Semantic SOA governance is a methodology ensuring that business missions are mapped accurately to the services-oriented infrastructure and that the services developed are reusable, thus reducing the
time and cost of building new applications. Additionally, it facilitates deep analysis of the IT infrastructure in terms of the business operations and enterprise architecture. Two technologies,
semantics and business process management (BPM) when combined with collaboration capabilities produce a dramatic new information management platform incorporating operational governance
capabilities.
Many companies are transitioning from the acquisition of monolithic, client-server systems to the acquisition of capabilities expressed as services. The information technology paradigm supporting
this transition is named service-oriented architecture (SOA). Most large enterprises attempting this transformation encounter significant difficulties. The return on investment that was promised has
not materialized. At least two fundamental issues must be addressed in the deployment of the SOA:
- The “business mission” and the IT mission must be aligned. This problem is solved by providing a framework where the two groups, business and IT, can collaborate over the governance
processes and business processes that are fundamental to achieving success. It also requires the capability for the community of stakeholders to collaborate over the meaning of the terms and data
in the domain using formal semantics (RDF/OWL). The combined approach of using formal semantics and business process modeling enables the data and services to be understood in the context of the
business processes that are using the data. - Once the services are agreed on by the stakeholders using the formal semantics of the domain, services can be discovered in a way that aligns precisely with the business requirements. This
capability lays the foundation for the dynamic discovery and invocation of services needed to enable a dramatically more nimble enterprise with a much lower cost to build and deploy new
applications. It enables robust analysis of the gaps between business requirements and the existing infrastructure as well as showing the costs of closing the gaps.
SOA Governance
SOA governance is usually meant to apply to the management of WSDL-based web services using a UDDI registry by setting service level agreements (SLAs) and other contracts. This includes the
designing, building, describing, and registering of services, as well as the use and maintenance of services.
Figure 1: SOA Governance Business Process Model
For enterprises that are well into their SOA deployments, it is apparent that SOA governance should be considered in a much wider sense to include the issue of mapping the business requirements to
the SOA implementation. Service requirements need to be defined by the business under a closely monitored governance process before the IT team builds out the services. Some amount of iteration is
generally required between the business analyst and the IT group to get the requirements right. Formal business process modeling can be used to define the governance processes so that the
implementation can be monitored and managed using BPM tools. Furthermore, the requirements for business missions,
expressed as business processes, can be formally defined using the same BPM tools. Using formal semantics, the business requirements are then mapped to the properties of the services that are
available from the IT infrastructure. The major advantage of this approach is the grounding of the processes for defining requirements and the requirements themselves in a formal semantic model,
enabling the IT infrastructure to be analyzed within the context of the rest of the business.
Collaboration is vitally important in designing both the governance processes and the requirements for business missions. Through the use of web-based modeling tools with intuitive interfaces,
stakeholders from the business side are able to effectively work with their counterparts on the IT side to accurately and efficiently build accurate models. Audit trails of the collaboration and
process design life cycles are required and available to facilitate governance.
Semantic Service Discovery and Reuse
Obtaining a return on investment (ROI) from the investment in SOA completely depends on the ability to discover and reuse services, and this is where many SOA deployments have failed. The
standard way to describe and expose services is to use a Universal Description, Discovery and Integration (UDDI) registry where the services are described using
Web Services Definition Language (WSDL) along with some arbitrary metadata. In order for services to be maximally reusable, they must be able to be discovered with a high degree of precision, even
when the number of available services can be in the tens or hundreds of thousands. Today, this is hindered by the limited formal (machine-readable) expressiveness of service descriptions (i.e.,
UDDI/WSDLs, APIs). If the properties of services are defined using formal semantics (RDF and OWL), it is possible to achieve a very high degree of precision in the description of a service. Services
can then be discovered by submitting requirements, in business terms, as a query to a semantic repository. The query will return a precise list of services that best fit the requirements.
Figure 2: Discovering Services Required for Business Missions
Clicking on any of the steps in the business process shown above will discover any services that are potentially suited to executing the activity in the business process. The services are ranked
according to how well their properties match the requirements of the business activity.
Services, business processes and business requirements defined with formal semantics can easily be reused by new and existing applications. Since OWL and RDF are machine readable, it is possible to
discover and reuse services dynamically, moving closer to the elusive goal of real composite applications. Without formal semantic descriptions of the domain, business requirements, data, business
processes and services, it is not possible to see how an SOA will the deliver the nimbleness and financial return that is promised.
BPM-Based Portfolio Analysis
As large enterprises attempt to understand where to invest in IT, it is crucial that they first understand the requirements of the business units and have a thorough understanding of the
existing capabilities available within the enterprise. If requirements from one business unit can be satisfied with capability already deployed by another business unit, it should be reused. Of
course, this kind of analysis is impossible to do given the way business requirements and IT capabilities are currently defined. A semantic description of the business requirements derived directly
from the business processes that are used to run the business and IT assets described in terms of the same business processes facilitates deep analysis. It is straightforward to analyze gaps and
calculate costs and savings. In this way, the enterprise IT portfolio can be analyzed and managed in terms of the processes required to operate the enterprise.
Figure 3: Service Analysis