The iTKO LISA Soapbox: SOA Testing, Validation & Virtualization

You might have noticed a lot of commentary about Cloud Computing recently on this blog, and it is not a coincidence. In our conversations with analysts, peers and of course customers in the field, we are frequently asked about how this approach can add value to the testing and virtualization practices we support.

We have just put out an iTKO whitepaper on this topic, titled "Demystifying Cloud-Based Testing and the Related Benefits." The PDF is free to download.

There are many hard lessons and new techniques learned from industry-wide attempts to decouple and flexibly assemble enterprise software around key business processes. In order to reduce risk as we move into Cloud environments, we need systematic testing that gets around the roadblocks of inaccessibility and unexpected costs. We need to make use of automation and virtualization of the extended environment as much as possible. Cloud-based services need to be governed and validated as part of a continuous business process.

At this stage of the Cloud's development, there are many vendors and service providers that can contribute value to a comprehensive deployment and development environment solution. This short paper does not seek to recommend a comprehensive solution set, rather it focuses on gaining value within the software testing lifecycle. It outlines the key challenges and the top 4 strategies in play - first steps for virtualizing and testing distributed assets in the Cloud. We hope you find the information useful, and invite your feedback.

Read a recent article from a very active pundit and practitioner in the Cloud Computing space, Mike Kavis, titled "Architecting the Cloud: Testing performance in your cloud application."

In the article, Mike advocates a layered approach to testing cloud-deployed applications that makes a lot of sense, in terms of the kinds of performance testing you can actually do while the design and development lifecycle is going on. To summarize, this involves testing from the system roots up while the solution is firmed up in this order:

1. Infrastructure. Test performance of the cloud provider(s) to ensure they can sustain the needed load.
2. Data. "it is time to analyze the impact of encryption, transformation, data replication, and the various ways that data is being manipulated to address security , compliance, reliability, and scalability requirements."
3. Business Logic. Interactions of services and processes.
4. User experience. Does the application meet user needs?

[Image Source: Mike Kavis]

This is a solid approach for testing to happen while a "build from scratch" cloud-based project is being designed/developed. Testing the raw performance level of the infrastructure first is something worth validating early on, and so on up the stack, finally testing the business logic and application when they come together.

Mike talks about how covering the core performance of the cloud infrastructure early can mitigate risk at deployment: "... It would be very expensive to find performance issues from the lower levels of the architecture at this point. That is why I recommend the layered approach to performance testing. What I also like about this approach is that you can start testing very early in the life cycle."

To expand on this discussion, one way to shorten this cycle is through Service Virtualization, which is the practice of simulating and modeling the behaviors and performance characteristics of components, business logic and even UIs in the cloud that are not yet available for live testing. This kind of virtualization can go a long way toward eliminating service and 3rd party system dependencies and bringing performance testing to bear much earlier in the process.

Then, after that rollout, there remains a continuous validation need. (Only so much you can cover in a blog, so this is a topic we'd like to see Mike address in a future post... por favor... : )

For instance, the infrastructure itself may behave differently under the kinds of data and usage variability in ways that you could never predict with the raw-traffic or user interface kinds of performance benchmarking. New versions of services can be introduced, the Cloud provider can do something that affects their performance -- the list of risks goes on and on. Continuously validating going forward is a way to ensure that there are no unintended consequences of change at any one of the above layers.

All in all, it is a nice development to see practitioners showing real architectures and methodology around Cloud Computing as it is being applied for the business, as opposed to continuously defining the space, so I'd recommend keeping up with future posts from Mike.

Virtual Strategy Magazine's Carryl Roy recently recorded a podcast briefing with iTKO's VP of Marketing, Derick Townsend about the new features of LISA 4.6, with a special emphasis on the Virtual Service Environment (VSE) capability of the product, and why a more expansive vision of Virtualization is needed for today's heterogeneous, ever-changing software environments.

Virtual Strategy: "iTKO Rolls with the Punches, Releases New Version"

Virtualization of hardware has already made great strides in reducing costs and increasing flexibility in the staging and deployment of software in the data center, but there is much more work to be done in optimizing the software lifecycle before production.

We are seeing companies pressured to keep IT budgets down, while the complexity and volume of data accounted for in applications keeps growing exponentially. There is a need to prune away many of the costly dependencies that can drag down the productivity of software development and testing teams. You can listen to or download the 15-minute podcast here.

At this year's HP Software Universe we're thrilled to be talking about a quality practice where we've seen incredible strides made over the last two years. The concept sounds simple enough: Virtualize away my upstream constraints and dependencies so that the test lab (for instance HP LoadRunner and Unified Functional Testing) solutions have a self-contained environment for testing.

However when you look at how complex and interdependent today's applications are, you begin to understand why replicating these complex behaviors -- such as unavailable or secured systems, third-party Services and components that are still under development -- has been resistant to replicating via conventional hardware virtualization means.

What is really cool is how we've seen customers of HP and iTKO bring this particular challenge under control. If you are planning on being in Las Vegas for this year's HPSU 2009 - June 15-19 - we invite you to take an hour to join HP Senior Product Manager Jeffrey Meyers, and iTKO Founder/Chief Geek John Michelsen to find out how these Virtual Test Environments can eliminate constraints (and costs) in a big way.

Session 1497: Thursday, June 18 - 10:30am - 11:30am
"Eliminate testing constraints and test earlier in the lifecycle: using service virtualization to drive testing momentum"

Here's the abstract of the session:
If your IT team is struggling with obstacles outside your organization, then join HP and iTKO and find out how HP testing solutions, combined with the iTKO LISA Virtualize platform, can minimize external dependencies and help you test earlier in the development cycle, before a complete test environment is ready to meet your testing objectives. You’ll hear how the combined HP and iTKO solution works in complex shared environments of modern applications, agile development techniques, and volatile data sources to make your testing efforts constraint free.

If you are planning on being there, look us up on Twitter as well: http://twitter.com/itko and drop us a note or feedback on your thoughts.

It seems in June we really catch the "last gasp" of interesting IT events, and this month is no exception - besides attending this excellent summit, we are bringing in the summer next week presenting sessions in Chicago at Technology Executives Club and a Federal roundtable at GTRA in Virginia. Hope we see you at one of these key events soon.

A colleague recently passed me an article from Joe McKendrick, "Is SOA governance also its own silo?" that really got me thinking. If SOA governance is a software development activity, does it become a self-defeating initiative?

In the post, Joe cites an Ovum analyst and blogger we've followed for some time, Tony Baer: "There are various issues at work with SOA governance silos, Tony said in the Ovum report. First, there's a perception that SOA-based technology is "reserved for elite practitioners." Of course, relegating SOA to an elite group "compounds the waste and duplication that SOAs were supposed to avoid."

The threat of Vendor-based SOA is well known - basically locking you into one technology stack isn't a SOA approach by definition. But neither is the reaction of having a SOA Governance strategy assembled strictly by a star chamber of developers within the company.

What is ironic here is that the very concept of SOA Governance is to accommodate federated authority, loose coupling and flexible assembly of technologies around business needs. If indeed the concepts and tools required for SOA Governance become so specialized or complex that only a certain class of technologists can use (or reuse) them, instead of the business subject matter experts, we are inherently missing the boat.

This has been one of the biggest questions we ask ourselves as an organization -- "Am I doing everything in my power to make ensuring quality and agility as approachable for the customer as possible?" We hope all vendors and services firms involved in SOA consider this line of reasoning. Specialist IT teams, if put into a [[SOA Governance Silo]] will be increasingly stretched and understaffed, plus the farther removed they are from the business, the more they will take a technology-first approach to governance (what are my tools, what WS* protocols, etc.), and limit the business value they can deliver over the long term.

Wanted: A way to tie together the software delivery advantages of Application Lifecycle Management (ALM), with Dynamic SQA, which provides the in-depth quality coverage required for today's complex and constantly changing enterprise apps. What practices and tools are required to make this connection happen?

We are excited about an upcoming webinar on Integration Developer News that should amply address both. iTKO Founder/Chief Geek John Michelsen is joined by Forrester VP Margo Visitacion, a leading expert in ALM and Software Quality. Ensuring predictable results and on-time delivery of enterprise software requires testing, validation and virtualization across a myriad of changing technologies and services. Customer examples and current methodologies will be explored.

Here's the official description and signup link:

iTKO and Forrester Webinar 6/18: "Removing ALM Obstacles for Greater Agility, Cost Savings, and Lower Risk"
Experts from iTKO and Forrester Research present trends / technologies behind automated testing and validation to streamline ALM for higher productivity, accuracy and agility. Attend and Learn how Testing, Validation and Virtualization are being employed to support the best practices of Dynamic SQA (Software Quality Assurance). With with strong Dynamic SQA in place, enterprise IT teams are poised to deliver predictability, patterns and reuse to better manage complex software projects.

Our last webinar on SOA and Integration Efficiency (view archive) had more than 500 attendees, and lots of great questions we were happy to address (either on the session or afterward). We hope you will join us for this one!

Our Federal government has played an innovative role in SOA governance (see Federated Computing demands SOA Governance & Testing) and now they taking a leadership role in distilling the value of Cloud Computing.

James Urquhart recently wrote, Are the feds the first to a common cloud definition? James wrote that the "public sector is eager to get rid of data centers in order to focus funds and effort on delivering value to their respective 'customers.' ... it appears that SaaS and collaborative technologies stand to benefit greatly from this trend."

The National Institute of Standards and Technology, a nonregulatory arm of the Commerce Department, has developed a draft definition for federal use of cloud computing. James quotes Reuven Cohen, in that "cloud computing will be the de facto standard definition that the entire US government will be given ... In creating this definition, NIST consulted extensively with the private sector including a wide range of vendors, consultants and industry pundits..."

Here is what they came up with: "Cloud computing is a pay-per-use model for enabling available, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is comprised of five key characteristics, three delivery models (SaaS, PaaS, and IaaS), and four deployment models."

This is just the opening to the definition and James provides the details on the five key characteristics, three delivery models, and four deployment models in his post. The definition statement acknowledges that it will evolve over time, but it tries to capture all of what is considered the cloud for now. This is a noble and useful effort. We have been writing a bit on one of these key characteristics, rapid elasticity. This can promote the cloud's use for application development and testing.

Thanks to the NIST for taking the lead here. I hope it can speed the use of the cloud within both defense and civilian branches of the government to maximize the efficiency of technology investments.

Agile development is spreading in the SOA world to rapidly decrease development times, but if testing is not done properly, you might lose all the efficiency gains through having to conduct a massive cleanup effort afterwards. Like building bridges, fix it as you go is a much better approach than fix it later with massive traffic flowing over the structure. InfoWorld's Eric Knorr writes about this in his recent Modernizing IT article, "How to be agile without falling on your face."

Eric reports on a conversation with iTKO’s Derick Townsend. Derick said that companies within an M&A cyclone -- particularly in times of high volatility like we are seeing today in financial services markets -- are desperate to accelerate application development projects.

"They get 80 percent through a project, and they think the end is in sight, but the last 20 percent really stymies them, and that has to do with the test and delivery part. They're dealing with so much complexity. Telcos are experiencing this too. The components and underlying systems are changing constantly underneath," Townsend said.

Eric goes on to write about how iTKO provides what we call Service Virtualization, which is different than traditional hardware virtualization. Instead, iTKO LISA absorbs the behavior of all relevant components, services and data in an extended IT environment and simulates them, This capability allows developers to determine how an application based on those services will behave under various circumstances in the real world. Developers can become more agile using Virtualization practices to support increases in complexity, without a corresponding increase in testing and development risks and cost.  

Well it seems we have a series of posts on Cloud Computing and Test environments to cover, as we've been seeing a lot of good background education in our research on the topic.

Jan Stafford recently posted on a conversation with Bernard Golden - author of IT bestseller, Virtualization for Dummies. Bernard is a strong advocate for virtualization and cloud computing technologies, but warned that it requires some new skills and has to be done right. In a brief video he said that application development is one of the areas were the cloud makes a lot of sense.

Bernard provided this example. A firm wanted to test their application and need 100 browser instances. In the old days it would have required 100 machines -- that would be a massive undertaking. Even with hardware virtualization, you would need 5 to 10 machines, and there would be some complex configuration issues. However, by putting it all in the cloud, they were able to sync up 100 virtual instances of the browsers and take them down over a weekend at a dramatic cost reduction.

However, that's just a web UI testing exercise. Bernard added that few development labs actually replicate the exact server and software environment as the target data center that will run the application in production. The cost of that set-up would be astronomical by conventional means, but that is starting to change. With Service Virtualization in a Cloud Environment, you can basically eliminate all of those downstream dependencies from the equation quite inexpensively.

In addition, development in the cloud allows you to scale up and scale down the application for testing of various load sizes without incurring hardware costs. The cloud can support more difficult testing requirements like load testing and scaling that many labs can’t scale to support. Finally, since many applications will be delivered through the cloud, testing them first this way makes sense.

To reap all these benefits, Bernard cautioned that there are several important decision such as finding the right cloud services provider. Software testers will have to acquire some new skills, and development teams have to be careful about integration with internal applications. They will also have to manage application lifecycle in the cloud. Many IT service providers have also made significant strides in delivering improvements in these areas.

OK, file this under "food for thought." On second thought, maybe you shouldn't think about food and read this one.

Maybe you've heard news of a recent San Jose incident, in which the many leftover contents of a shared office refrigerator were emptied out for cleaning -- resulting in the evacuation of the office due to the smell and 7 people being hospitalized due to the toxic mix of fumes created from the cleaning process.

Fortunately everyone seems to be OK now. But it made me think of a disgusting, but kind of effective metaphor for shared computing environments. IT has focused much effort on making more room in the fridge, rather than better planning to decrease the need for a fridge.

At a desktop level, we already saw the complexity of systems increasing to follow Moore's Law. We are constantly increasing CPU speed, RAM, hard drive capacity, bandwidth, and the install size of the OS and many software packages seem to keep bloating to meet it.

In the enterprise, we saw the advent of SOA approaches - great if well planned, but nauseating for companies who started service-enabling everything and end up with JBOWS (Just a Bunch of Web Services) sitting around that couldn't communicate with each other.

Then came Virtualization - you could take 10 servers, or 100 system configurations, pack them up and deploy them as VMs on one machine with much less overhead. Awesome savings in hardware costs, but, eventually, like our fridge, you have a proliferation of many Virtual instances that can sit around past their expiration date.

Even with Cloud Computing you can experience this kind of pollution -- since provisioning costs are so cheap, even individual developers can throw an app into a Cloud environment with the relative ease of buying lunch on a credit card. What happens if some code is still referencing that instance, but the original owner forgets about it?

With today's flexible, decoupled software approaches, are we absolutely certain some part of a service or app we communicate with is not tied to some service down the line that has "gone sour?" And who judges which Services and virtual instances need to be turned off, when some dependencies aren't clearly labeled? "Whose, uh, thing, was this anyway..."

The answer to "rotten assets" lies in good architecture, a well thought-out plan of testing and rolling out services and Cloud instances around business needs that support the lifecycle (and not just convenience), and a strong governance approach that sets firm Policy (such as declaring expectations for use, expiration date, etc.), enforced with continuous validation that services are operating normally, whether real or virtualized. With some discipline, we have the means to keep our IT environments (and our shared office fridge, for that matter), a lot less cluttered.

Of course, you expect advice like that here. I just thought it was an interesting comparison and invite your thoughts on the concept!

We have covered SOA’s role in green IT before on this blog, (see Making IT More Green and Saving Money at the Same Time Through SOA). Loraine Lawson provides an useful addition to the conversation with her post, SOA's Green ROI.

Lorraine sets the stage with the fact that today, over 70 percent of the SOA adoption rationale is business driven, versus only 30 percent in 2006. She adds that technology may never again be the driving force in the corporate decision process, but in SOA, it will always be the implementation mechanism. We have written that with SOA and many other tech efforts, going green and getting a better ROI are interconnected.

Lorraine goes on to cover the opinion of Deborah Grove, a green IT specialist, who has long been of the opinion that SOA is key to the long-term definition of Green IT. “Right now, we are picking up the 'low hanging fruit' by addressing the PUE (power usage effectiveness) of data centers’ power consumption.  However, looking at the entire IT food chain, ensuring that ecosystems of suppliers, partners, and customers are moving to an online collaborative style with less paper and less independent development of customized applications through the use of SOA means that fewer hardware pieces will be needed for dev and app servers.”

I certainly agree and automated testing and virtualization can play a significant role in reducing waste from the IT food chain. Lorraine points out that Verizon Wireless used SOA to green its IT infrastructure, reducing its hardware footprint by 95 percent. The company measured its ROI by reduced tonnage of hardware in the data center. However, the green of virtualization is not limited to hardware, as we have discussed here (see Guide to Service Virtualization in Enterprise Application Development – Part One of Six.) It is nice to see an increasing awareness of the green potential of SOA.

So much for the decline of SOA. Joe McKendrick reported on a Wintergreen Research projection that SOA will grow by 17% to rise from the current $3.3 billion to $10.3 billion by 2015. This is very consistent with the Research & Markets market 2008 estimate that putting the SOA infrastructure market as growing from $2 billion in 2007 to more than $9 billion by 2014.

We have been discussing the growth in SOA that we see from our perspective for some time. It is nice to see more validation of this perspective. And this is a conservative estimate.

Joe notes that AMR Research sees a much larger market ahead. They estimate the SOA market will grow from the current spending level of $28 billion to $52 billion by 2014. AMR analyst Ian Finley explained that their estimate is based on 600 companies globally, and covered a broader range of software and services than other estimates. I think this broader range of services is appropriate as SOA is dependent on many components, including governance, security, testing, validation, and visualization.

To focus only on SOA infrastructure does not provide the complete picture. There is a much larger pie in terms of the strategy, delivery and maintenance effort required to make SOA happen. It is like only counting sports ticket sales and not including the concessions, gear, TV rights, etc. Of course, this fact is not lost on the leading consultancies and SI partners, who have responded quickly with "SOA CoEs" (Centers of Excellence), coalescing this expertise for their SOA practices.

Joe concludes his post with a quote from the Wintergreen report that conveys some of the current and potential pervasiveness of SOA. "SOA reaches into every industry and every segment of the economy and represents a fundamental change in the way automated process is delivered to replace manual process. Service enabling offerings are a response to the fundamental change in IT, where enterprise competitive advantage is gained from having IT flexibility."

This is a game changer, and we are still only in the first half. Now, if we are going to call "SOA" something else by 2015, that's another matter...

As reported in the tech news, (ex. Former heavyweight Borland bought by Micro Focus) “The Austin, Texas-based software maker said Wednesday that it has agreed to be acquired in its entirety by Micro Focus International in a $75 million cash transaction, unanimously approved by the boards of both companies.”

Borland last described itself as "the application lifecycle management company." It has been struggling and lost a key turnaround player when former CEO Tod Nielsen dropped off early this year to become VMWare's new CEO. Their glory days were mostly pre-web and some products lost out to Open Source upstarts.

cNet said that Micro Focus will acquire each outstanding share of Borland common stock for $1 per share. That sounds cheap even for a former legend in software development circles, but it's a “premium of 25 percent over the closing share price of 80 cents on May 5, and a premium of approximately 67 percent over the average 30-day closing price of 60 cents.”

Micro Focus is an enterprise software management company with a good international presence, and they also rolled in some of the quality and development management tools of Compuware into their portfolio at the same time. It hopes the Borland acquisition to help it gain greater market share, increase its customer base, and capture a larger penetration of the U.S. technology market.

The news did not say if the Borland name is going to be retained. Borland itself tried a rebranding from 1998 to 2000 using the name of "Inprise" before reverting to Borland for its greater name recognition. They also bought one of the original software testing companies, Segue, for $100M back in 2006, as they attempted to migrate from being a development tools provider, to a "software delivery optimization" vendor.

Another interesting year for acquisitions happening here. We certainly don't see the consolidation of established tech vendors slowing down any time soon.

Joe McKendrick recently wrote about Using Downtime to Boost SOA. He refered to Kleber Bacili, CTO and founder of Sensedia, says "times like these may be the perfect times to get your SOA house in order.”" We certainly agree.

As Kleber said, the "recent 'SOA is Dead' debate has actually rejuvenated interest in service oriented architecture," He adds that if your budget has been tightened, this is a great time to clean up those foundering projects that never quite seem to get traction.

Kleber writes that this clean up can best be done implementing SOA governance initiatives with a well-planned and incremental approach. This allows you to streamline wasteful and unruly SOA projects, eliminating duplicated development through governance practices.

Indeed we can turn the tables on mere cost cutting and generate value here. There is plenty of opportunity to increase customer capture and retention, and deliver increased value by delivering the most critical business functionality faster (and with the quality to call it "delivered").

To do so, you need to validate that each release does indeed meet requirements, or you end up with a mark in the cost column instead. Virtualization of services can also eliminate costs while increasing agility, by eliminating the dependencies that can keep your development teams on the bench waiting for access to live services and incomplete systems from other parties.

Of course, if you do all of the above, your teams won't have any excuse for downtime anymore -- they'll be too busy delivering!

SOA continues to move forward, and judging by the headcount at the latest IBM Impact SOA event we attended, it shows no sign of waning in popularity.

Eric Roch recently discussed a TechTarget survey in his post, SOA Survey Points to Practical Approaches. He wrote that the survey results indicate that the top SOA benefits organizations aim for are improved data integration (32%), enable legacy application integration (32%) and integrated disparate department applications (23%). These are very practical approaches to more cost effective data management and IT operations. Integration plays to SOA’s strengths, but also ups the stakes for automated testing, as we have discussed here a bit. You have more heterogeneity, more integration points and more change than ever - and we are far beyond the point where manual or UI testing approaches can succeed. These dependencies are also dynamic, so you need constant validation of business outcomes.  

BPM is the next most common SOA application, with an indication that its use will grow, as 38% of the subjects are planning to use it in the future. The survey also provides another data source to suggest that SOA is not dead as 49% of the respondents said their organization has one or more SOA projects under way. In addition, it is becoming more strategic as 60% characterize their current or future SOA projects as enterprise level as opposed to operating simply at the departmental/divisional level (21%), or single, isolated projects (19%).

We have repeatedly seen SOA used for cost reduction efforts around the integration of distributed systems and improvement of business processes. Eric calls this "SOA blocking and tackling," and says a great deal of it remains to be done. Automated testing and validation provides the means ensure that SOA meets business goals, while virtualization eliminates service constraints in the environment, so testing and validation can continue. 

Dustin Amrheim of IBM recently posted on Five Ways Cloud Computing Strengthens IT: Enhancing Development and Test with Cloud Computing in the Cloud Computing Journal.

Dustin is a technical evangelist for IBM emerging technologies in the WebSphere portfolio. He first noted that much of the discussion about cloud computing covers the administrative and operational benefits. Then he adds that "sometimes lost in the cloud computing benefits discussion is how cloud computing enhances development and test groups in an enterprise."

Dustin then provides five ways this enhancement occurs which are worth remembering:

• First, there is self-service capability, a defining characteristic of cloud computing. You can easily commission and decommission computing resources as appropriate, which shortens the procurement process for testing teams, speeding up development and testing efforts.
• Second, there is enhanced resource availability. Cloud computing, through intelligent virtualization, usage tracking, and more, enables a better usage of the IT resource pool as a single, logical entity.
• Third, is increased environmental fidelity. Test and operation teams may have different conventions and configurations than development teams. Dustin notes that this can lead to unintended application behavior and delays in service delivery. Cloud computing offers a potential solution through the increasingly popular templatized solution stack. These solution stacks can include the application and entire environment down to the operating system. They enable all teams to see the exact environment in which the application was designed and unit tested.
• Fourth, hosted tools allow developers and testers to no longer worry with installing, configuring, running, or maintaining tools on their own machines. Instead, they can log into tools from any machine with a network connection and get to work. 


• Fifth, the four benefits above allow developers and testers to focus more on their core jobs. As a result, organizations can benefit from more developer innovation, increased test quality and coverage, and more.

These are all great features of the Cloud that we are seeing adopted by customers. You will see a lot more of our examples and perspectives on this blog covering how Cloud-based test environments are enhancing application lifeycles.

Service virtualization helps enable many of the above benefits for test and development environments. Third party services and monolithic systems are resistant to being encapsulated "in toto" and operating at realistic performance levels in many cases, so virtualization is a key aspect of completing the Cloud-based test environment circle.

Good material, check out Dustin's post for more detail.

MWD advisors is running a survey on their blog (see "Is there room for architects and architecture in BPM?") exploring their audience's views on the role of IT architects and architecture in BPM. We plan to take the survey and encourage others to do this, as we are interested in seeing the results.

We feel that BPM exists as a discipline outside of any particular IT strategy, but as we have often mentioned in this blog, BPM can be a major driver of service-orientation, as well as governance and quality initiatives.

As the MWD blog points out, there is a lot of talk within the BPM technology vendor community about enabling customers to "scale up" their BPM initiatives. So they rightly suggest that IT architect involvement is likely to be a key factor in shaping how that happens in practice.

They have recently built relationship with the not-for-profit International Association of Software Architects (IASA), and asked them if they would help explore this question. This also want broader input, so we encourage you to participate in this survey and look forward to the results.

Brick Walls Of Virtualization is the title of a recent post by Dan Woods at Forbes.com. The subtitle is, "Without automation, creating and managing system images will slow adoption." I could not agree more.

The "brick walls" refer to the burdens of virtualization that come along with the benefits. On the benefits side Dan mentions the cost savings of less physical servers; increased flexibility to provision systems or change configurations; and better access to resources in the cloud. This latter benefit outsources complexity and shifts capital expenditures to operational expenditures.

You would be hard-pressed to find a large company not already leveraging some mix of hardware and software virtualization. Especially in a down economy, it has obvious value.

However, Dan then brings up the burdens of brick walls. The good news is that the number of physical servers may drop due to support cost and energy pressures. And, the potential bad news: the number of virtualized servers and devices can skyrocket without the physical constraints, and each of these virtualized devices still needs to be managed. We are seeing this all of the time in our major enterprise client engagements - virtual instances can proliferate quite rapidly if not managed carefully.

Here's another, deeper challenge of virtualization in enterprise IT: for all of those virtual servers, you still have dependencies or "wires hanging off" of those, leading to big iron mainframes, SaaS applications, 3rd party services, what have you. These dependencies are resistant to hardware virtualization, so they need to be simulated with behavioral virtualization.

I personally like to compare this phenomenon to unmarked leftovers in a shared refrigerator... [whose food is this, and without opening it up, can I figure out how long it has been here?]

Dan adds that a "whole new class of IT systems-management software and techniques is needed to create a virtual data center operating system." Part of the increased requirements for systems development and administration involves testing and continuous validation, and part of this involves better management of both VMs and Virtual Services, a topic we will discuss in further detail on this blog.

There is much more in Dan's post and I recommend going to Forbes.com to read it. I liked his concluding remark, "The upshot is that IT, which is dedicated to automating the rest of the business, must start spending more time automating itself." Well said.

We have now made available the complete podcast of a recent webinar in a compact video: Realizing the Benefits of Enterprise Integration and SOA at Lower Costs, featuring iTKO’s John Michelsen and Perficient's Eric Roch who cover how to achieve shorter release cycles and lower costs within SOA implementations. Here's an overview of some of the topics covered in this well-attended session on iDevNews.

Eric begins with key challenges to successful EAI and SOA implementations and some case study examples. Perficient is involved in technology implementation with over 1500 consultants. Eric leads the Business Integration Practice that includes BPM and SOA. He covered integration testing that includes a combination of services, components, and systems. Eric said that the scope of most projects causes test environment complexity issues and service availability issues as we have often discussed here. Often quality assurance is pushed to the end, and companies end up with infrastructures that do not perform. There are also complex dependencies between development groups.

Tools are also often dated holdovers from client server days. So companies must either build or buy new test tools. Most companies start off in a build mode but they end up with tools or custom "test harnesses" that cannot be used in a repeatable way. The test harness building option can become more time consuming than building the application itself. Eric encourages companies to make a well-considered test tool decision to ensure there is sufficient agility. Eric then went into great detail on the specific test requirements in SOA and provides a case study from an electric utility company where they employed multi-tier testing with LISA, and used the Virtual Service Environment capability to simulate "test reponsive" endpoints on the ESB, Services and data layers, rather than hand-coding their own responders. See the attached diagram for an example:

iTKO founder and "Chief Geek" John Michelsen then drilled down into a bit more detail on testing, validation, and virtualization within SOA. He focused on areas where you can drive out costs and provide greater efficiencies. John mentioned that traditional testing methods cannot automate testing in the complex world of SOA and this limitation produces significant inefficiencies. We can now build applications faster than we can test them using the traditional methods, and this adds unintended costs to SOA implementations. The power of SOA to integrate services raises the complexity to test this integration.

John covered how iTKO LISA automates testing, provides continuous validation of the integrated services, and offers virtualization to get around availability constraints on testing and validation. Virtualization gives almost infinite ability to virtualize constraining services and also strips out up to 90% of traction costs for these services. He mentioned an example from a cable company where a simple code change caused significant ramifications to the services that were affected. Continuous validation can pick this up.

Then a Q&A session allowed for further exploration and a great deal of interaction. The first question asked if the John and Eric had noticed project failures when firms attempted to integrate several ESBs, often as the result of mergers or acquisitions. John gave a number of examples and how the issues were addressed with iTKO after the problems occurred. Eric offered other examples and how they handled the issues.

The next question asked how to use virtual environments for integration testing. When can you use service virtualization versus requiring a live validation? John aid that this is a great question as it gets to the heart of the iTKO virtualization approach. LISA does not virtualize you, it virtualizes the things you are dependent on. In about 80% of your development cycles, that fact that your downstream service is live is a problem that service virtualization can address. Now in the final stages of integration testing, then you want to test against live data. So you virtualize your dependencies to take costs out during development and then switch to live data at the end. Eric offered some more examples.

The next question asked if John and Eric had experience with the virtual validation of SOA governance and how this worked? John first replied. LISA provides the infrastructure to do this and experts at firms like Perficient can use LISA and integrate it as the validation engine. Eric added that governance is about people, processes, and policies. He likes to fit the governance model to align with the culture of the organization. Then you measure it and change it over time. You cannot get too heavy handed about governance without creating adoption problems. Eric went on to offer more details on how they do this.

The next question asked how a delivery partner like Perficient can keep its own costs down in a complex implementation to stay competitive. Eric said they bring expertise and they have a set of methodology to increase project velocity. He often sees that SOA is too focused on architecture and services but not covering the business issues and the quality concerns. It is about the process and not the technology.

Then the moderator asked why testing is such a big chunk of SOA implementation costs when there is now a modular architecture. John said that at the granular level testing is easier. The problem comes with the overall number of dynamic parts and the resulting complexity. Eric said the problem of dependencies in the lifecycle has existed for a while, even with mainframe systems. You can get efficiencies if you can eliminate dependencies.

We encourage you to hear the complete podcast. It is available at our iTKO Resources site.

So many of our customers have large-scale ERP packages like SAP or Oracle that form the IT foundation of the enterprise.  While at the outset this sounds like a simple architecture, given that you are working with a single vendor over a longer timeframe, in fact these systems are themselves rife with complexity and heterogeneity.  And so many applications now connect into the ERP via various forms of adapters and message buses, that you end up with the classic alphabet soup of technologies at play.

"iTKO/SAP Whitepaper: Validation & Virtualization of SAP Enterprise SOA Applications with iTKO LISA"

This new paper iTKO co-authored with SAP, after working with them in their labs, helps customers see just how valuable a service validation and virtualization offering can be in these environments.  By SAP’s own calculations, customers spend millions of dollars every year standing up and maintaining development and test labs for SAP, even when running on virtual hardware.  And when they need to perform complex integration and load tests with other systems, millions can become $10s of millions to support these environments.  

Our strategy of virtualizing the services layers of these complex applications in a VSE (Virtual Service Environment) like LISA offers is a great way to eliminate those costly constraints, and make it practically zero cost to stand up. This approach is great for our software partners like SAP, and especially for the end customer. After all, we all want to focus IT budgets and especially our integration and innovation efforts toward technologies that contribute revenue to the bottom line, and not manual support and configuration costs that aren't repeatable.

Yes, even big ERP is getting nimble for SOA. We expect even more collaboration with SAP and other software partners to better improve quality and agility for customers with Virtualized Services. You can also find the paper posted by co-author Joerg Nalik Ph.D. on SAP's Developer Network and COIL blog here: https://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/14083.

I enjoyed Mike Kavis’s post, Cloud Insanity - Focusing on all the wrong things, again, especially his definition: "Cloud Insanity - To repeat the same behaviors that caused SOA to fail and expect a different result." How true. We have written a good bit on this blog about how SOA can succeed if you pay attention to the right stuff, like the governance issues, the business issues over the tech issues, and change management (see for example, Avoiding SOA Disillusionment - eBizQ Panel Recap).

These are some of the issues that Mike also lists as things to address with both SOA and the cloud. He goes on to say that we should focus the cloud debate on how to "tackle security and compliance, how to manage hybrid solutions, how to provide reliability and scalability, how to prevent latency, and many other important topics. But enough of the Cloud Insanity."

As with any hot technology, we have many vendors and consultants repackaging their expertise as a "miracle tonic" for Cloud Computing, without regard for the drivers that determine where it makes the most sense for business. We should apply the lessons learned from successful SOA efforts to help ensure that cloud efforts are successful (see Avoiding the Hidden Costs of Cloud Computing with Lessons Learned from SOA).

One of the additional lessons similar to service-oriented development is the need for systematic testing that makes use of automation and virtualization as much as possible, so we can validate changing cloud-based services as part of a continuous business process. In return, Cloud computing is a boon for test labs and virtualized service environments, adding a lot of flexibility and options in how these assets are deployed for the business.

Here is an interesting post by Jeremy Chone in Bits and Buzz on Enterprise Web vs Consumer Web [2.0]: Top Six Differences. I was struck by this comment on one differences and thought of similar things we've seen in the field. Especially the fifth factor.  Here it is in Jeremy’s words.

"5) Integration (Loose vs Strict) ... In the consumer space, application integration happens very organically. Application providers (e.g., Twitter) or application container providers (i.e., Facebook) define  interfaces with which everybody can integrate. The result is that thousands if not hundreds of thousands of applications will potentially integrate with some of these interfaces. Consequently, interfaces tend to be simpler, lighter (e.g., REST), and often even client-centric (e.g., OpenSocial and iGoogle). In other words, consumer application integration is about breadth rather than depth. In the enterprise space, on the other hand, application integration has to be thoughtfully designed and managed and often has an impact in all layers of the application (i.e., presentation, logic, and data). Heavy and expensive technology, such as ETL, SOA, JMS, and Portal, are often an effective way to establish strong integration between applications."

Many of the current enterprise application efforts have been influenced by the consumer web (and you can call it 3rd party services, Cloud, SaaS, what have you).  However, success depends on recognizing the challenges and differences, as much as the opportunities and similarities. Much of the consumer web involves preparing for the unknown such as traffic volumes, as well as integration from multiple and unanticipated applications that you may not have control over, or be able to enforce an expected service level on.

While more is often known about the architecture in the enterprise world, the level complexity can go way up due to much deeper layers of system-to-system interaction.  There is also less tolerance for lapses in performance and data integrity.  This is where the edge between Consumer Web and enterprise applications gets particularly jagged, and where we are seeing the most innovation.

For instance, the need for software testing to be truly stateful and asynchronous as you cross over the edge between the enterprise and consumer web is a necessary thing (and quite a mouthful) -- if we are going to consume the best of both in our distributed apps.

How do you validate a transaction, if the response may move around among several third parties and decision points, and maintain its state when (and if) an appropriate response occurs? This kind of leap is going to take a lot of automation and innovation to allow the two to achieve scale.

I like the way this post, Gartner Says SOA Is Evolving Beyond Its Traditional Roots, starts out: "Despite the economic downturn, Gartner analysts said they do not anticipate a dramatic drop in SOA adoption."

It goes on to quote Jess Thompson, a Research VP we've enjoyed talking to at Gartner: 
"SOA underpins and enables initiatives aimed at cost reduction, such as SaaS or BPM, and we have noticed a growing interest around SOA from vertical industries like government and healthcare, which have been waiting for the technology and best practices to mature."

The post goes on to acknowledge that there are horror stories about SOA projects failing that have created a perception that the era of SOA is over. However, they add that the lack proper SOA governance is, and will be through 2010, the most common reason for SOA failures. This is something we have discussed a bit on this blog (see Avoiding SOA Disillusionment).

They conclude that quite contrary to going away SOA is actually emerging from the Trough of Disillusionment within Gartner's Hype Cycle and climbing the Slope of Enlightenment. It is good to see this trend in the field. Indeed, their previous commentary on SOA talked about fewer enterprises starting new SOA projects in 2008 - which is true - when you consider that any expansive IT department is already leveraging elements of an SOA model and it is quietly being used to create value.

A quick note: We’ve made some significant improvements to the iTKO website (www.itko.com) today that will provide clearer starting points for learning more about testing, validating and virtualizing today's distributed enterprise apps.

As a highlight, look under Next Steps, where there is a cool new 3-min Flash movie that summarizes the benefits and capabilities of LISA in the context of the 4 C’s. Take a look:  http://www.itko.com/site/demo.html

We’ve also expanded the Solutions section to covers several new categories including ALM, cloud computing, outsource optimization, and others. We think the updated UI is a little cleaner and hope you agree. Let us know what you think!

Neil Ward-Dutton recently posted a comprehensive piece on Cloud computing, SaaS and SOA - the universal service network. He wrote that "Regardless of where services come from (and indeed because they will come from multiple places, creating cross-enterprise service networks), it's increasingly the case that in order to deliver effective IT capabilities in the 21st Century, you need to understand SOA principles and build technology and management structures that really support the principles of service orientation."

He then goes on to discuss two sets of business user expectations. First they expect flexibility. Neil writes, "when business teams that are using SaaS-based offerings learn about the infrastructure side of the story - how easy they can be to customise, extend, and integrate with - and ask why internally-developed systems don't exhibit the same qualities? Another slab of SOA pressure, that's what." The business will demand a high level of flexibility and control in how service-based offerings are composed and consumed.

Later Neil brings up the second expectation. He refers to Todd Biske, on ITIL and SOA, and states how it's "crucial to consider the full service lifecycle when you do SOA, and drive governance to ensure that you can deliver "real service" - not just code wrapped in XML-based interfaces." Then he offers some examples where the provider's idea of service doesn't match the consumer's expectation.

In addition to flexibility, businesses want applications that work. These two points go to the heart of the need for higher levels of test automation and agility throughout the design and development process, as well as the benefits that virtualization can bring to both flexibility and getting good, ready data.

Without rapid, repeatable test cycles, you cannot achieve flexibility as development cycles get bogged down. This was the fate of one financial service institution before they moved from manual to automated testing. Service Virtualization can further accelerate the development process by eliminating the bottlenecks of constrained or unavailable systems as one European telco discovered.

Neil concludes that the "rise of cloud computing and SaaS should entice us to revisit our development-centred assumptions about SOA and search for a 'bigger picture' that focuses on consumer expectation and value first." One way to do this is to simplify the development process and enable faster iterations. This enables us to focus less on the integration challenges of the technology, and more on the business challenges the technology is designed to meet.

Alex Handy recently wrote about virtualization in testing for the San Diego Times. (see Virtualization bridges, from development to IT). He notes that virtualization is a hot IT topic and begins with the  comment that, “many of virtualization's proponents see the technology as a way to bridge the gap between operations and development. The path to that bridge, they say, is often through the test lab.” He later notes that on the application side, developers are motivated by speed and flexibility. These concepts are often completely lost on the operations side, where the focus in on cost and control. Virtualization addresses both needs.

In addition to saving time and money, Alex notes that it can provide continuity to a support team as it can look at a given user's exact deployment of a given application or a given group's exact configuration. This can really accelerate the support and remediation process.

One challenge arises when virtual test beds attempt to enter distributed application environments, such as Cloud Computing and SOA. When an application is tied into a network of services offered throughout an organization's extended network of partners, how can they be added into a test environment? You can't just take a hard drive or a server and replicate it, when many of the elements in the environment aren't available for that activity, or they are far too complex to realize cost-efficient hardware virtualization models.

Here Alex quotes iTKO's John Michelsen, who said that this issue can be troublesome for large development projects inside and outside of the cloud. "In the real world, there's an airline that has 1,500-plus regression tests that run on a nightly build," said John. "They spent three or four hours each day dealing with about 10% of those tests failing every night. The vast majority of the failures were false failures." The lack of availability to the needed services, and relevant data for testing, made the test lab a major bottleneck during the software lifecycle.

Service Virtualization, using a Virtual Service Environment to capture and simulate the behavior and data of interconnected systems, addresses this issue through bypassing the constraints of operating in the real world with production systems. Here is an example of how an airline addressed this issue with virtualization. 

George Lawton recently provided a post describing how "as with SOA, some development costs obscured by cloud computing." He extensively quotes iTKO’s John Michelsen and this is greatly appreciated.

George writes that while cloud computing holds great promise, it will be filled with surprises, and some of these will reflect surprises encountered in the early going of SOA. The more loosely coupled and distributed the cloud based system becomes, the more moving parts you don't have control over -- and the more hidden development costs lurking within this loose coupling.

Much of cloud functionality is created and hosted outside the organization, which creates ideal "pay as you go, leave when you want" cost and agility advantages, but it still requires testing, perhaps more than ever. To compound the problem "after the application is deployed, the service provider can make changes that could adversely affect the application without notice."

These needs call for automated testing and continuous validation. Then new two needs emerge as George notes. "After an application has been tested and deployed, paying per-unit of service (storage, CPU time, and bandwidth) allows a new app to get deployed with minimal cost. But these fixed costs can take a hidden toll when a company has to do any sort of testing, and particularly load and performance testing of a new app."

For instance, take a firm we know, whose operations team needed to run a performance test to verify required Service Level Agreements (SLAs) to verify that customer response times would be within bounds. One routine test cost about $10K in access fees from the service provider - an unforeseen bill that wouldn't have appeared if the team was banging on their own servers. That inhibits the team from testing and adjusting their service appropriately.

In addition, there is lack of control and ready access over many of these external services, especially if they are still being developed. This is where service virtualization comes in. Now you can bypass costs and areas where you cannot easily set up test situations on dependent services. As George notes, the methodologies and tools that were developed for SOA testing and validation will come in handy to handle cloud applications.

Of course, none of these challenges mean Cloud-based development isn't a great thing. We love it for all the reasons we loved SOA, then SaaS-based models, because it gives the enterprise incredible flexibility and lower cost of entry for needed infrastructure and applications. We are also seeing a new level of quality by pushing Virtual Services to provisioned Cloud environments for testing and performance labs, in order to keep unexpected third-party costs under control and allow unfettered access to test and development teams.

Expect to hear much more on this front as Cloud Computing gets tapped for serious, distributed enterprise applications that need validation and virtualization.

James Governor, co-founder of RedMonk, recently spoke at IBM Virtual Global SOA Forum. Joe McKendrick provides a transcript of his talk on ebizQ, "Work Smarter, Take Out Costs In a Tough Economy." He begins with saying that he "wants to talk about culture, because service oriented architecture clearly sounds like something technical, but really if you want to succeed, its going to be all about the people."

He goes on to say that SOA is the language of change. SOA was started, in part, to enable businesses to become more flexible. "Enterprise customers were concerned that their cost of integration was very high. Once they had built a system, effectively, they poured concrete onto it." This probably affected the thinking about business process and the ability to innovate, and not simply the technology components.

In today's economy, change is needed more than ever. It now takes on two components, the ability to quickly adapt to changing market conditions, and the ability to do this in a cost effective manner. Though SOA was once an overhyped term, there is a "little soa" in the way companies are now quietly using service-oriented approaches to create real value.

"Little soa" encompasses everything else lumped under flexibly leveraging technology to meed business needs - from BPM to integration platforms, rich Internet apps and REST-based approaches that have business services under the covers. "Little soa" can address both of these components and hopefully changes the way people think about innovation and the capacity to engage in it and implement it. This is where the people side of technology comes in.

James goes on to say, “We're going along this road, and it’s very important that we need frankly, a fast car that will keep us on the road. And SOA is a language that the business can talk to IT and systems, in order to stay on that road. In order to have alignment, so that we can move forward, and actually deal with change, and deal with these curves that we're being thrown."

He later mentions virtualization. This is one way to keep the fast car moving forward and stay on the road at lower cost. We have been covering this in our series on Field Reports on SOA Success. See for example, Part Five: Major Airlines. Here the airline was able to virtualize the kinds of services that are normally prohibitively costly and complex to replicate using conventional means, and keep their SOA development and testing on track.

(Concrete Photo by Brenda Anderson and Car Lights Photo by miss blackbutterfly both from Flickr.)

Ok- this post is about ourselves - but we do have cause for celebration. We are thrilled to announce the release of LISA 4.6 Suite today. We believe this latest edition takes LISA miles ahead in terms of Service Virtualization capabilities and breadth of support for heterogeneous technologies, rich internet UIs, and ease of use.

You can read the official iTKO press release here:

iTKO Releases LISA 4.6 Product Suite with Third Generation Service Virtualization Capabilities, Enhanced UI Testing, and Expanded Policy Validation and Governance Support
LISA 4.6 Suite Proven at Key Enterprise Customers and Reviewed by Analyst Firm Butler Group

Congratulations to the LISA development team, and many thanks especially to iTKO's beta customers who stepped up to validate this release and provided us with insightful feedback over the last months.

Additional coverage on LISA 4.6:

• Infoworld: iTKO touts Web 2.0, virtualization in test product