Chapter 7- Closing Case Study 1

International Truck Makes a Huge Bet On a Service Oriented Architecture

Introduction
In 2006 International Truck was one of the first major corporations to
implement service orientated architecture, referred to as SOAs. SOA focuses on
the development, use, and reuse of small self-contained blocks of code to meet
future application software needs in a dynamic environment.(Stephen Haag,
2010) This case study will focus on how International Truck implements SOAs
within its dealer network, what advantages and efficiencies they hope to gain
by using SOAs, how new software models will integrated within existing ones,
which infrastructure-centric metrics will be used to justify the application of
SOAs, and what would be the business continuity plan for major IT components
in the event of a disaster or extended disruption.
In addition to meeting future application software needs, SOAs can take
advantage of resources in the most efficient and effective manner.
Furthermore, SOAs reacts quickly and proactively to perceived changes in the
market. SOAs are bound by very few structural constraints to respond quickly
and adapt to new advances in technology. Also it transforms it processes,
structure, and HR initiatives in a dynamic environment. This case study will focus
on SOA components such as customer and software development. One of the
primary goals of an SOA is to allow your organization to provide customers with
multi-channel service delivery options and customizable products and
services.(Stephen Haag, 2010). Customers require the ability to plug-and-play
into any communication channel with your company. It is essential for
International Truck to expand into software development of extreme
programming (XP).
Navistar is a global manufacturer of commercial trucks, military vehicles,
diesel engines, and school and commercial school busses. Navistar has also
entered joint manufacturing agreements with manufacturing firms Magindra of
India and Tatra of France. With global operations center located in two
countries and three states, IT centers are employing several hundred IT
employees and handling 16,500 jobs each day (Navistar , 2012).
Problem Statement
This case study seeks to answer the following questions:
1. With respect to its customers (dealers in this case), how is
international Truck using a service-oriented architecture to meet
their needs? How does using an SoA further help International
Truck erect an entry barrier (from Chapter 1)?
2. With respect to information needs, what advantages and
efficiencies is international Truck hoping to gain by using a
service-oriented architecture? Why are these advantages and
efficiencies not possible with its current legacy system?
3. Recalling our discussion of software development methodologies
in Chapter 6 that focus on component-based development (i.e.,
RAD, XP, and agile), how is international Truck able to integrate
new software modules with existing ones?
4. What key infrastructure-centric metrics could International Truck
use to justify its movement toward a service-oriented
architecture? For each that you identify, provide a short
description of why the metric is important.
5. How important is it for International Truck to have a good business
continuity plan is place? What key IT systems and other IT
resources do you believe would be at the top of the list for quick
recovery? Why?
Areas of Consideration
Strength Weaknesses
Low follow-up costs
Very flexible architecture
Compliance with standards
Autonomous systems
High start up infrastructure
costs

Threats Opportunities
With high transfer volumes,
there is the risk of a
performance of
bottleneck, if it is not
separated from normal
traffic
Individual systems can be
integrated or replaced easily


Alternative Courses of Action
1. Navistar found numerous problems in their legacy system
architecture. Those problems included the inability to track truck
production in real time or flag anything that went wrong. There were also
excessive defects and returns, along with, bottleneck in shortfall and parts
production. Another major issue is that isolated data and information
sharing and commercial ERP software was no compatible. Art Data, Vice
president of Internationals IT department stated, its not so much
embracing a framework is do you have a need(Murphy, 2006).
In seeking an internal solution to the problem, Navistar created the
Common Vehicle Tracking System in order to save $3 million a year in
profit. This system focused on tracking production according to a specific
vehicle or vehicle type in near real time.
Navistars IT technicians created an SOA application called
International Aware. One of the main goals of this new system is to
combine vehicle electronics systems, GPS and cellular technology to send
truck owners information on where vehicles are and what theyre doing.
Another benefit is that Geo-fencing managers can request an alert if a
vehicle goes off course (Murphy, 2006).
Navistars customers have specifically needs for their vehicles and
may keep them in their fleet for decades. In addition, Navistars 400
dealers were allowed to choose their own internal management software
systems to access parts, catalogs and sales tools. To provide their
customers more flexibility, Navistar delivered an external solution of the
Online Truck Configurator (OTC). This allows them to see which options are
available with each vehicle. Instead of ordering vehicles based solely on
options, dealers can now configure trucks in priority of their technical
features, their trade application solutions, and transport tasks. By
implementing the aforementioned software applications Navistar has
erected an entry barrier by becoming a first mover in SOA application.

2. Service Oriented Architecture has opened many doors in terms of
advantages and efficiencies. Some of the advantages of SOA software
are in-field diagnostics and repairs by downloadable software
applications, and language translators to communicate with their
international partners. In-field SOA diagnostic software has provided many
advantages to military and long-haul truck drivers. The ability to track,
diagnose, and provide software updates to vehicles in remote locations
such as Afghanistan has improved vehicle in-service availability and has
substantially decreased the time waiting for replacement parts. Also, a
language translator SOA application has made the transfer of Navistar
military vehicles to Iraqi and Afghan soldiers more efficient.
One of the primary issues with International Trucks legacy system is
that it stored isolated data and information in applications such as
computer-aided manufacturing, in-house developed order
management, and even commercial ERP software. (Stephen Haag,
2010).

3. International uses the extreme programming (XP) methodology, which is
breaking projects into tiny phases and programmers cannot continue until
the current phase is complete. One of the reasons for XP success is that it
emphasizes customer satisfaction. XP empowers developers to responds
to changing customer and business requirements, even in the late stages
of the systems development cycle, and emphasizes teamwork. The XP
methodology supports quickly being able to solicit and incorporate user
feedback. The XP methodology phases include planning, analysis, design,
development, testing, implementation, and maintenance. To integrate XP
into their legacy systems, Navistar developers built two Java EE-Based
interfaces to a homegrown order management system, which was then
integrated into the Baan ERP System. The next step was to extend the new
SOA interfaces to their customers and trading partners. The primary
benefit of XP methodology is to allow Navistar to swap out software
applications with little or no disruption to current legacy systems.

By integrating the new software with older versions that employees
are already familiar with, they can make the business boom. It is a lot
easier than "plunging" directly into a new software system that can cause
a lot of unwanted problems.

4. One of the metrics that could be used would be system availability.
International Truck's previous IT systems didn't share information easily. The
SoA allowed information to flow much easier to and from different
departments and systems, resulting in less problems and errors in areas
such as manufacturing.

Another key infrastructure-centric metrics that could be used by
International Truck to justify a SOA scalability, accuracy, system
availability, and through put. These would be justified by the problem in
shortfalls in inventory, excessive defects and returns, more timely
information on assembly-plant problems, and the lack of easily shared
information by their current system,.

Scalability is defined by how well a system can adapt to increase
demands. This is important to any corporation that wishes to expand its
operations on a global scale.
Throughput is the amount of information that can pass through a system
in a given amount of time. As the size of an organization increases, the
system must be available to handle the increased amount of information
generated.
System availability is usually measured inversely as downtime, or the
average amount of time a system is down and unavailable to end users
and customers. A system must be available to all members of the value
chain at any given time. The industry standard is the 99.999%.
Response time is the average time to respond to a user event, such as a
request for report. International Trucks SOA resulted from needing more
timely information so it could identify assembly-plant problems sooner
(Stephen Haag, 2010).
They are using scalability because their new system they put in
place has now increased their demands. Customers have more access to
the products at hand. It has also made it cheaper and has saved them
over three million dollars.

5. Business Continuity Planning is defined as a step-by-step guideline
defining how the organization will recover from a disaster or extended
disruption(Stephen Haag, 2010). Having a good business continuity plan
serves as a bases for getting an organization back up to speed after a
disaster or a disruption in production. All systems including Supply Chain M,
ERP, and CRM are all vital to the operation of the IT infrastructure. This
included SOA and electronic data interchanges (EDI). Navistar
International is fortunate to have many hot sites in place. Although the
organizational Information Technology Office is located in Downers
Grove, IL, they have back up hot site in the Computer Technology center
in Brookfield, WI.
A good business continuity plan in place serves as the basis for
getting back up to speed after a downfall or halt of production. It is
necessary and important to have it or else no one will know what to do.

To create a more robust business continuity plan, Navistar
International entered a service level agreement with IBM. This contract
IBM will transform Navistars IT environment by providing data center
relocation, server and storage management, physical data support, and
utilization of IBM server and storage technology. IBM will also provide
disaster recovery service, as well as a help desk and distributive
observation support at Navistars locations throughout the United States,
Canada, and Mexico.
A quick recovery needs a high-speed software system that can
integrate with others to get back up to speed with the entire company
and get business booming again.

Conclusion and Recommendation

The competitive nature of todays dynamic business environment
requires organizations to find way to differentiate themselves from
competitors. Service Orientated Architecture offers an avenue for
organizations to make significant changes to the legacy system, without
disrupting their IT infrastructure. As a result of International Trucks
investment in SOA, operations are now enhanced and can run efficiently.
Furthermore, SOAs enables organizations to track near real time
production, in-field diagnostics, repairs by downloadable software and
applications, and language translators. Art Data, VP of Navistars IT, said
that, I dont think we know all the doors were going to open with this,
(Murphy, 2006).

































Chapter 7- Closing Case Study 2
Denver Health Operates with a Private Cloud and Thin Clients
Along with its main hospital, Denver Health operates the 911 emergency
medical services response system for Denver, 12 clinics based in the Denver
Public Schools, the Rocky Mountain Poison Drug Center, and eight family health
centers, thats a big organization with substantial technology needs.
Denver Health faced a problem of lost time incurred by physicians and
nurses upon entering a patients room and having to log on to a computer.
Even though Greg Veltri, Denver Healths CIO, had procedures and processes in
place to keep patient-room computers as new as possible and to refresh those
computers often to rid them of spyware, adware, and other inhibitors of
performance, log-on time was still about two minutes. If you multiply those two
minutes throughout the day by the number of doctor visits to rooms, Denver
Health calculated that it was losing almost $4 million annually in physician lost
time.
So, Gregg turned to a solution called ThinIdentity. ThinIdentity utilizes a thin
client basically a high-quality monitor, mouse, and keyboard in each patient
room. All processing and information storage are maintained in Denver Healths
private cloud. These thin clients (Sun Rays) need to be upgraded only every
eight years, instead of the typical two to three years for a PC. Further, each Sun
Ray costs only $600, a fraction of the price for a full-blown PC.
Equally important is the sign-on procedure doctors and nurses use now.
Upon arriving at work each day, a doctor or nurse signs onto a single station
(Sun Ray terminal or a PC in an office), which takes about one minute, by
inserting a smart card and then providing a log-on name and password. The
doctor or nurse then removes the smart card, which logs off the session at that
station, but leaves the session active in the cloud for the doctor or nurse. When
entering a patients room during the day, the doctor or nurse needs only to
insert the smart card and provide the log-on name and password to reactivate
the session that is still active in the cloud. This process takes only 5 or 10 seconds.
ThinIdentity takes advantage of a concept called virtual location
awareness (VLA). VLA maps each room to each patient according to Denver
Healths transaction processing system. When a nurse or doctor enter a specific
room and reactivates his/her session in the cloud, VLA recognizes the room and
immediately pulls up that patients information within that doctors or nurses
session. This saves even more time. In total, the ThinIdentity-based system has
saved Denver Health an estimated $5.7 million.
The savings are presented below.
- One-Time Savings
o $1.2 million reduction of desktop replacements
o $300,000 reduction of desktop resource needs
- Annual Savings
o $135,000 reduction of energy needs (Sun Rays use much less energy
than traditional desktop computers)
o $56,000 reduction in help desk calls
o $250,000 reduction in full-time employees operating the help desk
o $3.7 million reduction in physician log-on time
Introduction
Cloud computing has been a tremendous source of cash savings for
Denver Hospital. It has saved hours of log in time and also been cost effective. It
is an important question whether the public cloud can help the hospital grow
and serve as a protection for Denver Healths private cloud. Since we are
dealing with a health facility, it is critical to maintain the confidentiality of the
patients involved.
When disaster strikes, and data seems lost, the cloud can help in a less
costly way than having servers at a separate site. Data on the cloud is delivered
through a web portal belonging to a cloud service provider. The only expense is
that of the resources consumed. Denver health would be benefitting from the
public cloud in two ways: from the computing capacity and also from the
storage aspect, both on a private level. In case of a disaster, the data desired
would be ready and available for processing and manipulating as needed.
Overall, the future of cloud computing and storage is a strong and solid one.
Denver Health should be aware of not entering a long-term agreement with a
cloud provider. A benefit of cloud storage is that you can switch companies if a
better deal becomes available. The information is not locked to one carrier, if a
firm decides to switch. Additionally, in order to minimize a recovery phase, the
hospital should be sure to use a cloud provider that has a fast recovery phase.
Much research should be done before any major decision is made, but there
are definitely solid reasons to use the public cloud as a backup for Denver
Healths private cloud.
Problem Statement
1. Privacy laws and regulations require medical facilities to take measurable
steps to ensure the confidentiality of patient information. From the case
study, can you tell what Denver Health has done to ensure the
confidentiality of its patient information?
2. Think about your school. How could it use the ThinIdentity solution to
support the technology needs of 1) faculty and 2) students such as
yourself?
3. In thinking about cloud computing (focusing on the public cloud), what
role could it play in business continuity planning for Denver Health? That is,
how could the public cloud act as a backup for Denver Health's private
cloud?
4. If Denver Health were to give each patient a smart card, log-on name,
and password, which functions, features, and information could benefit
patients? What security would have to be in place to ensure that patients
have access to only their own information?
5. How could Denver Health extend the ThinIdentity solution beyond its brick-
an-mortal walls? How would it work (i.e., need to change) to have doctors
and nurses log on from home or use a mobile device such as a Blackberry
or iPhone?
6. The reduction in physical log-in time is efficiency metric. What are some
effectiveness metrics that could justify Denver Health's use of ThinIdentity?






Areas of Consideration



Alternative Courses of Action
1. Denver Health did create security measures to ensure that only the
proper people can access the information. Doctors and nurses when
they first arrive to work they sign on by inserting a smart card which
contains that doctors or nurses credentials, once the smart card is
inserted the end user still also has to supply their login and password.
The help ensures that if a card is lost or stolen a random person or a
different doctor or nurse is not able to use and look at other patient
information.All processing and information storage are maintained in
Denver Health's multi-tenancy private cloud and the use of smart card,
log-on name and password.
2. It can help institutions allocate consumption of resources
(chargeback) by different services or departments to better prioritize IT
spend. By taking advantage of the private cloud across servers,
desktops, and applications, education institutions can:
- reduce cost. Help reduce physical server sprawl and total
cost of ownership of hardware
- simplify desktop management. Provide optimal desktop
solutions for different user needs, while reducing IT complexity
- improve access to applications. Help increase academic
institution agility through on-demand access to applications, and enable
anywhere access for students and faculty
- integrate technologies. Minimize application and OS
compatibility issues.
For student, ThinIdentity can help to facilitate the dynamic learning,
teaching, and research activities in a university. It centralized the
computing and storage resources, this gives a great convenience to
schools and department across university to self-provision computing
environment, enable lecturers and students to easily access to the
necessary information immediately and efficiently.
Both students and faculty could use it for quick access to student
records. As a student I could then see if what classes are open, if any are
available to audit, etc. all from the thin client. It would also allow for the
faculty to have greater manageability in terms of sharing or disseminating
information such as news, announcements and events.
3. The public cloud could be used as a disaster recovery solution for
Denver Healths private cloud. Denver Health could work with a public
cloud provider such as VADS Berhad to create a backup cloud.
Denver health would be benefitting from the public cloud in two
ways: from the computing capacity and also from the storage aspect,
both on a private level. The public cloud could be an option for
Denver Healths business continuity planning. The public cloud could
be used as a tool or backup solution for Denver Healths private cloud.
Denver Health could work with a company such as Amazon Web
Service or AWS to create a backup cloud. In the case that all of
Denver Healths assets go down, they would then still be able to
access their information that they worked with Amazon in putting into
the public cloud. They can also work with Amazon and their public
cloud with a collocation facility. This would allow for Denver Health to
still be able to access information on the chance that something
catastrophic happens at their data center.



When disaster strikes the company, and data lost, the public
cloud can help in a less costly way than having servers at a separate
site. Data on the cloud is delivered through a web portal belonging to
a cloud service provider. The only expense is that of the resources
consumed. This is how public cloud act as a backup for Denver
Healths private cloud.

Overall, the future of cloud computing and storage is a strong and
solid one. Denver Health should be aware of not entering a long-term
agreement with a cloud provider. A benefit of cloud storage is that
you can switch companies if a better deal becomes available. The
information is not locked to one carrier, if a firm decides to switch.
Additionally, in order to minimize a recovery phase, the hospital should
be sure to use a cloud provider that has a fast recovery phase. Much
research should be done before any major decision is made, but there
are definitely solid reasons to use the public cloud as a backup for
Denver Healths private cloud.

4. Patients can access their medical records and the doctors can
communicate timely with patients about their health status for
appropriate treatment and diagnosis.

In order to secure that patients access only their information, Denver
Health should consider the following:

Individual authentication of users
Access controls
Tracking of access and changes to records
Protection of remote communications links and access
Limited data sets
Data use agreements
Procedures for access to sensitive information in emergency
situations
Providing patients access to and ability to amend information
Communication of privacy practices
Organizational approaches to fostering privacy and security
awareness


Patients would be able to look at their own personal patient history
such as office visits, test results, prescriptions, anything that is related to
that patient. Patients could also then utilize the tool to see if and when
their doctor is going to be in the office and try to schedule a visit. Denver
Health could also take it one step further and allow for patients and the
doctors to interact. With a patients history right there if a patients is asking
questions or looking at symptoms doctors would be better able to
diagnose for minor ailments not requiring an office visit from the patient.
There would still have to be security measures in place. Each user
would have to have their login and password. This would be similar to
what is in place with online banking. Many customers bank, but with their
login information they are only able to access their own accounts and not
another customers.
5. Denver Health can access patients medical information remotely
out of Denver Healths premises through the use of the public cloud
over the Internet and the use of web browser to access online web-
based portal.
Denver Health could expand ThinIdentity outside of its brick-and-
mortar walls; Denver Health could expand their solution to users with
Smart phones. If ThinIdentity is going to be utilized on a Smartphone
Denver Health is going to have to create an application that allows for
only registered users to access, or create a VPN connection on the
device and then only be able to access ThinIdentity from behind the
VPN.
6. Effectiveness metrics measure results of the technology or
application of ThinIdentity. Measuring things such as the number of
new patients registered, length of time a patient stay active, number
of medicine stock outs and excess inventory, etc,
I think Denver Health could take a look at employee satisfaction as
one of their metrics. It will be essential that the nurses, doctors and
everyone else who is using ThinIdentity has a positive view of it. If
ThinIdentity is well liked the users are going to be more inclined to use it
the way that Denver Health wants them to.
Denver Health will also want to look at how ThinIdentity impacts
their long-term objectives. Has the implementation created better
patient care, is Denver Health realizing more dollars per patient, or
doctors seeing more patients.
Conclusion and Recommendations
According to Nicholas Carr, IT has started to become less prominent and
mattered less to the competitive edge. History reveals that IT needs to become
ordinary: ; needs to lose its strategic importance as a differentiator among the
companies so as to fulfil its potential (Carr 2004). From the vendors perspective,
cloud computing has proved to be disruptive in nature and a substitute for the
own-hosted hardware infrastructure. This has posed a serious threat to the
established firms who were market leaders in the traditional server business.
These players are increasingly getting into cloud domain and have started to
provide cloud services to the customers.
Private cloud service makes a lot of sense to bigger companies because it
is based on a model where they run their own servers and infrastructure. The
idea of controlling your own infrastructure and only allow workers within the
same firewall to access all the content from the private cloud makes it
comfortable to use for larger companies. Connectivity is often done through a
secure VPN connection and there are many encryptions that keep anyone else
from accessing the network.
Public cloud service does offer a lot of security measures, but some
companies just wont be too open to sharing the public cloud infrastructure with
other companies. Private cloud also ensures there is in-house management
accountability of the cloud service, which is ideal in larger organizations.
However, from my point of view, this system can lead to security and
confidentiality issues if the system is not well secured and if Denver Health
doesn't have a reliable relation with its cloud supplier (Microsoft).