VOSibilities

For the last several weeks, there’s been a lot of blog discussion about a Burton Group report on SOA “success” or the apparent lack of it.

An interesting thread of commentary has broken out about the role of CIOs in the success or failure of next-generation application development in business. David Linthicum suggests that CIOs are “…very different animals from company to company.” And Scott Wilson thinks CIOs are in a “delicate position” when it comes to adopting new technologies, balancing needs to progress versus reliable service delivery.

For us, it’s simpler: it’s much more dangerous — bordering on suicidal — to let the fear of change become the rationale for continued stasis. That’s why Burton reports that companies get better results with newly hired CIOs. The new guy has a honeymoon period in which he or she can do the unthinkable. (Marketing execs in software companies are almost as perishable as CIOs. We are often brought in to “fix” the previous guy’s reluctance to change.)

But at the end of the day, a change in leadership doesn’t change the underlying reality that the whole IT organization — from the developer in his cube to the CIO — just isn’t scared enough.

Sure, they’re a little bit scared: “If we have to change, we run a risk.” But it’s the wrong thing they’re afraid of…the wrong fear.

What’s a fossil? Something that stood still long enough to get buried, then wedged into rock to be cooked by pressure over time until it disappears. That’s what developers, analysts, business owners and CIOs are doing: letting the small fear of change become comfortable enough to crowd out the large, more important fear of being fossilized.

And that’s a whole lot scarier. For the business…for individuals.

If this sounds like a wake-up call to developers to lose more sleep at night over why they keep finding reasons not to move to services-based apps, it is. If you think we are saying that enterprise architects should be put on a multi-step program to recovery from PowerPoint architectures, we are. If you think we are suggesting the CIO is more damned if he doesn’t implement today’s visual orchestration systems, you’ve got it.

Yeah, baby! Ain’t nuthin’ like a good blog war-o-words. And a juicy one has just broken out between two influential voices: Nick Malik and Bruce Silver. And I suspect we haven’t seen the last of it. (At least I hope we haven’t. July is a slow month; we could use some American Gladiators-style trash talkin’ right about now.)

Apparently, Nick found the top dead center of the button you shouldn’t push in Bruce’s mind: he says BPM is never going to live up to expectations that non-developers will create applications.

In reply, Bruce — slappin’ Nick right upside the head – replies that Nick has to “prove” his assertion by showing that someone — anyone — in the “BPM community” has made a claim that modeling leads directly to completed applications.

While I hope the histrionics continue, this is really nothing more than two purists trying to keep their rivers from converging.  (I gotta admit that I find these near-screaming matches to be more educational than so-called “polite debate” for the very simple reason that they strip out the fluff in favor of direct frontal attacks everyone can understand.)

We all know from long, bitter experience that the “third rail” in the Microsoft world (touch it and die) is developers. MSFT will do what it takes to keep developers tied to the Windows API. Anything that could loosen that death-grip is a danger, and that includes end users working in standards-based tools that could care less about the underlying OS.

And from what I’ve read about the “BPM community” there’s a fair bit of wishful thinking there, too. Bruce is probably correct that no responsible entity has claimed what he believes Nick is claiming. Yet, you don’t have to say the “E” (execution) word outright to lead people to the conclusion that your BPMS does it directly from pretty pictures. Go ahead, spend five minutes on Lombardi’s site and tell me you don’t see it there.

What do we care? Well, let me be the first to pre-announce our upcoming ActiveVOS release, scheduled for mid-August, in which we actually converge the rivers. We will have the most complete BPMN modeling capabilities and, of course, we have the world’s best and most complete BPEL deployment, execution and management system.

ActiveVOS will make it possible for business users to come very, very close to execution via BPMN. And we believe that developers will take that non-executable model and “finish” it in a 100%-standards-based environment that frees them and their businesses from .NetJail.

Forgive me the nested platitude, but the issue boils down to that old saw that says, “Get the right tool for the job.” Developers need modern, standards-based languages that execute on the metal; business analysts need modern, standards-based ways to describe what systems have to accomplish. Being doctrinaire about which is the “correct” way to serve business and IT is beside the point.

So, while it’s fun to see the purists bloody each other, we intend to deliver an implementable, cost-effective and complete way to achieve what neither side really seems to want. And that, dear readers, is what a visual orchestration system is all about.

In this podcast episode, I talk with Active Endpoints’ CEO, Mark Taber, about our company’s vision for how we intend to “democratize” complex event processing (CEP) and stream processing so that everyone can benefit from these technologies in their applications.

Mark describes the concepts and then talks about why we believe these technologies should be part of every visual orchestration system — and previews what we’ll be delivering in ActiveVOS in our upcoming release in August, 2008.

As always, we appreciate your support of our podcast, as demonstrated by the large number of people who are downloading and subscribing to this content, and we welcome all feedback. Just email us at editor@vosibilities.com.

 

 VOSibilities podcast # 12: Complex event processing and visual orchestration systems [14:06m]: Play Now | Play in Popup | Download (67)

I am very pleased to be able to post another fascinating talk from our own Kim Pease. This time, Kim makes clear a topic that we have repeatedly heard is on the minds of developers and managers alike: application security in a messaging environment. Kim pays special attention to all the WS-Security options and explains, among other things, why some authentication and encryption options are recommended in the WS-Security standards.

Normal application security is, ’scuse the ugly metaphor, a hairy ball of wax. But when you add in the additional requirements necessary to deal with a messaging-driven, services-based application environment, the complexity can overwhelm you. WS-I…SAML…WS-I…it can all become mush. Or, as least it seems this way until Kim clearly describes each part of the standard and then delivers a demonstration of the most important OASIS specifications in a demo.

Due to the depth of this topic, this podcast episode runs about 18 minutes. There are two versions posted here. The .avi format is encoded at 1024×768 and uses a standard DivX codec. The .m4v is formatted for the iPod at 640×480. The .m4v will play on the blog at half size (320×480), though it plays at full size on iTunes and on the iPod.

Based on the very good response to Kim’s last talk, I expect many of you will find it well worth the bandwidth to download either or both versions for reference at your leisure.

 

 VOSibilities podcast #11: Kim Pease on using WS-Security in services-based applications [19:48m]: Play Now | Play in Popup | Download (141)
 VOSibilities podcast #11: Kim Pease on using WS-Security in services-based applications [19:48m]: Download (44)

Last week, David Linthicum’s SOA podcast continued a theme he’s been on lately, a discussion of BPEL’s “fallings” [sic]. I think he meant failings…but in any event, he mentions several times in the podcast that a post he’d previously written on this topic had generated quite a discussion (it did) and feedback from unnamed “BPEL vendors” (that’d be us; I can’t imagine why he didn’t name us. (-: )

Anyway, today after I heard the podcast, I asked Chris Keller, our founder and vp of development and one of the most knowledgeable people on BPEL in the world for his feedback. Chris has not only written the BPEL engine that’s at the core of our visual orchestration system (a VOS is a whole lot more than a BPEL engine), he’s active on the OASIS committees that are furthering the standards.

Chris gave me a lot of food for thought, and being in a playful mood, I thought it might be fun to that feedback into a Q&A. Sorta like a game show, with Mr. Linthicum as the contestant. The prize, for correct answers, is a free ActiveVOS license. Let’s see how Mr. Linthicum does…

Question 1: In the podcast, David says that a major problem with BPEL is that it’s synchronous.
Did David get it right? Click the arrow to find out… Then click here to read the correct answer
Sorry, no. Chris points out that the exact opposite is true. BPEL is asynchronous by definition.

Question 2: David says BPEL has a few programmer-level issues including limitations around request/reply exchanges in a heterogeneous architecture.
Did David get it right? Click the arrow to find out…Then click here to read the correct answer
Whooppss…wrong again. Chris points out that this isn’t a problem with BPEL as much as it is a problem with vendor support for standards that make request-response asynchronous, like reliable messaging. It’s one prime reasons for the WS-TF standards effort.

Question 3: David says BPEL has issues with failure recovery, exception handling and multi-programming model support.
Did David get it right? Click the arrow to find out…Then click here to read the correct answer
So very sorry. Chris points that exception handling is covered by the specifications and that recovery isn’t something that belongs in the specification at all (This is a major differentiator among vendors, and something ActiveVOS does brilliantly — ed.). As for multi-programming model support, we aren’t quite sure what David means, but if he’s talking about multi-tasking, the spec has that covered, too.

Question 4: David says BPEL is not very good at adding a human as part of the process and as SOA moves forward, he’s finding that composites and workflows are more applicable than simple service binding and extending.
Did David get it right? Click the arrow to find out…Then click here to read the correct answer
Close…but no cigar. Chris points WS-HT and BPEL4People have been added to the specification for precisely this purpose. While David’s criticism was once correct, it’s not applicable today.

We hope that you’ve enjoyed our little episode of The BPEL Game Show. And sorry, David, but you didn’t win our prize. However, anytime you’d like to be brought up-to-date on why BPEL is at the heart of SOA development, we’re happy to update you so you can win the next time.

We are pleased to present a recording of a joint webinar we presented on June 12, 2008 with XAware entitled How to Create and Orchestrate Services for Your SOA and Web 2.0 Applications.

Despite the imposing title, I think you will find the content — especially the lively Q&A at the end of the webinar — very interesting.

 

 VOSibilities podcast #10: Webinar replay - How to Create and Orchestrate Services for Your SOA and Web 2.0 Applications [80:19m]: Play Now | Play in Popup | Download (278)
 VOSibilities podcast #10: Webinar replay - How to Create and Orchestrate Services for Your SOA and Web 2.0 Applications [80:19m]: Download (115)

We are pleased to post a recording of a webinar we presented this week. While the title of the webinar might make you think that this is only of interest to systems integrators, I think everyone will be interested in at least two sections of this podcast: the demo and the panel Q&A. The demo by our vp of marketing, Eric Egertson, begins at about 8:00 and the Q&A, with Eric, our systems engineer Victor Chan and me, begins at about 33:00 into the recording.

Many will find the entire webinar interesting as it contains an excellent overview of ActiveVOS and how it can allow users to create services-based applications, including BPM applications, all 100% based on open standards like BPEL.

We hope you enjoy this webinar and look forward to your feedback.

 

 VOSibilities podcast #9: Webinar replay - An Introduction to ActiveVOS for Systems Integrators [49:12m]: Play Now | Play in Popup | Download (235)
 VOSibilities podcast #9: Webinar replay - An Introduction to ActiveVOS for Systems Integrators [49:12m]: Download (39)

Tomorrow and Wednesday, June 4 and 5, we are holding a webinar for systems integrators, consultants and custom application developers. We’ve had quite a lot of interest from SIs since we introduced ActiveVOS in early March, and this is the first time we have prepared content specifically to show SIs how they can use ActiveVOS in their custom application development efforts, accelerate their practices and increase client satisfaction.

Attendees will receive a special offer on ActiveVOS training.

Please register via this page on our website. We hope to see you at one of the webinars.

I checked Wikipedia to see what a “sapphire” really is because I wondered if SAP’s SAPPHIRE trade show was using it as a pun on its company name and the “clarity” of a sapphire. Turns out it might be, since Wikipedia defines it as a mineral that’s not red. Unfortunately, the recent SAPPHIRE I attended has me seeing red.

Check out this slide from their announcement of their “BPM” products:

Once past the initial hype, what SAP claims to be bringing to market seems to be more hope than code. What bothered me the most are their claims of an “executable” business process model and that “immediate execution” speeds time to value. Hold on there…even if you did execute the model directly, is that necessarily a good thing?

Surely SAP isn’t suggesting that all of a sudden, you’re going to stop following best practices and the SDLC that you have developed over the years: separation of concern from the model, its implementation, testing, and methodical deployment across development, sit/cit and pre-production environments before you put it in production.

Beyond the question of what the right thing to do is in terms of development process, what exactly did SAP announce? A beta of BPM/BRM that will be released this June with the actual product shipping — maybe — in March 2009. (We’re hearing it’s $4500 per seat. Get that special checkbook you use for SAP products ready…you know the one with eight zeros pre-printed in the amount field.)

When it ships next March, there will be no announced integration with BPEL and no means of import/export of the BPMN from the tool that SAP customers have largely adopted, ARIS.

We talked with ARIS customers who aren’t happy about the lack of integration. One we spoke with uses ARIS heavily to model processes and hand them over to development. Instead, SAP chose to generate executable code directly bypassing the developer. If you believe SAP, you’ve now empowered your business analysts with the means to build executable models.

The good news is that you now have 300 new developers; the bad news is that you have 300 new developers. Is there an IT group on the planet that would deploy such a model in production directly? Please let us know if you do…we want to see how you’ve managed to skip validation, testing, performance trials and all the rest of the standard things a real application has to have.

SAP indicated that interoperability with ARIS is not possible because of a lack of a standard for BPMN serialization. While that’s true — BPMN is a notation (i.e. not an executable process definition like BPEL) — not having import/export with ARIS only suggests SAP is more interested in account control than real BPM. If it was motivated in ensuring no lock-in, SAP would have worked more closely with ARIS in developing an import/export mechanism, maybe via XPDL or XMI. But they haven’t, and while we’re only speculating, it seems clear why they haven’t. So much for the claims by ARIS at SAPPHIRE that ARIS is the “Business Processing Arm of SAP”.

See why does this have us seeing red? We’re steaming for the SAP customers who actually buy this line…who’ll be waiting a year (at best) for capabilities they need today…who’ll end up even more locked-in than ever to proprietary, closed, non-standards-compliant applications.

In a recent post, David Linthicum asks if BPEL is irrelevant. And just as David predicts BPEL providers would do, we fundamentally disagree with the premise. In fact, we don’t see how you could create an SOA without BPEL.

As I read the post it seems he has two sets objections. First, a lack of integration of people into processes and second, a collection of concerns about recovery and exception handling.

ActiveVOS is the first development system that’s based on BPEL 2.0 with no proprietary extensions and to include BPEL4People. As a result, it’s the only 100% standards-based way to achieve long-running orchestrations that include human tasks as first-class participants in the orchestrations.

And if you want recovery and error handling, how’s this: what if you could, in a running orchestration, dynamically switch endpoints when the primary wasn’t available? What if you could change what a running orchestration does based on the current state of the overall business process? IOW, if you could determine that processes that included human tasks had problems with the quality of the work and as a result you could dynamically change what happens to in-flight orchestrations? What if you could, very simply, suspend a failed transaction — one that might have been running for weeks or even months — so that corrective action could be taken? What if you could easily version processes so that in-flight orchestrations could conclude before a new process is implemented?

These are just some of the things that ActiveVOS does that we believe are part and parcel of creating applications in a services-based environment and for which there are no real substitutes. BPMN ain’t gonna do all this (it’s not even executable). AJAX and most Web 2.0 technologies are primarily front-of-screen and do nothing to manage the amazing complexities of long-running orchestrations made up of heterogeneous services.

David, don’t pull that trigger until you talk with us. We’re happy to show you (and anyone else) all this and more, anytime, anywhere. I think you’ll come away with a completely different perception.

For this episode of our podcast, I am very pleased to bring you a video recording made by our own Kim Pease in which she demonstrates ActiveVOS’s capabilities to interact with JMS queues. Kim gives a great overview of what you can do with ActiveVOS, but even more than that, the features she demonstrates make a very subtle but important point: orchestration developers don’t live in a 100% SOAP world.

Many of the services developers need to orchestrate are available via JMS and originate and terminate in common systems like MQ Series and JBoss. We believe it’s very important to be inclusive of these transports and to make sure they are able to participate in a first-class way with SOAP-transported services. In short, being “doctrinaire” about how services should communicate with the orchestration system only serves to impede developers who deal with heterogeneous systems as a daily matter of course. A good example of this pragmatism in ActiveVOS is at about 6:00 into the demo when Kim shows how ActiveVOS will automatically detect an incoming message’s format and reply in kind.

I want to thank you all for the feedback we’ve been receiving about this podcast series. We will continue to post a wide variety of content: demo vignettes (help me persuade Kim and our other engineers to burn the midnight oil to create more by downloading and viewing this episode like crazy), product information, audio podcasts and PDF content. Be sure to subscribe to this feed at http://www.vosibilities.com/category/podcast/feed or in iTunes at http://phobos.apple.com/WebObjects/MZStore.woa/wa/viewPodcast?id=274122495.

You may have also noticed that when we have video for the feed, I try to post both a larger .avi and an iPod-formatted .m4v or .mp4. They are always the same content, but the .m4v is usually smaller because it’s reduced in resolution to fit iPods. Please feel free to download either or both. Also, as a convenience who visit the blog instead of subscribing to the podcast feed, the .m4v can be played in a Flash player on the blog just by clicking on the image.

 

 VOSibilities podcast #8- Kim Pease on using JMS with MQ Series and JBoss to orchestrate web services [9:54m]: Play Now | Play in Popup | Download (258)
 VOSibilities podcast #8- Kim Pease on using JMS with MQ Series and JBoss to orchestrate web services [9:54m]: Download (56)

In our latest podcast episode, Mark Taber, CEO of Active Endpoints, discusses the relationship between BPEL and BPMN and why BPEL is the standards-based environment of choice for executing services-based applications. Mark also describes how BPMN can free users from the tyranny of proprietarty BPMS execution and, best of all, previews what Active Endpoints will be doing shortly in ActiveVOS to unite these two useful standards. Mark also discusses at a high level how we see the relationship between BPEL and BPMN and what we believe a visual orchestration system should enable users interested in these technologies to accomplish.

We hope you enjoy this podcast. We welcome feedback as a comment on the blog or via email to editor@activevos.com.

 

 VOSibilities podcast # 7: Mark Taber on BPMN and BPEL [9:39m]: Play Now | Play in Popup | Download (100)

OK, at risk of obscuring my passionate post of earlier today about BPMN, BPEL and BPEL4People, it’s about time that we posted the pix of us at JavaOne. It’s taken a whole week because the Flickr plugin I tried earlier this week crashed the blog completely.

Anyway, I was motivated to do this this afternoon because our guys are calling everyone whom we met at JavaOne to follow-up. And just a few minutes ago, Mike Kettering came in to tell me a woman he spoke with had a great time at the party. It was so nice of her to tell Mike that she’d had a good time so long after the party ended.

Frankly, I don’t remember the party very well, but I know I had a blast. (-:

Just click on a thumbnail to see the photos from Flickr. Those big yellow bowls were actually lighted, though you can’t see it in the photos. And most of the other shots showing people palming big snifters are of people enjoying a 40oz cocktail masterpiece.

So, next time we invite you to a pahty, you’re gonna come, right?

I’ve been waiting to post this video podcast episode for a couple of weeks because I wanted to understand better all the vitriol and confusion in the marketplace between BPMN promoters on one side and BPEL proponents on the other

No less an authority than Bruce Silver noted over two years ago “…that the world of BPMS is divided into BPEL-lovers and BPEL-haters…” And as soon as I arrived at Active Endpoints last January, I could really feel the tension…an internecine battle among people who believe in the same outcome and passionately hold that standards-based technology is ultimately the correct path for customers.

But at the end of the day, there are two inescapable facts. First, BPMN is not executable. BPEL is. Together, they are a more potent, winning combination for customers than peanut butter and jelly. I just can’t understand why BPMN promoters skip over this fact.

This BPMN-bigot blind-spot this allows Lombardi, SAP and others to claim ”support” for standards and yet execute the processes on a proprietary execution engine. Isn’t that the maximum possible deprecation of BPMN? Isn’t it a violation of the original intent of BPMN to run it on proprietary engines, ensuring customers lose agility and increasing their costs? Why don’t BPMN people just loathe that idea?

We do, and that’s the second inescapable fact: no modelling-direct-to-execution technology has ever succeeded. That’s why BPEL4People is so important (and why we are on the BPEL4People Technical Committee and have implemented the current capabilities of BPEL4People in ActiveVOS 5).

It’s really pretty simple (and here comes a mixed metaphor I can’t believe I’m posting): dolphins don’t talk but old dogs can be taught new tricks. Dolphins may actually be smarter than humans, but they don’t speak in words. BPMN may be great, but it won’t run “on the metal.” OTOH, BPEL can be extended with human activities that are first-class participants in a BPEL orchestration. That ole dog sure can hunt.

Bottom line: BPEL and BPMN together is what kumbaya sounds like for BPMS. And today’s podcast episode is a proof point: watch how Mark Ford shows an orchestration that includes human workflow as a first-class participant and which is 100% standards-based. (And watch for us to shortly say a whole lot more about ActiveVOS and BPMS.)

 

 VOSibilities podcast #6: Mark Ford on BPEL4People [2:35m]: Play Now | Play in Popup | Download (250)

 

 VOSibilities podcast #6: Mark Ford on BPEL4People [2:35m]: Play Now | Play in Popup | Download (32)

Whew…it’s been a busy week. We were at JavaOne, threw a great party (pix soon, I promise), met lots of people and got lots of great feedback.

Oh, and speaking of parties, we crashed SAPPHIRE in Orlando. Yes, it was we who dressed up actors in prison uniforms labelled “SAP County Jail” on the back and had the actors hand out ActiveVOS demo CD’s labelled “SAP Liberation Plan” and “Evidence” during SAP’s big user convention last week.

Why? In two words: public service. SAP bigots may think that’s an over-the-top characterization of what they will label as a PR stunt. But there is a method to our madness. We are convinced that SAP is pulling the wool over users’ eyes about BPM. And while we are realistic about our chances of liberating today’s SAP users, we feel compelled to reach out to them just in case they want a get-out-of-proprietary-BPM-jail plan.

What am I talking about? Consider this interview with an SAP architect who says:

SAP NetWeaver already provides capabilities to model and execute business processes that include both automated activities as well as human-executed activities. As the BPEL4People standardization progresses we will presumably see more and more compliant implementations.

Isn’t it clever to conflate NetWeaver — the most closed, proprietary BPMS on the planet — with BPEL4People? If you can just get a little of that standards-based branding onto your proprietary platform (especially in an press interview about standards), it may be enough to keep the prisoners in lock-down and maybe even bring a new busload or two inside the gates.

By “…we will presumably see more and more compliant implementations” I presume SAP was referring to the announcement last week of SAP’s plans for BPM, in which they purport to “usher in a new era” in BPM. The interview was published before the press release was issued, but if this is what she was referring to, it looks like NetWeaver users looking to free their business processes from proprietary stacks have just had their jail sentences unilaterally extended.

Consider three points. FIrst, there’s not a single standard mentioned in this press release. That’s not ushering in a new era. That’s 1980 all over again. Second, notice the repeated use of the phrase “the planned implementation.” This is all about some SAP NetWeaver product you can’t actually get until Q1 2009. Can you say, “freeze-dry the prisoners until we’re ready?” Third, I fell asleep during a demo of this at JavaOne in which the demoer couldn’t even get a PowerPoint to work.

‘Nuff said (for now). Be sure to watch the hilarious video of our “prisoners” being harassed in Orlando as they attempt to hand out CD’s to arriving guests. We didn’t go inside the hall. We didn’t interfere with anyone…but SAP set the security people on us anyway. Guess a little standards-based competition is too much for the self-proclaimed ushers of a new era.

 

 Video of Active Endpoints attempting to liberate SAP users at SAPPHIRE [2:48m]: Play Now | Play in Popup | Download (314)