Sorting SOA fact from fiction

7 truths about service-oriented architecture that savvy leaders can take to the bank.

With the exception of the World Wide Web’s ascent a decade ago, few recent technology movements have received as much attention as service-oriented architecture.If you use SOA to create and manage lean software applications of well-defined work processes, you’ll finally have the tools to glue together disparate systems into a collaborative whole, proponents say. They add that SOA is a way to assemble services into agile composite applications that help complex organizations turn on a dime. Its other benefits include writing code once and using it in multiple applications, extending the life of older programs and re-orchestrating business processes for greater efficiency.To the wary, SOA sounds like the latest silver bullet that never quite lives up to the promises. “It’s a bit like pixie dust  — just rub some on and the results are marvelous,” said David Sprott, chief executive officer of Everware-CBDI, a research and consulting firm. The reality is less magical, he added, because by definition SOA addresses information technology architectures. “Nothing that’s architectural in nature is going to be an instant fix,” Sprott said.Where do SOA’s benefits end and pixie dust sparkle begin? We examine seven widely held assumptions about SOA to gauge how closely the dream matches reality. In Arkansas, SOA hype is breeding caution. “We don’t even want to use that term ‘SOA’ because of the baggage it brings,” said Drew Mashburn, the state’s chief enterprise architect. Thus far, the state is still investigating the technology and has yet to begin a large-scale implementation, he added.According to estimates by market research company Gartner, Arkansas isn’t unique. Although interest in SOA is high, only about 12 percent of organizations say SOA will attract a lion’s share of their application development efforts this year. “If I ask an audience of 300 people how many use Web services, every hand goes up,” said Burr Sutter, senior product manager at the JBoss division of open-source software vendor Red Hat. Web services are industry standards for building interoperable applications that are closely associated with SOA. “If I then ask how many people have more than five Web services, half the hands go down. It’s obvious to me not everybody is using a ton of Web services.” Even agencies that say they are “doing SOA” may only be referring to using some Web services, not an overarching architecture. “Government organizations have huge complexity in their application portfolios, and much of it is heavily siloed,” Sprott said. “If you want common citizen services with a consistent view every time someone logs onto the Web to talk to a government department, it’s very difficult unless you have architecture.”Sprott said architecture development is a slow process that can require five to 10 years to complete. Nevertheless, government IT managers believe the public-sector incentives will spur the push to SOA because of enterprise-architecture mandates and desires for interagency collaboration. SOA “really is about transferring information between jurisdictional areas, so the opportunity is probably larger in the government sector than in most others,” said Randy Hughes, Utah’s state technical architect.Many people assume that the SOA framework applies only to software built on Web services protocols. However, the architecture may work just as effectively with proprietary message-oriented middleware, which facilitates communications among a variety of operating system platforms. SOA “actually originated in the early ’90s, predating Web services,” said Ron Schmelzer, a senior analyst at ZapThink. “There’s a lot of SOA out there that leverages mainframes, using MQ Series [middleware] and COBOL” programming language.However, the beauty of a SOA/Web services marriage lies in the widespread adoption of Web standards. “It’s very hard to get heterogeneity in service-oriented architecture unless you have some common standards,” Schmelzer said. “SOA without Web services can work, but you have to be in a controlled environment.”Not only is this assumption false, it “might be one of the biggest misconceptions about SOA,” said a spokesperson for the chief technology office of the Defense Information Systems Agency in an e-mail response. DISA officials are interested in using SOA as a means to lower IT costs and increase flexibility.“SOA provides the opportunity for a greater resource optimization because it is not the software that is reused but rather [the] function performed by the software, along with its management, operation, and maintenance,” the DISA official said.Even reusing services, as opposed to software, is rarely simple, Sprott said. “It’s very easy to create a service. It’s much harder to create a service that is highly generic, applicable in many different situations, and engineered so that it can be gracefully upgraded and extended without causing major trauma to all of the consuming applications,” he said. “These are nontrivial architectural problems.” Reuse raises practical questions for developers. To achieve reusability, programmers must look beyond their current requirements and anticipate how the service might be used in the future. “How can anybody who has a defined budget and timeline justify the extra expense and time to make things reusable in a way that they can’t predict?” Schmelzer asked.Even if multiple departments band together to share a service that addresses common needs, questions arise over who pays for development and its ongoing maintenance and management. “Reusability turns out to be much more imposed by how the whole system is organized rather than any particular piece of code,” Schmelzer said.Finally, reuse among agencies represents risks. Before an agency can rely on a service for a core application, it must somehow vet its dependability and the support behind it, said Mark  Zalubas, chief technology officer of Merlin International. “At least if  we [develop] our own service, we can guarantee that we will support it,” he said. Agility can be a concrete benefit of SOA, but achieving it takes a long-range effort. “One of the biggest fallacies with SOA is that people believe that their first application will be built faster than using a conventional method, and that’s probably incorrect,” Zalubas said. The development time for “the first, second and third application may actually be a little bit slower. It’s the fourth, fifth and sixth application that you start to get economies of scale.” The key to agility is having access to a wide range of services to choose from so agencies can find the right capabilities to plug into new applications. “And that’s where the problem is: Most government agencies haven’t reached critical mass with Web services,” Zalubas said. Meanwhile, testing is another hurdle to agility. Because services may be used in ways unintended by their designers, IT departments need to test the new implementations for functionality and reliability. “The service interface should be extensively tested to make sure that it performs as expected and cannot be exploited to support nefarious objectives,” the DISA spokesperson said. “The potential service provider also needs to understand fully what performance levels [the service] can offer potential customers as well as the scalability of their system and operations to support new service customers.”Influenced partly by commercial hype, many agencies assume they need an expensive IT makeover to make SOA work. Zalubas said this may lead to overbuying for agencies that adopt SOA incrementally. Agencies “may go off and buy registries and governance tools and everything else that sounds like a pure-play SOA tool,” he said. “Then they publish a single Web service in their directory. That’s akin to having a Yellow Pages with one phone number in it.”Even tools and training for developers don’t require an overhaul, he added. Developers with Web programming tools and skills have a working knowledge of Web architectures that applies to SOA. “What’s different is that at the end, when we mark up code for human consumption, we use HTML and deliver it to a Web browser,” Zalubas said. “On the Web services side, we mark it up in XML and we deliver it to a Web services client, which is analogous to a Web browser.” Enterprise service buses are a useful traffic cop when services feed transactions that run over time or among different systems, said John Fitzgerald, product marketing manager at Software AG, which sells an ESB product. “It’s very helpful when you have two different systems that might have data stored in different formats and there is a need to transform that information,” he said. However, Schmelzer warned that different companies have different definitions for ESBs. “Vendors offer enterprise service buses that look very different from each other,” he said. How to choose? First, make sure you don’t already have technology that performs ESB capabilities. “Most companies already have message buses and e-mail transfer mechanisms,” Schmelzer said. “They have an application service to expose service interfaces or a run-time environment.”  If an agency needs an ESB, IT managers should first identify the specific requirements, such as metadata management. “Agencies shouldn’t be looking for the mythical ESB creature that is supposed to provide the answer” to architecture challenges, Schmelzer said. “Fundamentally SOA is about architecture. That means you need to actually have architects to do the job” of architecture design.The DISA spokesperson said the technical challenges created by SOA are easy compared to the business issues that agencies face. Among the knotty questions are: What services should IT provide? What service-level agreements and performance guarantees can IT support? How rapidly can IT scale SOA operations to support rapidly increasing user demand? SOA also represents a change in how IT and business departments interact, Hughes said. “The adoption of SOA is predicated on business requirements,” he said. “That’s a flip in thinking for a lot of organizations because it puts the business [side] more in the driver’s seat.” Instead of the traditional software development process where a department leader might outline a need and the IT department goes off to build a solution, SOA requires both sides to work more closely in concert, Hughes added. Those issues create “a major culture shift,” said Bob Brown, a senior staff member at the U.S. Patent and Trademark Office’s Software Development and Maintenance Group. A focal point in this shift is code reuse. “Where is the financial incentive for people to generate less code?” Brown asked. He criticized outmoded contracting vehicles that pay software developers by the hour or by the lines of code they write, an approach that is counter to the goal of reusing as many prebuilt services as possible. The answer is revising how IT people are rewarded. They should get “better reviews, more raises or bonuses based on sharing more stuff and showing how they’ve reduced the footprint of the infrastructure,” Brown said. “That’s the way to get people to change their behavior. Otherwise, they are just going to continue with the old ways.”








Assumption No. 1: Everybody’s using SOA
Reality: False












Assumption No. 2: SOA can only be done using Web services standards
Reality: False







Assumption No. 3: SOA offers cost savings and efficiencies because it’s a framework for easily reusing software in multiple applications
Reality: False














Assumption No. 4: Organizations that rely on SOA are more agile than ones that run traditional applications
Reality: True









Assumption No. 5: SOA requires significant new investments in
technologies and developer training

Reality: False





Assumption No. 6: SOA requires an enterprise service bus to be successful
Reality: Sometimes









Assumption No. 7: SOA is a technology innovation that only concerns the IT
department

Reality: False
















NEXT STORY: FEMA preparedness panel planned

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.