Palermo, Oct. 2008

ETICS2 All Hands MeetingVEGA GmbH

INFSOM-RI-1234567

Uwe Mueller-Wilm

ETICS Service Management FrameworkBusiness Objectives and “Best Practice” Guidance

2ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

Customer FeedbackTranscriptions of ETICS Feedback at Aerospace Industry

“We really would like to have a system development and deployment environment which:”

• Is delivered with processes and procedures which enforces use of industry best practice software standards, including quality aspects;

• Supports a centralized repository under our control;

• Offers a common working environment, shared between our off-site contractors and us;

• Offers secure access for authorized users;

• Supports authorisation of system access, level and scope;

• Allows flexibility in composing the groups of authorized users;

• Supports us in the deployment of the software developed by us;

• Convinces our key contractors ...

3ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

Extracting the Essentials Summary of Expectations and Benefits

• Standardisation

• Configuration Control

• Visibility

of development, maintenance and deployment status and progress;

• Collaborative Use of the environment;

• Security in interaction, Protection against outside world;

• Flexibility in configuration;

• Acceptance of environment by users community.

In Summary: not only a System is wanted, which offers these capabilities, in addition a Service which aids in the software development and maintenance and deployment processes.

4ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

ETICS Business Outlook Service Strategy

What is the market?

Commercial companies which are interested in a secured and standardized software development environment, which also can be shared across their own organisation.

What is the business?

Providing a Service built on or around ETICS – in essence: “leasing” an ETICS based software development / maintenance environment to (potential) customers.

Providing this service requires Standardized Processes and Procedures.

5ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

Looking for Standards What could be Applicable?

Summary of most suitable standards / frameworks

For the Service:

• ISO/IEC 20000: defines requirements for a Service Provider to deliver Managed Services.

• ITIL V3: provides a framework of Best Practice guidance for IT Service Management.

For ETICS:

• ISO/IEC 12207: establishes a common framework for Software Life Cycle Processes, with well-defined terminology.

6ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

A Proposed Architecture ISO 12207, 20000, ITIL V3 and Procedures

ISO 20000-1Specification

ISO 20000-2Code of Practice

In-HouseETICS Procedures

Proposal: not published

before 2010ISO 20000-4 Process Reference Model

ITIL V3Service Life Cycle Approach

ISO 12207 Software Life Cycle Processes

First versionavailable since

May 2007

Well establishedstandard

To be implemented

Not availablebefore 2010Publishedsince 2005

DeployedSolution

ProcessDefinition

Service Definition

Standard Procedures

7ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

ITIL V3The Service Lifecycle Approach

ServiceTransition

ServiceOperation

ServiceDesign

ContinualService Improvement

ServiceStrategy

8ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

ITIL V3Core Description

• Service Strategy: focuses on the identification of market opportunities for which

services could be developed. Defines strategies for the design, implementation,

maintenance and continual improvement of the service.

• Service Design: activities to develop the strategy addressing all aspects of the

proposed service. Key areas are Availability Management, Capacity Management,

Continuity Management and Security Management.

• Service Transition: focuses on the implementation of the service design outputs

and the modification of an existing service. Key areas are Change Management,

Release Management, Configuration Management and Service Knowledge

Management.

• Service Operation: focuses on the activities required to operate the services and

maintain their functionality. Key areas are Incident Management, Problem

Management and Request Fulfilment.

• Continual Service Improvement: focuses on the ability to improve quality of the

services that is provided. Key areas are Service Reporting, Service Measurement

and Service Level Management.

9ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

ITIL V3The Service Lifecycle Approach

• Useful for developing strategies how ETICS can be extended as a commercial Service;

• Business processes can be applied with the aim to upgrade ETICS as a Service, in which context the development of commercial applications following industry best practice standards can take place.

10ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

ISO/IEC 12207The Software Life Cycle Processes

DocumentationSupporting:

Configuration Mgmt.MaintenancePrimary:

Problem Resolution

Audit

Joint ReviewAcquisitionTraining

ValidationSupplyImprovement

VerificationDevelopmentInfrastructure

Quality AssuranceOperationManagementOrganizational:

11ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

ISO/IEC 12207The Software Life Cycle Processes

• Useful for elaborating processes and procedures how ETICS can support in using industry best practice software standards;

• Software oriented procedures can be applied to concrete application development within the context of ETICS as an development / maintenance System.

12ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

Interaction between Processes and ProceduresOur Vision

ETICS Framework

ITIL V3Service Life Cycle Approach

ISO 12207Software Life Cycle Processes

BuildTools

Config.Tools

Admin.Tools

Service Operation(incident, problem, request handling )

Co

ntin

ua

l Se

rvic

e I

mp

rove

me

nt

Service Transition(release, change, configuration, deployment)

Development

Mapping Layer: Processes & Procedures to Tools

Mapping Layer: Service Elements to Processes & Procedures

TestTools

Plug-InFramework

Operation Maintenance

13ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

• What is the business? (already discussed) cost, billing models

• Availability, capacity, security, continuity

• Service Requirements Tools to be developed

How to get there?Steps to be performed

Service Strategy

Service Design

14ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

ExampleRelease Management

•Requirement: customers stated that the wish to have control on the release and

deployment procedures for tested software.

•ISO/IEC 12207,6.2.6.1 Release management and delivery: The release and delivery of

software products and documentation shall be formally controlled. Master copies of code

and documentation shall be maintained for the life of the software product. The code and

documentation that contain safety or security critical functions shall be handled, stored,

packaged and delivered in accordance with the policies of the organisations involved.

•Adaptation to ETICS – Procedures shall describe:

• Definition of Roles: Developer, Release Manager, Users: Developer can initially

read / create distributions; Release Manager can read and can decide attachment

of Users to distribution packages; Users can only read packages after release.

• Release Process: Release Manager decides on the acceptance of software: if

accepted, he allows Users to read the package and disables the creation of new

packages for the Developer, so that the package is frozen for the release.

15ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

Release Management IIRepresentation of Roles and Processes

DevelopmentProcess

AcceptanceProcess

DeploymentProcess

Developer

ReleaseManager

SW RevisionsSW Releases

Users+/-w +/-r

16ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

Continual Service ImprovementOptimizing the Framework for Business Needs

Design

Build

AcceptDeploy

Operate

Optimize

UserApplications

Requirements

Design

Build

AcceptDeploy

Operate

Optimize

Requirements

ETICSCore

Service

Lifecycle

17ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

Discussion

• ISO /IEC 20000 certification is certainly outside of the scope of ETICS-2. However, as the proposed architecture on page 6 shows, we can start with the adaptation of ISO/IEC 12207 (which is outside of any certification purposes) which later can be upgraded.

• The same is true for ITIL V3: even if we cannot afford an ITIL V3 certification during the running project, we can orientate on this framework, as it offers the best seminal approach.

• …

18ETICS Service Management Framework

INFSOM-RI-1234567

Palermo, Oct. 2008

References

ISO / IEC 12207 Basic Concepts:

http://www.abelia.com/docs/12207cpt.pdf

ISO / IEC 12207 Tutorial:

http://www.abelia.com/docs/12207tut.pdf

ITIL V3 Publications:

http://www.itsmfi.org/content/publications

ISO / IEC Certification web site:

http://www.isoiec20000certification.com

Service Management Process Reference Model, Proposal:

http://isotc.iso.org/livelink/livelink/fetch/2000/2122/327993/755080/1054034/2541793/JTC001-N-8640.pdf?nodeid=6587475&vernum=0