Tag Archives: ArchiMate

The Open Group ArchiMate® Model File Exchange Format

By The Open Group

The Open Group ArchiMate Forum has released a snapshot of its ArchiMate® Model Exchange File Format. This aims to address the challenge of portability of models between tools.

Following is a Q&A with Andrew Josey, Phil Beauvoir and Frans Faase, members of the project team, to find out more.

Q.  What is The Open Group ArchiMate Model Exchange File Format?

A.  It is a specification of a standard file format for the exchange of ArchiMate models between different tools.

Q.  Why is it provided as a Snapshot release?

A.  The Snapshot makes public the direction and thinking the project is taking in the development of a standard file format supporting exchange of ArchiMate models between tools. We’re looking for feedback and guidance from the community at this stage.

Q.  When do you need feedback by and how should it be provided?

A.  Comments can be sent by email to ogspecs-snapshot-feedback-AT-opengroup.org no later than January 12, 2015.

Q.  What is addressed in the Snapshot release?

A.  The project is being implemented as two phases:

  •     Phase 1 includes the core exchange format.
  •     Phase 2 includes in addition the visual layout.

This Snapshot describes Phase 1 only, and excludes the detailed visual layout, which will be included in Phase 2.

Q.  Do you intend the format as a persistent file format for an ArchiMate model?

A.  No, The exchange file format is not intended as a persistent file format for the model itself, it is a mechanism to convey instance data from one tool to another (a simple analogy would be the csv file format for exchange of spreadsheet information). The data contained in the exchange file format is meant to be processed by an “ArchiMate aware” tool, thus ruling out standalone semantic inference. Once the instance data has been imported into an ArchiMate tool, that tool will probably save it in its own proprietary file format.

Q.  Where can I obtain the Snapshot release?

A.  The Snapshot can be obtained from The Open Group publications catalog.

https://www2.opengroup.org/ogsys/catalog/S142

Q.  What is provided with the Snapshot release?

A.  The deliverables included with this Snapshot are as follows:

  • Open Group Snapshot, ArchiMate® Model Exchange File Format
  • Schema Documentation for the ArchiMate® 2.1 XML/XML Schema Definition (XSD) Binding
  • A ZIP file containing: the XSD Schema file, an example Extended XSD Schema file, and example models in the exchange file format

Q.  What example models are provided with the Snapshot?

A.  The ArchiSurance and ArchiMetal case studies are provided, as is a Testall.xml model that can be used for interoperability testing.

Q.  Are all the elements defined in Exchange File Format mandatory?

A.  There are only two mandatory elements:

  • The main “model” tag itself with associated namespace declarations
  • Elements in the “elements” tag (with type and ID)

Everything else is optional. Of course, a minimal file containing only these two things would probably be unlikely, but it could be the case that there are no relationships in the model.

The following items are optional:

  • Metadata
  • Organization
  • The xml:lang=”xx” attribute

They are provided because they may be of use to the sender/receiver, but they don’t have to be there. For example, with the Organization element, this may be useful if the tool sending or receiving would like to know how the elements/relations are organised in folders for example, but not every tool might support that and could happily ignore it.

Similarly, not every tool supports multi-language so there is need to use the xml:lang=”xx” attribute. The example XML files provided with the Snapshot are more of a showcase of all the elements.

Q.  I am a tool provider, how can I get involved?

A.  You can get involved by joining The Open Group ArchiMate Forum, email archimate-forum-AT-opengroup.org

Q.  Are there interoperability tests with other tools suppliers?

A.  Yes, these are ongoing within the project within The Open Group ArchiMate Forum.

Q.  I have suggestions for improvement to the exchange file format, where do I send them?

A.  Please send comments by email to ogspecs-snapshot-feedback-AT-opengroup.org no later than January 12, 2015

Q.  I have suggestions for the Phase 2 visual layout, where do I send them?

A.  Please send comments by email to ogspecs-snapshot-feedback-AT-opengroup.org no later than January 12, 2015

By Andrew JoseyAndrew Josey is Director of Standards within The Open Group. He is currently managing the standards process for The Open Group, and has recently led the standards development projects for TOGAF® 9.1, ArchiMate® 2.1, IEEE Std 1003.1,2013 edition (POSIX), and the core specifications of the Single UNIX® Specification, Version 4. Previously, he has led the development and operation of many of The Open Group certification development projects, including industry-wide certification programs for the UNIX system, the Linux Standard Base, TOGAF, and IEEE POSIX. He is a member of the IEEE, USENIX, UKUUG, and the Association of Enterprise Architects.

 

philbeauvoirPhil Beauvoir has been developing, writing, and speaking about software tools and development for over 25 years. He was Senior Researcher and Developer at Bangor University, and, later, the Institute for Educational Cybernetics at Bolton University, both in the UK. During this time he co-developed a peer-to-peer learning management and groupware system, a suite of software tools for authoring and delivery of standards-compliant learning objects and meta-data, and tooling to create IMS Learning Design compliant units of learning.  In 2010, working with the Institute for Educational Cybernetics, Phil created the open source ArchiMate Modelling Tool, Archi. Since 2013 he has been curating the development of Archi independently. Phil holds a degree in Medieval English and Anglo-Saxon Literature.

Frans FaaseFrans Faase is a senior software engineer who has been working with BiZZdesign since 2002. He got an M.Sc. degree in Computer Science from the University of Twente. At BiZZdesign he has been involved in designing the repository being used by BiZZdesign Architect, which implements the ArchiMate standard. He designed a locking mechanism that allows smooth cooperation between multiple users on a single model. He also worked on many import functions from other tools requiring reverse engineering, scanning, and parsing of used file formats. Many of these file formats are based on XML.

Leave a comment

Filed under ArchiMate®, Certifications, Standards, Uncategorized

Case Study – ArchiMate®, An Open Group Standard: Public Research Centre Henri Tudor and Centre Hospitalier de Luxembourg

By The Open Group

The Public Research Centre Henri Tudor is an institute of applied research aimed at reinforcing the innovation capacity at organizations and companies and providing support for national policies and international recognition of Luxembourg’s scientific community. Its activities include applied and experimental research; doctoral research; the development of tools, methods, labels, certifications and standards; technological assistance; consulting and watch services; and knowledge and competency transfer. Its main technological domains are advanced materials, environmental, Healthcare, information and communication technologies as well as business organization and management. The Centre utilizes its competencies across a number of industries including Healthcare, industrial manufacturing, mobile, transportation and financial services among others.

In 2012, the Centre Hospitalier de Luxembourg allowed Tudor to experiment with an access rights management system modeled using ArchiMate®, an Open Group standard. This model was tested by CRP Tudor to confirm the approach used by the hospital’s management to grant employees, nurses and doctors permission to access patient records.

Background

The Centre Hospitalier de Luxembourg is a public hospital that focuses on severe pathologies, medical and surgical emergencies and palliative care. The hospital also has an academic research arm. The hospital employs a staff of approximately 2,000, including physicians and specialized employees, medical specialists, nurses and administrative staff. On average the hospital performs more than 450,000 outpatient services, 30,000 inpatient services and more than 60,000 adult and pediatric emergency services, respectively, per year.

Unlike many hospitals throughout the world, the Centre Hospitalier de Luxembourg is open and accessible 24 hours a day, seven days a week. Accessing patient records is required at the hospital at any time, no matter the time of day or weekend. In addition, the Grand Duchy of Luxembourg has a system where medical emergencies are allocated to one hospital each weekend across each of the country’s three regions. In other words, every two weeks, one hospital within a given region is responsible for all of the incoming medical emergencies on its assigned weekend, affecting patient volume and activity.

Access rights management

As organizations have become not only increasingly global but also increasingly digital, access rights management has become a critical component of keeping institutional information secure so that it does not fall into the wrong hands. Managing access to internal information is a critical component of every company’s security strategy, but it is particularly important for organizations that deal with sensitive information about consumers, or in the case of the Centre Hospitalier de Luxembourg, patients.

Modeling an access rights management system was important for the hospital for a number of reasons. First, European privacy laws dictate that only the people who require information regarding patient medical files should be allowed access to those files. Although privacy laws may restrict access to patient records, a rights management system must be flexible enough to grant access to the correct individuals when necessary.

In the case of a hospital such as the Centre Hospitalier de Luxembourg, access to information may be critical for the life of the patient. For instance, if a patient was admitted to the emergency room, the emergency room physician will be able to better treat the patient if he or she can access the patient’s records, even if they are not the patient’s primary care physician. Admitting personnel may also need access to records at the time of admittance. Therefore, a successful access rights management system must combine a balance between restricting information and providing flexible access as necessary, giving the right access at the right time without placing an administrative burden on the doctors or staff.

The project

Prior to the experiment in which the Public Research Centre Henri Tudor tested this access rights management model, the Centre Hospitalier de Luxembourg had not experienced any problems in regard to its information sharing system. However, its access rights were still being managed by a primarily paper-based system. As part of the scope of the project, the hospital was also looking to become compliant with existing privacy laws. Developing an access rights management model was intended to close the gap within the hospital between restricting access to patient information overall and providing new rights, as necessary, to employees that would allow them to do their work without endangering patient lives. From a technical perspective, the access rights management system also needed not only to work in conjunction with existing applications, such as the ERP system, used within the hospital but also support rights management at the business layer.

Most current access rights managements systems provide information access to individuals based on a combination of the functional requirements necessary for employees to do their jobs and governance rights, which provide the protections that will keep the organization and its information safe and secure. What many existing models have failed to take into account is that most access control models and rights engineering methods don’t adequately represent both sides of this equation. As such, determining the correct level of access for different employees within organizations can be difficult.

Modeling access rights management

Within the Centre Hospitalier de Luxembourg, employee access rights were defined based on individual job responsibilities and job descriptions. To best determine how to grant access rights across an hospital, the Public Research Centre Henri Tudor needed to create a system that could take these responsibilities into account, rather than just rely on functional or governance requirements.

To create an access rights management model that would work with the hospital’s existing processes and ERP software, the Public Research Centre Henri Tudor first needed to come up with a way to model responsibility requirements instead of just functional or governance requirements. According to Christophe Feltus, Research Engineer at the Public Research Centre, defining a new approach based on actor or employee responsibilities was the first step in creating a new model for the hospital.

Although existing architecture modeling languages provide views for many different types of stakeholders within organizations—from executives to IT and project managers—no modeling language had previously been used to develop a view dedicated to access rights management, Feltus says. As such, that view needed to be created and modeled anew for this project.

To develop this new view, the Public Research Centre needed to find an architecture modeling language that was flexible enough to accommodate such an extension. After evaluating three separate modeling languages, they chose ArchiMate®, an Open Group Standard and open and independent modeling language, to help them visualize the relationships among the hospital’s various employees in an unambiguous way.

Much like architectural drawings are used in building architecture to describe the various aspects of construction and building use, ArchiMate provides a common language for describing how to construct business processes, organizational structures, information flows, IT systems and technical infrastructures. By providing a common language and visual representation of systems, ArchiMate helps stakeholders within organizations design, assess and communicate how decisions and changes within business domains will affect the organization.

According to Feltus, Archimate provided a well-formalized language for the Public Research Centre to portray the architecture needed to model the access rights management system they wanted to propose for Centre Hospitalier. Because ArchiMate is a flexible and open language, it also provided an extension mechanism that could accommodate the responsibility modeling language (ReMMo) that the engineering team had developed for the hospital.

In addition to providing the tools and extensions necessary for the engineering team to properly model the hospital’s access rights system, the Public Research Centre also chose ArchiMate because it is an open and vendor-neutral modeling language. As a publically funded institution, it was important that the Public Research Centre avoided using vendor-specific tools that would lock them in to a potentially costly cycle of constant version upgrades.

“What was very interesting [about ArchiMate] was that it was an open and independent solution. This is very important for us. As a public company, it’s preferable not to use private solutions. This was something very important,” said Feltus.

Feltus notes that using ArchiMate to model the access rights project was also a relatively easy and intuitive process. “It was rather easy,” Feltus said. “The concepts are clear and recommendations are well done, so it was easy to explore the framework.” The most challenging part of the project was selecting which extension mechanism would best portray the design and model they wanted to use.

Results

After developing the access rights model using ArchiMate, the responsibility metamodel was presented to the hospital’s IT staff by the Public Research Centre Henri Tudor. The Public Research Centre team believes that the responsibility model created using ArchiMate allows for better alignment between the hospital’s business processes defined at the business layer with their IT applications being run at the application layer. The team also believes the model could both enhance provisioning of access rights to employees and improve the hospital’s performance. For example, using the proposed responsibility model, the team found that some employees in the reception department had been assigned more permissions than they required in practice. Comparing the research findings with the reality on the ground at the hospital has shown the Public Research Centre team that ArchiMate is an effective tool for modeling and determining both responsibilities and access rights within organizations.

Due to the ease of use and success the Public Research Centre Henri Tudor experienced in using ArchiMate to create the responsibility model and the access rights management system for the hospital, Tudor also intends to continue to use ArchiMate for other public and private research projects as appropriate.

Follow The Open Group @theopengroup, #ogchat and / or let us know your thoughts on the blog here.

 

4 Comments

Filed under ArchiMate®, Healthcare, Standards, Uncategorized

The Open Group Boston 2014 – Day Two Highlights

By Loren K. Bayes, Director, Global Marketing Communications

Enabling Boundaryless Information Flow™  continued in Boston on Tuesday, July 22Allen Brown, CEO and President of The Open Group welcomed attendees with an overview of the company’s second quarter results.

The Open Group membership is at 459 organizations in 39 countries, including 16 new membership agreements in 2Q 2014.

Membership value is highlighted by the collaboration Open Group members experience. For example, over 4,000 individuals attended Open Group events (physically and virtually whether at member meetings, webinars, podcasts, tweet jams). The Open Group website had more than 1 million page views and over 105,000 publication items were downloaded by members in 80 countries.

Brown also shared highlights from The Open Group Forums which featured status on many upcoming white papers, snapshots, reference models and standards, as well as individiual Forum Roadmaps. The Forums are busy developing and reviewing projects such as the Next Version of TOGAF®, an Open Group standard, an ArchiMate® white paper, The Open Group Healthcare Forum charter and treatise, Standard Mils™ APIs and Open Fair. Many publications are translated into multiple languages including Chinese and Portuguese. Also, a new Forum will be announced in the third quarter at The Open Group London 2014 so stay tuned for that launch news!

Our first keynote of the day was Making Health Addictive by Joseph Kvedar, MD, Partners HealthCare, Center for Connected Health.

Dr. Kvedar described how Healthcare delivery is changing, with mobile technology being a big part. Other factors pushing changes are reimbursement paradigms and caregivers being paid to be more efficient and interested in keeping people healthy and out of hospitals. The goal of Healthcare providers is to integrate care into the day-to-day lives of patients. Healthcare also aims for better technologies and architecture.

Mobile is a game-changer in Healthcare because people are “always on and connected”. Mobile technology allows for in-the-moment messaging, ability to capture health data (GPS, accelerator, etc.) and display information in real time as needed. Bottom-line, smartphones are addictive so they are excellent tools for communication and engagement.

But there is a need to understand and address the implications of automating Healthcare: security, privacy, accountability, economics.

The plenary continued with Proteus Duxbury, CTO, Connect for Health Colorado, who presented From Build to Run at the Colorado Health Insurance Exchange – Achieving Long-term Sustainability through Better Architecture.

Duxbury stated the keys to successes of his organization are the leadership and team’s shared vision, a flexible vendor being agile with rapidly changing regulatory requirements, and COTS solution which provided minimal customization and custom development, resilient architecture and security. Connect for Health experiences many challenges including budget restraints, regulation and operating in a “fish bowl”. Yet, they are on-track with their three-year ‘build to run’ roadmap, stabilizing their foundation and gaining efficiencies.

During the Q&A with Allen Brown following each presentation, both speakers emphasized the need for standards, architecture and data security.

Brown and DuxburyAllen Brown and Proteus Duxbury

During the afternoon, track sessions consisted of Healthcare, Enterprise Architecture (EA) & Business Value, Service-Oriented Architecture (SOA), Security & Risk Management, Professional Development and ArchiMate Tutorials. Chris Armstrong, President, Armstrong Process Group, Inc. discussed Architecture Value Chain and Capability Model. Laura Heritage, Principal Solution Architect / Enterprise API Platform, SOA Software, presented Protecting your APIs from Threats and Hacks.

The evening culminated with a reception at the historic Old South Meeting House, where the Boston Tea Party began in 1773.

photo2

IMG_2814Networking Reception at Old South Meeting House

A special thank you to our sponsors and exhibitors at The Open Group Boston 2014: BiZZdesign, Black Duck, Corso, Good e-Learning, Orbus and AEA.

Join the conversation #ogBOS!

Loren K. BaynesLoren K. Baynes, Director, Global Marketing Communications, joined The Open Group in 2013 and spearheads corporate marketing initiatives, primarily the website, blog and media relations. Loren has over 20 years experience in brand marketing and public relations and, prior to The Open Group, was with The Walt Disney Company for over 10 years. Loren holds a Bachelor of Business Administration from Texas A&M University. She is based in the US.

Comments Off

Filed under Accreditations, Boundaryless Information Flow™, Business Architecture, COTS, Data management, Enterprise Architecture, Enterprise Transformation, Healthcare, Information security, Open FAIR Certification, OTTF, RISK Management, Service Oriented Architecture, Standards, Uncategorized

The Open Group Boston 2014 – Day One Highlights

By Loren K. Baynes, Director, Global Marketing Communications

The Open Group kicked off Enabling Boundaryless Information Flow™  July 21 at the spectacular setting of the Hyatt Boston Harbor. Allen Brown, CEO and President of The Open Group, welcomed over 150 people from 20 countries, including as far away as Australia, Japan, Saudi Arabia and India.

The first keynote speaker was Marshall Van Alstyne, Professor at Boston University School of Management & Researcher at MIT Center for Digital Business, known as a leading expert in business models. His presentation entitled Platform Shift – How New Open Business Models are Changing the Shape of Industry posed the questions “What does ‘openness’ mean? Why do platforms beat products every time?”.

Van AlstyneMarshall Van Alstyne

According to “InterBrand: 2014 Best Global Brands”, 13 of the top 31 companies are “platform companies”. To be a ‘platform’, a company needs embeddable functions or service and allow 3rd party access. Alystyne noted, “products have features, platforms have communities”. Great standalone products are not sufficient. Positive changes experienced by a platform company include pricing/profitability, supply chains, internal organization, innovation, decreased industry bottlenecks and strategy.

Platforms benefit from broad contributions, as long as there is control of the top several complements. Alstyne commented, “If you believe in the power of community, you need to embrace the platform.”

The next presentation was Open Platform 3.0™ – An Integrated Approach to the Convergence of Technology Platforms, by Dr. Chris Harding, Director for Interoperability, The Open Group. Dr. Harding discussed how society has developed a digital society.

1970 was considered the dawn of an epoch which saw the First RAM chip, IBM introduction of System/370 and a new operating system – UNIX®. Examples of digital progress since that era include driverless cars and Smart Cities (management of traffic, energy, water, communication).

Digital society enablers are digital structural change and corporate social media. The benefits are open innovation, open access, open culture, open government and delivering more business value.

Dr. Harding also noted, standards are essential to innovation and enable markets based on integration. The Open Group Open Platform 3.0™ is using ArchiMate®, an Open Group standard, to analyze the 30+ business use cases produced by the Forum. The development cycle is understanding, analysis, specification, iteration.

Dr. Harding emphasized the importance of Boundaryless Information Flow™, as an enabler of business objectives and efficiency through IT standards in the era of digital technology, and designed for today’s agile enterprise with direct involvement of business users.

Both sessions concluded with an interactive audience Q&A hosted by Allen Brown.

The last session of the morning’s plenary was a panel: The Internet of Things and Interoperability. Dana Gardner, Principal Analyst at Interarbor Solutions, moderated the panel. Participating in the panel were Said Tabet, CTO for Governance, Risk and Compliance Strategy, EMC; Penelope Gordon, Emerging Technology Strategist, 1Plug Corporation; Jean-Francois Barsoum, Senior Managing Consultant, Smarter Cities, Water & Transportation, IBM; and Dave Lounsbury, CTO, The Open Group.

IoT PanelIoT Panel – Gardner, Barsoum, Tabet, Lounsbury, Gordon

The panel explored the practical limits and opportunities of Internet of Things (IoT). The different areas discussed include obstacles to decision-making as big data becomes more prolific, openness, governance and connectivity of things, data and people which pertain to many industries such as smart cities, manufacturing and healthcare.

How do industries, organizations and individuals deal with IoT? This is not necessarily a new problem, but an accelerated one. There are new areas of interoperability but where does the data go and who owns the data? Openness is important and governance is essential.

What needs to change most to see the benefits of the IoT? The panel agreed there needs to be a push for innovation, increased education, move beyond models of humans managing the interface (i.e. machine-to-machine) and determine what data is most important, not always collecting all the data.

A podcast and transcript of the Internet of Things and Interoperability panel will be posted soon.

The afternoon was divided into several tracks: Boundaryless Information Flow™, Open Platform 3.0™ and Enterprise Architecture (EA) & Enterprise Transformation. Best Practices for Enabling Boundaryless Information Flow across the Government was presented by Syed Husain, Consultant Enterprise Architecture, Saudi Arabia E-government Authority. Robert K. Pucci, CTO, Communications Practice, Cognizant Technology Solutions discussed Business Transformation Justification Leveraging Business and Enterprise Architecture.

The evening concluded with a lively networking reception at the hotel.

Join the conversation #ogBOS!

Loren K. BaynesLoren K. Baynes, Director, Global Marketing Communications, joined The Open Group in 2013 and spearheads corporate marketing initiatives, primarily the website, blog and media relations. Loren has over 20 years experience in brand marketing and public relations and, prior to The Open Group, was with The Walt Disney Company for over 10 years. Loren holds a Bachelor of Business Administration from Texas A&M University. She is based in the US.

 

Comments Off

Filed under ArchiMate®, Boundaryless Information Flow™, Business Architecture, Conference, Data management, Enterprise Architecture, Enterprise Transformation, Healthcare, Interoperability, Open Platform 3.0, Professional Development, Standards, Uncategorized

ArchiMate® Users Group Meeting

By The Open Group

During a special ArchiMate® users group meeting on Wednesday, May 14 in Amsterdam, Andrew Josey, Director of Standards within The Open Group, presented on the ArchiMate certification program and adoption of the language. Andrew is currently managing the standards process for The Open Group, and has recently led the standards development projects for TOGAF® 9.1, ArchiMate 2.1, IEEE Std 1003.1-2008 (POSIX), and the core specifications of the Single UNIX Specification, Version 4.

ArchiMate®, a standard of The Open Group, is an open and independent modeling language for Enterprise Architecture that is supported by different vendors and consulting firms. ArchiMate provides instruments to enable Enterprise Architects to describe, analyze and visualize the relationships among business domains in an unambiguous way. ArchiMate is not an isolated development. The relationships with existing methods and techniques, like modeling languages such as UML and BPMN, and methods and frameworks like TOGAF and Zachman, are well-described.

In this talk, Andrew provided an overview of the ArchiMate 2 certification program, including information on the adoption of the ArchiMate modeling language. He gave an overview of the major milestones in the development of Archimate and referred to the Dutch origins of the language. The Dutch Telematica Institute created the Archimate language in the period 2002-2004 and the language is now widespread. There have been over 41,000 downloads of different versions of the ArchiMate specification from more than 150 countries. At 52%, The Netherlands is leading the “Top 10 Certifications by country”. However, the “Top 20 Downloads by country” is dominated by the USA (19%), followed by the UK (14%) and The Netherlands (12%). One of the tools developed to support ArchiMate is Archi, a free open-source tool created by Phil Beauvoir at the University of Bolton in the UK. Since its development, Archi also has grown from a relatively small, home-grown tool to become a widely used open-source resource that averages 3,000 downloads per month and whose community ranges from independent practitioners to Fortune 500 companies. It is no surprise that again, Archi is mostly downloaded in The Netherlands (17.67%), the United States (12.42%) and the United Kingdom (8.81%).

After these noteworthy facts and figures, Henk Jonkers took a deep dive into modeling risk and security. Henk Jonkers is a senior research consultant, involved in BiZZdesign’s innovations in the areas of Enterprise Architecture and engineering. He was one of the main developers of the ArchiMate language, an author of the ArchiMate 1.0 and 2.0 Specifications, and is actively involved in the activities of the ArchiMate Forum of The Open Group. In this talk, Henk showed several examples of how risk and security aspects can be incorporated in Enterprise Architecture models using the ArchiMate language. He also explained how the resulting models could be used to analyze risks and vulnerabilities in the different architectural layers, and to visualize the business impact that they have.

First Henk described the limitations of current approaches – existing information security and risk management methods do not systematically identify potential attacks. They are based on checklists, heuristics and experience. Security controls are applied in a bottom-up way and are not based on a thorough analysis of risks and vulnerabilities. There is no explicit definition of security principles and requirements. Existing systems only focus on IT security. They have difficulties in dealing with complex attacks on socio-technical systems, combining physical and digital access, and social engineering. Current approaches focus on preventive security controls, and corrective and curative controls are not considered. Security by Design is a must, and there is always a trade-off between the risk factor versus process criticality. Henk gave some arguments as to why ArchiMate provides the right building blocks for a solid risk and security architecture. ArchiMate is widely accepted as an open standard for modeling Enterprise Architecture and support is widely available. ArchiMate is also suitable as a basis for qualitative and quantitative analysis. And last but not least: there is a good fit with other Enterprise Architecture and security frameworks (TOGAF, Zachman, SABSA).

“The nice thing about standards is that there are so many to choose from”, emeritus professor Andrew Stuart Tanenbaum once said. Using this quote as a starting point, Gerben Wierda focused his speech on the relationship between the ArchiMate language and Business Process Model and Notation (BPMN). In particular he discussed Bruce Silver’s BPMN Method and Style. He stated that ArchiMate and BPMN can exist side by side. Why would you link BPMN and Archimate? According to Gerben there is a fundamental vision behind all of this. “There are unavoidably many ‘models’ of the enterprise that are used. We cannot reduce that to one single model because of fundamentally different uses. We even cannot reduce that to a single meta-model (or pattern/structure) because of fundamentally different requirements. Therefore, what we need to do is look at the documentation of the enterprise as a collection of models with different structures. And what we thus need to do is make this collection coherent.”

Gerben is Lead Enterprise Architect of APG Asset Management, one of the largest Fiduciary Managers (± €330 billion Assets under Management) in the world, with offices in Heerlen, Amsterdam, New York, Hong Kong and Brussels. He has overseen the construction of one of the largest single ArchiMate models in the world to date and is the author of the book “Mastering ArchiMate”, based on his experience in large scale ArchiMate modeling. In his speech, Gerben showed how the leading standards ArchiMate and BPMN (Business Process Modeling Notation, an OMG standard) can be used together, creating one structured logically coherent and automatically synchronized description that combines architecture and process details.

Marc Lankhorst, Managing Consultant and Service Line Manager Enterprise Architecture at BiZZdesign, presented on the topic of capability modeling in ArchiMate. As an internationally recognized thought leader on Enterprise Architecture, he guides the development of BiZZdesign’s portfolio of services, methods, techniques and tools in this field. Marc is also active as a consultant in government and finance. In the past, he has managed the development of the ArchiMate language for Enterprise Architecture modeling, now a standard of The Open Group. Marc is a certified TOGAF9 Enterprise Architect and holds an MSc in Computer Science from the University of Twente and a PhD from the University of Groningen in the Netherlands. In his speech, Marc discussed different notions of “capability” and outlined the ways in which these might be modeled in ArchiMate. In short, a business capability is something an enterprise does or can do, given the various resources it possesses. Marc described the use of capability-based planning as a way of translating enterprise strategy to architectural choices and look ahead at potential extensions of ArchiMate for capability modeling. Business capabilities provide a high-level view of current and desired abilities of the organization, in relation to strategy and environment. Enterprise Architecture practitioners design extensive models of the enterprise, but these are often difficult to communicate with business leaders. Capabilities form a bridge between the business leaders and the Enterprise Architecture practitioners. They are very helpful in business transformation and are the ratio behind capability based planning, he concluded.

For more information on ArchiMate, please visit:

http://www.opengroup.org/subjectareas/enterprise/archimate

For information on the Archi tool, please visit: http://www.archimatetool.com/

For information on joining the ArchiMate Forum, please visit: http://www.opengroup.org/getinvolved/forums/archimate

 

1 Comment

Filed under ArchiMate®, Certifications, Conference, Enterprise Architecture, Enterprise Transformation, Professional Development, Standards, TOGAF®

The Open Group Summit Amsterdam 2014 – Day Three Highlights

By Loren K. Baynes, Director, Global Marketing Communications, The Open Group

May 14, day three of The Open Group Summit Amsterdam, was another busy day for our attendees and presenters.  Tracks included ArchiMate®The Open Group Open Platform 3.0™-Big Data, Open CITS, TOGAF®, Architecture Methods and Professional Development.

Mark Skilton, Professor of Practice, Information Systems Management, Warwick Business School, UK presented “Creating Value in the Digital Economy”. Skilton discussed how the digital media in social, networks, mobile devices, sensors and the explosion of big data and cloud computing networks is interconnecting potentially everything everywhere – amounting to a new digital ecosystem.  These trends have significantly enhanced the importance of IT in its role and impact on business and market value locally, regionally and globally.

Other notable speakers included Thomas Obitz, Principal Advisor, KPMG, LLK, UK, and Paul Bonnie, Head of Architecture Office, ING, The Netherlands, who shared how standards, such as TOGAF®, an Open Group standard, are necessary and effective in the financial services industry.

During a special users group meeting in the evening, Andrew Josey, Director of Standards within The Open Group, presented the ArchiMate certification program and adoption of the language. . Andrew is currently managing the standards process for The Open Group, and has recently led the standards development projects for TOGAF® 9.1, ArchiMate 2.1, IEEE Std 1003.1-2008 (POSIX), and the core specifications of the Single UNIX Specification, Version 4.

Andrew provided an overview of the ArchiMate 2 certification program, including information on the adoption of the ArchiMate modeling language. He discussed the major milestones in the development of ArchiMate and referred to the Dutch origins of the language. The ArchiMate language was developed beginning in 2002 and is now widespread.  There have been over 41,000 downloads of ArchiMate specifications from more than 150 countries.

Henk Jonkers, senior research consultant involved in BiZZdesign’s innovations in Enterprise Architecture (EA) and one of the main developers of the ArchiMate language, took a deep dive into modeling risk and security.

Henk JonkersHenk Jonkers, BiZZdesign

As a final farewell from Amsterdam, a special thanks goes to our sponsors and exhibitors during this dynamic summit:  BiZZdesign, MEGA, ARCA Strategic Group, Good e-Learning, Orbus Software, Corso, Van Haren, Metaplexity, Architecting the Enterprise, Biner and the Association of Enterprise Architects (AEA).

For those of you who attended the Summit, please give us your feedback! https://www.surveymonkey.com/s/AMST2014

Stay tuned for Summit proceedings to be posted soon!  See you at our event in Boston, Massachusetts July 21-22!

 

Comments Off

Filed under ArchiMate®, Certifications, Conference, Enterprise Architecture, Enterprise Transformation, Open CITS, Open Platform 3.0, Standards, TOGAF®, Uncategorized

The Open Group Summit Amsterdam 2014 – Day Two Highlights

By Loren K. Baynes, Director, Global Marketing Communications, The Open Group

On Tuesday, May 13, day two of The Open Group Summit Amsterdam, the morning plenary began with a welcome from The Open Group President and CEO Allen Brown. He presented an overview of the Forums and the corresponding Roadmaps. He described the process of standardization, from the initial work to a preliminary standard, including review documents, whitepapers and snapshots, culminating in the final publication of an open standard. Brown also announced that Capgemini is again a Platinum member of The Open Group and contributes to the realization of the organization’s objectives in various ways.

Charles Betz, Chief Architect, Signature Client Group, AT&T and Karel van Zeeland, Lead IT4IT Architect, Shell IT International, presented the second keynote of the morning, ‘A Reference Architecture For the Business of IT’.  When the IT Value Chain and IT4IT Reference Architecture is articulated, instituted and automated, the business can experience huge cost savings in IT and significantly improved response times for IT service delivery, as well as increasing customer satisfaction.

AmsterdamPlenaryKarel van Zeeland, Charles Betz and Allen Brown

In 1998, Shell Information Technology started to restructure the IT Management and the chaos was complete. There were too many tools, too many vendors, a lack of integration, no common data model, a variety of user interfaces and no standards to support rapid implementation. With more than 28 different solutions for incident management and more than 160 repositories of configuration data, the complexity was immense. An unclear relationship with Enterprise Architecture and other architectural issues made the case even worse.

Restructuring the IT Management turned out to be a long journey for the Shell managers. How to manage 1,700 locations in 90 countries, 8,000 applications, 25,000 servers, dozens of global and regional datacenters,125,000 PCs and laptops, when at the same time you are confronted with trends like BYOD, mobility, cloud computing, security, big data and the Internet of Things (IoT).  According to Betz and van Zeeland, IT4IT is a promising platform for evolution of the IT profession. IT4IT however has the potential to become a full open standard for managing the business of IT.

Jeroen Tas, CEO of Healthcare Informatics Solutions and Services within Philips Healthcare, explained in his keynote speech, “Philips is becoming a software company”. Digital solutions connect and streamline workflow across the continuum of care to improve patient outcomes. Today, big data is supporting adaptive therapies. Smart algorithms are used for early warning and active monitoring of patients in remote locations. Tas has a dream, he wants to make a valuable contribution to a connected healthcare world for everyone.

In January 2014, Royal Philips announced the formation of Healthcare Informatics Solutions and Services, a new business group within Philips’ Healthcare sector that offers hospitals and health systems the customized clinical programs, advanced data analytics and interoperable, cloud-based platforms necessary to implement new models of care. Tas, who previously served as the Chief Information Officer of Philips, leads the group.

In January of this year, The Open Group launched The Open Group Healthcare Forum whichfocuses on bringing Boundaryless Information Flow™ to the healthcare industry enabling data to flow more easily throughout the complete healthcare ecosystem.

Ed Reynolds, HP Fellow and responsible for the HP Enterprise Security Services in the US, described the role of information risk in a new technology landscape. How do C-level executives think about risk? This is a relevant and urgent question because it can take more than 243 days before a data breach is detected. Last year, the average cost associated with a data breach increased 78% to 11.9 million dollars. Critical data assets may be of strategic national importance, have massive corporate value or have huge significance to an employee or citizen, be it the secret recipe of Coca Cola or the medical records of a patient. “Protect your crown jewels” is the motto.

Bart Seghers, Cyber Security Manager, Thales Security and Henk Jonkers, Senior Research Consultant of BiZZdesign, visualized the Business Impact of Technical Cyber Risks. Attacks on information systems are becoming increasingly sophisticated. Organizations are increasingly networked and thus more complex. Attacks use digital, physical and social engineering and the departments responsible for each of these domains within an organization operate in silos. Current risk management methods cannot handle the resulting complexity. Therefore they are using ArchiMate® as a risk and security architecture. ArchiMate is a widely accepted open standard for modeling Enterprise Architecture. There is also a good fit with other EA and security frameworks, such as TOGAF®. A pentest-based Business Impact Assessment (BIA) is a powerful management dashboard that increases the return on investment for your Enterprise Architecture effort, they concluded.

Risk Management was also a hot topic during several sessions in the afternoon. Moderator Jim Hietala, Vice President, Security at The Open Group, hosted a panel discussion on Risk Management.

In the afternoon several international speakers covered topics including Enterprise Architecture & Business Value, Business & Data Architecture and Open Platform 3.0™. In relation to social networks, Andy Jones, Technical Director, EMEA, SOA Software, UK, presented “What Facebook, Twitter and Netflix Didn’t Tell You”.

The Open Group veteran Dr. Chris Harding, Director for Interoperability at The Open Group, and panelists discussed and emphasized the importance of The Open Group Open Platform 3.0™. The session also featured a live Q&A via Twitter #ogchat, #ogop3.

The podcast is now live. Here are the links:

Briefings Direct Podcast Home Page: http://www.briefingsdirect.com/

PODCAST STREAM: http://traffic.libsyn.com/interarbor/BriefingsDirect-The_Open_Group_Amsterdam_Conference_Panel_Delves_into_How_to_Best_Gain_Business_Value_From_Platform_3.mp3

PODCAST SUMMARY: http://briefingsdirect.com/the-open-group-amsterdam-panel-delves-into-how-to-best-gain-business-value-from-platform-30

In the evening, The Open Group hosted a tour and dinner experience at the world-famous Heineken Brewery.

For those of you who attended the summit, please give us your feedback! https://www.surveymonkey.com/s/AMST2014

Comments Off

Filed under ArchiMate®, Boundaryless Information Flow™, Certifications, Enterprise Architecture, Enterprise Transformation, Healthcare, Open Platform 3.0, RISK Management, Standards, TOGAF®, Uncategorized