Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Advanced Topics in Service-Oriented Architecture

The goal of this course is to provide guidance in the following areas

  • architecting and designing service-oriented systems
  • implementing SOA governance
  • securing service-oriented systems
  • testing service-oriented systems

If implemented correctly, SOA adoption can provide business agility, reuse of business functionality, and leverage of legacy systems for an organization. The key word in the previous statement is "IF". There is still widespread belief that SOA can be implemented "out of the box", that SOA is all about technology, that securing service-oriented systems is accomplished via "out of the box" tools, and that testing service-oriented systems is no different than testing any other type of system. The reality is that

  • Service-oriented systems are composed of services, service consumers, and a SOA infrastructure that connects service consumers to services. The only component that can sometimes be implemented "out of the box" is the SOA infrastructure. However, SOA infrastructures are usually composed of a set of products as opposed to a single product in order to meet system quality requirements. The system as a whole needs to be architected in order to take advantage of the loosely-coupled, stateless, standards-based characteristics that have driven SOA adoption and at the same time meet system quality requirements.
  • SOA governance is the set of policies, rules, and enforcement mechanisms for developing, using and evolving service-oriented systems, and for analysis of their business value. A well-known problem in the SOA community is the need to establish effective SOA governance procedures to enable an organization-wide SOA initiative. A number of organizations and vendors address this problem through SOA governance frameworks that provide models, procedures, and tools for SOA governance. Many of these SOA frameworks are general purpose because they are intended to be useful for a diverse customer base. However, while designed for a wide customer base, vendor SOA frameworks tend to be are narrowly focused to work with the specific tools of the vendor. A critical problem for an organization when implementing SOA governance is to customize vendors' offerings to its specific technological and management context.
  • The security threats for service-oriented systems are not new or different; it is the level of exposure that is greater. Issues such as identity management, secure service composition and trust in third-party services become important requirements in this type of system. Security mechanisms have to be architected into service-oriented systems and security policies have to be defined and enforced via SOA governance.
  • In SOA environments, system components are distributed, deployed on heterogeneous platforms, and often not even available. There is often not a single owner of a service-oriented system. Because service-orientation projects have a primary goal of integration, the line between functional testing, integration testing and system testing is often blurred. The challenge for testers of service-oriented systems is that testing needs to take place at different levels and for each system component.

These are examples of challenges constantly faced by architects and developers tasked with the design and implementation of service-oriented systems.

Who should attend?

This course is valuable for:

  • System and Software Architects
  • Project Managers and IT personnel responsible for SOA implementations
  • Developers of service-oriented systems


The following topics are covered in this class:

  • Architecture and Design of Service-Oriented Systems
  • SOA Governance
  • Security Considerations for Service-Oriented Systems
  • Testing in SOA Environments


This class provides a starting point for people tasked with the design and implementation of service-oriented architecture in the following areas:

  • architecting and designing service-oriented systems
  • implementing SOA governance
  • securing service-oriented systems
  • testing service-oriented systems

Completion of this course fulfills a training requirement for the SEI's SOA Architect Professional certificate program.


Before registering for this course, participants must have successfully completed Service-Oriented Architecture: Best Practices for Successful Adoption or obtained an SEI waiver acknowledging equivalent service-oriented architecture knowledge. All requests for waivers must be submitted to prior to the start of the course and should detail educational background and SOA professional experience.


Class participants will receive copies of the course presentation slides. Exercise solutions will be distributed at the conclusion of the class.


This two day course meets at the following times:
Days 1-2: 8:30 a.m.- 4:30 p.m. (US Locations)
Days 1-2: 9:00 a.m.- 5:00 p.m. (non-US Locations)

Course Details

This course may be offered by special arrangement at customer sites.

For More Information

Phone: 412-268-7622