Showing posts with label standards. Show all posts
Showing posts with label standards. Show all posts

May 9, 2019

@National Cybersecurity Center of Excellence



So good today to visit the NIST Cybersecurity Center of Excellence (NCCoE).

The cybersecurity solutions developed are aligned to the well-known Cybersecurity Framework (CSF). 

Got to see some of the laboratories, including demonstrations for securing the Healthcare and Energy Sectors. 

Interesting to hear about examples for securing hospitals records and even things like infusion pumps.  

The medical devices are tricky to secure, because they are built to potentially last decades and are expensive to replace, but the underlying technology changes every couple of years. 

Also, learned more about securing the energy sector and their industrial control systems.  

One scary notable item mentioned was about the "big red button" for shutdown in many of these facilities, but apparently there is malware that can even interfere in this critical function. 

It is imperative that as a nation we focus on critical infrastructure protection (CIP) and continuously enhancing our security.

Time is of the essence as our adversaries improve their game, we need to be urgently upping ours. ;-)

(Source Photos: Andy Blumenthal)
Share/Save/Bookmark

May 31, 2018

Trace Amounts of Cocaine

So this is a funny story from today.

I had a wonderful opportunity to tour a couple of labs at NIST today.

One of them does work in contraband detection.

The scientist asks if anyone has any money in their wallet.

I pull out a dollar and hand it to him.

I ask him what happens if he finds any traces of bad stuff on the money from me.

He says, "A cage will fall from the ceiling" and I'll be in big trouble.

Uh, we all laugh a little.

He unfolds the money and puts it into the machine that looks for the contraband.

Oh sh*t, it comes up in the "red"--positive for cocaine.

Someone else says jokingly, "A little leftover from the weekend?"

I joke back, "Na, It's from this morning before work!"

Ha, ha, I think. 

It turns out the scientist explains that 90% of our currency actually tests positive for cocaine

I'm wondering whether this is a commentary on drug use and even the opioid epidemic in America.

The lab director explains a theory that the automated money counters spread traces of the drugs from bills and contaminates the other currency.

Aside from this little experiment today, I got to learn so much about creating standards for contraband detection systems and equipment and in another lab about magnetism. 

It is unbelievable how smart these scientists are--they are so unique and of the best in the world.

I am so happy to be able to learn from them even if it's contraband on money. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

March 21, 2018

Measurement And Standards Are Our Friends

So I learned that Metrology is the science of measurement. 

And measurement is the foundation of scientific research and creating standards. 

Scientific research and measurement are about exploration, discovery, and innovation.

Further, it is about finding the facts; it is objective; it is truth; it is essential to maintaining integrity. 

Standards also help to ensure dependability, because there is a common reference and you know what you are getting. 

A great true story that demonstrates the importance of measurements and standards is the Great Baltimore Fire of 1904.

This was the third worst urban inferno in American history. 

It destroyed over 1,500 building across 140 acres. 

Fire engines responded from as far as New York and Virginia. 

But the problem was that they invariably could not help. 

Why?  

Because their fire hose couplings could not fit on the Baltimore fire hydrants--they were not standardized.

Without standards, we don't have interoperability. 

We don't have a reference that everyone can go by. 

It's as if we're all working on our own desert islands. 

This defeats the power in numbers that make us together greater than the sum of our individual parts. 

Science and technology help us advance beyond just ourselves and today. 

Measurement and standardization help us to build a better and stronger society. ;-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

June 10, 2014

I Like That Technology

Christopher Mims in the Wall Street Journal makes the case for letting employees go rogue with IT purchases.

It's cheaper, it's faster, "every employee is a technologist," and those organizations "concerned about the security issues of shadow IT are missing the point; the bigger risk is not embracing it in the first place."


How very bold or stupid? 


Let everyone buy whatever they want when they want--behavior akin to little children running wild in a candy store. 


So I guess that means...


  • Enterprise architecture planning...not important.
  • Sound IT governance...hogwash.
  • A good business case...na, money's no object.
  • Enterprise solutions...what for? 
  • Technical standards...a joke.
  • Interoperability...who cares? 
  • Security...ah, it just happens!

Well, Mims just got rids of decades of IT best practices, because he puts all his faith in the cloud.

It's not that there isn't a special place for cloud computing, BYOD, and end-user innovation, it's just that creating enterprise IT chaos and security cockiness will most-assuredly backfire. 


From my experience, a hybrid governance model works best--where the CIO provides for the IT infrastructure, enterprise solutions, and architecture and governance, while the business units identify their specific requirements on the front line and ensure these are met timely and flexibly.


The CIO can ensure a balance between disciplined IT decision-making with agility on day-to-day needs. 


Yes, the heavens will not fall down when the business units and IT work together collaboratively. 


While it may be chic to do what you want when you want with IT, there will come a time, when people like Mims will be crying for the CIO to come save them from their freewheeling, silly little indiscretions. 


(Source Photo: Andy Blumenthal)

Share/Save/Bookmark

May 11, 2013

Factory Floor Servitude

As a kid, I was all too familiar with factory settings--my dad worked in one. 

Dad is an incredibly persistent hard worker who went to the factory every day--tuna sandwich in tow--worked hard and was the voice of reason in advancing the business--and worked his way up to manage the place.  My dad is a modern-day success story!


He worked in everything figuring out how to design products, make them, sell them, and ensure the business stayed afloat. A lot of people depended on him in the factory to keep production humming, put bread on their tables, and most importantly to be treated fairly and like human beings. 


My dad never became arrogant as he advanced himself, he always believed that we only have what the Almighty above grants to us. 


What a contrast between the way my dad managed a factory and the decrepit working conditions that led to the factory collapse two weeks ago in Bangladesh that has now left at least 1,038 dead. 


The collapse has raised ethical questions again about the horrific working conditions in factories overseas--where low wages and hazardous conditions is the rule--low wages lead to growing outsourcing and hence, a $18 billion garment industry in Bangladesh that has tripled in size between 2005 and 2010 and is expected to triple again by 2020. 


The average monthly pay in 2009--$47!


By 2010, Bangladesh had 5,000 garment factories--2nd only to China.


Now most of the factories are gone from the U.S. moving overseas to the cheapest providers, with jobs in manufacturing decreasing almost in half from nearly 20 million in the U.S. in 1979 to less than 12 million in 2010.


Bloomberg BusinessWeek (9 May 2010) chronicles the ten years of stagnant wages and horrible working conditions there--verbal abuse, sexual abuse, physical punishment and humiliations for not meeting quotas (like having to forcibly stand on tables for hours and undress in front of workers), rare bathroom breaks to filthy and overflowing toilets, and much more. 


When the Savar building developed cracks on April 23, one man begged his wife not to go to work the next day, but when she called in and asked for the day off, she was told she would be docked a whole months salary if she didn't show up--she went to work and the building collapsed on April 24--leaving her buried under the rubble. Eventually, when the rescuers could not free her, they chopped off her legs!


Cheap labor means cheap goods--that's a draw for us getting more branded goods for less. In a large sense, our insatiable demand fuels the cruel, servile conditions overseas. 


This is also a broken market, where people sell their labor just to provide subsistence living for their families, while big corporations increase profits, investors smile all the way to the bank, and we get our boatloads of stuff cheap, cheap, cheap. 


There is nothing wrong with making money or saving money--it's an incentive-based system, but the only measure of success is not money. 


We need global standards of ethical conduct in the labor market, and this should be part of every organization's financial reporting, disclosure, and audit requirements.


People and organizations should not just be penalized for cooking the books or insider-trading, but for how they treat their people. 


Those organizations and leaders that balance making money with treating people decently have a leg up on those that don't--not that they will necessarily do better in the marketplace (maybe they won't), but that they make their money with their integrity intact and that's something money cannot buy. ;-)


(Source Photo: here with attribution to Ronn "Blue" Aldaman)



Share/Save/Bookmark

April 24, 2013

Drama In D.C.

Wanted to share two unrelated, but noteworthy items from my week so far...

First, this tree went down right in the middle of traffic in Washington, D.C. today. The BMW on the left was totaled, the van and taxi on the right had their respective front and rear-ends crushed. So much for being in the wrong place at the wrong time.

On another note, I taught an enterprise architecture class earlier this week here, and in discussing establishing technical standards for the organization, one student put it well when he dramatically said "everyone loves standards, that's why they make their own."  :-)

(Source Photo: Andy Blumenthal)
Share/Save/Bookmark

January 13, 2013

At The Speed Of Innovation

Here are three perspectives on how we can speed up the innovation cycle and get great new ideas to market more quickly:

1) Coordinating R&D--While competition is a good thing in driving innovation, it can also be hinder progress when we are not sharing good ideas, findings, and methods in a timely manner--in a sense we are having to do the same things multiple times, by different entities, and in some more and other in less efficient ways wasting precious national resources. Forbes (10 February 2012) describes the staggering costs in pharmaceutical R&D such that despite about $800 billion invested in drug research between 2007-2011, only 139 new drugs came out the pipeline. Bloomberg BusinessWeek (29 Nov 2012) notes that for "every 5,000 to 10,000 potential treatments discovered in the lab, only one makes it to market" and out of the pharmaceutical "valley of death." The medical research system is broken because "there ultimately no one in charge."  The result is that we are wasting time and money "funding disparate studies and waiting for researchers to publish results months or years later." If instead we work towards our goals collaboratively and share results immediately then we could potentially work together rather than at odds. The challenge in my mind is that you would need to devise a fair and profitable incentive model for both driving results and for sharing those with others--this is similar to a clear mandate of together we stand, divided we fall. 

2) "Rapid Fielding"--The military develops large and complex weapon systems and this can take too long for the warfighters who need to counter evolving daily threats on the battlefield. Federal Computer Week (19 July 2001) emphasizes this point when it states, "Faster acquisition methods are needed to counter an improvised explosive device that tends to evolve on a 30-day cycle or a seven-year process for replacing a Humvee." There according to the Wall Street Journal(11 December 2012) we need to move to a model that more quickly bring new innovative technologies to our forces.  The challenge is to do this with reliable solutions while at the same time fast tracking through the budgeting, acquisition, oversight, testing, and deployment phases. The question is can we apply agile development to military weapons systems and live with 70 to 80% solutions that we refine over time, rather than wait for perfection out of the gate.

3) Seeds and Standards--To get innovation out in the hands of consumers, there is a change management process that needs to occur. You are asking people to get out of their comfort zone and try something new. According to Bloomberg BusinessWeek (17 December 2012) on an article of how bar codes changed the world--it comes down to basics like simplicity and reliability of the product itself, but also seeding the market and creating standards for adoption to occur. Like with electric automobiles, you need to seed the market with tax incentives for making the initial purchases of hybrids or plug-in electric vehicles--to get things going as well as overset the initial development expense and get to mass development and cheaper production. Additionally, we need standards to ensure interoperability with existing infrastructure and other emerging technologies. In the case of the electric automobiles, charging stations need to be deployed across wide swathes of the country in convenient filling locations (near highways, shopping, and so on) and they need to be standards-based, so that the charger at any station can fit in any electronic vehicle, regardless of the make or model. 

Innovation is the lifeblood of our nation in keeping us safe, globally competitive, and employed.  Therefore, these three ideas for enhancing collaboration, developing and fielding incremental improvements through agile methodologies, and fostering change with market incentives and standards are important ideas to get us from pure exploration to colonization of the next great world idea. ;-)

(Source Photo: Andy Blumenthal)

Share/Save/Bookmark

July 4, 2012

Electronic Health Records, Slow But Steady

The best article I have seen on the subject of Electronic Health Records (EHR) was in Bloomberg BusinessWeek (21 June 2012) called "This machine saves lives so why don't more hospitals use it."

What I liked about this article was how straightforward it explained the marketplace, the benefits, the resistance, and the trends.  

Some basic statistics on the subject of EHR:

The healthcare industry is $2.7 trillion annually or ~18% of GDP.

Yet we continue to be quite inefficient with only about half of hospitals and doctors projected to be using EHR by end of 2012.

Annual spending on EHR is expected to reach $3.8 billion by 2015.

Basically, EHR is the digitization of our medical records and automation of medical services so that we can:
 
- Schedule medical appointments online

- Check medical records including lab and test results
- Communicate with our doctors by secure messaging/email
- Send prescriptions into the pharmacy electronically
- Automatically keep track of dosage and refills
- Get alerts as to side effects or interactions of medication
- Analyze symptoms and suggest diagnosis
- Receive prompts as to the latest medical treatments
- Recognize trends like flu outbreaks or epidemics
- File and speed claim processing

So why do many doctor's seem to resist moving to EHR?
 
- Cost of conversion in terms of both money and time

- Concern that it can be used against them in medical malpractice suits
- Potential lose of patient privacy
- Lack of interoperability between existing systems (currently, "there are 551 certified medical information software companies in the U.S. selling 1,137 software programs"--the largest of which are from GE and Epic.)

The government is incentivizing the health care industry to make the conversion:

- Hitech Act (2009) "provides $27 billion in financial incentives" including $44K from Medicare and $63K from Medicaid over 5 years for outpatient physicians that can demonstrate "that they are using the technology to improve care."
- Patient Protection and Affordable Care Act (2010)--a.k.a. Obamacare--calls for "accountable care organizations" to receive extra money from Medicare and Medicaid for keeping patients healthy, rather than by procedure--"they are expected to do so using computers."

The big loophole in EHR right now seems to be:

- The lack of standards for EHR systems from different vendors to be compatible, so they can "talk" to each other.
- Without interoperability, we risk having silos of physicians, hospitals, labs, and so on that cannot share patient and disease information.

So, we need to get standards or regulations in place in order to ensure that EHR is effective on a national, and then even a global level. 

A number of months ago, I went to a specialist for something and saw him a few times; what he didn't tell me when I started seeing him what that he was retiring within only a few months.
Aside from being annoyed at having to find another doctor and change over, I felt that the doctor was not too ethical in not disclosing his near-term intentions to close up shop and giving me the choice of whether I wanted to still see him. 


But what made matters worse is that I got a letter in mail with the notification--not even in person--along with a form to fill out to request a copy of my medical records at a cost per page, so that I could transfer them--hardcopy--elsewhere. 

Of course, this was also the doctor who hand wrote prescriptions still and wasn't able to get test results online. 

To me, seeing someone with a great amount of experience was really important, but the flip side was that in terms of organization, he was still in the "dark ages" when it came to technology. 

I look forward to the day when we can have both--senior medical professionals who also have the latest technology tools at their disposal for serving the patients. 

In the meantime, the medical profession still seems to have some serious catching up to do with the times technologically. 

Let's hope we get there soon so that we not only have the conveniences of modern technology, but also the diagnostic benefits and safeguards. 

(Source Photo: Andy Blumenthal)


Share/Save/Bookmark

January 22, 2012

Work Off Of Standards, But Stay Flexible to Change

Interesting book review in the Wall Street Journal (18 January 2012) on Standards: Recipes for Reality by Lawrence Busch.
Standards are a fundamental principle of enterprise architecture, and they can mean many things to different people--they can imply what is normal or expected and even what is considered ethical.
Reading and thinking about this book review helped me to summarize in my own mind, the numerous benefits of standards:
- Predictability--You get whatever the standard says you get.
- Quality--By removing the deviation and defects, you produce a consistently higher quality.
- Speed--Taking the decision-making out of the routine production of standardized parts (i.e. we don't have to "reinvent the wheel each time"), helps us to move the production process along that much faster.
- Economy--Standardizing facilitates mass production and economies of scale lowering the cost of goods produced and sold.
- Interoperability--Creating standards enables parts from different suppliers to inter-operate and work seamlessly and this has allowed for greater trade and globalization.
- Differentiation--Through the standardization of the routine elements, we are able to focus on differentiating other value-add areas for the consumer to appeal to various tastes, styles, and genuine improvements.
While the benefits of standards are many, there are some concerns or risks:
- Boring--This is the fear of the Ford Model-T that came in only one color, black--if we standardize too much, then we understate the importance of differentiation and as they say "variety is the spice of life."
- Stagnation--If we over-standardize, then we run the risk of stifling innovation and creativity, because everything has to be just "one way."
- Rigidity--By standardizing and requiring things like 3rd-party certification, we risk becoming so rigid in what we do and produce that we may become inflexible in addressing specific needs or meeting new requirements.
The key then when applying standards is to maximize the benefits and minimize the risks.
This requires maintaining a state of vigilance as to what consumers are looking for and the corollary of what is not important to them or what they are not keen on changing. Moreover, it necessitates using consumer feedback to continuously research and develop improvements to products and services. Finally, it is important to always be open to introducing changes when you are reasonably confident that the benefits will outweigh the costs of moving away from the accepted standard(s).
While it's important to work off of a standard, it is critical not to become inflexible to change.
(Source Photo: here )

Share/Save/Bookmark

March 11, 2011

Power To The People




From potholes to garbage, broken street lights to vandalism...we want to get our community problems resolved.
There is a good-looking application called "SeeClickFix" for connecting people and government to point out problems and get them fixed, fast.
It works with iPhone, Droids, and Blackberries; integrates with Facebook and Twitter; and has dashboard reporting and alerts, as well as emails notifications to provide acknowledgements and status updates on issues.
Built on the Open311 model, which provides APIs to existing internal systems and processes, so citizens report non-emergency issues to government based on standardized, open-access, and interoperable systems.
Open 311 describes how it works:
"Using a mobile device or a computer, someone can enter information (ideally with a photo) about a problem...This report is then routed to the relevant authority to address...this information is available for anyone to see and...contribute more information...By making the information public, it provides transparency and accountability for those responsible for the problem."
According to an article, iCitizen, in Fast Company (December 2010-January 2011), reported problems from citizen's smartphones or computers can even be routed straight to dashboard computers on public works trucks, "meaning a click in the morning can lead to a repair in the afternoon."
Ok, this may still be more vision than reality at this time, but it is a noble vision, indeed!
This is an evolution from 311 phones systems in many cities which are one way communications from individuals calling into government call centers and then waiting, waiting, waiting to see if the problem gets resolved to instead applications like SeeClickFix as a highly visible cloud solution where many people can openly exchange information over the Internet on public issues--providing more information, even potentially rating and ranking them (i.e. helping set public priorities for allocating limited public resources to community problems).
This can even be coupled with suggestion platforms such as IdeaScale for crowd-sourced citizen input into urban planning and community health, safety, and livability issues.
As part of its Apps for Democracy contest, DC awarded a prize and grant for the development of FIxMyCityDC, a web-based application for submitting service requests, checking status by interactive maps, along with the option of the user getting a call when the problem is resolved.
This is huge progress from the prior endlessly annoying call centers and their Interactive Voice Response Units that previously took callers through a maze of pre-recorded numeric options that more-often than not ended in the users abandoning the call and service requests going unfilled.
This is a far better model of information sharing, collaboration and transparency to solve real everyday problems in our communities, and a great example of the power of e-Government.

Share/Save/Bookmark

December 12, 2010

3G, 4G, XG...Huh?

There is a huge need for speed on our networks—as we demand the latest and greatest download streaming of books, movies, games, and more.

The network generation (or mobile telephony) standards have evolved to soon to be 4th generation (or 4G).

While 3G standards require network speeds for voice and data of at least 200 kbit/s, the 4G-performance hurdle jumps (500x) to 100 mbit/s.

The chart from Wikipedia shows the various standards and how they have evolved over time.

What are interesting to me are two things:

1) Network carriers that are competing for your business are already boasting 4G deliveries even though they do not meet the standards set out by The International Telecommunication Union (ITU), an agency of the U.N. According to Computerworld (22 November 2010), the 100 mbit/s standard is “about 10 times the performance that any carrier…can offer today.” Moreover, technologies such as LTE-Advanced and WiMax 2 that are expected to be 4G complaint aren’t “expected to go live commercially until 2014 or 2015.”

2) While the carriers are touting their various breakthrough standards, most people really have no clue what they are talking about. According to the Wall Street Journal (4 November 2010) on a survey by Yankee Group that “of more than 1,200 consumers found 57% had either never heard of 3G or didn’t understand the term. [And] With 4G, the ranks of the confused jump to 68%.”

Some lessons learned:

In the first case, we need to keep in mind the principle of caveat emptor (or let the buyer beware) when it comes to what the Wall Street Journal is calling the “increased rhetoric underscoring the high-stakes games played by the carriers as they jockey for position.”

In the second, vendors and technologists should understand that they are losing the consumer when they talk “techno-geek.” Instead, all need to use plain language when communicating, and simplify the technical jargon.

The comic in Computerworld (22 November 2010) summarized it well with pictures of all the various GGGG… technologies and the people next it to it saying, “At this point the labels are ahead of the technology.” Of course, I would add that the labels are also ahead of most people’s ability to understand the geek-speak. And we need to fix the communications of both.


Share/Save/Bookmark

March 13, 2010

Can Microsoft Stomp Out The iPhone?

So much for letting the best product win. According to the Wall Street Journal, 13-14 March 2010, Microsoft is forcing their employees to “choose” Microsoft phones for personal use and to push those who don’t into hiding.

Is this a joke or a genuine throwback to the Middle Ages?

Apparently this is real: “Last September, at an all-company meeting in a Seattle sports stadium, one hapless employees used his iPhone to snap photos of Microsoft Chief Executive Steve Ballmer. Mr. Ballmer snatched the iPhone out of the employee’s hands, placed it on the ground, and pretended to stomp on it in front of thousands of Microsoft workers.” That sends a pretty clear message!

I guess the employee can consider himself lucky that Mr. Ballmer didn’t put him (instead of the iPhone) on the ground underneath his foot or perhaps maybe even just burn him at the stake for heresy against Microsoft.

Further, in 2009, Microsoft “modified its corporate cellphone policy to only reimburse service fees for employees using phones that run on Windows.”

While many workers at Microsoft can evidently be seen with iPhones, others are feeling far from safe and comfortable doing this. According to the article, one employee told of how when he meets with Mr. Ballmer (although infrequently), he does not answer his iPhone no matter who is calling! Another executive that was hired into Microsoft in 2008 told of how he renounced and “placed his personal iPhone into an industrial strength blender and destroyed it.”

Apparently, Mr. Ballmer told executives that his father worked for Ford Motor Co. and so they always drove Ford cars. While that may be a nice preference and we can respect that, certainly we are “big boys and girls” and can let people pick and choose which IT products they select for their own personal use.

While many employees at Microsoft have gone underground with their iPhones, “nearly 10,000 iPhone users were accessing the Microsoft employees email systems last year,” roughly 10% of their global workforce.

My suggestion would be that instead of scaring the employees into personally using only Microsoft-compatible phones, they can learn from their employees who choose the iPhone—which happens to have a dominant market share at 25.1% to Microsoft 15.7%—in terms why they have this preference and use this understanding to update and grow the Microsoft product line accordingly. In fact, why isn’t Microsoft leveraging to the max the extremely talented workforce they have to learn everything they can about the success of the iPhone?

It’s one thing to set architecture standards for corporate use, and it’s quite another to tell employees what to do personally. It seems like there is a definite line being crossed explicitly and implicitly in doing this.

What’s really concerning is that organizations think that forcing their products usage by decree to their employees somehow negates their losing the broader product wars out in the consumer market.

Obviously, IT products don’t win by decree but by the strength of their offering, and as long as Microsoft continues to play medieval, they will continue to go the way of the horse and buggy.


Share/Save/Bookmark

February 21, 2010

Common Language for Enterprise Architecture

What happens when one set of enterprise architects can’t read another’s enterprise architecture “artifacts”?

This may sound ridiculous, but this is a very real problem at the Department of Defense (DoD) and at many other agencies.

Government Computer News, 1 February 2010, has an article on “Primitives and the Future of SOA” about how “DoD looks to develop a common vocabulary to improve system design.”

Dennis Wisnosky, the chief technical officer at the DoD Business Transformation Agency came face-to-face with this problem:

“We were building a business enterprise architecture when the whole team changed because the contract [that the work was being performed under] was won by different people…The new company came in and, all of a sudden, their people had different ideas for how the architecture should be built…Their way might have been a good way, but we had already invested hundreds of millions of dollars in another way, and it seemed to be a wiser course of business action to get these new people to learn the old way.”

Mr. Wisnosky tackled the problem head-on:

Like the periodic table of 117 core elements that make up everything in our world, Mr. Wisnosky set out to build the DoD architecture using a set of primitives or basic building blocks. “Primitives are a standard set of viewing elements and associated symbols” based in DoD’s case on the Business Process Modeling Notation (BPMN)”—a graphical representation for processes in a workflow. Armed with the set of primitives, DoD was able to get “the business process architecture, so that they are described in a way that the meaning of this architecture…is absolutely clear to everyone.”

Wisnosky aptly compared using a common language (or set of primitives) for EA, so everyone could read and understand it, regardless of their particular EA methodology to how musicians anywhere in the world can read standard music notation and similarly how electrical engineers can read electrical diagrams based on standards symbols.

This is a big step for EA, where traditional architecture artifacts are not as user-centric as they should be and often leave their readers/audience questioning the purpose and message intended. In contrast, the use of a common EA vocabulary and set of symbols is right in line with developing a user-centric enterprise architecture that is easy for users to understand and apply, because once you know the standard set of primitives you can read and understand the architecture better than an architecture based on a proprietary or ever changing vocabulary.

As Wisnosky points out, primitives are also a nice fit with Service Oriented Architecture, because you can use primitives or patterns of primitives to represent standard business processes and these can be used over and over again for the same services that are needed throughout the business.

This use of primitives for business process notation is consistent with the use of the National Information Exchange Model (NIEM) for information notation. “NIEM enables information sharing, focusing on information exchanged among organizations as part of their current or intended business practices. The NIEM exchange development methodology results in a common semantic understanding among participating organizations and data formatted in a semantically consistent manner. NIEM will standardize content (actual data exchange standards), provide tools, and managed processes.”

While, we need to leave a certain amount of flexibility in EA for architects to apply their trade to meet specific agency requirements, there is a huge benefit to standardizing on a common vocabulary, so architects can speak the same language. This concept is all the better when the language and design methodology selected for EA is simple and clear so that even non-EA’s (our regular business and IT people) can read and understand the architecture.

Building EA with primitives and clear and simple vocabulary and design represents a user-centric EA moment that I for one, applaud loudly. Another way to say this is that an EA without primitives is a primitive EA.


Share/Save/Bookmark

March 12, 2009

What It Means to Get Madoff-ed

"Saying he was 'deeply sorry and ashamed,' Bernard Madoff pleaded guilty Thursday to pulling off perhaps the biggest swindle in Wall Street history and was immediately led off to jail in handcuffs to the delight of his seething victims. Madoff, 70, could get up to 150 years in prison when he is sentenced in June." -Associated Press

In enterprise architecture, defining data terms and usage is very important. So everyone is talking the same language!

Well with Bernie Madoff's plea of guilt to all 11 charges against him today involving a $50 billion Ponzi scheme (named after another financial crook), I believe are witnessing the birth of a new word in the English lexicon.

Here on in, Madoff will mean:

-verb
to swindle, cheat, defraud, deceive.

-noun
a person who swindles, cheats, defrauds, and deceives.

Congratulations Bernie, you lousy Madoff!

Another way to think of this new word...
he MADe OFF with a lot of people's hard-earned money.

Share/Save/Bookmark

May 4, 2008

Obstacles to Information Sharing and Enterprise Architecture

Here is the target architecture for information sharing:

An interesting document I read presented these five steps to architecting data and making it into useful and usable information for the organizations and its end users:

  1. “Request the dots”—identifying and requesting data from the producers of data
  2. “Get the dots”—capturing data through manual and automated systems
  3. “Find the dots”—discovering needed data and having access to it
  4. “Connect the dots”—processing the data into information by aggregating, processing, and integrating it
  5. “Use the dots”—utilize information for enhanced decision making

And here are the major obstacles to finding, connecting, and using the dots, a.k.a. information sharing in our organizations:

According to the Association for Enterprise Integration (AFEI), Information Sharing Working Group, 15 January 2008, “There is a human predilection to guard what is ours. The information we hold and the resources we use to create it are no exception…[moreover], individual agencies/organizations are not motivated to treat information as a shared asset.”

Here are some other disincentives to information-sharing from a program manager’s perspective:

  1. “Charity work”—“First, to a program manager, information sharing looks like ‘charity work.’ Sharing information beyond the scope of the program costs money, but is not directly accretive to the mission of the program.”
  2. Elevated risk—“Information sharing poses a risk in the sense that it creates the prospect of uninvited critique, review, evidence for litigation, and so on.”
  3. Standards cost time and money—Building to common standards for information sharing can be costly to a program; the standards may be more complex to implement, may require additional level of testing, and certification of compliance.

Perhaps, this statement sums up best the information sharing problem at the project level: “Remember, a program manager is incentivized to deliver on time and on budget per customer requirements. His/her tenure may be two to five years [for a project]. The fact that the systems they manage may last 20 years and may be difficult to integrate in the last 15 of those years is not a compelling argument for a program manager to change his/her behavior.”

The way to overcome information hoarding is to develop rock solid Information Governance, so that the decision making and management of information is taken out of the hands of the program and project manager and is put into the hands of Information governance boards, communities of interest, and information stewards.

“The governance framework must articulate the accountability and authority promote standards and guidelines; ensure a consistent well-defined approach, processes and procedures; adjudicate disconnects; establish legal and policy enforcement; and use performance measures to ensure progress towards achieving information sharing goals.” (DoD Information Sharing Strategy, May 2007)

Information is an enterprise and national asset. Shared information is valuable because it is captured once, but is “used any number of times, by any number of users.” (AFEI)

To maintain its value, information must be kept current, accurate, complete, be easy to understand, and readily accessible; this is quality information and it is valuable to our decision makers and enhances our ability to deliver on mission.

Only through active information governance will we be able to achieve this end state. It will start with changing the culture and mindset that currently dictates that information is power and information is currency, and questions why share it. And information sharing will be realized when everyone in the organization, from the top executives to the hourly workers on the front lines, understand, advocate, promote and demand that information sharing be the new norm; that it is the only acceptable and rational behavior for achieving mission success!


Share/Save/Bookmark

February 29, 2008

A Pocket Printer and Enterprise Architecture

Ever wonder what happened to the old Polaroid cameras—you know point, click, shoot, and out pops your photo? Very cool technology for a society that expects, no demands, instant gratification.

Polaroid photos were great while they lasted, but their pictures have become obsolete with new digital photography.

However, Polaroid has a new architecture to transform itself. They have developed a pocket printer to enable the printing of digital photos from cell phones and cameras.

MIT Technology Review, 7 January 2008, reports that Polaroid’s “new handheld printers produce color photos using novel thermal-printing technology developed at Polaroid spinoff Zink Imaging…[and] will be priced at less than $150.”

How does the pocket printer work?

The printer is about the size of a deck of cards. A user who takes a picture on a cell phone or camera can wirelessly send the file to the printer using Bluetooth, a common short-range wireless technology used in cell phones, or PictBridge, a wireless technology found in a number of cameras. The result is a two-inch-by-three-inch photo printed on paper engineered by Zink.”

Where does the printer cartridge go in the small pocket printer?

The printing technology is similar to that of a common thermal printer…since Zink's technology eliminates the need for printer cartridges...it has led to the smallest printers on the market, and it could eventually be integrated into cell phones and cameras. It would also dispense with the inconvenience of ink cartridges that unexpectedly begin to run out of ink, and which have to be replaced. "When you go to replace an ink-jet cartridge today, it's in the $40 range," Herchen says. With Zink, a person pays only by the print. Polaroid expects to sell the photo paper for $0.30 a page.”

What challenges does the pocket printer face?

“People are accustomed to e-mailing pictures to each other or sending them to each other's phones, and they probably won't want to carry around another gadget just to print pictures on the spot.” But this concern can be obviated if the printer can be integrated into the cell phone or camera, in essence creating a modern digital Polaroid camera equivalent.

From a User-centric EA perspective, you’ve got to hand it to Polaroid to extend their expertise in instant photography to the digital photo age. They have come up with a novel idea and have executed on it, so that it is standards-based (Bluetooth and PictBridge), interoperable with other technologies (cell phones and cameras), small and affordable—thus, appealing to end-users. It would be nice to see the pocket printer work with MS Office applications, so I can print my blog and other work on the go.


Share/Save/Bookmark

January 16, 2008

Enterprise Architecture Terms and Taxonomy

A key foundation to developing enterprise architecture is getting the EA terms and taxonomy right for the organization, so that there is a common language and understanding by business and technical subject matter experts of what all things EA means.

Here are some fundamental terms and a high-level taxonomy for them (prior to having these, I found considerable confusion in the enterprise as to what many of these terms meant and they were used incorrectly and interchangeably by various users):

1) C4&IT—Any equipment or interconnected system or subsystem of equipment, or techniques used in the automatic acquisition, storage, manipulation, management, transmission, or reception of digital, voice, or video data or information to the appropriate levels of command. This includes command and control, networks, common operational picture systems, information assurance services, communication products and standards, computers, ancillary equipment, software, firmware, procedures, services (including support services) and related resources. (short definition─Command, Control, Communications, Computers, and Information Technology)

2) FISMA Systems—An application or general support system that meets the requirements of the Federal Information Systems Management Act (FISMA) of 2002, including completion of certification and accreditation, risk assessments, policies, and procedures, security plans, security awareness training, annual security testing, remediation procedures, incident response procedures, and contingency plans. (short definition—systems as defined by FISMA).

a. Application Systems—A discrete set of information resources [i.e. applications] organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information. (short definition—one or more applications).

i. Applications—the use of information resources (information and information technology) [i.e. hardware, software, and database] to satisfy a specific set of user requirements. (short definition—combination of hardware, software, and database).

b. General Support Systems—An interconnected set of information resources under the same direct management control that share common functionality. It normally includes hardware, software, information, data, applications, communications, and people [i.e. infrastructure]. (short definition—IT infrastructure).

3) Products and Standards

a. Products—Includes hardware, the physical parts of a computer system, and software, the programs or other “instructions” that a computers needs to perform specific tasks.

b. Standards-- Guidelines that reflect agreement on products, practices, or operations by nationally or internationally recognized industrial, professional, trade associations, or government bodies.

The way to read the taxonomy is that C4&IT at the top is the CIO world of work and it is composed of Command, Control, Communication, Computers, and IT. C4&IT decomposes to FISMA Systems (since all systems must be FISMA compliant). FISMA Systems decompose to Application Systems (and their applications) and General Support Systems (infrastructure). And these systems (applications systems and general support systems) decompose into hardware and software products and standards.

The short working definitions are fairly straight forward and the longer definitions are based on public information definitions from National Institute of Science and Technology (NIST), Office of Management and Budget (OMB), The Department of Homeland Security (DHS), and The Department of Defense (DOD).

These terms and taxonomy should help enterprise architects and their users differentiate C4&IT, Systems, Application Systems, General Support Systems, Products, and Standards, and maybe even widgets by inference. :-)


Share/Save/Bookmark

September 12, 2007

Tower of Babel and Enterprise Architecture

“And the whole earth was of one language, and of one speech…and they said, go to, let us build us a city and a tower whose top may reach unto heaven…and the Lord said…the people is one and they have all one language, and this they begin to do, and now nothing will be restrained from them, which they have imagined to do…[and he] confounded their language, that they may not understand one another’s speech. So the Lord scattered them abroad from then upon the face of all the earth.”

Am amazing story from the Torah (Bible)!

As an enterprise architect, some lessons that are striking to me are the following:

  • LEXICON: When everyone has a common language or lexicon (something we strive for in EA), “nothing will be restrained from them, which they have imagined to do.”—i.e. with a common enterprise lexicon, data standards, and mechanism for discovery and exchange, we can do great things and our imagination is the limit.
  • EA PLANNING: When everyone functions together (“the people is one”) to undertake a tremendous task (such as building a city and a tower), they can really get things going. As the adage states: there is power in numbers. From an enterprise architecture standpoint, when the enterprise is unified in its planning and governance, they can achieve amazing business and technical feats.

A major question that I am left with is…

Why is G-d displeased when people work together, communicate (the same language), and undertake to follow their imagination (have a vision) and achieve great things (“build a city and a tower”)?

From a religious didactic stand point, I understand that G-d wants us to be humble and not think that we have any real power to take on these tasks without him! And that we have to recognize and worship him (where all power and vision ultimately comes).

From a User-centric EA perspective, the ideals of unifying the organization towards common business and technical plans, goals, standards, solutions, lexicon, and so on, helps us build a better, stronger organization that can achieve great things (as long as we always remember that we are doing HIS bidding).


Share/Save/Bookmark