project introduction · process ‘alage’ & ... customs & excise suppliers’ engagement...
TRANSCRIPT
Spirit Management Platform - SMPProject Introduction
2
PERNOD RICARD GROUP
5
Spirit/1 APPLICATION
Spirit/1 - Context
500+ Userslocated in 25+ Sites
Martell – UVPC (since 1992)Chivas Brother Ltd (since 1996)
Irish Distillers (since 2007)Yerevan Brandy Co (since 2010)
SPA (since 2016)
25 Years of development
4 000+ programs
Martell, Augier, Ararat, Montesquiou, Chivas, Glenlivet, Ballantines, Beefeater, Jameson,
Midleton, …
250 000+ transactions/Year1.2 Billion lt of alcohol
1 000+ warehouses150 000+ Batches of spirit
8 Million casks4,4 Billion € of Spirit stock
A team of 3 people for conception,
development, evolution, maintenance and support
8 Million casks4,7 Billion € of Spirit stock
SPIRIT & Wood Stock
Management
Wine, Spirit & Wood
Purchasing
DISTILLATION Formulas & BlendingProcess
‘Calage’ &
Bottling
Traceability
Customs & Excise
Suppliers’ engagement
(XRM)
Spirit/1 - Business Capability MapFrom PURCHASING TO BLENDING TO BOTTLING
CasksManagement
Finance (COGs tracking)
External Partnership
SPIRIT/1 REPOSITORY& Database
Reporting & DashboardsOracle OBI
SPIRIT/1 - ADMINContrats & PurchaseStock mangt – C&EsDistillationMaturation Formulas & Blending
MartellIrish DistillersChivas BLYerevan Brandy
SPIRIT/1 - XRMSuppliers visitPersonal informationCommunication Incentive
MMPJ
SPIRIT/1 - SCADAFilling,dumping & Blending areas SCADA systems mangt
Martell (iFix)
SPIRIT/1 - PDAsWarehouse mangtPhysical movementsPhysical inventory
Martell ChivasYBC
SPIRIT/1 – Expert SystemAutomatic Batch Selection for BlendingDeveloped in Operational research technology
Chivas
Since 1992
Since 1994
Since 2011
Since 2014
Since 1997
9
SMP PLATFORM AND PROJECT INITIATIVES
FY17/FY18 – Birth Of The SMP Project
11
Minimize the risk related to people and technologies
➢ Transfer current knowledge dependent on very few people to a more securedenvironment respecting the segregation of duties (by restructuring the team).
➢ Close the gap with technological debt (by modernizing the application and simplifyingthe architecture)
➢ Develop a modular platform ready for future implementations (by opening the platform to external partners and being able to develop new modules and functionalities)
And create a platform of differentiation which …
➢ Increase productivity with a better integration with other industrials systems (e.g. ICS, SCADA, C&Es systems…)
➢ Increase efficiency, traceability and minimize business risk (e.g. cask tracking …)
➢ Harmonize approach and tools on decision tools (e.g. Long term inventory modellingsystem)
SMP- Our Ambition
SMP: Platform perimeter
New ModulesCurrent Modules
Spirit/1 – ERP – Client-server✓ Purchasing✓ Stock management✓ Formulas & blending✓ Distillation✓ QSE, traceability, Bottling
Spirit/1 – ERP – Web & services✓ Purchasing✓ Stock management✓ Formulas & blending✓ Distillation✓ QSE, traceability, Bottling
Inventory Modelling System✓ IMS (CBL)✓ Essbase (Martell)
Inventory Modelling systemAngels’ shares, …✓ Machine learning / AI (All)
SCADA – ifix (Martell) SCADA – ifix (Martell)
Vatting Instructions (Operational research - Chivas)
Vatting Instructions + New optimization models
HAND HELD TERMINALS (Martell)
HAND HELD TERMINALS(Martell)
TRANSACTIONAL
INDUSTRIAL
MOBILITY
REPORTING/
DASHBOARD
OPERATIONAL
OPTIMIZATION
PREDICTIVE
MODELS
STATIC REPORTS & DOCUMENTS EMBEEDED DAHSBOARDS (Power BI)DOCUMENTS (SSRS)
SMP : Risk Analysis
High
Level of Impact
Low
Low Level of Probability High
1
2
Risk # Risk description Mitigation plan
#1 Capability to phase modules implemention. Build coexistance between old and new application through a single database (SqlServer or Oracle : still to be defined)#2 Capability to phase implementation by affililiates.
#3 Poor level of business requirements (due to lackof application knowledge and users’ involvment)
Strong Involvment of local IT (BRMs) and operationsteams is required
#4 Difficulties in processes / systems harmonizationbetween affiliates.
Involvment from Corporate Operations and finance required
#5 Capability to manage project and standard day-to-day activities
Freeze system enhancements for a periof of two yearstime (with the exception of legal requirements)
#6 Difficulties to integrate multiple technologies in a single and complex/multi-affiliates platform
Put in place DEVOPS organization
3
4
6
5
SMP : Required skills & resources
In continuation with what exists today and for the benefits of agility and efficiency, SMP is a platform where the team should be structured as a Center of excellence with a DevSecOps organization. Implementation of ‘segregation of duties’ within the team is key : this is done through the ‘assurance quality’ role.
Busines Requirements
Featuresdefinition
PlanChange
management
Business
Business expert , Application Platform design
Design Code Unit test Bug Fix Maintain
Dev
Continuous & Iterative development, sprint, agile, continuous deployment
Provision & configure
SecureOrchestrate& Monitor
Test & document
Deploy
SecOps
Platform build, Test & document, IT Automation, Monitoring
BusinessAgility
I.T.Agility
& Security
Local business requirements
Record & follow incidents
Escalate to Dev team
Maintain local knowledge
Support
Manage local requirements and end user application support
BusinessProximity
Cost benchmark
New HRIS project - Kick Off Preparation - Draft 16
SMP : high level project roadmap and scope
Fiscal year FY 2017 - 2018 FY 2018 – 2019 FY 2019 – 2020 FY 2020 – 2021 FY 2021- 2022
Calendar quarter
Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4
Architecturedef.
&Proof of Concept
Effort/budg. sizing
Spirit/1ERP
Spirit/1 SCADA
Spirit/1HHTs
Spirit/1 Vatting
Instructions
SMPIventory
Modelling
Definition
Proof of
Concept
Single WaveBuild
Deploy
Single WaveArchitecture analysis
Single Wave
DeployTechnology defintion
Deploy
Build ( APIs, Services)
Analyze &
Budget
Scope &
Application perimeter
Review.
Wave 1 (Martell)
Wave 2 : TBD
Wave 3 : TBDDeploy
Build (Front End / User interface)
Wave 4 : TBDDeploy
Deploy
Deploy
Build
( database model)
Build
Build
Connection Wifi / 4G ?
Single Wave
DeployTechnology defintion Build
Scope &
Application perimeter
Review.
Scope &
Application perimeter
Review.
17
MIGRATION
TECHNICAL PLATFORM (CLOUD)
Authentication & Technical data Database
Azure Traffic Manager(URL Translation Name)
BROWSER :HTTP REQUEST
Platforms
Azure Load BalancingSSO : ADFS / AZURE AD
Platform DEV
For eachPlatform:
1-n Web server
+
1-n App Server
+
1 Oracle DB server
(IAAS/BYOL)
http://PRG_SMP_DEV?envt=CHIVAS_TEST
http://prgazus1wsdev30:8080/dev1003/wrd/MAIN?envt=CHIVAS_TEST
Platform TEST Platform PROD
WS Server
AP SERVER
MS SQL DB Server
Oracle DB Server
WS Server
AP SERVER
Oracle DB Server
WS Server
AP SERVER
Oracle DB Server
+
1 SQL DB server (PAAS)
Microsoft Azure Pernod Ricard Group
Pernod Ricard Network
Load balancer
Azure R.G. Dev
App server App server App server
Azure R.G. Test Azure R.G. Prod
SMP – Infrastructure
Azure ADFS
RDP
Azu
re A
dm
in P
orta
l
HTTPS
HTTPS
Oracle DB server
A B C
A
Oracle DB server Oracle DB server
TCP
GUIAPI
Web server
GUIAPI
Web server
GUIAPI
Web server
B
TCP
MS SQL Server (PaaS)
SMP Admin DB
SMP Tracker DB
Dev / Admin Server
Uniface SMP Admin
Uniface SMP Tracker
2
3
1
4
5 5 5
SMP - Infrastructure• At the infrastructure level, the SMP platform is hosted within Pernod Ricard’s Microsoft Azure PRGDC-Cognac-
Prod-Dev subscription, which is physically hosted in both Dublin and Amsterdam and configured in High Availability.
• It is basically composed of 3 main Resources Group (RG) one per environment (DEV, TEST, PROD), each of which is composed of 3 VM at least each:
• 1 Tomcat Web server;
• 1 Web application server;
• 1 Oracle database server (one cluster per Brandco).
• Infrastructure management
• The IT Ops team is managing the infrastructure and access control to the infrastructure using Azure administration Web portal. There are only 3 administrators, MFA is strongly enforced. Backup and patch management of VMs and SQL database fully rely on Azure capabilities and policies.
• SQL and Oracle databases are logically managed by the project team.
• Network
• Microsoft Azure cluster is connected to Pernod-Ricard datacenter in a redundant way via IPSEC. This datacenter acts as the network distribution point (i.e. users at other locations access SMP via Cognac thanks to the MPLS network).
© 2019 Deloitte 20Security Diagnostic - SMP - CONFIDENTIAL
21
MIGRATION
CLIENT SERVER TO WEB APPLICATION
The Future : from C/S SPIRIT1 UNIFACE 9.6
To Web SMP UNIFACE 10.3
From Forms to Web Pages : Trying to minimize the change management
SMP - Application
Description
At application level, SMP is primarily composed of:
• “SMP portal”, a Web application used by ~500 Pernod Ricard users among each Brandco;
• “SMP Admin”, a uniface software developed to administrate its key components;
• “SMP Tracker” a uniface software developed to support development lifecycles;
• An API, exposed approximately 20 methods.
Operations
Administrators access the platform using a specific access, through Remote Desktop Protocol, to an administration server within Azure. From there, SMP environments are reachable. This server also hosts both “SMP Admin” and “SMP Tracker”.
© 2019 Deloitte 25Security Diagnostic - SMP - CONFIDENTIAL
SMP – Application development
© 2019 Deloitte 26Security Diagnostic - SMP - CONFIDENTIAL
Scenario DevelopmentAcceptance
testsProd
implementation
The developers team is composed of 6 Pernod Ricard employees and 5 Unifaces employees.
A DevSecOps process is in place. Five different roles exist: platform leader, project leader, platformarchitect, internal developers and finally assurance quality.
4 steps exist for DevSecOps processes: demand, supply, test document & secure and deploy.
Pernod Ricard’s SMP team has developed a tool (in Uniface) to assign development work, keep track, andput in production. This tool is used to keep track of the components and their modifications (code, etc.). Italso allows restoring to an older version.
Environments
The SMP platform is composed of 3 different environments: development, test and production.
Technologies used are:
• Uniface framework for the overall project;
• Java language, only for basics functions.
The Uniface framework has the advantage of including security mechanisms and requirements (e.g.templates, libraries and Snippets). Moreover, uniface supports its framework in case of changes orincident.
Process
SMP – Application development
© 2019 Deloitte 27Security Diagnostic - SMP - CONFIDENTIAL
Technologies
The Web application is now migrated by 60%. Thenumber of components has been drastically reducedwith a plan to finish with 1800 components (instead of4000 components in the 9.6 C/S application). It is nowconfirmed that more than 50% of the code has been re-used.
An optimization exercise has started in order toconsolidate various report, eliminate obsolete ones, andmove as much as possible report functionalities toMicrosoft PowerBI.
To complete the migration, We just started to workwith Uniface from the migration of our mobileapplication (industrial hand held terminals), currentlyrunning on Windows mobile.
• Android devices (Honeywell CT60)
• Uniface framework for the overall project;
• Buildozer for encapsulating Uniface web applicationand the various plugins (barcode scanner, DMABluetooth connection, …)
Spirit/1 vs SMP technical components