"… integrate information and processes across the organization … by defining, enhancing, and maintaining a standard XML-based framework that will enable the collection, detection, isolation, and remediation/optimization of the operational or business characteristics of complex systems with applicability to both IT and non-IT domains including operational and service management, governance, and security."
If that paragraph proves difficult to digest, the overview goes on to say more succinctly:
"SAF is intended to provide a common language for exchange of event-driven data in a distributed-computing, multi-vendor environment."
In other words this is either a DSL or XSDÂ for "control events", of the type handled by TIBCO's CEP-based ActiveMatrix Service Performance Manager (i.e. the autonomic services' performance policy engine) and its cloud (TIBCO Silver) oriented derivative. So it should certainly be targeting complex event processing of these control events.
The SAF Charter explains the SAF goals further as:
"Ensure that the specifications can be applied to various sources of event data, enabling a methodology to perform pattern matching, diagnostics, and analysis in order to achieve a timely and accurate resolution of a wide range of IT and non-IT situations."
Sounds possibly a little wide-ranging, but we assume the 3 (as of Oct09) member organizations know where they are going with this.
The charter goes on to describe the medical-based terminology used in SAF, includingÂ "symptom" as a current state, "syndrome" as a collection of symptoms, "protocols" used to generate "prescriptions" which in turn are (data) used to confirm, remediate or optimize a syndrome. Syndrome confirmation is (naturally enough!) via a "diagnosis" effected throughÂ "validating Symptoms". One wonders what ailments the authors had when coming up with this healthcare-analogous vocabulary!
The architecture roles mentioned also stay in the "doctors and nurses" theme: we have a Syndrome and Protocol Catalogs, a Symptom Store, a Diagnostician, a Practitioner (to administer Prescriptions), and a Case Manager (general manager). Probably someone could do a reasonable mapping of these to the EPTS Glossary and Architecture work…
Looking at the White Paper from the SAF docs collection we see a much closer correlation to the CEP world with use cases of "Denial Of Service attacks" (a.k.a security), "identity theft" (i.e. fraud), energy industry "data analysis", and manufacturing "process optimization".
Overall this looks an interesting effort - interesting in that the authors have found a compelling reason to develop the SAF standard, rather than the content itself - but one would expect that persuading end-user organizations to comply with a SAF approach to automating diagnostics and remedies will be a tall order. If the standard does prove compelling, then Complex Event Processing tools like TIBCO BusinessEvents should have no problem in reading SAF payloads, applying SAF roles and implementing SAF-type implementations. So one to keep an eye on, then…
- SCA for Event Processing and PubSub…
- Cloud Event Processing vs Event Cloud Processing?
- Event Processing Languages in CEP