The limits of what we can successfully build are changing from structural integrity and the physical limits of materials to the intellectual limits of those designing, operating, interacting with, and maintaining our engineered systems. New technology, particularly digital technology, is creating the potential for higher levels of integrated, multi-loop control in systems containing large numbers of dynamically interacting components (including humans). The result is that we are attempting to build systems where interactions among components cannot be thoroughly planned, understood, anticipated, or guarded against. The result has been ” system accidents” and large-scale system failures, such as the recent Shuttle Columbia tragedy and the failure of the northeast power grid in August 2003.
Increasing complexity and coupling as well as the introduction of new digital technology are making it difficult for designers to consider all potential system states and for operators to handle all normal and abnormal situations and disturbances safely and effectively. In CSRL we are designing system modeling, analysis, and visualization theory and tools to assist in the design and operation of safer systems with greater capability. To accomplish these goals, we apply a system’s approach to engineering that includes building technical foundations and knowledge and integrating these with the organizational, political, and cultural aspects of system construction and operation.
Mission achievement is not the only issue. The cost and length of many of our complex engineering projects is reaching impractical limits. There needs to be some way to reduce costs and schedules such that these systems are not technically obsolete before they are completed and the costs so high that their construction and operation cannot be justified.
Our goal is to provide ways to stretch the limits of complexity and intellectual manageability of the systems we can build with reasonable resources and with confidence in their expected behavior, particularly safety and mission accomplishment. While our main emphasis is aerospace systems and applications, our research results are applicable to complex systems in such domains as transportation, energy, and health. Current research projects include design for safety; model-based system engineering; reusable, component-based system architectures; interactive visualization; human-centered system design; system diagnosis and fault tolerance; system sustainment; system engineering of software-intensive systems; and organizational factors in engineering and project management.
Some Current Research Projects
Model-Based System Engineering: Models provide a means for understanding complex phenomena and recording that understanding in a way that can be communicated to others. As complexity grows, the use of prototyping to evaluate designs becomes increasingly impractical. The alternative is to use behavioral and structural models, essentially executable specifications, along with advanced analysis tools and simulation environments to evaluate the system design before construction begins. We are investigating the design of executable specification languages that can form the basis for advanced engineering environments. Usability is a large component of this research: The executable specification languages must be reviewable and usable with minimal training by a large variety of domain experts if model-based system engineering is to become a practical reality. At the same time, to allow for automated analysis tools, the languages must have a formal (mathematical) model as their foundation.
Domain-Specific, Reusable, Component-Based System Architectures: Modern, complex control systems for specific application domains often display common system architectural features, making them suitable for representation by a reusable, component-based architecture. The similarities and commonalities can be exploited to create model-driven system development environments. For example, we have shown how to create such a generic spacecraft architecture in which reusable specifications and models can be tailored for the specific spacecraft design, executed and validated in a simulation environment, and then either manually or automatically transformed into software or hardware. Such reuse, however, is dependent on the ability to record design rationale and underlying assumptions so that the changes necessary for particular applications of the architecture can be determined. We do that by using what we call intent specifications.
Interactive Visualization: We hypothesize that the use of multiple views and interactive visualizations of system designs and specifications, based on the task being performed and the expertise of the user, can enhance the intellectual manageability of complex system engineering. Research on interactive visualization should not only be useful in system design but also in training and operations, where the complexity of the automation we are designing is confusing operators and those performing sustainment activities. Interactive visualization could be used as a tool both for training operators and for providing real-time information about the operation of the automation to assist with operational decision making and monitoring activities. The goal of our research is to provide a theoretical foundation for designing interactive visualizations of complex system design and behavior for use by system designers, operators, and maintainers.
New Accident Models for Complex Systems: At the foundation of the current limitations in engineering for safety and mission assurance is the almost exclusive use of a model of accidents that assumes they arise from a chain of failure events and human errors. While satisfactory for the relatively simple electromechanical and industrial systems for which the model was developed, it does not explain system accidents (arising from interactions among system components rather than individual component failures) and is inadequate for today’s complex, software-intensive, human-machine systems. We are developing accident models based on systems theory that can serve as the foundation for new and improved approaches to accident investigation and analysis, hazard analysis and accident (loss) prevention, risk assessment and risk management, and performance monitoring. Such models need to include organizational and management factors and well as technical if they are to prevent losses in complex systems.
Human-Centered System Design: Complex systems in the future will be composed of teams of humans and computers, working together to achieve system goals. Humans have not been eliminated from most high-tech systems, but their role has changed significantly-often they are monitors or high-level managers of the automation, which directly (autonomously) controls the system. Our research goals include learning how to design automation to eliminate or reduce human errors such as mode confusion, to optimize allocation of tasks among humans and automation, to enhance learnability, and to improve the training of humans to interact with automation.
Comprehensive Risk Management in Complex Engineered Systems: By integrating the results of our research on model-based system engineering, reusable architectures, human-centered system design, and accident models, we hope to create a risk-driven, model-based methodology for designing complex systems. The methodology will include methods and tools that assist in making informed risk-related decisions from the early stages of project conceptualization through development, deployment, operations, and eventual decommissioning. Emphasis is on providing the ability to make tradeoffs and decisions as early as possible in the process so that the need for rework or unnecessary work and the tradeoffs necessary to provide high confidence in the resulting system behavior are minimized. All aspects of risk, including organizational and human aspects, are integrated into the methodology. The environment will include generic component models to support the development of reusable architectures and component models; fault detection, diagnosis, and protection techniques; design for safety and mission assurance; and support for risk control in maintenance, operations, and systems health monitoring.
Cultural and Organizational Factors in the Engineering of Complex Systems: The Columbia accident and other major technological losses have amply demonstrated the need for understanding the relationships among organizational culture, management, and engineering. We are examining the potential for using systems theory and modeling to understand and “engineer” the safety culture and other organizational and cultural factors in project management, development, and operations.