Flexible and Intelligent Learning Architectures for SOS (FILA-SoS)

Multi-faceted systems of the future will entail complex logic and reasoning with many levels of reasoning in intricate arrangement. The organization of these systems involves a web of connections and demonstrates self-driven adaptability. They are designed for autonomy and may exhibit emergent behavior that can be visualized. Our quest continues to handle complexities, design and operate these systems. The challenge in Complex Adaptive Systems design is to design an organized complexity that will allow a system to achieve its goals. This report attempts to push the boundaries of research in complexity, by identifying challenges and opportunities. Complex adaptive system-of-systems (CASoS) approach is developed to handle this huge uncertainty in socio-technical systems

Architecting system of systems: artificial life analysis of financial market behavior

This research study focuses on developing a framework that can be utilized by system architects to understand the emergent behavior of system architectures. The objective is to design a framework that is modular and flexible in providing different ways of modeling sub-systems of System of Systems. At the same time, the framework should capture the adaptive behavior of the system since evolution is one of the key characteristics of System of Systems. Another objective is to design the framework so that humans can be incorporated into the analysis. The framework should help system architects understand the behavior as well as promoters or inhibitors of change in human systems. Computational intelligence tools have been successfully used in analysis of Complex Adaptive Systems. Since a System of Systems is a collection of Complex Adaptive Systems, a framework utilizing combination of these tools can be developed. Financial markets are selected to demonstrate the various architectures developed from the analysis framework --Introduction, page 3

In pursuit of autonomous distributed satellite systems

A la pàgina 265 diu: "In an effort to facilitate the reproduction of results, both the source code of the simulation environment and the configuration files that were prepared for the design characterisation are available in an open repository: https://github.com/carlesaraguz/aeossSatellite imagery has become an essential resource for environmental, humanitarian, and industrial endeavours. As a means to satisfy the requirements of new applications and user needs, novel Earth Observation (EO) systems are exploring the suitability of Distributed Satellite Systems (DSS) in which multiple observation assets concurrently sense the Earth. Given the temporal and spatial resolution requirements of EO products, DSS are often envisioned as large-scale systems with multiple sensing capabilities operating in a networked manner. Enabled by the consolidation of small satellite platforms and fostered by the emerging capabilities of distributed systems, these new architectures pose multiple design and operational challenges. Two of them are the main pillars of this research, namely, the conception of decision-support tools to assist the architecting process of a DSS, and the design of autonomous operational frameworks based on decentralised, on-board decision-making. The first part of this dissertation addresses the architecting of heterogeneous, networked DSS architectures that hybridise small satellite platforms with traditional EO assets. We present a generic design-oriented optimisation framework based on tradespace exploration methodologies. The goals of this framework are twofold: to select the most optimal constellation design; and to facilitate the identification of design trends, unfeasible regions, and tensions among architectural attributes. Oftentimes in EO DSS, system requirements and stakeholder preferences are not only articulated through functional attributes (i.e. resolution, revisit time, etc.) or monetary constraints, but also through qualitative traits such as flexibility, evolvability, robustness, or resiliency, amongst others. In line with that, the architecting framework defines a single figure of merit that aggregates quantitative attributes and qualitative ones-the so-called ilities of a system. With that, designers can steer the design of DSS both in terms of performance or cost, and in terms of their high-level characteristics. The application of this optimisation framework has been illustrated in two timely use-cases identified in the context of the EU-funded ONION project: a system that measures ocean and ice parameters in Polar regions to facilitate weather forecast and off-shore operations; and a system that provides agricultural variables crucial for global management of water stress, crop state, and draughts. The analysis of architectural features facilitated a comprehensive understanding of the functional and operational characteristics of DSS. With that, this thesis continues to delve into the design of DSS by focusing on one particular functional trait: autonomy. The minimisation of human-operator intervention has been traditionally sought in other space systems and can be especially critical for large-scale, structurally dynamic, heterogeneous DSS. In DSS, autonomy is expected to cope with the likely inability to operate very large-scale systems in a centralised manner, to improve the science return, and to leverage many of their emerging capabilities (e.g. tolerance to failures, adaptability to changing structures and user needs, responsiveness). We propose an autonomous operational framework that provides decentralised decision-making capabilities to DSS by means of local reasoning and individual resource allocation, and satellite-to-satellite interactions. In contrast to previous works, the autonomous decision-making framework is evaluated in this dissertation for generic constellation designs the goal of which is to minimise global revisit times. As part of the characterisation of our solution, we stressed the implications that autonomous operations can have upon satellite platforms with stringent resource constraints (e.g. power, memory, communications capabilities) and evaluated the behaviour of the solution for a large-scale DSS composed of 117 CubeSat-like satellite units.La imatgeria per satèl·lit ha esdevingut un recurs essencial per assolir tasques ambientals, humanitàries o industrials. Per tal de satisfer els requeriments de les noves aplicacions i usuaris, els sistemes d’observació de la Terra (OT) estan explorant la idoneïtat dels Sistemes de Satèl·lit Distribuïts (SSD), on múltiples observatoris espacials mesuren el planeta simultàniament. Degut al les resolucions temporals i espacials requerides, els SSD sovint es conceben com sistemes de gran escala que operen en xarxa. Aquestes noves arquitectures promouen les capacitats emergents dels sistemes distribuïts i, tot i que són possibles gràcies a l’acceptació de les plataformes de satèl·lits petits, encara presenten molts reptes en quant al disseny i operacions. Dos d’ells són els pilars principals d’aquesta tesi, en concret, la concepció d’eines de suport a la presa de decisions pel disseny de SSD, i la definició d’operacions autònomes basades en gestió descentralitzada a bord dels satèl·lits. La primera part d’aquesta dissertació es centra en el disseny arquitectural de SSD heterogenis i en xarxa, imbricant tecnologies de petits satèl·lits amb actius tradicionals. Es presenta un entorn d’optimització orientat al disseny basat en metodologies d’exploració i comparació de solucions. Els objectius d’aquest entorn són: la selecció el disseny de constel·lació més òptim; i facilitar la identificació de tendències de disseny, regions d’incompatibilitat, i tensions entre atributs arquitecturals. Sovint en els SSD d’OT, els requeriments del sistema i l’expressió de prioritats no només s’articulen en quant als atributs funcionals o les restriccions monetàries, sinó també a través de les característiques qualitatives com la flexibilitat, l’evolucionabilitat, la robustesa, o la resiliència, entre d’altres. En línia amb això, l’entorn d’optimització defineix una única figura de mèrit que agrega rendiment, cost i atributs qualitatius. Així l’equip de disseny pot influir en les solucions del procés d’optimització tant en els aspectes quantitatius, com en les característiques dalt nivell. L’aplicació d’aquest entorn d’optimització s’il·lustra en dos casos d’ús actuals identificats en context del projecte europeu ONION: un sistema que mesura paràmetres de l’oceà i gel als pols per millorar la predicció meteorològica i les operacions marines; i un sistema que obté mesures agronòmiques vitals per la gestió global de l’aigua, l’estimació d’estat dels cultius, i la gestió de sequeres. L’anàlisi de propietats arquitecturals ha permès copsar de manera exhaustiva les característiques funcionals i operacionals d’aquests sistemes. Amb això, la tesi ha seguit aprofundint en el disseny de SSD centrant-se, particularment, en un tret funcional: l’autonomia. Minimitzar la intervenció de l’operador humà és comú en altres sistemes espacials i podria ser especialment crític pels SSD de gran escala, d’estructura dinàmica i heterogenis. En els SSD s’espera que l’autonomia solucioni la possible incapacitat d’operar sistemes de gran escala de forma centralitzada, que millori el retorn científic i que n’apuntali les seves propietats emergents (e.g. tolerància a errors, adaptabilitat a canvis estructural i de necessitats d’usuari, capacitat de resposta). Es proposa un sistema d’operacions autònomes que atorga la capacitat de gestionar els sistemes de forma descentralitzada, a través del raonament local, l’assignació individual de recursos, i les interaccions satèl·lit-a-satèl·lit. Al contrari que treballs anteriors, la presa de decisions autònoma s’avalua per constel·lacions que tenen com a objectius de missió la minimització del temps de revisita global.Postprint (published version

In pursuit of autonomous distributed satellite systems

Satellite imagery has become an essential resource for environmental, humanitarian, and industrial endeavours. As a means to satisfy the requirements of new applications and user needs, novel Earth Observation (EO) systems are exploring the suitability of Distributed Satellite Systems (DSS) in which multiple observation assets concurrently sense the Earth. Given the temporal and spatial resolution requirements of EO products, DSS are often envisioned as large-scale systems with multiple sensing capabilities operating in a networked manner. Enabled by the consolidation of small satellite platforms and fostered by the emerging capabilities of distributed systems, these new architectures pose multiple design and operational challenges. Two of them are the main pillars of this research, namely, the conception of decision-support tools to assist the architecting process of a DSS, and the design of autonomous operational frameworks based on decentralised, on-board decision-making. The first part of this dissertation addresses the architecting of heterogeneous, networked DSS architectures that hybridise small satellite platforms with traditional EO assets. We present a generic design-oriented optimisation framework based on tradespace exploration methodologies. The goals of this framework are twofold: to select the most optimal constellation design; and to facilitate the identification of design trends, unfeasible regions, and tensions among architectural attributes. Oftentimes in EO DSS, system requirements and stakeholder preferences are not only articulated through functional attributes (i.e. resolution, revisit time, etc.) or monetary constraints, but also through qualitative traits such as flexibility, evolvability, robustness, or resiliency, amongst others. In line with that, the architecting framework defines a single figure of merit that aggregates quantitative attributes and qualitative ones-the so-called ilities of a system. With that, designers can steer the design of DSS both in terms of performance or cost, and in terms of their high-level characteristics. The application of this optimisation framework has been illustrated in two timely use-cases identified in the context of the EU-funded ONION project: a system that measures ocean and ice parameters in Polar regions to facilitate weather forecast and off-shore operations; and a system that provides agricultural variables crucial for global management of water stress, crop state, and draughts. The analysis of architectural features facilitated a comprehensive understanding of the functional and operational characteristics of DSS. With that, this thesis continues to delve into the design of DSS by focusing on one particular functional trait: autonomy. The minimisation of human-operator intervention has been traditionally sought in other space systems and can be especially critical for large-scale, structurally dynamic, heterogeneous DSS. In DSS, autonomy is expected to cope with the likely inability to operate very large-scale systems in a centralised manner, to improve the science return, and to leverage many of their emerging capabilities (e.g. tolerance to failures, adaptability to changing structures and user needs, responsiveness). We propose an autonomous operational framework that provides decentralised decision-making capabilities to DSS by means of local reasoning and individual resource allocation, and satellite-to-satellite interactions. In contrast to previous works, the autonomous decision-making framework is evaluated in this dissertation for generic constellation designs the goal of which is to minimise global revisit times. As part of the characterisation of our solution, we stressed the implications that autonomous operations can have upon satellite platforms with stringent resource constraints (e.g. power, memory, communications capabilities) and evaluated the behaviour of the solution for a large-scale DSS composed of 117 CubeSat-like satellite units.La imatgeria per satèl·lit ha esdevingut un recurs essencial per assolir tasques ambientals, humanitàries o industrials. Per tal de satisfer els requeriments de les noves aplicacions i usuaris, els sistemes d’observació de la Terra (OT) estan explorant la idoneïtat dels Sistemes de Satèl·lit Distribuïts (SSD), on múltiples observatoris espacials mesuren el planeta simultàniament. Degut al les resolucions temporals i espacials requerides, els SSD sovint es conceben com sistemes de gran escala que operen en xarxa. Aquestes noves arquitectures promouen les capacitats emergents dels sistemes distribuïts i, tot i que són possibles gràcies a l’acceptació de les plataformes de satèl·lits petits, encara presenten molts reptes en quant al disseny i operacions. Dos d’ells són els pilars principals d’aquesta tesi, en concret, la concepció d’eines de suport a la presa de decisions pel disseny de SSD, i la definició d’operacions autònomes basades en gestió descentralitzada a bord dels satèl·lits. La primera part d’aquesta dissertació es centra en el disseny arquitectural de SSD heterogenis i en xarxa, imbricant tecnologies de petits satèl·lits amb actius tradicionals. Es presenta un entorn d’optimització orientat al disseny basat en metodologies d’exploració i comparació de solucions. Els objectius d’aquest entorn són: la selecció el disseny de constel·lació més òptim; i facilitar la identificació de tendències de disseny, regions d’incompatibilitat, i tensions entre atributs arquitecturals. Sovint en els SSD d’OT, els requeriments del sistema i l’expressió de prioritats no només s’articulen en quant als atributs funcionals o les restriccions monetàries, sinó també a través de les característiques qualitatives com la flexibilitat, l’evolucionabilitat, la robustesa, o la resiliència, entre d’altres. En línia amb això, l’entorn d’optimització defineix una única figura de mèrit que agrega rendiment, cost i atributs qualitatius. Així l’equip de disseny pot influir en les solucions del procés d’optimització tant en els aspectes quantitatius, com en les característiques dalt nivell. L’aplicació d’aquest entorn d’optimització s’il·lustra en dos casos d’ús actuals identificats en context del projecte europeu ONION: un sistema que mesura paràmetres de l’oceà i gel als pols per millorar la predicció meteorològica i les operacions marines; i un sistema que obté mesures agronòmiques vitals per la gestió global de l’aigua, l’estimació d’estat dels cultius, i la gestió de sequeres. L’anàlisi de propietats arquitecturals ha permès copsar de manera exhaustiva les característiques funcionals i operacionals d’aquests sistemes. Amb això, la tesi ha seguit aprofundint en el disseny de SSD centrant-se, particularment, en un tret funcional: l’autonomia. Minimitzar la intervenció de l’operador humà és comú en altres sistemes espacials i podria ser especialment crític pels SSD de gran escala, d’estructura dinàmica i heterogenis. En els SSD s’espera que l’autonomia solucioni la possible incapacitat d’operar sistemes de gran escala de forma centralitzada, que millori el retorn científic i que n’apuntali les seves propietats emergents (e.g. tolerància a errors, adaptabilitat a canvis estructural i de necessitats d’usuari, capacitat de resposta). Es proposa un sistema d’operacions autònomes que atorga la capacitat de gestionar els sistemes de forma descentralitzada, a través del raonament local, l’assignació individual de recursos, i les interaccions satèl·lit-a-satèl·lit. Al contrari que treballs anteriors, la presa de decisions autònoma s’avalua per constel·lacions que tenen com a objectius de missió la minimització del temps de revisita global

Computational intelligence based complex adaptive system-of-systems architecture evolution strategy

The dynamic planning for a system-of-systems (SoS) is a challenging endeavor. Large scale organizations and operations constantly face challenges to incorporate new systems and upgrade existing systems over a period of time under threats, constrained budget and uncertainty. It is therefore necessary for the program managers to be able to look at the future scenarios and critically assess the impact of technology and stakeholder changes. Managers and engineers are always looking for options that signify affordable acquisition selections and lessen the cycle time for early acquisition and new technology addition. This research helps in analyzing sequential decisions in an evolving SoS architecture based on the wave model through three key features namely; meta-architecture generation, architecture assessment and architecture implementation. Meta-architectures are generated using evolutionary algorithms and assessed using type II fuzzy nets. The approach can accommodate diverse stakeholder views and convert them to key performance parameters (KPP) and use them for architecture assessment. On the other hand, it is not possible to implement such architecture without persuading the systems to participate into the meta-architecture. To address this issue a negotiation model is proposed which helps the SoS manger to adapt his strategy based on system owners behavior. This work helps in capturing the varied differences in the resources required by systems to prepare for participation. The viewpoints of multiple stakeholders are aggregated to assess the overall mission effectiveness of the overarching objective. An SAR SoS example problem illustrates application of the method. Also a dynamic programing approach can be used for generating meta-architectures based on the wave model. --Abstract, page iii

Applying genetic architectural synthesis in software development and run-time maintenance

Software systems are becoming complex entities with an increasing diffusion into many new domains. A complex software system requires more resources to develop and maintain. Some domains demand continuous operation like security or control systems, web services and communication systems etc. The trend will lead software industry to a situation where it will be difficult to develop software systems through traditional manual software engineering practices in a feasible budget. Any level of automation can relieve the pressure on the cost. This thesis work explores the potential of genetic architectural synthesis to introduce automation in software development and maintenance. The genetic algorithm operates at the architectural level. The fitness functions envelop the expert knowledge needed to gauge the quality (modifiability, efficiency and complexity) of architectures. The algorithm uses solutions which can be design patterns, architectural styles, best practices or application specific solutions to maintain the quality attributes. Each solution has a positive or negative impact on one or more quality attributes. Once calibrated, the genetic algorithm has been able to suggest good quality architectures. An empirical study has also been performed that suggests that the genetic algorithm’s proposals are comparatively better than the under-graduate level students’ designs. Tool support has been provided in the form of the Darwin environment. It facilitates a human architect to initiate, modify, monitor and analyze the results of a genetic architectural synthesis. Moreover, the genetic algorithm has been used to evolve software architectures to be easily distributable among the teams involved in its development. The algorithm takes into account the organizational information and proposes an initial work distribution plan along with the improved architecture. The SAGA (Self-Architecting using Genetic Algorithms) infrastructure has been developed to enable self-adaptive and manual run-time maintenance in Java-based applications. SAGA allows Java-based distributed systems to self-maintain reliability and efficiency. Furthermore, non-self-maintainable properties of a system can be maintained manually at run-time. The decision making engine is the genetic algorithm. The unit of run-time modification is an architectural solution which in its entirety enters of leaves the running instance of a system therefore affecting the system’s run-time quality. A solution is composed of roles which are bound to real artifacts in the system. Multiple attributes concerning reliability and efficiency of the running system are monitored by SAGA. In the case of poor system quality in a changed environment, SAGA triggers the genetic algorithm to propose improvements in the architecture taking into account the monitoring data. The proposal is then reflected to the run-time and the cycle continues. In the experiments, an example distributed system used in changing environment has been implemented with self-maintaining capability. A significant improvement in both reliability and efficiency of the running system has been observed

Quantum Software Engineering: A New Genre of Computing

Quantum computing (QC) is no longer only a scientific interest but is rapidly becoming an industrially available technology that can potentially tackle the limitations of classical computing. Over the last few years, major technology giants have invested in developing hardware and programming frameworks to develop quantum-specific applications. QC hardware technologies are gaining momentum, however, operationalizing the QC technologies trigger the need for software-intensive methodologies, techniques, processes, tools, roles, and responsibilities for developing industrial-centric quantum software applications. This paper presents the vision of the quantum software engineering (QSE) life cycle consisting of quantum requirements engineering, quantum software design, quantum software implementation, quantum software testing, and quantum software maintenance. This paper particularly calls for joint contributions of software engineering research and industrial community to present real-world solutions to support the entire quantum software development activities. The proposed vision facilitates the researchers and practitioners to propose new processes, reference architectures, novel tools, and practices to leverage quantum computers and develop emerging and next generations of quantum software

Engineering Resilient Space Systems

Several distinct trends will influence space exploration missions in the next decade. Destinations are becoming more remote and mysterious, science questions more sophisticated, and, as mission experience accumulates, the most accessible targets are visited, advancing the knowledge frontier to more difficult, harsh, and inaccessible environments. This leads to new challenges including: hazardous conditions that limit mission lifetime, such as high radiation levels surrounding interesting destinations like Europa or toxic atmospheres of planetary bodies like Venus; unconstrained environments with navigation hazards, such as free-floating active small bodies; multielement missions required to answer more sophisticated questions, such as Mars Sample Return (MSR); and long-range missions, such as Kuiper belt exploration, that must survive equipment failures over the span of decades. These missions will need to be successful without a priori knowledge of the most efficient data collection techniques for optimum science return. Science objectives will have to be revised ‘on the fly’, with new data collection and navigation decisions on short timescales. Yet, even as science objectives are becoming more ambitious, several critical resources remain unchanged. Since physics imposes insurmountable light-time delays, anticipated improvements to the Deep Space Network (DSN) will only marginally improve the bandwidth and communications cadence to remote spacecraft. Fiscal resources are increasingly limited, resulting in fewer flagship missions, smaller spacecraft, and less subsystem redundancy. As missions visit more distant and formidable locations, the job of the operations team becomes more challenging, seemingly inconsistent with the trend of shrinking mission budgets for operations support. How can we continue to explore challenging new locations without increasing risk or system complexity? These challenges are present, to some degree, for the entire Decadal Survey mission portfolio, as documented in Vision and Voyages for Planetary Science in the Decade 2013–2022 (National Research Council, 2011), but are especially acute for the following mission examples, identified in our recently completed KISS Engineering Resilient Space Systems (ERSS) study: 1. A Venus lander, designed to sample the atmosphere and surface of Venus, would have to perform science operations as components and subsystems degrade and fail; 2. A Trojan asteroid tour spacecraft would spend significant time cruising to its ultimate destination (essentially hibernating to save on operations costs), then upon arrival, would have to act as its own surveyor, finding new objects and targets of opportunity as it approaches each asteroid, requiring response on short notice; and 3. A MSR campaign would not only be required to perform fast reconnaissance over long distances on the surface of Mars, interact with an unknown physical surface, and handle degradations and faults, but would also contain multiple components (launch vehicle, cruise stage, entry and landing vehicle, surface rover, ascent vehicle, orbiting cache, and Earth return vehicle) that dramatically increase the need for resilience to failure across the complex system. The concept of resilience and its relevance and application in various domains was a focus during the study, with several definitions of resilience proposed and discussed. While there was substantial variation in the specifics, there was a common conceptual core that emerged—adaptation in the presence of changing circumstances. These changes were couched in various ways—anomalies, disruptions, discoveries—but they all ultimately had to do with changes in underlying assumptions. Invalid assumptions, whether due to unexpected changes in the environment, or an inadequate understanding of interactions within the system, may cause unexpected or unintended system behavior. A system is resilient if it continues to perform the intended functions in the presence of invalid assumptions. Our study focused on areas of resilience that we felt needed additional exploration and integration, namely system and software architectures and capabilities, and autonomy technologies. (While also an important consideration, resilience in hardware is being addressed in multiple other venues, including 2 other KISS studies.) The study consisted of two workshops, separated by a seven-month focused study period. The first workshop (Workshop #1) explored the ‘problem space’ as an organizing theme, and the second workshop (Workshop #2) explored the ‘solution space’. In each workshop, focused discussions and exercises were interspersed with presentations from participants and invited speakers. The study period between the two workshops was organized as part of the synthesis activity during the first workshop. The study participants, after spending the initial days of the first workshop discussing the nature of resilience and its impact on future science missions, decided to split into three focus groups, each with a particular thrust, to explore specific ideas further and develop material needed for the second workshop. The three focus groups and areas of exploration were: 1. Reference missions: address/refine the resilience needs by exploring a set of reference missions 2. Capability survey: collect, document, and assess current efforts to develop capabilities and technology that could be used to address the documented needs, both inside and outside NASA 3. Architecture: analyze the impact of architecture on system resilience, and provide principles and guidance for architecting greater resilience in our future systems The key product of the second workshop was a set of capability roadmaps pertaining to the three reference missions selected for their representative coverage of the types of space missions envisioned for the future. From these three roadmaps, we have extracted several common capability patterns that would be appropriate targets for near-term technical development: one focused on graceful degradation of system functionality, a second focused on data understanding for science and engineering applications, and a third focused on hazard avoidance and environmental uncertainty. Continuing work is extending these roadmaps to identify candidate enablers of the capabilities from the following three categories: architecture solutions, technology solutions, and process solutions. The KISS study allowed a collection of diverse and engaged engineers, researchers, and scientists to think deeply about the theory, approaches, and technical issues involved in developing and applying resilience capabilities. The conclusions summarize the varied and disparate discussions that occurred during the study, and include new insights about the nature of the challenge and potential solutions: 1. There is a clear and definitive need for more resilient space systems. During our study period, the key scientists/engineers we engaged to understand potential future missions confirmed the scientific and risk reduction value of greater resilience in the systems used to perform these missions. 2. Resilience can be quantified in measurable terms—project cost, mission risk, and quality of science return. In order to consider resilience properly in the set of engineering trades performed during the design, integration, and operation of space systems, the benefits and costs of resilience need to be quantified. We believe, based on the work done during the study, that appropriate metrics to measure resilience must relate to risk, cost, and science quality/opportunity. Additional work is required to explicitly tie design decisions to these first-order concerns. 3. There are many existing basic technologies that can be applied to engineering resilient space systems. Through the discussions during the study, we found many varied approaches and research that address the various facets of resilience, some within NASA, and many more beyond. Examples from civil architecture, Department of Defense (DoD) / Defense Advanced Research Projects Agency (DARPA) initiatives, ‘smart’ power grid control, cyber-physical systems, software architecture, and application of formal verification methods for software were identified and discussed. The variety and scope of related efforts is encouraging and presents many opportunities for collaboration and development, and we expect many collaborative proposals and joint research as a result of the study. 4. Use of principled architectural approaches is key to managing complexity and integrating disparate technologies. The main challenge inherent in considering highly resilient space systems is that the increase in capability can result in an increase in complexity with all of the 3 risks and costs associated with more complex systems. What is needed is a better way of conceiving space systems that enables incorporation of capabilities without increasing complexity. We believe principled architecting approaches provide the needed means to convey a unified understanding of the system to primary stakeholders, thereby controlling complexity in the conception and development of resilient systems, and enabling the integration of disparate approaches and technologies. A representative architectural example is included in Appendix F. 5. Developing trusted resilience capabilities will require a diverse yet strategically directed research program. Despite the interest in, and benefits of, deploying resilience space systems, to date, there has been a notable lack of meaningful demonstrated progress in systems capable of working in hazardous uncertain situations. The roadmaps completed during the study, and documented in this report, provide the basis for a real funded plan that considers the required fundamental work and evolution of needed capabilities. Exploring space is a challenging and difficult endeavor. Future space missions will require more resilience in order to perform the desired science in new environments under constraints of development and operations cost, acceptable risk, and communications delays. Development of space systems with resilient capabilities has the potential to expand the limits of possibility, revolutionizing space science by enabling as yet unforeseen missions and breakthrough science observations. Our KISS study provided an essential venue for the consideration of these challenges and goals. Additional work and future steps are needed to realize the potential of resilient systems—this study provided the necessary catalyst to begin this process