260 likes | 515 Views
SOA Governance. In General, and In the NAS. SOA Brown Bag #3 . SWIM Governance Team. January 11, 2011. Agenda. Service Oriented Architecture (SOA) Governance – Michael Confoy – SOA Architect Definition Governance in SOA Context Center of Excellence
E N D
SOA Governance In General, and In the NAS SOA Brown Bag #3 SWIM Governance Team January 11, 2011
Agenda • Service Oriented Architecture (SOA) Governance – Michael Confoy – SOA Architect • Definition • Governance in SOA Context • Center of Excellence • SOA Governance in the National Airspace System (NAS) – Paul Jackson – SWIM Governance Team • Policies • Lifecycle Context • Center of Excellence
Governance Defined • Governance is about decision making • Conversely, management is making sure that the enterprises’ governance process is executed • Governance establishes the processes to assure that the appropriate laws, policies and standards are followed • Governance defines the chains of responsibility, authority, and communication, as well as the measurement and control mechanisms to enable people to carry out their roles and responsibilities • There are a number of governance categories, for example: • Information Technology (IT) Governance • Enterprise Architecture (EA) Governance • SOA Governance
Governance Types Defined • IT Governance • The processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals1 • EA Governance • A mechanism to ensure projects apply prescriptive guidance provided by the EA process • The process of making decisions regarding the adoption of EA content2 • SOA Governance Extends IT Governance • Specifically focused on an organization’s SOA: • Service Lifecycle • Metadata • Composite applications • 1 – Gartner: Defining IT Governance: The Gartner IT Governance Supply/Demand Model, 29 March 2010 • 2 – Gartner: 2010 Enterprise Architecture Research Index: EA Governance, 15 April 2010
SOA Governance Addresses concerns such as: Service registration Service versioning Service ownership Service funding Service modeling Service discovery and access Deployment of services and composite applications Security for services Processes and procedures to support service publishing and service validation Documenting the approach to support service lifecycle management and service reuse Verify that running services are the approved versions Define mechanism to manage SLAs for services Provide a mechanism to enable runtime service look-up
Governance Types and Components Key SOA Governance Decisions Key IT Governance Decisions* SOA Business and SOA IT Principles IT Principles SOA Architectural Decisions IT Architectural Decisions SOA Infrastructure IT Infrastructure SOA GOVERNANCE Service Portfolio Needs Business Application Needs Service Candidate Funding and Prioritization IT Investment and Prioritization * SOA Governance by Brown, Laird, Gee, and Mitra
SOA Governance in SOA Context • A comprehensive approach to implement effective SOA governance that will: • Assess the current organizational context of the organization • Define a governance model that the organization will accept and embrace • Leverage tooling to make governance operational and automated • Function based on best practices, processes, principles, policies and a documented methodology • Potential traps in implementing SOA governance: • SOA governance is not “one size fits all” • SOA governance is not driven by tools • SOA governance addresses the uniqueness of service orientation • Leverage and extend IT governance to achieve SOA governance • SOA governance requires a consistent approach
SOA Governance in SOA Context • Managing service lifecycle maximizes SOA value: • Service Development • Provide visibility of and access to services assets for reuse • Manage asset lifecycle • Service Deployment • Manage promotion of service • Manage description of record for deployed services • Manage metadata to support SOA runtimes • Manage service relationships and interactions • Enable impact analysis • Service Management • Monitor service performance • Manage and enforce policies
Implementing an Infrastructure for SOA Runtime Governance Registry and Repository Security • Locate • Manage Access • Route • Mediate • Augment • Log • Apply Policy Registry of SOA Services Working with an access control mechanism to ensure services are allowed to access other services Runtime Governance Working with a registry to find and connect services, and to apply policy A management framework to make the right decisions Service Management ESB While monitoring the environment to identify issues and take actions to meet service level agreements (SLAs) Working with an ESB to route messages, convert protocols, transform data formats, and handle events
What is a SOA Center of Excellence (COE)? The focal point and the catalyst for the transformation path to SOA: Combined logical and physical grouping of resources – human, technical and intellectual A group of individuals recognized for their leading edge, strategically valuable knowledge, and mandated to leverage and/or make that knowledge available throughout the enterprise (process or skill based) for SOA innovation A community of semi-permanent teams of technical specialists, or people trained in a specific SOA skill and technical competencies that are the building blocks of organizational capabilities A functional resource pool that can be tapped by the enterprise or line of business as new projects arise which will apply SOA principles
COE is the Mechanism for SOA Governance • Allows the enterprise to answer fundamental questions in relation to decision rights, process measurement, and control: • Who makes the decision, and what criteria do they use, whether a service can be accessible to other applications? • Who funds, owns, and operates shared services? • What specification and implementation standards are applied across the enterprise to assure interoperability? • How does the enterprise determine whether a service achieves expected results? • How will changes to services be managed? • Who is responsible for and how are the end-to-end availability and performance for composite business functions measured, managed, and assured?
The COE will: • Establish, measure, and execute governance policies • Manage the service lifecycle • Measure the effectiveness of various SOA initiatives • Assure best practices for SOA design are achieved: • Effective service composition • Governing orchestrated services • Designing for extensibility and reuse • Loose coupling of services to support broad interoperability when requirements change • Design of appropriate modularity and granularity of services • Encapsulating business processes into well-defined, self-contained, course-grained services • Accessing services through standardized, platform-neutral, self-describing, well-structured, and extensible messages • Separating the service interface from its implementation • Assist enterprise programs with identifying associated cost/benefits relative to an SOA implementation
System Wide Information Management (SWIM) Host ETMS WARP IDS/ERIDS ASDE ATOP ERAM STARS/ ARTS/ TAMR CIWS Inter-Agency TMA TFM STARS CARTS/ Business as Usual - More point-to-point unique interfaces -Costly development, test, maintenance, CM - New decisions linked to old data constructs -Cumbersome data access outside the NAS Today Enterprise Management FAA Systems ERAM AIM TFMS CIWS TDDS SWIM Compliant Government Systems Core Services via FTI SWIM Compliant Non-Government Systems - Existing point-to-point hardwired NAS - Unique interfaces, custom designs ITWS TBFM WMSCR DOTS LEGEND - Requires common Governance Framework SWIM Segment 1 SWIM Future Segment SWIM Adapter
Governance for the NAS Enterprise Zeal for SOA and Web Services without Governance leads to incompatible implementations and “rogue” services
Why Governance? Goals Interoperability Reduce “custom” code Allow common Test Suites Easy transfer of knowledge among development teams Opportunities for Reuse Reduce redundant operations Develop once, use often Guiding Principles Adherence to Standards Visibility/Discoverability Straightforward way to Publish Services Easy way to find and use Services
SWIM Governance WHAT must be done SWIM Governance Policies v1.1 Templates for Service Contract artifacts WHO is responsible Governance Authority Initial Service Candidate Approval by Technical Review Board (TRB) SWIM manages remainder of lifecycle for approved programs Service Providers responsibilities documented Service Consumers responsibilities documented HOW must they do it Technical Standards coordinated with NAS Enterprise Architecture TV-1 Technical Standards Profile TV-2 Technical Standards Forecast FAA Standards FAA-STD-063 XML Namespaces FAA-STD-064 Web Service Registration FAA-STD-065 Web Service Description Documents FAA-STD-066 Web Service Taxonomies SWIM Service Lifecycle Management Processes v1.0 SWIM Version Management Processes v1.0
SWIM Compliance SWIM Compliance Definition: “verified conformance to SWIM Policies.” (ref: SWIM Service Lifecycle Management Processes v1.0) Verification Mechanisms Manual review of artifacts Governance-enabling Technology NAS Service Registry/Repository (NSRR) Testing Tools (Actional, Lisa, etc…) SWIM Web Service Security Compliance Test Kit (SWIM WS-S CTK) Policy Servers XML Gateways Enterprise Service Management (ESM) software Not just a “Rubber Stamp” SWIM Compliant
Service Lifecycle Management Decisions Technical Review Board (TRB) Investment Decision Authority SWIM Governance Team In Service Decision (ISD) Authority
NAS Service Registry/Repository Production NSRR deployed – July 1, 2010 https://swimrep.faa.gov/soa HP Systinet Technical Support available during normal working hours Mon – Fri, 8-5PM Email issues/problems to 9-act-swimregistry@faa.gov User Account Request Form www.swim.gov→ Documents → SWIM Compliance Mail to paul.jackson@faa.gov
What is the SWIM SOA COE? • Mission Statement: • The SWIM SOA Center of Excellence (COE) will facilitate the NAS SOA achieving consistent service development, operation, and management enterprise-wide • The COE will be a focal point of expertise and assume a lead role in governing the execution and evolution of the long-term SWIM SOA strategy • Provide leadership and technical guidance to SWIM transformation initiatives • Allow the FAA to develop and deploy integrated solutions in a timely and cost-effective manner; leveraging skills, methodologies, best practices, and standard processes • The focal point and catalyst for the transformation path to SOA: • Combined logical and physical grouping of resources – human and technical • A group of individuals recognized for their leading edge, strategically valuable knowledge; to make that knowledge available throughout the enterprise • A community of teams of people trained in specific SOA skills and technical competencies that are the building blocks of organizational capabilities • A functional resource pool that can be tapped by the enterprise or lines of business as new projects arise which will apply SOA principles
For More Information: www.swim.gov Documents SWIM Compliance Documents SWIM Service Compliance Requirements paul.jackson@faa.gov