The most common failure mode in OPA implementation is not technical. It's interface drift.
Interfaces are the foundation of an open architecture. They are also fragile. Data structures get extended to support specific use cases without considering broader impact. Naming conventions diverge across components. Behavior at interfaces changes in undocumented ways. Each modification is locally justified. Collectively they erode the interoperability that the standardized interfaces were defined to enable.
Components that were designed to interoperate stop doing so reliably. The system becomes a custom integration rather than an open architecture — with all the maintenance burden of custom integration and none of the architectural benefits.
What makes interface drift particularly hard to catch: it develops gradually. Each individual change looks reasonable. The architecture is not violated in any single moment. It erodes through the accumulation of locally rational decisions, until one day the system is no longer composable, and nobody can point to when that happened.
Three disciplines prevent it.
Formal Interface Control Documents
Every architecturally significant interface in the system has an ICD. The ICD specifies data structures, behavior, performance, validation requirements, change control, and signatures. Modifications go through review. Drift becomes visible because the gap between documented and actual behavior is auditable.
Continuous conformance validation
Conformance is not verified once at procurement and assumed thereafter. It is maintained through periodic re-validation as components are updated, as the standard evolves, and as the surrounding architecture changes.
Architectural ownership inside the operator
Drift happens when nobody is responsible for stopping it. The operator must own the architecture, or the architecture will silently shift toward whoever does own it — typically the dominant supplier.
These are organizational disciplines, not technical ones. They are the disciplines operators must build because the discipline is no longer absorbed within the vendor's scope. The architecture is the operator's now. So is its preservation.