SOA Governance In General, and In the NAS Presented to: SOA Brown Bag #3 By: SWIM Governance Team Date: January 11, 2011 Federal Aviation Administration Agenda • Service Oriented Architecture (SOA) Governance – Michael Confoy – SOA Architect – Definition – Governance in SOA Context – Center of Excellence • SOA Governance in the National Airspace System (NAS) – Paul Jackson – SWIM Governance Team – Policies – Lifecycle Context – Center of Excellence SOA Governance January 11, 2011 Federal Aviation Administration 2 Governance Defined • Governance is about decision making • Conversely, management is making sure that the enterprises’ governance process is executed • Governance establishes the processes to assure that the appropriate laws, policies and standards are followed • Governance defines the chains of responsibility, authority, and communication, as well as the measurement and control mechanisms to enable people to carry out their roles and responsibilities • There are a number of governance categories, for example: – Information Technology (IT) Governance – Enterprise Architecture (EA) Governance – SOA Governance SOA Governance January 11, 2011 Federal Aviation Administration 3 Governance Types Defined • IT Governance – The processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals1 • EA Governance – A mechanism to ensure projects apply prescriptive guidance provided by the EA process – The process of making decisions regarding the adoption of EA content2 • SOA Governance Extends IT Governance – Specifically focused on an organization’s SOA: • Service Lifecycle • Metadata • Composite applications • • 1 – Gartner: Defining IT Governance: The Gartner IT Governance Supply/Demand Model, 29 March 2010 2 – Gartner: 2010 Enterprise Architecture Research Index: EA Governance, 15 April 2010 SOA Governance January 11, 2011 Federal Aviation Administration 4 SOA Governance • Addresses concerns such as: – – – – – – – – – Service registration Service versioning Service ownership Service funding Service modeling Service discovery and access Deployment of services and composite applications Security for services Processes and procedures to support service publishing and service validation – Documenting the approach to support service lifecycle management and service reuse – Verify that running services are the approved versions – Define mechanism to manage SLAs for services – Provide a mechanism to enable runtime service look-up SOA Governance January 11, 2011 Federal Aviation Administration 5 Governance Types and Components Key IT Governance Decisions* IT Principles IT Architectural Decisions IT Infrastructure Business Application Needs IT Investment and Prioritization Key SOA Governance Decisions SOA Business and SOA IT Principles SOA Architectural Decisions SOA Infrastructure Service Portfolio Needs Service Candidate Funding and Prioritization * SOA Governance by Brown, Laird, Gee, and Mitra SOA Governance January 11, 2011 Federal Aviation Administration 6 SOA Governance in SOA Context • A comprehensive approach to implement effective SOA governance that will: – Assess the current organizational context of the organization – Define a governance model that the organization will accept and embrace – Leverage tooling to make governance operational and automated – Function based on best practices, processes, principles, policies and a documented methodology • Potential traps in implementing SOA governance: – SOA governance is not “one size fits all” – SOA governance is not driven by tools – SOA governance addresses the uniqueness of service orientation – Leverage and extend IT governance to achieve SOA governance – SOA governance requires a consistent approach SOA Governance January 11, 2011 Federal Aviation Administration 7 SOA Governance in SOA Context • Managing service lifecycle maximizes SOA value: – Service Development • Provide visibility of and access to services assets for reuse • Manage asset lifecycle – Service Deployment • • • • • Manage promotion of service Manage description of record for deployed services Manage metadata to support SOA runtimes Manage service relationships and interactions Enable impact analysis – Service Management • Monitor service performance • Manage and enforce policies SOA Governance January 11, 2011 Federal Aviation Administration 8 Implementing an Infrastructure for SOA Runtime Governance Registry and Repository Security Locate Registry of SOA Services Runtime Governance Working with a registry to find and connect services, and to apply policy Working with an access control mechanism to ensure services are allowed to access other services Manage Access Route Mediate A management framework to make the right decisions Service Management ESB Augment Log Apply Policy Working with an ESB to route messages, convert protocols, transform data formats, and handle events SOA Governance January 11, 2011 While monitoring the environment to identify issues and take actions to meet service level agreements (SLAs) Federal Aviation Administration 9 What is a SOA Center of Excellence (COE)? • The focal point and the catalyst for the transformation path to SOA: – Combined logical and physical grouping of resources – human, technical and intellectual – A group of individuals recognized for their leading edge, strategically valuable knowledge, and mandated to leverage and/or make that knowledge available throughout the enterprise (process or skill based) for SOA innovation – A community of semi-permanent teams of technical specialists, or people trained in a specific SOA skill and technical competencies that are the building blocks of organizational capabilities – A functional resource pool that can be tapped by the enterprise or line of business as new projects arise which will apply SOA principles SOA Governance January 11, 2011 Federal Aviation Administration 10 COE is the Mechanism for SOA Governance • Allows the enterprise to answer fundamental questions in relation to decision rights, process measurement, and control: – Who makes the decision, and what criteria do they use, whether a service can be accessible to other applications? – Who funds, owns, and operates shared services? – What specification and implementation standards are applied across the enterprise to assure interoperability? – How does the enterprise determine whether a service achieves expected results? – How will changes to services be managed? – Who is responsible for and how are the end-to-end availability and performance for composite business functions measured, managed, and assured? SOA Governance January 11, 2011 Federal Aviation Administration 11 The COE will: • • • • Establish, measure, and execute governance policies Manage the service lifecycle Measure the effectiveness of various SOA initiatives Assure best practices for SOA design are achieved: – – – – – – – – – Effective service composition Governing orchestrated services Designing for extensibility and reuse Loose coupling of services to support broad interoperability when requirements change Design of appropriate modularity and granularity of services Encapsulating business processes into well-defined, self-contained, coursegrained services Accessing services through standardized, platform-neutral, self-describing, well-structured, and extensible messages Separating the service interface from its implementation Assist enterprise programs with identifying associated cost/benefits relative to an SOA implementation SOA Governance January 11, 2011 Federal Aviation Administration 12 SOA Governance in the NAS SOA Governance January 11, 2011 Federal Aviation Administration 13 System Wide Information Management (SWIM) Today Business as Usual - More point-to-point unique interfaces - Costly development, test, maintenance, CM - New decisions linked to old data constructs - Cumbersome data access outside the NAS Host ETMS WARP IDS/ ERIDS ASDE ATOP ERAM STARS/ ARTS/ TAMR CIWS FAA Systems ERAM TMA TFM InterAgency - Existing point-to-point hardwired NAS - Unique interfaces, custom designs SWIM Compliant Non-Government Systems Core Services via FTI Enterprise Management SWIM Compliant Government Systems DOTS LEGEND - Requires common Governance Framework SWIM Segment 1 SWIM Future Segment SWIM Adapter SOA Governance January 11, 2011 Federal Aviation Administration 14 Governance for the NAS Enterprise SWIM Core Domain Y Core Domain X Core SOA Governance January 11, 2011 Zeal for SOA and Web Services without Governance leads to incompatible implementations and “rogue” services Federal Aviation Administration 15 Why Governance? • Goals – Interoperability • Reduce “custom” code • Allow common Test Suites • Easy transfer of knowledge among development teams – Opportunities for Reuse • Reduce redundant operations • Develop once, use often • Guiding Principles – Adherence to Standards – Visibility/Discoverability • Straightforward way to Publish Services • Easy way to find and use Services SOA Governance January 11, 2011 Federal Aviation Administration 16 SWIM Governance • WHAT must be done – SWIM Governance Policies v1.1 – Templates for Service Contract artifacts • WHO is responsible – Governance Authority • Initial Service Candidate Approval by Technical Review Board (TRB) • SWIM manages remainder of lifecycle for approved programs – Service Providers responsibilities documented – Service Consumers responsibilities documented • HOW must they do it – Technical Standards coordinated with NAS Enterprise Architecture • TV-1 Technical Standards Profile • TV-2 Technical Standards Forecast – FAA Standards • • • • FAA-STD-063 XML Namespaces FAA-STD-064 Web Service Registration FAA-STD-065 Web Service Description Documents FAA-STD-066 Web Service Taxonomies – SWIM Service Lifecycle Management Processes v1.0 – SWIM Version Management Processes v1.0 SOA Governance January 11, 2011 Federal Aviation Administration 17 SWIM Compliance • SWIM Compliance Definition: – “verified conformance to SWIM Policies.” (ref: SWIM Service Lifecycle Management Processes v1.0) • Verification Mechanisms – Manual review of artifacts – Governance-enabling Technology • NAS Service Registry/Repository (NSRR) • Testing Tools (Actional, Lisa, etc…) • SWIM Web Service Security Compliance Test Kit (SWIM WS-S CTK) • Policy Servers • XML Gateways • Enterprise Service Management (ESM) software • Not just a “Rubber Stamp” SOA Governance January 11, 2011 Federal Aviation Administration 18 Service Lifecycle aligns to AMS Proposal Definition Development Retired Deprecated Verification Production SOA Governance January 11, 2011 Federal Aviation Administration 19 Service Lifecycle Management Decisions Technical Review Board (TRB) Investment Decision Authority SWIM Governance Team New proposal Stage 1: Service Proposal Stage 2: Service Definition Stage 3: Service Development Stage 4: Service Verification Stage 5: Service Production Stage 6: Service Deprecation Stage 7: Service Retirement In Service Decision (ISD) Authority SOA Governance January 11, 2011 Federal Aviation Administration 20 NAS Service Registry/Repository • Production NSRR deployed – July 1, 2010 – https://swimrep.faa.gov/soa – HP Systinet – Technical Support available during normal working hours • Mon – Fri, 8-5PM • Email issues/problems to 9-act-swimregistry@faa.gov • User Account Request Form – www.swim.gov → Documents → SWIM Compliance – Mail to paul.jackson@faa.gov SOA Governance January 11, 2011 Federal Aviation Administration 21 NSRR Dashboard SOA Governance January 11, 2011 Federal Aviation Administration 22 What is the SWIM SOA COE? • Mission Statement: – The SWIM SOA Center of Excellence (COE) will facilitate the NAS SOA achieving consistent service development, operation, and management enterprise-wide – The COE will be a focal point of expertise and assume a lead role in governing the execution and evolution of the long-term SWIM SOA strategy • Provide leadership and technical guidance to SWIM transformation initiatives • Allow the FAA to develop and deploy integrated solutions in a timely and costeffective manner; leveraging skills, methodologies, best practices, and standard processes • The focal point and catalyst for the transformation path to SOA: – Combined logical and physical grouping of resources – human and technical – A group of individuals recognized for their leading edge, strategically valuable knowledge; to make that knowledge available throughout the enterprise – A community of teams of people trained in specific SOA skills and technical competencies that are the building blocks of organizational capabilities – A functional resource pool that can be tapped by the enterprise or lines of business as new projects arise which will apply SOA principles SOA Governance January 11, 2011 Federal Aviation Administration 23 For More Information: • www.swim.gov – Documents • SWIM Compliance Documents – SWIM Service Compliance Requirements • paul.jackson@faa.gov SOA Governance January 11, 2011 Federal Aviation Administration 24
© Copyright 2024