Pace Layering is an essential Gartner framework that helps prioritize business initiatives for digital transformation.
From a technical standpoint, Mashable Application Service or Cell Architectures are the new standards for flexibility.
Quinnox brings a unique perspective that combines the benefits of Pace layering and our proprietary methods to deliver predictable pathways for Cell-based architecture that enable faster digital transformations.
Join us at a city near you to learn how to achieve API-driven integration agility - https://wso2.com/integration-summits-2019/
2. 2
Pace Layered Application strategy enables clear
prioritization, optimizes efficiency, and provides business
leaders with the solutions they need to innovate and
differentiate .
Cell based architecture enhances enterprise agility by
improving scalability, modularity , composability and
governance.
Pace layering combined with Cell based architecture and
Quinnox Methodology helps drive faster digital
transformation to organizations
Abstract
3. 3
1. Improving Business Productivity
Deliver business capability
enhancements to address high-value
opportunities
▪ Improve “No Touch” Processing
▪ Improve Order Accuracy
▪ Drive Operational Efficiencies
▪ Drive Profitability through Analytics
Guiding
Principles for
Digital
Transformation
4. 4
2. Minimize Disruption to the Business
Enable capabilities in a thoughtful manner to
minimize business disruption and avoid
impacts to customer service
Guiding
Principles for
Digital
Transformation
5. 5
3. Lay the Foundation for Future Growth
Drive growth through scalable and extensible
solutions that provide differentiating and
innovative capabilities to the organization
Guiding
Principles for
Digital
Transformation
6. 6
Guidelines for
Prioritization of
Roadmap Initiatives
Prioritization
▪ Align with inflight initiatives Continue
to leverage existing investments
▪ Continue to focus on acquisition
▪ Prioritize initiatives that drive
high value at lower cost
▪ Minimize investment in low
value adding initiatives
8. 8
Pace Layering for Business Capabilities
Definition of Pace Layer
Architecture Standard Distribution Industry value chain with Pace Layer
System of Innovation
“Create New Value”
New ideas, next competitive
advantage
System of Differentiation
“Improve the Business”
Better ideas, current competitive
advantage
System of Record
“Run the Business”
Common ideas, standardization,
compliance ,applications that are for
processes that are stable
Data
Management
Warehouse
Management
Planning &
Purchasing
Finance
Financial
Planning
Analyze
Business
Performance
Profitability
Analysis
Perform Closing
Collections
Mgmt.
Fixed Asset
Accounting
Cash Receipts/
Application
Expense
Allocations
Manage
Excise and
Sales and Use
Taxes
Accounts
Receivable
Processing
Customer
Credit
Management
Transaction
Processing
Accounts
Payable
Processing
Financial
Reporting
Vendor
Master Data
Mgmt.
Item Master Data
Mgmt.
Customer
Master Data
Mgmt.
Planning &
purchasing data
Financial Data
Customer
Segments
Management
GTIN
Management
Sales Data
Warehouse
Management
Data
Receive
Inventory
Receive
ASNs
Source and
Incoming
Quality
Assurance
3PL Integration
Outbound
Transportation
Ship/Deliver
Orders
Pick Orders
Outbound
Delivery Mgmt.
Inbound
Warehouse
Operations
Inventory,
Storage, Cycle
Counting,
Movement
Print
Invoices
Returns &
Reverse
Logistics
Digital
Vendor
Interaction(O
ther)
Vendor
Managed
Inventory
Vendor
Network
Planning
Digital
Vendor
Interactions
(EDI)
Product &
Portfolio
Mgmt.
Purchase
Materials
Procurement
Contracts
and Pricing
Demand
Planning
InterCo Orders
and Transfer
Pricing
2nd
Party
Vendor Rebates
3rd
Party Rebates
Special
Orders
Customer
Interactions
(EDI)
Manage
Customer
Consignment
Manage
Contacts
Manage
Customer Opp.
Digital
Customer
Interaction
(Other)
Sales
Collaboration
Forecast Sales
Sales
Performance/
Sales Analytics
Manage CSR
Worklist
Manage Sales
Returns
Call Center
Automation
Process Orders
Manage Sales
Commissions
Process Order
Price
Order Capture
Manage
Customer
Invoices
Manage and
Optimize Order
Price
Manage Leads
Territory
Management
Upsell & Cross
Sell
4
3
21
5
Sales &
Customer Service
Manage
Replenishment
Special
Orders
IntraCo
Orders and
Transfer
Pricing
Imports
Capture
Quotes
& Bids
Kitting &
Assembly
Mobile
Enablement
Strategic
Sourcing
Our
Answer
1
9. 9
Cell: Units of Enterprise Architecture
Cell: Units of Enterprise
Architecture
A cell is an immutable application
component that can be built, deployed
and managed as a complete unit.
The cell consist of multiple services,
managed APIS, ingress and egrees
policies (including routing, throttling,
access control), security trust domain,
deployment policies, rolling update
policies and external dependencies.
The cell definition captures all of these in
a standard technology neutral fashion.
API – centric Architecture
Pull APIs
• RESTful HTTP, GRPc
Push APIs
• Events JMS, AMQP,
SMTP
• Streams Kafka, MQTT
…{API}
…{API}
…{API}
…{API}
…{API}
…{API}
…{API}
…{API}
ComponentsComponents
Cell Gateway
Our
Answer
2
10. 10
Quinnox “Point of View”
BusinessImpact
TransformationalIncremental
High PerformingNascent EA Functional Maturity
Key Hurdles:
■ Stakeholder Engagement
■ Business Enablement
■ Talent
Infrastructure focused EA
o Technology-centric
o Infrastructure
standardization
o Domain/Platform
expertise
IT- Focused EA
o Process-centric
o Application portfolio rationalization
o Cross-stack technical expertise
Business focused EA
o Capability-centric
o API/Microservices
o Business domain and engagement
expertise
Our
Answer
3
12. 12
Business value is determined by the following
variables
Technical complexity is determined by the number of
points of integration for the application(s) associated
with process
Create a high-level systems diagram to determine the
application’s current integration points. Think of
integration points in the categories of API, Microservices
,Point-to-Point interfaces, ESB Connections, Data
Integration (ETL Layers) etc.
Strategic
Importance
Business
Quality
Functional
Overlap
Total Cost of
Ownership
Application Lifecycle
Transition Stage
Number of
Users
Assess business value and
technical complexity of
each process
13. 13
Prioritize the backlog
Prioritize based on
maximum business
value and least
technical complexity
Justify the cost of rationalizing a business process and application against the reduction in the
application’s expected TCO.
If the cost for conducting a rationalization effort is less than the amount reduced in expected TCO for a
given business process or application, rationalization should take place. Otherwise, the application
should not be rationalized.
Examine the list to see whether you want to shift the order of priorities.
In some cases, you may still want to take on a complex rationalization
because it provides higher business value than a moderately complex
rationalization.
Determine the final list of business processes and
applications you want to rationalize for the
iteration
Do not rationalize High Priority
Low Priority Medium Priority
Business Value
TechnicalComplexity
Low High
LowHigh
15. 15
NOT everyone is doing API development effectively
Both development
and runtime issues
prevent high
adoption of APIs,
leading to less than
adequate business
benefits realization.
DEVELOPMENT ISSUES
• Bad documentation: API consumers don’t know how to use the
API properly.
• Versioning problems: API changes lead to compatibility breaking
causing a lot of rework for anyone using the API.
• Unexpected behavior: When API changes are made, the interface
remains compatible, but the internal logic has changed, causing
retesting and recoding for API consumers.
RUNTIME ISSUES
• Poor performance: The API takes too long to execute or has
severe limitations on how it should be used.
• Version changes break compatibility: Deployment causes several
integrations to break because of lack of compatibility.
• Intermittent failures: Errors that are hard to replicate but known to
exist.
16. 16
Run design sessions as a product dev effort for API consumers
Establish the key objectives for your API in order to obtain the right resourcing to deliver a suitable product.
Involve Key Stakeholders
• A team of development and data experts need to be
intimately involved at this stage as there are many
possible implementations for a given set of business
requirements.
• Also, consider including the following roles:
o Business Process Owner
o Test Lead
Follow Best Practices
• Use a multi-pass design approach, where optimization
is progressive.
• Conduct an ongoing cost/benefit analysis looking at
the trade-offs between short- and long-term
objectives.
• Sometimes a less than optimal solution is necessary so
that the overall organization benefits through
standardization.
API development is driven
from the outside in with clear
intent.
Don’t count on your initial API
design reaching stability right
away.
Document your changes as
part of an overall enterprise
architecture.
17. 17
Use well known API design guidelines to prevent common errors
The Importance of API Design
A focus on design is a key part of ensuring user productivity and a
good ROI for the solution. A poor design will frustrate developers
and lead to longer development cycles or complete
abandonment of the solution. A well-designed API will be simple
to understand, consistent in its usage, and stable.
Well-designed APIs tend to get reused – this leads to a higher
return on the investment, improved code quality through reuse,
and design simplification.
In the design stage, expect to go through several
iterations before settling on a stable API. It is more cost
effective to design a API with initial expected
functionality and include additional features once more
use cases come to light.
application/x-resource
APIApp API Consumer
HTTPApp Interface
Source: Jansen, Geert. “The Job of the API Designer.”
to_resource()
from_resource()
Data Model Object Representation
API is exposed through HTTP as a set of generic resources that
are ultimately based on a well-defined data model.
18. 18
Identify risks,
security gaps,
bottlenecks in
your data flow
Leading questions to ask
when assessing your API data
flow…
• What data needs to be secured during transit?
• What might cause data to be tampered with?
• What data is trusted vs. untrusted?
• Do work products from partners, collaborators, subcontractors, or suppliers meet your security
requirements?
• What may cause performance bottlenecks with in-house servers (e.g. server load balancing
issues, internet connection)?
• Is the load properly distributed across various device hardware and system components?
• How many tasks are suspended and delayed due to slow executions of other tasks?
• What level of control do you have over backend infrastructure and the code of your
applications?
• What information and data are exchanged within your flow? Does it need to be secured?
• What integration approaches in your stack are not scalable to increased loads (e.g.
point-to-point, adapter, ESB, middleware, API gateway)?
• Is your API dependent on other applications, hardware, or systems?
• What web communication protocols and standards are used by existing applications, data,
APIs, and infrastructure? Are they scalable?
Security
Performance
Integration
19. 19
Place special emphasis on testing your API for security
Plan for the worst-case scenario by developing test cases
using the following security test techniques.
Fuzzing
Technique
Malicious Content
Technique
Invalid/Out-of-bounds
Content Technique
Injection Attacks
Technique
Use of random data to see whether your API crashes. Data can
either be generated randomly or using modeling techniques to
break the API using its original intended usage.
Taking advantage of the API hosting infrastructure to force a
crash. Examples would be recursive objects that result in out of
memory errors or passing corrupt binaries in the API call.
Uses boundary conditions to test local and global maxima and
minima values, incorrect value types for parameters, and
incorrect HTTP headers.
Exploits the API’s internal code syntax to execute with malicious
intent. It could be at any stack level (SQL, XSLT, JSON,
JavaScript).
Continually stay up to date on common security issues using well-known resources such as OWSAP, WS-Attacks, and Zed Attack Proxy.
20. 20
Manage the full lifecycle for your API
Business Engagement1
Monitor Usage, Reporting, &
Analytics
2 API Integration Roadmap3
An API management tool can help with most of these focus points stated above. Some leading vendors in this space are: WSO2
,MuleSoft, CA, Apigee , IBM , Tibco (Mashery), and Microsoft (Azure API Management).
Once API is released into
production, you need to
include onboarding,
monitoring, and future
enhancements in your
future plan.
Once API is in
production, you need to
focus on three key areas:
22. 22
ACCELERATE
SUCCESS
In today’s Digital world, companies must look to survive
the various transitions and changes that are taking place
in order to thrive.
Organizations can survive the disruption cycles by
keeping up with the pace of Innovation leveraging
the Quinnox methodology which combines
• Pace Layered Application strategy for
prioritization 0f the business changes
• Cell Based Architecture for Agility