Configuration management


Configuration management
Top level Configuration Management Activity model

Configuration management (CM) is a field of management that focuses on establishing and maintaining consistency of a system or product's performance and its functional and physical attributes with its requirements, design, and operational information throughout its life.[1]

For information assurance, CM can be defined as the management of security features and assurances through control of changes made to hardware, software, firmware, documentation, test, test fixtures, and test documentation throughout the life cycle of an information system.[2] CM for information assurance, sometimes referred to as Secure Configuration Management, relies upon performance, functional, and physical attributes of IT platforms and products and their environments to determine the appropriate security features and assurances that are used to measure a system configuration state.

For example, configuration requirements may be different for a network firewall that functions as part of an organization's Internet boundary versus one that functions as an internal local network firewall.

Contents

History

Configuration management was first developed by the United States Air Force for the Department of Defense in the 1950s as a technical management discipline of hardware. The concepts of this discipline have been widely adopted by numerous technical management functions, including systems engineering (SE), integrated logistics support (ILS), Capability Maturity Model Integration (CMMI), ISO 9000, Prince2 project management methodology, COBIT, Information Technology Infrastructure Library (ITIL), product lifecycle management, and application lifecycle management. Many of these functions and models have redefined configuration management from its traditional holistic approach to technical management. Some treat configuration management as being similar to a librarian activity, and break out change control or change management as a separate or stand alone discipline. However the bottomline is and always shall be Traceability.

Software configuration management

The traditional software configuration management (SCM) process is looked upon by practitioners as the best solution to handling changes in software projects. It identifies the functional and physical attributes of software at various points in time, and performs systematic control of changes to the identified attributes for the purpose of maintaining software integrity and traceability throughout the software development life cycle.

The SCM process further defines the need to trace changes, and the ability to verify that the final delivered software has all of the planned enhancements that are supposed to be included in the release. It identifies four procedures that must be defined for each software project to ensure that a sound SCM process is implemented. They are:

  1. Configuration identification
  2. Configuration control
  3. Configuration status accounting
  4. Configuration audits

These terms and definitions change from standard to standard, but are essentially the same.

  • Configuration identification is the process of identifying the attributes that define every aspect of a configuration item. A configuration item is a product (hardware and/or software) that has an end-user purpose. These attributes are recorded in configuration documentation and baselined. Baselining an attribute forces formal configuration change control processes to be effected in the event that these attributes are changed.
  • Configuration change control is a set of processes and approval stages required to change a configuration item's attributes and to re-baseline them.
  • Configuration status accounting is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.
  • Configuration audits are broken into functional and physical configuration audits. They occur either at delivery or at the moment of effecting the change. A functional configuration audit ensures that functional and performance attributes of a configuration item are achieved, while a physical configuration audit ensures that a configuration item is installed in accordance with the requirements of its detailed design documentation.

Configuration management is widely used by many military organizations to manage the technical aspects of any complex systems, such as weapon systems, vehicles, and information systems. The discipline combines the capability aspects that these systems provide an organization with the issues of management of change to these systems over time.

Outside of the military, CM is appropriate to a wide range of fields and industry and commercial sectors.[3]

Computer hardware configuration management

Computer hardware configuration management is the process of creating and maintaining an up-to-date record of all the components of the infrastructure, including related documentation. Its purpose is to show what makes up the infrastructure and illustrate the physical locations and links between each item, which are known as configuration items.

Computer hardware configuration goes beyond the recording of computer hardware for the purpose of asset management, although it can be used to maintain asset information. The extra value provided is the rich source of support information that it provides to all interested parties. This information is typically stored together in a configuration management database (CMDB). This concept was introduced by ITIL.

The scope of configuration management is assumed to include, at a minimum, all configuration items used in the provision of live, operational services.

Computer hardware configuration management provides direct control over information technology (IT) assets and improves the ability of the service provider to deliver quality IT services in an economical and effective manner. Configuration management should work closely with change management.

All components of the IT infrastructure should be registered in the CMDB. The responsibilities of configuration management with regard to the CMDB are:

  • identification
  • control
  • status accounting
  • verification

The scope of configuration management is assumed to include:

  • physical client and server hardware products and versions
  • operating system software products and versions
  • application development software products and versions
  • technical architecture product sets and versions as they are defined and introduced
  • live documentation
  • networking products and versions
  • live application products and versions
  • definitions of packages of software releases
  • definitions of hardware base configurations
  • configuration item standards and definitions

The benefits of computer hardware configuration management are:

  • helps to minimize the impact of changes
  • provides accurate information on CIs (Configuration Items)
  • improves security by controlling the versions of CIs (Configuration Items) in use
  • facilitates adherence to legal obligations
  • helps in financial and expenditure planning

Maintenance systems

Configuration management is used to maintain an understanding of the status of complex assets with a view to maintaining the highest level of serviceability for the lowest cost. Specifically, it aims to ensure that operations are not disrupted due to the asset (or parts of the asset) overrunning limits of planned lifespan or below quality levels.

In the military, this type of activity is often classed as "mission readiness", and seeks to define which assets are available and for which type of mission; a classic example is whether aircraft on-board an aircraft carrier are equipped with bombs for ground support or missiles for defense.

A theory of configuration maintenance was worked out by Mark Burgess[4] [5] ,[6] with a practical implementation on present day computer systems in the software Cfengine able to perform real time repair as well as preventive maintenance.

Preventive maintenance

Understanding the "as is" state of an asset and its major components is an essential element in preventive maintenance as used in maintenance, repair, and overhaul and enterprise asset management systems.

Complex assets such as aircraft, ships, industrial machinery etc. depend on many different components being serviceable. This serviceability is often defined in terms of the amount of usage the component has had since it was new, since fitted, since repaired, the amount of use it has had over its life and several other limiting factors. Understanding how near the end of their life each of these components is has been a major undertaking involving labor intensive record keeping until recent developments in software.

Predictive maintenance

Many types of component use electronic sensors to capture data which provides live condition monitoring. This data is analyzed on board or at a remote location by computer to evaluate its current serviceability and increasingly its likely future state using algorithms which predict potential future failures based on previous examples of failure through field experience and modeling. This is the basis for "predictive maintenance".

Availability of accurate and timely data is essential in order for CM to provide operational value and a lack of this can often be a limiting factor. Capturing and disseminating the operating data to the various support organizations is becoming an industry in itself.

The consumers of this data have grown more numerous and complex with the growth of programs offered by original equipment manufacturers (OEMs). These are designed to offer operators guaranteed availability and make the picture more complex with the operator managing the asset but the OEM taking on the liability to ensure its serviceability. In such a situation, individual components within an asset may communicate directly to an analysis center provided by the OEM or an independent analyst.

Standards

  • ANSI/EIA-649-1998 National Consensus Standard for Configuration Management
  • EIA-649-A 2004 National Consensus Standard for Configuration Management
  • ISO 10007:2003 Quality management systems - Guidelines for configuration management
  • Federal Standard 1037C
  • GEIA Standard 836-2002 Configuration Management Data Exchange and Interoperability
  • IEEE Std. 828-1998 IEEE Standard for Software Configuration Management Plans
  • MIL-STD-973 Configuration Management (cancelled on September 20, 2000)
  • STANAG 4159 NATO Materiel Configuration Management Policy and Procedures for Multinational Joint Projects
  • STANAG 4427 Introduction of Allied Configuration Management Publications (ACMPs)
  • CMMI CMMI for Development, Version 1.2 CONFIGURATION MANAGEMENT
  • CMII - The Path to Integrated Process Excellence

Guidelines

Construction Industry

More recently configuration management has been applied to large construction projects which can often be very complex and have a huge amount of details and changes that need to be documented. Construction agencies such as the Federal Highway Administration have used configuration management for their infrastructure projects.[7] There have been several construction based configuration management software developed[citation needed] that aim to document change orders and RFIs in order to ensure a project stays on schedule and on budget. These programs can also store information to aid in the maintenance and modification of the infrastructure when it is completed. One such application, ccsNet, was tested in a case study funded by the Federal Transportation Administration (FTA) in which the efficacy of configuration management was measured through comparing the approximately 80% complete construction of the Los Angeles County Metropolitan Transit Agency (LACMTA) 1st and 2nd segments of the Red Line, a $5.3 billion rail construction project.[8] This study yielded results indicating a benefit to using configuration management on projects of this nature.[9][10]

See also

References

  1. ^ MIL-HDBK-61A CONFIGURATION MANAGEMENT GUIDANCE 7 February 2001
  2. ^ National Information Systems Security Glossary
  3. ^ ANSI/EIA-649-1998 National Consensus Standard for Configuration Management
  4. ^ M. Burgess, Cfengine: a site configuration engine, USENIX Computing systems, Vol8, No. 3 1995 pdf
  5. ^ M. Burgess, On the theory of system administration, Science of Computer Programming 49, 2003. p1-46 pdf
  6. ^ M. Burgess, Configurable immunity for evolving human-computer systems, Science of Computer Programming 51 2004, p197-213 pdf
  7. ^ [1] Configuration Management for Transportation Management Systems Handbook
  8. ^ [2] Configuration Management Case Study PACO Technologies, Inc.
  9. ^ [3] Federal Transportation Administration (FTA) National Lessons Learned Program
  10. ^ [4] Configuration Management and the Federal Transportation Administration (FTA) National Lessons Learned Program

Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Configuration Management — Konfigurationsmanagement (KM) ist eine Managementdisziplin, die organisatorische und verhaltensmäßige Regeln auf den Produktlebenslauf einer Konfigurationseinheit von seiner Entwicklung über Herstellung und Betreuung anwendet.“[1].… …   Deutsch Wikipedia

  • configuration management — A discipline applying technical and administrative direction and surveillance to: (1) identify and document the functional and physical characteristics of a configuration item; (2) control changes to those characteristics; and (3) record and… …   Military dictionary

  • configuration management —    A term covering a wide range of network administration tasks, often performed by the network administrator, including:    • Maintaining a hardware database containing details of routers, bridges, and connections so that changes in the network… …   Dictionary of networking

  • Configuration Management (ITSM) — Configuration Management (CM) is an Information Technology Infrastructure Library (ITIL) version 2 and an IT Service Management (ITSM) process that tracks all of the individual Configuration Items (CI) in an IT system which may be as simple as a… …   Wikipedia

  • Configuration Management Database — (CMDB) bezeichnet einen Begriff aus der Informatik. Nach der IT Infrastructure Library [ITIL] handelt es sich bei der CMDB um eine Datenbank, welche dem Zugriff und der Verwaltung von Configuration Items dient. Als Configuration Item (CI) werden… …   Deutsch Wikipedia

  • Configuration management database — A configuration management database (CMDB) is a repository of information related to all the components of an information system. It contains the details of the configuration items (CI) in the IT infrastructure. Although repositories similar to… …   Wikipedia

  • Configuration Management DataBase — La CMDB, pour Configuration Management DataBase, ou base de données de gestion de configuration, est une base de données unifiant les composants d un système informatique. Elle permet de comprendre l organisation entre ceux ci et de modifier leur …   Wikipédia en Français

  • Baseline (configuration management) — Configuration management is the process of managing change in hardware, software, firmware, documentation, measurements, etc. As change requires an initial state and next state, the marking of significant states within a series of several changes …   Wikipedia

  • Comparison of open source configuration management software — This is a comparison of free (libre) and open source configuration management software. Contents 1 Basic properties 2 Platform support 3 Short descriptions 4 Refere …   Wikipedia

  • Software configuration management — In software engineering, software configuration management (SCM) is the task of tracking and controlling changes in the software. Configuration management practices include revision control and the establishment of baselines.SCM concerns itself… …   Wikipedia