By Brendan, Amaris Consultant

Since the appearance of the first credit card, the payment has been democratized to become today one of the most used methods in the world. A major challenge in using a credit card is the security of data it entails. Major brands, which want to protect their image and reassure their customers, are increasingly sensitive to data protection. Brendan tells us about his project compliance according to the existing standard.

 

• In a few words, can you describe your project?

I am working for one of the world leading Nutrition Company’s subsidiary, which has shops all over the world.  The project, managed out of the IT Security Department, is responsible for the achievement of compliance with the Payment Card Industry Data Security Standard (PCI DSS).

PCI DSS is a set of criteria introduced by Visa and MasterCard. The aim is to reduce payment card fraud by improving data security at merchants and their suppliers, who have access to, process, transmit or store card holder information. PCI is not a general legal requirement, but a contractual obligation between the merchant, who accepts the payment, and the acquiring bank, which carries it out.

The card scheme began to impose fines for non-compliance on acquiring banks, which, in turn, fine the merchants. PCI standards are applied worldwide, but are currently more actively pursued in the UK and the US.

PCI DSS is basically a set of around 200 requirements covering a range of areas such as policy, networks, development, logging, intrusion detection, scanning, staff checking, security awareness, user access, patching, anti-virus, physical security, call recording, paper documents and service providers. It is based on the principle of multiple layers of security. It uses industry best practices in many areas and does not really introduce requirements beyond this.

The validation of PCI compliance is on an annual basis; the larger merchants (over 6m of transactions per year) need to be audited by a certified PCI auditor, smaller merchants can complete a self-certification.

The project has three main areas of activity:

     - Reduction of scope by network segregation through the use of firewalls and approved rules sets, and by changing business processes, including the elimination of unnecessary use of card data, and the reconfigured or new payment equipment in shops

     - Compliance of the in-scope infrastructure and systems , including policies, standards and up to date patching

     - Installation and configuration of new intrusion detection, file integrity monitoring, scanning, penetration testing and logging systems.

It is more a program than a project; it involves managing initiatives across all technical support areas, as well as the business areas, and in multiple markets.

We are concentrating on 3 markets initially, which are being audited by a Qualified Security Assessor, a PCI specialist auditor.

     - Switzerland, which houses the central service operations

     - UK, where the banks are most active on requiring PCI,

     - And France, the single largest market.

The project has been running for some time ago and Amaris joined at the beginning of 2011 that will manage it until 2012.

• What are the context and the objectives?

Recently, there have been many stories in the press of data breaches at merchants and payment processors involving millions of credit cards, resulting in losses in millions $ for banks and merchants. The best known of the data breaches are T K Maxx in 2009, and Sony in 2011, which alone involved over 100m payment cards.

The objective is to achieve compliance with PCI DSS globally. But, in this situation, the obligation is between each market (usually a country) and the local Acquiring Bank. This latest provides the merchant account, which allows the card payment. Our client is not one global entity in terms of PCI profile. This means that there is not one compliance validation exercise involved. The priority is given to higher profiles and larger markets.  The business in multi-channel, with eCommerce, Call Centres and Boutiques, each handling payment cards through different systems. The eCommerce system and the main system for the Call Centers are centrally supported in Switzerland, and these central systems must be PCI compliant in order to make the individual markets achieving their compliance.

• What are your role and the Amaris contribution in that project?

I am PCI Project Manager and responsible for bringing together all the various activities, across many teams and many markets; that includes dealing with the outsourced call centers and IT support providers. This is my third PCI project; I have previously worked for one of the largest retailers in the UK and then a global web-based gambling company. My previous experience, in identifying issues and possible solutions, was a great value for this project... The technical aspects of the project are treated by the experienced IT security staff.

• What do you get of that experience?

The interesting thing for me is the multi-channel global scale of our client with local markets which manages many aspects of the business. I also had the opportunity to visit Paris, New York, and, many parts of the UK, to assess the status of the PCI compliance in the local market. 

By Simone, Amaris Consultant

Medical field require a lot in terms of safety standards. Complex and precise processes have to be enforced in order to test and verify hardware and software. Simone is defining which automatic protocols need to be implemented.

 

• In a few words, can you describe the project?

I am working in an international company which leads projects in many areas, from medical to military field. Specifically, I am working in the software verification and validation team, in the medical department.

Medical devices are safety critical equipment. The industries have to develop a supply chain with a particular regard to security. In this setting, it is necessary to automate the process to test the entire device’s production. The ATE (Automatic Test Equipment) was born to satisfy this requirement. The assembly process starts when all components are available: for each stage of this process, there is an ATE station to verify and to validate the manufacturing production.

My job is to create protocols to verify and validate automatic test equipment. First, I have to study hardware and software documents about the equipment and then, I have to create protocols to demonstrate that customers’ requirements have been satisfied.

• What are your role and the Amaris contribution in that project?

The knowledge gained from the military field has been useful to find critical points in the project. I have contributed to create a dossier satisfying the required standard. I have written protocols of verification and validation: I highlighted problems that I have subsequently helped to solve.

• What do you get of that experience?

I learned new methods for testing hardware automatically. I worked in an environment where the level of product’s safety should be high. We have to respect not only the required standards, but also higher expectations because the designed tools are used in the biomedical field.

By Alexandre, Amaris Consultant

• In a few words, can you describe your project?

I am currently leading a project within one of the French leaders of the mobile industry, specifically, in the “Mobile Application Program” department.

As a technical project manager, I’m in charge of several software solutions, both for the application and the back-end parts. The application refers to the mobile app as you can see on your screen. The back-end corresponds to all services that application uses to work and user can’t see. For example, it can be the server that stocks data or the system that sends information related to the customer’s consumption. So far, I have been in charge of two projects?

* The first one was about the setting-up of a DRM system (Digital Right Management), which allows, among others, to secure applications against hacking,

* The second one consisted in the creation of a new version of the applications’ downloading platform.

What’s the project manager’s role? Reconcile: marketing expectations, deadline and cost limits in order to bring a technical and coherent answer to the need.

• What are the context and the objectives?

Till some time ago, there were 3 major operators fighting for the mobile telephony and Internet market. Nowadays, they are 4. The last one came on the market with a tariff package more than attractive, putting competitors in a bad position.

In order to face this aggressive offer, our client has to put in lights its competitive advantages by deploying its services’ portfolio, whose applications are part of it. For example, there’s an application to follow football games, another offers discounts for cinema tickets or, with another one you can also check your phone consumption.  

My work issues are dual: brand image and turnover of the company.

• What are your role and the Amaris contribution in that project?

Amaris offers a competence to our client; through this, I had the opportunity to work on tasks in which the implemented technologies still had a lack of maturity. All technological and managerial knowledge, developed over these years, allow me to move forward projects and to provide solutions to the problems.

Let me give you an example. When an error is detected, preventing the smooth running of the application, the system automatically generates a temporary license. This license is sent to all users, allowing them the use of it despite the dysfunction. However, the system is unable to detect if the user has an official, a testing or a pirated version. Therefore, it is important to fix the error as soon as possible; otherwise, everyone would end up in possession of the application representing a loss for the company.

Thus, I had to solve one of these internal errors during the test of one of our editors’ solution: it was due to the VPN (secure connection between two machines) that prevented the sending of the application.

• What do you get of that experience?

I improved my technological knowledge by discovering all the specific technics of our client (their SI, services or platforms’ running) and my general knowledge (communication between two servers, http protocol, secured payment…).  I also discovered a new environment, new constraints and a new way to monitor a project.  In the automotive field for example, where I used to work, projects are much longer and are highly segmented. My team and I were only assigned to the preliminary study and to the innovation’s specification. Now I manage innovating projects from the beginning to the end, from the needs presentation to the implementation on the market.

This mission is truly rewarding, in every way.

By Amelie, Amaris Consultant

The environmental awareness and the reduction of household waste quantity are some issues that affect more and more our daily life. In this regard, “Grenelle Environment” decided to establish an incentive pricing based on the principle “polluter pays”. Amelie is currently leading a project in line with this ecological approach, for a leader in the waste management. Find out how the RIVP project comes to support the incentive tax’s implementation.

N.B.: the “Grenelle Environement” gathers the French State, local authorities, NGOs (Non-Governmental Organization), employers and employees, divided into work’s groups and whose mission is to discuss about ecological issues and define a plan in favour of Ecology.

• In a few words, could you explain what the RIVP project is?

The RIVP project consists in supplying to local authorities, an invoicing service for the incentive tax. Particulary, the company offers a whole package: equipment (RFID reader systems on collecting vehicles and RFID chip on wastes containers), software (installation, configuration, trainings, setting-up and follow-ups) and methodological assistance.

• What are the context and issues of that project?

In the waste issue, “Grenelle Environment” set objectives to reduce the production of household wastes and increase the recycling rate. So that, the incentive tax has been created to bring people change their habits.

The principle is simple: the more a home produce waste, the more they pay for this. The recycling or fermentable (waste only composed with organic biodegradable material) wastes aren’t billed. So everyone can reduce his bill by recycling correctly.

From now on, when a vehicle collects a household wastes’ container, some elements have to be recorded: the container number, the date and the time, and sometimes, the weight in the container.

The RFID technology allows recording in real time, easily and automatically, the information while the container is emptied,. Without this technology, it would have been difficult to set-up the incentive tax without a considerably increase of the collecting cost.

• What are your role and the Amaris contribution in that project?

I’m in charge of deploying the RIVP solution for local authorities in the following areas: Rhin & Rhône.  I’m currently doing the follow-ups of 7 local authorities.

My added values are my methods of work in the phases of needs analysis as well as in the phases of deployment (trainings, projects follow-ups’, customers relationship).

• What do you like in this project?

First of all, I like the ecological dimension: the incentive tax is an efficient way to sensitize people on reducing the quantity of household waste and on sorting trash.

On the other hand, I like the fact I build something. When I arrived at the beginning of 2010, the company just finished the project deployment on the first site; nothing was industrialised. They still were discovering the field’s issues about how billing the household wastes. So I had to learn “on the spot” and capitalized on my knowledge to not do again the same mistakes. Now, we are industrialising the deployment process.

• Do you think the incentive tax system could be extending to others areas?

This system is already extended. The principle is to pay regarding the consumption you have of the service. In this case, it’s about the household waste collect and treatment. But the principle is exactly the same for the energy (electricity, gas) and the water use for example. 

By Rakel, Amaris Consultant

International roaming is an offered service that allows you to use your mobile overseas. This is available as a result of international agreements between mobile carriers. Rakel will explain her project for a leader of the French telecommunication market which consists in assuming the Roaming issues.

 

• In few words, can you describe the project?

This project consists in assuming the Roaming Support on issues reported by the Roaming partners and issues detected through the tests requested by Roaming Partners.

This support can be related to GSM, GPRS, CAMEL and 3G technologies; it could be realized through testing, verification request & implementation and also through an investigation of all the elements in the Architecture that could create the corresponding issue.

• What are the context and the objectives?

Issues can come by two ways:

* The first one is the Roaming Support Inbox which email address is published in the company’s IR21 (network). Our Roaming partners can report here the different issues that their subscribers can face when they use our roaming service on our network, or vice-versa.

* The second consists on issues detected by the Pole Roaming Department, which is in charge, among other tasks, of performing the QoS tests (Quality of Service) requested by our Roaming Partners. If an issue is detected in those circumstances, it is reported to the Roaming Support.

The objectives of this project are:

* Maintain the number of ongoing tickets below 20,

* Make than 90% of ongoing tickets don’t exceed more than 10 days;

* Make than issues reported by email don’t remain untreated for a maximum of 2 days and can’t be 5 at the same time

• What is your role and Amaris contribution in that project?

I am currently the only person in this project. Therefore, all the tasks detailed above are done by myself.

I have to do a reporting every month and every semester about:

* The number of tickets created, closed and ongoing, the reasons of failure, the technologies involved, etc…

* As well as reports on how to improve the performance of the Roaming Department through some new processes or new organization or any other thing that could be helpful.

• What do you get of that experience?

During this experience, I have acquired a bigger knowledge on Roaming concepts and some specific knowledge on the company’s network.

On another hand, as the project takes part in an international environment, I have developed skills on dealing with different kind of people, not only from the Roaming Partner side, but also among my colleagues.

The most remarkable for me is that the project takes part in France which I’m not native and which I don’t speak the language when I arrived. This was one of the points the client liked the most because he assumed all my colleagues should have to speak with me in English. Thanks to that, most of my colleagues improved their English level and I improved a lot my French. 

By Luca, Amaris Consultant

Near Field Communication enables wireless connections between two objects close to each other. These technologies are well spread in smartphone devices, especially to allow mobile payments. If this technology is well-known in the phone sector, its application in other domains is growing fast. Luca is explaining how they can be used in the automotive industry.

 

• Can you explain in few words your project?

I am working in the R&D engineering department, especially in the vehicle control systems unit, of a system provider for automotive industry. The project concerns automotive application of Near Field Communication (NFC) such as: car access system to lock and unlock doors, immobilizer system to enable engine cranking or data exchange with the vehicle (like diagnostic data or settings).

• What are the objectives of your mission?

The first goal is to build a demonstration car for the customers. Indeed, we need to show them the advantages and the drawbacks of the NFC technology used for the car accessing and the communication with regards to the CAN (Controller Area Network). The second is to prepare the RFQ (Request for Quotation) documentation for the first NFC fleet car sharing access: NFC card is used to allow you entering the booked car-sharing vehicle, instead of standard car keys; you just need to tap the reader located on the vehicle windscreen with your enabled NFC card. NFC card contains a secret code used to authenticate the user and to keep the car access as safe as per today state of the art.

• What are your role and the Amaris contribution in that project?

I am working as a Project Leader in the R&D engineering department following the two projects described above.  My main tasks are:

- Insure the performance of the different activities for each project: negotiation, planning, monitoring, controlling, reporting, escalation while respecting the project constraints (budget, effort, milestones, and human resources),

- Being leader of an international project team on the different assigned projects,

- Manage the work of the R&D team inside the international project team,

- Being responsible of our client’s customer interface while respecting the technical aspects of the projects or the products,

- Insure the customers’ technical support and the negotiation of the products requirements,

- Develop the application of the project management and the engineering processes while respecting the internal and international standards (PMI; GDPIM, ISO 15504, Automotive SPICE, CMMI SW-SE, ISO 12207, ISO 16949, TQM, ISO9000f),

- Manage the change requests, incidents and bugs of the products during the development and the production phase,

- Manage different services (planning, order and acceptance) for all the projects in the prototype shop, the test center and the external supplier/services.

• What do you get of that experience?

I’m glad to improve my electronic skills and the projects management in automotive field in an international environment.

By Stephane, Amaris Consultant

At the time when new technologies are playing an increasingly important role in our daily work, impossible for a state-owned organization to waste time in different steps of its process. Stéphane, Amaris consultant, will explain his project which aim is create and develop a Java/ Swing application to improve tax management.

 

• In a few words, can you describe your project?

I’m currently working as Business Analyst in a state-owned company (IT department of the Tax administration). I’m in charge of a project which objective is to manage the succession regarding a fiscal aspect (from the notification shipment to the death tax collecting).

• What are the context and the issues?

Since a decade, the Tax administration works on a complete overhaul of tax system. This project is one of the last impost to deal with in this program. 

• What are your role and the contribution of Amaris in that project?

As Business Analyst, my task consists of capturing the needs of the final user (for example, inheritance tax controller or collector), understanding and describing their jobs (via MEGA tools) and then integrating their restriction in the fiscal problematic.

Consequently, we organize different meetings with all services influenced by this project. The objectives of meetings are to propose some specific and practical solutions as screen model or simulation of different using cases (with Rational Rose tool).

• What do you get of that experience?

Since few months, I’m discovering the taxation business, including the specificities of different levels (federal, regional and cantonal), numerous law texts that projects must respect and different kind of taxes – from the most classics such as the withholding tax or the real state to the most surprising as the dog taxes – which makes this task interesting and exciting.

By Sebastien, Amaris Consultant

• In a few words, could you describe your project?

Within a group of metal industry, the project consists of a functional analysis and the establishment of a development plan for the Laboratory Information Management System (LIMS).

• What are the context and the issues?

The charge of the laboratory is growing rapidly and it’s becoming increasingly urgent to standardize the processes in preparation for an ISO certification. The implementation of an information system adapted to the requirements of a R&D laboratory is, in this context, a strategic and difficult exercise to change practices and quality standards application.

• What are your role and the contribution of Amaris?

My role in this project is to analyze the existing processes, identify functional requirements expected, but also to measure the gap between the existing and the future to propose a plan for developing and deploying which is adapted to an organization which is constantly changing.

Very few technologies are implemented at this stage, except the use of modeling software based primarily on a language like UML in order to map the processes to be integrated into the information system. There are rather interviews, conducted meetings, analysis of data exchange, data themselves and their treatment that is done.

• What do you get of that experience?

Started 3 months ago, this project represents a challenge that allows me to develop my skills as an analyst and organizer, in addition to my taste for change management.

By Jean-Pierre, Amaris Consultant

• In a few words, can you explain your project?

Within a state-owned structure (IT Department of the Tax Administration) I deal with the maintenance of an application referencing the taxpayers of the state (individuals and legal entities).

The application provides, to all the administration’s employees, the way of identifying a person and access to their information (marital status, address, professional situation…).

• What are the context and the issues?

This application is central in information system of tax authorities. The main challenge is to avoid any incident as they are in sight of the Medias but also to all taxpayers.

• What are your role and the contribution of Amaris?

I’m responsible of the design and of the implementation of the application developments (Techno: JAVA, SWING).

I have settled up a continuous integration system in order to provide some metrics on code quality and maintain it throughout the evolution (Hudson, Sonar, Ant, JUnit, CodePro). In others words, whenever the software code is modified, a tool is responsible for taking into account these changes and run tests automatically (for example, in order to verify changes that don’t break others features). If there are some faults in the tests, an email will be sent to the project team who will then make the necessary changes. 

Then, the quality of the code will be measured to ensure the added code is in accordance with certain rules and practices (always in order to not degrade the code); this is called continuous integration.

I also did some audits on the Swing Framework code of the IT department, so I was able to identify several major bugs that impacted all Swing applications of the department (JProfiler).

Finally, I participated in the migration of various other projects related to maintenance of this application to a newer version of Java and to the JBOSS application server.

• What do you get of that experience?

I discovered the business of administration and taxation in a state structure; On the other hand, the proximity of staff with high expertise brought me a lot.

By Achraf, Amaris Consultant

It is well known that it is not easy to set up a new software tool in a company, especially if this company is subject to restrictive regulations. It is the case of the pharmaceutical sector…Achraf, Amaris consultant, explains more about his project of compliance.

 

• In a few words, can you describe your project?

I am currently working in the IT Risk and Compliance department of a global leading company in the pharmaceutical sector, on the validation of the computer systems. The project is to ensure the interface between future users and suppliers when a new IT solution is implemented, making sure that all needs are satisfied while restrictive regulations of pharmaceutical sector are respected.

• What are the context and the objectives?

The IT Risk and Compliance department has to make sure technical and regulatory integrity of different computing solutions, set up and used in the company. Pharmaceutical sector is very controlled: each entity must prove that its computing solution complies with the AFSSAPS’ requirements (Agence Française de Sécurité Sanitaire des Produits de Santé) and/ or of the FDA’s (Food And Drug Administration, USA), as the GMIP (Good medicines industry practices), the GLP (Good laboratory practices) and the GxP regulations (Good Practices quality guidelines and regulations – directives and regulations concerning the quality).

• What are your role and the Amaris contribution in that project?

Amaris is positioning as technical and regulatory support in the IT Risk and Compliance Department. My dual competence in Life Sciences and Computer Sciences help me to become the intermediary between users (of pharmaceutical sector) and IT solutions suppliers’.
I deal with deployment projects of computer infrastructures from the users’ demand to the production. Such monitoring involves several steps:
- First, the identification of needs: users express a need (their request will be modeled into an IT solution to facilitate their daily work) and a requirement is written,
- Once the need is identified and the requirement written, the solution is developed and officially settled up by using the client’s internal tools. This setting up is followed by the publication of a “Project Charter” defining the scope of the project,
- Then, several documents will be edited, as the Compliance Determination and the Validation Plan. Those documents allows to place the project into the regulation context and to define the validation strategy,
- Finally, after having settled up and deployed the “Need” solution into a validation environment, the last step - validation - can start. The validation has to make sure that the IT solution fits the need and also allows providing written, illustrated and detailed evidences of the solution. Those evidences will be kept in the validation field and will be used as a support during an Audit. 
Once the validation was performed, the IT solution can be “put in production” and being extended to the whole users.

• What do you get of that experience?

Working in a pharmaceutical group, regulated by strict norms, allows me to be more thorough. The margin of error is close to zero, persons life’s can depend on ; the technical level has to be in constant improvement in order to challenge technical interlocutors, asking right questions and identify possible flaws in the system. 

By Romain, Amaris Consultant

At the end of 2010, the "Basel 3" agreement released new prudential standards that are gradually forcing European banks to raise up their capital levels between 2013 and 2019. Now, these new requirements have changed the strategy of banks in managing their liquidity and cost of capital.

 

Read more

By Carlos, Amaris Consultant

The European Union joins 2.0 technologies by taking part in the financing of the AVANZA plan. AFICUS, a part of this plan, is a picture and video sharing online platform where people will be able to easily generate and share contents while interacting with social networks.

 

• In a few words, can you tell me what AFICUS is?

AFICUS is a R&D project associated to the plan named AVANZA 2 and promoted by the Spanish Industrial Ministry. The objective is to develop a prototype, which consists of a UGC Platform (User Generated Content). This Platform will have mobile applications with which the user will be able to create, modify and delete contents.

The system is based on a SOA (Service-Oriented Architecture) and uses web services like REST (Representational State Transfer) for the communication between the different systems composing the platform.

• Why Europe is financing this project?

The Spanish government wants to promote ICT (Information and Communications Technology) in the society throughout the following plans: AVANZA and AVANZA 2; The European Union is taking part in the financing of that plans. Parts of the budget devoted to AVANZA 2 can be used in industrial researching projects focusing on innovation and technology. AFICUS is a leading project of AVANZA 2.

• What are the objectives of the project?

The main objective is to stimulate the user participation as content producer, and not only as a consumer. For this purpose, the platform offers a set of functionalities to generate contents like the automatic creation of tags in connection with an image, content’s geo-localization, etc.

In addition, the platform suggests to the user some targeting contents regarding his profile and his social networks. The Platform also offers new visualization means of contents throughout social networks, IPTV, etc.

• Who participate in that project?

Telefónica I+D is the project coordinator, whereas the Universities “Rey Juan Carlos” and “Carlos III” are in charge of developing certain tools offered by the platform (respectively, the recommendation system and the tagging system), as well as the project promotion in national and international meetings.

The other project partners are Comolab - in charge of the P2P/CDN audiovisual contents - , and Solaiemes, providing the video calls feature. And finally, Amaris has been selected due to the quality of its work as well as its work experience on new technologies.

• What is exactly your role, your contribution in that project?

The Amaris main task consists in the administration of the application which manages the interconnection of the different systems composing the platform. For this purpose, we use an ESB (Enterprise Service Bus) which exploits the different platform values and generates a set of workflow when a component is used. Those workflows treat, modify and redirect the messages which come from the Platform.

This task is essential to guarantee the right behavior of the Platform, so that my role within the project is very important. I am in permanent contact with all the project partners. Besides, I collaborate with Telefónica on the analysis and the design of the Platform improvements, and on the Development Plan of the project.

• What’s your opinion regarding the Internet of the future?

Each day, Internet is getting closer to us in many situations of daily life: using our cell phone, driving our car, watching TV, etc. And during the next years, this trend is going to increase.

We have to update the way we use Internet, because it is going to become an essential tool in our life.

• What do you get of that experience? What Amaris can get of that project?

As a Software Engineer specialized in R&D, working within the AFICUS project provides me the possibility of improving my skills of researcher, analyst and developer. I’m involved in the main decisions of that project, so I need to have a global vision of it, and that’s why a daily contact with the partners is essential.

Furthermore, in collaboration with Telefónica and the universities, I had the opportunity of publishing a paper, which is going to be presented in many national and international meetings.

Thanks to this project, we have created a Research and Development Department in Amaris Spain, which is currently working on other national and international projects.

By Etienne, Amaris Consultant

The TPS (Toyota Production System) has revolutionized the automotive industry. Its organization of the supply chain "just-in-time" has become a model for worldwide industries.

The principle is to "pull" the finished product from the beginning to the end of the production chain. Spare parts are brought at the right place, at the right time and in sufficient amounts, without waste. Based on this model, industries are nowadays developing their own production system by recasting their logistic...

 

Can you explain what the CORAIL project is?

The CORAIL project is a strategic program with international scope. It involves the transformation of the business of upstream logistics and the related information systems.The redesign of logistic must:

- replace the currents small applications with a single integrated application, endowed with a central, unique and progressive repository; that is to say, capable of managing the gradual integration of data from legacy systems and the scalability of a plant.

- streamline processes to reduce inventories. Indeed, before CORAIL, there were several security stocks to manage different risks (related to transport, strikes, etc.). These stocks may be removed by smoothing of calculating supply’s methods and by the mixing of various supplies between several suppliers (local and remote).

The project also involves an international organization with two near-shore services centers and one offshore development platform in China.

- The first near-shore services center is a new development platform, dedicated to the technical architecture team,

- The 2nd center is also a new platform, in charge of the analysis of the 1.5 project version,

- Finally, the offshore services center is the development platform of New Touch in Shanghai. It is responsible of supporting the developments which is not requiring important functional skills (the most complex developments are made ​​locally). Though this platform is older than the two others, it represents nonetheless a real challenge because of the importance of its involvement, the scope of the project, but also because the teams on site are working on new developments.

• When did this project start and for how long?

The CORAIL project is the largest project for 25 years for our client. It started 3 years ago and must go on between 3 and 10 years (temporary versions are being developed every 6 months).

• What are the context and the issues?

There are 3 issues: target a global supply chain, contribute to the Lean deployment throughout the Program of Operational Excellence and finally, take the new patterns of logistics into account. Thus, the CORAIL project carries some important issues for the Group Supply Chain, including reduction of transportation costs, reduction of inventory (lead time) and associated surfaces, and improvement of the exchanges with suppliers.

• What are your role and the contribution of Amaris in the project?

Amaris is involved in the project with a team of around ten consultants specialized in the areas of technical architecture as well as various functional modules. I think Amaris is the 2nd consulting company in number of consultants. The roles vary from UML conception to J2EE developments.

The project solicits the most advanced technologies in Java and UML: UML 2, Enterprise Architect, J2EE, Spring, Struts 2, Hibernate, Maven, Eclipse, Oracle 11, Jboss, Glassfish, ActiveMQ...

Personally, I am involved as a Designer UML/Java. I get into the following phases of the first stage of the project: analysis, global and detailed design. This step, which is also called step 0 or version 1.0, is entirely dedicated to starting the new plant in Kaluga in Russia. On functional aspect, it is a version on a small scale, which is undergoing integration tests. Other versions are already underway to respond to equipment’s in a dozen factories in Europe, such as 1.5 version which is under analysis or 2.0 version which is in the phase of needs’ expression.

I also work on the detailed design of services and integration tests under the management of the offshore platform in China. In this case, it is important to establish a good organization and to do a regular follow up because many difficulties can appear in managing international teams (jet lag, distance team management, cultural differences, high turnover ...). Knowing these problems, I shared my experience with our client and thus I could participate in the follow-up meetings.

• What do you get from this experience?

First, it is a fantastic opportunity to work on a project of such scope within an international company. It is an extraordinary experience which marks undeniably a career. This allows me to grasp the most advanced technologies, and toughen on numerous issues: Technical, organizational and cultural. As we are at the beginning of the project, we’ve got the opportunity to participate in developing standards. Finally, and personally, I found an attractive domain: logistics.

By Matthieu, Amaris Consultant

In the Aeronautic, the security is a requirement that borders on obsession, and it is the least we can do. Each element must be tested to validate its correct operation and compliance with the required standards. But the validation procedures must also meet this security requirement. We asked Matthew, a consultant specialized in embedded hardware, to describe the project he is currently leading in this area.

 

• In a few words, can you describe the project?

As share of the development of a new Italian civil helicopter, the project consists in developing some electronics cards, which are responsible of the primary distribution of power; that is to say, the supply of all the items requiring power: reactors thrust, hydraulic systems, contactor (switches), calculators (FPGA-Field Programmable Gate Array), lights on the dashboard and so on. One card manages the supply power of a single element in the helicopter.

These cards are specific to each aircraft/helicopter, and they have been designed in compliance with aeronautic standards and specifications of our client.

As essential elements of the system, they must guarantee the security by ensuring that the critical elements of the helicopter are supplied at any moment. For this purpose, the essential parts and the non-essential parts of the supply are separated in commands (segregation of elements).

For example, if a short circuit appears in a non-essential part of the supply, the card which takes care of this part will first isolate the short circuit by isolating the power supply, and then it will "inform" the other cards; According to this, the other cards will have to adapt themselves to manage the supply.

• What are the context and the issues?

In the Aeronautic, the issues are above all safe In case of a component’s failure, it should be possible to guarantee that the main supplies are maintained, in order to maintain the aircraft in flight and ensure safety of people.

• What are your role and the contribution of Amaris in the project?

My role within the project is to create and validate test procedures (VTP: Verification Test Procedure) for the electronics (VTP-SAS: Sub Assembly Specification) and for the equipment part (VTP-SES: Equipment Supplier Specification). I also have to share potential problems as the technical requirements impossible to verify, the design errors, etc.

For the sake of traceability, we use specific tools such as DOORS, for the traceability and the writing of various documents relating to the project, or Gemini, for the redaction of the problems’ reports.

In summary, before being integrated into the equipment, the electronic part must be verified by following the aforementioned procedure. Once that's done, the electronic part is installed in the full equipment, which will follow a different procedure for validation. We must ensure that the equipment meets the requirements both functional and safe (standards and client).

• What do you get of that experience?

This is a very rewarding experience; I handle dozens of people who have some expertise in various fields. I had to develop my communication skills and gain some knowledge in these fields that are among others the mechanics and the electronics in order to adapt myself to the requirements of the Aeronautics field.

I also developed a culture of rigor and high standards in my work to leave no place for errors, which can have serious consequences.

By Yves, Amaris Consultant

Strategic actors in the world of IT business management, the ERP (Enterprise Resource Planning) now represents a worldwide market of more than $ 40 billion. Historic product, this software is usually sold and used as a solution hosted and maintained on site. Will this practice be challenged with the advent of SaaS (Software as a Service)?

 

The ERP were born in the 90s from the implementation of the following management solutions: MRP (Material Requirement Planning) and MRP 2 (Manufacturing Resource Planning). Now more than ever, they are considered as essential in the world of IT management.

Adopted by a large number of companies, from small businesses to multinationals, the ERP consists in software packages for managing the business processes of a company. All business functions can be covered by the ERP (finance, management, logistics, production management, HR ...), thus allowing a real-time control and the harmonization of the management procedures within the company.

Despite the products’ diversity on the market, some macro-features allow us to describe a software package in general, that can be presented as a product:

• Which have a single designer/editor,
• Modular (an ERP consists of specifics modules which interact with each other),
• Based on a single database,
• Integrated : any action or update on the product is reflected in real time (or near real) from a module to the others,
• Multilingual, multicurrency, multi account plan ...: with an ERP, it is possible to run a whole business, including all the own complexities of multinational companies (parent company, subsidiaries, production plants...) and all the own legal question of specifics countries.

The ERP market, which accounted for more than $ 40 billion of revenue in 2010 (against $ 20 billion in 2000), is constantly evolving.

From a few years, there is a certain concentration of the 'conventional' actors, including buyouts of competitors with each other (PeopleSoft acquired by Oracle for example). We also can see an emergence of open source products that begin to take their place on the market.

From one year to another, the situation remains quite similar with the first two podium positions trusted by the undisputed leaders: Oracle and SAP. Those both players hold on their own over 60% of the ERP market.

The implementation of an ERP represents a real challenge for a company. It takes between a year and a half and two years to carry out this type of project.

During this phase, the company will have to choose a product which suits its needs, but also surround itself with a competent integrator and adopt a policy of consistent implementation (adapt the product to its needs or whether adapt itself to the product). Thus, in order to teach its users how to use the final product, that could be very complex.

Cloud computing and SaaS (Software as a service) are some concepts in vogue in the software world for several years.

The main characteristic of the SaaS is the online accessibility to the product features through a Web browser. Under these conditions, the company no longer pays the right to use the applications (license) but pays according to the utilization it has (consumption). Generally shared, these applications are hosted and maintained outside the premises of the company, at a provider and its partners.

Today, the market of software in hosted mode is mature, and become a model which can be applied to the world of software. For a long time, the ERP was considered as difficult to outsource but they begin to benefit of this trend; from now on, each editor must include SaaS services in their offers. These services are varied and may correspond faithfully to the historical product of the editor (Cegid for example), or have been totally redesigned (Business ByDesign of SAP).

In case of establishment of a scratch entity which not requires complex data from other systems, it is now possible to carry out projects of ERP implementation in record time (a few months), thus allows benefiting of pre-configured modules almost ready. There are many advantages: costs control, deadlines met, no complex infrastructure to set up, business continuity, 24/24 support, updates supported by the editor… So the company can stay focused on his heart business without having to manage oversized IT teams.

Besides the traditional "on-premise” solutions, the rental hosted form of ERP provides an appropriate response for companies whose needs are speed and flexibility, both technically and financially. However, if these solutions can be perfectly suited to specific areas (CRM, collaborative ...), we quickly run up against some resistance from certain companies when it concerns the hosting of data and functionalities more strategic (production, finance).

In addition and paradoxically, this hosted mode can be too simple, and arise at the user company, a feeling of loss of flexibility or loss of its processes control. Indeed, the product is no longer in the company’s hands, and the latter can no longer fit it with its needs (that being often more than necessary for an important entity).

Finally, this type of solution which can be ideal and very attractive financially for a small/medium business, can also become much more expensive than expected; indeed, the annual cost may raises sharply if the activity of the company increases (and therefore its use of the service). The change of the utilization’s mode (or reversibility of the SaaS mode to come back to a traditional mode), may be envisaged, thus representing a significant investment.

The SaaS, which now represents only 7% of the ERP market (according to Gartner), should not be able to completely revolutionize the practices in the years to come; at least regarding the large groups for which the implementation of a software package is extremely expensive and strategic.A more modular approach (or by function), which allows providing targeted services in addition of the ERP (electronic invoicing, dashboards ...) seems to come into being, and may be the preferred way of many actors.