An IoT doorbell

Flic button stuck to front door

Press me! Go on!

I live in a council estate which has recently undergone a snazzy renovation, with economies of scale that seem to have included the bulk purchase of a wireless doorbells, all of which are competing for a very small pool of frequencies. This means that a visitor to anyone’s house within range results in a mass summons of householders to their front doors.

Although this is the perfect excuse for curtain-twitching, it’s quite annoying. So when I heard about the Amazon IoT button (£22.99 from, er, Amazon), I wondered if I could use it as a solution. The IoT button can be used to trigger an AWS Lambda, which I could have used to send a push notification to an old Android phone I have knocking about, and I could then have written an app to respond to the push notification and played a sound.

However, the fact that the AWS IoT button has a non-replaceable battery and is designed only to last for 2000 clicks put me off, even though we aren’t really popular enough for this to pose much of a problem. So I looked around for alternatives and came across the Flic button, a Bluetooth Low-Energy button with a replaceable coin battery, out-of-the-box integrations with lots of things such as Ikea smart lights and If This Then That, and, more excitingly, an SDK which I could use to make my Android phone respond to button-pushes with custom logic.

The button is accompanied by a free app which you can use to pair your phone or tablet and manage your integrations. In Android, the app sends a Broadcast Intent out whenever it receives a message from the button; you can then create another app which subscribes to these broadcasts and takes a custom action. The Flic website has a great tutorial which provided everything I needed except for the few lines of code needed to get my phone to ring – i.e. my custom action. The iOS version of the app came with a ‘virtual Flic’, which I assume provides the ability to test your integrations without buying an actual button, but this feature is absent from the Android app for some reason.

I ordered my Flic button for £19.99 from Ryman’s on Sunday evening, used free click-and-collect and picked it up on Wednesday. (Only the turquoise one was £19.99; the button is also available in black and white, but these more blendable colours were £29.99, so that’s the explanation for the hideous visual assault on our visitors depicted above.) I started writing the Android app on Tuesday evening, and couldn’t test it without the physical button, but it worked with only the tiniest of tweaks to my custom logic once the I had picked the button up. All in all, the project has taken 5 days from conception to installation (i.e. sticking it to the door) which must be a record for me, because I hardly ever finish anything. And this all the more remarkable for the fact that I’ve never done any professional Android development, and haven’t done even any amateur stuff for 2 years. Bottom line – IT’S EASY!

You need to log into the Flic app to register your buttons, and you need to download a developer key and secret from the Flic site and put it in Android app when you subscribe to the Flic broadcast. However, the solution works without the phone being connected to the internet, which is marvellous, because it means I can remove the Wi-Fi key and all my personal info from my phone, so that if there are any insecurities on Bluetooth Low-Energy allowing an attacker to gain access to my phone via the doorbell, they still won’t be able to get on to the home network or steal my emails.

Maybe the biggest threat in this solution is that someone will steal the button itself. The glue isn’t very strong, and there’s nothing that prevents it from being paired with another device. But, as the people who live on my street are frequently reminded, that’s also true of a normal wireless doorbell.

Running plain JUnit tests with Resource files in Android Studio

I’m currently writing a podcast app for Android in my spare time. I haven’t yet read any books or done any courses on it yet, though I’ve signed up for a Coursera course called ‘Programming Mobile Applications for Android Handheld Devices’ in the hope of learning some theory behind what I’m thrashing out. So I’m not quite sure what the standard practices are for unit testing. The way an Android project is set up by default is that the tests have to run on a device or an emulator (and I’ve never got the emulator to work.) This feels strange to me – the .NET orthodoxy is that you should be able to test logic independently of the platform it runs on. So I’ve split up my Android project into my main ‘App’ module, which contains all the things which depend on hardware, such as UI, network and storage, and some pure Java modules containing the business logic, such as how to retrieve objects from the SQLite database and how to parse podcast XML into Java objects.

podcastAppStructure

Yesterday I was writing testing my XML parsing logic, so I put a test XML file inside my test assembly as a resource:

TestPodcastXml

And I tried to load that resource in my test:

    @Test
    public void canReadSerial() throws IOException, XmlPullParserException {
        
        InputStream xmlInputStream = getClass().getClassLoader().
              getResourceAsStream("serialPodcastXml.xml");

But when I ran the test, I kept on getting a NullPointer inspection. The file was definitely in the jar – I checked by finding the jar in the filesystem and ran jar tf to list its contents.

The problem turned out to be that when Android Studio runs the tests, it runs the classes from the .class files rather than from the jar, and so therefore it couldn’t find the resource file. So after a bit of trial and error, I came across this solution:

  • Go to the .iml file of your test package
  • Find this section:
<component name="NewModuleRootManager" inherit-compiler-output="false">
    <output url="file://$MODULE_DIR$/build/classes/main" />
    <output-test url="file://$MODULE_DIR$/build/classes/test" />
  •  Replace the url attribute of the <output> element:
<component name="NewModuleRootManager" inherit-compiler-output="false">
    <output url="file://$MODULE_DIR$/build/libs/<YOUR MODULE NAME>.jar" />
    <output-test url="file://$MODULE_DIR$/build/classes/test" />

This means that the tests will run from the jar rather than the class files, and you’ll be able to access your resource files. I don’t know if this has any unwanted side-effects, but it’s working for me so far.

Django/ASP.NET MVC Dictionary

Although I’m usually a .NET stacker, I’ve recently been experimenting with Django, a Python-based web framework, because at work we’ve been trying out Sayit, a transcript-rendering tool from mySociety which comes in a Django app. From my limited viewpoint I’m pretty impressed with Django as a tool for building websites quickly. I did the tutorial and I particularly liked the fact that it auto-generated back-end admin pages for you, and (even better) that these could be customised easily using proper code. I have even less knowledge of Microsoft Lightswitch, but it feels as though they’re trying to do the same thing except that Django is more cody and more powerful – unlike Lightswitch, you can’t get anywhere with Django without coding, but you could actually use it to build a public website rather than it being limited to internal-facing business applications.

Anyway, despite the fact that the Django documentation says that it’s not really an MVC framework, I was struck by the similarity of the architecture with ASP.NET MVC, and also the difference in the terminology between the two frameworks. So I’ve written a little dictionary to translate between the two. I particularly like the fact that an ASP.NET MVC Action is analogous to a Django View. 

 

ASP.NET MVC Django English
Model Model A class which encapsulates part of the business logic of the application and usually contains data fields which get persisted in a database.
View Template HTML template which is filled in by the ASP.NET MVC ViewModel / Django Context before being served to the client.
Controller App (arguably) A collection of handlers usually relating to one Model in ASP.NET MVC, and a closely related set of Models in Django. Only a loose analogy.
Action View A handler for an HTTP request, taking in data from the user, getting it processed, generating an appropriate ViewModel/Context for the response, allocating a View/Template and passing it back to the user.
Routes Urls The logic which maps browser URLs to ASP.NET MVC Actions / Django Views.
ViewModel Context The data that is shown on an ASP.NET MVC View/ Django Template. In some MVC applications the ViewModel is the same as the Model, but often the display logic is a bit different from the business logic, so it’s useful to distinguish between the two.
Layout Base template A skeleton page containing resources and layout used throughout a site: stylesheets, references to JavaScript libraries, <HEAD> and <BODY> tags and standard links such as Home, About, Contact us, Terms of Service etc.
Partial View Sub template An HTML fragment which does not form a standalone page in itself but can be used as part of other pages.
Area App (arguably) In ASP.NET MVC, an Area is related set of Controllers and associated Views and Routes that is partitioned off from the rest of the app. In Django, an App is an independent set of Models, Templates and Views which can be plugged into a website. Only a loose analogy.

 

Stateful Systems

National sovereignty is a hot topic at the moment. In the United Kingdom, we are shortly going to have two public votes on the issue: in September on whether Scotland should be an independent country, and in May on whether we agree with Nigel Farage that we should leave the EU. (The former vote is overtly on the Scotland issue, but the latter will be disguised as the European Parliament elections.) Further afield, a part of Ukraine has controversially chosen to join Russia. And in the office, I have been debating with developers over whether new functionality should be an extension of an existing application, or whether it should stand alone.

Does the previous paragraph seem to hang together as a coherent, logical whole? Perhaps not, but I hope it will after you’ve read this post, because I’m proposing geopolitics as an analogy to help talk about systems architecture.

Before I start, I’d like to point out the limitations of this analogy. It’s an illustrative, rather than a predictive, model. So you won’t be able to deduce my views on Scottish independence based on whether or not I say that a particular piece of business logic should be moved out to a service; nor should you tweet about my scandalous opinions on how heavy-handed EU regulations should be because of what I say about standards for RESTful services. I just think it might aid communication, particularly with non-technical managers and newbie techies, both of whom will probably be more familiar with politics than systems architecture.

The basic metaphor is that an application is a sovereign state. For the purpose of argument I shall here define an application as a set of files, database schemas and other configuration settings which all need to be released at the same time.

Here are some derived metaphors:

  • Inter-application communication is import and export trade.
  • The collection of standards governing application interfaces and messaging is international trade law.
  • Standards and conventions internal to applications are national laws and culture.
  • Standards imposed across all applications, such as sticking to a limited set of programming languages or components, are international laws or principles, such as the UN Universal Declaration of Human Rights.
  • Enterprise architects are supranational bodies, such as the UN.

And here are a couple of examples of points that this analogy helps illustrate.

Smaller applications can be changed more quickly

We know that the smaller applications are, the easier they are to adapt and refactor, and the same is true of nation states. I was recently listening to a Radio 4 programme on Estonia, which described how all interactions with the state, including healthcare and voting, could be done online. Now this is no mean achievement, but it is easier in Estonia, a country of 1.34 million citizens, than it is in the UK, where a project to store patient records electronically was conceived in 2002 and was dismantled in 2011 without having achieved its aim.

It’s more attractive to create small applications when integration is easy

In his Undercover Economist column in the Financial Times, Tim Harford relates the tendency over the last 70 years for countries to split up rather than join together to the progressive lowering of trade barriers since the end of the second world war. The theory is that in an environment in which trading between countries is expensive and difficult, it’s better to be part of a large empire to improve access to markets, but when international trade is cheap and easy, states aren’t punished economically if they choose to split up into smaller units. From a systems architecture point of view, if it’s difficult to create application interfaces – perhaps because you don’t have software libraries to help you create services, or because your organisation requires you to go through several governance boards before you are authorised to create a service endpoint – you’ll be tempted to create monolithic applications.

And extending the metaphor, we can categorise certain types of software systems as geopolitical entities:

If you have a subset of applications adhering to a common set of policies, it’s the EU

Sometimes the output of a particular programme or business area may be a suite of applications, each one being a stand-alone entity, but sharing a common set of standards, over and above those required by the enterprise. For example, applications may share a set of XML schemas for defining their APIs, or they may be built on a common framework. I think the EU is a good analogy to this – each country in the EU is a sovereign state, but adheres to EU law affecting internal standards, such as minimum cage sizes for hens, and international interfaces, such as our all having a burgundy passport.

The USA is an application platform

Some businesses have lots of separate units of functionality running on a single platform, such as SharePoint or SalesForce. The platform provides utility functionality, such as user authentication and database storage, which are used to help build functionality more quickly and provide a uniform user experience. So, for example, SharePoint might contain a timesheet system, a recruitment tracking page and a wiki, none of which could survive outside the SharePoint ecosystem. I think this is like the United States, with the platform being the federal government and the individual business applications (OK, I wanted to avoid this, but here I’m introducing Application (2): something a platform is used for) being the states.

I’m trying to think what the Cayman Islands or Monaco (sovereign states which have very low rates of tax for doing certain things) could be. The big cheese’s pet platform, which is pre-approved and therefore has has relaxed governance, perhaps?

Finally, I feel as though I should write some words to justify introducing a new analogy, when systems architecture already has a perfectly serviceable canonical analogy: Proper Architecture! In this realm, applications are buildings, classes are features such as windows and doors, and interaction between applications is modelled by things like streets, electricity wires and water pipes. I feel a bit like Microsoft when they supplemented their implementation of the W3C’s standard XML DOM with their homegrown LINQ to XML interface. Why introduce something new when there’s nothing wrong with what we’ve got?

Well, I just think it won’t hurt, and it might help. Firstly, lots of people are more interested in politics than they are in buildings, so they might be more receptive to an analogy with a harbour than an architrave. Secondly, software feels very dynamic, and so do countries, while buildings seem a little static – they aren’t, of course, being full of internal movement and flows in and out, but that’s just they feeling they evoke within me. And finally, I think it’s quite fun to think about what sort of application countries would be. What could China be? What’s Vatican City?

Android, my new cool companion with dodgy friends

Google has made its money by gathering the world’s personal data, and now, in Android, it has generously created a platform to allow small-time devs to do the same. Or so it feels to me at the moment.

I recently purchased a Samsung Galaxy Note 10.1 (2014 edition) so that I could write a dinosaur-themed letter recognition game for my son. (The development isn’t going too badly; I’m using Corona, which is a 2D engine which provides gravity, animations and collisions and stuff, and allows you to program logic in Lua, which is a scripting language that’s new to me and I think will give me an opportunity to implement all those JavaScript patterns I read about in Douglas Crockford’s JavaScript: The Good Parts. But that’s another story.) Now, I went for Android rather than buying an iPad because I had read in the Financial Times that the youth of today consider Android to be cooler than iOS. (I’m afraid I can’t find the article anywhere, though.) Also I do have an iPhone and a MacBook and I didn’t want to have only Apple devices: it would feel a bit like being one of those girls in the 90s who would buy every Take That single on cassette, 7″ vinyl, and two CD formats.

The device itself seems fine, although I haven’t done that much on it. And the reason I haven’t done that much on it is that I’m too paranoid to install anything. Everything I’ve tried so far seems designed to steal my information or other resources. For instance, the first thing I tried installing was Facebook. I like using Facebook on the iPhone, although I do think it is overstepping the mark in asking to access all my photos (it could easily allow me to upload pictures without asking for any special permission.) But I was quite shocked at the permissions it asked for.

Image

Read my text messages? (Not relevant to a tablet, but anyway, pretty audacious.) Send emails to guests without owners’ knowledge? Add or remove accounts, create accounts and set passwords? No thanks. Except, unfortunately, on Android you don’t get the opportunity to say ‘no thanks’ to individual permissions, you have to accept them all or forgo the app altogether. (It looks like there were once moves to allow you to cherry pick permissions but no longer.) I much prefer iOS’s model, whereby all apps by default have limited access, and have to ask for anything more. This allows users to try apps to see if they’re any use without elevated permissions, and encourages developers to degrade gracefully if permissions aren’t available.

So I wasn’t going to use my tablet for Facebook. Another thing I wanted was a drawing app so I could entertain my son by creating pictures of dinosaurs. So I looked for a drawing app on the Play store. There were many of them, and I couldn’t see a way of filtering them, even by whether they were paid-for or free. Clicking on a few random apps – even the paid-for ones – showed that most of them asked for network access, which is perhaps reasonable for serving ads, but I didn’t know whether they were intending to generate revenue in this relatively innocent and up-front way, or do something more nefarious such as launch a distributed denial of service attack on a site or use my computational power to mine Bitcoins.

The Play store isn’t the only game in town on Android; there are rival app stores, including Samsung Apps, which is installed by default on my Samsung device. Perhaps that would give me a better, safer experience. The Wikipedia page states

Unlike some other Android application markets, Samsung Apps validates all third-party applications for malware and harmful content before making them available for download or purchase through the store. This validation process includes verification of installation permissions.

Which sounded promising, although there weren’t any citations. So I gave it a go.

One of the first things I need to do was create a Samsung account. Hurrumph. I hate creating passwords, because I try to make them all different for different sites, and then I forget them. However, it offered me the option to ‘Use [my] Facebook info’. Hurray! I love single sign-on.

Image

So I logged into Facebook which told me that Samsung wanted to know several things about me of varying degrees of reasonableness.

Image

I did baulk at ‘friend list’, but I agreed in the name of convenience. But then I was sent back to the Samsung Account screen and found that I still had to enter a password! All that had happened was that the email, date of birth, first name and last name fields had been populated. I had sacrificed my and my friends’ privacy for the sake of not having to fill in four fields. Sorry, Facebook friends.

So now I was finally in a position to download a Samsung App. I had a look at ‘Coloring Pages for kids’, but I found that it required the following permissions:

Image

Which is all very suspicious. Why does it need to monitor, record and process phone calls? What’s the non-malicious motivation for that? What does it want to do with the other applications on my device? It doesn’t look as though it’s sensible to trust the anti-malware claim made on the Samsung Apps Wikipedia page.

So in summary, it seems as though everyone is out to steal information, CPU or network access on the Android platform. Perhaps this is an inevitable consequence of it being difficult to make money legitimately out of it. Which is sad. I may be being idealistic, but here are my recommendations:

  1. [Most important by far!] In the App stores, make it possible to filter apps by the permissions that they demand. If I could filter out all the apps that demanded, say, details of my contacts and phone calls, I wouldn’t even see the malicious apps, which would have several benefits:
    • It would make it easier for users to find benign apps.
    • It would support indie developers. At the moment the only assurance I have that an app is likely to be safe without going through the process of clicking into it, pressing Install and viewing the permission list is that it’s from a reputable company. Clicking in to view the permissions is a tedious process so I avoid it, and go for famous names instead. I’d be much more inclined to try indie apps if they were items in a pre-filtered safe list.
    • It would make malicious apps less profitable.
  2. Allow users to pick and choose permissions, as on iOS. Again, this would help indie developers because people like me would be more inclined to use apps from unknown sources if they lived in a sandbox
  3. Allow apps to serve up advertising content without demanding the blanket permission of ‘Network Access’. I would be fairly confident about allowing an app to access the network if I knew that all it was going to do was open up a browser frame and serve a static HTML page, or even one with Javascript in it, as long as it couldn’t access arbitrary information on my device.
  4. Implement some sort of same origin policy, in which an app has to declare which domains it can access.

P.S. After I started this article, I did return to the Play store and settled on Autodesk SketchBook Pro for my drawing app because it had good reviews, and as it cost £3.03 and was from a reputable company I thought it probably wouldn’t resort to stealing my CPU to make ends meet, even though it does demand network access.

A font-free skin for TinyMCE version 4

Since my last post, I’ve been doing another Coursera course, this time one called Computing for Data Analysis, by Roger Peng of John Hopkins University. It was an introduction to the statistical programming language, R, and I wanted to do it because I thought it would increase my potential for answering questions on StackOverflow. Sadly I think there are too many very qualified people watching the topic and the people asking the questions are too sensible for a person with shallow knowledge to be able to pick up points. But it was good, nonetheless. Two of the most generally useful things I learnt were:

  • R isn’t suitable for crunching Big Data, because all the data points are held in RAM;
  • What ‘lexical scope’ is. (Finally!)

Intriguingly, the final exercise involved analysis of the police records of the 1250 homicides in Baltimore (the home town of John Hopkins) in the period between 2007 and 2012. Is it the university’s policy to encourage distance learning?

Anyway, enough about my life. I thought it would be worth a little post to say what I’ve been doing over the weekend, which is creating a new skin for the popular browser-based HTML editor, TinyMCE. At work we’ve been using the default ‘lightgray’ skin, but we’ve come across a problem with some of our users. What should look like this:tinyMCEIcons

actually looks like this:

tinyMCENoIcons

It’s not hard to see the problem. All the icons have disappeared, which kinda reduces the usability of the editor.

The reason for this problem is that the icons aren’t normal images, they’re actually characters in a special font which has been embedded using the CSS @font-face rule. This is a nice idea for at least two reasons:

  1. you can get lots of images with just one download, and thus load faster,
  2. fonts are designed to scale nicely, so they’re a bit like scalable vector graphics, but supported on older versions of I.E.

But unfortunately we have a few users who are using a locked-down installation of Internet Explorer which is set not to download fonts. And, unlike many of the woes relating to developing for IE, this problem isn’t fixed by later versions. IE 11 also allows font downloads to be blocked.

So all I’ve done is create a new skin which uses CSS sprites rather than fonts. I converted the fonts (there are two, one for normal buttons and one for slightly smaller buttons) to sprites using the excellent IcoMoon site, and then edited the icons.less and icons.ie7.less files in the original lightgray skin to refer to the sprite rather than the font. So where there had been a rule like this before:

.mce-i-paste:before          { content: "\e008"; }

I changed it to this:

.mce-i-paste          { background-position: -384px -64px; }

I had to do this for 53 icons, so I’m now quite a lot better at my 32 times table.

The results are pretty good – the only difference between my skin and the original I can discern is that there isn’t an embossed effect on the icons for the font-free skin. It might be possible to fix this by putting a disabled HTML element showing the same image underneath each icon and offsetting the lower image by one 1px. But I am not bothered enough to do this. Besides, 3D effects in UIs are OUT OF FASHION.

Spot the difference - fonty above, font-free below.

Spot the difference – fonty above, font-free below.

I’ve put the skin on my BitBucket. I need to write a readme telling you how to compile it if you need to (although it will actually work if you just put all the code into your TinyMCE skins directory and add skin: ‘lightgraynofonts’ to your tinyMCE.init function) and I need to work out what legal stuff to put in. TinyMCE is under the Gnu Lesser GPL v 2.1, so I would guess that my skin is as well. I do mean to submit it to the TinyMCE site once it’s all been tested by a professional tester.

What I have learned from my TOGAF 9.1 course

Besides being what Fergie used to do in the nineties, TOGAF is a method for enterprise architecture, and a couple of weeks ago I went on a TOGAF 9.1 Foundation and Certified course. My interest was exploratory rather than targeted: I wanted to hear a view on how to do architecture properly without really expecting to execute it myself at any point soon. Here’s a summary of some things I learned from the course.

  • Drawing lots of diagrams of the same thing for different audiences is an inescapable part of being an architect. This is a disappointment to me because I find drawing diagrams quite difficult, and maintaining multiple diagrams representing a changing system is even more difficult. There are two solutions to the problem of maintenance, and I don’t think either is possible to reach perfectly:
    1. Only start drawing multiple representations when the system isn’t going to change at the level at which you want to draw the diagrams. (Although you will still need to make many drafts of your master diagram: the one that represents your viewpoint.)
    2. Get an architecture repository which can auto-generate nice projections of systems for appropriate audiences.
  • This isn’t part of TOGAF, but I first heard of spider diagrams, which are a way of comparing two or more different solutions, each of which is evaluated in various ways.

Image

Definitely one for the business toolkit rather than the science one. If you can mentally translate them into a simple bar chart, like the one below, then fine.

Image

If not then they can be a bit misleading. For one thing, if there are more than three aspects to compare, the area covered by each option is affected by the order of the spokes. Look at these two solutions:

Solution 1 Solution 2
Cost 10 10
Maintainability 1 10
Usability 10 10
Coolness 1 1
Performance 10 1
Customisability 1 1

Both solutions have an equivalent numerical score, but look very different on a spider graph: solution 2 covers more than a third of the hexagon whilst solution 1’s area is close to zero.

Image

The other problem is them is that they don’t allow you to weight the importance of the various aspects very well. However, this weighting is something that tends to happen in each individual stakeholder’s mind, so providing the raw data (like this or in a bar chart form) is probably more politically advisable. And, as my father pointed out to me this evening, they do actually allow you to put different units on each spoke, which is much more difficult in a bar chart.

Arguably the point of a diagram is to be interesting and pretty enough for someone to actually look at it, so perhaps it doesn’t matter that spider diagrams can do misleading things with areas as long as they’re sufficiently novel to get a busy important person to look at them long enough to read the figures.

In the same vein, the instructor told us about ‘tube map’ diagrams, which don’t seem to have to mean anything in particular as long as they’ve got circular intersections and thick coloured lines, like the example below.

Image

Besides being founded on the superlative clarity of the tube map, they doubtless draw their effectiveness from the fact that most of their audience are, or have at some point been, commuters or international travellers, and so have developed an unconscious attaction towards anything that might help them travel more efficiently. This fact is ruthlessly exploited by the advertisements on the London Underground, which use tube-map analogies to advertise everything from homeless charities to cold remedies. (Note to any advertisers who happen to be reading this techie blog: it’s best to obey the grammatical rules of tube maps. For example, all lines should be horizontal, vertical, or at 45 degrees and the corners should be arcs of small circles: if you can’t make it with a wooden BRIO train set, it ain’t right. If you break the rules you risk putting off your audience, unless you’re doing something clever by subverting the format, such as showing how a drunken night can go hideously off course by going all swirly towards the end of the line.)

  • The exam is probably a bit too easy to be able to use it to draw any conclusions about the effectiveness of certified architects or TOGAF course instructors. (I haven’t actually taken the exam yet.) There are two stages to it: Foundation and Certified. Both are multiple choice.

Foundation is all about terminology, and requires a bit of rote learning (e.g. the Architecture process consists of ten phases, eight of which are drily called Phases A-H, and you have to remember which letter of the alphabet corresponds to which inputs, activities and outputs).

Certified involves reading various scenarios and choosing one of four options about what the action of a TOGAF enterprise architect would be. This could be a good test of understanding, but the mark scheme is such that if you can eliminate the two least likely answers from each question then you’re certain to pass, and in fact even if you’re only able to eliminate the least likely answer, your expected result is still the pass mark. And, from the fake test that my course provider gave me, it looks as though they always put howlers of answers in which are easy to spot if you’ve learnt your TOGAF terminology.

  • The opinion that enterprise architecture is expensive and ineffective is not universally held. However it is sufficiently widespread that a significant part of the course was about learning to sell the benefits (higher-quality and cheaper IT) to management.
  • An architecture respository is essential if you want to be able to work out what systems could be affected by changes you are considering making to your enterprise architecture. This makes sense to me, because the alternative system – asking people who were there when the system was first implemented – doesn’t seem to work very well.
  • I learnt a process for doing architecture. I don’t think I’ll be executing it rigorously in my current workplace, as that would require cooperation with others and the consequent need to become a TOGAF bore, but I do plan to turn it into a checklist to see whether we’ve done everything that the process suggests should be done.