|By Gopala Krishna Behara, Prasad Palli||
|December 8, 2012 03:00 PM EST||
The aim of the Architecture Assurance is to provide collaborative architecture processes for assuring complete implementation of the technical solutions that are aligned with the business drivers of an enterprise in a timely environment. The effective sharing of the information across different Business Units (BU) / departments within an enterprise and interoperability across IT systems would ensure the alignment of IT with business. The Architecture Assurance Group (AAG) is involved in reviewing the Project Architecture during the design and development phases of an application/system to help ensure successful project implementation. This review also ensures that the proposed system fits into the existing enterprise environment as well as the future architecture vision.
The goals of Architecture Assurance include some or all of the following:
- Identify inconsistencies in the architecture early, which reduces the cost and risk of changes required later in the life cycle
- Provide an overview of the compliance of architecture to mandated enterprise standards
- Identify where the standards may require modification
- Identify services that are currently application-specific but might be provided as part of the enterprise infrastructure
- Take advantage of advances in technology
- Communicate to management the status of the technical readiness of the project
- Identify and communicate significant architectural gaps to product and service providers
- Establish, own and manage Enterprise Architecture Content
- Provide architecture governance: guidelines and recommendations on business and IT architecture
- Ensure and enforce architecture compliance: review changes and deviations in business and IT architecture
- Resolve architectural ambiguities, issues and conflicts at the enterprise level
- Identify projects that have high architectural risk, and provide assistance to them early and often throughout the project
- Provide guidance to project managers and designers to direct architecture compliance
- Formally review projects to ensure compliance
- Leverage third-party assessments
- Leverage COT's products
The main benefits of these reviews are:
- Architecture is reviewed by a group of experienced architects across the enterprise
- Assistance in leveraging the existing architecture promoting the reusability
- Architecture for plug and play
- Promote simplification and standardization
- Proactively identify risks to the project
- Provide enterprise-wide context to project team
Maintain the integrity of the enterprise IT environment and expand the user community's access to Enter resources
- Does the project presents risk to the IT environment (e.g., infrastructure, other applications, users, enterprise policy)
- Allows Architecture Review Team to proactively recognize when modifications to the architecture are required
- Allows the project team to provide input to the extension of the proposed architecture
- Does the project leverage the existing common services where applicable
- Provides cost effectiveness across the enterprise
Architecture Assurance Methodology
The Architecture Assurance Group is a multi-disciplinary body that is responsible for the maintenance and enforcement of Architecture, Design standards and best practices across the programs/projects. The primary responsibility is to provide governance and ensure compliance of the defined enterprise / solution architecture.
Architecture Assurance is the key success factor in ensuring high quality deliverables for the architecture and design phases. The intent of the Architecture Assurance Process is to ensure that ongoing projects have the right architectural assumptions and that in-flight projects receive architectural guidance throughout the life cycle. This should be a collaborative effort to ensure that project designs and implementations are compliant with the defined architecture
A detailed Architecture Assurance process that achieves these goals is shown in Figure 1.
Architecture/Design Review(s) should be conducted at a stage when there is still time to correct any major inconsistencies or shortcomings in the program/project.
The Architecture/Design Review is typically targeted for the Analysis SDLC phase and at a point in time when:
- Business goals, business requirements, policies are defined
- Ball park clarity of hardware and software requirements & decisions are not finalized
- Project schedules / timelines are defined
- Project risk assessment is done
Architecture Review Criteria is:
- Start Early
- Drive and Participate in architecture workshop
- Establish relation with architecture & design teams
- Involve through architecture & design
- Involve and review the architecture and design decisions on an ongoing basis
- Review the intermittent and final architecture deliverables
- Share architecture best practices
- Mentor architecture and design teams as appropriate
- Architectural Risk Analysis and Mitigation
- Quality attribute analysis of architecture
- Failure and risk analysis of architecture
- Mentor on engineering best practices
- Mentor on Development method, tools & build practices
- Performance and other NFR related best practices
During the review, the architecture review team needs to extract the information like impacted groups, impacted systems, data feeds, software components required such as build, buy and reuse, security requirement, availability, scalability, error handling, capacity sizing, integration with third parties, data center/hosting facility, etc.
Key activities of the Architecture Assurance Group are:
- Conduct planned and random formal architecture review workshops for projects and programs
- Analyze architecture quality attributes against requirements
- Conduct architecture failure and risk analysis and mitigation plan
- Identify areas of non-compliance and options to redress shortcomings
- Conduct formal/informal reviews of intermediate and final architecture deliverables to ensure ongoing compliance and quality
- Review and track architecture and design decisions
In this phase, Architecture Assurance look for a high-level functional fit and nonfunctional fitment of the solution. Also verifies the solution mapping with the design and various options provided for the solution, reasons for the choices, TCO analysis of each option, etc.
In this phase, the verification of the alignment of the solution with the architecture requirements is done. Proper realization of the Architecture Principles, Architecture Patterns, IT Strategy alignment are performed in this phase. Any deviation of the standards needs to be approved by the Architecture Assurance Group.
In this phase, the report will be reviewed in terms of Business, Data, application & Technology. Also, identification of the open items, action items and next steps will be addressed & communicated to the project team
The prepared report will be presented to the Program management & track the observations to the closure. In this Phase, we oversee the updated architecture artifacts
Architecture Review Process
To ensure smooth, timely, and low impact reviews, the involved parties should prepare within the guidelines below. The process flow is shown in Figure 2.
The project architecture team is responsible for:
- Developing a project description that provides sufficient detail for the review team to evaluate architectural risks, including the project size, business impact, NFRs, Architecture Principles
- Sharing project estimates
The Architecture Assurance Team is responsible for:
- Assessing projects for architectural impact during the Proposal/Project Initiation phase of the SDLC processes
- Providing guidance to projects through the design phase to ensure that the final design is architecturally compliant
- Prepare/Customize Architecture Templates, Architecture Checklist
- Participate in the Architecture Review meetings to provide support to project teams and to assist the Architecture Assurance Group in decision making.
- Analyze the filled up Checklist, Summarize the review findings
- Customize Architecture Metrics
As part of the Architecture Review Process the following standards of the system need to be reviewed and agreed
- Business Strategy, Goals & Vision
- IT Strategy
- Existing Budgets, Resource Plans, Project Plans
- Business Scope Description
- Use Case Specification
- Business Requirements Document (BRD)
- Service Level Agreements
- TCO Model (CAPEX/OPEX etc.) - Funding Status
- Build/Buy/Reuse(Retrofit) Considerations
- Business process modeling and workflow system
- Business Process Optimization
- Business Process Analysis
- Business Process Monitoring & SLA's
- Application platform
- Programming/scripting language
- Testing/monitoring tools
- User interface platform
- Enterprise application integration platform
- Conceptual Architecture
- Logical Architecture
- Physical Architecture
- Security Architecture
- Portal platform
- Architecture Frameworks
- Performance Tuning Plan
- Migration Plan
- Tool/Vendor Selection Results
- Data Strategy
- Logical Data Model (LDM)
- Physical Data Model (PDM)
- Data integration platform
- Reporting and data analysis platform
- Server platform and operating system
- Desktop platform and operating system
- Bill of Materials
- H/W & S/W Acquisition/Lease Plan
- Security Implementation/Management Plan
- Deployment Plan
- Operational Readiness Plan
- Release Plan
- Network infrastructure
- System Performance Report
- Disaster Recovery Plan
Architecture Assurance Lead will perform the following activities:
- Assign Review Team
- Disagreement/Issue Resolution
- Review Findings discussion and agreement & communication with the project/program team
Review members will:
- Commit to review all materials in advance
- Prepare detailed questions using this practice standard and Checklist as appropriate
- Conduct any preliminary research as necessary to be an informed team member
- Attend all review meetings
- Provide a final assessment and recommendation based on their interpretation of the impact of the proposed solution architecture and design on the Enterprise Architecture.
Authors like to thank Hari Kishan Burle, General Manager, Wipro Technologies for giving us the required time and support in many ways in bringing this article as part of Architecture Assurance Practice efforts.
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and Containers together help companies to achieve their business goals faster and more effectively.
Oct. 9, 2015 08:15 PM EDT Reads: 201
The web app is agile. The REST API is agile. The testing and planning are agile. But alas, data infrastructures certainly are not. Once an application matures, changing the shape or indexing scheme of data often forces at best a top down planning exercise and at worst includes schema changes that force downtime. The time has come for a new approach that fundamentally advances the agility of distributed data infrastructures. Come learn about a new solution to the problems faced by software organ...
Oct. 9, 2015 08:00 PM EDT Reads: 929
Achim Weiss is Chief Executive Officer and co-founder of ProfitBricks. In 1995, he broke off his studies to co-found the web hosting company "Schlund+Partner." The company "Schlund+Partner" later became the 1&1 web hosting product line. From 1995 to 2008, he was the technical director for several important projects: the largest web hosting platform in the world, the second largest DSL platform, a video on-demand delivery network, the largest eMail backend in Europe, and a universal billing syste...
Oct. 9, 2015 06:45 PM EDT Reads: 221
Saviynt Inc. has announced the availability of the next release of Saviynt for AWS. The comprehensive security and compliance solution provides a Command-and-Control center to gain visibility into risks in AWS, enforce real-time protection of critical workloads as well as data and automate access life-cycle governance. The solution enables AWS customers to meet their compliance mandates such as ITAR, SOX, PCI, etc. by including an extensive risk and controls library to detect known threats and b...
Oct. 9, 2015 03:00 PM EDT Reads: 241
Docker is hot. However, as Docker container use spreads into more mature production pipelines, there can be issues about control of Docker images to ensure they are production-ready. Is a promotion-based model appropriate to control and track the flow of Docker images from development to production? In his session at DevOps Summit, Fred Simon, Co-founder and Chief Architect of JFrog, will demonstrate how to implement a promotion model for Docker images using a binary repository, and then show h...
Oct. 9, 2015 02:15 PM EDT Reads: 180
DevOps has often been described in terms of CAMS: Culture, Automation, Measuring, Sharing. While we’ve seen a lot of focus on the “A” and even on the “M”, there are very few examples of why the “C" is equally important in the DevOps equation. In her session at @DevOps Summit, Lori MacVittie, of F5 Networks, will explore HTTP/1 and HTTP/2 along with Microservices to illustrate why a collaborative culture between Dev, Ops, and the Network is critical to ensuring success.
Oct. 9, 2015 01:30 PM EDT Reads: 167
Overgrown applications have given way to modular applications, driven by the need to break larger problems into smaller problems. Similarly large monolithic development processes have been forced to be broken into smaller agile development cycles. Looking at trends in software development, microservices architectures meet the same demands. Additional benefits of microservices architectures are compartmentalization and a limited impact of service failure versus a complete software malfunction....
Oct. 9, 2015 01:15 PM EDT Reads: 258
Despite all the talk about public cloud services and DevOps, you would think the move to cloud for enterprises is clear and simple. But in a survey of almost 1,600 IT decision makers across the USA and Europe, the state of the cloud in enterprise today is still fraught with considerable frustration. The business case for apps in the real world cloud is hybrid, bimodal, multi-platform, and difficult. Download this report commissioned by NTT Communications to see the insightful findings – registra...
Oct. 9, 2015 01:00 PM EDT Reads: 300
Manufacturing has widely adopted standardized and automated processes to create designs, build them, and maintain them through their life cycle. However, many modern manufacturing systems go beyond mechanized workflows to introduce empowered workers, flexible collaboration, and rapid iteration. Such behaviors also characterize open source software development and are at the heart of DevOps culture, processes, and tooling.
Oct. 9, 2015 12:30 PM EDT Reads: 1,106
Containers are revolutionizing the way we deploy and maintain our infrastructures, but monitoring and troubleshooting in a containerized environment can still be painful and impractical. Understanding even basic resource usage is difficult - let alone tracking network connections or malicious activity. In his session at DevOps Summit, Gianluca Borello, Sr. Software Engineer at Sysdig, will cover the current state of the art for container monitoring and visibility, including pros / cons and li...
Oct. 9, 2015 12:00 PM EDT Reads: 244
DevOps Summit at Cloud Expo 2014 Silicon Valley was a terrific event for us. The Qubell booth was crowded on all three days. We ran demos every 30 minutes with folks lining up to get a seat and usually standing around. It was great to meet and talk to over 500 people! My keynote was well received and so was Stan's joint presentation with RingCentral on Devops for BigData. I also participated in two Power Panels – ‘Women in Technology’ and ‘Why DevOps Is Even More Important than You Think,’ both ...
Oct. 9, 2015 12:00 PM EDT Reads: 8,678
In a report titled “Forecast Analysis: Enterprise Application Software, Worldwide, 2Q15 Update,” Gartner analysts highlighted the increasing trend of application modernization among enterprises. According to a recent survey, 45% of respondents stated that modernization of installed on-premises core enterprise applications is one of the top five priorities. Gartner also predicted that by 2020, 75% of
Oct. 9, 2015 12:00 PM EDT Reads: 339
As the world moves towards more DevOps and microservices, application deployment to the cloud ought to become a lot simpler. The microservices architecture, which is the basis of many new age distributed systems such as OpenStack, NetFlix and so on, is at the heart of Cloud Foundry - a complete developer-oriented Platform as a Service (PaaS) that is IaaS agnostic and supports vCloud, OpenStack and AWS. In his session at 17th Cloud Expo, Raghavan "Rags" Srinivas, an Architect/Developer Evangeli...
Oct. 9, 2015 11:45 AM EDT Reads: 185
Our guest on the podcast this week is Jason Bloomberg, President at Intellyx. When we build services we want them to be lightweight, stateless and scalable while doing one thing really well. In today's cloud world, we're revisiting what to takes to make a good service in the first place. Listen in to learn why following "the book" doesn't necessarily mean that you're solving key business problems.
Oct. 9, 2015 11:00 AM EDT Reads: 2,236
For it to be SOA – let alone SOA done right – we need to pin down just what "SOA done wrong" might be. First-generation SOA with Web Services and ESBs, perhaps? But then there's second-generation, REST-based SOA. More lightweight and cloud-friendly, but many REST-based SOA practices predate the microservices wave. Today, microservices and containers go hand in hand – only the details of "container-oriented architecture" are largely on the drawing board – and are not likely to look much like S...
Oct. 9, 2015 10:00 AM EDT Reads: 505
In their session at DevOps Summit, Asaf Yigal, co-founder and the VP of Product at Logz.io, and Tomer Levy, co-founder and CEO of Logz.io, will explore the entire process that they have undergone – through research, benchmarking, implementation, optimization, and customer success – in developing a processing engine that can handle petabytes of data. They will also discuss the requirements of such an engine in terms of scalability, resilience, security, and availability along with how the archi...
Oct. 9, 2015 10:00 AM EDT Reads: 405
Any Ops team trying to support a company in today’s cloud-connected world knows that a new way of thinking is required – one just as dramatic than the shift from Ops to DevOps. The diversity of modern operations requires teams to focus their impact on breadth vs. depth. In his session at DevOps Summit, Adam Serediuk, Director of Operations at xMatters, Inc., will discuss the strategic requirements of evolving from Ops to DevOps, and why modern Operations has begun leveraging the “NoOps” approa...
Oct. 9, 2015 10:00 AM EDT Reads: 161
The last decade was about virtual machines, but the next one is about containers. Containers enable a service to run on any host at any time. Traditional tools are starting to show cracks because they were not designed for this level of application portability. Now is the time to look at new ways to deploy and manage applications at scale. In his session at @DevOpsSummit, Brian “Redbeard” Harrington, a principal architect at CoreOS, will examine how CoreOS helps teams run in production. Attende...
Oct. 9, 2015 10:00 AM EDT Reads: 1,259
With containerization using Docker, the orchestration of containers using Kubernetes, the self-service model for provisioning your projects and applications and the workflows we built in OpenShift is the best in class Platform as a Service that enables introducing DevOps into your organization with ease. In his session at DevOps Summit, Veer Muchandi, PaaS evangelist with RedHat, will provide a deep dive overview of OpenShift v3 and demonstrate how it helps with DevOps.
Oct. 9, 2015 09:00 AM EDT Reads: 671
What Is Emergent About Emergent Architecture? By @TheEbizWizard | @DevOpsSummit #DevOps #BigData #API
All we need to do is have our teams self-organize, and behold! Emergent design and/or architecture springs up out of the nothingness! If only it were that easy, right? I follow in the footsteps of so many people who have long wondered at the meanings of such simple words, as though they were dogma from on high. Emerge? Self-organizing? Profound, to be sure. But what do we really make of this sentence?
Oct. 9, 2015 08:00 AM EDT Reads: 406