SOA Governance In General, and In the NAS Federal Aviation

SOA Governance
In General,
and In the NAS
Presented to: SOA Brown Bag #3
By: SWIM Governance Team
Date: January 11, 2011
Federal Aviation
Administration
Agenda
• Service Oriented Architecture (SOA) Governance –
Michael Confoy – SOA Architect
– Definition
– Governance in SOA Context
– Center of Excellence
• SOA Governance in the National Airspace System
(NAS) – Paul Jackson – SWIM Governance Team
– Policies
– Lifecycle Context
– Center of Excellence
SOA Governance
January 11, 2011
Federal Aviation
Administration
2
Governance Defined
• Governance is about decision making
• Conversely, management is making sure that the enterprises’
governance process is executed
• Governance establishes the processes to assure that the
appropriate laws, policies and standards are followed
• Governance defines the chains of responsibility, authority,
and communication, as well as the measurement and control
mechanisms to enable people to carry out their roles and
responsibilities
• There are a number of governance categories, for example:
– Information Technology (IT) Governance
– Enterprise Architecture (EA) Governance
– SOA Governance
SOA Governance
January 11, 2011
Federal Aviation
Administration
3
Governance Types Defined
•
IT Governance
– The processes that ensure the effective and efficient use of IT in enabling an
organization to achieve its goals1
•
EA Governance
– A mechanism to ensure projects apply prescriptive guidance provided by the EA
process
– The process of making decisions regarding the adoption of EA content2
•
SOA Governance Extends IT Governance
– Specifically focused on an organization’s SOA:
• Service Lifecycle
• Metadata
• Composite applications
•
•
1 – Gartner: Defining IT Governance: The Gartner IT Governance Supply/Demand Model, 29
March 2010
2 – Gartner: 2010 Enterprise Architecture Research Index: EA Governance, 15 April 2010
SOA Governance
January 11, 2011
Federal Aviation
Administration
4
SOA Governance
• Addresses concerns such as:
–
–
–
–
–
–
–
–
–
Service registration
Service versioning
Service ownership
Service funding
Service modeling
Service discovery and access
Deployment of services and composite applications
Security for services
Processes and procedures to support service publishing and service validation
– Documenting the approach to support service lifecycle management and
service reuse
– Verify that running services are the approved versions
– Define mechanism to manage SLAs for services
– Provide a mechanism to enable runtime service look-up
SOA Governance
January 11, 2011
Federal Aviation
Administration
5
Governance Types and Components
Key IT Governance Decisions*
IT Principles
IT Architectural Decisions
IT Infrastructure
Business Application Needs
IT Investment and Prioritization
Key SOA Governance Decisions
SOA Business and SOA IT Principles
SOA Architectural Decisions
SOA Infrastructure
Service Portfolio Needs
Service Candidate Funding and
Prioritization
* SOA Governance by Brown, Laird, Gee, and Mitra
SOA Governance
January 11, 2011
Federal Aviation
Administration
6
SOA Governance in SOA Context
• A comprehensive approach to implement effective SOA
governance that will:
– Assess the current organizational context of the organization
– Define a governance model that the organization will accept and
embrace
– Leverage tooling to make governance operational and automated
– Function based on best practices, processes, principles, policies and a
documented methodology
• Potential traps in implementing SOA governance:
– SOA governance is not “one size fits all”
– SOA governance is not driven by tools
– SOA governance addresses the uniqueness of service orientation
– Leverage and extend IT governance to achieve SOA governance
– SOA governance requires a consistent approach
SOA Governance
January 11, 2011
Federal Aviation
Administration
7
SOA Governance in SOA Context
• Managing service lifecycle maximizes SOA value:
– Service Development
• Provide visibility of and access to services assets for reuse
• Manage asset lifecycle
– Service Deployment
•
•
•
•
•
Manage promotion of service
Manage description of record for deployed services
Manage metadata to support SOA runtimes
Manage service relationships and interactions
Enable impact analysis
– Service Management
• Monitor service performance
• Manage and enforce policies
SOA Governance
January 11, 2011
Federal Aviation
Administration
8
Implementing an Infrastructure for
SOA Runtime Governance
Registry and
Repository
Security
 Locate
Registry of
SOA
Services
Runtime Governance
Working with a
registry to find and
connect services, and
to apply policy
Working with an
access control
mechanism to ensure
services are allowed to
access other services
 Manage
Access
 Route
 Mediate
A management framework to make
the right decisions
Service
Management
ESB
 Augment
 Log
 Apply
Policy
Working with an ESB to
route messages, convert
protocols, transform data
formats, and handle
events
SOA Governance
January 11, 2011
While monitoring the
environment to identify
issues and take actions to
meet service level
agreements (SLAs)
Federal Aviation
Administration
9
What is a SOA Center of Excellence
(COE)?
• The focal point and the catalyst for the transformation path to
SOA:
– Combined logical and physical grouping of resources – human,
technical and intellectual
– A group of individuals recognized for their leading edge, strategically
valuable knowledge, and mandated to leverage and/or make that
knowledge available throughout the enterprise (process or skill based)
for SOA innovation
– A community of semi-permanent teams of technical specialists, or
people trained in a specific SOA skill and technical competencies that
are the building blocks of organizational capabilities
– A functional resource pool that can be tapped by the enterprise or line
of business as new projects arise which will apply SOA principles
SOA Governance
January 11, 2011
Federal Aviation
Administration
10
COE is the Mechanism for SOA Governance
• Allows the enterprise to answer fundamental
questions in relation to decision rights, process
measurement, and control:
– Who makes the decision, and what criteria do they use,
whether a service can be accessible to other applications?
– Who funds, owns, and operates shared services?
– What specification and implementation standards are applied
across the enterprise to assure interoperability?
– How does the enterprise determine whether a service achieves
expected results?
– How will changes to services be managed?
– Who is responsible for and how are the end-to-end availability
and performance for composite business functions measured,
managed, and assured?
SOA Governance
January 11, 2011
Federal Aviation
Administration
11
The COE will:
•
•
•
•
Establish, measure, and execute governance policies
Manage the service lifecycle
Measure the effectiveness of various SOA initiatives
Assure best practices for SOA design are achieved:
–
–
–
–
–
–
–
–
–
Effective service composition
Governing orchestrated services
Designing for extensibility and reuse
Loose coupling of services to support broad interoperability when requirements
change
Design of appropriate modularity and granularity of services
Encapsulating business processes into well-defined, self-contained, coursegrained services
Accessing services through standardized, platform-neutral, self-describing,
well-structured, and extensible messages
Separating the service interface from its implementation
Assist enterprise programs with identifying associated cost/benefits relative to
an SOA implementation
SOA Governance
January 11, 2011
Federal Aviation
Administration
12
SOA Governance in the NAS
SOA Governance
January 11, 2011
Federal Aviation
Administration
13
System Wide Information
Management (SWIM)
Today
Business as
Usual
- More point-to-point
unique interfaces
- Costly development,
test, maintenance, CM
- New decisions linked to
old data constructs
- Cumbersome data
access outside the NAS
Host
ETMS
WARP
IDS/
ERIDS
ASDE
ATOP
ERAM
STARS/
ARTS/
TAMR
CIWS
FAA Systems
ERAM
TMA
TFM
InterAgency
- Existing point-to-point
hardwired NAS
- Unique interfaces, custom
designs
SWIM Compliant
Non-Government
Systems
Core
Services
via FTI
Enterprise
Management
SWIM Compliant
Government
Systems
DOTS
LEGEND
- Requires common
Governance Framework
SWIM Segment 1
SWIM Future Segment
SWIM Adapter
SOA Governance
January 11, 2011
Federal Aviation
Administration
14
Governance for the NAS Enterprise
SWIM
Core
Domain Y
Core
Domain X
Core
SOA Governance
January 11, 2011
Zeal for SOA and Web
Services without
Governance leads to
incompatible
implementations and
“rogue” services
Federal Aviation
Administration
15
Why Governance?
• Goals
– Interoperability
• Reduce “custom” code
• Allow common Test Suites
• Easy transfer of knowledge among development teams
– Opportunities for Reuse
• Reduce redundant operations
• Develop once, use often
• Guiding Principles
– Adherence to Standards
– Visibility/Discoverability
• Straightforward way to Publish Services
• Easy way to find and use Services
SOA Governance
January 11, 2011
Federal Aviation
Administration
16
SWIM Governance
•
WHAT must be done
– SWIM Governance Policies v1.1
– Templates for Service Contract artifacts
•
WHO is responsible
– Governance Authority
• Initial Service Candidate Approval by Technical Review Board (TRB)
• SWIM manages remainder of lifecycle for approved programs
– Service Providers responsibilities documented
– Service Consumers responsibilities documented
•
HOW must they do it
– Technical Standards coordinated with NAS Enterprise Architecture
• TV-1 Technical Standards Profile
• TV-2 Technical Standards Forecast
– FAA Standards
•
•
•
•
FAA-STD-063 XML Namespaces
FAA-STD-064 Web Service Registration
FAA-STD-065 Web Service Description Documents
FAA-STD-066 Web Service Taxonomies
– SWIM Service Lifecycle Management Processes v1.0
– SWIM Version Management Processes v1.0
SOA Governance
January 11, 2011
Federal Aviation
Administration
17
SWIM Compliance
• SWIM Compliance Definition:
– “verified conformance to SWIM Policies.”
(ref: SWIM Service Lifecycle Management
Processes v1.0)
• Verification Mechanisms
– Manual review of artifacts
– Governance-enabling Technology
• NAS Service Registry/Repository (NSRR)
• Testing Tools (Actional, Lisa, etc…)
• SWIM Web Service Security Compliance
Test Kit (SWIM WS-S CTK)
• Policy Servers
• XML Gateways
• Enterprise Service Management (ESM)
software
• Not just a “Rubber Stamp”
SOA Governance
January 11, 2011
Federal Aviation
Administration
18
Service Lifecycle aligns to AMS
Proposal
Definition
Development
Retired
Deprecated
Verification
Production
SOA Governance
January 11, 2011
Federal Aviation
Administration
19
Service Lifecycle Management Decisions
Technical Review Board (TRB)
Investment Decision Authority
SWIM Governance Team
New proposal
Stage 1:
Service
Proposal
Stage 2:
Service
Definition
Stage 3:
Service
Development
Stage 4:
Service
Verification
Stage 5:
Service
Production
Stage 6:
Service
Deprecation
Stage 7:
Service
Retirement
In Service Decision (ISD) Authority
SOA Governance
January 11, 2011
Federal Aviation
Administration
20
NAS Service Registry/Repository
• Production NSRR deployed – July 1, 2010
– https://swimrep.faa.gov/soa
– HP Systinet
– Technical Support available during normal working
hours
• Mon – Fri, 8-5PM
• Email issues/problems to 9-act-swimregistry@faa.gov
• User Account Request Form
– www.swim.gov → Documents → SWIM Compliance
– Mail to paul.jackson@faa.gov
SOA Governance
January 11, 2011
Federal Aviation
Administration
21
NSRR Dashboard
SOA Governance
January 11, 2011
Federal Aviation
Administration
22
What is the SWIM SOA COE?
• Mission Statement:
– The SWIM SOA Center of Excellence (COE) will facilitate the NAS SOA achieving
consistent service development, operation, and management enterprise-wide
– The COE will be a focal point of expertise and assume a lead role in governing the
execution and evolution of the long-term SWIM SOA strategy
• Provide leadership and technical guidance to SWIM transformation initiatives
• Allow the FAA to develop and deploy integrated solutions in a timely and costeffective manner; leveraging skills, methodologies, best practices, and
standard processes
• The focal point and catalyst for the transformation path to SOA:
– Combined logical and physical grouping of resources – human and technical
– A group of individuals recognized for their leading edge, strategically valuable
knowledge; to make that knowledge available throughout the enterprise
– A community of teams of people trained in specific SOA skills and technical
competencies that are the building blocks of organizational capabilities
– A functional resource pool that can be tapped by the enterprise or lines of business
as new projects arise which will apply SOA principles
SOA Governance
January 11, 2011
Federal Aviation
Administration
23
For More Information:
• www.swim.gov
– Documents
• SWIM Compliance Documents
– SWIM Service Compliance Requirements
• paul.jackson@faa.gov
SOA Governance
January 11, 2011
Federal Aviation
Administration
24