Resilient Systems

Resilient Systems Engineering

1/24/11

Prepared for INCOSE_IL &

Gordon Center for Systems Engineering at the TECHNION by

Jack Ring

CTO, Educe LLC

Fellow, INCOSE

1

Resilient Systems Engineering

1/24/11

Prepared for INCOSE_IL &

Gordon Center for Systems Engineering at the TECHNION by

Jack Ring

CTO, Educe LLC

Fellow, INCOSE

2

You don’t know Jack?

• 1957 – 2010.

• System Test & Evaluation.

• System Engineering.

• Object technology, 1971.

• Action research, intelligent enterprises.

• Enterprise architect, Starshine Planet, world-wide youth education in mind, body, spirit, heath and wealth.

• Tutorials: INCOSE 1994, 2001, 2003, 2005, IL 2005.

• Member: INCOSE (Fellow), ISSS, IEEE SMC, ACM, etc

• Co-chair, INCOSE WG’s for

–

Autonomous Systems T&E, 2009 -

– Motor Sports as learning environment, 2008 -

– Intelligent Enterprises, 2002 – 2007

• Member, Kennen Technologies LLC, OntoPilot LLC,

Educe LLC

1/24/11

©Jack Ring. Attributed copies permitted

3

1/24/11

In the next 45 minutes ---

Me @ 50%, You @ 50%

• Resilient SE.

• Praxis for resilient systems.

• Categories of resilient systems.

• Essence of resilient systems.

• Examples of resilient systems.


4

Resilient System

Stress vs. Strain

1/24/11


5

Resilient: Replace circa 1920

Upper airplane lost one of its wheels. Gladys Ingles installing a replacement wheel in flight.

With the replacement wheel strapped to her back she rides the wing of a rescue plane to the plane that lacks the wheel.

She transfers from wing to wing. Expertly works herself down to the undercarriage only a few feet from a spinning prop.

She installs the wheel then stands on the wing of the repaired plane to a successful landing. http://www.oshkosh365.org/ok365_DiscussionBoardTopic.aspx?id=1235&boardid=147&fo rumid=180&topicid=5584

1/24/11 6

Current Views

• S. Jackson - INCOSE Resilient Systems WG “…the capability of a system with specific characteristics before, during and after a disruption to absorb the disruption , recover to an acceptable level of performance, and sustain that level for an acceptable period of time.“

• R. Dove – INCOSE Systems Security Engineering WG

“ Sustaining system functionality in the face of intelligent determined attack requires self preservation capabilities that adapt and evolve with equal intelligence, determination, and strength of community.”

• B. Sauser, et al: Internal failures. External disruptions .

Brian Sauser, Mo Mansouri Mayada Omer, Using Systemigrams in Problem

Definition: A Case Study in Maritime Resilience for Homeland

1/24/11 7


L

I

E

N

T

R

E

S

I

M

O

D

E

O

V

E

R

R

I

D

E

1/24/11

1

9

6

9

8

Current Views, con’t.

• J. Fiksel – Dow Chemical Corp. “… the capacity to survive, adapt, and grow in the face of turbulent change – Key elements of resilience include capable employees, an agile supply chain, effective decision processes, and strong external relationships.

1/24/11


9

1/24/11

Resilient:

Reflexive, circa 500 A.D.

10

R

E

S

I

L

I

E

N

T

P

A

R

T

Y

M

U

L

T

I

M

I

C

S

D

Y

N

A

1/24/11 11

1/24/11

Essence of Resilient Systems

12

e = entity

= relation e e = ‘system’

Semiotics of Systems e e

= ‘system’ (explicit) e e e

= ‘system’ (implicit) e e e

= ‘system’ (soft) e

1/24/11


13

e = entity


Semiotics of Systems

S e e

System Does

R

= behavior = π e

S = Stimulus, R = Response e e

= ‘system’ (explicit) e e e


= ‘system’ (soft) e

1/24/11 14


e = entity


Semiotics of Systems

S e e

System Does

R

= behavior = π e

S = Stimulus, R = Response e e

= ‘system’ (explicit) e e e e e e =

Entity can contain a system e


= ‘system’ (soft) e e e e e e e e

System of Systems

(promulgates ambiguity) e e

1/24/11 15


Resilient System Meta-model

INPUTS

Request

Resources

Time

GS System

A Goal

Action Triggers

Energy

Competency

Situation

Closure, G-S

OUTPUTS

Response

Status Reports

Learning

1/24/11

Disturbances

Measures

Culture

Business Climate

Competing Goals

Situation

Goal Attainment

Sensitivity to Disturbance

Stability Limits

16


Resilient System Meta-model

INPUTS

Request

Resources

Time

GS System

A Goal

Action Triggers

Energy

Competency

Situation

Closure, G-S

OUTPUTS

Response

Status Reports

Learning

1/24/11

Disturbances

Measures

Culture

Business Climate

Competing Goals

Situation

Goal Attainment

Sensitivity to Disturbance

Stability Limits

17


Closure Metrics

Range, Response time, Accuracy, Parsimony

Goal

B

A

Step

Change

1/24/11

Time


18

Closure Metrics


Goal

B

A

Step

Change

1/24/11

Enterprise

Response

Time


19

Closure Metrics


Goal

B

A

Step

Change

1/24/11

Time


Next Change

Enterprise

Response

20

1/24/11

Resilient Systems Example Categories

Situation

In Out

Pr = Problem Space

Val = Value Space

S = Stimulus

R = Response

Sit = Situation

π = System Transfer

Function

21



Situation

Problem

Space

Class

Type

In f(t)

Out Type

Class

Value f(t)

Space

1/24/11

Pr = Problem Space

Val = Value Space

S = Stimulus

R = Response

Sit = Situation


Function

22



Situation

Problem

Space

Class

Type

In f(t)

π



Value

Out Type

Class

Value f(t)

Space

Class

Type

Pr = Problem Space

Val = Value Space

S = Stimulus

R = Response

Sit = Situation


Function

1/24/11 23



Problem

Space

Class

Type

In f(t)

Situation

π Out Type

Class

Value f(t)

Space



Value

π = f(k) = ballistic

π = f(O) = governor

π

π

π

π

π

= f(I) = compensator

= f( π

Class

) = self-test, auto repair

= f(Sit, O) = homeostatic

= f(Val) = goal-seeking

= f(Pr) = self-organizing

Type

Pr = Problem Space

Val = Value Space

S = Stimulus

R = Response

Sit = Situation


Function

π = f(Pr, Val) = autopoietic

π = f(all) = autocatalytic


24

Resilient System Engineering Praxis

1/24/11


25

1.

The Essence of Creating Systems

System

System Context

Adapted from

Science of Generic Design,

John Warfield

1/24/11


26

1.


System

System Context

2.

Problem System;

Content, Process,

Behavior

Problem

Suppression

System

Adapted from


John Warfield

1/24/11


27

1.


System

System Context

2.

Problem System;

Content, Process,

Behavior

Problem

Suppression

System

3.

Problem Suppression

System: Content

Adapted from


John Warfield

1/24/11


28

1.


System

System Context

2.

Problem System;

Content, Process,

Behavior

Problem

Suppression

System

3.

Problem Suppression

System: Content t

2

4.

Adapted from


John Warfield

1/24/11 t

1 t

3


Problem Suppression

System: Content,

Process, Behavior

29

Problematic Situation Dimensions

Ring, J., Modeling a Systems Engineering Enterprise, 2007 Conference on SE Research, Hoboken, NJ

Low Med High

State-determined

Extent

Stochastic

Variety

Non-deterministic

Ambiguity

‘Wicked’ Problems

Extent: # of cognates

Variety: # of unique cognates, both semiotic and temporal

Ambiguity: fog, conflicting data, cognitive overload

1/24/11 30


Problematic Situation Dimensions

Ring, J., Modeling a Systems Engineering Enterprise, 2007 Conference on SE Research, Hoboken, NJ

Low Med High

State-determined

Extent

Stochastic

Variety

Non-deterministic

Ambiguity

MTTE(K) = 10 yr 1 yr 0.1 yr

‘Wicked’ Problems

Extent: # of cognates

Variety: # of unique cognates, both semiotic and temporal

Ambiguity: fog, conflicting data, cognitive overload

MTTE = Mean Time To Emergence, K = Knowledge

1/24/11


31

1/24/11

Extent, Variety, Ambiguity

32

1/24/11

System Engineering Contributions

System

Engineering

Engineering

Of Systems

• Language the Project

• Model the Intended System

(including Closure > Variety & Ambiguity)

• Converge Creativity to

(design)

Closure


33

Worth of SE Contributions

Problematic

Situation

M(PSys)

SCI = X

Error = Φ

Systems Engineering

Engineering

M(PSS)

SCI = X/K1

Error = Φ/K2

Of Systems

Staley, S. M. 1995, “Complexity Measurements in System Design” in Integrated Design and

Process Technology, A. Ertes, et al, Editors, IDTP Volume 1, Austin, TX, 153-161

1/24/11


34

Worth of SE Contributions

Problematic

Situation

M(PSys)

SCI = X

Error = Φ

Systems Engineering

Engineering

M(PSS)

SCI = X/K1

Error = Φ/K2

Of Systems e.g., Warfield’s Situation Complexity Index

SCI = (N/7) (V/5) (K/10) = (1/350) NVK

Where:

N is Miller Index,

V is Spreadthink index and

K = DeMorgan index

SCI > X(i) indicates M(PSS) Not Ready for Engineering (i)

Staley, S. M. 1995, “Complexity Measurements in System Design” in Integrated Design and

Process Technology, A. Ertes, et al, Editors, IDTP Volume 1, Austin, TX, 153-161

1/24/11


35

ELSE, System of Systems!

090112

1/24/11 jring@amug.org

36

36

1/24/11

Resilient SE Practitioners

37

Clings to mental model.

What kind of SE should we be?

Co-evolves to fit the situation.

Raise your hand for the ideal Associate ---

___ goal-seeking,

___ homeostatic,

___ self-test and repair

___ compensator,

___ governor,

___ ballistic,

___ autocatalytic

___ autopoietic,

___ self-organizing,

1/24/11


38

1: Competency in Language of SE

“We (animals having a frontal lobe) started using our language for reasoning before we learned to use our language for the purpose of communicating with one another. …The correct use of propositions and chains of propositions is critical to appropriate adult behavior.”

“Language and Human Behavior,” Prof. Derek Bickerton, U. of Washington Press, 1995,

Human language and knowledge is:

Extensible in both facts and propositions, apparently without limit.

The source of our unique, powerful abilities of abstraction, imagination, synthesis and prescription.

1/24/11

Linear, Associative, Janusian, Hegelian, ?


39

2. Relationships Pattern: CMM?

2. Relationships Pattern: EDAC

1/24/11

Passes completed < 80%, Goals/Shots on Goal < 1/7

41

2. Relationships Pattern: Chaordic?

1/24/11

10,000 hours  N Error Detections and Corrections


42

3. Objective vs. Team Player?

(highly simplified)

100%

Workgroup Efficiency Limit

75%

50%

25%

Encouraging,

Admonishing

Anxious,

Insincere

Critical,

Destructive

5 10 15 20

Size of Workgroup

Adapted from Amity and Enmity, R. Starkermann


Unexplored

Territory of the

Intelligent

Enterprise

Interpersonal style is dominant factor with

5X leverage on achievement

43

PSE’s Interact as

2 nd Order,

Implicit

Systems disturbances

Conscious

Unconscious

“Amity and Enmity” by R. Starkerman info@editions.ch

ISBN 3-908730-29-5

Self realization goals

Will Powers

Fig. V-9

44

Frances Ford Coppola

Cinema Director

“The secret to making a good movie is -getting everyone to make the same movie.”

1/24/11


45

4. Closure (G-S) Rules for System Engineering

Observe

Orient

Decide

Act

System Actions

Adjust: Gradients on relationships

Arrange: Pattern of relationships

Co-align: Content of system with context constraints.

9/15/10

Within Dynamic and Integrity Limits

X, d(X)/dt, d 2 (X)/dt 2

•Thermodynamics: mass, momentum and energy

•Informatics: data, information and knowledge

•Teleonomics: skills, rate of learning, and rate of invention

•Human social dynamics: trust, enthusiasm, co-evolution

•Economic: Investment, ROI, Liquidity

•Ecology: Waste, Fads, Unintended Consequences


46

1/24/11

See also ---

Plan --- Do --- Check --- Adjust

(Shewhart cycle)

Plan --- Do --- Check --- Act

(Deming cycle)

Double Loop Learning

(Argyris & Schon)

Second order cybernetics

(von Foerster, et al)

Observe --- Orient --- Decide --- Act

(Col. John Boyd cycle)

47

5. The Reflective Practitioner

Four ascending levels of behavior:

1. Know how.

2. Reflection -- on how 'know how' was applied.

3. Knowing-in-action (devising while doing)

4. Reflection-in-action.

A Practitioner must have two kinds of knowing:

–

Objectivist - descriptive

– Constructivist – prescriptive - world making

Designing cannot be taught -- but can be coached

Designing: knowledge-in-action, holistic, honors unspecified

(unspecifiable?) design qualities (aesthetics)

Methods of Coaching The Reflective Practitioner

– Joint experimentation,

– Follow Me!

– Hall of Mirrors

1/24/11

Educating the Reflective Practitioner, Donald Schon, Jossey Bass, 1987

48


Take-aways?

• System IS, DOES, KNOWS (some even LEARN!).

• Problem Systems, Problem Suppression Systems, Gestation

Systems (SE and EofS)

• At least 9 categories of resilient systems.

• SE, a gestation system, reduces EVA for the E of S cadre

• By people,

• Pursuing MOE’s @ standard of care by requisite variety.

• Achieving knowledge exchange and choice making

• Using coherent language, appropriate interpersonal style, and proactive, mutual error detection and correction.

1/24/11


49

Clarifications?

The castle , Hawkins, besiege the

castle!

1/24/11 50


Clarifications?

The castle , Hawkins, besiege the

castle!

1/24/11

Thank You


51

Further Reading

Jackson, S., Architecting Resilient Systems: Accident Avoidance and Survival and Recovery from Disruptions, John Wiley and Sons.

The Infrastructure Security Partnership (TISP) ( www.tisp.org

) international Resilience Engineering Network. www.resilience-engineering.org

Hollnagel, E., D. Woods, N. Leveson Resilience Engineering: Concepts and

Precepts, Ashgate Publishing Limited

Fiksel, J., Design for Environment: A Guide to Sustainable Product

Development, was published by McGraw-Hill in 2009.

Gunderson, L. H. 2000 ECOLOGICAL RESILIENCE - IN THEORY AND

APPLICATION Annual Review of Ecology & Systematics, 31: 425

Sobel-Lojeski, K., Reilly, R., Uniting the Virtual Workforce, Wiley, 2008

Sobel-Lojeski, K., Leading the Virtual Workforce, Wiley, 2009

Dove, Rick, Response Ability: the language, structure and culture of the agile enterprise, Wiley, 2001.

Ring, J. (ed) About Intelligent Enterprises, a collection of knowledge claims,

INCOSE IS07 CD.

1/24/11 52

Resilient Systems

Resilient Systems Engineering

Resilient Systems Engineering

ELSE, System of Systems!

Clarifications?

castle!

Clarifications?

castle!

Thank You

Related documents

Products

Support

Resilient Systems