CBDI Service Oriented Architecture Practice Portal *Independent Guidance for Service Architecture and Engineering*
	Search:

CBDi Journal 2007 / March : SOA Best Practice Report

This report has been rated by Forum Members
on a scale of 1 to 5 as 5.0 :

The Architecture Component of the SAE™ Reference Framework for SOA

There is no “one size fits all” methodology, ours or anyone else’s, and so best practice in method development calls for incorporation of a framework of artifacts, tools and techniques that can be tailored to the nuances of each organization that wants to implement the methodology. However, most popular methods don’t tend to focus on the needs of service lifecycle instead covering a broad but typically less focused method landscape. CBDI’s SAE™ Reference Framework is built to remedy that problem by highlighting aspects of methodology such as process, techniques and artifacts needed to embrace SOA concepts in a structured manner. This article provides an introduction to the Architecture component of the Reference Framework and the rationale that went into its creation.

By John Butler

Introduction

The SAE Reference Framework is designed to provide a comprehensive framework of all the components necessary to support the migration to and subsequent upkeep of a service oriented enterprise. It addresses the three primary perspectives necessary for capturing methodology - Organization, Process, and Architecture of the Artifacts. These perspectives are built upon a firm “foundation” Model that provides the language and principles of SOA. By tailoring these aspects to the development organization’s needs, a clear target mode of operation can be established to drive the SOA adoption cycle.

The RF Model Component – Language of the Framework

In order build up a Reference Framework that addresses Organization, Process and Architecture a firm foundation of language and principles must be established to ensure that everyone is on the same page. The Model component plays this role within the SAE™ Reference Framework and comprises four main parts: SOA Metamodel, SOA Principles, Glossary, and Service Lifecycle.

The details of these are outside the scope of this article but suffice it to say that these parts define the underlying SOA concepts and their interrelationships: these form the language that is used to describe the rest of the Reference Framework. In particular, the Architecture component makes extensive use of the SOA Metamodel as the language used to describe the various views and other elements introduced below. CBDI first published this metamodel in 2006¹ and continues to refine it based on feedback from CBDI members and standards efforts that are underway² .

Likewise, the SOA Principles established in the Model component of the Reference Framework provide the guide for the layout of the Architecture component, both Views and the Best Practices captured there in.

The Reference Framework Triad – Organization, Process and Architecture

The other three main components of the Reference Framework are Organization, Process, and Architecture. These three parts form a triad that describe key aspects of any methodology framework. The Process component of the Reference Framework published in the February 2007 CBDI Journal³ describes a structure of business processes or activities that a service provisioning organization should follow in order to successfully analyze, plan, design, provision, and run services. The Organization component describes the roles and responsibilities, project profiles, and funding models recommended in order to successfully support the service lifecycle. Finally, the Architecture component, the topic of this article, provides the detailed description of the various views, models and other elements used and created during the execution of the method and how they relate to one another.

Figure 1 – CBDI-SAE™ SOA Reference Framework

Views – “Slices” of the Service Oriented Enterprise

One of the defining characteristics of any methodology is the structure used to capture the relevant aspects or perspectives of a system, whatever system that may be – business, information system, hardware, or what have you. The CBDI-SAE™ Reference Framework includes five views – Business, Specification, Implementation, Deployment, and Technology. These views comprise a consistent level of abstraction for deliverable artifacts that relate to distinct set of stakeholders. This provides an effective mechanism for grouping related SOA best practices based on a particular part of the enterprise under study. Each View defines and clusters together the standards, patterns, techniques, deliverables, models and policies that apply to appropriate View as illustrated in Figure 2.

Figure 2 – Architecture Component of the SAE Reference Framework

Table 1 and Figure 3 provide a first level of detail on each of the five Views highlighting:

The primary stakeholder roles involved in each level of abstraction
The mapping to layers commonly used in enterprise architecture.
The purpose of each View.
Sample artifacts
Key perspectives of each layer – the essence of the methodology – showing how the service architecture manages the relationship between conceptual, logical and physical perspectives.

Note: some architecture frameworks break data out as a separate layer however, the Reference Framework captures this within a number of artifacts that reside in the Business, Specification and Implementation views.)

View	Purpose	Primary Role(s)	Enterprise “Layer”
Business	To understand and analyze business needs and how the business operates in terms of goals and objectives, organizational structure, processes, information, etc.	Business Architect	Business
Specification	To plan and specify software services from a platform independent perspective. It provides a means of thinking in depth about logical services and their interrelationships.	Service Architect	Software
Implementation	To package services into automation units, identify dependencies between the automation units, and to determine the implementation constraints that will govern the internal design and deployment of these units.	Service Architect, Software Designer	Software
Deployment	To explore alternative and finally capture deployment choices for run time services. To map implementation view services to deployment units and to construct an optimum configuration on the computing infrastructure.	Infrastructure Architect, Operations Mgt	Software/ Infrastructure
Technology	To ensure technologies are in place to enable the service lifecycle at all levels – from planning through specification, design and execution to retirement.	Infrastructure Architect, Operations Mgt	Infrastructure

Table 1 – SOA View Descriptions

Figure 3 – Sample Artifacts and Service Perspectives by View of the SAE Reference Framework Architecture Component

Note Figure 3 depicts only key artifacts of the RF Architecture component by Views. It is not intended to be a complete picture of all the artifacts that would be involved in developing a SOA or a software solution based on services; for example there are many existing models (such as logical data models and business process models) that will also come into play. The February journal article gives a more complete picture of the deliverables involved. In addition we have concentrated here on specifically service oriented artifacts.

The Business View

To fully understand the requirements of software systems and the services that they comprise, we need to understand the business context within which they operate. The Business View provides this context. Further, analysis of business objectives and processes from a “services perspective” often provides a significant return on investment to the business in and of itself for many of the same reasons a service perspective improves software. It decouples the “what” from the “how” allowing flexibility in the implementation in terms of business processes, whether internal or outsourced. Goals and objectives of the business can be more easily connected with the services the organization provides.

The Business View includes a number of key artifacts and models used to capture and analyze important aspects of the business. These artifacts and models are captured in Table 2.

Key Artifact	Focus	Typical Format
Ecosystem/Business Context Model (Part of SO Business Model)	Products or Services offered by a Business or Organizational Unit and the use of those products or services by their customers and suppliers.	BPMN diagrams, UML models including structure diagrams (e.g., package, class, component), behavior diagrams (e.g., Activity or Interaction Diagrams) other proprietary formats
Business Goals (Part of SO Business Model)	High-level goals of the business and the sub-goals they comprise.	UML Object Diagram, other proprietary formats such as Hierarchy Diagram
Event Response (Part of SO Business Model)	Major business events and the organization’s response to them.	BPMN Diagrams, UML State or Activity Diagrams, other proprietary formats
Business Process (Part of SO Business Model)	Business processes that realize the services offered by the business.	BPMN Diagrams, UML Activity Diagrams, other proprietary formats
Business Rules	A statement that constrains how the business operates.	A textual table. More formal rule models use UML Class Diagrams with Constraints (in text or in OCL (Object Constraint Language)) or other proprietary formats
Business Type Model (Part of SO Business Model)	High-level information entities that are important at a business level.	UML Class Diagrams, ERDs, other proprietary formats
Organizational Structure (Often part of SO Business Model)	Organizational units and roles therein that comprise a business or enterprise.	Organizational Charts, UML Object Diagrams, other proprietary formats
Business Case for SOA	Justification for migrating to SOA. Key influence over SOA approach and architecture policy. E.g forecast cost and cycle time of delivery and adaptation by class of component and service	Textual documents and spreadsheets
SO Business Improvement Plan	Plan for improving business operations by incorporating services Key driver of architecture decisions that enable agility E.g forecast change cycle time for classes of components and services	Textual documents, project schedules, and spreadsheets
Business Solution Requirements	Solution requirements from a business perspective	Textual documents and requirements models
SO Business Plan	Overall plan for moving the business forward including SO perspectives	Composite artifact including SO Business Models, Business Case for SOA, and Business Solution Requirements
SO Security Policies (part of SO Security Architecture)	Detailed business rules and policies concerning security	Textual document(s)

Table 2 – Key Business View Artifacts

The Business View also includes other best practices such as policies, patterns, and techniques that provide guidance as to how to capture knowledge about the business. Table 8 includes sample best practices in these areas.

This list of artifacts and models may seem daunting to the neophyte modeler/architect but remember that not all are strictly necessarily. Each project team that uses the Reference Framework will tailor it to their needs using or ignoring artifacts and models as they see fit in order to analyze and address the concerns that they find important. The key is to know how and why to use each one – its pros and cons.

For models the question of notation or “language” comes into play. While business modelers have not found the same level of convergence in terms of modeling language as software modelers have with UML™, there are still aspects that are generally agreed upon such as Organization, Business Process, Policy, Business Objective, Business Rule, and Business Entity. Everware-CBDI has included these salient concepts in our SOA Metamodel⁴ and standards from OMG such as Business Process Modeling Notation (BPMN), Semantics of Business Vocabulary and Rules (SBVR) and (hopefully) soon to be approved Business Process Definition Metamodel (BPDM) are a big step in the right direction. Often, multiple languages are used to capture business architectures – swimlane diagrams for business processes, entity relationship diagrams (ERD) for business information models, org charts for organizational structure, and various proprietary notations from tool vendors. UML is increasingly being used to capture business models though some believe it to be too complex for business users to understand. Again, selection of the appropriate language and tools is part of the tailoring process.

Specification View

The Specification View comprises the artifacts and models required by architects to specify the functional and non-functional requirements of software solutions and services as well as the architectural dependencies between them. This view is meant to be independent of any particular platform such as an application server, operating system or even Enterprise Service Bus (ESB). The idea is to capture how services behave, allow for refactoring of that behaviour into appropriate “chunks” in order to optimize for reuse and other characteristics that are independent of any particular technology. That said, it may very well be that the choice of deployment platform has already been made and that the services will be required to be implemented on that platform. However, technology churn takes place on different cycles than business requirements and so providing a mechanism for separating these concerns is critical to maintainability of the service architecture.

The primary diagrams of the Specification View is the Service Dependency diagram (part of the Service Specification Architecture) that shows the layers of the Service Architecture, the services in each layer and the dependencies between them (See Figure 4). As shown in the figure, service domains can also be shown in this view.

Figure 4 – Service Specification Architecture – Layering and Dependency

The actual diagrams captured will depend on the needs of the architects creating or specifying the services and other stakeholders that will use them. Some organizations capture very detailed structural and behavioral views at the specification level that are used to drive the implementation and deployment design processes down the road. Other organizations only use the dependency diagram for high level organization and portfolio planning.

Typical artifacts and models that are captured as part of the Specification View are described in Table 3 below.

Key Artifact	Focus	Typical Format
Service Specification Architecture	Complete logical model of the software services and their relationships to solutions, legacy applications and other 3rd party applications.	UML Model including structural diagrams (e.g., package, class, component) and behavioral diagrams (e.g., communication, sequence, state).
Service Dependency Diagram (part of Service Specification Model)	Architectural layers at a logical level and the structural relationships between the services in these layers.	UML Package and Class Diagrams
Service Orchestration Diagram (part of Service Specification Architecture)	Interactions between services that collaborate to provide services at a higher level.	UML Interaction Diagrams (Communication and/or Sequence Diagrams)
Service Information Model (part of Service Specification)	Structure of the information used by services at a logical level.	UML Class Diagrams or ERD Diagrams
Service Description	Overview of a service	Textual document
Service Specification	Detailed specification of a particular service including both functional and non-functional requirements	Textual document and UML models
SO Security Specifications (part of SO Security Architecture)	Specifications for security services/mechanisms and how they are used by other services in the architecture	Textual documents and UML models

Table 3 – Key Specification View Artifacts

Now the question is how we relate the elements captured in the Specification View back to the Business Model. As stated above, the Business View provides the context and requirements for solutions built using services captured in the Specification View. In order to convince ourselves that each requirement from the Business View has been adequately addressed we need to capture the traceability from elements in the Specification View back to the elements in the Business View.

A detailed discussion of how traceability is achieved is beyond the scope of this article but at a high level this traceability might be done as follows:

Business Processes are captured in terms of activity diagrams that include swimlanes representing logical business roles.
The business roles that are currently or will be automated in software are identified.
These automated business roles become solutions or services in the Specification Model.
Lines that cross the swimlane boundaries of automated roles become operations or messages that trigger the activities within the swimlane.
These activities are the requirements of the solutions or services captured in the Specification View.

Capturing the traceability can take a variety of forms. One mechanism is to use a tool like Rational’s RequisitePro to maintain a table of business requirements and the elements from the Specification View that address them. Another mechanism is to create a diagram within the modeling tool that shows the dependency of the Specification View elements to the Business View elements.

Implementation View

Once the Specification View is complete or at least beginning to stabilize depending on the process patterns chosen by the development organization, a model that maps the logical specification onto automation units (things that package or will actually be realized in code) should be created. The mapping may be as simple as one automation unit per logical service or as complex as mapping several logical services into some other number of automation units. Further, the services might be (and often are) provided by legacy applications whose software architecture is very complex and not well understood. In situations such as this, one large automation unit might implement many services.

The primary artifact of the Implementation View is the Service Implementation Architecture that captures the structure of the Automation Units that implement the services identified in the Service Specification Architecture. Figure 5 shows an example Automation Unit Dependency Diagram of the Service Implementation Architecture.

Figure 5 – Sample Automation Unit Dependency Diagram (part of Service Implementation Architecture)

Again, the Implementation View may contain a number of artifacts and models depending on the needs of the project. Table 4 describes key artifacts and models contained in the Implementation View.

Key Artifact	Focus	Typical Format
Service Implementation Architecture	Structure of Automation Units and software modules that realize logic services	UML model containing structural diagrams (e.g., package, component and class) and behavioral diagrams (e.g., communication and sequence)
Solution Implementation Design	Structure and orchestration of services that comprise composite applications	UML model containing package, class and/or component diagrams
Physical Data Model (often part of the Service Implementation Architecture)	Physical structure of the data used by the service or set of services	UML model containing package and class diagrams
Service Message Structure (often part of the Service Implementation Architecture)	Structure of messages transferred back and forth during service interactions	UML model containing package and class diagrams
Service Message Patterns (often part of the Service Implementation Architecture)	Typical patterns of messages exchanged during service interactions	UML interaction diagrams (communication and/or sequence diagrams)
Automation Unit Description	Overview description of a particular Automation Unit	Textual document
Automation Unit Specification	Detailed Specification of an Automation Unit	Textual document and UML models
Solution Implementation	Actual software that implements a solution	Source code
Service Implementation	Actual software that implements a service	Source code

Table 4 – Key Implementation View Artifacts

The models of the Implementation View are typically captured using UML diagrams. The Service Implementation Architecture is typically captured as one or more component diagrams showing the Automation Units and the relationships between them.

As with traceability between the Specification View and the Business View, capturing traceability between the Implementation View and the Specification View can take a number of forms. Traceability Matrices in tools such as RequisitePro are often used as well as UML Class diagrams that include elements from the Implementation View and elements from the Specification View with Dependency relationships between them. This traceability is crucial in order to be able to map all the way from business requirements to the actual code that supports them.

As for the actual mechanism for providing traceability, Everware-CBDI recommends mapping the Specification of the logical Service in the Specification View to the Provided Capabilities of the Automation Units in the Implementation View. Since there isn’t necessarily a one-to-one relationship between Services and Automation Units, not all of the operations of a Service will be found on Provided Capabilities of an Automation Unit. In these cases the Service can be traced to the Automation Unit in general.

Deployment View

We’ve now seen how the Specification and Implementation Views of the solution “layer” of an enterprise work together to separate the logical design of the solutions and services from the implementation design. This is very compatible with Model Driven Architecture™⁵ and allows us to separate the logical functionality required of services from the physical packaging and technology thereof. The last piece in this puzzle is the allocation of the service packages or Automation Units to platforms or Nodes on the network (see the Technology View below). This mapping is the focus of the Deployment View and represents a key piece in the methodology puzzle for several reasons. First, it provides the mapping of Automation Units onto Nodes or Service Platforms allowing service or solution architects to communicate with infrastructure architects about how services will run in the production environment. This ensures that services required for runtime will be available on the platforms that will run the Automation Units.

Second, it provides a mechanism for these same service and infrastructure architects to analyze the processing and bandwidth capacity required for each segment of the infrastructure. Often, this type of analysis is left until the last minute or disregarded altogether. The result is generally slow response time and subsequent stakeholder dissatisfaction. Table 5 describes key artifacts and models of the Deployment View.

Key Artifact	Focus	Typical Format
Service Deployment Architecture	Static structure and interactions of the Automation Units and their deployment to the Nodes on which they will run	UML model containing deployment diagrams
Runtime Communication Channels (part of the Service Deployment Architecture	Communications Channels between the Nodes on which the Automation Units run	UML model containing deployment diagrams
Service Platform Design Specification (for example ESB)	Detailed specification of the Service Platform including the infrastructure services provided by the platform	Textual document and UML models

Table 5 – Key Deployment View Artifacts

Ensuring traceability at the Deployment level is relatively easy thing to do since the Deployment View typically includes the Automation Units that come from the Implementation View. This provides direct traceability without any additional work. Alternatively, one might forego creating detailed deployment diagrams and opt for a matrix that shows which Automation Units are deployed to which Nodes or Execution Environments.

Technology View

The Technology View is last piece in the overall enterprise layering. The purpose of this view is to nail down exactly what the network will look like, policies that will govern service operations and to ensure that the technology base required by the services running in the production environment have all the pieces they require.

Table 6 provides a list of the key artifacts and models contained in the Technology View.

Key Artifact	Focus	Typical Format
Logical Network and Platform Services Design Model	Logical network layout including processing nodes and network nodes, as well as communication channels between them and the services that run thereon.	UML models containing class and object diagrams, UML deployment diagrams
Technology Dependency	Dependencies between technologies used to implement the SOA	Textual documents, UML models containing class diagrams (showing dependencies), or other proprietary formats
Physical Network Design (part of the Logical Network and Platform Services Design Model)	Physical layout of the network	Network diagrams in Visio or other proprietary notations, UML models containing class and object diagrams

Table 6 – Key Technology View Artifacts

Traceability between elements in the Technology View and elements in the Deployment View is often navigated in a direction backward from that of the other layers. For instance, deployments of Automation Units in the service Deployment View need to be traced back to Automation Units in the Service Implementation View. Provisioned Capabilities of Automation Units need to be traced back to Service Interfaces or Operations in the Specification View. Services in the Specification View need to be traced back to roles in Business Process Models. All of these examples go “up” through the Views. Infrastructure-Deployment traceability could go in either direction. The only time the service architect is allowed to directly drive the runtime infrastructure is when the project is dealing with a “green field” situation. This might happen when an organization is first being spun up or when there is a planned migration to SOA from a legacy environment that in no way supports SOA. In this situation traceability might run from the Infrastructure View elements to the Deployment View elements.

In the vast majority of situations, however, the infrastructure already exists and must be used with relatively little modification. In these situations, the traceability is navigated from the Deployment View elements to the Infrastructure View elements to ensure that the deployed Automation Units can run on the existing infrastructure.

Multi-View Artifacts

The reader may have noticed in reading the above sections that several of the key artifacts/deliverables described in last month’s article on the SO Process and shown in Figure 3 above are conspicuously missing from the Key Artifact tables. This is due to the fact that these artifacts cover a broad range of issues and act to pull together aspects of a number of layers into one place. Table 7 below provides a list of key multi-view artifacts.

Note: For a comprehensive list of the Deliverables created as part of the SAE Reference Framework please see the February journal article on The SO Process.

Key Artifact	Focus	Typical Format
SO Security Architecture	Comprehensive artifact that captures all policies, procedures and architectural elements related to security	Textual document(s) and UML models.
Service Portfolio Plan	Complete plan used to identify, describe, group and schedule the implementation of services by business domain	Textual document and UML models
Solution Specification	Details specifications for a particular hardware/software solution	Textual document and UML models
Service Catalog	Comprehensive list of Services	Textual document or registry
Service Level Agreement	Contract describing services that a provider will provide and the metrics for ensuring that it is being provided satisfactorily	Textual document

Table 7 – Key Multi-View Artifacts

Best Practices – The Methodology “Toolbox”

Best practices are the tools recommended for use in capturing the various aspects of the Business, Specification, Implementation, Deployment and Technology Views. The Reference Framework groups best practices by type – Standard, Pattern, Technique, Deliverable, Model, or Policy. Attention should be paid to each one of these types when tailoring the Reference Framework to your organization so that all aspects of the Framework are evaluated. Not all practices need to be incorporated into a particular tailoring of the Framework. However, the choice to exclude a particular practice should be a conscious one. Table 8 provides a description of each Best Practice type along with examples.

Type	Description	Examples
Standards	Guidelines or requirements for a particular aspect of the service lifecycle.	UML 2.1 for Service Analysis and Design, All Services will be published in WSDL 1.1 Service behavior (asynchronous document style, RPC) Delivery technologies per layer (e.g Process and Capability Services use Web Services, all other classes of service use SCA) Infrastructure services (e.g logging, monitoring, diagnostics, security etc)
Patterns	A structured description of generic problem and a recommended solution, thus representing reusable best practice knowledge	Business Service Architecture (BSA) Layering Pattern Service concurrency patterns Data access patterns Agility enabling patterns (e.g differentiated service, tagged values - aka key value pairs, generic domain service, event subscription, service switching, façade, etc) Automation Unit design
Techniques	A special procedure for performing a task, or group of tasks	Gap Analysis Business Type Modeling Dependency Analysis Capability decomposition Event Analysis Canonical Data Modeling Identifying Services Service Information Modeling Modeling Legacy Applications for Service Integration
Deliverables	A special type of artifact which a project is responsible for producing (see glossary for full definition). A deliverable may (or may not) consist of a model (or set of models)	Service Description Service Specification Service Portfolio Plan Automation Unit Specification Service Catalog
Models	An abstract depiction of a problem or solution. In the context of SAE, a model must contain objects defined by the SAE meta model; e.g Business Type Model. A model can optionally also be a deliverable.	Business Process Model Event Model Business Type Model Service Specification Dependency Diagram Service Information Model
Policy	Strategies, rules and guidelines that govern a range of SAE related concerns, from service oriented business modeling to SOA technology infrastructure;	Service Classification and Layering Service Dependency Change Management Service Lifecycle Service Certification Service sourcing

Table 8 – Best Practice Areas

Concluding Remarks

The Architecture component of the SAE™ Reference Framework is been structured into Views and Best Practices in order to support a number of key architectural principles. Perhaps the most critical of these principles is separation of concerns. By dividing the structure into Views, architects can separate business concerns from software concerns, logical concerns from technology concerns and so on. This separation, in addition to allowing the architect to focus on a particular concern without having to remember all the others, also improves the maintainability by “chunking” the architecture into manageable pieces.

The structure is also complementary with industry trends such as the Object Management Group’s (OMG) Model Driven Architecture™ (MDA) and the more general model driven development (MDD). By incorporating detailed models at each level supported by rigorous traceability, organizations are able to capture and maintain detailed models of their service architecture and analyze the impact of changes to that architecture in either direction up or down the enterprise “layers” (e.g., business, specification, technology, etc.). As model generation technology evolves, users of the Reference Framework will be able to more easily incorporate these tools and techniques into their methodology as appropriate since the models are already there.

Organizations will have differing needs for an SOA reference framework. The framework will need to integrate with existing architecture practices, techniques and tooling where they exist. We expect variation in modeling languages/notations used (UML, BPMN) and customization of modeling techniques, policy sets, patterns and standards.
Adoption of a reference framework is also an evolutionary process. Techniques, and particularly patterns and policies will evolve with SOA maturity. In the early stages many policies will probably be advisory; but with more experience they may well become strongly recommended or mandatory.

The term framework is used advisedly – it is provided as a basis for customization and specialization. Also in developing the SAE SOA Framework we are very aware that many architects will already have established some form of framework, often using ideas from one or more sources such as Zachman, TOGAF, EA etc. We will follow-up this report with a mapping to a number of the widely used frameworks.

Everware-CBDi is actively evolving the Reference Framework Architecture together with the Model, Process and Organization components. This will be documented in the SAETM Knowledgebase. Readers’ views, experience and feedback would be greatly appreciated.