LEARNING OUTCOMES
When you have completed this chapter, you should be able to demonstrate an understanding of the following:
7.1 THE STEPS IN SOLUTION TECHNOLOGY DEFINITION
The aim of solution technology definition is to show:
Solution technology definition is based on a model that allows solution components (SBBs) and interfaces between them (SBBIs) to be mapped to infrastructure components using a step-by-step approach (see Figure 7.1).
Each component has a set of functional requirements and NFRs and some, but not all, of these requirements will map to infrastructure service requirements. An infrastructure service requirement must include the level of service required.
Infrastructure service requirements map to suitable infrastructure services that can meet the requirement. If an infrastructure service exists, or is planned for, it will appear in the infrastructure catalogue and will be mapped to one or more infrastructure components. If a service requirement does not map to a suitable infrastructure service, this indicates a gap.
Solution technology definition is a critical activity in making the transition from logical design to physical implementation and ultimately deployment. The key stakeholders involved in this transition are:
The steps outlined here are arranged in a formal process that can be used to produce a solution technology definition using the outputs from gap analysis. A less formal process is often used during solution design to assess the physical dimension of a solution. For example, as soon as any infrastructure service requirements can be identified, the solution architecture team can discuss how they might be implemented in the current infrastructure architecture landscape and how they might fit into strategic planning.
Fallowdale Hospital patient communications: early stage solution technology definition
During the solution outline definition phase, it has become clear that the capability to send emails would be in scope for the solution. The solution architecture team has decided to consult with the infrastructure architecture function to understand any technological aspects that might affect the design.
Infrastructure architecture has raised the following points:
A provisional decision to use a cloud-based email system has been made and communicated to stakeholders with an outline of the benefits of this approach.
The steps to define the technology for a solution are:
7.2 PRECURSORS, REQUIREMENTS AND CONTEXT
The starting point for solution technology definition is the solution design. This contains the components and interfaces that make up the solution and define its scope.
Any technology needed for the solution must be within this scope. For both solution and infrastructure architecture, however, impacts may extend beyond the scope of the solution. For example, a change to an existing system could impact other users even though they are out of scope for the solution.
Other models, artefacts and documents can provide additional detail to support the process of solution technology definition. The solution architecture team is responsible for making all necessary information available for use by the infrastructure architecture function and any other roles involved. This can include:
The infrastructure architecture function is responsible for reviewing the solution design and associated information and raising any queries. Queries typically concern clarification of design decisions, perceived gaps in the information provided, or projected timescales that could affect the availability of infrastructure components.
The solution architecture team is responsible for ensuring effective communication with stakeholders at all times during the solution architecture life cycle. The solution architecture team is accountable for the fact that all stakeholders are informed about all activities and decisions that affect the solution. In addition they are accountable for the fact that stakeholders who are directly affected by a decision or who have registered a related concern are consulted before the decision is finalised. This includes escalating any significant decisions, such as those that may impact on the business requirements, budget or timescales, to the business sponsor for approval.
7.3 BASELINE OPPORTUNITIES AND TARGET CONSTRAINTS
Baseline opportunities are beneficial changes that can be made to the baseline infrastructure architecture as part of the implementation of a solution. These are opportunities to incorporate changes to the infrastructure architecture with those required for the solution. This approach can save effort, reduce costs and bring forward desired changes that would normally require a separate change project or programme.
Note that baseline opportunities can occur in other subdomains of enterprise architecture such as business, data, information or applications architecture. For example, the implementation of a solution may provide an opportunity to rationalise or redesign business processes that would otherwise have had to wait for a separate programme of work to be authorised. However, the opportunities being identified and considered in solution technology definition are primarily from the infrastructure architecture domain.
A major source of opportunities is the IT strategy. This represents decisions that have been made by business leaders about the future direction of IT infrastructure within the organisation or enterprise.
Fallowdale Hospital patient communications: baseline opportunities
The Fallowdale Hospital IT strategy contains the following items:
Activity 7.1
Based on the hospital’s IT strategy, identify one or two baseline opportunities where existing strategic aims can be achieved by choices made during the solution technology definition process.
The other area that can be revealed by a close inspection of the overlap between infrastructure architecture and solution design is that of constraints. Constraints are limits within which infrastructure and solution architecture must work to define the technology that will be part of the implementation of the solution. These constraints also apply to those who will implement the solution in the completion phase.
There are many different types of technological constraint. The main ones are shown here:
The idea of approval or preference of certain infrastructure technologies, or products that implement them, has been adopted by many organisations. This has a number of benefits for infrastructure architecture. It acts to limit the number of different technologies in use by controlling the choices available. It can also help by ensuring that technologies and products have been through a process of assessment and trial.
A simple way for an organisation or enterprise to express technology preferences is to use the infrastructure catalogue. Each item in the catalogue requires a status to indicate the type of preference expressed. This can be complicated or simple. A simple system involves a RAG or traffic-light rating, so that each item is either red, amber or green. Here, red indicates it is not to be used for new projects and any opportunity to remove it from the infrastructure should be acted upon. Green indicates that this is a preferred technology or product and should be the first choice. Amber items may still be used, but approval to do so by the infrastructure architecture function or another authority is required.
An alternative, more dynamic approach is a technology radar that gives technologies and products more of a life cycle.
Technology radar
A useful analogy for the rapidly changing nature of technology is provided by a radar system such as those used at airports to track the flight path of incoming aircraft.
Technology also has a kind of flight path and IT professionals even speak of their awareness of a particular emerging technology as being ‘on the radar’. This is used in a formal way by many organisations to keep track of their interactions with technology. It can then serve as a guide to the suitability of different technologies as part of the infrastructure architecture and therefore as components of a solution.
The technology radar shown in Figure 7.2 would be accompanied by a key showing what technology is represented by each of the items shown on the radar. A technology can only be in one segment and one ring at any point in time, although it is possible for one version to be in deploy and a newer version to be in trial.
This can be as simple as categorising technologies, and products that implement them, as:
Other levels are sometimes used, such as having an assessment stage before trial or having a retirement stage before decommissioning. For example, an additional process of authorisation could be required before technologies outside of the ‘Deploy’ ring can be used as part of a solution.
Like an airport radar, a technology radar needs someone scanning the horizon for new technological developments and making decisions about their relevance to the organisation or enterprise. This leading-edge awareness of innovation needs to be backed up by processes and procedures to ensure that the most useful and relevant technologies are used to benefit the business.
One important benefit of using a technology radar is that it communicates enterprise decisions to a wide audience in a clear and accessible way. It is extremely useful for stakeholders to be aware of what is available for use or undergoing a trial.
The process for identifying and understanding opportunities and constraints takes place between the solution architecture team and the infrastructure architecture function. Other stakeholders may be consulted to support decisions about the effect on the solution design. There are also levels of decision that require escalation to senior business stakeholders, including the business sponsor.
A RACI matrix (see Table 7.1) may be used to show which stakeholders have the responsibility (R) and accountability (A) for carrying out activities, together with those who may be consulted (C) and also those who must be informed (I) about decisions and other outcomes.
Table 7.1 RACI matrix: Understanding baseline opportunities and target constraints
The enterprise architecture function must be consulted if any major change to the infrastructure architecture is proposed to support the implementation of a solution. This is to ensure that any change is consistent with enterprise principles and policies.
Any significant impact on capital or recurring costs must be escalated to business owners and senior managers and their approval sought.
7.4 MAPPING SBBS TO INFRASTRUCTURE SERVICES
SBBs that map to infrastructure services may be of different types:
This activity depends on having a list of SBBs with requirements that can be met by infrastructure services. Where there is a baseline solution architecture that is being replaced with a modified solution design, it would be reasonable to remove any components that do not change from this list. However, this approach risks missing some potential benefits that could be achieved by mapping an existing SBB to an infrastructure service.
Fallowdale Hospital patient communications: including existing, unchanging SBBs when mapping to infrastructure services
The patient communication solution has these two SBBs:
The email generator has a requirement to log its activity so that there is a record of communication with patients.
The letter printer and folder does not have such a requirement because its software already has a log that was considered sufficient when it was first installed.
When this aspect is examined during solution technology definition, a logging service is selected as it:
There is a decision to be made about whether the letter printer and folder should also use the logging service. If it had been excluded from the list of SBBs under consideration, then it is likely that this opportunity would have been missed.
Table 7.2 shows a typical infrastructure service catalogue with services categorised by function. They can additionally be mapped to infrastructure components in an infrastructure technology catalogue.
Table 7.2 Infrastructure services catalogue
Category | Service | Category | Service |
Client access | Devices Desktop management Remote desktop Virtual client Website Landing zone | Content delivery | Content delivery network (CDN) |
Processing | Application server Data centre Serverless computing Containers and management Machine learning Artificial intelligence | Communication | Instant messaging Text Voice Pager Video Letter printer Postal system |
Data storage | Database Big data/NoSQL Backup Archive Logging | Security | Antivirus, anti-malware Firewall Encryption Identity and access management (IAM) |
Secure filing cabinet | Certificates Smartcards Remote access devices Auditing Logging | ||
Data analytics | Data lake Management Information Business Intelligence Data warehouse Dashboard | IoT | Sensors Mobile equipment Transport management (vehicles) |
Enterprise applications | Payment CRM Office productivity Finance and accounting Product management Human resource management Resource planning | Printing | Document printing Plotting High resolution printing Barcode labels |
Monitoring | Application logging Log analysis | Scanning | OCR OMR Image |
Application integration | API (separate catalogue) Integration engine/service bus Business rules engine Data conversion | Development | Environments (build, test, train etc.) Integrated development environments Continuous integration and delivery (CI/CD) |
Networking | WiFi Wired access High-speed networking Internet access VPN | Location/GIS | RFID/NFC Barcodes GPS (vehicles) |
Activity 7.2
Fallowdale Hospital has identified the need to run as many clinic appointments as possible remotely with the patient at home or another healthcare setting, such as a care home or GP surgery.
Identify any additional infrastructure services that may be required to enable this capability. Give a brief explanation of why each service will be required and the impact it will have on the patient communications solution.
The process for mapping SBBs to infrastructure services is driven by the infrastructure function in consultation with the solution architecture team. Decisions may be escalated if they go beyond the remit of infrastructure and solution architecture. Specialist knowledge may also be required, and other stakeholders can be consulted if necessary.
A RACI matrix (see Table 7.3) may be used to show stakeholder involvement in this activity.
Table 7.3 RACI matrix: Mapping SBBs to infrastructure services
For solution requirements where there is an existing infrastructure service provision, reconfiguration may be required, or the capacity expanded. These details need to be recorded for each SBB.
Fallowdale Hospital patient communications: mapping SBBs and their requirements to infrastructure services
The patient communications solution contains the following SBBs, which are shown with some of their requirements:
Activity 7.3
Select up to five of the Fallowdale Hospital patient communications SBBs listed above and:
a. classify each as either technology, information, process, person or role, or organisation unit;
b. identify any requirements that can be mapped to infrastructure services, and specify the type of infrastructure service that could support the requirement.
7.5 NETWORKING INFRASTRUCTURE
Up to this point, the focus has been on selecting the best infrastructure services and components to meet the needs of the solution. Now the focus shifts to how the components connect and communicate with each other to carry out the activities of the solution.
Throughout the process of solution technology definition there is a degree of iteration required. The level and frequency of iteration may vary from step to step, but the aim of achieving the functional requirements and NFRs is paramount. Iteration occurs each time an infrastructure service, provided by an infrastructure component, is proposed as part of a solution. This triggers a review of the solution requirements to ensure that they are all still being met. This is a form of static regression testing.
This approach continues throughout solution technology definition, but the activity of defining the networking infrastructure is a boundary or watershed in the process. At this point any trade-offs between infrastructure services and components should have been resolved so that the focus can move on to connectivity and interfaces.
Solution as a graph
A solution can be mapped as a graph. In mathematics, a graph consists of vertices (singular vertex) connected by edges.
For a solution, each component or SBB is a vertex, and each interface is an edge. The number of edges may be counted on the graph or may be calculated using the degree sum formula.
The degree of a vertex is the number of edges it is connected to. If these are added up for all vertices and then divided by two, the result is the number of edges. Thus, if the number of interfaces is recorded for each SBB, then the total number of interfaces can easily be calculated.
In the graph shown in Figure 7.3, there are:
Figure 7.3 Solution as a graph
Each interface needs to be examined individually to determine the correct infrastructure service requirement. Interfaces are about communication, so the requirements will concern the type and volume of the communication traffic that passes across the interface from one SBB to another. Note that not all interfaces require networking – for example, an interface between two processes may be entirely manual. However, in the interest of completeness, each interface should be considered even if it can be swiftly ruled out.
Note that interfaces between SBBs are known as SBBIs.
The process here is similar to mapping SBBs to infrastructure services. First, a list of SBBIs that require the use of infrastructure services is prepared. The services are mainly in the networking and communications category. The individual requirements for each interface are then identified and clarified. These will largely be NFRs but there may be some functional requirements about the message contents, for example. This information allows suitable infrastructure services to be selected to support each interface.
A RACI matrix (see Table 7.4), may be used to show stakeholder involvement in this activity.
Table 7.4 RACI matrix: Defining the networking infrastructure
7.6 FUNCTIONAL REQUIREMENTS AND NFRS
At every stage in the process of solution technology definition, the business requirements have been checked and validated by the solution architecture team to ensure they have not been adversely impacted by any of the decisions about the use of infrastructure services. Business requirements represent the quality of the solution and are the test against which it will be judged by its stakeholders.
This results in a set of infrastructure components connected by networks that can deliver the requirements of the solution.
However, the nature of architecture is that everything is connected, meaning that a design decision in one area of the solution affects everything else. For example, the decision to select a type of data store, such as a NoSQL graph database, has benefits for analytics that may support a functional requirement but is not so good for one of the NFRs such as data integrity. In other words, design decisions involve compromises that can involve trading off between requirements.
The aim of this activity is to test the design to identify any weaknesses in support for specific functional requirements or NFRs, and then modify the design to try to strengthen support, in a balanced way, for all the requirements.
It is important to recognise that testing at this stage does not mean putting software or hardware through its paces or setting up test environments, nor does it involve recruiting end users and business actors to try out the solution. The type of testing used here is called static testing and is based purely around the solution design and its supporting documentation.
Some static techniques that can be used here are:
The majority of testing is conducted by the solution architecture team with support from the infrastructure architecture function. However, there may be benefits in involving other stakeholders. For example, a representative of the business, such as a business analyst, can give another perspective on what can otherwise become quite a technical activity. Another useful perspective may be introduced by the use of professional testers who are familiar with the techniques of static testing and can help with creating scenarios, tracing requirements and ensuring a high degree of test coverage.
The requirements catalogue is the reference point for all types of requirements and should be used as the source of information during this activity.
A requirements traceability matrix acts as an intermediate artefact to link requirements to solution components – that is, the SBBs and SBBIs.
Existing viewpoints can be used to produce views based on the proposed infrastructure services and components in the solution technology definition.
A RACI matrix, such as the example in Table 7.5, may be used to show stakeholder involvement in this activity.
Fallowdale Hospital patient communications: refining solution design to achieve functional requirements and NFRs
The patient communications solution contains an SBB called the Communication Management System (CMS) that requires information about patient addresses, clinic bookings and patient preferences. These are stored in a data centre using two different data storage services: a relational database management system (RDBMS) and a ‘not only SQL’ (NoSQL) system.
The data centre is connected to the hospital by a high-speed data connection (10 GB/s) and the CMS is connected to the hospital LAN (1 GB/s) (see Figure 7.4).
The CMS makes multiple calls to the data storage services. First it queries the clinic bookings to see any new bookings where no invitation has been sent. Then for each booking it obtains the patient preferences for the patient or named contact (parent, guardian, or carer) if appropriate. Finally, the contact details for each patient are retrieved.
This approach works in theory as the data connections are fast, but it has been noted that the use of the high-speed data connection varies during the day and there are particular points where it is used for uploading 3D imaging data, which can lead to a drop in availability.
This has led to some concerns about meeting the NFRs for data integrity and currency if there are multiple requests for information.
Activity 7.4
Given the information about the Fallowdale Hospital patient communications solution provided above, suggest two options for strengthening the design of the solution to lower the risk of the high-speed data connection compromising the NFRs for data integrity and currency being achieved.
7.7 END-TO-END SECURITY
Information security is an important aspect of solution design and applies in almost every line of business, but particularly so where confidential information relating to customers or commercial activity is concerned. Cybersecurity is also a big concern and this must be reflected in solution design by including robust protection against attack by malevolent parties.
Cybersecurity focuses on protecting computer systems from unauthorised access or being otherwise damaged or made inaccessible.
Information security is a broader category that looks to protect all information assets, whether in hard copy or digital form.
In a solution, there are a number of ways that security can be specified:
Functional requirements related to security should by now have been refined as part of previous activities to a point where they are acceptable to all stakeholders. However, there are some cases where there is some overlap with security NFRs and it is as well to include all aspects of security in the end-to-end assurance step.
In previous steps of solution technology definition, other stakeholders have been consulted and provided input, either by virtue of their accountability for the outcome or because of their specialist knowledge about the operational domain. Security aspects of a solution require highly specialised and current knowledge because of the changing nature of the threats faced. Recognising that security assurance is a complex and specialised field, organisations are increasingly convening a security design authority to make decisions about the security aspects of all solutions within the organisation or enterprise. Much of the accountability for assuring end-to-end security is delegated to this group.
A RACI matrix (see Table 7.6) may be used to show stakeholder involvement in this activity, including the security design authority, if there is one.
The security design authority performs two tests on a solution and provides an assessment that is acted upon by the solution architecture team and the infrastructure architecture function:
Fallowdale Hospital patient communications: assuring end-to-end security
Part of the proposed patient communication solution involves collecting communication preferences directly from the patient using a website. One security aspect of this process is that credentials are provided by the patient and are then matched to patient demographic data in order that the patient can be identified, and their preferences associated with the correct records (see Figure 7.5).
The security design authority performed an assessment of this part of the solution design to check that it complied with all relevant enterprise security directives. The findings were as follows:
The security design authority recommended the solution design be revised to take into account these findings. They also noted the following points that would appear in a vulnerability report:
Activity 7.5
Based on the security design authority’s assessment of the design for updating patient communication preferences, make a list of recommendations for redesigning the solution.
7.8 GAPS IN INFRASTRUCTURE SERVICE PROVISION
A key output of the solution technology definition process is a report on any gaps in the provision of infrastructure services that would hinder or prevent the implementation and deployment of the solution.
Key decisions about the implementation of a solution cannot be taken without this information. For example, service gaps are likely to add to the costs of implementing and deploying the solution, and costs are a major factor in the decision to proceed with any project or programme.
Costs may be accrued by a solution in multiple ways, including those costs associated with solution architecture and design, implementation, deployment and ongoing management and maintenance. The marginal costs linked to infrastructure may be isolated by itemising the gaps in infrastructure service provision and analysing the associated costs.
Exposing a higher-than-expected level of costs may lead to a rethink of:
Whether changes are made in any of these areas or not, stakeholders will be given the opportunity to validate the solution technology definition and may insist on a revision.
The other benefit of identifying and itemising gaps in infrastructure service provision is that the resulting requirements for change must be part of the solution delivery roadmap.
The process for achieving the list of changes and costs is similar to the gap analysis that was performed between the baseline and target solution architectures during the validation phase of the solution architecture life cycle. Here the list is constructed by comparing the solution technology definition and the infrastructure technology catalogue.
Each item may be categorised as follows:
Each of these changes needs to be assessed to establish the size and scale of the change and what will be required in terms of cost, resource and time. Note that although all changes require effort and this is likely to involve some cost, some changes may reduce ongoing costs. For example, in the case of the replacement of one service by another, there will be some cost in making the switch, but the running costs of the new service may be less due to improved efficiency. The entire basis and rationale of some solutions is to reduce ongoing costs, but this can rarely be achieved without investing in change first.
7.9 VALIDATING THE SOLUTION TECHNOLOGY DEFINITION
Once all the steps of the solution technology definition have been completed, all the necessary information is ready to be presented to the stakeholders for validation.
Many stakeholders will have been directly involved in the process and others will have been consulted during decision making or informed of the outcome of those decisions. If stakeholder communication is effective, there should not be too many surprises during the validation step. However, it is an opportunity for all stakeholders to focus on the infrastructure and technological aspects of the solution and see all the relevant information in its completed form.
This step is jointly led by the solution architecture team and the infrastructure function. The information may be delivered to stakeholders electronically for review and followed up with a workshop at which there is an opportunity for discussion and questions.
A solution technology definition validation workshop typically covers:
1. Which step is performed first in solution technology definition?
a. Understand baseline opportunities.
b. Clarify precursors and requirements.
c. Assure end-to-end solution security.
d. Map building blocks to infrastructure services.
2. How is an infrastructure catalogue used in solution technology definition?
a. As a source of infrastructure services for a solution.
b. As a source of requirements for a solution.
c. To define the interfaces between solution components.
d. To define the end-to-end security for a solution.
3. A solution architecture team has completed the logical design and validation phases of the solution architecture life cycle. The solution is now being put through the solution technology definition process. What two possible events during this process will require the solution design to be revised?
i. A security vulnerability is identified.
ii. A solution component is mapped to an infrastructure service.
iii. A target architecture constraint is breached.
iv. An infrastructure service capacity gap is identified.
a. i and ii only.
b. iii and iv only.
c. i and iii only.
d. ii and iv only.
4. Which type of solution component is most likely to map to a networking infrastructure service?
a. Non-functional requirement (NFR).
b. Solution building block (SBB).
c. Architecture building block (ABB).
d. Solution building block interface (SBBI).