Thursday, January 27, 2011

Scrum: Beautiful and Ugly

Beautiful Scrum: Exists only in theory

Ugly Scrum: Real life Scrum

Sunday, January 23, 2011

Exception/Fault and Error Handling and Ontology in SOA

In any SOA enable environment (Enterprise as well as Product) Exception/ Fault and Error Handling forms one of the major areas during Architecture & Design and Governance (especially Design and Run time).

Before moving forward let us set some definitions:

1. Exception/Fault: These are the business and system conditions which can cause temporary or permanent disruption of instance of service/s. In most of cases this disruption is temporary and with some efforts (run time only though coded at design time) service instance remains alive and keep on serving the clients.

2. Error: These are the life killing system conditions which not only kills a very particular instance of service but may also affect deployment of service. There will not be any run time recovery. The best one can expect is graceful death.
In any SOA enabled environment, typical service interaction can be depicted as:

In this diagram the service under consideration is MyService which is calling right hand side service and being called by right hand side service in some business orchestration.

For Exception/Fault and Error occurrence perspective, exception/fault or error can occur in MyService, or called service or calling service.
For brevity let us call Exception/Fault and Error just Exception. If separation required in Exception/Fault and Error then Exception/Fault and Error will be mentioned explicitly.

As a good exception handling practice any exception occurring in any service should be handled in that service and should be resolved there. If resolution is not possible only then exception should propagated to calling service.

For Ontology perspective, exception can be divided into two broad categories:

1. System
2. Business

And if we go into details of each exception then an exception object (sic!) should have following attributes:

a. Exception Group: most of the applications like to group exception for the resolution and notification perspective.
b. Exception Type: Exception, Error, Warning
c. Internal Exception Code: Code to be used by service internally for logging and identification
d. External Exception Code: Code to be used by calling service
e. Detailed Description of Exception
f. Reporting time for Exception
g. Possible Corrective Action/s
h. Severity
i. Service ID
j. Instance ID: of Service
k. Business Object Name: In some cases/implementations payload and/or stack trace may not contain business object name.
l. Stack trace
m. Payload

The code for exception can follow following nomenclature

Saturday, January 22, 2011

How to infuse Security in SDLC

In most of SDLC methodologies (traditional or agile) security is last thought requirement. But as security cyberspace is swamped by lot of security threats, security requirements need to be infused in SDLC as soon as possible and must be tracked as diligently as any functional requirement.
To infuse security requirements in any piece of software, I generally follow a simple rule. Embed Security requirements as early as possible in SDLC.
I have tried illustrating this thought in following graphic.

I understand this illustration is very simple depiction due to variety of SDLC methodologies followed but something is better than nothing.

Friday, January 21, 2011

Book Review: Beautiful Architecture Leading Thinkers Reveal the Hidden Beauty in Software Design

Book Review: Beautiful Architecture Leading Thinkers Reveal the Hidden Beauty in Software Design by Diomidis Spinellis , and Georgios Gousios: Publisher- O'Reilly: ISBN- 13: 978-0-596-51798-4
Beautiful Architecture book is loosely coupled collection of articles from industry veterans. Book starts with very basics like what is architecture but then deep dive into more complex and intricacies of software architecture. This book is certainly not for green horns.

The book is to be read in non linear fashion. Read first chapter and then on the need and requirement basis, read the respective chapters. I am not going to that what each chapter does which you can get from Amazon or O’Reilly or other reviewers.

As one of the reviewer at Amazon said “too many cooks” and “half backed”.

Disclaimer: I did not get paid to review this book, and I do not stand to gain anything if you buy the book. I have no relationship with the publisher or the author.

One can get more information about book and related topics from:

1. Amazon:
2. BookMooch:
3. Publisher – O’Reilly
4. Book Review:
5. One more review:
6. Last one:

Thursday, January 13, 2011

Book Review: Building Web Reputation System

Book Review: Building Web Reputation System by F. Randall Farmer and Bryce Glass: Publisher- Oreilly: ISBN- 13: 978-0-596-15979-5

Book is primarily originated from the work of yahoo reputation systems employed across various applications. Book also gives examples from eBay, Digg and other systems but strangely leave reputation systems employed by NetFlix, social media (facebook, orkut, etc) and Microsoft.

In initial chapters book focuses on building a graphical language for reputation system. Authors have not leveraged other dominant graphical languages namely BPMN and UML which make things little bit different and difficult.

The primary audience for book are product designers and up to an extent product evangelists.

Book is divided into three parts. Part one focuses on Reputation Systems definition and developing graphical language. Part two covers some advance aspects of language and examples. Part three divulge into details of some of well known reputation systems. Appendix A is devoted to technical details of reputation system (of course yahoo).

Book is light read but certainly deserve an attentive read and particularly from product designers and who ever involved in product conceptualization.

Disclaimer: I did not get paid to review this book, and I do not stand to gain anything if you buy the book. I have no relationship with the publisher or the author.

One can get more information about book and related topics from:

1. Book’s web presence
2. Amazon:
3. Oreilly:
4. Google Tech Talk:
5. One more review:

Friday, January 7, 2011

Cloud Criticism

While whole of IT industry is behind Cloud Computing. But are we paying enough attention to dangers of Cloud Computing! Most probably not. I have tried to list few of the points:

1. Lock in of data in proprietary format.
2. Lock in of business processes in third party systems.
3. Lost control over business data and its presentation (Recent spat between Wikileaks and Tableau).
4. Always on network which is in contradiction of “Eight fallacies of distributed computing”.
5. Very few cloud vendors.



Thursday, January 6, 2011


Recently, I was asked to define simple system and hence simplicity. I realized there that defining such simple (sic!) concepts requires lot of intellectual stress and time. Fortunately, I bumped to a small video by George Whitesides at TED ( in which he talks about simplicity. After taken cue from George, I realized that a simple system (or thing or concept) exhibits following characteristics:

1. Predictable/Reliable: System/thing must be highly predictable and reliable to ensure consistency.
2. Cheap in monetary terms: Must be cheap so newer innovations can be build over it
3. Intellectually Relaxed: Things/concept/system must be have large target population
4. High Performance or value/cost: Value delivered and cost incurred ( in terms of money, time and intellectual stress) must be sufficiently low to make it attractive
5. Stackable (Building block): Things must be able to act as building block in a larger and/or complex system.

Monday, January 3, 2011

Sunday, January 2, 2011

Hierarchy of Dashboard

1. CXO Level
a. High level information
b. Summary of highly complex business processes
c. Summary of high business impact events
d. Optimized for smartphones/tablets
e. Should be able to notify business managers
2. Business Manager Level
a. Department level information
b. Summary and detailed information of processes
c. Summary of high and medium business impact events
d. Notification mechanism built in
3. Line Managers
a. Line level information
b. Business application focused
c. Optimized for workstation
d. Notification mechanism built in
4. Maintenance and Support Staff
a. Focus is on technology
b. Application as well as process centric
c. Notification mechanism to staff
5. Infrastructure Staff
a. Focus is on technology
b. Infrastructure centric
c. Notification mechanism to staff

Saturday, January 1, 2011

Operations in a Service Interface v 3.0

I have listed the operations a service should exposes in my earlier post. I have revised the list. The latest is: