SlideShare a Scribd company logo

Assurance for Cloud Computing

Bob Binder
Bob Binder

Invited Talk, Chicago Quality Assurance Association. January, 27 2010, Chicago. Overview of cloud computing - new challenges for achieving high reliability

Technology
1 of 47
Download to read offline
Assurance for Cloud Computing Robert V. Binder Chicago Quality Assurance Association January 27, 2010
Overview  Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 2
 Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 3
Weather Report  What is Cloud Computing?  SOA, SaaS, Outsourced Infrastructure, Hosted Apps, Web Services, Virtualization, Grid …  Economic drivers  Rent versus Buy versus Make  No operational responsibilities  Scalable  “No Software” © 2010 Robert V. Binder 4
Distant Rumblings Yes Does your organization 34% currently have a cloud computing strategy? No 66% 6-12 Months 12-24 4% Months Don’t 8% When will you Know 36 + 18% implement Months 8% cloud computing? No Plan 62% The Future of Cloud Computing, MPS Partners. www.mpspartners.com. © 2010 Robert V. Binder 5
Distant Rumblings 6-12 When will you adopt Months 12 + 3% Months cloud storage services? 5% Will Not No Plan 46% 46% Business Users Are Not Ready For Cloud Storage, Forrester. http://www.networkworld.com/news/2010/012510-cloud-storage-hype.html © 2010 Robert V. Binder 6
Falling Pressure http://www.gartner.com/it/page.jsp?id=1124212, © Gartner Inc. Used by permission. © 2010 Robert V. Binder 7
Excess Water Vapor? Why Larry Ellison hates Cloud computing http://www.youtube.com/watch?v=8UYa6gQC14o © 2010 Robert V. Binder 8
Forecast: Partly Cloudy  Despite the hype, fundamental changes  Broader market, lower barriers  Incremental IT capacity  General purpose apps  Trends  Apps/cycles/storage more like electric power  Outsourcing to reduce cost and risk  Decentralization, reliance on commons  Assurance challenges  Contract-oriented  Ongoing, pre and post release © 2010 Robert V. Binder 9
 Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 10
Role-Layer Model Layers Roles Ownership © 2010 Robert V. Binder 11
Role-Layer Model  Layers  Endpoint, Network, Apps, Data, Hardware  Roles – distinct economic entities  End User  Integrator  Provider  Operator = Provider + Integrator  Ownership  Share, Rent, Buy, Build © 2010 Robert V. Binder 12
Classic IT © 2010 Robert V. Binder 13
Classic IT, c. 1970 © 2010 Robert V. Binder 14
Service Bureau, c.1980 © 2010 Robert V. Binder 15
Client/Server, c.1995 © 2010 Robert V. Binder 16
E-Commerce ASP, c. 2002 © 2010 Robert V. Binder 17
SalesForce.com, c. 2004 © 2010 Robert V. Binder 18
Outsourced Room, c. 2009 © 2010 Robert V. Binder 19
 Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 20
What Should be Assured?  Contract between layer owners  Technical specification, not legal T&C  Confirm  We’re getting what we expect  What we expect is adequate  Certify  We can meet our commitments  Individual  Collective (scalable) © 2010 Robert V. Binder 21
Assurance Concerns  SLAs  Availability, Reliability, Performance  Standby Capacity/Scalability  Security  Authentication  Access Control  Features  Correct response  Data integrity  Effectiveness/Acceptance  ROI, votes, sales © 2010 Robert V. Binder 22
Trust, but Verify SLA Features Security End User – Integrator Confirm Confirm Confirm Integrator – End User Certify Certify Certify Integrator – Provider Confirm Confirm Confirm Provider – Integrator Certify Certify Certify © 2010 Robert V. Binder 23
 Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 24
Microsoft Protocol Validation  Relevance for cloud assurance?  Huge win for model-based testing  Open technology  Supports contract-based assurance  Protocol validation approach good fit for cloud assurance challenges © 2010 Robert V. Binder 25
Open Specifications Initiative  EU/US DOJ Decree  Microsoft must publish server side details  Over 250 protocols (APIs)  Publish protocols as “Technical Documents” (TD)  Open Specifications Initiative www.microsoft.com/openspecifications  One TD for each server-side API/service  Strict and detailed standards for TD content  Goal: interoperability. TDs must be sufficient for 3rd party to replace or use target API © 2010 Robert V. Binder 26
What is a Protocol?  “Remote Desktop Protocol: Audio Output Virtual Channel Extension”  Defines Messages  Defines Behavior © 2010 Robert V. Binder 27
What is a Protocol?  Remote Desktop Protocol: Audio Output Virtual Channel Extension  Example message requirement The Server Audio Formats and Version PDU is a PDU used by the server to send version information and a list of supported audio formats to the client. This PDU MUST be sent using static virtual channels.  Example behavioral requirement The server may send the Training PDU at any time and during any sequence, not just during the initialization sequence. The only prerequisite are that version exchange MUST have occurred and that if the client and server are both at least version 6, the server MUST have received a Quality Mode PDU. © 2010 Robert V. Binder 28
Published TDs on MSDN MSDN Protocol Library http://msdn.microsoft.com/en-us/library/cc216513(PROT.10).aspx © 2010 Robert V. Binder 29
Validation Approach  How to validate TDs?  Is the TD sufficient for interoperability?  Scrutinize  Is the TD accurate?  Develop test for each requirement  Only check over-the-wire data  Protocol Engineering Team  Reviewers – independent 3rd parties  Testers – 3rd party contractor  Microsoft development teams write TDs  Reviewers and Testers Scrutinize TDs  Testers develop Test Suites from the TD © 2010 Robert V. Binder 30
Validation Approach  Extract requirements from TD  Analyze/model protocol contract  Data Structures  Method Behavior  API Behavior  Develop adapters to parse/check messages  Execute test suite  Write “TD Issue” for any anomaly © 2010 Robert V. Binder 31
Validation Process  Develop Technical Document  Study Phase  Start requirements extraction  Define high level test approach  Plan Phase  Define test model  Define test harness  Design Phase  Implement model and drivers  Final Phase  Run test suites, analyze traces  TDs released to MSDN after passing Final © 2010 Robert V. Binder 32
Requirements Traceability  TD parsed to extract line-item requirements  100s to 1000s per technical document  Log requirement record when pass conditions met  R 562: “The server must return 404 in the reply code when the target URL cannot be found.” Contracts.Requires(ReplyEnabled(replyCode) && badURL(true)); if replyCode == 404) { log(562, “Received 404”) } } © 2010 Robert V. Binder 33
Typical Test Configuration Tester Endpoint SUT Control Test Suite (optional) Adapters Tested Endpoint Transport Transport Grieskamp, Kicillof, Stobie, Braberman. Model-Based Quality Assurance of Protocol Documentation: Tools and Methodology. ICST 2009. © 2010 Robert V. Binder 34
Productivity  100s of third party Avg Hours Per Requirement developers trained Task in modeling and TD review 1.1 test development Requirement gathering 0.8  On average, MBT Model authoring 0.5 takes 42% less Traditional test coding 0.6 time than hand- Adapter development 1.2 coding Test case execution 0.6 Final adjustments 0.3 Total, all phases 5.1 Grieskamp et al. Op cit.. © 2010 Robert V. Binder 35
Quality  Produced ~10,000 “Technical Document Issues”  Most TDI’s identified before tests run Grieskamp et al. Op cit.. © 2010 Robert V. Binder 36
 Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 37
Spec Explorer  Model-based Testing Tool  Extension to Visual Studio Model APIs as contracts  Guarded update rules for modeled state  Define accepting states  Generates call sequences and data bindings that “explore” model  Finds update sequences that lead to accepting state  Guards and accepters are the “oracle”  Info and free download http://msdn.microsoft.com/en-us/devlabs/ee692301.aspx © 2010 Robert V. Binder 38
Testing with Spec Explorer  Analyze system under test, create a model program, representing the entire SUT  Define parameters for test generation (“cord file”)  Define behavioral subsets (use cases/scenarios) “machine”  Explore the model and the machine  Generate test cases  Run tests © 2010 Robert V. Binder 39
Netmon  Developed to support Spec protocol testing Explorer  Similar to Wireshark  Parses all published Test Objects Microsoft protocols  Easy to add new parsers Adapters SUT  API supports automated testing SUT  Returns parsed messages Netmon Endpoint  Info and free download http://blogs.technet.com/netmon/ © 2010 Robert V. Binder 40
 Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 41
Testing Cloud Contracts  Obtain or develop API requirements  Amazon Simple Storage Service  Google App Engine  Many others …  Create model program for the contract  One method for each message  One method for each reply  Variables represent behavioral constraints  Scenarios © 2010 Robert V. Binder 42
Amazon Simple Storage Spec Example of a cloud protocol http://docs.amazonwebservices.com/AmazonS3/latest/ © 2010 Robert V. Binder 43
Performance and Security  Working on Spec Explorer approach for  Performance testing  Reliability testing  Security assessment © 2010 Robert V. Binder 44
Implications for IT Assurance  Use the cloud (on-demand capacity) for testing  Assess testability of SLA and API contracts early  Mission-critical apps still need in-house expertise  Integrators will do less traditional testing  Integrators have a double role: confirm/certify  Ongoing monitoring necessary  Favor providers that can demo contracts © 2010 Robert V. Binder 45
Conclusions  Despite hype, cloud computing means significant changes for IT and IT Assurance  Layers, Ownership, Roles  Confirm or Certify  Microsoft success shows how to test cloud contracts  Contract testing viable approach for Providers and Integrators © 2010 Robert V. Binder 46
Thank You! rvbinder@gmail.com 312 404 5341

Recommended

Intranet 2.0 on a Budget
Intranet 2.0 on a BudgetIntranet 2.0 on a Budget
Intranet 2.0 on a BudgetPrescient Digital Media
 
Winning Support For Your Intranet / Intranet 2.0 Initiatives June 2009
Winning Support For Your Intranet / Intranet 2.0 Initiatives June 2009Winning Support For Your Intranet / Intranet 2.0 Initiatives June 2009
Winning Support For Your Intranet / Intranet 2.0 Initiatives June 2009Prescient Digital Media
 
Space to think | Cloud research using Logica futurescope
Space to think | Cloud research using Logica futurescope Space to think | Cloud research using Logica futurescope
Space to think | Cloud research using Logica futurescope CGI
 
Summary of Forrester Q3 2012 Global Cloud Developer Survey
Summary of Forrester Q3 2012 Global Cloud Developer SurveySummary of Forrester Q3 2012 Global Cloud Developer Survey
Summary of Forrester Q3 2012 Global Cloud Developer SurveyJohn Rymer
 
Financial Analyst Day 2013
Financial Analyst Day 2013Financial Analyst Day 2013
Financial Analyst Day 2013avelinakauffman
 
IDC Report : Web Security
IDC Report : Web SecurityIDC Report : Web Security
IDC Report : Web SecurityKim Jensen
 
Quality Assurance and mobile applications!
Quality Assurance and mobile applications!Quality Assurance and mobile applications!
Quality Assurance and mobile applications!Bagaria Swati
 
Let the conversation flow with Brocade vADC
Let the conversation flow with Brocade vADCLet the conversation flow with Brocade vADC
Let the conversation flow with Brocade vADCBrocade
 

Recommended

Intranet 2.0 on a Budget
Intranet 2.0 on a BudgetIntranet 2.0 on a Budget
Intranet 2.0 on a BudgetPrescient Digital Media
 
Winning Support For Your Intranet / Intranet 2.0 Initiatives June 2009
Winning Support For Your Intranet / Intranet 2.0 Initiatives June 2009Winning Support For Your Intranet / Intranet 2.0 Initiatives June 2009
Winning Support For Your Intranet / Intranet 2.0 Initiatives June 2009Prescient Digital Media
 
Space to think | Cloud research using Logica futurescope
Space to think | Cloud research using Logica futurescope Space to think | Cloud research using Logica futurescope
Space to think | Cloud research using Logica futurescope CGI
 
Summary of Forrester Q3 2012 Global Cloud Developer Survey
Summary of Forrester Q3 2012 Global Cloud Developer SurveySummary of Forrester Q3 2012 Global Cloud Developer Survey
Summary of Forrester Q3 2012 Global Cloud Developer SurveyJohn Rymer
 
Financial Analyst Day 2013
Financial Analyst Day 2013Financial Analyst Day 2013
Financial Analyst Day 2013avelinakauffman
 
IDC Report : Web Security
IDC Report : Web SecurityIDC Report : Web Security
IDC Report : Web SecurityKim Jensen
 
Quality Assurance and mobile applications!
Quality Assurance and mobile applications!Quality Assurance and mobile applications!
Quality Assurance and mobile applications!Bagaria Swati
 
Let the conversation flow with Brocade vADC
Let the conversation flow with Brocade vADCLet the conversation flow with Brocade vADC
Let the conversation flow with Brocade vADCBrocade
 
Successful cloud partners idc (en)
Successful cloud partners idc (en)Successful cloud partners idc (en)
Successful cloud partners idc (en)Jarek Sokolnicki
 
Future of cloud computing 2011
Future of cloud computing 2011Future of cloud computing 2011
Future of cloud computing 2011Michael Skok
 
Realise True Business Value .pdf
Realise True Business Value .pdfRealise True Business Value .pdf
Realise True Business Value .pdfThousandEyes
 
apidays LIVE Paris - Bringing Cloud Native to a world of SaaS by Robert Wunde...
apidays LIVE Paris - Bringing Cloud Native to a world of SaaS by Robert Wunde...apidays LIVE Paris - Bringing Cloud Native to a world of SaaS by Robert Wunde...
apidays LIVE Paris - Bringing Cloud Native to a world of SaaS by Robert Wunde...apidays
 
Future Perspective: Cloud Connectivity in an IoT World
Future Perspective: Cloud Connectivity in an IoT WorldFuture Perspective: Cloud Connectivity in an IoT World
Future Perspective: Cloud Connectivity in an IoT WorldJosiah Renaudin
 
Focusing on What Matters
Focusing on What MattersFocusing on What Matters
Focusing on What MattersVMware Tanzu
 
Welcome to SoftSummit 2011
Welcome to SoftSummit 2011Welcome to SoftSummit 2011
Welcome to SoftSummit 2011Flexera
 
Why Hybrid Cloud Demands Consistency
Why Hybrid Cloud Demands ConsistencyWhy Hybrid Cloud Demands Consistency
Why Hybrid Cloud Demands ConsistencyVMware Tanzu
 
Cover Your Apps! Surviving in the Age of the Hyperscale Public Clouds
Cover Your Apps! Surviving in the Age of the Hyperscale Public CloudsCover Your Apps! Surviving in the Age of the Hyperscale Public Clouds
Cover Your Apps! Surviving in the Age of the Hyperscale Public CloudsZenoss
 
Leaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersLeaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersOpSource
 
Navigating the Top Six Business Challenges of Delivering Software as a Service
Navigating the Top Six Business Challenges of Delivering Software as a Service Navigating the Top Six Business Challenges of Delivering Software as a Service
Navigating the Top Six Business Challenges of Delivering Software as a Service LicensingLive! - SafeNet
 
Hybrid Data Pipeline for SQL and REST
Hybrid Data Pipeline for SQL and RESTHybrid Data Pipeline for SQL and REST
Hybrid Data Pipeline for SQL and RESTSumit Sarkar
 
Optimizing the Network for Reliable Application Delivery Across the Cloud
Optimizing the Network for Reliable Application Delivery Across the CloudOptimizing the Network for Reliable Application Delivery Across the Cloud
Optimizing the Network for Reliable Application Delivery Across the CloudEnterprise Management Associates
 
Realize True Business Value With ThousandEyes
Realize True Business Value With ThousandEyesRealize True Business Value With ThousandEyes
Realize True Business Value With ThousandEyesThousandEyes
 
Bt idc event cloud adoption in ireland
Bt idc event cloud adoption in irelandBt idc event cloud adoption in ireland
Bt idc event cloud adoption in irelandFiona Sexton
 
Iveda (OTCQB:IVDA) - Investor Presentation
Iveda (OTCQB:IVDA) - Investor PresentationIveda (OTCQB:IVDA) - Investor Presentation
Iveda (OTCQB:IVDA) - Investor PresentationRedChip Companies, Inc.
 
Iveda Investor Presentation
Iveda Investor PresentationIveda Investor Presentation
Iveda Investor Presentationivedasolutions
 
RWDG Slides: Using Tools to Advance Your Data Governance Program
RWDG Slides: Using Tools to Advance Your Data Governance ProgramRWDG Slides: Using Tools to Advance Your Data Governance Program
RWDG Slides: Using Tools to Advance Your Data Governance ProgramDATAVERSITY
 
Building Outside-in Planning Processes
Building Outside-in Planning ProcessesBuilding Outside-in Planning Processes
Building Outside-in Planning ProcessesLora Cecere
 
Supply Chain Insights Global Summit: Presentation on Outside-in Projects
Supply Chain Insights Global Summit: Presentation on Outside-in ProjectsSupply Chain Insights Global Summit: Presentation on Outside-in Projects
Supply Chain Insights Global Summit: Presentation on Outside-in ProjectsSupplychainInsights
 
How to Release Rock-solid RESTful APIs and Ice the Testing BackBlob
How to Release Rock-solid RESTful APIs and Ice the Testing BackBlobHow to Release Rock-solid RESTful APIs and Ice the Testing BackBlob
How to Release Rock-solid RESTful APIs and Ice the Testing BackBlobBob Binder
 
Lessons learned validating 60,000 pages of api documentation
Lessons learned validating 60,000 pages of api documentationLessons learned validating 60,000 pages of api documentation
Lessons learned validating 60,000 pages of api documentationBob Binder
 

More Related Content

Similar to Assurance for Cloud Computing

Successful cloud partners idc (en)
Successful cloud partners idc (en)Successful cloud partners idc (en)
Successful cloud partners idc (en)Jarek Sokolnicki
 
Future of cloud computing 2011
Future of cloud computing 2011Future of cloud computing 2011
Future of cloud computing 2011Michael Skok
 
Realise True Business Value .pdf
Realise True Business Value .pdfRealise True Business Value .pdf
Realise True Business Value .pdfThousandEyes
 
apidays LIVE Paris - Bringing Cloud Native to a world of SaaS by Robert Wunde...
apidays LIVE Paris - Bringing Cloud Native to a world of SaaS by Robert Wunde...apidays LIVE Paris - Bringing Cloud Native to a world of SaaS by Robert Wunde...
apidays LIVE Paris - Bringing Cloud Native to a world of SaaS by Robert Wunde...apidays
 
Future Perspective: Cloud Connectivity in an IoT World
Future Perspective: Cloud Connectivity in an IoT WorldFuture Perspective: Cloud Connectivity in an IoT World
Future Perspective: Cloud Connectivity in an IoT WorldJosiah Renaudin
 
Focusing on What Matters
Focusing on What MattersFocusing on What Matters
Focusing on What MattersVMware Tanzu
 
Welcome to SoftSummit 2011
Welcome to SoftSummit 2011Welcome to SoftSummit 2011
Welcome to SoftSummit 2011Flexera
 
Why Hybrid Cloud Demands Consistency
Why Hybrid Cloud Demands ConsistencyWhy Hybrid Cloud Demands Consistency
Why Hybrid Cloud Demands ConsistencyVMware Tanzu
 
Cover Your Apps! Surviving in the Age of the Hyperscale Public Clouds
Cover Your Apps! Surviving in the Age of the Hyperscale Public CloudsCover Your Apps! Surviving in the Age of the Hyperscale Public Clouds
Cover Your Apps! Surviving in the Age of the Hyperscale Public CloudsZenoss
 
Leaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersLeaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersOpSource
 
Navigating the Top Six Business Challenges of Delivering Software as a Service
Navigating the Top Six Business Challenges of Delivering Software as a Service Navigating the Top Six Business Challenges of Delivering Software as a Service
Navigating the Top Six Business Challenges of Delivering Software as a Service LicensingLive! - SafeNet
 
Hybrid Data Pipeline for SQL and REST
Hybrid Data Pipeline for SQL and RESTHybrid Data Pipeline for SQL and REST
Hybrid Data Pipeline for SQL and RESTSumit Sarkar
 
Optimizing the Network for Reliable Application Delivery Across the Cloud
Optimizing the Network for Reliable Application Delivery Across the CloudOptimizing the Network for Reliable Application Delivery Across the Cloud
Optimizing the Network for Reliable Application Delivery Across the CloudEnterprise Management Associates
 
Realize True Business Value With ThousandEyes
Realize True Business Value With ThousandEyesRealize True Business Value With ThousandEyes
Realize True Business Value With ThousandEyesThousandEyes
 
Bt idc event cloud adoption in ireland
Bt idc event cloud adoption in irelandBt idc event cloud adoption in ireland
Bt idc event cloud adoption in irelandFiona Sexton
 
Iveda (OTCQB:IVDA) - Investor Presentation
Iveda (OTCQB:IVDA) - Investor PresentationIveda (OTCQB:IVDA) - Investor Presentation
Iveda (OTCQB:IVDA) - Investor PresentationRedChip Companies, Inc.
 
Iveda Investor Presentation
Iveda Investor PresentationIveda Investor Presentation
Iveda Investor Presentationivedasolutions
 
RWDG Slides: Using Tools to Advance Your Data Governance Program
RWDG Slides: Using Tools to Advance Your Data Governance ProgramRWDG Slides: Using Tools to Advance Your Data Governance Program
RWDG Slides: Using Tools to Advance Your Data Governance ProgramDATAVERSITY
 
Building Outside-in Planning Processes
Building Outside-in Planning ProcessesBuilding Outside-in Planning Processes
Building Outside-in Planning ProcessesLora Cecere
 
Supply Chain Insights Global Summit: Presentation on Outside-in Projects
Supply Chain Insights Global Summit: Presentation on Outside-in ProjectsSupply Chain Insights Global Summit: Presentation on Outside-in Projects
Supply Chain Insights Global Summit: Presentation on Outside-in ProjectsSupplychainInsights
 

Similar to Assurance for Cloud Computing (20)

Successful cloud partners idc (en)
Successful cloud partners idc (en)Successful cloud partners idc (en)
Successful cloud partners idc (en)
 
Future of cloud computing 2011
Future of cloud computing 2011Future of cloud computing 2011
Future of cloud computing 2011
 
Realise True Business Value .pdf
Realise True Business Value .pdfRealise True Business Value .pdf
Realise True Business Value .pdf
 
apidays LIVE Paris - Bringing Cloud Native to a world of SaaS by Robert Wunde...
apidays LIVE Paris - Bringing Cloud Native to a world of SaaS by Robert Wunde...apidays LIVE Paris - Bringing Cloud Native to a world of SaaS by Robert Wunde...
apidays LIVE Paris - Bringing Cloud Native to a world of SaaS by Robert Wunde...
 
Future Perspective: Cloud Connectivity in an IoT World
Future Perspective: Cloud Connectivity in an IoT WorldFuture Perspective: Cloud Connectivity in an IoT World
Future Perspective: Cloud Connectivity in an IoT World
 
Focusing on What Matters
Focusing on What MattersFocusing on What Matters
Focusing on What Matters
 
Welcome to SoftSummit 2011
Welcome to SoftSummit 2011Welcome to SoftSummit 2011
Welcome to SoftSummit 2011
 
Why Hybrid Cloud Demands Consistency
Why Hybrid Cloud Demands ConsistencyWhy Hybrid Cloud Demands Consistency
Why Hybrid Cloud Demands Consistency
 
Cover Your Apps! Surviving in the Age of the Hyperscale Public Clouds
Cover Your Apps! Surviving in the Age of the Hyperscale Public CloudsCover Your Apps! Surviving in the Age of the Hyperscale Public Clouds
Cover Your Apps! Surviving in the Age of the Hyperscale Public Clouds
 
Leaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for CustomersLeaders in the Cloud: Identifying Cloud Business Value for Customers
Leaders in the Cloud: Identifying Cloud Business Value for Customers
 
Navigating the Top Six Business Challenges of Delivering Software as a Service
Navigating the Top Six Business Challenges of Delivering Software as a Service Navigating the Top Six Business Challenges of Delivering Software as a Service
Navigating the Top Six Business Challenges of Delivering Software as a Service
 
Hybrid Data Pipeline for SQL and REST
Hybrid Data Pipeline for SQL and RESTHybrid Data Pipeline for SQL and REST
Hybrid Data Pipeline for SQL and REST
 
Optimizing the Network for Reliable Application Delivery Across the Cloud
Optimizing the Network for Reliable Application Delivery Across the CloudOptimizing the Network for Reliable Application Delivery Across the Cloud
Optimizing the Network for Reliable Application Delivery Across the Cloud
 
Realize True Business Value With ThousandEyes
Realize True Business Value With ThousandEyesRealize True Business Value With ThousandEyes
Realize True Business Value With ThousandEyes
 
Bt idc event cloud adoption in ireland
Bt idc event cloud adoption in irelandBt idc event cloud adoption in ireland
Bt idc event cloud adoption in ireland
 
Iveda (OTCQB:IVDA) - Investor Presentation
Iveda (OTCQB:IVDA) - Investor PresentationIveda (OTCQB:IVDA) - Investor Presentation
Iveda (OTCQB:IVDA) - Investor Presentation
 
Iveda Investor Presentation
Iveda Investor PresentationIveda Investor Presentation
Iveda Investor Presentation
 
RWDG Slides: Using Tools to Advance Your Data Governance Program
RWDG Slides: Using Tools to Advance Your Data Governance ProgramRWDG Slides: Using Tools to Advance Your Data Governance Program
RWDG Slides: Using Tools to Advance Your Data Governance Program
 
Building Outside-in Planning Processes
Building Outside-in Planning ProcessesBuilding Outside-in Planning Processes
Building Outside-in Planning Processes
 
Supply Chain Insights Global Summit: Presentation on Outside-in Projects
Supply Chain Insights Global Summit: Presentation on Outside-in ProjectsSupply Chain Insights Global Summit: Presentation on Outside-in Projects
Supply Chain Insights Global Summit: Presentation on Outside-in Projects
 

More from Bob Binder

How to Release Rock-solid RESTful APIs and Ice the Testing BackBlob
How to Release Rock-solid RESTful APIs and Ice the Testing BackBlobHow to Release Rock-solid RESTful APIs and Ice the Testing BackBlob
How to Release Rock-solid RESTful APIs and Ice the Testing BackBlobBob Binder
 
Lessons learned validating 60,000 pages of api documentation
Lessons learned validating 60,000 pages of api documentationLessons learned validating 60,000 pages of api documentation
Lessons learned validating 60,000 pages of api documentationBob Binder
 
Model-based Testing: Taking BDD/ATDD to the Next Level
Model-based Testing: Taking BDD/ATDD to the Next LevelModel-based Testing: Taking BDD/ATDD to the Next Level
Model-based Testing: Taking BDD/ATDD to the Next LevelBob Binder
 
Model-based Testing: Today And Tomorrow
Model-based Testing: Today And TomorrowModel-based Testing: Today And Tomorrow
Model-based Testing: Today And TomorrowBob Binder
 
Mobile App Assurance: Yesterday, Today, and Tomorrow.
Mobile App Assurance: Yesterday, Today, and Tomorrow.Mobile App Assurance: Yesterday, Today, and Tomorrow.
Mobile App Assurance: Yesterday, Today, and Tomorrow.Bob Binder
 
Popular Delusions, Crowds, and the Coming Deluge: end of the Oracle?
Popular Delusions, Crowds, and the Coming Deluge: end of the Oracle?Popular Delusions, Crowds, and the Coming Deluge: end of the Oracle?
Popular Delusions, Crowds, and the Coming Deluge: end of the Oracle?Bob Binder
 
MTS: Controllable Test Objects
MTS: Controllable Test ObjectsMTS: Controllable Test Objects
MTS: Controllable Test ObjectsBob Binder
 
Achieving Very High Reliability for Ubiquitous Information Technology
Achieving Very High Reliability for Ubiquitous Information Technology Achieving Very High Reliability for Ubiquitous Information Technology
Achieving Very High Reliability for Ubiquitous Information Technology Bob Binder
 
The Tester’s Dashboard: Release Decision Support
The Tester’s Dashboard: Release Decision SupportThe Tester’s Dashboard: Release Decision Support
The Tester’s Dashboard: Release Decision SupportBob Binder
 
Performance Testing Mobile and Multi-Tier Applications
Performance Testing Mobile and Multi-Tier ApplicationsPerformance Testing Mobile and Multi-Tier Applications
Performance Testing Mobile and Multi-Tier ApplicationsBob Binder
 
Testing Object-Oriented Systems: Lessons Learned
Testing Object-Oriented Systems: Lessons LearnedTesting Object-Oriented Systems: Lessons Learned
Testing Object-Oriented Systems: Lessons LearnedBob Binder
 
mVerify Investor Overview
mVerify Investor OverviewmVerify Investor Overview
mVerify Investor OverviewBob Binder
 
Model-Based Testing: Why, What, How
Model-Based Testing: Why, What, HowModel-Based Testing: Why, What, How
Model-Based Testing: Why, What, HowBob Binder
 
MDD and the Tautology Problem: Discussion Notes.
MDD and the Tautology Problem: Discussion Notes.MDD and the Tautology Problem: Discussion Notes.
MDD and the Tautology Problem: Discussion Notes.Bob Binder
 
Mobile Reliability Challenges
Mobile Reliability ChallengesMobile Reliability Challenges
Mobile Reliability ChallengesBob Binder
 
Experience with a Profile-based Automated Testing Environment
Experience with a Profile-based Automated Testing EnvironmentExperience with a Profile-based Automated Testing Environment
Experience with a Profile-based Automated Testing EnvironmentBob Binder
 
Testability: Factors and Strategy
Testability: Factors and StrategyTestability: Factors and Strategy
Testability: Factors and StrategyBob Binder
 
Test Objects -- They Just Work
Test Objects -- They Just WorkTest Objects -- They Just Work
Test Objects -- They Just WorkBob Binder
 
A Million Users in a Box: The WTS Story
A Million Users in a Box: The WTS StoryA Million Users in a Box: The WTS Story
A Million Users in a Box: The WTS StoryBob Binder
 
ISSRE 2008 Trip Report
ISSRE 2008 Trip ReportISSRE 2008 Trip Report
ISSRE 2008 Trip ReportBob Binder
 

More from Bob Binder (20)

How to Release Rock-solid RESTful APIs and Ice the Testing BackBlob
How to Release Rock-solid RESTful APIs and Ice the Testing BackBlobHow to Release Rock-solid RESTful APIs and Ice the Testing BackBlob
How to Release Rock-solid RESTful APIs and Ice the Testing BackBlob
 
Lessons learned validating 60,000 pages of api documentation
Lessons learned validating 60,000 pages of api documentationLessons learned validating 60,000 pages of api documentation
Lessons learned validating 60,000 pages of api documentation
 
Model-based Testing: Taking BDD/ATDD to the Next Level
Model-based Testing: Taking BDD/ATDD to the Next LevelModel-based Testing: Taking BDD/ATDD to the Next Level
Model-based Testing: Taking BDD/ATDD to the Next Level
 
Model-based Testing: Today And Tomorrow
Model-based Testing: Today And TomorrowModel-based Testing: Today And Tomorrow
Model-based Testing: Today And Tomorrow
 
Mobile App Assurance: Yesterday, Today, and Tomorrow.
Mobile App Assurance: Yesterday, Today, and Tomorrow.Mobile App Assurance: Yesterday, Today, and Tomorrow.
Mobile App Assurance: Yesterday, Today, and Tomorrow.
 
Popular Delusions, Crowds, and the Coming Deluge: end of the Oracle?
Popular Delusions, Crowds, and the Coming Deluge: end of the Oracle?Popular Delusions, Crowds, and the Coming Deluge: end of the Oracle?
Popular Delusions, Crowds, and the Coming Deluge: end of the Oracle?
 
MTS: Controllable Test Objects
MTS: Controllable Test ObjectsMTS: Controllable Test Objects
MTS: Controllable Test Objects
 
Achieving Very High Reliability for Ubiquitous Information Technology
Achieving Very High Reliability for Ubiquitous Information Technology Achieving Very High Reliability for Ubiquitous Information Technology
Achieving Very High Reliability for Ubiquitous Information Technology
 
The Tester’s Dashboard: Release Decision Support
The Tester’s Dashboard: Release Decision SupportThe Tester’s Dashboard: Release Decision Support
The Tester’s Dashboard: Release Decision Support
 
Performance Testing Mobile and Multi-Tier Applications
Performance Testing Mobile and Multi-Tier ApplicationsPerformance Testing Mobile and Multi-Tier Applications
Performance Testing Mobile and Multi-Tier Applications
 
Testing Object-Oriented Systems: Lessons Learned
Testing Object-Oriented Systems: Lessons LearnedTesting Object-Oriented Systems: Lessons Learned
Testing Object-Oriented Systems: Lessons Learned
 
mVerify Investor Overview
mVerify Investor OverviewmVerify Investor Overview
mVerify Investor Overview
 
Model-Based Testing: Why, What, How
Model-Based Testing: Why, What, HowModel-Based Testing: Why, What, How
Model-Based Testing: Why, What, How
 
MDD and the Tautology Problem: Discussion Notes.
MDD and the Tautology Problem: Discussion Notes.MDD and the Tautology Problem: Discussion Notes.
MDD and the Tautology Problem: Discussion Notes.
 
Mobile Reliability Challenges
Mobile Reliability ChallengesMobile Reliability Challenges
Mobile Reliability Challenges
 
Experience with a Profile-based Automated Testing Environment
Experience with a Profile-based Automated Testing EnvironmentExperience with a Profile-based Automated Testing Environment
Experience with a Profile-based Automated Testing Environment
 
Testability: Factors and Strategy
Testability: Factors and StrategyTestability: Factors and Strategy
Testability: Factors and Strategy
 
Test Objects -- They Just Work
Test Objects -- They Just WorkTest Objects -- They Just Work
Test Objects -- They Just Work
 
A Million Users in a Box: The WTS Story
A Million Users in a Box: The WTS StoryA Million Users in a Box: The WTS Story
A Million Users in a Box: The WTS Story
 
ISSRE 2008 Trip Report
ISSRE 2008 Trip ReportISSRE 2008 Trip Report
ISSRE 2008 Trip Report
 

Recently uploaded

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 

Recently uploaded (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

Assurance for Cloud Computing

  • 1. Assurance for Cloud Computing Robert V. Binder Chicago Quality Assurance Association January 27, 2010
  • 2. Overview  Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 2
  • 3. Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 3
  • 4. Weather Report  What is Cloud Computing?  SOA, SaaS, Outsourced Infrastructure, Hosted Apps, Web Services, Virtualization, Grid …  Economic drivers  Rent versus Buy versus Make  No operational responsibilities  Scalable  “No Software” © 2010 Robert V. Binder 4
  • 5. Distant Rumblings Yes Does your organization 34% currently have a cloud computing strategy? No 66% 6-12 Months 12-24 4% Months Don’t 8% When will you Know 36 + 18% implement Months 8% cloud computing? No Plan 62% The Future of Cloud Computing, MPS Partners. www.mpspartners.com. © 2010 Robert V. Binder 5
  • 6. Distant Rumblings 6-12 When will you adopt Months 12 + 3% Months cloud storage services? 5% Will Not No Plan 46% 46% Business Users Are Not Ready For Cloud Storage, Forrester. http://www.networkworld.com/news/2010/012510-cloud-storage-hype.html © 2010 Robert V. Binder 6
  • 7. Falling Pressure http://www.gartner.com/it/page.jsp?id=1124212, © Gartner Inc. Used by permission. © 2010 Robert V. Binder 7
  • 8. Excess Water Vapor? Why Larry Ellison hates Cloud computing http://www.youtube.com/watch?v=8UYa6gQC14o © 2010 Robert V. Binder 8
  • 9. Forecast: Partly Cloudy  Despite the hype, fundamental changes  Broader market, lower barriers  Incremental IT capacity  General purpose apps  Trends  Apps/cycles/storage more like electric power  Outsourcing to reduce cost and risk  Decentralization, reliance on commons  Assurance challenges  Contract-oriented  Ongoing, pre and post release © 2010 Robert V. Binder 9
  • 10. Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 10
  • 11. Role-Layer Model Layers Roles Ownership © 2010 Robert V. Binder 11
  • 12. Role-Layer Model  Layers  Endpoint, Network, Apps, Data, Hardware  Roles – distinct economic entities  End User  Integrator  Provider  Operator = Provider + Integrator  Ownership  Share, Rent, Buy, Build © 2010 Robert V. Binder 12
  • 13. Classic IT © 2010 Robert V. Binder 13
  • 14. Classic IT, c. 1970 © 2010 Robert V. Binder 14
  • 15. Service Bureau, c.1980 © 2010 Robert V. Binder 15
  • 16. Client/Server, c.1995 © 2010 Robert V. Binder 16
  • 17. E-Commerce ASP, c. 2002 © 2010 Robert V. Binder 17
  • 18. SalesForce.com, c. 2004 © 2010 Robert V. Binder 18
  • 19. Outsourced Room, c. 2009 © 2010 Robert V. Binder 19
  • 20. Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 20
  • 21. What Should be Assured?  Contract between layer owners  Technical specification, not legal T&C  Confirm  We’re getting what we expect  What we expect is adequate  Certify  We can meet our commitments  Individual  Collective (scalable) © 2010 Robert V. Binder 21
  • 22. Assurance Concerns  SLAs  Availability, Reliability, Performance  Standby Capacity/Scalability  Security  Authentication  Access Control  Features  Correct response  Data integrity  Effectiveness/Acceptance  ROI, votes, sales © 2010 Robert V. Binder 22
  • 23. Trust, but Verify SLA Features Security End User – Integrator Confirm Confirm Confirm Integrator – End User Certify Certify Certify Integrator – Provider Confirm Confirm Confirm Provider – Integrator Certify Certify Certify © 2010 Robert V. Binder 23
  • 24. Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 24
  • 25. Microsoft Protocol Validation  Relevance for cloud assurance?  Huge win for model-based testing  Open technology  Supports contract-based assurance  Protocol validation approach good fit for cloud assurance challenges © 2010 Robert V. Binder 25
  • 26. Open Specifications Initiative  EU/US DOJ Decree  Microsoft must publish server side details  Over 250 protocols (APIs)  Publish protocols as “Technical Documents” (TD)  Open Specifications Initiative www.microsoft.com/openspecifications  One TD for each server-side API/service  Strict and detailed standards for TD content  Goal: interoperability. TDs must be sufficient for 3rd party to replace or use target API © 2010 Robert V. Binder 26
  • 27. What is a Protocol?  “Remote Desktop Protocol: Audio Output Virtual Channel Extension”  Defines Messages  Defines Behavior © 2010 Robert V. Binder 27
  • 28. What is a Protocol?  Remote Desktop Protocol: Audio Output Virtual Channel Extension  Example message requirement The Server Audio Formats and Version PDU is a PDU used by the server to send version information and a list of supported audio formats to the client. This PDU MUST be sent using static virtual channels.  Example behavioral requirement The server may send the Training PDU at any time and during any sequence, not just during the initialization sequence. The only prerequisite are that version exchange MUST have occurred and that if the client and server are both at least version 6, the server MUST have received a Quality Mode PDU. © 2010 Robert V. Binder 28
  • 29. Published TDs on MSDN MSDN Protocol Library http://msdn.microsoft.com/en-us/library/cc216513(PROT.10).aspx © 2010 Robert V. Binder 29
  • 30. Validation Approach  How to validate TDs?  Is the TD sufficient for interoperability?  Scrutinize  Is the TD accurate?  Develop test for each requirement  Only check over-the-wire data  Protocol Engineering Team  Reviewers – independent 3rd parties  Testers – 3rd party contractor  Microsoft development teams write TDs  Reviewers and Testers Scrutinize TDs  Testers develop Test Suites from the TD © 2010 Robert V. Binder 30
  • 31. Validation Approach  Extract requirements from TD  Analyze/model protocol contract  Data Structures  Method Behavior  API Behavior  Develop adapters to parse/check messages  Execute test suite  Write “TD Issue” for any anomaly © 2010 Robert V. Binder 31
  • 32. Validation Process  Develop Technical Document  Study Phase  Start requirements extraction  Define high level test approach  Plan Phase  Define test model  Define test harness  Design Phase  Implement model and drivers  Final Phase  Run test suites, analyze traces  TDs released to MSDN after passing Final © 2010 Robert V. Binder 32
  • 33. Requirements Traceability  TD parsed to extract line-item requirements  100s to 1000s per technical document  Log requirement record when pass conditions met  R 562: “The server must return 404 in the reply code when the target URL cannot be found.” Contracts.Requires(ReplyEnabled(replyCode) && badURL(true)); if replyCode == 404) { log(562, “Received 404”) } } © 2010 Robert V. Binder 33
  • 34. Typical Test Configuration Tester Endpoint SUT Control Test Suite (optional) Adapters Tested Endpoint Transport Transport Grieskamp, Kicillof, Stobie, Braberman. Model-Based Quality Assurance of Protocol Documentation: Tools and Methodology. ICST 2009. © 2010 Robert V. Binder 34
  • 35. Productivity  100s of third party Avg Hours Per Requirement developers trained Task in modeling and TD review 1.1 test development Requirement gathering 0.8  On average, MBT Model authoring 0.5 takes 42% less Traditional test coding 0.6 time than hand- Adapter development 1.2 coding Test case execution 0.6 Final adjustments 0.3 Total, all phases 5.1 Grieskamp et al. Op cit.. © 2010 Robert V. Binder 35
  • 36. Quality  Produced ~10,000 “Technical Document Issues”  Most TDI’s identified before tests run Grieskamp et al. Op cit.. © 2010 Robert V. Binder 36
  • 37. Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 37
  • 38. Spec Explorer  Model-based Testing Tool  Extension to Visual Studio Model APIs as contracts  Guarded update rules for modeled state  Define accepting states  Generates call sequences and data bindings that “explore” model  Finds update sequences that lead to accepting state  Guards and accepters are the “oracle”  Info and free download http://msdn.microsoft.com/en-us/devlabs/ee692301.aspx © 2010 Robert V. Binder 38
  • 39. Testing with Spec Explorer  Analyze system under test, create a model program, representing the entire SUT  Define parameters for test generation (“cord file”)  Define behavioral subsets (use cases/scenarios) “machine”  Explore the model and the machine  Generate test cases  Run tests © 2010 Robert V. Binder 39
  • 40. Netmon  Developed to support Spec protocol testing Explorer  Similar to Wireshark  Parses all published Test Objects Microsoft protocols  Easy to add new parsers Adapters SUT  API supports automated testing SUT  Returns parsed messages Netmon Endpoint  Info and free download http://blogs.technet.com/netmon/ © 2010 Robert V. Binder 40
  • 41. Weather Report  Role-Layer Model  Cloud Assurance Challenges  Microsoft Protocol Validation  Spec Explorer Flyby  Implications for IT Assurance © 2010 Robert V. Binder 41
  • 42. Testing Cloud Contracts  Obtain or develop API requirements  Amazon Simple Storage Service  Google App Engine  Many others …  Create model program for the contract  One method for each message  One method for each reply  Variables represent behavioral constraints  Scenarios © 2010 Robert V. Binder 42
  • 43. Amazon Simple Storage Spec Example of a cloud protocol http://docs.amazonwebservices.com/AmazonS3/latest/ © 2010 Robert V. Binder 43
  • 44. Performance and Security  Working on Spec Explorer approach for  Performance testing  Reliability testing  Security assessment © 2010 Robert V. Binder 44
  • 45. Implications for IT Assurance  Use the cloud (on-demand capacity) for testing  Assess testability of SLA and API contracts early  Mission-critical apps still need in-house expertise  Integrators will do less traditional testing  Integrators have a double role: confirm/certify  Ongoing monitoring necessary  Favor providers that can demo contracts © 2010 Robert V. Binder 45
  • 46. Conclusions  Despite hype, cloud computing means significant changes for IT and IT Assurance  Layers, Ownership, Roles  Confirm or Certify  Microsoft success shows how to test cloud contracts  Contract testing viable approach for Providers and Integrators © 2010 Robert V. Binder 46