Preventing SOA failures SOA risks and things to avoid May 14, 2008

Gartner's take on SOA failures Technical errors Underestimating the technical complexity of a large-scale SOA Insufficient validation of the SOA enabling technical infrastructure implementation (for example, no stress tests)‏ SOA infrastructure, services and consumer applications are insufficiently instrumented for security/management/troubleshooting Too-coarse/too-fine service granularity Insufficient/not up-to-date documentation Resolution Invest in the right resources and tools Invest in training and professional services Demand SOA Governance

Technical errors

Underestimating the technical complexity of a large-scale SOA

Insufficient validation of the SOA enabling technical infrastructure implementation (for example, no stress tests)‏

SOA infrastructure, services and consumer applications are insufficiently instrumented for security/management/troubleshooting

Too-coarse/too-fine service granularity

Insufficient/not up-to-date documentation

Resolution

Invest in the right resources and tools

Invest in training and professional services

Demand SOA Governance

Gartner's take on SOA failures Organizational errors Overlooking governance Thinking SOA projects should be run like any other project Not anticipating service number explosions in a maturing SOA Giving up on an integration competency center or SOA CoE Outsourcing architects (or not having them at all) Resolution Invest in Architecture Acquire appropriate skill sets and train internal resources Demand SOA Governance (Design time and runtime)

Organizational errors

Overlooking governance

Thinking SOA projects should be run like any other project

Not anticipating service number explosions in a maturing SOA

Giving up on an integration competency center or SOA CoE

Outsourcing architects (or not having them at all)

Resolution

Invest in Architecture

Acquire appropriate skill sets and train internal resources

Demand SOA Governance (Design time and runtime)

Dave Linthicum’s take on SOA failures Top 5 reasons SOA fails 5. They consider a SOA a project, not what it is, a more holistic notion . Thus, they think they can implement an ESB or other SOA technology and their done. 4. They use 2nd tier talent. They attempt to implement a SOA using people who really don't understand the concept of a SOA, and perhaps never will. 3. They are under resourced . "Go make huge sweeping changes within our IT infrastructure, and do so with about 10 percent of the resources you really need." You can't do this on a budget, unfortunately. 2. They allow the vendors to define their solution . The vendors don't understand your core business issues, and have a conflict of interest, really. When you sell a hammer, everything looks like a nail. 1. Requirements are not fully gathered. There is no domain understanding before the solution is developed. Resolution Invest in the right skill sets (SOA Architects, BA's, etc.) and tools Educate senior IT management

Top 5 reasons SOA fails

5. They consider a SOA a project, not what it is, a more holistic notion . Thus, they think they can implement an ESB or other SOA technology and their done.

4. They use 2nd tier talent. They attempt to implement a SOA using people who really don't understand the concept of a SOA, and perhaps never will.

3. They are under resourced . "Go make huge sweeping changes within our IT infrastructure, and do so with about 10 percent of the resources you really need." You can't do this on a budget, unfortunately.

2. They allow the vendors to define their solution . The vendors don't understand your core business issues, and have a conflict of interest, really. When you sell a hammer, everything looks like a nail.

1. Requirements are not fully gathered. There is no domain understanding before the solution is developed.

Resolution

Invest in the right skill sets (SOA Architects, BA's, etc.) and tools

Educate senior IT management

SOA Governance Why is governance important? Enforce standards and best practices Ensure we get the benefits of reuse, flexibility, and speed to market Ensure quality, performance and applicability of services are published Provide a means for consumers to discover and reuse services Manage versions, security and state-change of services and other artifacts Assess and manage the impact of change across a network of consumers. Source: SOA World

Why is governance important?

Enforce standards and best practices

Ensure we get the benefits of reuse, flexibility, and speed to market

Ensure quality, performance and applicability of services are published

Provide a means for consumers to discover and reuse services

Manage versions, security and state-change of services and other artifacts

Assess and manage the impact of change across a network of consumers.

Source: SOA World

SOA Governance What are the risks if we don't invest in Governance? Poor governance undermines the intended benefits of SOA SOA threatens to transform the enterprise network into a complex, sprawling unmanageable mesh. Service quality, consistency, performance, and predictability 'Without Governance, There is No SOA' (SOAinAction.com)‏ “ Without that governance, your SOA is going to spiral into chaos" (Burton Group)‏ Governance is no longer optional - it's imperative” (SOA World)

What are the risks if we don't invest in Governance?

Poor governance undermines the intended benefits of SOA

SOA threatens to transform the enterprise network into a complex, sprawling unmanageable mesh.

Service quality, consistency, performance, and predictability

'Without Governance, There is No SOA' (SOAinAction.com)‏

“ Without that governance, your SOA is going to spiral into chaos" (Burton Group)‏

Governance is no longer optional - it's imperative” (SOA World)

SOA Governance What do the experts at SOA World say about no governance? A lack of trust in service offerings, causing consumers not to reuse services because of unpredictable quality and performance issues A disruption in processes by publishing services that don't fully conform to service-level requirements or by failing to assess the impact of change Escalations in support costs through an onslaught of help desk and field service calls due to service issues and outages A lack of interoperability , creating silos of business services and perpetuating the same challenges of a traditional, tightly coupled architecture Non-compliance with regulations by failing to associate key policies with services Security breaches by allowing arbitrary access to data and services An overall SOA failure by letting chaos reign and perpetuating a "garbage in, garbage out" environment.

What do the experts at SOA World say about no governance?

A lack of trust in service offerings, causing consumers not to reuse services because of unpredictable quality and performance issues

A disruption in processes by publishing services that don't fully conform to service-level requirements or by failing to assess the impact of change

Escalations in support costs through an onslaught of help desk and field service calls due to service issues and outages

A lack of interoperability , creating silos of business services and perpetuating the same challenges of a traditional, tightly coupled architecture

Non-compliance with regulations by failing to associate key policies with services

Security breaches by allowing arbitrary access to data and services

An overall SOA failure by letting chaos reign and perpetuating a "garbage in, garbage out" environment.

Summary Are you scared yet? You should be! Dedicate an architecture team to SOA governance Don’t do SOA on the cheap Understand that you don’t buy SOA, you do SOA and you will continue to do it ongoing Don’t try this at home! Get help from experts and hire the best and brightest. Dedicate a resource to Organizational Change Management (OCM)

Are you scared yet? You should be!

Dedicate an architecture team to SOA governance

Don’t do SOA on the cheap

Understand that you don’t buy SOA, you do SOA and you will continue to do it ongoing

Don’t try this at home! Get help from experts and hire the best and brightest.

Dedicate a resource to Organizational Change Management (OCM)