October 15, 2009—System and software architects and developers face some unfamiliar challenges in the design and implementation of service-oriented systems. A new course from the Software Engineering Institute, Advanced Topics in Service-Oriented Architecture, provides guidance in four key areas: architecture and design, governance, security, and testing.

The course shows why the service-oriented system needs to be architected as a whole in order to meet system quality requirements and take advantage of the loosely-coupled, stateless, standards-based characteristics that drive SOA adoption.

The course also provides insight about the general-purpose frameworks that provide models, procedures, and tools for SOA governance. A critical problem discussed is how an organization should customize vendors' offerings to its specific technological and management context.

In addition, students will learn that service-oriented systems are exposed to a greater level of security threats, because of requirements for identity management, secure service composition, and trust in third-party services. Security mechanisms have to be architected into service-oriented systems and security policies have to be defined and enforced via SOA governance.

Finally, the course shows that the challenge for testers of service-oriented systems is that testing needs to take place at different levels and for each system component. In SOA environments, system components are distributed, deployed on heterogeneous platforms, and often not even available. There is often not a single owner of a service-oriented system.