Methodology for Complexity Reduction of IT System - Semantic Scholar

Methodology for Complexity Reduction of IT System (Adjustment of the Sessions' Methodology) K. Šolić*, D. Šebo * and F. Jović** *

**

Faculty of Medicine, Osijek, Croatia Faculty of Electrical Engineering, Osijek, Croatia [email protected]

Abstract - One way to enhance security, increase functionality and reduce costs of maintenance of the IT system is to reduce its complexity. In this work authors used Roger Sessions’ methodology for complexity reduction of the enterprise architecture and by adapting it they develop methodology for complexity reduction of the IT system. One of the aims of the enterprise architecture is to maximize the business value delivered by the IT investment so it focuses on the relationship between an organization’s IT architecture and its business architecture. Because of this tight relationship between enterprise and its IT system the adjustment of this methodology is possible. Three basic steps for the SIP (Simple Iterative Partitions) process are: partitioning of the system; simplification of the system and iteration between subsets of the system. Basics, importance and methodology of this method are more understandable to the technical engineers than to the different level managers. That is why this methodology should be first applied to the IT part of the enterprise system. However this methodology could be applied to all kind of technical and nontechnical systems for complexity reduction.

I. INTRODUCTION One way to enhance security, increase functionality and reduce costs of the maintenance of the Enterprise’s IT system is to reduce its complexity [1-3]. With losing unnecessary parts system becomes simpler and loses possible security critical areas. Nowadays cyber attacks are becoming frequent on the Enterprise’s IT systems. Because they are both security and economical issues Enterprise’s security is becoming IT’s department top concern [4]. The most common costs are: lost productivity and loss of customer trust. In this work authors used Roger Sessions’ methodology for complexity reduction of the Enterprise Architecture and by adapting it they develop methodology for complexity reduction of the IT system [5]. One of the aims of the enterprise architecture is to maximize the business value delivered by the IT investment so it focuses on the relationship between an organization’s IT architecture and its business architecture. Because of this tight relationship between enterprise and its IT system the adjustment of this methodology is possible and becomes aim of this work.

There are three basic steps in the Roger Sessions’ methodology for complexity reduction as basis for the SIP (Simple Iterative Partitions) process: 

Partitioning of the system



Simplification of the system,



Iteration between subsets of the system.

A. Mathematical background The mathematical model is simple and based on classical probability definition and is explained with dices sorted in number of buckets. Sessions’ rule of complexity can be used to estimate level of the system’s complexity: “The Complexity of a system is a function of the number of states in which that system can find itself” is: 

CS exp(V),



Where C is the complexity measure, V is number of variables and S is the number of significant state, on average, for each of the variables. Mathematical model is used in order to get reproducible process of reducing complexity. This means that one can make simulations and measure benefits before applying process on a real (business or IT or some other) system. This also means that using this guided process two independent groups of experts creating SIP diagrams of the same organization should end up with similar-looking diagrams and it should be possible to adjudicate any differences using formal rational analysis. The mathematical set theory that studies the properties of sets is used and Boolean (true/false) binary (two-member) algorithm to define relations [6]. II.

PARTITIONING

A. Definition Partitioning is the most important of the complexity control strategies. It refers to the process of taking a group of items and dividing them into smaller, subgroups of items.

The mathematical concept of partitioning describes the splitting of a universe of elements into two or more groups so that every element lives in one and only one group and does not move from one to the other. B. Five Rules of Partitioning There are five rules of partitioning with short explanations [5]: 

Partition must be true partition (mathematically divided so that any one of the items lives in one subset only),



Partition definitions must be appropriate to the problem at hand (subsets need to make sense),



The number of subsets in a partition must be appropriate (in most cases, there seems to be an optimum number of partition subsets),





The size of the subsets in a partition must be roughly equal (the elements in each partition subset should be equal in cardinality – the number of elements per subset, and stature – the importance of each element collection in each subset), The interactions between subsets in the partitions must be minimal and well defined (a reduction is dependent on minimizing both the number and the nature of interactions between the subsets of the partition).

C. Algorithm There is a mathematical set theory of partitioning related to a concept called equivalence relations based on Boolean (true/false) binary (two-member) relation over some universe of elements (a, b, c) with following three properties [5]: 

E(a, a) is always true – known as the property of reflexivity,



E(a, b) always implies E(b, a) – known as the property of symmetry,



E(a, b) and E(b, c) always implies E(a, c) – known as the property of transitivity.

Then algorithm for creating partitions from equivalence relations (E stands for equivalence relation) has eight steps and looks like this: 1.

Pick one of the elements that has not yet been assigned a subset. Element can be called as e1,

2.

Choose one of the subsets from the set of subsets. Subset can be called as S1,

3.

Choose one random element from S1. That element can be called r1,

4.

Check E(e1, r1),

5.

If the result is TRUE, assign e1 to S1,

6.

If the result is FALSE, start again at step 2 with another subset,

7.

If you exhaust all the subsets without finding a home for e1, create a new subset and assign e1 to that new subset,

8.

Continue with step 1 until all the unassigned elements have been exhausted.

The equivalence relation for enterprise architecture that is used in Sessions’ work is actually inverse equivalence relation. It is another type of Boolean binary relation meaning that whenever the equivalence relation is TRUE, the inverse of that equivalence relation is FALCE, and vice versa. Then if the most interesting equivalence relation in the enterprise architecture is synergy, the inverse equivalence relation is autonomous (which is actually used in practice) [5]. D. Applied to the IT system To apply partitioning algorithm one needs first to define equivalence relationship and it should be based on functionality of subsets. For example if one defines PC as the smallest unit and takes it through the defined partitioning algorithm it will look like this: 

In the first step PC will be named e1,



Jump to 7th step and create subset called e.g. “users personal IT elements” and assign PC into it,



From 8th step jump to first one,



Choose another element e2, e.g. laptop (or smart phone),



Choose the only existing subset S1 and the related element r1 (PC) and apply Boolean mathematics in the 4th step,



Depending on the result (in this case result is TRUE) assign e2 to the S1 subset or create a new subset,



Continue while all defined parts of the IT system are not sorted out.

The best possible result should be the one in which the elements in any one subset are autonomous with respect to the elements in any other subset and not autonomous (or they are synergistic, or similar by function) with respect to each other. III.

SIMPLIFICATION

A. Definition It is possible to additionally reduce complexity by using simplification algorithms after partitioning system. One way is to remove subsets along with their associated items and the other is to remove items from one or more subsets, leaving the subsets themselves in place. To reduce complexity it is needed to remove as much as possible both subsets and items but with balance [5]. One simple example of the simplification of a technical system would be removing bunch of unnecessary sensors and electronics in cars – they would

be less expensive and would be cheaper for maintenance, but would they be really those much less comfortable and safe. Also there would be fewer parts that can be broken and make this system not functional, and even unsafe. Example can be cheap Indian car “NANO” manufactured in Indian Tata [7]. B. Applied to the IT system For IT system removing items would basically mean removing parts that are not necessary for core business. Examples are smart phones or redundant software tools (same or similar functionality, but different vendors). Or removing complete subsets with their associated items, e.g. WLAN or web server. Those “unnecessary” parts and subsets highly complicate technical system, but they also make system more vulnerable to hackers and malicious software. Simplification process of the IT system has to have strong support and understanding from the highest management level in an organization. Otherwise top manager will buy Apple MAC again even though system is based on Linux or Windows. IV.

systems it is better to act quickly than perfectly [8]. B. Applied to the IT system From the aspect of functionality and financial fast ROI (Return of Investment) Boyd’s OODA Loop concept is definitely true, but from the aspect of security to quick deployment of the IT system can result in too many open security points. Caution is needed in order to do this with balance. V. CONCLUSION SIP methodology should be used to create a diagrammatic overview of the enterprise system. It is based on mathematical, logical, and reproducible processes, so it can be repeated by others making similar diagrams. Its goals are:

ITERATION

A. Definition Third phase in reducing complexity is the iteration. The rest of the minimally complex collection of subsets and associated items can be implemented in two ways: iteratively or noniteratively. In an iterative solution implementation goes with one partition subset at a time with full implementation till all subsets are implemented. In a noniterative solution implementation goes parallel with a bit from each of the subsets and further on bit by bit until all the bits of all the subsets are implemented.

Complexity control,



Logic-based decisions,



Value-driven deliverables,



Reproducible results,



Verifiable architectures,



Flexible methodology.

This methodology can also be good basis for the BPR process (Business process reengineering) of the enterprise [9]. It also makes possible to measure more precisely ROI (Return on Investment) of the implementation of IT system (or its new parts) and not just observer’s subjective evaluation as “good”, “bad” or “excellent” results [5]. When this methodology is applied on the IT system, it brings several different beneficences:

The iterative approach results in the delivery of a larger number of smaller pieces and the subsets of the partition roll out one at a time. While the noniterative approach results in the delivery of a smaller number (often one) of larger pieces and the subsets are all rolled out at the same time. If Pete Boyd’s OODA Loop concept is applied (Figure1), result would be that iterative approach is much more effective, meaning that in implementing complex





Better functionality,



Lower cost of the maintenance,



Lower time response needed when problem occurs,



Make better relationships with other business units,



Reduces security critical parts and entrance points.

This work is somehow based on the great Albert Einstein’s phrase: „Everything should be made as simple as possible, but not simpler” [10]. It seems that basics, importance and methodology of this method are more understandable to the technical engineers than to the different level managers. That is why this methodology should be first applied to the IT part of the enterprise system. However this methodology could be applied to all kind of technical and nontechnical systems for complexity reduction. REFERENCES [1]

Picture 1. OODA Loop diagram [11].

S.V. Kapitula, V.M. Yakubets, S.I. Shevchenko, “Improving Classification and Structure of an Enterprise’s Security”, Actual. Probl. Econ., 2010, vol. 113, pp. 137-141.

[2]

[3]

[4]

[5] [6]

E. V. Kamyshnikova, “Methods of Complex Estimation Formation for Enterprise Economic Security Level”, Actual. Probl. Econ., 2009, vol. 102, pp. 87-92. R. Murch, “Managing Complexity in IT, Part 1: The problem, InformIT Network”, Oct 1, 2004, available at: http://www.informit.com/articles/article.aspx?p=336860 (accessed August 2010). State of Enterprise Security Report 2010, Symantec, available at: www.symantec.com/about/news/resources/press_kits/detail.jsp?pk id=sesreport2010 (accessed January 2011). R. Sessions, “Simple Architectures for Complex Enterprises”, Microsoft Press, 2008. J. van Heijenoort, “From Frege to Gödel: A Source Book in Mathematical Logic”, 1879-1931, Harvard University Press, 2002, pp. 285-288.

[7]

Tata Motors Company, available at: http://tatanano.inservices.tatamotors.com/tatamotors/ (accessed August 2010). [8] J.R. Boyd, “The Essence of Winning and Losing, 28 June 1995 a five slide set by Boyd”, available at http://www.chetrichards.com/modern_business_strategy/boyd/esse nce/eowl_frameset.htm (accessed May 2010). [9] T. Davenport, Thomas “ Process Innovation: Reengineering work through information technology”, 1993, Harvard Business School Press, Boston. [10] Collected Quotes fro Albert Einstein, available at: http://rescomp.stanford.edu/~cheshire/EinsteinQuotes.html (accessed January 2011). [11] Strategy for Sustainability [12] Ph.D Research Site, available at http://strategy4sustainability.wordpress.com/ (accessed April, 2010).