Right now the implementation of SOAs seems involve much more hype than actual work. However, there are some patterns beginning to emerge, or, procedures the implementers are doing right to insure success. These patterns are not always obvious, so perhaps this is a good time to learn through the successes of others and do our own homework before we spend millions on moving to an SOA.

It's also important to note that our thinking is always evolving. As we learn what works, or perhaps more importantly, what does not work, we get closer to near perfect implementations that bring huge value to their enterprises or problem domains. Granted, some of this is trial and error. Let's explore each emerging pattern.

1.  Focus holistically, act locally
SOAs are all-encompassing architectures, not mere projects, and those who consider them "projects" are doomed to failure. You're in for a pound when implementing an SOA due to the fact that, the more penetration the architecture gets, the more value it has within the enterprise.

However, since an SOA is the sum of its parts, you must consider the component parts as well, including notions such as identity management, semantic management, orchestration, etc., and how each part makes up the larger solution. An SOA is only as good as the weakest component, and neglecting a component will kill an SOA before it gets off the ground.

2.  Define the value
As technologists we don't always want to make business cases for the technology. Indeed, we have a tendency to leverage the most popular technology without regard for how its use will affect the bottom line - not a good practice if you want IT to have a strategic position within an organization.

We build SOAs because they provide an infrastructure for agility, or the ability to change processes in support of a changing business, or both. They also allow for reuse: the ability to reuse application behaviors from system to system without having to port and retest code. Your ability to define a business case around these notions needs to occur before you begin your movement toward an SOA.

3.  Don't neglect service design
At the end of the day, services are small, specific applications and need just as much attention paid to design. If SOA supports composite applications and composite processes made up of services, then the overall design of services will determine the overall success of things made out of those services...it's just that simple. Tried and true design techniques are applicable for service design as well. Please use them.

First and foremost, services should be designed for reuse. Services become a part of any number of other applications, and thus must be designed to provide behavior and information, but not be application specific.

Services have to be designed for heterogeneity. Web services should be built so that there are no calls to native interfaces or platforms. A Web service, say one built on Linux, may be leveraged by applications on Windows, Macs, even mainframes. Those that leverage your service should do so without regard for how it was created, and should be completely platform independent.

4.  Leveraging a legacy is unavoidable
Embrace your legacy systems. In fact, they may be the majority of services that you leverage within your SOA. This means service-enablement of systems that you would consider old and outdated, but indeed serve a purpose within the business and thus serve a purpose within your SOA. Those who attempt to displace and replace existing systems, just to support new technology, are destined to make their work much more complex and far reaching than it need be.

5.  Remember the semantics
If you don't understand application semantics, or, simply put, the meaning of data, then you have no hope of creating a proper SOA. You must understand the data to define the proper integration flows and transformation scenarios, and provide service-oriented frameworks to your data integration domain, which means levels of abstraction, as well as how data is bound to services.

You must always deal with semantics, and how to describe semantics relative to a multitude of information systems. There is also a need to formalize this process, putting some additional methodology and technology behind the management of metadata, as well as the relationships therein.

6.  The proper place for orchestration
For our purposes we can define orchestration as a standards-based mechanism that defines how Web services work together, including business logic, sequencing, exception handling, and process decomposition, including service and process reuse. Orchestrations may span a few internal systems, systems between organizations, or both. Moreover, orchestrations are long-running, multistep transactions that are almost always controlled by one business party, and are loosely coupled and asynchronous in nature. While all SOAs don't need orchestration, most do, and you must find the right fit and application.

7.  Security soaks in as you execute; it's not an afterthought
So, why do we need identity management? Also, why do we need to think about this stuff during the creation of our SOA? It's a fact that Web services are not for internal use anymore, and those who leverage Web services (consumers), or produce Web services (providers), need to be known to each, else we risk invoking malicious or incorrect behavior, which could cost us dearly.

Identity is important in the growth of sensitive data and confidential relationships online. If lacking identities, there is no way to provide certain users with access to certain resources. These relationships are complex, and can't be understood and created after the SOA is complete. The design of security is systemic.

8.  Classify the patterns of use
As we build an SOA, we need to determine how the SOA will be leveraged within the enterprise - not only now, but in the future. Thus we need to determine patterns of use for several reasons, including:

• Understanding the value of the SOA
• Understanding how we will test the SOA
• Understanding how we can improve the SOA

10.  Don't skimp on testing
To insure proper testing, a test plan will have to be put in place. While a detailed discussion of a test plan is beyond the scope of this article, it is really just a step-by-step procedure detailing how the SOA will be tested when completed, using all of the patterns already discussed. A test plan is particularly important because of the difficulty of testing an SOA solution. Most source and target systems are business-critical and therefore cannot be taken offline. As a result, testing these systems can be a bit tricky.

New patterns continue to emerge, and each SOA is unique and deserves careful consideration. However, these patterns should provide a good base on which to plan your next SOA.