When: October 8-9th

Where: Omni Shoreham Hotel, Washington DC

Registration link: Register online here

Description of the Conference:

The response to the Washington DC ITARC has been amazing. Attendance is way up thanks to many organizations sending their entire teams.

Refer a Friend and Win A Zune!

Send out the email to a colleague or a friend. Have them put your name in the Referred By box when signing up.

Whoever gets the most wins!

Please take this opportunity to help us really blow the doors off of our first Washington DC conference. All you have to do to support your chapter is send out this flyer and attend the event.

• 2 day, 4 track event for 75% cheaper than any similar event
• Revenue goes to support local services in Washington DC
• Developed and run by Washington DC architects for Washington DC architects
• Great turnout this year = a bigger and better event next year at the same low price
• Discount code for friends and co-workers for 10% off: partner436

The conference only holds 300 so get registered today.

ITARC 2007 Agenda - The following lists the sessions available at the event. Attendees will be able to get a DVD with ALL sessions from all three ITARC locations (over 100 sessions). Check out a few of the events awesome lineup of speakers

• Key Notes:
  • Keynote: Where We Go From Here -- The Future of EA in Government
    Richard Burk, Chair Chief Architects Council, Chief Architect, OMB
  • Keynote: How to be a Successful IT Architect, Angela Yochem, IASA Fellow, SVP, Strategic Architecture Management Executive, Bank of America
  • Keynote: Large Scale Infrastructure Architecture - the MSN Challenge, Michael Manos , Chief Infrastructure Architect, Microsoft MSN
  • Keynote: Models and Success
    Fred Waskiewicz, Director of Standards, OMG
• Enterprise Architect Track
  • SOA Maturity Models, Steve Wolf, CTO, Marriott Hotels, Int'l.
  • Daniel Brookshier, NoMagic
  • Success in Enterprise Architecture through Collaboration, Craig S. Connell UniStar Nuclear
  • Models and Governance in the Enterprise ,Mark Foster, PM Customer Deployments, Troux
  • Service-Oriented Enterprise Architecture ,Yan Zhao, Director of Enterprise Architecture, CGI Federal
• Infrastructure Architect Track
  • Building an Effective Application Security Practice on a Shoestring Budget ,John Viega, McAfee
  • Securing Wireless Access for Vehicular Environments(WAVE),Timothy Weil, Booz-Allen
  • Making your systems smart (enough), James Taylor, Fair Isaac
  • Infrastructure Architecture in the Business Domain,Chris Haddad, VP of Architecture, Burton Group
• Software Architect Track
  • Perspective Based Architecture (The PBA Method), Lewis Curtis, Microsoft Corp
  • Model-Driven Agile Development, Steve Andrews, Fountainhead Solutions, LLC
  • SOA is Rubbish, Steve Craggs
  • Designing a Standard for Data Access in an SOA Environment, John Goodson, DataDirect
• Fundamentals Track
  • Agile Architecture, Jon Kern
  • Architecture Analysis Methods, Denise Cook, IBM Rational
  • Applying Performance Engineering principles throughout the SOA Lifecycle, Rich Larrabee
  • 'Gray Matter' - Facilitating Between Technology and Business, Ron Hulen

Click here to take a look at the full agenda.

Registration

Register before September 10, 2007 to receive a $100 discount. IASA members receive an additional discount in addition to the early bird special:

Register by September 10, 2007

IASA member
Non-member

$350

$500

Register after September 10, 2007

IASA member
Non-member

$450

$600

Click here to register online

Click here to register by check or all 512-615-7900

Questions or comments? Please contact events@IASAhome.org.

During the last step we began scratching the surface of the needs of the enterprise.  Clearly it was too broad a description to make any significant architectural decisions.  Agile practices provide us a simple and effective approach to address this... "involving the customer".   As we begin assembling the architecture we need to repeatedly, on might even say incrementally, engage the many representative communities the architecture is intended to support.  But how best to  do this?  How do we create something light-weight and easily consumable by application users, Project leads, IT managers, and CO's?   Personally I am a fan of the "Boxes and Lines" model so lets run with that for now.

For a macro level architecture a "Boxes and Lines" presentation might look something like this;

When we use Peer to Peer and the intent is to make every participant equal.  Or maybe this;

a Centralized approach where all the participants share a single core but don't interact with each other.  Another alternative might look like this;

A federation of participants comprised of mixed communication networks.  Most participants work autonomously but choose one or more relationships within the federation.

 Lets look at each and how well it does or doesn't support the enterprise.  In our fictional organization, Message2You we have a few guiding comments to consider;

• Organizations can enroll individual or groups of users Users as well as create non-user specific roles to receive messages. 
• Messages are validated, distributed, and secured against customer supplied rules. 
• Organization admin's can receive near real time status on individual messages and "correct" messages that fail to make their way through the rules gates. 

To this lets add a few more things learned during our on-going conversation with individuals throughout the enterprise;

• Changes made to a customer supplied rule need to effect every message immediately.
• Some messages must be processed ahead of all others,
• Some user organizations may not use a standard directory for their addresses, and last
• Message2You wants to buy more than they build.  Currently they have most of the Microsoft platform; Exchange, SQL, Office, etc...

So, are we looking at a Peer to Peer, Federated, or Centralized Architecture for Message2You? 

Peer to Peer is a contender but isn't a great fit for an implementation that needs to propagate changes quickly to all points.   It would however be a good choice for a highly reliable system and spreading the processing load may also prove and excellent way to scale without negatively impacting user perceived performance.

Centralized looks great on the surface.  Most of the control, monitoring, and performance issues are quickly settled in a centralized system.  It presents fewer moving parts and limited deployment issues.  Centralization fails to support multiple independent customer organizations.

Federated addresses the multiple customer organizations by allowing each participant solution to work as independently or as connected as it might but fails terribly on rapid dissemination of change as well as it's increased management and monitoring complexities.

If none of the macro architectures work what do we do?  Well there are two possibilities; first we can address the requirements and scope.  It ay be possible to negotiate with our customer and re-define success in such a way that it will better fit one of the macro architecture patterns.  Second we can look at combining the macro architectures and into a more problem specific composite architecture. 

I'm lean strongly toward the composite architecture.  One that provides the autonomous support of the federated architecture with the ease of management and responsiveness of a centralized architecture.  I do not see the need for a peer to peer implementation with the requirements as we know them, but that may well change as we discover more.  For now lets use this as a starting point;

This approach is centralized in that all the participating organization are required to use a centralized "core" to interact with any other organization while it has traits of federated allowing each participating organization to operate with some degree of autonomy.

It's still not enough to engage the customer in discussion.  For that we need to go down another level of detail and really begin to make it address the specific issue of the Message2You enterprise.

Next step: Further refining the architecture

Back from our information safari, its time to munge (that’s a technical term) through the end-users naratives(stories), legacy systems information (relics), and our own notes (journals) collected along the way in hopes of piecing the truth together.  Not just any truth, no we need to find a version of the truth that is both universally acceptable across the enterprise and internally consistent.  No one item is likely to be complete.  Most represent a single instance of a small portion of the broad enterprise.  Taken together we still won’t have a complete picture.  We can however knit together the parts that fit, extrapolate a few more, and apply our best estimate as to what might fill in the remaining empty spaces.

Let’s do a little walk-thru of the spoils. 

The largest collection may well be user stories.  I love these.  I have yet to meet an environment where everyone from upper management to line worker wasn’t delighted to tell stories about what they do every day.  I am careful to refer to these as stories.  Poetic license is expected and encouraged.  We need to get the flavor of the activities, the politics, and the priorities, along with the tasks and their steps.  Everything, from the monthly birthday parties to the distribution of paychecks conveys something worth getting into.  If nothing else, there is also a tremendous amount of good will gained by simply giving your time and listening to others.  Earn it now, you will need it later.  These stories can be characterized as incomplete static and dynamic views with easily attributable sources.

Next we have the relics.  When discussing the day to day goings on in an organization people tend to refer to things; phone books, manuals, memos, etc … when ever possible I ask for a access to or a copy of “it”.  The good news is placed in the context provided by the source, there is a tremendous amount of information in relics.  The bad news is that you are duty bound to read everything you get.  It is insulting to your source to get a relic only to bury it without review … read often, read fast, take good notes.  Relics frequently provide static views and doctrine.  There are definitive but may well be widely ignored in the real world.  It’s up to you to decide which is right.

Journals are tricky.  These are your notes.  Mine tend toward seemingly endless pages of nearly illegible scratching.  Partial sentences interspersed with the odd doodle. Sometimes there are drawings made by the person I’m talking to in a generally futile effort to get me to understand the relationship of process A to process D.  Or was that a B?  The point is, you need to review, edit, and generally translate your notes often.  Daily works for me.  If too much time passes you will likely loose some of the original fidelity.   I like to capture quotes when possible but I find a lot of my notes are really odd abuses of the Unified Modeling Language (UML).

Selecting the right mix of abstract and domain components is crucial to achieving an appropriate balance between investment and return.  Many a project has fallen into the tar pits of extreme analysis and overly complex inheritance hierarchies.  It may seem academically correct to root all entities in a few abstract base class such as item and person.  After all, what isn’t an item?  Documents, supplies, parking spaces, are all items in their own way.  The danger is in the details.  Consider a single students class schedule.  To fill a grid with a single semester’s information we might need to create instances of person, student, faculty, location, facility, time, calendar, item, document, and schedule.

 Seems a bit heavy handed.

So what is a viable alternative?  As with so many things related to design, it depends.  It depends on the limitations and capabilities inherent in the technology you chose to implement your solution.  It must pay homage to any known constraints of the deployed environment, as well as work with the skill sets of the staff. 

For this example;

• I am using Microsoft products,
• I have a capable but less than robust network,
• I will be serving a few thousand users who are spread out over several hundreds square miles but at least they are all in one time zone,
• Security is important but not mission critical within a user type (if one member of the faculty sees another’s schedule … no problem.  However a student should never see another student’s or any faculty information.)
• Management wants to conduct “what if” analysis of the course schedules and related faculty assignments,
• The team in predominantly mid level coders with a mix of Java, .Net, SQL server, and Oracle backgrounds, but has one very strong .Net developer as its lead.

 The immediate effects these constraints imply include;

• Being more stateless than not,
• Using OS based groups and roles,
• A high likelihood of implementing data level replication so that a given population is as close to their data as possible,
• Possibly creating a separate reporting facility for management, and
• Using a real database to perform fast aggregation activities.

 I would consider a significantly simplified design, more like this;

Schedule is arguably a core element in the domain.  It interacts with nearly all of the other elements in the domain.  It is certainly worthy of the creation of a simple callable façade. The heavy lifting, the aggregation of the various components of the schedule are delegated to the database engine via a stored procedure.  This allows use to implement security, pooling, partitioning, and replication.  At the heart of the action is the need to find the union of the various datasets.  The database already has the current values used to calculate a result.  Our tool, in this case SQL Server is a highly performant, scalable set theory processor.  In addition to meeting the needs of the environment, it limits network consumption by avoiding the various inter-object calls and their calls to the database for state information on construction.

Additional entities would be added AS NEEDED.  Architect for the largest possible known solution but build the smallest, simplest solution possible.

So what is the right mix of abstract and domain components for your enterprise?  Here are my top three questions to ask your self;

1)  What applications exist today (real and imagined) and how do they overlap?  In some circles this is called the enterprise portfolio.  Assuming you are not looking to do enterprise re-engineering, you need to create a map of the users and their tasks across the entirety of the business.  No other exercise will give you the breadth and depth of understanding needed to identify the core entities and services suitable for promotion to Domain component.

2)  What is the direction of the business and what might change?  It would be a best unfortunate to establish domain components representing aspects of the business about to be sold abandoned, and negligent to fail to account for a portion of the business slated to be acquired.

3)  What, in real numbers, are the capabilities and weaknesses of your IT infrastructure?  Enterprise solutions require communication and in our case that means networks.  If they are ineffective or missing entirely you might want to push enterprise architecture off for a while.  If they are in some areas than others, you have an opportunity to work with the IT infrastructure teams both identifying the issues and [balancing the usage or their prized assets.

Application development code is too focused and too volatile to be promoted across the enterprise, and enterprise code is too generic and too hard to change for it to precisely address application needs. Coming to an agreement on these ownership / boundaries within the enterprise is critical for the intertwined success of all parties involved. 

As a first step, I am proposing a simple ownership scheme.  Given the four major types of binaries (user, application, domain, plumbing) along the X axis and application and enterprise developers along they Y axis.  We can plot two curves reflecting who the "level of influence" assignable to either the developers or the enterprise. (see figure below)

The separation is not artificial, and reflects three very important principles;

• The enterprise can not shift the responsibility for the creation of enterprise parts to the application developers
• The Application needs can not drive the components developed for the domain or their supporting plumbing
• The enterprise should not do anything which drives the way an application addresses specific application needs or the presentation related to the same.

Next, we will look at implementing the parts within the control of the Enterprise Architecture.

I have mentioned in prior blogs my belief that an enterprise architecture is comprised of 3 intertwined components; standards, governance, and a repository of binaries.  I will address standards and binaries later. 

For now, I will focus on the concrete manifestation of governance.

Governance differs from standards in 2 important ways;

• While standards provide well known boundaries within which applications are expected to stay, standards will change and applications are expected to stray on occasion.  Governance, on the other hand, provides a clear immutable declaration of fact within the context of the enterprise.  Governance is inherently stable and exceptions should be few and far between.

• Standards are technical selections, usually one of many possibilities, where any alternative choice is likely to be equally effective. While governance is binary.  The only alternative to a given piece of governance is non-compliance.

For example, the preferred development in the enterprise language might be C++, but applications written in C# or visual basic would be equally consumable by users.  Making development language a clear candidate as a standard.  Conversly. maintaining a measurably high level of security in an environment is a candidate for governance. Applications either are or are not meeting the security metrics.

I like to think of good governance as those policies focused on the management of shared resources as well as policies which provide safety and security to the participating applications in the enterprise.

For kicks, here are a few more candidate governance items;

• typical, average, & maximum network bandwith consumed by an application.

• typical, average, & maximum storage used at the desktop, at local shared servers, near & off-line storage over time (1 -3 -5 years )

• Service levels for various categories (low priority, business necessary , mission critical, & highly available) of applications

• limits on public & internal attack surfaces

• audit & logging requirements and/or limits

• requirements and/or limits on the use of mobile code and remote invocation

• type and source of valid credentials within the enterprise

... More

The devil, as they say, is in the details.  Creating and issuing governance for an enterprise requires carefully crafting statements without ambiguity yet reasonable enough to be implemented.

A common phrase used to describe an enterprise architecture is a set of “living documents”.  I like it.  Short, simple, easy to understand … a living document.  Of course there is a dangerously complex implication lying just below the veneer of this simple metaphor.  Living implies change and growth.  It would seem to need to be feed and cared for.  Most importantly it begins as an immature child and develops into a mature contributor to its society.

Those of us who interact with enterprise architectures are affected by the living document metaphor in different ways depending on our role and the maturity of the architecture. 

You may be the parent, growing the architecture with new ideas, carefully cleaning away the little day to day dirt and grim that accumulates during the early draft phases.  You are its protector, fending off hungry projects looking to gorge on its young unallocated funding.  And you are its champion, fighting the good fight.  You turn nay-sayers in to supporters with tales of possibilities and the obvious future value your enterprise architecture will provide.

When initiating an enterprise architecture you survey your environment, talking to representative users, reading existing documentation, and studying current systems.  You seek the inherent problems the enterprise has in accomplishing the tasks it needs to perform in order to be successful.  You boil down the potentially voluminous data gathered and abstract your findings into the conceptual diagrams.  You aggregate important policies and standards into a cohesive and broadly applicable guidance document.  Applying some well known patterns and a few of your favorite concepts you evolve working documents into drafts and eventually into your proposed architecture.  Educated and armed, you lobby superiors, peers, and subordinates to aid you in implementing your new born document.

You may be the doctor, having received an urgent request from the worried parents you make a house call in hopes of identifying and repairing an ailing architecture.  Your years of experience, your deep understanding of how architectures work, and of course your calm bedside manner come together to reduce the fears and sooth away the pains.  Your prescriptions are sometimes difficult to take and always come with warnings.  Crisis averted you can only hope the parents will implement both recommended treatments and get you back for follow up visits.

You might tell yourself “no one calls when things are going well”.  It helps fight the cynicism induced by seeing nothing but sick, or failing architectures.  Doctoring and enterprise architecture is a fairly predictable process.  Assess the situation, calm the managers, gain their confidence, diagnose the most serious of the ailments, prescribe corrective actions, and hope you get the chance to move to a more preventative role.  The first three steps are pure soft skills.  You need to identify the ‘age’ of the architecture.  Are you a pediatrician, a general practitioner, or a gerontologist? Once you understand the context you need clear, truthful information from the locals to begin diagnosing the problems.  What are the symptoms? Are they based on real measurable facts (high temperature, low transaction rate) or are they ambiguous (stomach ache, security issues).  If the problem is clear you can certainly look at historically successful corrective measures but it is likely you will need to do a few tests first.  If the architecture is young you may create a few models to get a better understanding of the issues.  If it’s more mature you may use profilers, performance monitors, and debuggers to investigate further.  Armed with your test results you can provide the declarative remedy (with the necessary warning of possible side effects and encouragement to call again should symptoms continue or worsen.)

You may be the teacher, seeing the untapped potential in the enterprise architecture; you carefully insert just the right information at the right time.  While very young you provide stories of other successful architectures and their exploits.  You paint colorful pictures of systems supporting terabytes of data, massive concurrency, very high transaction rates, and global user communities.  These are the super heroes of the enterprise architecture world. You can but hope to instill a sense of the possible.  Later you begin the monotonous lessons relating rigor, discipline, reviews, change management, and the build process.  No glamour, just facts.  Hoping to build knowledge on who’s shoulders understanding can later stand.

Being an enterprise architecture consultant is very different than being an enterprise architect.  As a consultant we bring our experience, and hopefully the ability to transfer knowledge, to help others so that they may achieve.  We don’t build anything.  (OK, maybe we build confidence, but that’s not really the point.)  Ours is an art of subtle manipulation.  We can’t dump a well formed architecture on our customers and expect them to succeed any more than buying a 12 year old a set of encyclopedias and believing they now know everything.  The most successful consultants I know have a plan.  They know what needs to be addressed first and what needs a foundation in place to be useful.  Explaining the intricacies involved in balancing risks, constraints, dependencies, resources against tasks, goals, and metrics is silly if the enterprise lacks basic structure, clear scope, and tools.  Teaching takes time … teaching enterprise architecture takes LOTS of time … years, not days.  Ours is a commitment to stay the course.

Eventually, the enterprise architecture matures, becoming a stable adult and valuable participant in the larger system within which it lives and works.  Its boundaries and capabilities are well defined for all to see and interact with.  Less reticent to see a doctor the enterprise invites scrutiny, takes all feedback (the good and the bad) and implements controlled change to integrate it.  The prideful arrogance of youth has been replaced with an open team structure.  Any and all projects are welcome to use the architecture and more importantly promote parts of themselves into the core architectural constructs.

With age comes rigorous process, clarity of definition, and actionable intent.  Mature enterprise architectures have well defined and executed processes in place for continuous improvement.  Communication is the cornerstone of the teams working with and on the enterprise architecture.  Lessons learned, good and bad, are rapidly communicated to everyone in the enterprise through well known channels.  Reviews are sufficient without being onerous on the participants.  All in the architecture ambles along a well worn path in a predictable fashion … until the next generation comes on the scene.  Then it all begins again.