Software/System Design

Enterprise Architecture

August 12, 2018 Architectures, Software/System Design, TOGAF No comments

What is an Enterprise Architecture?

In this modern world there is lots of confusion about enterprise architecture, in that sense I would write a short scribble about enterprise architecture or called as EA in short.

I will start with a definition by Architecture and Governance Magazine, Issue 9-4, November (2013) :

Enterprise architecture (EA) is “a well-defined practice for conducting enterprise analysis, design, planning, and implementation, using a comprehensive approach at all times, for the successful development and execution of strategy.

Enterprise architecture applies architecture principles and practices to guide organizations through the business, information, process, and technology changes necessary to execute their strategies.

These practices utilize the various aspects of an enterprise to identify, motivate, and achieve these changes.”

Now that sums up as EA is putting together a practice for translating business goals and strategy into practical enterprise to  Business Process + Information Systems (Data and Applications)  and Technologies within an “Enterprise”.  This also conclude a desired state of the enterprise and facilitate towards its change.

How do you achieve that? Answer is short, through Architecture Governance through a selection of desired Architecture Framework. That makes EA an essential practice that at any organizational level to have all the systems functioning as desired.

Goals of enterprise architecture are:

  1. Effectiveness
  2. Efficiency
  3. Agility
  4. Durability.

Subsets/Layers of enterprise architecture or Architecture domain:

There are four kinds of “architecture” that are commonly accepted as subsets of a well defined Enterprise Architecture system:

  1. Business Architecture:
  2. Data Architecture:
  3. Application Architecture:
  4. Technology Architecture:

image

NIST Enterprise Architecture Model initiated in 1989, one of the earliest frameworks for enterprise architecture. (Courtesy: Wikipedia.)

What is an Enterprise Architecture Framework?

An enterprise architecture framework (EA framework) defines how to create and use an enterprise architecture.

As per Wikipedia there are countless EA frameworks and some of them are categorized as below: (Courtesy: Wikipedia.)

Consortia-developed frameworks:
  • ARCON – A Reference Architecture for Collaborative Networks – not focused on a single enterprise but rather on networks of enterprises.
  • Generalised Enterprise Reference Architecture and Methodology (GERAM)
  • RM-ODP – the Reference Model of Open Distributed Processing (ITU-T Rec. X.901-X.904 | ISO/IEC 10746) defines an enterprise architecture framework for structuring the specifications of open distributed systems.
  • IDEAS Group – a four-nation effort to develop a common ontology for architecture interoperability
  • ISO 19439 Framework for enterprise modelling
  • TOGAF – The Open Group Architecture Framework – a widely used framework including an architectural Development Method and standards for describing various types of architecture.

Defence industry frameworks:

  • AGATE – the France DGA Architecture Framework
  • DNDAF – the DND/CF Architecture Framework (CAN)
  • DoDAF – the US Department of Defense Architecture Framework
  • MODAF – the UK Ministry of Defence Architecture Framework
  • NAF – the NATO Architecture Framework

Government frameworks:

  • European Space Agency Architectural Framework (ESAAF) – a framework for European space-based Systems of Systems
  • Government Enterprise Architecture (GEA) – a common framework legislated for use by departments of the Queensland Government
  • FDIC Enterprise Architecture Framework
  • Federal Enterprise Architecture Framework (FEAF) – a framework produced in 1999 by the US Federal CIO Council for use within the US Government (not to be confused with the 2002 Federal Enterprise Architecture (FEA) guidance on categorizing and grouping IT investments, issued by the US Federal Office of Management and Budget)
  • Nederlandse Overheid Referential Architecture (NORA) – a reference framework from the Dutch Government E-overhead NORA
  • NIST Enterprise Architecture Model
  • Treasury Enterprise Architecture Framework (TEAF) – a framework for treasury, published by the US Department of the Treasury in July 2000.

Open-source frameworks:

Enterprise architecture frameworks that are released as open source:

  • MEGAF is an infrastructure for realizing architecture frameworks that conform to the definition of architecture framework provided in ISO/IEC/IEEE 42010.
  • Praxeme, an open enterprise methodology, contains an enterprise architecture framework called the Enterprise System Topology (EST)
  • TRAK – a general systems-oriented framework based on MODAF 1.2 and released under GPL/GFDL.
  • SABSA is an open framework and methodology for Enterprise Security Architecture and Service Management, that is risk based and focuses on integrating security into business and IT management.

Proprietary frameworks:

  • ASSIMPLER Framework – an architecture framework, based on the work of Mandar Vanarse at Wipro in 2002
  • Avancier Methods (AM) Processes and documentation advice for enterprise and solution architects, supported by training and certification.
  • BRM (Build-Run-Manage) Framework – an architecture framework created by Sanjeev “Sunny” Mishra during his early days at IBM in 2000.
  • Capgemini Integrated Architecture Framework (IAF) – from Capgemini company in 1993
  • Dragon1 – An open Visual Enterprise Architecture Method recently recognized by The Open Group as Architecture Framework
  • DYA framework developed by Sogeti since 2004.
  • Dynamic Enterprise Enterprise architecture concept based on Web 2.0 technology
  • Extended Enterprise Architecture Framework – from Institute For Enterprise Architecture Developments in 2003
  • EACOE Framework  – an Enterprise Architecture framework, as an elaboration of the work of John Zachman
  • IBM Information FrameWork (IFW) – conceived by Roger Evernden in 1996
  • Pragmatic Enterprise Architecture Framework (PEAF) – part of Pragmatic Family of Frameworks developed by Kevin Lee Smith, Pragmatic EA, from 2008
  • Purdue Enterprise Reference Architecture developed by Theodore J. Williams at the Purdue University early 1990s.
  • SAP Enterprise Architecture Framework
  • Service-oriented modeling framework (SOMF), based on the work of Michael Bell
  • Solution Architecting Mechanism (SAM) – A coherent architecture framework consisting of a set of integral modules.
  • Zachman Framework – an architecture framework, based on the work of John Zachman at IBM in the 1980s

Hope that covers the initial concepts of Enterprise Architecture. Later sessions I would write more on an interesting and widely used Enterprise Architecture framework called TOGAF – The Open Group Architecture Framework. 

Read about my previous article in the mean time: TOGAF 9.1 Certified

References:

Azure Functions App–Run OnDemand Serverless code – a path way to Serverless Computing

June 18, 2017 App Service, Azure, Azure Functions, CosmosDB, Microsoft, Resilliancy, Scalability, Windows Azure Development, Windowz Azure No comments

Azure Functions is a new cloud solution from Azure that would let you execute small pieces code or “functions” in the cloud.  This means you do not have to worry about the infrastructure or environment to execute your little piece of code to solve any of your business problems.

functions-logo

Functions can make development even more productive, and you can use your development language of choice.

Benefits:

  • Pay only for the time your code runs and trust Azure to scale as needed.
  • Azure Functions lets you develop serveries applications on Microsoft Azure.
  • Supports wide variety of development language choices , such as C#, F#, Node.js, Python or PHP.
  • Bring your own dependencies – you can bring any of your Nuget/NPM dependencies for your functional logic.

What can we do with Azure Functions?

Azure Functions is a very good  solution for processing data, integrating systems, working with the internet-of-things (IoT), and building simple APIs and micro services.

Functions provides templates to help you  get started with some useful scenarios, including the following:

  • BlobTrigger – Process Azure Storage blobs when they are added to containers. You might use this function for image resizing.
  • EventHubTrigger – Respond to events delivered to an Azure Event Hub. Particularly useful in application instrumentation, user experience or workflow processing, and Internet of Things (IoT) scenarios.
  • Generic Webhook – Process webhook HTTP requests from any service that supports webhooks.
  • GitHub Webhook – Respond to events that occur in your GitHub repositories.
  • HTTPTrigger – Trigger the execution of your code by using an HTTP request.
  • QueueTrigger – Respond to messages as they arrive in an Azure Storage queue.
  • ServiceBusQueueTrigger – Connect your code to other Azure services or on-premises services by listening to message queues.
  • ServiceBusTopicTrigger – Connect your code to other Azure services or on-premises services by subscribing to topics.
  • TimerTrigger – Execute cleanup or other batch tasks on a predefined schedule.

Integration Support with other Azure Services:

Following are the services integration supported by Azure Functions app.

  • Azure Cosmos DB
  • Azure Event Hubs
  • Azure Mobile Apps (tables)
  • Azure Notification Hubs
  • Azure Service Bus (queues and topics)
  • Azure Storage (blob, queues, and tables)
  • GitHub (webhooks)
  • On-premises (using Service Bus)
  • Twilio (SMS messages)

Costing:

Azure functions will be charged based on two pricing plans below:

  1. App Service Plan – if you already have an Azure App Service running with Logic, Web, Mobile or Web Job, you can use the same environment for your Azure functions execution without needing to pay for extra resources.  You will be charged based on regular app service rates.
  2. Consumption plan  – with this plan you only need to pay for how long and how many times your functions runs and computational needs/resource usage during that execution time. Consumption plan pricing includes a monthly free grant of 1 million requests and 400,000 GB-s of resource consumption per month.

You can find further pricing related info here

Support and SLA:

  • Free billing and subscription management support
  • Flexible support plans starting at $29/month. Find a plan
  • 99.95% guaranteed up time. Read the SLA

Useful Links:

.NET Framework 4.7–Released for All versions of Windows

May 3, 2017 .NET, .NET 4.7, .NET Framework, .NET Framework 4.7, ASP.NET, ASP.NET MVC, C#.NET, Caching, Cryptography, Extensions, Microsoft, Performance, Security, Visual Studio 2013, Visual Studio 2015, Visual Studio 2017, VisualStudio, VS2012, VS2013, VS2015, WCF, Web API, Web API v2.0, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, WinForms, WPF No comments

Microsoft has released next version of .NET Framework (do not get confused with .NET Core) .  Though the .NET Framework 4.7 was released as part of Windows 10 Creators Update a month ago. You can now install the .NET Framework 4.7 on other versions of Windows

Download the: .NET Framework 4.7  – Web installer  |  Offline Installer

.NET Framework 4.7 Developer Pack  In order to add support for .NET Framework 4.7 in Visual Studio 2012 or later we need to install Developer Pack.

Windows Versions and Support:

The .NET Framework 4.7 is supported on the following Windows versions:

  • Windows 10 Creators Update (included in-box)
  • Windows 10 Anniversary Update
  • Windows 8.1
  • Windows 7 SP1

The .NET Framework 4.7 is supported on the following Windows Server versions:

  • Windows Server 2016
  • Windows Server 2012 R2
  • Windows Server 2012
  • Windows Server 2008 R2 SP1

New Features in .NET Framework 4.7:

On a high-level below are the set of new features introduced in following areas:

Core

Networking  Default operating system support for TLS protocols*

ASP.NET

  • Object Cache Extensibility  (plug in new implementations of an object cache for an ASP.NET application by using the new ICacheStoreProvider interface. )
  • Memory monitoring (Developers can now write their own memory monitors to replace the default by using the ApplicationMonitors.MemoryMonitor property.)
  • Memory Limit Reactions. (Developers can now replace or supplement the default behavior by subscribing IObserver implementations to the application’s memory monitor.

Windows Communication Foundation (WCF) 

  • Ability to configure the default message security settings to TLS 1.1 or TLS 1.2
  • Improved reliability of WCF applications and WCF serialization

Windows FormsHigh DPI support

Windows Presentation Foundation (WPF)

  • Support for a touch/stylus stack based on Windows WM_POINTER messages
  • New implementation for WPF printing APIs

Also improvements in :

  • High DPI support for Windows Forms applications on Windows 10
  • Touch support for WPF applications on Windows 10
  • Enhanced cryptography support
  • Support for C# 7 and VB 15, including ValueTuple
  • Support for .NET Standard 1.6
  • Performance and reliability improvements

 

Additional References:

IoT Security–Essentials–Part 01

February 1, 2017 Cloud to Device, Communication Protocols, Connected, Connectivity, Contrained Networks/Devices, Device to Cloud, Geolocation, Identity of Things (IDoT), Internet Appliance, Internet of Things, IoT, IoT Privacy, IoT Security, machine-to-machine (M2M), Machines, Tech-Trends No comments , , , , ,

Security(Cyber Security) is an essential requirement for any IoT platform or devices or end users and the communication infrastructure.  In order to achieve or design best possible security solutions,  to avoid some external entity or hacker gaining access to your IoT device or infrastructure, every architect or system designer should do Threat Modeling exercise.  As the system is designed and architected, we can minimize the exposure to external threats to our IoT architecture.

With this article I am trying to provide you relevant bits and pieces essential for your understanding:

What is Cyber Security?

As per WhatIs.com – “Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, security includes both cybersecurity and physical security.”

To make it more clear and simpler – Cyber Security also known as Computer security, or IT security, is the protection of computer systems from the theft or damage to their hardware, software or information, as well as from disruption or misdirection of the services they provide. Cyber security includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection.

What is Threat Modeling?

The objective of threat modeling is to understand how an attacker might be able to compromise a system and then make sure appropriate mitigations are in place. Threat modeling forces the design team to consider mitigations as the system is designed rather than after a system is deployed. This fact is critically important, because retrofitting security defenses to a myriad of devices in the field is infeasible, error prone and will leave customers at risk.

[Content courtesy:  Microsoft]

In order to optimize security best practices, it is recommended that a proposed IoT architecture be divided into several component/zones as part of the threat modeling exercise.

Relevant Important  Zones  for an IoT architecture  :

  • Device,
  • Field Gateway,
  • Cloud gateways, and
  • Services.

Each zone is separated by a Trust Boundary, which is noted as the dotted red line in the diagram below. It represents a transition of data/information from one source to another. During this transition, the data/information could be subject to Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service and Elevation of Privilege (STRIDE).

[Content courtesy:  Microsoft]

This diagram like below provides a full 360 view you any proposed solution:

iot-security-architecture-fig1

Summary of important Sections/Zones:

  1. The Device Zonerepresents a thing or device where device to device or local user physical access is possible.
  2. The Field Gateway Zone –  Field gateway is a device/appliance (Embedded/Hardware) or some general-purpose software that runs on a Physical Server, and acts as communication enabler and potentially, as a device control system and device data processing hub.
  3. The Cloud Gateway ZoneCloud gateway is a system that enables remote communication from and to devices or field gateways from several different sites across public network space, typically towards a cloud-based control and data analysis system, a federation of such systems.
  4. The Services Zone –  A “service” is  any software component or module that is interfacing with devices through a field- or cloud gateway for data collection and analysis, as well as for command and control. Services are mediators.

Once we identified threat boundaries we should be able to provide fail safe security measures each associated zones, to meet the business needs and global information exchange and data compliance  standards.  It is also important to design the product from the start with security in mind because understanding how an attacker might be able to compromise a system helps make sure appropriate mitigations are in place from the beginning.

In next session, we will go through Microsoft’s IoT Reference architecture and associated security measures been put together across each zones. 

Additional Resources:

Microsoft Azure IoT Suite–Provisioned solutions for Faster Time to Market IoT enabled solutions

January 7, 2017 Analytics, Azure, Azure SDK, Cloud Computing, Communication Protocols, Contrained Networks/Devices, Data Collection, Data Integration, Emerging Technologies, Identity of Things (IDoT), Internet of Things, Interoperability, IoT, PaaS, Performance, Predictive Analytics, Predictive Maintenance, Realtime Analytics, Reliability, Scalability, Self Driven Cars, Solutions, Stream Analytics, Tech-Trends, Windowz Azure No comments

Microsoft Azure IoT Suite Provisioned solutions will help you create your own fully integrated solutions tailored for your specific needs in the following 3 sections. Using these ready to consume solutions will accelerate your time to market IoT(Internet of Things) requirements.

image

  1. Remote Monitoring  – Connect and monitor your devices to analyze untapped data and improve business outcomes by automating processes.  For ex: As a car  manufacturing company, provide an option to customer to remotely monitor their car condition, and suggest if they need a re-fuel or oil change.
  2. Connected Factory – Anticipate maintenance needs and avoid unscheduled downtime by connecting and monitoring your devices. For ex: As a car manufacturing  factory and spare parts are essential for car manufacturing. Automated solutions can ensure timely availability of necessary spare parts inventory to meet daily, weekly or monthly manufacturing needs.
  3. Predictive Maintenance – Connect and monitor your factory industrial devices for insights using OPC UA to drive operational productivity.  For ex: As a car service support, you can get near real-time performance data from the cars manufactured by your company, predict the health of each components in a car and offer timely maintenance to their cars.  Send real-time reminders and notifications to customers. Their by ensuring higher satisfaction levels for customers and more business value to the organization as it attracts more sales and good customer feedback.

image

These solutions will help you to:

  1. Connect and scale quickly – Use preconfigured solutions, and accelerate the development of your Internet of Things (IoT) solution.

  2. Analyze and process dataCollect previously untapped data from devices and sensors, and use built-in capabilities to visualize—and act on—that data.

  3. Integration and Digital TransformationEasily integrate with your systems and applications, including Salesforce, SAP, Oracle Database, and Microsoft Dynamics, making it simple to access your data and keep your disparate systems up to date.

  4. Enhanced security Set up individual identities and credentials for each of your connected devices—and help retain the confidentiality of both cloud-to-device and device-to-cloud messages.

Useful Links:

IoT Protocols–Quick Comparison

January 5, 2017 Communication Protocols, Connectivity, Contrained Networks/Devices, Internet of Things, Interoperability, IoT, Performance, Reliability, Scalability, Tech-Trends No comments

The table below contains a quick summary of the IoT protocols:

Protocol CoAP XMPP RESTful HTTP MQTT AMQP
Transport UDP TCP TCP TCP TCP
Messaging Request/Response Publish/Subscribe Request/Response Request/Response Publish/Subscribe Request/Response Topic based Publish/Subscribe
2G, 3G, 4G Suitability (1000s nodes) Excellent Excellent Excellent Excellent Excellent
LLN Suitability (1000s nodes) Excellent Fair Fair Fair Excellent
Compute Resources 10Ks RAM/Flash 10Ks RAM/Flash 10Ks RAM/Flash 10Ks RAM/Flash 10Ks RAM/Flash
Success Stories Utility Field Area Networks Remote management of consumer white goods Smart Energy Profile 2 (premise energy management, home services) Extending enterprise messaging into IoT applications Extending enterprise messaging into IoT applications
designed for resource-constrained devices and low bandwidth, high latency networks interoperability
reliable queuing, flexible routing, transactions, and security

Source: Beyond MQTT: A Cisco View on IoT Protocols, Paul Duffy, April 30 2013