An Empirical Methodology for Engineering Human Systems Integration

The systems engineering technical processes are not sufficiently supported by methods and tools that quantitatively integrate human considerations into early system design. Because of this, engineers must often rely on qualitative judgments or delay critical decisions until late in the system lifecycle. Studies reveal that this is likely to result in cost, schedule, and performance consequences. This dissertation presents a methodology to improve the application of systems engineering technical processes for design. This methodology is mathematically rigorous, is grounded in relevant theory, and applies extant human subjects data to critical systems development challenges. The methodology is expressed in four methods that support early systems engineering activities: a requirements elicitation method, a function allocation method, an input device design method, and a display layout design method. These form a coherent approach to early system development. Each method is separately discussed and demonstrated using a prototypical system development program. In total, this original and significant work has a broad range of systems engineer applicability to improve the engineering of human systems integration

Measuring Human Systems Integration in Directed Energy Weapon Acquisition Programs

Directed energy weapons (DEW) are of interest to the armed forces as they search for more effective ways to deal with evolving threats. The development of these weapons has been ongoing for almost 40 years, despite only one operational fielding by the U.S. Navy in 2014. Some reasons for DEW’s lack of adoption by the services include cost overruns and unclear requirements. Early adoption of human systems integration (HSI) in the military’s acquisition process is shown to provide substantial cost savings over the life of the system. Quantifying the application of HSI within a DEW acquisition program is addressed through decision analysis using value-focused thinking (VFT). The VFT model helps program managers and HSI practitioners balance total system performance and cost of ownership. Knowledge gathered from expert elicitation was used to create the decision model consisting of objectives in a hierarchal format. The proposed VFT model is a beginning step that allows for an objective analysis of HSI efforts in a DEW acquisition program. Further work is required to make the model practical for use

A Conceptual Framework for Analysis of System Safety Interoperability of United States Navy\u27s Combat Systems

Today\u27s political and military reality requires the optimal use of our legacy systems. The objective is to maximize the effectiveness of our operations by efficient allocation, placement and the use of our forces and war-fighting systems. The synergism drawn from the capabilities of the legacy complex systems enables today\u27s war-fighting needs to be met without substantial increase in cost or resources. This synergism can be realized by the effective integration and interoperation of legacy systems into a larger, more complex system of systems. However, the independently developed legacy systems in this new tactical environment often have different data types, languages, data modeling, operating systems, etc. These differences are impediments to the requirement for interoperability, and can create an environment of confusion, misinformation and certainly un-interoperability, hence hinder the safe interoperation of the metasystem and potentially increase the risk for mishaps. Safe interoperability capability assures that the mission objectives are achieved not only effectively but also safely. The System Safety Interoperability Framework (SSIF) introduced in this dissertation provides the framework for the engineering community to evaluate, from system safety perspective, the interoperability issues between multiple complex systems in the U.S. Navy\u27s system of systems context. SSIF characterization attributes are System of Systems (SoS) tactical environment, SoS Engineering, SoS Safety Engineering, and Safety Critical Data. SSIF is applied to AEGIS Ballistic Missile Defense 3.0 Program to explore and analyze the safety interoperability issues in the overall system, by which the SSIF is further validated as an effective approach in analyzing the safe interoperability capability in Navy\u27s combat systems

A Decision Analysis Framework for Evaluation of Helmet Mounted Display Alternatives for Fighter Aircraft

The promise of providing an intuitive and efficient information interface, while allowing the warfighter to perform other critical tasks such as targeting or aircraft control, has led to the growing popularity of Helmet Mounted Displays (HMDs) across the military landscape, especially combat aircraft. Though design and selection of competing systems is critical to optimized performance and safety, structured methods for the evaluation of HMDs are not often used in the acquisition community, leaving selection among alternative designs to the judgment of subject matter experts. However, technical decision-making has been shown to be flawed without the use of a structured decision analysis framework, which can help to overcome narrow focus, potential bias, and human error. This thesis proposes a HMD design evaluation framework that derives system metrics from fundamental multi-level performance objectives and employs a robust, analytical approach to assess the alternative\u27s ability to bring value to these objectives. Supported by principles of Human Systems Integration (HSI) and Value-Focused Thinking, the framework can be used by decision makers to craft informed, defendable judgments that strive to increase system performance while decreasing maintenance and integration resource. The 17-factor framework is illustrated through application on two possible solutions for a fixed-wing fighter platform

A framework for software reuse in safety-critical system of systems

This thesis concerns the effective and safe software reuse in safety-critical system-of-systems. Software reuse offers many unutilized benefits such as achieving rapid system development, saving resources and time, and keeping up technologically in an increasingly advancing global environment. System software needs to be designed for both reuse and safety and available information shared effectively. We introduce a process neutral framework for software reuse in safety-critical system of systems. That framework consists of four elements: organizational factors, component attributes, component specification, and safety analysis. We developed a model (C5RA) to capture the relevant component information and assist in specification matching. We conducted a survey of software safety metrics, created metrics, and developed a ranking. We applied the framework utilizing the reuse of a generic avionics software component. Our key findings are that congruence between all elements is required; software should posses certain attributes with metrics that support a safe design; software component information can be specified using C5RA; and a process was identified for a system-of-systems hazard analysis for software reuse. The framework outlined provides a solution that enables effective software reuse in safety-critical system of systems.http://archive.org/details/aframeworkforsof109454142Australian Army author.Approved for public release; distribution is unlimited

A Systemic Approach to Next Generation Infrastructure Data Elicitation and Planning Using Serious Gaming Methods

Infrastructure systems are vital to the functioning of our society and economy. However, these systems are increasingly complex and are more interdependent than ever, making them difficult to manage. In order to respond to increasing demand, environmental concerns, and natural and man-made threats, infrastructure systems have to adapt and transform. Traditional engineering design approaches and planning tools have proven to be inadequate when planning and managing these complex socio-technical system transitions. The design and implementation of next generation infrastructure systems require holistic methodologies, encompassing organizational and societal aspects in addition to technical factors. In order to do so, a serious gaming based risk assessment methodology is developed to assist infrastructure data elicitation and planning. The methodology combines the use of various models, commercial-off-the-shelf solutions and a gaming approach to aggregate the inputs of various subject matter experts (SMEs) to predict future system characteristics. The serious gaming based approach enables experts to obtain a thorough understanding of the complexity and interdependency of the system while offering a platform to experiment with various strategies and scenarios. In order to demonstrate its abilities, the methodology was applied to National Airspace System (NAS) overhaul and its transformation to Next Generation Air Transportation System (NextGen). The implemented methodology yielded a comprehensive safety assessment and data generation mechanism, embracing the social and technical aspects of the NAS transformation for the next 15 years

Emotions and behaviors of Chinese and U.S. preschoolers in two emotionally challenging tasks

2013 Summer.Includes bibliographical references.As children develop during early childhood, they are expected to internalize and follow social rules, so as to interact with people and the larger society in emotionally and behaviorally appropriate ways. But societal expectations and corresponding emotional and behavioral responses of individuals are all embedded in the sociocultural context (Markus & Kitayama, 1991; Rothbaum & Rusk, 2011). Americans typically are more emotionally expressive than Chinese even in early childhood (Camras, et al., 2007; Tardif, Wang, & Olson, 2009). Emotional expression disrupts social harmony and is discouraged in Chinese children, but indicates individuality and is more accepted in American children. In more individualistic cultures such as the U.S., which emphasize autonomy and self-agency, one might be expected to direct behaviors outward to actively change the context to be less distressing; in collectivistic cultures like China, one might be more inclined to modify the self to feel or appear less distressed instead (Rothbaum & Rusk, 2011). Still, contextual demands may affect these patterns, particularly if appropriate behavior in the contexts is highly socialized, such that children may anticipate strong negative consequences for misbehavior. In this study, the emotional and behavioral responses of Chinese and American preschoolers were compared in two emotionally challenging situations that are important contexts for socialization--resistance to temptation and "breaking" someone's toy. Thirty-four Chinese (17 females) and 37 American (19 females) 3-3.5 year olds were observed across 5 episodes: 1. Introduction to a temptation toy, 2. Resistance to temptation; 3. Introduction to a clown doll; 4. Solitary play with the clown doll; 5. Period after child "breaks" clown doll (standard violation). Children's emotional and behavioral responses were coded second by second and the data were analyzed with repeated measures MANCOVAs. Emotionally, American children were found to be more expressive of happiness and sadness than Chinese children. Chinese children's anger responses showed a cumulative pattern across contexts. Except for the impact on Chinese children's anger, the contextual changes generated children's emotional responses in the expected direction, in that pleasant contexts generated more positive emotions and fewer negative emotions, whereas challenging contexts generated more negative emotions and fewer positive emotions. Behaviorally, American children were found to display more context-directed distraction behaviors than Chinese children; whereas Chinese children displayed more emotion-focused self-modification behaviors, including focal avoidance and self-soothing. Distraction behaviors of children from both samples varied according to contextual changes: most distraction in resistance to temptation, least distraction during play session, and slight increase in distraction during standard violation. But variation in American children's distraction across contexts was greater than that of the Chinese children. By taking a culture-specific, context-specific, and process-oriented approach, the study found evidence for cross-culture, cross-context, and cross-time variations in American and Chinese young children's emotional and behavioral responses toward social challenges. Results highlight the importance of considering children's culture, the immediate and preceding contexts, and time course since challenging events occurred when interpreting and responding to young children's behavior in order to more effectively promote positive development in those children

Evaluation Framework for Software Security Requirements Engineering Tools

Tarkvaraarenduses on nõuded kui süsteemi vundament, mis vastutavad ka ebaõnnestumiste eest. Valed nõuded võivad viia tarkvara eripäradeni, mis tegelikult ei vasta spetsifikatsioonidele. Sel põhjusel peetakse nõuete koostamist kõige keerulisemaks ja olulisemaks sammuks tarkvaraarenduse elutsükli kõikide protsesside jooksul. Tänapäeval, kus küberrünnakud on \n\rtavalised, mängivad turvalisuse nõuded väga olulist rolli tarkvaraarenduse protsessis. On levimas uut tüüpi tööriistad, mille kasutamist peetakse kõige efektiivsemaks meetodiks turvalisusnõuete väljatöötamisel. Lisaks võimaldavad need tööriistad lahendada turvalisusega seotud küsimusi kasutajal endal, hoides märgatavalt kokku inseneride aega. Siiski on nende tööriistade \n\rareng alles algstaadiumis ning neid ei ole tarkvarainseneride poolt massiliselt kasutusele võetud. Põhjus on väga pikas uue tarkvara õppimise ja sellega kohanemise protsessis, mis põhjustab ajakadu arendusprotsessis ning lisab projektile kulusid. Projekti jaoks konkreetse tööriista valimisel võib tutvumine ja katsetamine võtta inseneridel hulgaliselt aega. Lisaks sellele võib struktureerimata valikuprotsess viia vale tööriista kasutuselevõtmisele, mis raiskab omakorda kõigi aega ja pingutusi. Selles uurimuses kavatseme me koostada struktureeritud lähenemise, mis aitab insenere turvaliste tööriistade valimisel. Protsessile kaasaaitamiseks saavad analüütikud ja arhitektid hinnata tarkvara omadusi, mida nad enda seisukohast olulisimateks peavad. Sellest lähtuvalt saavad nad valida kindlate tööriistade vahel ning teha parima valiku. \n\rAntud uurimustöös konstrueeritud lähenemisega on võimalik säästa aega, vaeva ja kulutusi. Uurimuse koostamise käigus uurime me tarkvaraarenduse turvaprotsesse, meetodeid ja tööriistu ning püüame luua raamistikku, mis oleks inseneridele turvalisusnõuete tööriistade hindamisel abiks.In software development requirements are considered as building blocks of software system, which also are considered to be responsible in event of failure. Bad requirements can lead to software features that are not to the specifications. For that reason requirement gathering process is considered as the most sensitive and complicated process among all software engineering lifecycle processes. In current age where cyber-attacks are common security requirements also comes into place and plays a very important role in software development process. In order to elicit security requirements new type of tools are begin to form a shape called security engineering tools which help in eliciting security requirements. That considered being the most efficient way of eliciting security requirements. Moreover these tools empower users with artifacts specifically to cater security needs, which save time and efforts for engineers in return. Nevertheless these tools are still at their infantry and are lacking mass adoption by software security engineers. Reason because these tools have steep learning curve which can add-up to development time and end up pushing more cost to the project. In order to decide which tool to select for a particular project require engineers to use these tools which in return will consume tremendous amount of time. Moreover using unstructured tool selection process can also leads to wrong tool selection which will be the waste of time and efforts. In this research work we are going to construct structured approach which will help engineers in security engineering tool selection process. In order to aid this process analysts and architects will be able to rate the features they want the most in a particular security engineering tool. In return from this process they will be able to choose between security engineering tools and select the best one. Finally using approach constructed in this research work will save time, efforts, and costs. In our approach we will analyze security engineering processes, methods and tools, to construct a framework that will help aid engineers in security engineering tool evaluation process

Developing Secure and Safe Systems with Knowledge Acquisition for Automated Specification

On spetsiaalsed tehnikad, mida kasutatakse riskihalduses nii turvalisuse kui ohutuse konstrueerimise domeenides. Nende tehnikate väljundid, mida tuntakse artefaktidena, on üksteisest eraldatud, mis toob kaasa mitmeid probleeme, kuna domeenid on sõltumatud ja ei ole domeeni, mis ühendaks neid mõlemat. Probleemi keskmes on see, et turvalisus- ja ohutusinsenerid töötavad erinevates meeskondades kogu süsteemiarenduse elutsükli jooksul, mille tulemusena riskid ja ohud on ebapiisavalt kaetud. Käesolevas magistritöös rakendatakse struktuurset lähenemist, turvalisuse ja ohutuse integreerimiseks läbi SaS (Safety and Security) domeeni mudeli loomise, mis integreerib neid mõlemaid. Lisaks töö käigus näidatakse, et on võimalik kasutada eesmärgipõhist KAOS (Knowledge Acquisition in autOmated Specification) keelt ohtude ja riskide analüüsiks, nii et kaetud saavad nii ohutus- kui ka turvadomeen, muutes nende väljundid e. artefaktid hästi struktureerituks, mille tulemusena toimub põhjalik analüüs ja suureneb usaldatavus. Me pakume välja lahenduse, mis sisaldab sellise domeeni mudeli loomist, milles on integreeritud ohtutuse ja turvalisuse domeenid. See annab parema võrdlus- ja integreerimisvõimaluse, leidmaks kahe domeeni vahelise kesktee ning ühendavad definitsioonid läbi nende kaardistamise üldises ontoloogias. Selline lahendus toob kokku turvalisuse ja ohutusedomeenide integratsiooni ühtsesse mudelisse, mille tulemusena tekib ohutus- ja turvalisustehnikate vahel vastastikune mõjustus ning toodab väljundeid, mida peetakse usaldusartefaktideks ning kasutab KAOSt domeeni mudeliga, mis on ehitatud juhtumianalüüsi põhjal. Peale vastloodud mudeli rakendumist viiakse läbi katse, milles analüüsitakse sedasama juhtumit, võrdlemaks selle tulemusi teiste juba olemasolevate mudelite tulemustega, et uurida sellise domeeni mõttekust. Struktureeritud lähenemine võib seega toimida liidesena, mis lihtsustab aktiivset interaktsiooni riski- ja ohuhalduses, aidates leida lahendusi probleemidele ja vastuoludele, mille lahendamiseks on vaja integreerida ohutuse ja turvalisuse domeenid ja kasutada unifitseeritud süsteemianalüüsi tehnikat, mille tulemusena tekib analüüsi tsentraalsus.There are special techniques languages that are used in risk management in both domains of safety engineering and security engineering. The outputs, known as artifacts, of these techniques are separated from each other leading to several difficulties due to the fact that domains are independent and that there is no one unifying domain for the two. The problem is that safety engineers and security engineers work in separated teams from throughout the system development life cycle, which results in incomplete coverage of risks and threats. The thesis applies a structured approach to integration between security and safety by creating a SaS (Safety and Security) domain model. Furthermore, it demonstrates that it is possible to use goal-oriented KAOS (Knowledge Acquisition in automated Specification) language in threat and hazard analysis to cover both safety and security domains making their outputs, or artifacts, well-structured and comprehensive, which results in dependability due to the comprehensiveness of the analysis. The structured approach can thereby act as an interface for active interactions in risk and hazard management in terms of universal coverage, finding solutions for differences and contradictions which can be overcome by integrating the safety and security domains and using a unified system analysis technique (KAOS) that will result in analysis centrality

NASA System Safety Handbook. Volume 2: System Safety Concepts, Guidelines, and Implementation Examples

This is the second of two volumes that collectively comprise the NASA System Safety Handbook. Volume 1 (NASASP-210-580) was prepared for the purpose of presenting the overall framework for System Safety and for providing the general concepts needed to implement the framework. Volume 2 provides guidance for implementing these concepts as an integral part of systems engineering and risk management. This guidance addresses the following functional areas: 1.The development of objectives that collectively define adequate safety for a system, and the safety requirements derived from these objectives that are levied on the system. 2.The conduct of system safety activities, performed to meet the safety requirements, with specific emphasis on the conduct of integrated safety analysis (ISA) as a fundamental means by which systems engineering and risk management decisions are risk-informed. 3.The development of a risk-informed safety case (RISC) at major milestone reviews to argue that the systems safety objectives are satisfied (and therefore that the system is adequately safe). 4.The evaluation of the RISC (including supporting evidence) using a defined set of evaluation criteria, to assess the veracity of the claims made therein in order to support risk acceptance decisions