Risks and Assets: A Qualitative Study of a Software Ecosystem in the Mining Industry

Digitalization and servitization are impacting many domains, including the mining industry. As the equipment becomes connected and technical infrastructure evolves, business models and risk management need to adapt. In this paper, we present a study on how changes in asset and risk distribution are evolving for the actors in a software ecosystem (SECO) and system-of-systems (SoS) around a mining operation. We have performed a survey to understand how Service Level Agreements (SLAs) -- a common mechanism for managing risk -- are used in other domains. Furthermore, we have performed a focus group study with companies. There is an overall trend in the mining industry to move the investment cost (CAPEX) from the mining operator to the vendors. Hence, the mining operator instead leases the equipment (as operational expense, OPEX) or even acquires a service. This change in business model impacts operation, as knowledge is moved from the mining operator to the suppliers. Furthermore, as the infrastructure becomes more complex, this implies that the mining operator is more and more reliant on the suppliers for the operation and maintenance. As this change is still in an early stage, there is no formalized risk management, e.g. through SLAs, in place. Rather, at present, the companies in the ecosystem rely more on trust and the incentives created by the promise of mutual future benefits of innovation activities. We believe there is a need to better understand how to manage risk in SECO as it is established and evolves. At the same time, in a SECO, the focus is on cooperation and innovation, the companies do not have incentives to address this unless there is an incident. Therefore, industry need, we believe, help in systematically understanding risk and defining quality aspects such as reliability and performance in the new business environment

A framework for Model-Driven Engineering of resilient software-controlled systems

AbstractEmergent paradigms of Industry 4.0 and Industrial Internet of Things expect cyber-physical systems to reliably provide services overcoming disruptions in operative conditions and adapting to changes in architectural and functional requirements. In this paper, we describe a hardware/software framework supporting operation and maintenance of software-controlled systems enhancing resilience by promoting a Model-Driven Engineering (MDE) process to automatically derive structural configurations and failure models from reliability artifacts. Specifically, a reflective architecture developed around digital twins enables representation and control of system Configuration Items properly derived from SysML Block Definition Diagrams, providing support for variation. Besides, a plurality of distributed analytic agents for qualitative evaluation over executable failure models empowers the system with runtime self-assessment and dynamic adaptation capabilities. We describe the framework architecture outlining roles and responsibilities in a System of Systems perspective, providing salient design traits about digital twins and data analytic agents for failure propagation modeling and analysis. We discuss a prototype implementation following the MDE approach, highlighting self-recovery and self-adaptation properties on a real cyber-physical system for vehicle access control to Limited Traffic Zones

Towards a Data Governance Framework for Third Generation Platforms

The fourth industrial revolution considers data as a business asset and therefore this is placed as a central element of the software architecture (data as a service) that will support the horizontal and vertical digitalization of industrial processes. The large volume of data that the environment generates, its heterogeneity and complexity, as well as its reuse for later processes (e.g. analytics, IA) requires the adoption of policies, directives and standards for its right governance. Furthermore, the issues related to the use of resources in the cloud computing must be taken into account with the aim of meeting the requirements of performance and security of the different processes. This article, in the absence of frameworks adapted to this new architecture, proposes an initial schema for developing an effective data governance programme for third generation platforms, that means, a conceptual tool which guides organizations to define, design, develop and deploy services aligned with its vision and business goals in I4.0 era.This work is partially funded by Spanish Government through the research project TIN2017-86520-C3-3-R

Governance of Autonomous Agents on the Web: Challenges and Opportunities

International audienceThe study of autonomous agents has a long tradition in the Multiagent System and the Semantic Web communities, with applications ranging from automating business processes to personal assistants. More recently, the Web of Things (WoT), which is an extension of the Internet of Things (IoT) with metadata expressed in Web standards, and its community provide further motivation for pushing the autonomous agents research agenda forward. Although representing and reasoning about norms, policies and preferences is crucial to ensuring that autonomous agents act in a manner that satisfies stakeholder requirements, normative concepts, policies and preferences have yet to be considered as first-class abstractions in Web-based multiagent systems. Towards this end, this paper motivates the need for alignment and joint research across the Multiagent Systems, Semantic Web, and WoT communities, introduces a conceptual framework for governance of autonomous agents on the Web, and identifies several research challenges and opportunities

Source Data for the Focus Area Maturity Model for Software Ecosystem Governance

We define a software ecosystem as a set of organizations collaboratively serving a market for software and services. Typically these ecosystems are underpinned by a common technology, such as an extendable software platform. This data set supports the article that describes the Software Ecosystem Governance Maturity Model (SEG−M2) [50]. The model has the goal to support software ecosystem orchestrators in the management and governance of the actors in their ecosystems in a structured way. Through a critical structured literature review, 168 practices have been collected. These practices have been evaluated through six case studies at software ecosystem orchestrators. The practices are described with a practice code, a practice name, a practice description, required success conditions, the person responsible for the practice, and the associated literature where the practice was identified

DATA GOVERNANCE, INTEROPERABILITY AND STANDARDIZATION: ORGANIZATIONAL ADAPTATION TO PRIVACY REGULATION

The increasing availability of data can afford dynamic competitive advantages among data-intensive corporations, but governance bottlenecks hinder data-driven value creation and increase regulatory risks. We analyze the role of two technological features of data architecture that facilitate internal data governance – Application Programmatic Interfaces (APIs) that publish interdepartmental data and standardization of identity and access management (IAM) software – in shaping large dataintensive corporations’ adaptation to privacy regulation. Using annual establishment data for the largest U.S. financial services corporations and the enforcement of the General Data Protection Regulation (GDPR) in 2018 as a natural experiment, we show that internal data APIs and standardization of IAM software significantly mitigate establishments’ revenue loss and IT budget reduction in response to GDPR enforcement. Compliance costs measured by IT hiring increased substantially after GDPR enforcement only for firms without internal data APIs. Our findings highlight the importance of interoperability and standardization as technical conditions that facilitate dynamic integrative capability, allowing large data-intensive corporations to ensure proper data governance and adapt to privacy regulation

Empirical evaluation of an architectural technical debt index in the context of the Apache and ONAP ecosystems

Background. Architectural Technical Debt (ATD) in a software-intensive system denotes architectural design choices which, while being suitable or even optimal when adopted, lower the maintainability and evolvability of the system in the long term, hindering future development activities. Despite the growing research interest in ATD, how to gain an informative and encompassing viewpoint of the ATD present in a software-intensive system is still an open problem. Objective. In this study, we evaluate ATDx, a data-driven approach providing an overview of the ATD present in a software-intensive system. The approach, based on the analysis of a software portfolio, calculates severity levels of architectural rule violations via a clustering algorithm, and aggregates results into different ATD dimensions. Method. To evaluate ATDx, we implement an instance of the approach based on SonarQube, and run the analysis on the Apache and ONAP ecosystems. The analysis results are then shared with the portfolio contributors, who are invited to participate in an online survey designed to evaluate the representativeness and actionability of the approach. Results. The survey results confirm the representativeness of the ATDx, in terms of both the ATDx analysis results and the used architectural technical debt dimensions. Results also showed the actionability of the approach, although to a lower extent when compared to the ATDx representativeness, with usage scenarios including refactoring, code review, communication, and ATD evolution analysis. Conclusions. With ATDx, we strive for the establishment of a sound, comprehensive, and intuitive architectural view of the ATD identifiable via source code analysis. The collected results are promising, and display both the representativeness and actionability of the approach. As future work, we plan to consolidate the approach via further empirical experimentation, by considering other development contexts (e.g., proprietary portfolios and other source code analysis tools), and enhancing the ATDx report capabilities