Combining goal models, expert elicitation, and probabilistic simulation for qualification of new technology

New technologies typically involve innovative aspects that are not addressed by the existing normative standards and hence are not assessable through common certification procedures. To ensure that new technologies can be implemented in a safe and reliable manner, a specific kind of assessment is performed, which in many industries, e.g., the energy sector, is known as Technology Qualification (TQ). TQ aims at demonstrating with an acceptable level of confidence that a new technology will function within specified limits. Expert opinion plays an important role in TQ, both to identify the safety and reliability evidence that needs to be developed, and to interpret the evidence provided. Hence, it is crucial to apply a systematic process for eliciting expert opinions, and to use the opinions for measuring the satisfaction of a technology's safety and reliability objectives. In this paper, drawing on the concept of assurance cases, we propose a goal-based approach for TQ. The approach, which is supported by a software tool, enables analysts to quantitatively reason about the satisfaction of a technology's overall goals and further to identify the aspects that must be improved to increase goal satisfaction. The three main components enabling quantitative assessment are goal models, expert elicitation, and probabilistic simulation. We report on an industrial pilot study where we apply our approach for assessing a new offshore technology. © 2011 IEEE

A risk assessment method for online social transparency in enterprise information systems.

Enterprises integrate social networking tools within their information systems to enhance social networking, situational awareness, coordination and collaboration amongst their members. Social interaction can be empowered by traditional tools such as E-mail, or specialised social platforms, including Workplace by Facebook and Slack. More specialised systems enable bespoke features to declare, share and retrieve current and past engagements, team memberships, allocated tasks and priorities. Social transparency refers to the intentional sharing of information relating to intentions and reasoning of individual actions to others in the workplace. This includes announcing personal interests, activity status, priorities and personal achievements in order to explain individual intentions. Such transparency is typically intended to increase relatedness, motivation, coordination and trust amongst colleagues. However, an ad-hoc implementation of such transparency can pose issues such as information overload, social loafing, motivating unwanted grouping amongst colleagues and increasing pressure to perform in a particular manner. Although the current works on transparency and its effects illuminate the potential promise of managing social transparency in the enterprise, particularly in their online platforms, scholars still handle social transparency as an information quality issue and there is a lack of concrete knowledge about its potential risks and their factors. Moreover, there is a lack of systematic methods to evaluate and assess the quality of online social transparency in general and its shortcomings and risks in particular. In this research, we address the question of how to manage social transparency by identifying and assessing the risks of its ad-hoc practice. We provided a working definition of social transparency, and we assume that this transparency is an autonomous decision by organisation members to be open when conveying social information through online platforms. This research aims to provide a systematic method to identify and assess the risks of online social transparency within organisation members. To achieve the goal of this research, a qualitative approach has been adopted to explore the risks of online social transparency and how this transparency can be assessed. Implementing this approach resulted in several empirical studies involving employees, managers, systems analysts. Two focus groups resulted in exploring the concept of online social transparency and the assessment factors. An Interview study contributes to that aim by creating classifications of users’ perspective on risks and risk factors. An observational study conducted in two small multicultural companies to further explore the risks and risk factors from real organisational contexts. A novel assessment method for online social transparency was developed from these studies to assist system analysts and enterprise management in identifying and assessing the impact of online social transparency in their work environment

A Harmonized Compositional Assurance Approach for Safety-Critical Systems

Safety-critical systems, those whose failure could end up in loss or injuries to people or the environment, are required to go through laborious and expensive certification processes. These systems have also increased their complexity and as it has already been done in other domains, they have applied component-based system developments to deal with complexity. However, components are difficult to assess as certification is done at system level and not at component level. Compositional certification approach proposes to get incremental credit by accepting that a specific component complies with specific standard’s requirements and it is correctly integrated. The objective is to support integration of new components while the previously integrated components do not need to work for re-acceptance. We propose (1) the use of assurance modelling techniques to provide us the mechanism to understand the common basis of standards shared by different domains such as the avionics, automotive and the medical devices design. We propose (2) an assurance decomposition methodology offering guidance and modelling mechanisms to decompose the responsibilities associated with the life-cycle of safety-critical components. This methodology ensures a hierarchy of assurance and certification projects where the responsibilities and project tasks can be specified and its accomplishment can be assessed to determine the compliance of functional safety standards. Assurance decomposition supports the reuse of components as it guides us not just for standards compliance but specifically on the understanding and tailoring of those standards for component assurance and support when those components are integrated into the final system. We propose (3) a contract-based approach to support the integration of reused components and at the same time, the proposal supports the identification of assumptions, a very laborious and time consuming task. Assurance Contracts are defined to ensure incremental compliance once the components are integrated. The objective of this assurance contracts is to ensure the overall compliance of the system with the selected standards and reference documents such as guidelines or advisory circulars. The defined approach to assurance contracts specification attempts to balance the need for unambiguity on the composition while maintaining the heterogeneity of the information managed. The claims classification offers an easy method to support the assessment of contract completeness and the structured expressions provide a semi-formal language to specify the assumptions and guarantees of a component. This work has been mainly framed in a European collaborative research projects such as OPENCOSS a Large-scale integrating project (IP) with 17 partners from 9 countries to develop a platform for safety assurance and certification of safety-critical systems (compliance with standards, robust argumentation, evidence management, process transparency), SAFEADAPT an FP7 project with 9 partners and RECOMP an ARTEMIS project.. The results of this work have been presented to the standardization group of the Object Management Group responsible for the SACM (Structured Assurance Case Metamodel) standard specification, which currently discusses its inclusion in future versions. The (4) tools presented and used in this work have been included in the results of an open tool platform developed within the OPENCOSS project that is being released in PolarSys. PolarSys is an Eclipse Industry Working Group created by large industry players and by tools providers to collaborate on the creation and support of Open Source tools for the development of embedded systems

Modelling and Analysing Software Requirements and Architecture Decisions under Uncertainty

Early requirements engineering and software architectural decisions are critical to the success of software development projects. However, such decisions are confronted with complexities resulting from uncertainty about the possible impacts of decision choices on objectives; conflicting stakeholder objectives; and a huge space of alternative designs. Quantitative decision modelling is a promising approach to tackling the increasing complexity of requirements and architectural decisions. It allows one to use quantitative techniques, such as stochastic simulation and multi-objective optimisation, to model and analyse the impact of alternative decisions on stakeholders' objectives. Existing requirements and architecture methods that use quantitative decision models are limited by the difficulty of elaborating quantitative decision models and/or lack of integrated tool support for automated decision analysis under uncertainty. This thesis addresses these problems by presenting a novel modelling language and automated decision analysis technique, implemented in a tool called RADAR, intended to facilitate requirements and architecture decisions under uncertainty. RADAR's modelling language has relations to quantitative AND/OR goal models used in requirements engineering and feature models used in software product lines. The language enables modelling requirements and architectural decision problems characterised by (i) single option selection similar to mutually exclusive option selection (XOR-nodes) of feature diagrams; (ii) multiple options selection similar to non-mutually exclusive options selections (OR-nodes) of feature diagrams; and (iii) constraints dependency relationships, e.g., excludes, requires and coupling, between options of decisions. RADAR's analysis technique uses multi-objective simulation optimisation technique in evaluating and shortlisting alternatives that produces the best trade-off between stakeholders' objectives. Additionally, the analysis technique employs information value analysis to estimate the financial value of reducing uncertainty before making a decision. We evaluate RADAR's applicability, usefulness and scalability on a set of real-world systems from different application domains and characterised by design space size between 6 and 2E50. Our evaluation results show that RADAR's modelling language and analysis technique is applicable on a range of real-world requirements and architecture decision problems, and that in few seconds, RADAR can analyse decision problems characterised by large design space using highly performant optimisation method through the use of evolutionary search-based optimisation algorithms