Reduce Test Times and Increase Coverage with AI & ML

Kevin Surace

Chairman & CTO, Appvance.ai

With the need for frequent builds—often many times in a day—QEs can only keep pace through AI-led testing. It is the modern approach that allows quality engineers to create scripts and run tests autonomously to find bugs and provide diagnostic data to get to the root cause.

AI-driven testing means different things to different QA engineers. Some see it as using AI for identifying objects or helping create script-less testing; some consider it as autonomous generation of scripts while others would think in terms of leveraging system data to create scripts which mimic real user activity.

Our research shows that teams who are able to implement what they can in scripts and manual testing have, on average, less than 15% code, page, action, and likely user flow coverage. In essence, even if you have 100% code coverage, you are likely testing less than 15% of what users will do. That in itself is a serious issue.

Starting in 2012, Appvance set out to rethink the concept of QA automation. Today our AIQ Technology combines tens of thousands of hours of test automation machine learning with the deep domain knowledge, the essential business rules, each QE specialist knows about their application. We create an autonomous expert system that spawns multiple instances of itself that swarm over the application testing at the UX and at the API-levels. Along the way these Intelligences write the scripts, hundreds, and thousands of them, that describes their individual journeys through the application.

And why would we need to generate so many tests fully autonomously. Because applications today are 10X the size they were just ten years ago. But your QE team doesn’t have 10X the number of test automation engineers. And because you have 10X less time to do the work than 10 years ago. Just to keep pace with the dev team requires each quality engineer to be 100X more productive than they were 10 years ago.

Something had to change; that something is AI.

AI-testing in two steps

We leveraged AI and witnessed over 90% reduction in human effort to find the same bugs. So how does this work?

It’s really a two-stage process.

First, leveraging key AI capabilities in TestDesigner, Appvance’s codeless test creation system, we make it possible to write scripts faster, identify more resilient accessors, and substantially reduce maintenance of scripts.

With AI alongside you as you implement an automated test case, you get a technology that suggests the most stable accessors and constantly improves and refines them. It also creates “fallback accessors” when tests run and hit an accessor change enabling the script to continue even though changes have been made to the application. And finally, the AI can self-heal scripts which must and update them with new accessors without human assistance. These AI-based, built-in technologies give you the most stable scripts every time with the most robust accessor methodologies and self-healing. Nothing else comes close.

The final two points above deal with autonomous generation of tests. To beat the queue and crush it, you have to get a heavy lift for finding bugs. And as we have learnt, go far beyond the use cases that a business analyst listed. Job one is to find bugs and prioritize them, leveraging AI to generate tests autonomously.

Appvance’s patented AI engine has already been trained with millions of actions. You will teach it the business rules of your application (machine learning). It will then create real user flows, take every possible action, discover every page, fill out every form, get to every state, and validate the most critical outcomes just as you trained it to do. It does all this without writing or recording a single script. We call this is ‘blueprinting’ an application. We do this at every new build. Multiple instances of the AI will spin up, each selecting a unique path through the application, typically finding 1000s or more flows in a matter of minutes. When complete, the AI hands you the results including bugs, all the diagnostic data to help find the root cause, and the reusable test-scripts to repeat the bug. A further turn of the crank can refine these scripts into exact replicas of what production users are doing and apply them to the new build. Any modern approach to continuous testing needs to leverage AI in both helping QA engineers create scripts as well as autonomously create tests so that both parts work together to find bugs and provide data to get to the root cause. That AI driven future is available today from Appvance.

About the Author –

Kevin Surace is a highly lauded entrepreneur and innovator. He’s been awarded 93 worldwide patents, and was Inc. Magazine Entrepreneur of the Year, CNBC Innovator of the Decade, a Davos World Economic Forum Tech Pioneer, and inducted into the RIT Innovation Hall of Fame. Kevin has held leadership roles with Serious Energy, Perfect Commerce, CommerceNet and General Magic and is credited with pioneering work on AI virtual assistants, smartphones, QuietRock and the Empire State Building windows energy retrofit.

Business Intelligence Platform RESTful Web Service

Albert Alan

Restful API

RESTful Web Services are REST architecture based web services. Representational State Transfer (REST) is a style of software architecture for distributed systems such as the World Wide Web. In this architectural style, data and functionality is considered resources and are accessed using Uniform Resource Identifiers (URIs), typically links on the Web.

RESTful Web Service

REST has some advantages over SOAP (Simple Objects Access Protocol) but is similar in technology since it is also a function call via HTTP protocol. REST is easier to call from various platforms, transfers pure human-readable data in JSON or XML and is faster and saves resources.

In the basic idea of REST, an object is accessed via REST, not its methods. The state of the object can be changed by the REST access. The change is caused by the passed parameters. A frequent application is the connection of the SAP PI via the REST interface.

When to use Rest Services

  • You want to access BI platform repository objects or perform basic scheduling.
  • You want to use a programming language that is not supported by another BI platform SDK.
  • You want to extract all the query details and number of records per query for all the reports like Webi and Crystal, etc.
  • You want to extract folder path of all reports at once.

Process Flow

RESTful Web Service

RESTful Web Service Requests

To make a RESTful web service request, you need the following:

  • URL – The URL that hosts the RESTful web service.
  • Method – The type of HTTP method to use for sending the request, for example GET, PUT, POST, or DELETE.
  • Request header – The attributes that describe the request.
  • Request body – Additional information that is used to process the request.

Common RWS Error Messages

RESTful Web Service

Restful Web Service URIs Summary List

URLResponseComments
  /v1Service document that contains a link to the /infostore API.This is the root level of an infostore resource
  /v1/infostoreFeed contains all the objects in BOE system/v1/infostore
  /v1/infostore/ <object_id>Entry corresponding to the info object with SI_ID=./v1/infostore/99
      /v1/logon/longReturns the long form for logon, which contains the user and password authentication template.Used to logon to the BI system based on the authentication method.
  /v1/users/ <user_id>  XML feed of user details in BOE systemYou can Modify user using PUT method and DELETE user using DELETE method.
    /v1/usergroups/ <usergroup_id>    XML feed of user group details in BOE systemSupport GET and PUT and DELETE method. You can Modify user group using PUT method and DELETE user group using DELETE method.
  v1/folders/ <folder_id>XML feed displays the details of the folder, can be used to modify the details of the folder, and delete the folder.You modify the folder using PUT method and DELETE the folder using DELETE method
  /v1/publicationsXML feed of all publications created in BOE systemThis API supports GET method only.

Extended Workflow

 The workflow is as follows:

  • To Pass the Base URL

GET http:///localhost:6405/biprws/v1/users

  • To Pass the Headers

  • To Get the xml/json response

Automation of Rest Call

The Business Intelligence platform RESTful Web Service  (BI-REST-SDK) allows you to programmatically access the BI platform functionalities such as administration, security configuration and modification of the repository. In addition, to the Business Intelligence platform RESTful web service SDK, you can also use the SAP Crystal Reports RESTful Web Services  (CR REST SDK) and SAP Web Intelligence RESTful Web Services (WEBI REST SDK).

Implementation

An application has been designed and implemented using Java to automate the extraction of SQL query for all the webi reports from the server at once.

Tools used:

  • Postman (Third party application)
  • Eclipse IDE

The structure of the application is as below:

The application file comprises of the required java jar files, java class files, java properties files and logs. Java class files (SqlExtract) are the source code and will be compiled and executed using command prompt as:

Step 1

  • Javac -cp “.;java-json.jar;json-simple-1.1.jar;log4j-1.2.17.jar” SqlExtract.java

 The above command compiles the java code.

Step 2

  • Java -cp “.;java-json.jar;json-simple-1.1.jar;log4j-1.2.17.jar” SqlExtract.java

 The above command runs the compiled java file.

The java properties file (log4j) is used to set the configurations for the java code to run. Also, the path for the log file can be set in the properties file.

RESTful Web Service

The logs (SqlExtractLogger) consist of the required output file with all the extracted query for the webi reports along with the data source name, type and the row count for each query in the respective folder in the path set by the user in properties file.

RESTful Web Service

The application is standalone and can run in any windows platform or server which has java JRE (version greater than 1.6 – preferred) installed in it.

Note: All the above steps required to execute the application are consolidated in the (steps) file.

Conclusion

SAP BO provides Restful web service to traverse through its repository, to fetch structural info and to modify the metadata structure based on the user requirements. When integrated with programming languages like python, java, etc., extends the scope to a greater extent, allowing the user to automate the workflows and to solve the backtracking problems.

Handling Restful web service needs expertise in server administration and programming as changes made to the metadata are irreversible.

References

About the Author –

Alan is a SAP Business Intelligence consultant with a critical thinking and an analytical mind. He believes in ‘The more extensive a man’s knowledge of what has been done, the greater will be his power of knowing what to do’.

Zero Knowledge Proofs in Healthcare Data Sharing

Srinivasan Sundararajan

Recap of Healthcare Data Sharing

In my previous article (https://www.gavstech.com/healthcare-data-sharing/), I had elaborated on the challenges of Patient Master Data Management, Patient 360, and associated Patient Data Sharing. I had also outlined how our Rhodium framework is positioned to address the challenges of Patient Data Management and data sharing using a combination of multi-modal databases and Blockchain.

In this context, I have highlighted our maturity levels and the journey of Patient Data Sharing as follows:

  • Single Hospital
  • Between Hospitals part of HIE (Health Information Exchange)
  • Between Hospitals and Patients
  • Between Hospitals, Patients, and Other External Stakeholders

In each of the stages of the journey, I have highlighted various use cases. For example, in the third level of health data sharing between Hospitals and Patients, the use cases of consent management involving patients as well as monetization of personal data by patients themselves are mentioned.

In the fourth level of the journey, you must’ve read about the use case “Zero Knowledge Proofs”. In this article, I would be elaborating on:

  • What is Zero Knowledge Proof (ZKP)?
  • What is its role and importance in Healthcare Data Sharing?
  • How Blockchain Powered GAVS Rhodium Platform helps address the needs of ZKP?

Introduction to Zero Knowledge Proof

As the name suggests, Zero Knowledge Proof is about proving something without revealing the data behind that proof. Each transaction has a ‘verifier’ and a ‘prover’. In a transaction using ZKPs, the prover attempts to prove something to the verifier without revealing any other details to the verifier.

Zero Knowledge Proofs in Healthcare 

In today’s healthcare industry, a lot of time-consuming due diligence is done based on a lack of trust.

  • Insurance companies are always wary of fraudulent claims (which is anyhow a major issue), hence a lot of documentation and details are obtained and analyzed.
  • Hospitals, at the time of patient admission, need to know more about the patient, their insurance status, payment options, etc., hence they do detailed checks.
  • Pharmacists may have to verify that the Patient is indeed advised to take the medicines and give the same to the patients.
  • Patients most times also want to make sure that the diagnosis and treatment given to them are indeed proper and no wrong diagnosis is done.
  • Patients also want to ensure that doctors have legitimate licenses with no history of malpractice or any other wrongdoing.

In a healthcare scenario, either of the parties, i.e. patient, hospital, pharmacy, insurance companies, can take on the role of a verifier, and typically patients and sometimes hospitals are the provers.

While the ZKP can be applied to any of the transactions involving the above parties, currently the research in the industry is mostly focused on patient privacy rights and ZKP initiatives target more on how much or less of information a patient (prover) can share to a verifier before getting the required service based on the assertion of that proof.

Blockchain & Zero Knowledge Proof

While I am not getting into the fundamentals of Blockchain, but the readers should understand that one of the fundamental backbones of Blockchain is trust within the context of pseudo anonymity. In other words, some of the earlier uses of Blockchain, like cryptocurrency, aim to promote trust between unknown individuals without revealing any of their personal identities, yet allowing participation in a transaction.

Some of the characteristics of the Blockchain transaction that makes it conducive for Zero Knowledge Proofs are as follows:

  • Each transaction is initiated in the form of a smart contract.
  • Smart contract instance (i.e. the particular invocation of that smart contract) has an owner i.e. the public key of the account holder who creates the same, for example, a patient’s medical record can be created and owned by the patient themselves.
  • The other party can trust that transaction as long the other party knows the public key of the initiator.
  • Some of the important aspects of an approval life cycle like validation, approval, rejection, can be delegated to other stakeholders by delegating that task to the respective public key of that stakeholder.
  • For example, if a doctor needs to approve a medical condition of a patient, the same can be delegated to the doctor and only that particular doctor can approve it.
  • The anonymity of a person can be maintained, as everyone will see only the public key and other details can be hidden.
  • Some of the approval documents can be transferred using off-chain means (outside of the blockchain), such that participants of the blockchain will only see the proof of a claim but not the details behind it.
  • Further extending the data transfer with encryption of the sender’s private/public keys can lead to more advanced use cases.

Role of Blockchain Consortium

While Zero Knowledge Proofs can be implemented in any Blockchain platform including totally uncontrolled public blockchain platforms, their usage is best realized in private Blockchain consortiums. Here the identity of all participants is known, and each participant trusts the other, but the due diligence that is needed with the actual submission of proof is avoided.

Organizations that are part of similar domains and business processes form a Blockchain Network to get business benefits of their own processes. Such a Controlled Network among the known and identified organizations is known as a Consortium Blockchain.

Illustrated view of a Consortium Blockchain Involving Multiple Other Organizations, whose access rights differ. Each member controls their own access to Blockchain Network with Cryptographic Keys.

Members typically interact with the Blockchain Network by deploying Smart Contracts (i.e. Creating) as well as accessing the existing contracts.

Current Industry Research on Zero Knowledge Proof

Zero Knowledge Proof is a new but powerful concept in building trust-based networks. While basic Blockchain platform can help to bring the concept in a trust-based manner, a lot of research is being done to come up with a truly algorithmic zero knowledge proof.

A zk-SNARK (“zero-knowledge succinct non-interactive argument of knowledge”) utilizes a concept known as a “zero-knowledge proof”. Developers have already started integrating zk-SNARKs into Ethereum Blockchain platform. Zether, which was built by a group of academics and financial technology researchers including Dan Boneh from Stanford University, uses zero-knowledge proofs.

ZKP In GAVS Rhodium

As mentioned in my previous article about Patient Data Sharing, Rhodium is a futuristic framework that aims to take the Patient Data Sharing as a journey across multiple stages, and at the advanced maturity levels Zero Knowledge Proofs definitely find a place. Healthcare organizations can start experimenting and innovating on this front.

Rhodium Patient Data Sharing Journey

IT Infrastructure Managed Services

Healthcare Industry today is affected by fraud and lack of trust on one side, and on the other side growing privacy concerns of the patient. In this context, the introduction of a Zero Knowledge Proofs as part of healthcare transactions will help the industry to optimize itself and move towards seamless operations.

About the Author –

Srini is the Technology Advisor for GAVS. He is currently focused on Data Management Solutions for new-age enterprises using the combination of Multi Modal databases, Blockchain, and Data Mining. The solutions aim at data sharing within enterprises as well as with external stakeholders.

Significance of CI CD Process in DevOps

Muraleedharan Vijayakumar

Developing and releasing software can be a complicated process, especially as applications, teams, and deployment infrastructure grow in complexity themselves. Often, challenges become more pronounced as projects grow. To develop, test, and release software quickly and consistently, developers and organizations have created distinct strategies to manage and automate these processes.

Did you know?  Amazon releases a new production code once every 11.6 seconds.

Why CI/CD/CD?

The era of digital transformations demands faster deployments into production. Faster deployments do not warrant defective releases, the solution – ‘DevOps’. The development team, operations team, and IT services team have to work in tandem and the magic circle that brings all of them together is DevOps.

To adopt a DevOps culture, implementing the right DevOps tools with the right DevOps process is essential. Continuous integration/continuous delivery/continuous deployment (CI/CD/CD) help us developers and testers ship the software faster and safer in a structured environment.

The biggest obstacle that needs to be overcome in constructing a DevOps environment is scalability. There are no definite measures on the scalability of an application or product development, but DevOps environment should be ready to scale to meet business and technology needs. It lays a strong foundation for building an agile DevOps for the business.

Continuous Integration and Deployment has seen many benefits in the software delivery process. Initiating automated code builds once checks are completed, running automated test suites, flagging errors and breaking builds if not adhered to compliance have eased the way of deploying a stable release into staging or production environment and eliminating manual errors and human bias.

How is CI/CD/CD Set Up?

Version control tools play an important role in the success of our DevOps pipeline. And designing a good source stage is pivotal to our CI/CD success. It ensures that we can version code, digital assets, and binary files (and more) all in one spot. This enables teams to communicate and collaborate better — and deploy faster.

Our code branching strategy determines how and when developers branch and merge. When deciding on a strategy it is important to evaluate what makes sense for our team and product. Most version control systems will let you adopt and customize standard strategies like mainline, trunk-based, task/feature branching, etc.,

Typical Branching Model Followed

A basic workflow starts with code being checked out. When the work in the branch is committed, CI processes are triggered. This can be done with a merge or pull request. Then the CI/CD pipeline kicks into high gear.

The goal of CI/CD is to continuously integrate changes to find errors earlier in the process, as known as ‘Shift Left’.  The ultimate goal of having an automated CI/CD process in place to identify errors or flag non-compliance at an early stage of the development process. This increases the project’s velocity by avoiding late-stage defects and delays. It creates an environment where code is always ready for a release. With the right branching strategy, teams are equipped to deliver success.

Continuous Integration: Integrating newly developed code with the central repository is continuous integration. Automated CI results in automated builds that are triggered to merge the newly developed codes into the repository. As part of this process, plugins can be added to perform static code analysis, security compliance checks, etc., to identify if the newly added code would have any impact on the application. If there are compliance issues, the automated build breaks, and the same is reflected to the developer with insights. Automated CI helps in increasing the productivity of the developers and the team.

Continuous Delivery: At the end of a successful CI, Continuous Delivery is triggered. CD ensures to automate the software delivery process and commits to deliver the integrated code into the production stage without any bugs or delays. CD helps in merging the newly developed code into the main branch of the software so that a ready to production product is available with all the checks in place.CD also checks the quality of the code and performs tests to check whether it can release the functional build to the production environment.

Continuous Deployment: The final and most critical part of DevOps is Continuous Deployment. After the successful merging of certified code, the pipelines are triggered to deploy the code into the production environment. These pipelines are also triggered automatically. The pipelines are constructed to handle the target environment be it jar or container deployments. The most important aspect of this pipeline is to tag the releases that are also done in the production environment. If there are rollbacks these tags help the team to roll back to the right version of the build.

CI/CD/CD is an art that needs to be crafted in the right and most efficient way that will help the software development team achieve their success at a faster pace.

Different Stages & Complete DevOps Setup

What is the CI/CD/CD  Outcome?

Cyber Security Mdr Services

About the Author –

Murleedharan is a senior technical manager and has managed, developed, and launched cutting edge business intelligence and analytics platforms using big data technologies. He has experience in hosting the platform in Microsoft Azure by leveraging the MS PaaS. He is a product manager for zDesk – A Virtual Desktop offering from GAVS.
His passion is to get a friction-less DevOps operational in an environment to bring down the deployment time to a few seconds.

Design-led Organization: Creative Thinking as a Practice!

Gogul R G

This is the first article in the series of ‘Design-led organization’ writing about creative thinking as a practice in GAVS. It is the first step for the readers to explore the world of design and creativity. So, let’s get started!

First let’s see what is design thinking is all about

There is a common misconception that design thinking is new. But when you look back, people have applied a human-centric creative process to build meaningful and effective solutions. Design has been practiced for ages to build monuments, bridges, automobiles, subway systems, etc. Design is not only limited to aesthetics, it is more of a mindset to think of a solution. Design thinking is a mindset to iteratively think about a complex problem and come up with a viable solution

Thinking outside of the box can provide an innovative solution to a sticky problem. However, thinking outside of the box can be a real challenge as we naturally develop patterns of thinking that are based on the repetitive activities and commonly accessed knowledge surround ourselves. It takes something to detach away from a situation where we’re too closely involved to be able to find better possibilities.

To illustrate how a fresh way of thinking can create unexpectedly good solutions, let’s look at a famous incident. Some years ago, an incident occurred where a truck driver had tried to pass under a low bridge. But, he failed, and the truck became firmly lodged under the bridge.

IT Infrastructure Managed Services

The driver was unable to continue driving through or reverse out. The struck truck caused massive traffic problems, which resulted in emergency personnel, engineers, firefighters, and truck drivers gathering to negotiate various solutions to dislodge the truck.

Emergency workers were debating whether to dismantle parts of the truck or chip away at parts of the bridge. Each of one were looking for a solution with their respective level of expertise. A boy walking by and witnessing the intense debate looked at the truck, at the bridge, then looked at the road and said, “Why not just let the air out of the tires?” to the absolute amazement of all the specialists and experts trying to resolve the issue.

When the solution was tested, the truck could drive with ease, having suffered only the damage caused by its initial attempt to pass underneath the bridge. It symbolizes the struggles we face where often the most obvious solutions are the ones hardest to come by because of the self-imposed constraints we work within.  

“Challenging our assumptions and everyday knowledge is often difficult for us humans, as we rely on building patterns of thinking in order not to have to learn everything from scratch every time.

Let’s come back to our topic “What is Design thinking?” Tim Brown, Executive Chairman of IDEO – an international design and consulting firm quoted design thinking as below.

“Design thinking is a human-centered approach to innovation that draws from the designer’s toolkit to integrate the needs of people, the possibilities of technology, and the requirements for business success.

Now let’s think about our truck example. A boy with his fresh mindset provides a simple solution to address a complex problem. Yeah! this is the sweet spot. Everyone is creative and capable of thinking like a designer, and out of the box, to come up with a solution. This way of inculcating design as a mindset for a solution is known as Design thinking.

Yes, you read it right, everyone is creative…

We forget that back in kindergarten, we were all creative. We all played and experimented with weird things without fear or shame. We didn’t know enough not to. The fear of social rejection is something we learned as we got older. And that’s why it’s possible to regain our creative abilities, even decades later. In the field of design and user experience, there are individuals to stick with a methodology a while, they will end up doing amazing things. They come up with break through ideas or suggestions and work creatively with a team to develop something truly innovative. They surprise themselves with the realization that they are a lot more creative than they had thought. That early success shakes up how they see themselves and makes them eager to do more.

We just need to rediscover what we already have: the capacity to imagine, or build upon, new to the world ideas.  But the real value of creativity doesn’t emerge until you are brave enough to act on those ideas.

Geshe Thupten Jinpa, who has been the Dalai Lama’s chief English translator for more than twenty years, shared an insight about the nature of creativity. Jinpa pointed out that there’s no word in the Tibetan language for ‘creativity’ or ‘being creative’. The closest translation is ‘natural’. In other words, if you want to be more creative, you should be more natural! So…be natural!

At your workplace, the complex problems can be easily sorted out when you find a solution using creativity with the mindset of design thinking. Creativity can be improved by following the below steps.

  1. Go for a walk.
  2. Play your favorite games.
  3. Move your eyes.
  4. Take a break and enjoy yourself.
  5. Congratulate yourself each time you do something well.
  6. Estimate time, distance, and money.
  7. Take a route you never have taken before.
  8. Look for images in mosaics, patterns, textures, clouds, stars…
  9. Try something you have never done before.
  10. Do a creative exercise.
  11. Start a collection (stamps, coins, art, stationery, anything you wish to collect)
  12. Watch Sci-Fi or fantasy films.
  13. Change the way you do things – there are no routine tasks, only routine way of doing things.
  14. Wear a color you do not like.
  15. Think about how they invented equipment or objects you use daily.
  16. Make a list of 10 things you think are impossible to do and then imagine how you could make each one possible.
  17. For every bad thing that happens to you, remember at least 3 good things that happened.
  18. Read something you have not read yet.
  19. Make friends with people on the other side of the world.
  20. When you have an idea, make a note of it, and later check to see if it happened.
  21. Connect a sport with your work.
  22. Try food you never tried before.
  23. Talk to grandparents and relatives and listen to their stories.
  24. Give an incorrect answer to a question.
  25. Find links between people, things, ideas, or facts.
  26. Ask children how to do something and observe their creativity.

Start doing the above-mentioned steps to inculcate a creative mindset and apply it in your day-to-day work. Companies like GE health care, Procter & Gamble, UBER practiced design thinking and implemented in their new product launches and for solving complex problems in their organizations. Be natural to be more creative! When you are more creative, you can apply design thinking for seeking any solution for a complex problem in your work.

This is the first article in the series of Design led Organization in GAVS. Keep watching this space for more articles on design and keep exploring the world of design-thinking!

References:

About the Author –

Gogul is a passionate UX designer with 8+ years of experience into designing experiences for digital channels like Enterprise apps, B2C, B2B apps, Mobile apps, Kiosk, Point of Sale, Endless aisle, telecom products. He is passionate about transforming complex problems into actionable solutions using design.

Center of Excellence – Security

The Security Center of Excellence was instituted to set standards in the practice and be the point of contact for technical solutions, problem solving, etc. The broad objectives of this CoE are as follows:

  • Develop and maintain technical assets that can be leveraged across GAVS.
  • Enable Quality Governance by providing support in gating of architecture and design related deliverables.
  • Enable Operational Governance by establishing cadence for tech review of projects.
  • Create domain-based SMEs within the practice.
  • Train and upskill members in the practice.
  • Improve customer satisfactory index by implementing new ideas and innovations across all engagements.
  • Create additional SOC services for market competency.
  • Automation – Detect, investigate and remediate cyberthreats with playbooks and response workflows.

COVID and the changing nature of threat landscape

For many industries, it has been challenging period ever since the COVID outbreak, more so for those in security. Clearly, the bad actors have lot of time at their disposal which is reflective in the innovative techniques being used to attack targets. The level of vigilance required in monitoring the alerts and application of threat hunting techniques is key to diagnosing problems at initial stages of compromise in the worst-case scenario.

Microsoft Cloud Solution Provider

Remote Infrastructure Monitoring Services
Source: IBM X-Force Research

For enterprises that have no clue about MDR (Managed Detection and Response), this is a good time for them to start. We have innovative, cost effective solutions – “Make Hay while the Sun shines”. Small and large corporations alike have lost business and money because of lapse in security controls and monitoring. Now is not the time to make headlines that you are the victim of a major breach.

Our team is developing a vulnerability alerting tool, which we intend to equip customers with to provide qualified bulletin alerts, i.e. alerts only on vulnerabilities that affect them. This is a first of a kind in the market. This will greatly benefit existing and new customers.

Expanding into IAM and PAM

Security practice is expanding into Identity & Access Management (IAM) and Privileged Access Management (PAM) services. With new customers being onboarded into this focus areas for products such as Sailpoint, Thycotic, Ping, Cyberark, Okta and Azure PIM, we are expanding our talent pool through recruitment and through training and certification. This should largely benefit our existing customers and prospects who intend to leverage our security practice to fulfil their cyber security needs.

Expansion of our Red Team

Our Red Team within the practice has been expanded with many talented members, including some with bug bounty bragging rights. This has enormously helped in performing intensive tests on our internal product platforms, security assessments for customers. We have also extensively invested on tools for the Red Team to help them reduce assessment times.

Certification drive

With some more analysts having certified across AZ-500, Cyberark and trained on Darktrace. GAVS’ security analysts are taking full advantage to increase their knowledge thanks to the generosity of our alliances and training sites like Pluralsight. Even the mighty Microsoft opened their learning website for free, enabling young talent to equip themselves with critical DevOps and Cloud security skills.

As part of CoE initiatives, we have;

  • Aligned our security roadmap based on industry trends and to ensure solutions tailored for customer pain points.
  • Extended our SOC practice with IAM and PAM in 2020.
  • Identified domain-based SME and product-based SME for quick support.

We are currently in the process of creating security products, GVAS and GSMA, to help customer in proactively identifying and addressing vulnerabilities and self-maturity assessment of their cybersecurity posture. We are also underway to add Operational security to our Security practice.

If you have any questions about the CoE, you may reach out to them at COE_INFOSEC@gavstech.com

CoE Team Members

  • Venkatakrishnan A
  • Shivaram J
  • Alex Nepolian Lawrence
  • Ravindran Girikrishnan
  • Aravindah Sadhasivam Subramanian
  • Vijayakumar Veerapandiyan
  • Thubati Uday
  • Ganta Venkata Sandeep
  • Sundaramoorthy S
  • Sukanya Srinivasan

Center of Excellence – Java

The Java CoE was established to partner with our customers and aid them in realizing business benefits through effective adoption of cutting-edge technologies; thus, enabling customer success.

Objectives

  • Be the go-to team for anything related to Java across the organization and customer engagements.
  • Build competency by conducting training and mentoring sessions, publishing blogs, whitepapers and participating in Hackathons.
  • Support presales team in creating proposals by providing industry best solutions using the latest technologies, standards & principles.
  • Contribute a certain percent of revenue growth along with the CSMs.
  • Create reusable artifacts, frameworks, solutions and best practices which can be used across organization to improve delivery quality.

Focus Areas

  1. Design Thinking: Setting up a strong foundation of “Design Thinking and Engineering Mindset” is paramount for any business. We aim to do so in the following way:
IT Infrastructure Managed Services

2. Solution and Technology: Through our practice, we aim to equip GAVS with solution-oriented technology leaders who can lead us ahead through disruptive times

IT Operations Management Software

3. Customer success

  • Identify opportunities in accounts based on the collaboration with CSMs, understand customer needs, get details about the engagement, understand the focus areas and challenges.
  • Understand the immediate need of the project, provide solution to address the need.
  • Java council to help developers arrive at solutions.
  • Understand architecture in detail and provide recommendation / create awareness to use new technologies
  • Enforce a comprehensive review process to enable quality delivery.

Accomplishments

  • Formed the CoE team
  • Identified the focus Areas
  • Identified leads for every stream
  • Socialized the CoEwithin GAVS
  • Delivered effective solutions across projects to improve delivery quality
  • Conducted trainings on standards and design-oriented coding practices across GAVS
  • Publishedblogs to bring in design-oriented development practices
  • Identified the areas for creating re-usable artefacts (Libraries / Frameworks)
  • Brainstormed and finalized the design for creating Frameworks (For the identified areas)
  • Streamlined the DevOps process which can be applied in any engagement
  • Built reusable libraries, components and frameworks which can be used across GAVS
  • Automated the Code Review process
  • Organized and conducted hackathons and tech meetups
  • Discovered potential technical problems/challenges across teams and offered effective solutions, thereby enabling customer success
  • Supported the presales team in creating customized solutions for prospects

Upcoming Activities

  • Establishing tech governance and align managers / tech leads to the process
  • Setting up security standards and principles across domain
  • Buildingmore reusable libraries, components and frameworks which can be used across GAVS
  • Adopting Design Patterns / Anti-patterns
  • Enforcing a strong review process to bring in quality delivery
  • Enabling discussions with the customers
  • Setting up a customer advisory team

Contribution to Organizational Growth

As we continue our journey, we aim to support the revenue growth of our organization. Customer Success being a key goal of GAVS, we will continue to enable it by improving the quality of service delivery and building a solid foundation across all technology and process streams. We also want to contribute to the organization by developing a core competency around a strategic capability and reduce knowledge management risks.

If you have any questions about the CoE, you may reach out to them at COE_JAVA@gavstech.com

CoE Team Members

  • Lakshminarasimhan J
  • Muraleedharan Vijayakumar
  • Bipin V
  • Meenakshi Sundaram
  • Mahesh Rajakumar M
  • Ranjith Joseph Selvaraj
  • Jagathesewaren K
  • Sivakumar Krishnasamy
  • Vijay Anand Shanmughadass
  • Sathya Selvam
  • Arun Kumar Ananthanarayanan
  • John Kalvin Jesudhason

Observability versus Monitoring

Sri Chaganty

“Observability” has become a key trend in Service Reliability Engineering practice.  One of the recommendations from Gartner’s latest Market Guide for IT Infrastructure Monitoring Tools released in January 2020 says, “Contextualize data that ITIM tools collect from highly modular IT architectures by using AIOps to manage other sources, such as observability metrics from cloud-native monitoring tools.”

Like so many other terms in software engineering, ‘observability’ is a term borrowed from an older physical discipline: in this case, control systems engineering. Let me use the definition of observability from control theory in Wikipedia: “observability is a measure of how well internal states of a system can be inferred from knowledge of its external outputs.”

Observability is gaining attention in the software world because of its effectiveness at enabling engineers to deliver excellent customer experiences with software despite the complexity of the modern digital enterprise.

When we blew up the monolith into many services, we lost the ability to step through our code with a debugger: it now hops the network.  Monitoring tools are still coming to grips with this seismic shift.

How is observability different than monitoring?

Monitoring requires you to know what you care about before you know you care about it. Observability allows you to understand your entire system and how it fits together, and then use that information to discover what specifically you should care about when it’s most important.

Monitoring requires you to already know what normal is. Observability allows discovery of different types of ‘normal’ by looking at how the system behaves, over time, in different circumstances.

Monitoring asks the same questions over and over again. Is the CPU usage under 80%? Is memory usage under 75% percent? Or, is the latency under 500ms? This is valuable information, but monitoring is useful for known problems.

Observability, on the other side, is about asking different questions almost all the time. You discover new things.

Observability allows the discovery of different types of ‘normal’ by looking at behavior, over time, in different circumstances.

Metrics do not equal observability.

What Questions Can Observability Answer?

Below are sample questions that can be addressed by an effective observability solution:

  • Why is x broken?
  • What services does my service depend on — and what services are dependent on my service?
  • Why has performance degraded over the past quarter?
  • What changed? Why?
  • What logs should we look at right now?
  • What is system performance like for our most important customers?”
  • What SLO should we set?
  • Are we out of SLO?
  • What did my service look like at time point x?
  • What was the relationship between my service and x at time point y?
  • What was the relationship of attributed across the system before we deployed? What’s it like now?
  • What is most likely contributing to latency right now? What is most likely not?
  • Are these performance optimizations on the critical path?

About the Author –

Sri is a Serial Entrepreneur with over 30 years’ experience delivering creative, client-centric, value-driven solutions for bootstrapped and venture-backed startups.

Autonomous Things

Machine learning service provider

Bindu Vijayan

“Autonomous things (AuT), or the Internet of autonomous things (IoAT), is an emerging term for the technological developments that are expected to bring computers into the physical environment as autonomous entities without human direction, freely moving and interacting with humans and other objects…”

To put it simply, Autonomous Things use AI and work unsupervised to complete specific tasks without humans. Devices are enhanced with AI, sensors and analytical capabilities to be able to make informed and appropriate decisions.  They (these devices) work collaboratively between humans and the environment and provide superior performance.  Today AuT work across several environments with various levels of intelligence and capabilities. Some popular examples of these devices are drones, vehicles, smart home devices among others. The components of Autonomous things – software and AI hardware are getting increasingly efficient. With improved technologies (and significantly reducing sensor costs), the variety of tasks and processes that can be automated are increasing, with the advantage of bringing in more data and feedback that can efficiently improve and enhance the benefits of autonomous things.

The technology is used in a wide variety of scenarios – as data collectors from a variety of terrains and environments, as delivery systems (by Amazon, pizza deliveries, etc.), medical supplies to remote areas, etc. Robotics used in the supply chain has proven it reduces/elevates the danger out of the hitherto human tasks in warehouses.  And they probably have the most economic potential currently, followed by autonomous vehicles.  Drones are used to collect data across a wide variety of functions –  for surveillance, security, stock management, weather forecasting, obtaining air data, oceanic data, agricultural planning, etc.

Some fascinating use cases:

Healthcare

Drones are proving to be more and more effective in several ways – they are currently used extensively for surveillance of disaster sites that have biological hazards.  There is no better relevance than the current times when they can actually be used in epidemiology to track disease spread,  and of course for further research and studies.  Drones are facilitating on-demand healthcare by providing medicines to terrains that are difficult to access.  Swoop Aero is one such company that provides medicines via drones.  Drones have brought healthcare into the most remote areas with diagnosis and treatment made available. Remote areas of Africa have their regular medical supplies,  vaccine supplies, lab samples collected, emergency medical equipment made available through Drones. They are also used in telementoring, for perioperative evaluation and so on.  Drones have been very efficient in accessing areas and providing necessary support where ground transport is not reliable or safe or impossible.  Today, most governments have Drones on their national agenda under various sectors. The Delft University of Technology is developing an ambulance drone technology that can be used at disaster sites to increase rescue rates..

Retail

In a world where we have virtual assistants do grocery shopping, replenish stocks, and cooking machines making food, when there is a need to go out shopping, shoppers want to have an easy, fast and frictionless process.  Today, customers do not want to wait in queues and go through conventional checkouts, and Retailers know that they might be losing customers due to their checkout process.  And autonomous shops like Amazon Go are giving that experience to customers where they can purchase without the inconvenience of checkout lines.

Providers of checkout-free shopping technology like ‘Grabango’, use sensor vision and ML to actually hold a virtual shopping basket for every person in the store.  The technology is reputed to process a multitude simultaneous checkout transactions. “Grabango’s system uses high-quality sensor hardware and high-precision computer algorithms to acquire the location of every item in the store. This results in a real-time planogram covering the entire retail environment.” They say it results in increased sales and loyalty, streamlined operations and inventory management and out of stock alerts.

Construction

Companies like Chicago based, Komatsu American Corp., have autonomous haulage stems that have optimized safety in the mining industry like never before. They “help you continue to meet your bottom line while achieving zero-harm” while their focus has been on developing autonomous mining solutions, they have been doing it for more than three decades now! Their FrontRunner AHS has moved more than two billion tons of surface material so far in driverless operations.  Catepillar would be deploying their fleet of autonomous trucks and blast drills for the iron mine in Western Australia – Rio Tinto Koodaideri.  The industry is thriving with autonomous and semi autonomous equipment, and it is evident that it has brought improvements to productivity, and increased profitability. At the Australian mine “autonomous vehicles operated on average 700 hours longer and with 15 per cent lower unit costs”… Similarly, there are other companies like Intsite, a heavy machinery company; their autonomous crane ÁutoSite 100’ does autonomous operation of heavy machinery.

Transportation

Most of us think Tesla when we think autonomous vehicles.  Elon Musk’s dream of providing autonomous ride-sharing has Tesla working on getting out one million robotaxis on the road this year. We will have to wait and see how that is going to pan out. Though autonomous vehicles are the most popular, I suppose it might take a little more time before it finds answers to the regulatory challenges, definitely not an easy task.  It gets quite overwhelming when we think of what we are expecting from autonomous vehicles – it assumes correct performance no matter the uncertainties on the roads and the environment, as well as the ability to face any sort of system failures on its own, and AI is a very critical technology when we are talking real-time decision making. Those sort of scenarios call for a strong computing platform in order to do the analysis at the edge for faster decision making.  The new V2X, which is the 5G vehicle-to-everything is expected to make autonomous vehicles mainstream because the vital information would get transmitted as structured data to the vehicle. V2X is expected to have vehicles interfacing with anything, be it pedestrians, roadside infrastructure, cyclists, etc.

Today, technology is also looking at ‘vehicle platooning’ – “Platoons decrease the distances between cars or trucks using electronic, and possibly mechanical, coupling. This capability would allow many cars or trucks to accelerate or brake simultaneously. This system also allows for a closer headway between vehicles by eliminating reacting distance needed for human reaction.” It has a group of self driving vehicles moving at high speed but safely, as the trucks are in constant communication with each other and use this intelligence to make informed decisions like braking, speeds, etc.  And autonomous trucks and cars can automatically join these platoons or leave, this has the advantages of reduced congestion, fewer traffic collisions, better fuel economy, and shorter commutes during peak hours. 

Conclusion

Studies show that Autonomous things are fast moving to ‘swarm’ or a bunch of intelligent devices, where multiple devices will function together collaboratively, as against the previously isolated intelligent components/ things. They are going to be intelligently networked among themselves and with the environment, and the wider that becomes within every industry, they are going to show phenomenal capabilities. But let’s not forget there is a whole other side to AI, given how unpredictable things are in life, AI would sooner or later have to respond to things that it never saw in training… we still are the smarter ones…

References:

https://en.wikipedia.org/wiki/Autonomous_things

https://www.gartner.com/smarterwithgartner/gartner-top-10-strategic-technology-trends-for-2020/

https://worldline.com/en/home/blog/2020/march/from-automatic-to-autonomous-payments-can-things-pay.html

https://en.wikipedia.org/wiki/Self-driving_car

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6174005/

https://www.komatsuamerica.com/

https://en.wikipedia.org/wiki/Platoon_(automobile)https://grabango.com/

Combating a health crisis with digital health technologies

Bindu Vijayan

The current pandemic has exposed yawning gaps in the systems of the best of developed countries to be able to respond to virulent pathogens.  The world has seen SARS and Ebola in fairly recent times, and with the COVID 19 pandemic, it is becoming clear that technology can help combat and overcome future epidemics if we plan and strategize with these technologies.  They bring efficiency to our response times, and we are currently learning the importance of using these technologies for prevention as well.  A small example – Canadian AI health monitoring platform BlueDot’s outbreak risk software is said to have predicted the outbreak of the pandemic a whole week before America (who announced on Jan 8), and the WHO (on Jan 9) did. BlueDot predicted the spread of COVID 19 from Wuhan to other countries like Bangkok and Seoul by parsing through huge volumes of international news (in local languages).  It further was able to predict where the infection would spread by accessing global airline data to trace and track where the infected people were headed.

Contrary to earlier times, today it only takes a few hours to sequence a virus, thanks of course, to technology.  The scientists don’t have to cultivate a sufficient batch of viruses any longer in order to examine them, today, its DNA can be got from an infected person’s blood sample or saliva.  India’s National Institute of Animal Biotechnology (NIAB), Hyderabad, has developed a biosensor that can detect the novel coronavirus in saliva samples. The new portable device called ‘eCovSens’, can detect coronavirus antigens in human saliva within 30 seconds using just 20 microlitres of sample.  Startups like Canadian GenMarkDx, US-based Aperiomics & XCR Diagnostics, Singapore based MiRXES, and Polish company’s SensDx have introduced top notch diagnostic solutions.  Identifying infected people to provide strict medical care will be made a lot faster with these diagnostic kits. 

Genome sequencing is also vital to fight the pandemic.  The genome of this virus was completely sequenced by the Chinese scientists in under a month from detection of the first case, and then on the biotech companies created synthetic copies of the virus for research.  Today creating a synthetic copy of a single nucleotide costs under 10 cents (in comparison to the earlier $ 10), so these days it is far quicker and cheaper, which means the chances of finding appropriate / adequate medication are much faster which will help save more lives.

Healthcare workers are having to pay a huge price, they run the risk of getting infected, there is often paucity of PPE, and in some countries, they even have to face assault from crowds that are angry and confused at the situation.  Medical workers are targetted by mobs, there are instances where communities don’t allow them to come back to their homes after duty, shops don’t sell them necessities, etc.  Medical robots can be the real game-changers in such situations.  Deploying robots in such scenarios to do the rescue is becoming a much sought after option, wherever possible.   Robots become the answer to such difficult situations as they are impervious to infections.  They allow physicians to treat/communicate through a screen. The patient’s vitals are also recorded by the robot.  Patients can be very efficiently monitored this way.

Drones for deliveries, especially medical deliveries can also be used to reach isolation zones or quarantined zones.  Italy made a big success out of this. Italy’s coronavirus epicenter, Bergamo, in Lombardy region, had to resort to people’s temperature being read by drones.  ‘The Star’ reported that “once a person’s temperature is read by the drone, you must still stop that person and measure their temperature with a normal thermometer,” said Matteo Copia, a police commander in Treviolo, near Bergamo. Drones are being used for surveillance – In areas where people were not complying with social distancing and lockdown restrictions, authorities are using drones to monitor people’s movement and break up social gatherings that could be a potential risk to the society. Drones are also being used for Disinfectant spraying, broadcasting messages, medicine and grocery deliveries and so on.

Interactive maps give us the data on the pandemic on real time, and monitoring a pandemic this wide and dangerous is very crucial to stopping/controlling its spread. These maps are made available to everybody, and the truth and transparency in the situation of such epic proportion is necessary in order to avoid panic within communities.  We now have apps for tracking the virus spread, fatalities and recovery rates, and apps would be developed for the future that will warn us about impending outbreaks, the geographies and flight routes that we must avoid

Implementing these technologies will enable us to manage and conquer situations like the current pandemic we are going through. As Bernardo Mariano Junior, Director of WHO’s Department of Digital Health and Innovation, rightly said “The world needs to be well prepared and united in the spirit of shared responsibility, to digitally detect, protect, respond, and prepare the recovery for COVID 19. No single entity or single country initiative will be sufficient. We need everyone.”

References: