The Open Group San Francisco 2014 – Day Two Highlights

By Loren K. Baynes, Director, Global Marketing Communications

Day two, February 4th, of The Open Group San Francisco conference kicked off with a welcome and opening remarks from Steve Nunn, COO of The Open Group and CEO of the Association of Enterprise Architects.

Nunn introduced Allen Brown, President and CEO of The Open Group, who provided highlights from The Open Group’s last quarter.  As of Q4 2013, The Open Group had 45,000 individual members in 134 countries hailing from 449 member companies in 38 countries worldwide. Ten new member companies have already joined The Open Group in 2014, and 24 members joined in the last quarter of 2013, with the first member company joining from Vietnam. In addition, 6,500 individuals attended events sponsored by The Open Group in Q4 2013 worldwide.

Updates on The Open Group’s ongoing work were provided including updates on the FACE™ Consortium, DirectNet® Waveform Standard, Architecture Forum, Archimate® Forum, Open Platform 3.0™ Forum and Security Forum.

Of note was the ongoing development of TOGAF® and introduction of a three-volume work including individual volumes outlining the TOGAF framework, guidance and tools and techniques for the standard, as well as collaborative work that allows the Archimate modeling language to be used for risk management in enterprise architectures.

In addition, Open Platform 3.0 Forum has already put together 22 business use cases outlining ROI and business value for various uses related to technology convergence. The Cloud Work Group’s Cloud Reference Architecture has also been submitted to ISO for international standards certification, and the Security Forum has introduced certification programs for OpenFAIR risk management certification for individuals.

The morning plenary centered on The Open Group’s Dependability through Assuredness™ (O-DA) Framework, which was released last August.

Speaking first about the framework was Dr. Mario Tokoro, Founder and Executive Advisor for Sony Computer Science Laboratories. Dr. Tokoro gave an overview of the Dependable Embedded OS project (DEOS), a large national project in Japan originally intended to strengthen the country’s embedded systems. After considerable research, the project leaders discovered they needed to consider whether large, open systems could be dependable when it came to business continuity, accountability and ensuring consistency throughout the systems’ lifecycle. Because the boundaries of large open systems are ever-changing, the project leaders knew they must put together dependability requirements that could accommodate constant change, allow for continuous service and provide continuous accountability for the systems based on consensus. As a result, they put together a framework to address both the change accommodation cycle and failure response cycles for large systems – this framework was donated to The Open Group’s Real-Time Embedded Systems Forum and released as the O-DA standard.

Dr. Tokoro’s presentation was followed by a panel discussion on the O-DA standard. Moderated by Dave Lounsbury, VP and CTO of The Open Group, the panel included Dr. Tokoro; Jack Fujieda, Founder and CEO ReGIS, Inc.; T.J. Virdi, Senior Enterprise IT Architect at Boeing; and Bill Brierly, Partner and Senior Consultant, Conexiam. The panel discussed the importance of openness for systems, iterating the conference theme of boundaries and the realities of having standards that can ensure openness and dependability at the same time. They also discussed how the O-DA standard provides end-to-end requirements for system architectures that also account for accommodating changes within the system and accountability for it.

Lounsbury concluded the track by iterating that assuring systems’ dependability is not only fundamental to The Open Group mission of Boundaryless Information Flow™ and interoperability but also in preventing large system failures.

Tuesday’s late morning sessions were split into two tracks, with one track continuing the Dependability through Assuredness theme hosted by Joe Bergmann, Forum Chair of The Open Group’s Real-Time and Embedded Systems Forum. In this track, Fujieda and Brierly furthered the discussion of O-DA outlining the philosophy and vision of the standard, as well as providing a roadmap for the standard.

In the morning Business Innovation & Transformation track, Alan Hakimi, Consulting Executive, Microsoft presented “Zen and the Art of Enterprise Architecture: The Dynamics of Transformation in a Complex World.” Hakimi emphasized that transformation needs to focus on a holistic view of an organization’s ecosystem and motivations, economics, culture and existing systems to help foster real change. Based on Buddhist philosophy, he presented an eightfold path to transformation that can allow enterprise architects to approach transformation and discuss it with other architects and business constituents in a way that is meaningful to them and allows for complexity and balance.

This was followed by “Building the Knowledge-Based Enterprise,” a session given by Bob Weisman, Head Management Consultant for Build the Vision.

Tuesday’s afternoon sessions centered on a number of topics including Business Innovation and Transformation, Risk Management, Archimate, TOGAF tutorials and case studies and Professional Development.

In the Archimate track, Vadim Polyakov of Inovalon, Inc., presented “Implementing an EA Practice in an Agile Enterprise” a case study centered on how his company integrated its enterprise architecture with the principles of agile development and how they customized the Archimate framework as part of the process.

The Risk Management track featured William Estrem, President, Metaplexity Associates, and Jim May of Windsor Software discussing how the Open FAIR Standard can be used in conjunction with TOGAF 9.1 to enhance risk management in organizations in their session, “Integrating Open FAIR Risk Analysis into the Enterprise Architecture Capability.” Jack Jones, President of CXOWARE, also discussed the best ways for “Communicating the Value Proposition” for cohesive enterprise architectures to business managers using risk management scenarios.

The plenary sessions and many of the track sessions from today’s tracks can be viewed on The Open Group’s Livestream channel at http://new.livestream.com/opengroup.

The day culminated with dinner and a Lion Dance performance in honor of Chinese New Year performed by Leung’s White Crane Lion & Dragon Dance School of San Francisco.

We would like to express our gratitude for the support by our following sponsors:  BIZZDesign, Corso, Good e-Learning, I-Server and Metaplexity Associates.

IMG_1460 copy

O-DA standard panel discussion with Dave Lounsbury, Bill Brierly, Dr. Mario Tokoro, Jack Fujieda and TJ Virdi

Leave a comment

Filed under Conference, Enterprise Architecture, Enterprise Transformation, Standards, TOGAF®, Uncategorized

Why Technology Must Move Toward Dependability through Assuredness™

By Allen Brown, President and CEO, The Open Group

In early December, a technical problem at the U.K.’s central air traffic control center in Swanwick, England caused significant delays that were felt at airports throughout Britain and Ireland, also affecting flights in and out of the U.K. from Europe to the U.S. At Heathrow—one of the world’s largest airports—alone, there were a reported 228 cancellations, affecting 15 percent of the 1,300 daily flights flying to and from the airport. With a ripple effect that also disturbed flight schedules at airports in Birmingham, Dublin, Edinburgh, Gatwick, Glasgow and Manchester, the British National Air Traffic Services (NATS) were reported to have handled 20 percent fewer flights that day as a result of the glitch.

According to The Register, the problem was caused when a touch-screen telephone system that allows air traffic controllers to talk to each other failed to update during what should have been a routine shift change from the night to daytime system. According to news reports, the NATS system is the largest of its kind in Europe, containing more than a million lines of code. It took the engineering and manufacturing teams nearly a day to fix the problem. As a result of the snafu, Irish airline Ryanair even went so far as to call on Britain’s Civil Aviation Authority to intervene to prevent further delays and to make sure better contingency efforts are in place to prevent such failures happening again.

Increasingly complex systems

As businesses have come to rely more and more on technology, the systems used to keep operations running smoothly from day to day have gotten not only increasingly larger but increasingly complex. We are long past the days where a single mainframe was used to handle a few batch calculations.

Today, large global organizations, in particular, have systems that are spread across multiple centers of technical operations, often scattered in various locations throughout the globe. And with industries also becoming more inter-related, even individual company systems are often connected to larger extended networks, such as when trading firms are connected to stock exchanges or, as was the case with the Swanwick failure, airlines are affected by NATS’ network problems. Often, when systems become so large that they are part of even larger interconnected systems, the boundaries of the entire system are no longer always known.

The Open Group’s vision for Boundaryless Information Flow™ has never been closer to fruition than it is today. Systems have become increasingly open out of necessity because commerce takes place on a more global scale than ever before. This is a good thing. But as these systems have grown in size and complexity, there is more at stake when they fail than ever before.

The ripple effect felt when technical problems shut down major commercial systems cuts far, wide and deep. Problems such as what happened at Swanwick can affect the entire extended system. In this case, NATS, for example, suffers from damage to its reputation for maintaining good air traffic control procedures. The airlines suffer in terms of cancelled flights, travel vouchers that must be given out and angry passengers blasting them on social media. The software manufacturers and architects of the system are blamed for shoddy planning and for not having the foresight to prevent failures. And so on and so on.

Looking for blame

When large technical failures happen, stakeholders, customers, the public and now governments are beginning to look for accountability for these failures, for someone to assign blame. When the Obamacare website didn’t operate as expected, the U.S. Congress went looking for blame and jobs were lost. In the NATS fiasco, Ryanair asked for the government to intervene. Risk.net has reported that after the Royal Bank of Scotland experienced a batch processing glitch last summer, the U.K. Financial Services Authority wrote to large banks in the U.K. requesting they identify the people in their organization’s responsible for business continuity. And when U.S. trading company Knight Capital lost $440 million in 40 minutes when a trading software upgrade failed in August, U.S. Securities and Exchange Commission Chairman Mary Schapiro was quoted in the same article as stating: “If there is a financial loss to be incurred, it is the firm committing the error that should suffer that loss, not its customers or other investors. That more than anything sends a wake-up call to the entire industry.”

As governments, in particular, look to lay blame for IT failures, companies—and individuals—will no longer be safe from the consequences of these failures. And it won’t just be reputations that are lost. Lawsuits may ensue. Fines will be levied. Jobs will be lost. Today’s organizations are at risk, and that risk must be addressed.

Avoiding catastrophic failure through assuredness

As any IT person or Enterprise Architect well knows, completely preventing system failure is impossible. But mitigating system failure is not. Increasingly the task of keeping systems from failing—rather than just up and running—will be the job of CTOs and enterprise architects.

When systems grow to a level of massive complexity that encompasses everything from old legacy hardware to Cloud infrastructures to worldwide data centers, how can we make sure those systems are reliable, highly available, secure and maintain optimal information flow while still operating at a maximum level that is cost effective?

In August, The Open Group introduced the first industry standard to address the risks associated with large complex systems, the Dependability through Assuredness™ (O-DA) Framework. This new standard is meant to help organizations both determine system risk and help prevent failure as much as possible.

O-DA provides guidelines to make sure large, complex, boundaryless systems run according to the requirements set out for them while also providing contingencies for minimizing damage when stoppage occurs. O-DA can be used as a standalone or in conjunction with an existing architecture development method (ADM) such as the TOGAF® ADM.

O-DA encompasses lessons learned within a number of The Open Group’s forums and work groups—it borrows from the work of the Security Forum’s Dependency Modeling (O-DM) and Risk Taxonomy (O-RT) standards and also from work done within the Open Group Trusted Technology Forum and the Real-Time and Embedded Systems Forums. Much of the work on this standard was completed thanks to the efforts of The Open Group Japan and its members.

This standard addresses the issue of responsibility for technical failures by providing a model for accountability throughout any large system. Accountability is at the core of O-DA because without accountability there is no way to create dependability or assuredness. The standard is also meant to address and account for the constant change that most organization’s experience on a daily basis. The two underlying principles within the standard provide models for both a change accommodation cycle and a failure response cycle. Each cycle, in turn, provides instructions for creating a dependable and adaptable architecture, providing accountability for it along the way.

oda2

Ultimately, the O-DA will help organizations identify potential anomalies and create contingencies for dealing with problems before or as they happen. The more organizations can do to build dependability into large, complex systems, hopefully the less technical disasters will occur. As systems continue to grow and their boundaries continue to blur, assuredness through dependability and accountability will be an integral part of managing complex systems into the future.

Allen Brown

Allen Brown is President and CEO, The Open Group – a global consortium that enables the achievement of business objectives through IT standards.  For over 14 years Allen has been responsible for driving The Open Group’s strategic plan and day-to-day operations, including extending its reach into new global markets, such as China, the Middle East, South Africa and India. In addition, he was instrumental in the creation of the AEA, which was formed to increase job opportunities for all of its members and elevate their market value by advancing professional excellence.

Leave a comment

Filed under Dependability through Assuredness™, Standards

The Open Group San Francisco 2014 – Day One Highlights

By Loren K. Baynes, Director, Global Marketing Communications

The Open Group’s San Francisco conference, held at the Marriott Union Square, began today highlighting the theme of how the industry is moving Toward Boundaryless Information Flow™.”

The morning plenary began with a welcome from The Open Group President and CEO Allen Brown.  He began the day’s sessions by discussing the conference theme, reminding the audience that The Open Group’s vision of Boundaryless Information Flow began in 2002 as a means to breakdown the silos within organizations and provide better communications within, throughout and beyond organizational walls.

Heather Kreger, Distinguished Engineer and CTO of International Standards at IBM, presented the first session of the day, “Open Technologies Fuel the Business and IT Renaissance.” Kreger discussed how converging technologies such as social and mobile, Big Data, the Internet of Things, analytics, etc.—all powered by the cloud and open architectures—are forcing a renaissance within both IT and companies. Fueling this renaissance is a combination of open standards and open source technologies, which can be used to build out the platforms needed to support these technologies at the speed that is enabling innovation. To adapt to these new circumstances, architects should broaden their skillsets so they have deeper skills and competencies in multiple disciplines, technologies and cultures in order to better navigate this world of open source based development platforms.

The second keynote of the morning, “Enabling the Opportunity to Achieve Boundaryless Information Flow™,” was presented by Larry Schmidt, HP Fellow at Hewlett-Packard, and Eric Stephens, Enterprise Architect, Oracle. Schmidt and Stephens addressed how to cultivate a culture within healthcare ecosystems to enable better information flow. Because healthcare ecosystems are now primarily digital (including not just individuals but technology architectures and the Internet of Things), boundaryless communication is imperative so that individuals can become the managers of their health and the healthcare ecosystem can be better defined. This in turn will help in creating standards that help solve the architectural problems currently hindering the information flow within current healthcare systems, driving better costs and better outcomes.

Following the first two morning keynotes Schmidt provided a brief overview of The Open Group’s new Healthcare Forum. The forum plans to leverage existing Open Group best practices such as harmonization, existing standards (such as TOGAF®) and work with other forums and vertical to create new standards to address the problems facing the healthcare industry today.

Mike Walker, Enterprise Architect at Hewlett-Packard, and Mark Dorfmueller, Associate Director Global Business Services for Procter & Gamble, presented the morning’s final keynote entitled “Business Architecture: The Key to Enterprise Transformation.” According to Walker, business architecture is beginning to change how enterprise architecture is done within organizations. In order to do so, Walker believes that business architects must be able to understand business processes, communicate ideas and engage with others (including other architects) within the business and offer services in order to implement and deliver successful programs. Dorfmueller illustrated business architecture in action by presenting how Procter & Gamble uses their business architecture to change how business is done within the company based on three primary principles—being relevant, practical and making their work consumable for those within the company that implement the architectures.

The morning plenary sessions culminated with a panel discussion on “Future Technology and Enterprise Transformation,” led by Dave Lounsbury, VP and CTO of The Open Group. The panel, which included all of the morning’s speakers, took a high-level view of how emerging technologies are eroding traditional boundaries within organizations. Things within IT that have been specialized in the past are now becoming commoditized to the point where they are now offering new opportunities for companies. This is due to how commonplace they’ve become and because we’re becoming smarter in how we use and get value out of our technologies, as well as the rapid pace of technology innovation we’re experiencing today.

Finally, wrapping up the morning was the Open Trusted Technology Forum (OTTF), a forum of The Open Group, with forum director Sally Long presenting an overview of a new Open Trusted Technology Provider™ Standard (O-TTPS) Accreditation Program which launched today.  The program is the first such accreditation to provide third-party certification for companies guaranteeing their supply chains are free from maliciously tainted or counterfeit products and conformant to the Open Trusted Technology Provider™ Standard (O-TTPS). IBM is the first company to earn the accreditation and there are at least two other companies that are currently going through the accreditation process.

Monday’s afternoon sessions were split between two tracks, Enterprise Architecture (EA) and Enterprise Transformation and Open Platform 3.0.

In the EA & Enterprise Transformation track, Purna Roy and John Raspen, both Directors of Consulting at Cognizant Technology Solutions, discussed the need to take a broad view and consider factors beyond just IT architectures in their session, “Enterprise Transformation: More than an Architectural Transformation.”  In contrast, Kirk DeCosta, Solution Architect at PNC Financial Services, argued that existing architectures can indeed serve as the foundation for transformation in “The Case for Current State – A Contrarian Viewpoint.”

The Open Platform 3.0 track addressed issues around the convergence of technologies based on cloud platforms, including the impact of Big Data as an enabler of information architectures by Helen Sun, Enterprise Architect at Oracle, and predictive analytics. Dipanjan Sengupta, Principal Architect at Cognizant Technology Solutions, discussed why integration platforms are critical for managing distribution application portfolios in “The Need for a High Performance Integration Platform in the Cloud Era.”

Today’s plenary sessions and many of the track sessions can be viewed on The Open Group’s Livestream channel at http://new.livestream.com/opengroup.

The day ended with an opportunity for everyone to share cocktails and conversation at a networking reception held at the hotel.

photo

Andras Szakal, VP & CTO, IBM U.S. Federal and Chair of the OTTF, presented with a plaque in honor of IBM’s contribution to the O-TTPS Accreditation Program, along with the esteemed panel who were key to the success of the launch.

Leave a comment

Filed under Uncategorized, Enterprise Architecture, Business Architecture, Enterprise Transformation, Conference

New Accreditation Program – Raises the Bar for Securing Global Supply Chains

By Sally Long, Director of The Open Group Trusted Technology Forum (OTTF)™

In April 2013, The Open Group announced the release of the Open Trusted Technology Provider™ Standard (O-TTPS) 1.0 – Mitigating Maliciously Tainted and Counterfeit Products. Now we are announcing the O-TTPS Accreditation Program, launched on February 3, 2014, which enables organizations that conform to the standard to be accredited as Open Trusted Technology Providers™.

The O-TTPS, a standard of The Open Group, provides a set of guidelines, recommendations and requirements that help assure against maliciously tainted and counterfeit products throughout commercial off-the-shelf (COTS) information and communication technology (ICT) product lifecycles. The standard includes best practices throughout all phases of a product’s life cycle: design, sourcing, build, fulfillment, distribution, sustainment, and disposal, thus enhancing the integrity of COTS ICT products and the security of their global supply chains.

This accreditation program is one of the first of its kind in providing accreditation for conforming to standards for product integrity coupled with supply chain security.

The standard and the accreditation program are the result of a collaboration between government, third party evaluators and some of industry’s most mature and respected providers who came together and, over a period of four years, shared their practices for integrity and security, including those used in-house and those used with their own supply chains.

Applying for O-TTPS Accreditation

When the OTTF started this initiative, one of its many mantras was “raise all boats.” The  objective was to raise the security bar across the full spectrum of the supply chain, from small component suppliers to the providers who include those components in their products and to the integrators who incorporate those providers’ products into customers’ systems.

The O-TTPS Accreditation Program is open to all component suppliers, providers and integrators. The holistic aspect of this program’s potential, as illustrated in the diagram below should not be underestimated—but it will take a concerted effort to reach and encourage all constituents in the supply chain to become involved.

OTTPSThe importance of mitigating the risk of maliciously tainted and counterfeit products

The focus on mitigating the risks of tainted and counterfeit products by increasing the security of the supply chain is critical in today’s global economy. Virtually nothing is made from one source.

COTS ICT supply chains are complex. A single product can be comprised of hundreds of components from multiple component suppliers from numerous different areas around the world—and providers can change their component suppliers frequently depending on the going rate for a particular component.  If, along the supply chain, bad things happen, such as inserting counterfeit components in place of authentic ones or inserting maliciously tainted code or the double-hammer—maliciously tainted counterfeit parts—then terrible things can happen when that product is installed at a customer site.

With the threat of tainted and counterfeit technology products posing a major risk to global organizations, it is increasingly important for those organizations to take what steps they can to mitigate these risks. The O-TTPS Accreditation Program is one of those steps. Can an accreditation program completely eliminate the risk of tainted and counterfeit components? No!  Does it reduce the risk? Absolutely!

How the Accreditation Program works

The Open Group, with over 25 years’ experience managing vendor- and technology-neutral certification programs, will assume the role of the Accreditation Authority over the entire program. Additionally the program will utilize third-party assessors to assess conformance to the O-TTPS requirements.

Companies seeking accreditation will declare their Scope of Accreditation, which means they can choose to be accredited for conforming to the O-TTPS standard and adhering to the best practice requirements across their entire enterprise, within a specific product line or business unit or within an individual product.  Organizations applying for accreditation are then required to provide evidence of conformance for each of the O-TTPS requirements, demonstrating they have the processes in place to secure in-house development and their supply chains across the entire COTS ICT product lifecycle. O-TTPS accredited organizations will then be able to identify themselves as Open Trusted Technology Providers™ and will become part of a public registry of trusted providers.

The Open Group has also instituted the O-TTPS Recognized Assessor Program, which assures that Recognized Assessor (companies) meet certain criteria as assessor organizations and that their assessors (individuals) meet an additional set of criteria and have passed the O-TTPS Assessor exam, before they can be assigned to an O-TTPS Assessment. The Open Group will operate this program, grant O-TTPS Recognized Assessor certificates and list those qualifying organizations on a public registry of recognized assessor companies.

Efforts to increase awareness of the program

The Open Group understands that to achieve global uptake we need to reach out to other countries across the globe for market adoption, as well as to other standards groups for harmonization. The forum has a very active outreach and harmonization work group and the OTTF is increasingly being recognized for its efforts. A number of prominent U.S. government agencies, including the General Accounting Office and NASA have recognized the standard as an important supply chain security effort. Dave Lounsbury, the CTO of The Open Group, has testified before Congress on the value of this initiative from the industry-government partnership perspective. The Open Group has also met with President Obama’s Cybersecurity Coordinators (past and present) to apprise them of our work. We continue to work closely with NIST from the perspective of the Cybersecurity Framework, which recognizes the supply chain as a critical area for the next version, and the OTTF work is acknowledged in NIST’s Special Publication 161. We have liaisons with ISO and are working internally at mapping our standards and accreditation to Common Criteria. The O-TTPS has also been discussed with government agencies in China, India, Japan and the UK.

The initial version of the standard and the accreditation program are just the beginning. OTTF members will continue to evolve both the standard and the accreditation program to provide additional versions that refine existing requirements, introduce additional requirements, and cover additional threats. And the outreach and harmonization efforts will continue to strengthen so that we can reach that holistic potential of Open Trusted Technology Providers™ throughout all global supply chains.

For more details on the O-TTPS accreditation program, to apply for accreditation, or to learn more about becoming an O-TTPS Recognized Assessor visit the O-TTPS Accreditation page.

For more information on The Open Group Trusted Technology Forum please visit the OTTF Home Page.

The O-TTPS standard and the O-TTPS Accreditation Policy they are freely available from the Trusted Technology Section in The Open Group Bookstore.

For information on joining the OTTF membership please contact Mike Hickey – m.hickey@opengroup.org

Sally LongSally Long is the Director of The Open Group Trusted Technology Forum (OTTF). She has managed customer supplier forums and collaborative development projects for over twenty years. She was the release engineering section manager for all multi-vendor collaborative technology development projects at The Open Software Foundation (OSF) in Cambridge Massachusetts. Following the merger of the OSF and X/Open under The Open Group, she served as director for multiple forums in The Open Group. Sally has a Bachelor of Science degree in Electrical Engineering from Northeastern University in Boston, Massachusetts.

Leave a comment

Filed under Cybersecurity, OTTF, Supply chain risk

What I learnt at The Open Group Bangalore Conference last weekend

By Sreekanth Iyer, Executive IT Architect, IBM

It was quite a lot of learning on a Saturday attending The Open Group conference at Bangalore. Actually it was a two day program this year. I could not make it on Friday because of other work commitments. I heard from the people who attended that it was a great session on Friday. At least I knew about a fellow IBMer Jithesh Kozhipurath’s presentation on Friday. I’d the chance to look at that excellent material on applying TOGAF® practices for integrated IT Operations Enterprise Architecture which was his experience sharing of the lab infra optimization work that he was leading.

I started bit late on Saturday, thinking it was happening at the Leela Palace which was near to my home (Ah.. that was in 2008) Realized late that it was at the Philips Innovation Campus at Manyata. But managed to reach just on time before the start of the sessions.

The day started with an Architecture as a Service discussion. The presentation was short but there were lot of interesting questions and interactions post the session.  I was curious know more about the “self-service” aspect on that topic.

Then we had Jason Uppal of ClinicialMessage Inc. on stage (see picture below) , who gave a wonderful presentation on the human touch to the architecture and how to leverage EA to make disruptive changes without disrupting the working systems.

Jason bangaloreLots of take-aways from the session. Importantly the typical reasons why certain Architectures can fail… caused many a times we have a solution already in our mind and we are trying to fit that into the requirement. And most of these times if we look at the Requirements artifact we will be see that the problems are not rightly captured. Couldn’t agree more with the good practices that he discussed.

Starting with  “Identifying the Problem Right” – I thought that is definitely the first and important step in Architecture.  Then Jason talked about significance of communicating and engaging people and stakeholders in the architecture — point that he drove home with a good example from the health care industry. He talked about the criticality of communicating and engaging the stakeholders — engagement of course improves quality. Building the right levers in the architecture and solving the whole problem were some of the other key points that I noted down. More importantly the key message was as Architects, we have to go beyond drawing the lines and boxes to deliver the change, may be look to deliver things that can create an impact in 30 days balancing the short term and long term goals.

I got the stage for couple of minutes to update on the AEA Bangalore Chapter activities. My request to the attendees was to leverage the chapter for their own professional development – using that as a platform to share expertise, get answers to queries, connect with other professionals of similar interest and build the network. Hopefully will see more participation in the Bangalore chapter events this year.

On the security track, had multiple interesting sessions. Began with Jim Hietala of The Open Group discussing the Risk Management Framework. I’ve been attending a course on the subject. But this one provided a lot of insight on the taxonomy (O-RT) and the analysis part – more of taking a quantitative approach than a qualitative approach. Though the example was based on risks with regard to laptop thefts, there is no reason we can’t apply the principles to real issues like quantifying the threats for moving workloads to cloud. (that’s another to-do added to my list).

Then it was my session on the Best practices for moving workloads to cloud for Indian Banks. Talked about the progress so far with the whitepaper. The attendees were limited as there was Jason’s EA workshop happening in parallel. But those who attended were really interested in the subject. We did have a good discussion on the benefits, challenges and regulations with regard to the Indian Banking workloads and their movement to cloud.  We discussed few interesting case studies. There are areas that need more content and I’ve requested the people who attended the session to participate in the workgroup. We are looking at getting a first draft done in the next 30 days.

Finally, also sat in the presentation by Ajit A. Matthew on the security implementation at Intel. Everywhere the message is clear. You need to implement context based security and security intelligence to enable the new age innovation but at the same time protect your core assets.

It was a Saturday well spent. Added had some opportunities to connect with few new folks and understand their security challenges with cloud.  Looking to keep the dialog going and have an AEA Bangalore chapter event sometime during Q1. In that direction, I took the first step to write this up and share with my network.

Event Details:
The Open Group Bangalore, India
January 24-25, 2014

Sreekanth IyerSreekanth Iyer is an Executive IT Architect in IBM Security Systems CTO office and works on developing IBM’s Cloud Security Technical Strategy. He is an Open Group Certified Distinguished Architect and is a core member of the Bangalore Chapter of the Association of Enterprise Architects. He has over 18 years’ industry experience and has led several client solutions across multiple industries. His key areas of work include Information Security, Cloud Computing, SOA, Event Processing, and Business Process management. He has authored several technical articles, blogs and is a core contributor to multiple Open Group as well as IBM publications. He works out of the IBM India Software Lab Bangalore and you can follow him on Twitter @sreek.

Leave a comment

Filed under Enterprise Architecture, TOGAF®, Conference, Healthcare

The ArchiMate® Certification for People Program 2014 Updates

By Andrew Josey, The Open Group

Following on from the news in December of the 1000th certification in the ArchiMate certification program, The Open Group has made some changes to the program that will make the certification program more accessible. As of January 2014, it is now possible to self study for both certification levels.  Previously to achieve the Level 2 certification, known as ArchiMate 2 Certified, attendance at a course was mandatory.

To accommodate this, a revised examination structure has been introduced as shown in the diagram below:ArchiMate_2_exam

There are two levels of certification:

  • ArchiMate Foundation: Knowledge of the notation, terminology, structure, and concepts of the ArchiMate modeling language.
  • ArchiMate Certified: In addition to Knowledge and comprehension, the ability to analyze and apply the ArchiMate modeling language.

Candidates are able to choose whether they wish to become certified in a stepwise manner by starting with ArchiMate 2 Foundation and then at a later date ArchiMate 2 Certified, or bypass ArchiMate 2 Foundation and go directly to ArchiMate 2 Certified.

For those going directly to ArchiMate 2 Certified there is a choice of taking the two examinations separately or a Combined examination. The advantage of taking the two examinations over the single Combined examination is that if you pass Part 1 but fail Part 2 you can still qualify for ArchiMate 2 Foundation.

The ArchiMate 2 Part 1 examination comprises 40 questions in simple multiple choice format. The ArchiMate 2 Part 2 examination comprises 8 question using a gradient scored, scenario based format. Practice examinations are included as part of an Accredited ArchiMate Training course and available with the Study Guide.

The examinations are delivered either at Prometric test centers or by Accredited Training Course Providers through The Open Group Internet Based Testing portal.

You can find an available accredited training course either by viewing the public Calendar of Accredited Training Courses or by contacting a provider using the Register of Accredited Training Courses.

The ArchiMate 2 Certification Self-Study Pack is available at http://www.opengroup.org/bookstore/catalog/b132.htm.

The hardcopy of the ArchiMate 2 Certification Study Guide is available to order from Van Haren Publishing at http://www.vanharen.net/9789401800020

ArchiMate is a registered trademark of The Open Group.

 Andrew Josey is Director of Standards within The Open Group. He is currently managing the standards process for The Open Group, and has recently led the standards development projects for TOGAF 9.1, ArchiMate 2.1, IEEE Std 1003.1-2008 (POSIX), and the core specifications of the Single UNIX Specification, Version 4. Previously, he has led the development and operation of many of The Open Group certification development projects, including industry-wide certification programs for the UNIX system, the Linux Standard Base, TOGAF, and IEEE POSIX. He is a member of the IEEE, USENIX, UKUUG, and the Association of Enterprise Architects.

Leave a comment

Filed under ArchiMate®, Certifications, Enterprise Architecture

Future Shock: Why IT Needs to Embrace Agile Development or Be Left Behind

By Allen Brown, President and CEO, The Open Group

In his 1970 bestseller, Future Shock, futurist Alvin Toffler predicted that the rate of technological change and progress was beginning to accelerate at a rate faster than what people are often ready for or can handle. Looking over the course of history—from agrarian societies through the industrial age to our current post-industrial age in which more people work in service-oriented fields than agricultural ones—Toffler noted that the rapid changes brought on by technology often leave people in a state of “future shock.”

Future shock, Toffler argued, can cause not only disorientation for those who are caught up in it, but it can also induce a kind of paralysis brought on by being confronted with too many choices. In its worst form, future shock can lead to alienation and a breakdown of the social order due to “information overload” (a term originally coined by Toffler).

Toffler’s predictions were amazingly accurate for the time. We are most certainly in an era where we can barely keep up with the constant technological changes we are faced with on a daily basis. This is certainly true of how consumer technologies have changed our lives. Not only is the laptop or phone you buy today practically obsolete by the time you get it home, but we constantly struggle to keep up with our technologies and the volume of information—via email, text messages, the Internet, Twitter, etc.—that we consume on a daily basis. We are all likely suffering from some degree of information overload.

Similarly, technology change is accelerating business drivers at rates that are increasingly difficult for organizations to keep up with, not only for IT, but also for management. Trends such as Cloud, BYOD, Big Data and the Internet of Things are driving information overload for today’s enterprises putting intense pressure on lines of business to respond quickly to market drivers, data-driven imperatives and internal demands. Organizations are being forced to change—whether they are ready or not.

According to Toffler, the only way to combat future shock is to learn to adapt and to do so constantly. Toffler likens an inability to adapt to a new kind of illiteracy, with those who cannot adapt being left behind. “The illiterate of the 21st Century are not those who cannot read and write but those who cannot learn, unlearn and relearn” he said.

The problem is that most organizations today are not in a position to handle rapid change or to adapt quickly. In The Open Group Convergent Technologies Survey, only 52 percent of organizations surveyed felt they were equipped to deal with convergence of new technologies, while 27% said they were ill-prepared. Prepared or not, the tide of convergence is coming whether organizations like it or not. But to survive in our current economy, companies must learn to architect themselves in the moment.

Using Agile Development as a Model
Over the past ten years, agile software development has emerged as one of the ways for IT developers to adapt to the requirements of constant change. Based on a definition coined in the Manifesto for Agile Software Development in 2001, agile development is characterized by iterative, incremental and rapid development that evolves through collaboration. Rather than making development a process that takes years of painstaking planning before execution, the agile method puts a product out into the market at the earliest convenience, tests it with users and then adapts it accordingly. The process is then repeated with feedback and upgrades on a constant, iterative loop.

Agile development is driven by flexibility and the ability to respond rapidly to keep up with the endless change in the market. With agile principles, organizational focus shifts from processes and tools to individuals and interactions, the organization to the customer, from negotiation to collaboration, and to responding to change rather than sticking to rigid plans.

For many readers, “agile” is a loaded term and largely associated with solutions rather than the enterprise architecture but there are some appealing aspects to it.  An adaptation of the twelve principles of Agile Development to the discipline of Enterprise Architecture would be an interesting place to start.  I have just picked out half of the principles and adapted them here by way of example – using parenthesis to show possible deletions and adding a few words here and there in italics.

  •  Our highest priority is to satisfy the customer through early and continuous delivery of (valuable software) valuable architecture guidance to the enterprise
  •  Welcome changing requirements, even late in development. Agile processes harness change for the customer’s competitive advantage.
  • Business people and (developers) architects must work together (daily) throughout the project.
  • Simplicity–the art of maximizing the amount of work not done–is essential.
  • The best architectures, requirements, and designs emerge from self-organizing teams.
  • At regular intervals, the team reflects on how to become more effective, then tunes and adjusts its behavior accordingly.

What Organizations Can Learn from Agile Development
As Toffler predicted, the rate of business change is happening so quickly that if you take too much time to do anything, your organization is likely to lose out. Business schools have even taken a page from IT development and have begun teaching the principles of agile development to graduate students. As Toffler noted, “if you don’t have a strategy, you’re part of someone else’s strategy.” In business today, as in combatting “future shock,” adaptability must be at the core of every organization’s strategy.

Organizations that want to survive and thrive in this paradigm will need to take a page from IT, agile development and start-up cultures to become more nimble and move more quickly. Becoming agile will take significant shifts in culture for many organizations. Business and IT must work together in order to facilitate changes that will work for each organization. Enterprise architects and IT leaders can help lead the charge for change within their organizations by helping the C-Suite not only understand how to apply agile development principles to the business, but by showing the potential consequences of being slow to adapt and how business imperatives are the real drivers for these changes.

Architecting things as you go is a difficult thing for most organizations and most industries. Most of us are not used to that level of flexibility or a need to adapt that quickly. We are more comfortable with planning ahead and sticking to a well-thought out plan. Agility does not preclude planning or forethought—rather it is part of the process and action plan instead of being a precursor to action. Although many organizations are likely in for a large dose of “future” or culture shock, adaptation and business transformation is necessary for today’s organizations if they don’t want to be left behind in the face of constant change.

Allen BrownAllen Brown is President and CEO, The Open Group – a global consortium that enables the achievement of business objectives through IT standards.  For over 15 years Allen has been responsible for driving The Open Group’s strategic plan and day-to-day operations, including extending its reach into new global markets, such as China, the Middle East, South Africa and India. In addition, he was instrumental in the creation of the AEA, which was formed to increase job opportunities for all of its members and elevate their market value by advancing professional excellence.

5 Comments

Filed under Open Platform 3.0