SVKMS NMIMS MPSTME Information Technology Project Report

On

Use of SOA Based Development Methodology in Project Management

Submitted By:
Tushar Naik (182) Aashi Upadhaya (184) Priya Singh (176) Pratik Mistry (170) Apoorv Chaudhary (158)

Use of SOA Based Development Methodology in Project Management ABSTRACT Background of the Project SOA driven project management will have to be closely aligned with concurrently on-going business projects, which are the source for any functional requirements. SOA focuses on Project management as a whole - includes Integration Management, Scope Management, Time (Scheduling) Management, Cost Management, Quality Management, Risk Management, and Procurement Management. The "thin thread" development and project management model is essentially an application of the Iterative Application Development (IAD) approach. A thread represents a vertical slice through the system, including an end-to-end implementation of a particular piece of application logic, going from application frontend all the way down to the database. The basic idea of the "thin thread" approach is to start with a very thin slice (or thread), which might, for example, only comprise the functionality of capturing a single string value in the application frontend, processing this information in the middle-tier, and writing it into the database. In the next phase, the thread might be "thickened" by adding end-to-end functionality for retrieving the string value from the database and displaying it in the application frontend. In a further iteration, a more complex data structure (e.g., a customer record) might be handled in a similar way, and so on. As the project continues, additional threads can be launched. General Terms SOA: Service Oriented Architecture is a set of principles and methodologies for designing and developing software in the form of interoperable services. SaaS: Software as a Service: is a software delivery model in which software and its associated data are hosted centrally (typically in the (Internet) cloud) and are typically accessed by users using a thin client, normally using a web browser over the Internet. Loose Coupling: loosely coupled system is one where each of its components has, or makes use of, little or no knowledge of the definitions of other separate components. Subareas include the coupling of classes, interfaces, data, and services.

INTRODUCTION What cloud exactly is: Cloud computing is a technology that uses the internet and central remote servers to maintain data and applications. Cloud computing allows consumers and businesses to use applications without installation and access their personal files at any computer with internet access. This technology allows for much more inefficient computing by centralizing storage, memory, processing and bandwidth. A simple example of cloud computing is Yahoo email, Gmail, or Hotmail etc. User does not need software or a server to use them. All a consumer would need is just an internet connection and he can start sending emails. The server and email management software is all on the cloud (internet).

Cloud Infrastructure: At the bottom of the cloud stack, Cloud Infrastructure provides the distributed multi-site physical components to support cloud computing, such as storage and processing resources. This layer allows the infrastructure provider to abstract away details such as which exact hardware an application is using and which data centre the application is running in. . Advances in server virtualization technologies have made this layer of the stack much more efficient over the past several years allowing a higher utilization of processing resources than previously practical. Virtual machine concepts have also enabled a useful separation of underlying hardware implementation details from the view of developers, and the ability to more rapidly scale server resources in response to changing demand. Cloud Storage - Storage as a service: Building upon the Cloud Infrastructure, this layer of

the cloud stack is focused on the incremental renting of storage on the Internet, formerly called Utility Computing. Many offerings in this area are also enabled by underlying advances in server virtualization. Network-based large-scale storage on demand is an example of this layer of cloud computing. Some offerings go further and offer platforms for service providers, including storage, security, identity management, and other functions. A good example of this type of offering is the Amazon Simple Storage Service (Amazon S3). Amazon S3 provides storage for the Internet, designed to make web-scale computing easier for application developers. Amazon S3 provides a Web Service interface that can be used to store and retrieve data, at any time, from anywhere on the Web. S3 gives developers access to scalable and reliable data storage for a fee. S3 is decentralized in its implementation, fault tolerant, and built from a set of highly granular and simple service interfaces. SOA, a flexible & modular approach of delivering IT services, is an essential foundation for emerging technologies like cloud. Plus, SOA provides significant advantages over current IT architectures. While it lowers costs, its primary benefit is the improvement in agility that it provides to organizations, enabling them to respond to the increasing rate of change occurring in nearly every business around the world. The way organizations do business is changing at a rapid pace. In the 21st Century, organizations no longer operate in a fixed, predictable environment. Moreover, in this constantly changing landscape, the role of IT is changing as well. Yes, IT must support the business without IT, no modern organization can hire a worker, receive parts from a supplier, ship a product or interact with a partner. But more and more, IT must provide services that are an integral part of an organizations business model. Thus, IT must enable rapid change and flexible relationships with customers, suppliers and partners. The very real risk for todays organization is that while business and technical drivers will increase its need for SOA and cloud services, the organization will have failed to put in place the processes and procedures to confidently move to these new approaches and to benefit from those changes. This is precisely the problem faced by organizations that did not anticipate the step-change heralded by PCs and the client/server architecture. In allowing individuals to use PCs independently, IT departments missed the shift to a new IT architecture and had to invest millions to retrace their steps and introduce standardized systems. The cloud will enable real-time delivery of products, services and solutions over the Internet. It will become essential to business because of its capability to deal with rapid change in external markets. Therefore, it is vital that CIOs begin considering how they will operate in a cloud environment. To meet this challenge, IT directors must take a fresh approach to their IT architecture, moving away from todays static, internal, centralized architecture. Adopting SOA will enable IT directors to address todays critical challenges, while at the same time provide a solid foundation for enterprises to adopt cloud for tomorrow. Cloud Platform - Platform as a service: Platform offerings provide an infrastructure for developing and operating web-based software applications. Examples include facilities for application design, application development, testing, deployment, and hosting, as well as application services such as team collaboration, security, application visioning and application instrumentation. Developer teams frequently work together through their browsers to leverage the virtual cloud platform. Virtual server running in the cloud can include web server, applications server and database engine. For some offer-ings, application programming interfaces (APIs) are provided to pre-defined network-based functions. ProgrammableWeb.com lists over 600 APIs on the Internet in 2008, with Google Maps,

Flickr, Amazon, and YouTube capturing the greatest market share of calls.5 Platform offerings are generally assumed to be a part of a multi-tenant architecture in which many unrelated organizations may be supported by the same platform infrastructure. Platforms can scale by adding processing and storage resources to dynamically support growth in the operational demands for a particular customers web application. An example of a platform offering is Force.com, which began as a software application provider supporting SalesForce.com. APIs and development tools to support the Sales Force application became more general platform tools for any customer offering Internet-based software.

Cloud Services - Components as service: This layer of the cloud computing stack includes the definition of software components, run in a distributed fashion, across the commercial Internet. This definition is most like SOA, which is discussed below, with defined service interfaces as a basis for system-to-system integration. Cloud Applications - Software as a service (SaaS): This definition relies on the cloud for access to what would traditionally be local desktop software.6 For example, Adobes Photoshop, a pro-gram to manipulate images, was distributed to end users on disks for many years. Today, you still can install a version of Photoshop from an installation disk, or you can go to a completely online version of an analogous application, entitled Express.7 In the online Express, you can upload your images into a hosted file area and work on the images with the same filters and capabilities that were found in the traditional software version. Express is an example of SaaS, though this is not the only form SaaS can take. For example, Google provides web applications, such as Gmail, Google Calendar, Talk, Docs, and Sites, with functionality similar to traditional office suites. One advantage of this approach is that the application can be continuously updated by the application provider without issuing and shipping new installation disks. Each time the user logs in to the site, the user will get the latest version of the application. The application provider is also offering a very scalable web application using multi-tiered web architecture, implemented on a considerable infrastructure. Disadvantages include the complete dependence on the underlying network to access the application. When the network is down, the user cannot do any work with the network-based application. In contrast, the desktop version of the software does not require network connectivity for productive work.

Considerations with cloud Computing: Cloud computing brings with it a number of key benefits and risks that should be examined by any senior leadership team considering a realignment of its enterprise computing IT portfolio. Outsourcing to cloud providers: Commercial cloud computing effectively outsources portions of the IT stack ranging from hardware through applications, to cloud providers. Cloud computing allows a consumer to benefit by incrementally leveraging a more significant capital investment made by a provider. The consumers also benefit significantly by being able to dynamically scale their demand of the cloud services

Dependence on the network: Cloud computing is fundamentally dependent on the network to connect the offer or with the consumer. For those who have redundant network connections with robust bandwidth this will not be an issue, but for those who dont, serious consideration should be given concerning singular dependence on network-based offerings, and how business continues when the network is unavailable or unreliable. Choosing the right network, suitable to the cloud is always important.

Dependence on specific cloud providers (lock-in): Vendor lock-in is a risk with the current maturity of cloud computing. Vendor neutrality is often best achieved by utilizing industry or open standards, but these standards are currently evolving for several layers of the stack.

Contracts and service-level agreements (SLAs): Cloud offerings are defined with a discrete inter-face and performance expectation. This agreement can be captured in an SLA between the provider and consumer, and this document can be made a part of the contractual relationship between the two. IA: Commercial cloud providers will have security solutions that meet the needs, risk profiles, and cost models of their commercial customers. These security solutions will not always be appropriate for Federal needs. Part of the benefit of cloud computing as a consumer is being able to abstract away the details of how a platform or service is provided. Federal consumers may often need a clear understanding of (and need to specify the characteristics of) what is occur-ring inside the black box of a cloud offering to ensure secure operations. Cloud and SOA: Cloud provides almost infinite flexible and scalable external computing and processing services that not only offer significant cost benefits, but also provide the ability to connect with customers, partners and suppliers like never before. However, without Service-Oriented Architecture (SOA), organizations will find it almost impossible to reach the cloud. SOA, a flexible, modular approach to delivering IT services, is an essential foundation for emerging technologies like cloud. Plus, SOA provides significant advantages over current IT architectures. While it lowers costs, its primary benefit is the improvement in agility that it provides to organizations, enabling them to respond to the increasing rate of change occurring in nearly every business around the world. The way organizations do business is changing at a rapid pace. In the 21st Century, organizations no longer operate in a fixed, predictable environment. Moreover, in this constantly changing landscape, the role of IT is changing as well. Yes, IT must support the business without IT, no modern organization can hire a worker, receive parts from a supplier, ship a product or interact with a partner. But more and more, IT must provide services that are an integral part of an organizations business model. Thus, IT must enable rapid change and flexible relationships with customers, suppliers and partners. The very real risk for todays organization is that while business and technical drivers will increase its need for SOA and cloud services, the organization will have failed to put in place the processes and procedures to confidently move to these new approaches and to benefit from those changes. This is precisely the problem faced by organizations that did not anticipate the step-change heralded by PCs and the client/server architecture. In allowing individuals to use PCs independently, IT departments missed the shift to a new IT architecture and had to invest

millions to retrace their steps and introduce standardized systems.

Acting strategically even in the short term: SOA is an excellent approach to building and deploying mission-critical applications. Its benefits of increased agility and decreased costs are already being achieved by companies around the world, and it will clearly become the dominant architecture for new business applications. Because of this, adopting SOA today will improve the way an IT organization is able to deliver now and in the future. If an organization is interested in cloud, and Capgemini and HP believe that all organizations will inevitably choose to utilize the cloud, SOA is especially important. The best and perhaps the only way to prepare an organization to successfully exploit the cloud is to transform its internal IT infrastructure to utilize SOA. There are five key reasons for this: 1. Accessibility: The cloud is accessible through a SOA interface. All services are invoked using the protocols and standards that SOA utilizes. This has already been seen in the initial deployments of cloud they are all delivered as standard SOA services. 2. Visibility: There are already thousands of different services that are available through the cloud, and the number grows every day. This is good news, because it becomes more likely that the process an organization wants to deploy already has a service written and available through the cloud. However, with so many services, how does an organization find the one it needs? Organizations using SOA have already encountered this issue and addressed it. In a well governed new tools and techniques and are utilized to find the group of potential service and then to determine which one closely meets the companys needs. 3. Extensibility: It is great to be able to find services in the cloud and be able to access them, but there will be many cases where an organization cannot find a service that exactly meets its needs. It may need to put multiple services together, and from time-to-time it will certainly need to modify the operation of a service. How will that be possible? Cloud services can be modified and customized using SOA techniques; so organizations will want to utilize the same architecture in their in-house IT systems. 4. Matching expectations: One of the most intricate parts of working with the cloud in any significant manner is ensuring that the service is provided in a way that matches the expectation of the user. Two common questions illustrate the point: When is the service available? What type of response time does the service deliver? It is critical that both sides understand and agree upon the answers to these and many more questions: What is the escalation procedure if there is an issue with the service? What is the change process? What is the enhancement request process? How frequently can the service be called? How much data can the service accept? Even, how much does the service cost? If there is a misunderstanding between the two parties on any of these questions, the relationship will likely be rocky at best. Again, SOA has already dealt with this issue, with the concept of contracts agreements that specify the responsibilities of each party. When an organization uses the cloud, everyone in IT should know how to work with contracts, and the best way to create this knowledge is by using SOA as the internal architecture in addition to the interface to the cloud. 5. Adherence to standards Since services delivered through the cloud will use SOA, it is important that a companys applications follow all standards that the cloud service will expect. How does the enterprise ensure that all its services meet these standards and even industry-wide best practices? Policy enforcement is used within a SOA to automatically ensure that standards and best

practices are followed by all of the services accessing the cloud; so again, it is important that a company utilizes SOA in its organization. And if the organization has standards that need to be followed, for example concerning data access security, policy enforcement can be critically important. SOA-Driven Project Management: This part focuses on how service orientation can support project management without inventing an entirely new project management methodology. Naturally, the level to which SOA elements should be included in project management depends strongly on the expansion stage of the SOA an organization that is already further down the road in terms of rolling out the SOA will in some cases be able to benefit more from these concepts. However, even in the early stages, an organization can benefit greatly from the concepts outlined here.

OA-driven program and project management contributes to the coordination of business and IT projects. It also enables a stepwise extension of the business infrastructure (deployed services) and the technical infrastructure (service bus):

Different levels of granularity of software artefacts at development time and runtime:

Another factor plays an important role in enterprise-level software project management: Enterprise-level applications almost always have to be synchronized not only during development time, but also during their lifetime in a production environment. Introducing a new release of a sub-system into a production environment must not have a negative impact on the other sub-systems. This means that we not only have to ensure that the technical interfaces (service contracts) between the different components in the production system are in synch, but also that data and expected behavior are compatible. For example, the restructuring of a naming service will not change and interface definitions but will require changing the configuration of those clients that have been configured to use the old structure. Coordinating the runtime compatibility of different sub-systems is a hugely complex task. Again, services are ideally suited for managing runtime synchronization of sub-systems. As depicted in the figure above, development time services match to service instances at runtime. As we can also see in this figure, services present something like the top-level abstraction layer for development time artefacts, as well as the bottom-level abstraction layer for runtime artefacts. This makes services ideally suited for managing the difficult region between development time and runtime synchronization. Figure below shows how service contracts (managed in a shared, centralized service repository) can support an SOA board by providing the backbone for coordinating multiple projects on the program level (or, alternatively, coordinating multiple sub-projects on the project level). The SOA board utilizes service contracts in order to coordinate multiple projects:

Vertical versus Horizontal Slicing: Most enterprise applications can be decomposed using two different approaches, based on either vertical or horizontal slicing. A horizontal slice of a system usually presents a particular technical tier, such as the user interface, presentation layer, business logic, middleware, data management, and so forth. Vertical slices, on the other hand, represent specific business use cases, such as open account in a banking Web portal. Sometimes, large projects are structured in a way where different teams are responsible for specific horizontal slices of the system for example, one team does all the Web forms and graphics, one team does the complete database schema, one team does the business logic, etc. This can often lead to large integration overheads because each team is focusing only on its own specific layer, and there is a general lack of people with a good overview of the

relationship between the different horizontal slices. Problems during development are potentially discovered only very late in the development cycle, usually the moment when large pieces of work that have been executed in isolation within each horizontal layer need to be integrated.

Thin Thread Model: The "thin thread" development and project management model is essentially an application of the Iterative Application Development (IAD) approach, as described, for example, in the rational unified process. The "thin thread" approach is specifically suited for IAD in the context of Service-Oriented Architectures. A thread represents a vertical slice through the system, including an end-to-end implementation of a particular piece of application logic, going from application frontend all the way down to the database. The basic idea of the "thin thread" approach is to start with a very thin slice (or thread), which might, for example, only comprise the functionality of capturing a single string value in the application frontend, processing this information in the middle-tier, and writing it into the database. In the next phase, the thread might be "thickened" by adding end-to-end functionality for retrieving the string value from the database and displaying it in the application frontend. In a further iteration, a more complex data structure (e.g., a customer record) might be handled in a similar way, and so on. As the project continues, additional threads can be launched.

Very often, the initial version of a thread might match an individual operation of a more complex service, and the final iteration of the thread represents the full-blown service.

Most likely, the first iteration of a thread (especially if it is the first one in a new project) will be slow. Problems will arise in the initial setup of the system (including session management, transaction handling, middleware, data access, etc.) and in the development process, deployment, testing, performance, etc. The next iteration will be considerably faster, though, because all end-to-end problems will have been addressed in the first iteration. After the first couple of threads have been tried and tested, a more aggressive rollout of threads can start. Use SOA as the Basis for Divide & Conquer Strategies: In addition to the "vertical slicing" of the thin thread approach, you often need to further decompose tasks, especially in phases where the initially "thin" threads start to "thicken" that is, a richer set of functionality is associated with the individual threads under development. In this case, it can often make sense to further decompose development tasks (i.e., threads) into "horizontal" slices. However, notice that this should always be the second step after the initial "vertical" slicing. As depicted in Figure, service contracts can help with the synchronization of this horizontal subdivision. We discussed earlier that the biggest problem with a horizontal slicing approach is the integration of the individual horizontal slices. In order to address this issue, service contracts should be leveraged as the key sync point between the individual slices, such as the application frontend and backend services. Service definitions are a result of the joint analysis and planning activities, which involve both sides of the service contract. The jointly agreed upon service contract should be approved by the SOA board and captured in the central, shared service repository. Based on the initial service contract (or its next iteration), both sides can now independently start development and testing of their respective parts (frontend or backend). Automatically generated test frontends and backends are an essential support tool for facilitating this divide-and-conquer approach. Only after the different sides of the service contract have reached a reasonable level of stability should they be deployed in a shared test environment, in which they can be integrated and tested further.

Conclusion: Using SOA with cloud technology, a very efficient and easy way of storing data wirelessly can be implemented and at the same time making it interoperable, reliable, secure and available at any time from internet.

References:

1. Capgemini Standpint. The way we see it, in collaboration with HP. The cloud with SOA (2010). 2. System Engineering at MTIRE. Cloud Computing with SOA. 3. Thomas Erl- Service Oriented Architecture: Concepts, Technology and Design (2005). 4. Dirk Krafzig, Karl Banke, Dirk Slama, Enterprse, SOA: Service Oriented Architecture best practices (2005).