One of the growing areas to help with Legacy Integration and automation of integration is the use of automation tools and frameworks. Over the last 3 years, a significant emphasis on the automation of workflows with legacy and new cloud-aware applications for information workers has emerged. These tools sets are called Robotic Process Automation (RPA) tools.
Robotic Process Automation (RPA)
What RPAs are NOT
- A method to control and manage Robots
- Process automation for factory machines
- A way of replacing workers
What RPAs are
- A way of automating Information Workers redundant tasks
- A set of tools that records how users interact with applications and play it back
- A way to decrease errors in highly repetitive, user interface intensive Tasks.
Current Market Place – 2019
- UiPath - $1 Billion investment on $300 Million in Annual Revenue
- Automation Anywhere - $500 Million investment on $100 Million in Annual Revenue
- BluePrism - $50 Million investment on $30 Million in Annual Revenue
Place where RPA works well.
- Financial Institutions
- Medical Field
- Insurance
- Any place where lots of Information Workers do highly repetitive manual tasks
- Understand your Information Worker
RPA Modes of Operation
Attended
· Handles tasks for individual employees
· Employees trigger and direct a bot to carry out an activity
· Employees trigger bots to automate tasks as needed at any time
· Increases productivity and customer satisfaction at call centers and other service desk environments
Unattended
· Automates back-office processes at scale
· Provisioned based on rules-based processes
· Bots complete business processes without human intervention per a predetermined schedule
· Frees employees from rote work, lowering costs, improving compliance, and accelerating processes
How to integrate RPA in your Enterprise
- Information Worker – This is the primary user of the RPA tools. Their manual processes are targets for automation.
- Application Developer – RPA bots change when applications are updated or created. Changes to User Interface require “re-recording” the RPA bots.
- IT Operations – Manage the RPA tools and deploy unattended RPA bots.
Managing Change
- Decrease number of updates to applications and user interfaces
- Decrease the number of steps if possible.
- Decrease the number of tools integrated together.
Managing Security
- Find a tool that allows for the injection of security credentials into the RPA bot.
- Look at auth keys instead of username and passwords.
Managing RPA tools and bots with SecDevOps Workflows
RPA Bundling
SecDevOps Pipelining
Pitfalls of RPA bots
- Security can be a gaping hole if you don’t pay attention to it. One of the biggest mistakes is running applications in an RPA bot in privileged mode or with a “global” account credentials.
- RPAs bots tightly couple to User Interfaces of multiple applications, any small change to an app means you need to re-record the RPA bot.
- RPA bots cannot hand change very well they are very brittle to change in applications and even configuration of applications.
- Reuse is minimal due to the tight coupling with the application user interfaces. Some tools use tags instead of the absolute position of cursor and clicks.
- Some User Interfaces do not allow themselves to RPAs because they are dynamic. Which means they are hard to record.
Tips and Tricks
· Treat RPAs as Complex Services running in your Multi-Hybrid Cloud
· Run you RPA bots through SecDevOps Workflows like other applications.
· Inject Security and Auth at runtime into the RPA tool.
· Find ways to reuse RPA bots in different parts of your organization.
· Have a plan to replace your RPA bot with a simplified integration
· Look for ways to decrease the Legacy applications (Replace or Remove)
Transcript
[Music]
this is Darren Pulsipher and welcome to
rise of the stack developer where the
the convergence of DevOps security and cloud
native technologies are changing the way
products are developed
In today's episode we're going to talk about
robotic process automation RPAs and
how to use them in legacy integration
when I first started looking at robotic
process automation someone asked me to
research a little bit I thought I was
going to be talking about robot
controllers and automating robots it has
absolutely nothing to do with that so
what is robotic process automation also
known as RPAs well it's not a method to
control and manage robots it's not
process automation for factory machines
or replace or a way of replacing workers
at all what it actually is is a way of
automating information workers of
redundant paths it really had its birth
out of UI testing automation so normally
with UI testing automation you record a
screen it captures mouse clicks in
different locations of the screen or if
you're using a web browser it captures
tags that have been changed in button
presses and things like that
well they've taken that UI testing
frameworks that have been around for
quite some time over 10 or 15 years and
they have repurposed that to help with
information workers and it records how
users interact with applications
multiple applications and then it allows
you to play those back with the ability
to inject parameters or variables in
into your recordings this is really cool
because this now lets me automate things
that I have to do over and over again in
a very simple way by recording the way
that I do it so it's a great way to
decrease the number of errors and
highly repetitive tasks that are user
interface intensive so about three or
four years ago there was a huge influx
of money in fact over the last three
years huge influx of money into
companies in this space
the top three getters in this space as
far as financing goes was uipath
automation anywhere and blue prism each
one of these companies garnered quite a
bit of money the most funding went to
uipath with over a billion dollars in
funding and then automation anywhere
with five hundred million and then blue
prism with fifty million dollars this is
a lot of money and this money didn't
come from your typical VCS sitting in
Silicon Valley we saw most of this money
coming from financial institutions in
New York and LA which is very different
I researched a little bit more and found
out that the reason these companies are
investing in it is because they use the
technology they want to make sure the
technology grows and is used in other
industries as well because they're
looking at ways that they can automate
information workers redundant tasks so
those information workers can focus on
things that are of higher value so
they've seen huge benefits in this
there's some great ROI calculators out
there on each one of these guys sites
and they're not right now trying to
differentiate themselves but before we
talk about how they're different
themselves or how we manage
these robotic process automation tools
our pas for short let's talk about the
two modes of operation today every
single one of them do attended execution
of our PA bots in fact Thank You shorty
robots right so these are PA BOTS and
attended mode means that they handle
tasks for individual employees that an
employee works with the bot as they're
working through things so there's pause
statements the employee may type
something in and then hit continue and
then it'll continue on through the
workflows right employees trigger the
bots themselves or sometimes
automated tasks that might be built into
their normal workflow they found major
improvements in productivity and
customer satisfaction and call centers
and other service desk types
environments and that's attended right
the unattended aspect is really great
for automating back-office and processes
at scale so now it's not tied to an
individual employee but now I've got to
do massive amounts of work that we're
done previously by people maybe I can
automate that and get that work done
faster this is a really good way of
working with Asha it's a good way but it
is a way of integrating legacy
applications and new modern applications
it's kind of quick and dirty there are
some downsides to it which we'll talk
about later but it does free up
employees from wrote work that they
would normally be doing and lowering
costs primarily improving compliance and
accelerating process improvement so
there's a lot of benefits to both
attended available everywhere today
unattended it's a little more um hit and
miss on all these tools they'll all say
they have unattended but there's some
tips and tricks in using them
effectively
[Music]
[Applause]
so let's talk about working in the
enterprise and why this is an
interesting space specifically for the
information worker and this mostly comes
from the information worker themselves
where they have repeatable manual
processes that they're trying to run and
it's primarily been focused on them but
to really work it in an enterprise well
you have to consider the other actors
involved like IT I t's main goal is
optimization protection and reliability
and then you've got your new application
developers on the right-hand side here
and they're developing products and
quick iterations and they are the Wild
West right they want to move fast and
get things done there's some issues with
working with our pas in these
environments some of the issues are as
developers the developers are developing
new products or maybe even changes or
updates to existing products they could
actually affect our PA BOTS dramatically
right because they're pushing out new
things changes into legacy applications
sometimes and sometimes into new
applications are running in private
clouds or public clouds and IT
organizations are trying to maintain you
know reliability protection of IP
optimizing for costs all those things
are in play and it's poor information
worker he can adapt pretty well to
changes that are happening from your new
development of products or the way
workflows go and IT pushing back saying
hey we need to slow things down they
need to be more secure reliable and at a
lower cost
so this coordination there is dance
between these three actors in your
system actually put are an important
thing to understand when you're dealing
with our PA BOTS because you're our PA
BOTS tend to be a little bit more static
and fragile to changes in your system
so best way to explain this is take a
look at your information worker he's
working on applications and maybe he's
recorded an RPA bot right so he's
recorded this work it's happening he may
need some help from IT to get the right
version of the software or whatever it
is but IT he's setting it up he's
managing legacy applications and also
private cloud in this respect then
you've got your developer over here I'm
gonna release new software right in the
private cloud and public cloud and then
I'm gonna train the information worker
on how to use my application all right
and then that application is going to
now be tied into the information workers
normal workflow it could be a new app
that he needs to work in the process
that he normally does with a legacy
application and in that case he's needs
some way of getting access to that
that's in the public cloud or the
private cloud and so IT has to establish
that credentials all those sorts of
things so the information worker will
record a new bot and get that running
and that works out pretty well but now
let's say I make an update to the
application I've got this update to an
application dev is telling the
information worker hey I gave you this
new app update the information workers
all pissed off because he has to now
rerecord his bot because maybe they
added a new field in the application
maybe they removed a field maybe they
move things around developers need to
understand those sorts of things you've
got to understand what though what all
is happening there because the bot is
tied to typically screen space or tags
in a website you have to be very mindful
when your app when you're an app
developer that when you're making
updates that you don't break all the
bots and that may be that may include
some testing of a handful of bots in
your normal development cycle that
you're working
so one thing we have to look at is what
is the comm computational complexity now
as the number of applications I'm tying
together increase within our PA bot as
well as the number of environments
because each environment has a different
set of credentials I need to worry about
different reliability numbers and
latency all these things come into play
so when you are working with an RPA tool
and you're trying to use it to tie
legacy and new applications together
limit the number of applications that
you're working on and the number of
steps as well you've got to be mindful
of this because if you don't what you'll
find is your complexity goes up
dramatically to a factor of you know
like in factorial type of number and it
could be even worse than that because of
the number of steps involved it becomes
a nightmare to manage because you've got
to be able to test those those new
workflows as well so be mindful of that
change in this environment is very hard
to work with so there's no common way to
automate processes and workflows across
this whole thing in a secure manner
because of the different environments
that I'm working in as well unless you
have tools like single sign-on across
multiple clouds including legacy
applications most of these applications
have some kind of a login whether it's a
user name and password or authentication
credentials whatever it may be you've
got to come up with how you're going to
manage that most of the RPA tools allow
you to inject security credentials into
the bot at runtime if they do not I
would steer clear of those tools because
that means you don't have reuse and it
also means anytime that you have to
change passwords or re-establish keys
which
happens in a lot of organizations every
three months you have to change your
password all of a sudden all your
automation is broken and you have to
rerecord it which can be time-consuming
[Music]
[Applause]
let's talk about how we can use a multi
hybrid cloud to help manage these are PA
BOTS because there's something really
cool about multi hybrid cloud
architectures they handle security
across multiple domains for you really
well right they handle intercloud
communication in a secure way so you
don't have to establish that every time
that you create a new bot there's a lot
of things that it can handle for you so
let's take a look and see how could we
use an RPA bot in a multi hybrid cloud
and let that multi hybrid cloud
orchestration happen for us so it can
establish the security for us as we pass
in the security credentials at the top
it can handle where it's running
effectively and establish a secure
overlay network to connect everything
together so let's take a look on how we
can manage that
and it's see what benefits we get out of
using multi hybrid cloud technology to
help in the management of our PA BOTS
running in my ecosystem so first let's
take a look at the area of a multi
hybrid cloud that are most important to
the our PA BOTS and it's the automation
frameworks that are out there all right
this is really where it ties in well
well there's two types of automation
frameworks if you include our PA tools
as an automation framework which it is
because it's recording the way a user
interacts with the user interface that's
and it automates that in a reusable way
so that's really good there's also
DevOps tools that do automation as well
right cool thing is is they both give a
lot of the same capabilities and
abilities whether it's flexibility our
PA tools gives some of that flexibility
repeatability most definitely deployment
and provision all those tools have some
aspect of that and ease of use they have
really focused on that a lot
DevOps tools have those
saying of things tools like saltstack
ansible puppet and chef very well-known
large communities around each one
they're all flexible how can I utilize
both of those tools together to get this
work that I need done in an automated
way whether I am using an RPA to tie
legacy applications to modern
applications or I'm using in its
traditional sense of helping an
Information worker automate highly
repetitive tasks that they're working on
it's good to understand how I can
utilize both so let's first take a look
at a concept of building our PA BOTS
today a user will sit down they'll fire
up the tool basically records what
they're doing on their screen they will
then save it they could go back and make
some changes and add various variations
to it by adding variables and arguments
I'm passing in security credentials and
then they run it on their machine so
this is an information worker developing
or creating an RPA bot well now let's
say I want to reuse that bot in several
different places I want to be able to
version control that bot what tools does
that bot need in order to run because
you're tying tools together you need to
make sure that you have an environment
set up that have all those tools so if I
want to run this maybe in the background
in an unattended way I need to know what
the versions of the tools were all those
things so came up with this idea of what
if I were to bundle the RPA bot with all
of the tools that it uses and including
in there a runtime environment like in a
VDI a virtual desktop environment so
that I could easily repeat that
recording of the RP a bot
over and over again and I could tear it
down and start it up easily so we came
up with the idea of creating a bundle
and it is an RPA bot bundle and this RP
a bundle allows me to inject all of my
tools inside that same bundle so I since
it's bundled together I can version it
together I can treat it as one entity
that flows through my normal development
pipeline that I've already established
from building that to testing it to
running it in production across multiple
different environments and the cool
thing about if I do this concept of the
bundle I can get all of the benefits of
using bundles that exist today like
injecting network and environment
parameters into the bundle that can then
be passed into the different tools and
the bot itself and it can establish a
micro segmented network domain
specifically for that bundle so now it's
secure as well I can also inject in
there secrets like passwords and
usernames if I have multiple or
authentication keys and I can inject
those in it run time as well into the
bundle this gives me the ability to use
that bundle as different users if I need
to right which gives me additional reuse
now because it's a VDI
environment it's a virtual desktop
that's interactive as well so I can run
this whole concept both in an unattended
mode and an attendant mode so this
bundle concept is really important um
that gives me a really cool benefit as
you can see when we talk about dropping
that bundle into your typical dev ops or
SEC dev ops pipelining as a software
pipelining that you normally run so like
in that example your dev environment now
is run by your information worker that
is developing this our PA bot
develops it in this dev environment he
then pushes it into that bundle he can
push that definition of the bundle into
like github and then we'll build that
run some tests on it and then it puts it
up into a pre-production registry or a
staging area where I run additional
tests on it if it passes I push it into
production registry and now I can run it
in production so just like I would
normally do with any other application
software now the other cool thing about
this as well is if a dev team creates a
new version of the application and it
releases it it's not going to mess up my
bot because my bot is versioned with the
previous version of that application
what it means is I as the information
worker would say alright I'm gonna take
that new application and I'm going to
create a new version of the same bot
release that out and then now I have
real version control over my bots and I
don't get surprises from an application
changing out from under on the
underneath of me now that's completely
true if I can put all the applications
in the bundle now that's not always the
case you may have a legacy application
maybe it's running on a mainframe that I
have hooks into you can still bundle a
reference it's almost like a reference
pointer in my bundle to that legacy
application but if that legacy
application changes then I'm not gonna
know about those changes in tell I'm in
production and it's running unless every
time that legacy application on a
mainframe or something that can't be
bundled but only by reference changes
then I run it through a dev cycle as
well which I could easily do
[Music]
[Applause]
[Music]
let's talk about some of the problems
with thoughts because I'm recording user
interface interaction a lot of times
what I found is some users actually say
I'm gonna work around security and just
run everything in privileged mode right
I'm gonna run all my applications in
privileged mode
who cares about security well your seaso
may care a lot about security so you've
got to be careful that um the other
thing you have to watch out for is that
your user interfaces and your RP bots
are tightly coupled in fact they are
completely coupled right because your RP
a bot is dependent on your user
interface being a certain way whether
it's an RP a bot that goes by Mouse X Y
position clicks or using tags inside a
web page you've got to understand that
now your tightly coupled to khat across
multiple applications right so any
changes to use your interface can be a
major problem for these BOTS right which
means that they're very brittle and they
can't handle change very well and it can
be very difficult if you don't design
your bot correctly it would be very
difficult to reuse it in other processes
or workflows I suggest going with
smaller number of steps and creating
like small mini BOTS that can be used
with other BOTS that's a better approach
then you can increase the number of
reuses of a specific bot maybe it only
does one thing instead of doing a full
workflow by itself right and then so
there are some user interfaces that are
dynamic in nature that are constantly
changing based off of environment issues
around them our pas have a harder time
working in those now
ai is supposed to come and save and help
with the RPAs and all the are PA vendors
are looking at how they can leverage AI
to help so that they're not tied so
directly to a user interface but that
they can infer what things are on a user
interface as they change right since not
all processes are easy easy to automate
via user interface because of dynamic
user interfaces or security
authentication and challenges they're
trying to see how they can use AI to
help in some of those cases so right now
it's still at the very beginning of this
but I think that's where most of that
investment money is headed that's out
there I don't know because I'm not in
those companies but it's probably a wild
guess probably a pretty good guess that
they're trying to use inference to help
when they are managing processes so or
creating new BOTS so they're less
prescriptive it can be a little bit more
fuzzy but they can still get things done
another area that I think that they're
looking at is that you have self
learning bots that can optimize
processes by looking at user interfaces
and looking how workers are using a user
interface in very many different ways
and then giving a better guidance to the
information workers on ways to to
optimize their the way that they're
working and then eventually optimize
those RPA BOTS so very interesting space
a lot of research going on this space
and I imagine there'll be a lot of
spinouts of new technology coming out of
out of this work that's being done now
let's talk about bots in general I do
not think it is a great idea to have a
bot that you think is going to last for
years there's just too much change in
the system so make sure that you have a
plan to end of life and RP a bot when
you develop it and really the ideal plan
is to come up with integration points
that aren't using use
interface that are using common api's
that you would have if you don't have a
common api with a legacy application it
might be time to build one
so use your bot as a stopgap to help get
over long integration development cycles
and get something working right away but
have a plan on how you are going to
remove that bot in the future it could
be that you get rid of a legacy
application completely right or you're
going to replace the legacy application
with a new application or maybe get rid
of that whole workflow completely don't
see your RPE BOTS as the end it is a
stopgap measure the reason I say that is
because they are fragile and brittle
because they are so dependent on user
interface changes and layouts so here
are some tips that we talked about just
real quick treat our pas as complex
services that are running in your multi
hybrid cloud you put them through your
sec DevOps or your dev sec ops workflows
just like you would any other
application make sure you're controlling
and doing a configuration management on
them version control and things like
that
inject security and authorization at
runtime into through your our PA tools
or through your bots themselves look at
our PA tools make sure that you can
automate that step if you can't then
you've just traded automation with
another manual process not a good idea
right and then find ways to reuse your
our PA bots in different parts of your
organization if you break it down into a
common workflow that you see over and
over again instead of just looking at a
big massive workflow you'll have that
opportunity to do that by having smaller
BOTS on that work together and then also
make sure you have a plan to replace
your our PA bot with a simplified
integration this will run faster lower
cost and less mistakes and then also
look for ways to decrease legacy
applications
either replace or remove them in the
future thanks for listening to rise with
the stack developer if you enjoyed our
podcast go ahead and subscribe give us
five stars and let other people know if
you want more information like tutorials
videos white papers check out our
website rise in to stack dev calm until
next time go out and build in the world
one stack at a time
[Music]
you
[Music]
you
Comments
Post a Comment