Aras Vision and Roadmap with Aras Innovator PLM Software
The CORA Model Explained
1. CORA - a COmmon Reference Architecture
to design and deliver integrated IT solutions successfully
Theo Elzinga
IT Architect
2. Todays challenges on the Enterprise IT landscape
Today‟s changing business needs affects the way how
organizations and their IT landscape is and should be
organized: Globalization, Enron-downfall etc.
The IT landscape within organizations (“On Premise”) which
supports these changing business needs has evolved into a
myriad of legacy systems, custom made systems, and
Packaged Based Solutions (PBS) from a cocktail of
vendors.
All these different applications are required to primarily
support local changing business needs and are almost
always implemented using vendor-specific reference
architectures.
1
3. Todays challenges on the Enterprise IT landscape
At the same time organizations adding complexity to their IT
Landscape by:
• incorporating loose coupled services from other parties into the
enterprise architecture of tight coupled applications;
• providing services to other external consumers to be processed on
any device.
With the advent of Cloud Computing organizations not only
have the opportunity to outsource (parts of) their “On
Premise” IT but also provide these outsourced IT “On
Demand”.
All this has a profound effect on the internal enterprise IT
landscape because the architecture and the governance of
the IT landscape needs to deal with this cross-boundary traffic
that requires a completely different way of capturing and
implementing requirements.
2
4. What is needed
In order to meet the challenge of supporting new flexible
business models and technologies it is necessary to
improve the control over the IT landscape:
• on both enterprise as well as project implementation level;
• with the focus on a heterogeneous IT landscape;
• for the complete lifecycle of IT solutions;
• between enterprises & social networks.
Today architecture-based approaches, including reference
models, exist to enable this improvement. This helps
organizations to make decisions based on requirements,
through visioning them into a coherent style or structure.
Because they all have difficulties to take these demands into
account simultaneously we've developed the COmmon
Reference Architecture (CORA).
3
5. The CORA-model in detail
Layer
Channel Access
Ultra Thin Client Thin Client Rich Client Security& IT Governance
Ultra Thin Web Browser Mobile Webbrowser
Portal Workstation
Electronic Compliance
Client (HTML) Device (RIA) Channel SOA Governance
Authentication
Presentation Service
Policy
User Interface User Interface Principal
User Interface Service
Process Integration Propagation
Repository
Encryption Service
Registry
Composition
Compliancy
Orchestrated Composed Business activity
Business Business Business monitoring
H2A Orchestration A2A Orchestration H2H Collaboration B2B Orchestration Authorisation
Component Entity Rules
System
Management
Integration Single Sign On
System
Synchronous communication Monitoring
A-Synchronous communication User
Service Management Test
Messaging File Transfer
mediation Management
Logging Repository
Common Management
Integration core Integration Cluster Auditing
Change
functionality metadata
Management
Configuration
Application Management
Make Buy Legacy
Batch
Application Logic Application Entity Application Logic Application Entity Application Logic Application Entity Management
Element Backup &
Recovery
Data
Data Access DataStorage
Master Transactional Unstructured Aggregated Canonical
Data Access
Data Data Data Data Data
4
6. The CORA Model has a robust and diverse
foundation (models, standards, methodologies)
CORA is founded on:
• models describing a stable IT and simultaneously innovative
platform (Ross, Crown)
• modern, open industry standards (IAF, TOGAF, Technovision)
• existing Vendor Reference Architectures (Oracle, IBM/Open Group,
SAP, Microsoft, Intel);
• existing implementation methodologies (RUP/Agile)
5
7. Foundation for the CORA model
Ross
Ross Crown Emphasizes the managerial challenge
needed facilitate maturity
Personalize
Crown
Emphasizes the influence, which individuals
Differentiate have on the behavior of organizations
Both models
Business Modularity Organize
indicate that implementing an innovation
platform to support new business models
Optimized Core Comply can only be achieved when the core is
stable and technology & governance
standards are used.
Standardized Technology
Both models
also show that a stable innovation platform
is an essential part of the IT architecture
landscape.
Business Silo’s
6
9. TRAIN Applications CAR applications
HUB Applications
BUS Applications SCOOTER Applications
Channel Access
Ultra Thin Client Thin Client Rich Client
Security& IT
Compliance Governance
Presentation
Composition (Agile)
Integration (Standardized)
Application (Stable)
Data
8
10. CORA and vendor reference architectures
Channel Access
Security& IT Governance
Ultra Thin Client Thin Client Rich Client Compliance
Ultra Thin Web Browser Mobile Webbrowser Electronic
Portal Workstation
Client (HTML) Device (RIA) Channel
SOA Governance
Presentation Authentication Service
Policy
User Interface User Interface Principal
User Interface Service
Process Integration Propagation
Repository
Encryption Service
Composition Registry
Compliancy
Orchestrated Composed Business activity
Business Business Business monitoring
H2A Orchestration
A2A Orchestration
H2H CollaborationB2B Orchestration Authorisation
Component Entity Rules System
Microsoft Integration Single Sign On
Management
Synchronous communication A-Synchronous communication User
System
Monitoring Intel
Users Service Management Test
mediation Messaging File Transfer
Management
Logging Repository
External Systems API
Service Common Management
UI Comp. Integration core Integration
Consumer Auditing
s functionality metadata Change
UI Process Management Presentation
Application Configuration
Operational Management
Management
Application Server
Communication
Service Message Make Buy Legacy Batch
Cross-cutting
Security
Interface Types Application Logic Application Entity Application Logic Application Entity Application Logic Application Entity Management
Management
Backup & Integration Server
Security
Application Facade Recovery
Data
Business Business Business Database Server
Workf. Comp. Entities Data Access DataStorage
Master Transactional Unstructured Aggregated Canonical
Data Access
Data Data Data Data Data
Server Hardware / OS
Data Data Service
Access Utilities Agents
Storage
Data Sources Services
Network
IBM/Open Group
SAP
User
Oracle Consumers
Portlet WSRP B2B Other
Adobe Business
Interface Portal Dashboards Duet SAP GUI Mobile
Forms Client
User Interaction
Integration (Enterprise Service Bus approach)
Web 2.0 Portal, Rich Internet Apps, Mobile
Business Process Composition Business processes
Data Architecture & Business Intelligence
Search, Desktop, Presence, VoIP
UI Composition Process choreography
Enterprise SOA & Management (BPM)
Monitoring Infrastructure Service
QoS, Security, Management &
Enterprise Performance Management
Consumption
Service & Event Information Planning, Budgetting, Financial Management
Composition Composition & Reporting, Scorecards
Governance
Enterpri Business Intelligence Services
se Atomic and composable
SOA Middleware Data Integration, Query & Analysis, OLAP, Enterprise Management
SOA Management Services Service Bus Dashboards, Reports, Alerts, Real-Time
Reposito Development Tools
Provisioning,
Diagnostics,
ry Content Management Tuning, Configuration
Enterprise SOA Management
Service & Event Enterprise Connectivity & Unified SOA
Development Web Content, Documents, Digital assets,
Provisioning Enablement Integration Imaging, Records, Information Rights
Services Tool & Framework
Service Provider
Identity Management Service components
SOA & Process Management Provisioning, Access
Management,
Process Components Platform Components ESB, BPEL PM, Workflow, BAM, Rules
Federation,
Audit, Directory
Service- Order B2B, MDM, Registry, SOA Governance
Mgmt. Packag
Enabled Order M Custom OO
… B Application Server Packaged
Applications Mgmt. D … Applica Applica
I Operational systems edApplica Custom
M Customer & Partner Non SAP & tion tion
SAP Applications SAP Netweaver Java EE, Web Services, Complex Event tion
Applica Applica
Applications Legacy Processing, XTP, RFID & Sensors, SIP
tion tion
Grid Infrastructure
Application Clusters, In-Memory Data
Grid, Common Metadata Services
11. CORA and Enterprise/Software Architectures
Delivers reference model for
describing the Logical and Physical IS/TI architecture
Enterprise Architecture
Common Reference
Delivers requirements, based on CORA
Architecture
and CORA-vocabularies
Software Architecture
Detailed TI architecture
(Enterprise-level) Used as a quality instrument
Software architecture
Project 1Software architecture
Project 2Software architecture
Project n
10
12. How to use the CORA Model
With CORA it is possible to:
• easily derive the impact from new IT-developments such as cloud
computing
• rationalize the IT Landscape based on
decomposition of Packaged Based Solutions (i.e. SAP, Oracle)
IT Landscape Harmonization
• optimize Solution Shaping because CORA
is aimed at hybrid and cross technology environments
can be modeled in Enterprise Architect, Rational, Aris
11
13. Example: Assessing a Cloud provider
Enterprise SaaS Provider
Own landscape exist of make/buy/legacy Landscape exist of ‘make’ applications
Interfacing through file-transfer
Channel Access Channel Access
Security& IT Governance Security& IT Governance
Thin Client Rich Client Compliance SOA Compliance
Rich Client
Browser Mobile Browser Work- Governance
Portal Portal
(HTML) Device (RIA) station Service
Policy
Presentation Authentication Presentation Authentication
Service
Repository
User Interface User Interface Principal User Interface
User Interface User Interface
Process Integration Propagation Service Process
Registry
Encryption
Compliancy Repository
Management
Authorisation Authorisation
BAM
Single Requirements
Integration
Sign On Management
A-Synchronous communication User Development User
Management Management Management
File Transfer
Test
Logging Management
Common
Release
Integration core Integration Auditing Management
functionality metadata
Configuration
Management
Application Application
Change
Make Buy Legacy Management Buy
Application Application Application Application Application Application Incident Application Application Incident
Logic Entity Logic Entity Logic Entity Management Logic Entity Management
Batch
Data Management Data
System
Data Access DataStorage Data Access DataStorage
Monitoring
Master Transactional Unstructured Aggregated Canonical Master Transactional Unstructured Aggregated
Data Access Backup & Data Access Backup &
Data Data Data Data Data Data Data Data Data
Recovery Recovery
12
14. Example: Enterprise 2.0
Channel Access
Security& IT Governance
Ultra Thin Client Thin Client Rich Client Compliance
Ultra Thin Web Browser Mobile Webbrowser Electronic
Portal Workstation
Client (HTML) Device (RIA) Channel SOA Governance
Presentation Authentication Service
Policy
User Interface User Interface Principal
User Interface Service ?
Apple Cocoa
Process Integration Propagation
Repository
Touch
? HTTPS Encryption Service
Composition Registry ?
Compliancy
Orchestrated Composed Business activity
Business Business Business monitoring
H2A Orchestration A2A Orchestration H2H Collaboration B2B Orchestration Authorisation
Component Entity Rules System
?
Management
Integration Single Sign On
System
Synchronous communication Monitoring
A-Synchronous communication User
Service REST Protocol Management Test
Messaging File Transfer
mediation Management
SAP BSP Logging Repository
Common Management
Integration core Integration
Auditing Change
functionality metadata
Management
Application Configuration
Management
Make Buy Legacy Batch
Application Logic Application Entity CRM Application Logic Application Entity
SAP Application Logic Application Entity Management
(+ custom development)
Backup &
Recovery
Data
Data Access Oracle DataStorage
Risk investigation Area
Master Transactional Unstructured Aggregated Canonical
Data Access
Data AppleData Data
Core Data Data Data ? Yet unclear
/SQL-lite ?
13
15. Example: Assessing the SAP stack
Channel Access
Ultra Thin Client Thin Client Rich Client Security& IT Governance
Ultra Thin Client
Web Browser
Mobile Device Portal Workstation Compliance
Telnet (HTML)
Web Browser SOA Governance
SAPITS Mobile
Authentication
User Interface Presentation SAP Portal SAP WinGUI Service
Policy
Process SAP Webdynpro SAP
SAP Guided Principal
Java Service
Enterprise
Procedure Propagation
User Interface Repository
Services
Repository
Encryption Service
SAP Visual Registry
SAP Universal Composition
SAP Collabora-
Composer Compliancy
Worklist tion
Orchestrated
SAP PI ccBPM SAP PI ccBPM ComposedSAP CAF SAP BRM Business activity
H2A Orchestration
?
A2A Orchestration H2H Collaboration ?
B2B Orchestration
Business Business Business
Authorisation
monitoring
Component Entity Rules
System
Management
Integration Single Sign On
System
Synchronous communication Monitoring
A-Synchronous communication User
Service Management Test
Messaging File Transfer
mediation Management
Logging Repository
SAP PI Broker
Common Management
Integration core Integration
Auditing
functionality metadata Change
Management
Configuration
Application Management
Buy Legacy
SAP ERP Scenario’s
Application Logic Application Entity Application Logic Application Entity Batch
Management
Mainframe
Backup &
Data Recovery
Data Access DataStorage
Oracle DB
Data Access Master Data TransactionalDB
Oracle Data Unstructured Data Aggregated Data Canonical Data
14
17. CORA Assessment Method
Input Output
Design Steps
Architecture
High Level Design
Evaluated Application
Principles
Map requirements onto CORA IT Capabilities Architecture
Architecture Styles And define relationship between elements Application Lifecycle
Directives
Requirements Map technology components onto Input Infrastructure
Functional the relevant IT Capabilities Architecture
Information Assess the results through identifying Risk Area’s
and resolving them
Operational
Check result against architecture
Deployment principles/architecture styles
Establish ownership (Processes/Data/Applications/
Interfaces) and determine location (Central/Factory)
Detailed Design
Derive Application Life Cycle directives
regarding the mapped technology components
18. Architecture
Principles
• Business process principles
• Information and data principles
• Application principles
• Technology Principles
• End user principles
• Security principles
• Product and supplier management principles
Architecture Styles
• N-Tier
• Service Oriented Architecture
• Resource Oriented Architecture
19. Requirements
Release order
Master &
Transactional
data
Execute order
Execute order
Capture facts by sensor Capture facts manually
‘Raw’ data
Transactional data
Filter/Transform to Filter/ Transform to OPC
B2MML data data
Canonical data
Manually complement
data /correlate to order
Transactional data Aggregated data
Retrieve operational Retrieve regional/global
Confirm order
Report Report
Transactional data
Allocate Cost Update Stock
Aggregated data Aggregated data
Retrieve regional/global Retrieve
Report Operational Report
20. Questionaire to map requirements
Layer IT Capability Question
Channel Access Ultra Thin Client Is access to legacy systems required (i.e. Telnet) or by
using Citrix clients?
Web Browser (HTML) Is access through a browser required, where validations
are being performed on the server?
Mobile Device Is access through mobile devices required and if so,
which platforms should be supported?
Webrowser (RIA) Is access through a browser required, where validations
are being performed on both the client and the server?
Portal Is access through a Portal required?
Workstation Is access through a client required which is installed on a
desktop?
Electronic Channel Is non-human access required?
21. “Unbranded” Application Architecture
Channel Access
Ultra Thin Client Thin Client Rich Client Security& IT Governance
Ultra Thin Web Browser Mobile Webbrowser
Portal Workstation
Electronic Compliance
Client (HTML) Device (RIA) Channel SOA Governance
Authentication
Presentation Service
Policy
User Interface User Interface Principal
User Interface Service
Process Integration Propagation
Repository
Encryption Service
Registry
Composition
Compliancy
Orchestrated Composed Business activity
Business Business Business monitoring
H2A Orchestration A2A Orchestration H2H Collaboration B2B Orchestration Authorisation
Component Entity Rules
System
Management
Integration Single Sign On
System
Synchronous communication Monitoring
A-Synchronous communication User
Service Management Test
Messaging File Transfer
mediation Management
Logging Repository
Common Management
Integration core Integration
Auditing
functionality metadata Change
Management
Configuration
Application Management
Make Buy Legacy
Batch
Application Logic Application Entity Application Logic Application Entity Application Logic Application Entity Management
Backup &
Recovery
Data
Data Access DataStorage
Master Transactional Unstructured Aggregated Canonical
Data Access
Data Data Data Data Data
20
22. Questionaire technology mapping
Layer Question
Channel Access CH1. Is it possible to access the application through an ultra thin client (like Citrix?) without loosing
any functionality?
CH2. Is it possible to access the application through a Web Browser without loosing any
functionality? If so, which Web Browsers are supported?
CH3. Is the Web Browser Thin or Thick (Zero Footprint / AJAX, JSON)? If Thick, what development
platforms can be used?
CH4. Is it possible to access the application through a mobile device? If so:
- which mobile platforms are supported?
- is the applications functionality available both online as well as offline? If not, what are the
limitations for working offline?
- which infrastructure requirements exist with regard to support for mobile devices? (i.e. network
connections, gateways, VPN, etc)
CH5. Is it possible to access the application through any portal? If so, which portal standards are
supported?
CH6. Is a portal part of the software-package? If so, is it installed on a separate box?
CH7. Is a desktop-client needed to access the application? If so, can the software be installed on any
OS?
CH8. Is it possible to access the application without human interference? If so, what UI standards are
supported?