Taming the SOA Beast

When implementing a service-oriented architecture (SOA) or utilizing Web services, organizations can reuse business components — asset reuse being one of the core drivers of the SOA or Web service return on investment (ROI) calculation.

Although leveraging the service concept provides an avenue for application consolidation and reuse, these same efficiencies also introduce a distinct level of business risk.

Reusable components are core to the SOA vision in spite of the technical risks involved. In order to fully reap the benefits of SOA and Web services, it is critical that companies find an efficient and robust solution that mitigates risk, increases trust and ultimately promotes reuse.

The solution is a visible, objective and quantifiable quality process that provides users with the confidence to reuse these services.

Risk of Application Consolidation

In an architecture where multiple distributed applications provide a specific operation, should a single application fail then the impact of the application downtime is isolated to a limited set of users.

Conversely, the practices of application consolidation and service reuse concentrate operations into fewer applications or perhaps a single point of failure. When a service fails, the impact or risk associated with it increases as more entities or business processes are dependent on that service.

Therefore, if a business entity consolidates its applications, exposes a specific operation as a service and the service fails, the potential enterprise-wide exposure to the service downtime can cause significantly more risk.

Learning From the Auto Industry

The automotive industry has learned how to create visible quality processes in order to instill trust in reused products.

Automakers have spent a lot of money branding certification programs with the purpose of instilling trust in buyers that their used cars are secure, reliable and valuable.

In fact, there really is no such thing as a used car (or a reused car) in the auto industry. Instead, these “reused” assets are re-branded as “certified pre-owned” cars. A visible and comprehensible quality program has evolved the “used car” into a functional, reliable reusable asset by the consumers that purchase them.

The trust and confidence exhibited by used car buyers are a direct result of the visible certification (quality) programs of auto companies.

Automakers utilize visible, objective and quantifiable metrics to demonstrate that their pre-owned cars (or reused assets) are indeed secure, reliable and valuable.

If any of these quality metrics were absent, confidence and trust in the used car would also be absent. For example, a check of the car ensures quality control, financing provides a monetary reward for purchasing the car and the warranty provides additional security should the quality degrade over time. Each of these metrics increases consumer trust and, ultimately, promotes reuse.

The key to such certification programs is the visibility with which they are presented, lead by the “certification” seal.

Promoting and instilling trust in reused business components in an SOA model should be approached in the same manner as the certification of pre-owned cars — a visible quality process must be in place in order to trust the reusable assets.

Creating That Visible Quality Process

Similar to the certification programs of used cars, inspection points of business components must be established, executed and measured before designing or exploring a SOA project.

Such a process must be clearly defined, objective, reliable and repeatable in order to promote trust in the business components that are to be reused either internally or externally.

When exposing business information and operations either within the enterprise — or by sharing data with partners externally — the business must ensure that each part of its system is reliable, and that all of these parts interact flawlessly and securely.

Visible quality metrics are necessary to promote internal adoption and reuse, as well as to promote business continuity by providing enough metrics to assure and promote trust with external partners.

Internally, the business must enable itself using these business components. The development organization and business groups must be aware that these business assets are available and valuable. Ultimately, the organization must have trust that the business components they choose to leverage are secure, reliable and compliant.

Externally, the organization must enable its partners to leverage these business assets. With external reuse, the issue of risk compounds because of the mission-critical aspect of these business transactions.

One hour’s downtime, for instance, not only creates substantial losses in revenue but, more importantly, conjures a perceived lack of quality and reliability in the company in general. Therefore, trust is especially important when reusing external business components.

At the very minimum, companies should utilize interoperability, unit, scenario, regression, performance and security penetration testing to provide the necessary inspection points for their business components.

Taming Those Legacy Systems

As with the certification processes the automotive industry utilizes, a visible and capable quality process is critical for the success of SOA, as well. The lack of visibility and an objectively measurable process can lead the organization and its partners to simply not reuse the business components.

This lack of trust, which is reasonable when dealing with mission-critical business process, will deteriorate the efficiencies that the SOA model promises.

Companies have invested heavily in building and stabilizing the legacy systems that support vital business components. SOA can offer these companies an efficient, robust way to decrease integration expense, increase business agility and consolidate applications through the reuse of valuable business components.

SOA offers ubiquitous access to services and the capability to share data with business partners, customers and information systems with unparalleled efficiencies.

However, reusing business components via SOA increases risk. To mitigate risk, a visible and measurable quality process must be applied to promote trust and adoption, as well as increase the quality of an organization’s applications.