestion
Aircraft cannot rely on persistent, high-bandwidth connections. Our ingestion pipeline must expect massive, bursty data dumps when the aircraft connects via SATCOM, air-to-ground cellular, or airport Wi-Fi.
Step 1.1: Setting up the Ground Infrastructure
We begin by spinning up our "data center" using Docker Compose, including the MQTT broker (our gateway), Apache Kafka (our buffer), and InfluxDB (our time-series store).
version: '3.8'
services:
# MQTT Broker (Edge Gateway)
mosquitto:
image: eclipse-mosquitto:latest
ports: [ "1883:1883" ]
volumes: [ "./mosquitto.conf:/mosquitto/config/mosquitto.conf" ]
# Apache Kafka (KRaft mode - Resilience & Buffering)
kafka:
image: bitnami/kafka:latest
ports: [ "9092:9092" ]
environment:
- KAFKA_CFG_NODE_ID=0
- KAFKA_CFG_PROCESS_ROLES=controller,broker
- KAFKA_CFG_LISTENERS=PLAINTEXT://:9092,CONTROLLER://:9093
- KAFKA_CFG_CONTROLLER_QUORUM_VOTERS=0@kafka:9093
# InfluxDB 2.0 (Time-Series Database for historical analysis)
influxdb:
image: influxdb:2.0
ports: [ "8086:8086" ]
environment:
- DOCKER_INFLUXDB_INIT_MODE=setup
- DOCKER_INFLUXDB_INIT_USERNAME=admin
- DOCKER_INFLUXDB_INIT_PASSWORD=adminpassword
- DOCKER_INFLUXDB_INIT_ORG=aerospace
- DOCKER_INFLUXDB_INIT_BUCKET=telemetryStep 1.2: The Spring Boot Ingestion Service
We build a reactive Spring Boot microservice that performs two critical tasks: subscribing to the MQTT broker (receiving data from the aircraft edge gateway) and immediately producing those messages to a Kafka topic. By decoupled ingestion from storage, we protect our databases from overloading.
@Configuration
public class MqttIngestionConfig {
private final KafkaTemplate<String, String> kafkaTemplate;
public MqttIngestionConfig(KafkaTemplate<String, String> kafkaTemplate) {
this.kafkaTemplate = kafkaTemplate;
}
@Bean
public MessageChannel mqttInputChannel() { return new DirectChannel(); }
@Bean
public MqttPahoMessageDrivenChannelAdapter inbound() {
MqttPahoMessageDrivenChannelAdapter adapter =
new MqttPahoMessageDrivenChannelAdapter("tcp://localhost:1883", "ingest-client", "aircraft/+/telemetry");
adapter.setConverter(new DefaultPahoMessageConverter());
adapter.setQos(1); // At Least Once delivery guarantee
adapter.setOutputChannel(mqttInputChannel());
return adapter;
}
@Bean
@ServiceActivator(inputChannel = "mqttInputChannel")
public MessageHandler handler() {
return message -> {
String topic = message.getHeaders().get("mqtt_receivedTopic").toString();
String payload = message.getPayload().toString();
// Extract aircraft ID (e.g., aircraft/Boeing777-123/telemetry)
String aircraftId = topic.split("/")[1];
// Critical Buffering: Send to Kafka
kafkaTemplate.send("flight-telemetry", aircraftId, payload);
System.out.println("Queued in Kafka: " + aircraftId + " -> " + payload);
};
}
}
This service ensures high-frequency data is safely buffered, allowing specialized consumers (like our future AI and storage nodes) to process it at their own pace.
Phase 2: Enforcing Cloud-Native "Zero Trust" Security
Aviation networks are under constant regulatory scrutiny. We must operate under a "Zero Trust" architecture, assuming the internal network is hostile. If our telemetry ingestion service is compromised, we cannot allow the attacker to discover other system components (like Kafka or the databases) in plain text.
Step 2.1: OpenShift Deployment & Service Mesh Injection
We deploy our services to OpenShift (Red Hat’s enterprise Kubernetes). The magic happens when we configure OpenShift Service Mesh (Istio) to automatically manage networking. By adding a single annotation to our deployment, Istio injects an Envoy proxy sidecar to every pod.
# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: telemetry-ingest
namespace: aviation-data
spec:
replicas: 2 # Resilience: Active-Active Deployment
template:
metadata:
annotations:
# Critical line: Automatically injects the Istio network proxy
sidecar.istio.io/inject: "true"
spec:
containers:
- name: telemetry-ingest
image: your-registry/telemetry-ingest:latest
ports:
- containerPort: 8080Step 2.2: Mandating mutual TLS (mTLS)
With the proxies in place, we must enforce strict mutual TLS (mTLS) cluster-wide. We configure a security policy that forces every internal connection—from our Spring Ingest service to the Kafka brokers—to authenticate with cryptographic certificates. Traffic is fully encrypted, and standard plain-text connections are instantly rejected.
# mtls-policy.yaml
apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
name: default-strict-mtls
namespace: aviation-data
spec:
mtls:
mode: STRICT # Zero Trust: Plain-text is prohibitedPhase 3: Building the AI-Powered Digital Twin
Phase 3 is where the architecture transitions from passively collecting data to actively generating value. We build a "Digital Twin"—a virtual, data-driven model of the aircraft’s physical state—and integrate it with an AI model for predictive analysis.
Step 3.1: Mapping the Physical Aircraft (The Neo4j Twin)
Relational databases struggle with complex, hierarchical parts. An aircraft is essentially a massive tree of relationships. We use the Cypher graph query language in Neo4j to build our virtual replica.
// Establish the relationship tree: Aircraft has Engines, which have Sensors
CREATE (a:Aircraft {id: 'B777-123'})
CREATE (e:Engine {id: 'ENG-1', position: 'Left'})
CREATE (s:Sensor {id: 'TEMP-01', type: 'Temperature'})
CREATE (a)-[:HAS_PART]->(e)
CREATE (e)-[:HAS_SENSOR]->(s)
By querying this graph, our system can immediately determine exactly which engine is affected when a specific sensor reports an anomaly, rather than trying to deduce it through complex SQL joins.
Step 3.2: Connecting Live Telemetry to AI (The RAG Agent)
We use LangChain4j to build a sophisticated "Retrieval-Augmented Generation" (RAG) agent. This agent has real-time access to the live telemetry alerts and thousands of pages of vector-indexed aircraft technical manuals.
We define an @AiService in Java, instructing the LLM to behave like an aviation expert and providing the specific sensor alert as context.
@AiService
public interface MaintenanceAssistant {
@SystemMessage({
"You are an expert aviation maintenance AI for commercial aircraft.",
"Analyze the sensor telemetry alert and cross-reference it with standard maintenance procedures.",
"Provide a concise, 3-step action plan for the ground crew."
})
String analyzeAnomaly(@UserMessage String alertDescription);
}
When a sensor threshold is breached, our system queries Neo4j to identify the part, formats the alert, and passes it to the AI Agent, which instantly generates a bespoke repair plan for the ground crew.
Phase 4: Ensuring Compliance with CQRS & Event Sourcing
The previous phase is powerful, but it introduces a major compliance challenge. If an AI agent automatically orders an engine inspection, aviation authorities like the FAA require absolute proof of exactly what data led to that decision.
We cannot use standard CRUD (Create, Read, Update, Delete) databases, where updating a row destroys the historical state. Instead, we implement CQRS (Command Query Responsibility Segregation) and Event Sourcing using the Axon Framework.
Every decision is stored as an immutable sequence of events (e.g., AnomalyRegisteredEvent), creating a perfect, audit-compliant history.
Step 4.1: Defining the Command and Event (Immutable Audit Trail)
We define commands (intent to act) and events (factual record of action) as immutable Java records.
import org.axonframework.modelling.command.TargetAggregateIdentifier;
// The Intent: A request to register an anomaly (The Write Model)
public record RegisterAnomalyCommand(
@TargetAggregateIdentifier String anomalyId,
String aircraftId,
String sensorId,
String aiActionPlan
) {}
// The Fact: A factual, immutable record that history cannot erase (Audit Trail)
public record AnomalyRegisteredEvent(
String anomalyId,
String aircraftId,
String sensorId,
String aiActionPlan
) {}Step 4.2: The Aggregate (Enforcing Business Logic)
The Aggregate is our domain object that handles commands and publishes events. It validates business logic (the write model) and reconstructs its own state by replaying past events, rather than saving flat data.
import org.axonframework.commandhandling.CommandHandler;
import org.axonframework.modelling.command.AggregateLifecycle;
import org.axonframework.spring.stereotype.Aggregate;
@Aggregate
public class MaintenanceAggregate {
// Other fields (anomalyId, etc.)
@CommandHandler // Handles the incoming Write request
public MaintenanceAggregate(RegisterAnomalyCommand command) {
// Validation logic here (if necessary)
// If valid, apply (publish) the immutable event to the Axon Event Store
AggregateLifecycle.apply(new AnomalyRegisteredEvent(
command.anomalyId(), command.aircraftId(), command.sensorId(), command.aiActionPlan()
));
}
}Step 4.3: The Projection (The Read Model)
Finally, we separate the query (read) model from the write model. A dedicated projection listens for the AnomalyRegisteredEvent and updates a standard SQL database optimized for lightning-fast dashboards, allowing ground crews to see real-time alerts without querying the slow event log.
import org.axonframework.eventhandling.EventHandler;
import org.springframework.stereotype.Component;
@Component
public class MaintenanceProjection {
// Inject a standard JPA Repository here for dashboard queries
@EventHandler // Listens to the immutable event, updates the dashboard view
public void on(AnomalyRegisteredEvent event) {
System.out.println("Updating Dashboard View for Anomaly: " + event.anomalyId());
// repository.save(new MaintenanceDashboardRecord(event.anomalyId(), ...));
}
}
Here is the breakdown of why this system is "Aviation-Grade."
- Scalability: Growing with the Fleet
The system scales horizontally at every layer.
The "Shock Absorber" (Kafka): Kafka is the heart of the scalability. If the number of aircraft suddenly doubles, you don't need to scale your databases immediately. Kafka absorbs the "spike" in data, holding it in a high-speed buffer until your downstream services can process it.
Microservice Elasticity: On OpenShift, we can set "Horizontal Pod Autoscalers" (HPA). If the Ingestion Service hits 80% CPU because of a massive data dump, OpenShift automatically spins up 5 more instances of that service to handle the load.
Independent Scaling: Since we used CQRS, you can scale the Read Side (Dashboards) to handle thousands of users without adding any load to the Write Side (AI Analysis/Event Store). - Resilience: What if a service goes down?
In a traditional monolithic system, if the database is down, the whole app crashes. In this event-driven architecture, the system is fault-tolerant.
Scenario A: The Ingestion Service Crashes
The Impact: Data stops moving from MQTT to Kafka.
The Recovery: The Edge Gateway on the aircraft or the MQTT Broker (with persistence enabled) will keep the messages. Meanwhile, OpenShift detects the service is down via "Liveness Probes" and automatically restarts the pod. Once it's back up, it resumes pulling data exactly where it left off.
Scenario B: Kafka is Down
The Impact: This is the most critical failure.
The Recovery: In production, Kafka is never a single server; it's a High-Availability (HA) Cluster. If one "Broker" node dies, the other two take over immediately. Data is replicated across multiple disks, so no telemetry is lost.
Scenario C: The AI / Maintenance Service is Down
The Impact: Telemetry is stored in the database, but no "Action Plans" are being generated.
The Recovery: This is where the beauty of Kafka shines. The data waits in the Kafka Topic. When the AI service recovers (or is redeployed), it sees its "offset" (last read position) and processes the backlog. The ground crew might see a slight delay, but no anomaly is ever missed.
Scenario D: The Neo4j or Event Store is Down
The Impact: We cannot store new "Action Plans."
The Recovery: We implement Retries with Exponential Backoff and Dead Letter Queues (DLQ). If the service can't write to the database, it moves the message to a "Retry Topic" in Kafka. It keeps trying until the database is back online. - The "Black Box" Recovery (Event Sourcing)
The ultimate resilience feature is Event Sourcing. If your "Read Database" (the one powering the dashboard) gets corrupted or deleted:
1. You spin up a fresh database.
2. You "Replay" the events from the Axon Event Store.
3. The system reconstructs the entire state of every aircraft from day one.
This is effectively a "Time Machine" for your data.
The Bottom Line
Modern aerospace engineering demands systems that go far beyond simple data collection. By combining the high-throughput resilience of Apache Kafka, the strict mTLS security of OpenShift Service Mesh, the predictive analytics of graph-backed AI (Neo4j/LangChain4j), and the absolute, audit-compliant history of the Axon Framework, Java leads and architects can build the truly mission-critical systems that will keep the world flying safely.