SlideShare a Scribd company logo

LSCITS engineering

Ian Sommerville, profile picture
Ian Sommerville

This document discusses the challenges of engineering large, socio-technical complex systems (LSCITS). It argues that traditional reductionist engineering approaches are inadequate for LSCITS due to uncertainties in their environments. A new field of LSCITS engineering is needed to address problems of scale, uncertainty, integration and developing new abstract representations of these systems. Key research areas identified include requirements engineering for uncertain systems, managing failures, LSCITS architecture and enabling dynamic system evolution. The document suggests reductionism still has value but must be tempered with pragmatic acceptance of real-world complexity when developing LSCITS.

Technology
1 of 31
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
LSCITS Engineering,York EngD Programme, 2010 Slide 1 LSCITS Engineering Prof. Ian Sommerville St Andrews University
LSCITS Engineering,York EngD Programme, 2010 Slide 2 Objectives •  To discuss why the traditional approach to engineering is not adequate for building LSCITS •  To introduce the notion of LSCITS engineering and to introduce LSCITS engineering challenges •  To suggest a research agenda for LSCITS engineering
LSCITS Engineering,York EngD Programme, 2010 Slide 3 What is an LSCITS? •  The key difference between an LSCITS and other classes of large system is that there are significant ‘unknowns’ in the environments in which LSCITS is procured, developed and operated. •  An LSCITS is an LSITS (or a collection of LSITSs) where unknown, unstable and uncontrollable factors in the systems procurement, development and operational environment affect the design and use of the system •  LSCITS have a close and entangled relationships with the socio-technical systems that rely on these LSCITS
LSCITS Engineering,York EngD Programme, 2010 Slide 4 An LSCITS model S1 S3 S4 S5 S6 S7 S2 STS 1 STS 2
LSCITS Engineering,York EngD Programme, 2010 Slide 5 The basis of engineering A discussion of the fundamental assumption that is a foundation for engineering and systems development
LSCITS Engineering,York EngD Programme, 2010 Slide 6 Reductionism •  Reductionism –  “an approach to understanding the nature of complex things by reducing them to the interactions of their parts, or to simpler or more fundamental things”. •  Reductionism underpins most engineering, including software engineering •  We see reductionism in notions such as •  Contractor/sub-contractor relationships •  Top-down design
LSCITS Engineering,York EngD Programme, 2010 Slide 7 Reductionist assumptions •  Control –  Reductionist approaches assume that we have control over the organisation of the system. It is then possible to decompose the system into parts that can themselves be engineered using reductionist approaches •  Understandable relationships –  The relationships between the parts are visible and understandable •  A rational world –  Reductionist approaches assume that rationality will be the principal influence in decision making •  Definable problems –  Reductionist approaches assume that the problem can be defined and the system boundaries established
LSCITS Engineering,York EngD Programme, 2010 Slide 8 Software engineering •  Developments in software engineering have largely adopted a reductionist perspective: –  Design methodologies –  Formal methods –  Agile approaches –  Software architecture –  Model-driven engineering •  Reductionist approaches to software engineering have been successful in allowing us to construct larger software systems •  More effective reductionist approaches allow us to deal with increasingly complicated systems.
LSCITS Engineering,York EngD Programme, 2010 Slide 9 Problems with reductionism •  Scale •  When things get too big, then reductionist approaches become intellectually unmanageable because of the complexity of the interactions between the parts of the whole •  Environment •  The relationships between a system and its environment are often uncontrollable •  People •  Who refuse to behave in a rational and deterministic way
LSCITS Engineering,York EngD Programme, 2010 Slide 10 Engineering project failures •  Engineering projects ‘fail’ (go over schedule and budget) when reductionist assumptions break down •  Edinburgh tramways project –  Environment problems. There are no maps of existing utilities and there have been complex problems of moving pipes and cabling to accommodate the tram system –  There has been considerable political wrangling between the local government and the national government •  Software project failures –  Relatively common because, even for LSITS, reductionist assumptions are dubious
LSCITS Engineering,York EngD Programme, 2010 Slide 11 Complex and complicated systems •  Reductionist approaches are intended to help deal with complicated systems i.e. systems where the relationships between elements are largely static and which can (in principle) be understood and controlled •  However, LSCITS are complex systems, with dynamic relationships between elements. It is is impossible to acquire and maintain a complete understanding of the system and where elements are independently controlled and often have undocumented side-effects
LSCITS Engineering,York EngD Programme, 2010 Slide 12 LSCITS engineering Reductionism + Reality
LSCITS Engineering,York EngD Programme, 2010 Slide 13 LSCITS development Software capabilities S1 S2 S3 S4 LSCITS Systems contribute capabilities Used to construct Systems Development Creates new ??? ???
LSCITS Engineering,York EngD Programme, 2010 Slide 14 Continuous development •  It is rare (perhaps unknown) for an LSCITS to be developed from ‘scratch’ •  Rather, an LSCITS emerges from an assembly of existing technical and socio-technical systems that are supplemented by the development of new software to help achieve a broad set of goals •  LSCITS engineering is a continual process of procurement, development, deployment, operation and de-commissioning
LSCITS Engineering,York EngD Programme, 2010 Slide 15 Brownfield development •  LSCITS are rarely, if ever, developed from scratch •  It is often the case that an LSCITS emerges after experience with a range of individual systems •  By the time we recognise the need for an LSCITS, we have already accumulated a range of constraints: –  Legacy systems –  Technologies –  Socio-technical systems –  Laws and regulations
LSCITS Engineering,York EngD Programme, 2010 Slide 16 Alternatives to reductionism •  Bricolage –  Systems are developed opportunistically by integrating available systems and components and by using whatever integration mechanisms work at the time –  Mashups, where different web services are combined opportunistically, are examples of bricolage •  Problems with fit to socio-technical world, security, dependability, maintainability
LSCITS Engineering,York EngD Programme, 2010 Slide 17 Alternatives to reductionism •  Emergence –  Systems are developed using an evolutionary ‘survival of the fittest’ approach based on genetic algorithms, etc. –  The argument is made that this is what underlies the development of the web •  Problems –  Uncontrollable. You cannot be sure that you get the system that you need or that the system will not have undesirable properties –  Visibility. It is hard to demonstrate compliance, safety, etc. –  Scale. Notwithstanding the example of the web, there is no evidence that current approaches based on emergence scale to large systems
LSCITS Engineering,York EngD Programme, 2010 Slide 18 Has reductionism had its day? •  At the moment, reductionism is the only tool that we have for the specification, design and construction of LSCITS •  The problem is not in reductionism in itself, but in believing that it is all that is required to engineering complex systems •  We need to move to a situation where we use reductionism as far as possible but recognise that we need to temper this with a dose of reality
LSCITS Engineering,York EngD Programme, 2010 Slide 19 Better software engineering? •  LSCITS engineering problems cannot be solved by –  improved software processes, process maturity, quality management etc. –  better tools and technology –  more rigorous methods of development –  Better project management •  These can all contribute and are worth doing but break down in the face of large-scale uncertainty •  A key requirement for LSCITS engineering is the ability to represent, model and demanage both scale and uncertainty
LSCITS Engineering,York EngD Programme, 2010 Slide 20 LSCITS Engineering •  LSCITS Engineering (LSCITS-E) is the process of creating, evolving and managing LSCITSs. •  Not just a technical discipline – needs involvement of people with a wide range of expertise (social science, psychology, engineering, management, etc.) •  We need new systems and software engineering approaches (e.g. designing for failure) that take into account the inherent complexities of LSCITS and the need to cope with uncertainty •  LSCITS-E will incorporate current software engineering activities (notably requirements engineering and system architecture), you should bear in mind that current methods are what we’ve got rather than what we need
LSCITS Engineering,York EngD Programme, 2010 Slide 21 The realities of LSCITS-E •  Social and technical are inseparable –  Focus on the social and the technical together rather than consider technical issues in isolation •  Perfection is unattainable –  Adopt a pragmatic acceptance of the world as it is, populated by imperfect people •  You can’t win –  Accept that systems will always be a compromise, with multiple, often conflicting, notions of what is meant by ‘success’ and where the system boundaries lie •  Things will go wrong –  Adopt a view of dependability where partial failure is normal and tolerable
LSCITS Engineering,York EngD Programme, 2010 Slide 22 LSCITS-E Challenges Problems that we have to address to make LSCITS engineering a reality
LSCITS Engineering,York EngD Programme, 2010 Slide 23 LSCITS – E challenges •  Managing scale •  Dealing with uncertainty •  Thinking and reasoning about LSCITS •  Making systems work together effectively •  Standards for LSCITS
LSCITS Engineering,York EngD Programme, 2010 Slide 24 Scale causes problems •  No centralised or unified understanding of the ‘system as a whole’ •  The ability to understand an individual constituent of the system and its relationships decreases as the number of constituents increases •  Problems of management and governance are exacerbated and increase as new systems are added and the overall LCSITS increases in size •  The (socio-technical) effects of changes to constituents of the system become impossible to predict •  Size makes it more difficult to reach consensus about system requirements
LSCITS Engineering,York EngD Programme, 2010 Slide 25 Coping with uncertainty •  Uncertainty is a universal characteristics of LSCITS and the principal cause of system problems is unpredicted events and behaviour in both the technical and socio-technical systems –  Aleatory uncertainty •  Uncertainty that relates to the fact that the world is uncertain. –  Epistemic uncertainty •  Uncertainty that arises because our knowledge of the world is incomplete •  Coping with uncertainty is about designing for flexibility and utilising the abilities of people to deal with unseen problems •  Will be discussed in more detail in the following lecture
LSCITS Engineering,York EngD Programme, 2010 Slide 26 LSCITS abstractions •  Our existing abstractions (functions, objects, component, etc.) that we use in defining software systems are based on a reductionist view of the world •  We need new abstractions which are more effective at representing large-scale systems and accommodating uncertainty to allow us to represent and reason about LSCITS •  Examples of possible abstractions –  Responsibilities •  A duty to achieve, maintain or avoid some state, subject to constraints. –  Capabilities •  The ability to completely or partially discharge a responsibility
LSCITS Engineering,York EngD Programme, 2010 Slide 27 Interoperability and integration •  The constituents of LSCITS have to interoperate (ensuring that constituent systems that can operate smoothly together) and integrate (ensuring that constituent systems can exchange information in a controlled way) –  Interoperability is about control; integration is about data –  Integration is not just about physical data exchange but also must take into account business rules and data regulations •  To achieve effective interoperation and integration, we need to pay attention to socio-technical issues, system requirements and architecture
LSCITS Engineering,York EngD Programme, 2010 Slide 28 Standards •  General interoperability/integration can only be achieved if standards are widely adopted and systems are built that implement these standards •  Currently, the standards that have been accepted and that are widely adopted are low-level standards –  Standards for data exchange –  Standards for service syntax •  We need standards based on semantics if true interoperability is to be achieved
LSCITS Engineering,York EngD Programme, 2010 Slide 29 Research agenda for LSCITS engineering •  Requirements engineering for LSCITS –  LSCITS means uncertainty and we need better tools and techniques for understanding where uncertainties exist and how the system should cope with these uncertainties. –  Better techniques are required to understand the requirements from the socio-technical environment in which the LSCITS is used •  Managing failure –  Moving from a world where failure is something to be avoided to a world where failure is normal and simply has to be lived with –  Ensuring the ‘small failures’ do not cascade to ‘large failures’
LSCITS Engineering,York EngD Programme, 2010 Slide 30 Research agenda for LSCITS engineering •  LSCITS architecture –  Abstractions for representing LSCITS architecture –  Architectural styles and patterns for LSCITS –  Architecture trade-offs and system consequences •  Dynamic systems –  Integration mechanisms that allow systems to evolve rapidly in response to changing demands and capabilities, governance, standards and regulation –  Methods of understanding and managing these systems
LSCITS Engineering,York EngD Programme, 2010 Slide 31 Key points •  Reductionism is the basis of engineering, including software engineering. However reductionism cannot cope effectively with complexity •  Better reductionist approaches are not adequate, in themselves, for building LSCITS but we cannot simply discard our current approaches •  Key challenges for LSCITS engineering are managing scale, developing new abstractions to model LSCITS, integration and interoperation and challenges

More Related Content

PPTX
LSCITS-engineering
Ian Sommerville
 
PDF
Problem Solving Methods
Maikel Mardjan
 
PDF
Rsd6 presentation proceedings kersten
rsd6
 
PPTX
Rsd6 v05 for_pub_idarz
rsd6
 
PDF
Eleonora Fiore: Ethical challenges of the Internet of Things in the household...
RSD Relating Systems Thinking and Design
 
PDF
Kees dorst sd conf oslo kd19102017.2
rsd6
 
PPTX
Resp modellingintro
Ian Sommerville
 
PDF
Introduction to Software Architecture
Ruth Malan
 
LSCITS-engineering
Ian Sommerville
 
Problem Solving Methods
Maikel Mardjan
 
Rsd6 presentation proceedings kersten
rsd6
 
Rsd6 v05 for_pub_idarz
rsd6
 
Eleonora Fiore: Ethical challenges of the Internet of Things in the household...
RSD Relating Systems Thinking and Design
 
Kees dorst sd conf oslo kd19102017.2
rsd6
 
Resp modellingintro
Ian Sommerville
 
Introduction to Software Architecture
Ruth Malan
 

What's hot (14)

PPTX
What is Systemic Design
Alex Ryan
 
PDF
ISSS Visual Languages in Systemic Design
Peter Jones
 
PDF
Essential Complexity in Systems Architecture
Mark Mishaev
 
PPTX
Systems thinking for analyzing problems
Abdalla Quider
 
PDF
AEA Greenland Presentation 1 Nov 2013
John Gøtze
 
PDF
Give me the place to stand: Leverage analysis in systemic design
RSD7 Symposium
 
PDF
Computational Models in Systemic Design
RSD7 Symposium
 
PPTX
Systems thinking
Maripaz Señorita
 
PPTX
The Early Stage Analysis of a Systemic Innovation Lab
RSD7 Symposium
 
PDF
A constructivist and soft view of systemic design. A tribute to Jean Michel L...
RSD7 Symposium
 
PPT
Accidental techie
Michigan Nonprofit Association
 
PDF
Software design - Write solid software with the ideal chalk
Alejandro Claro Mosqueda
 
PDF
Finding the emic in systemic design: Towards systemic ethnography
RSD7 Symposium
 
PDF
Capturing Design (When you really have to)
Eoin Woods
 
What is Systemic Design
Alex Ryan
 
ISSS Visual Languages in Systemic Design
Peter Jones
 
Essential Complexity in Systems Architecture
Mark Mishaev
 
Systems thinking for analyzing problems
Abdalla Quider
 
AEA Greenland Presentation 1 Nov 2013
John Gøtze
 
Give me the place to stand: Leverage analysis in systemic design
RSD7 Symposium
 
Computational Models in Systemic Design
RSD7 Symposium
 
Systems thinking
Maripaz Señorita
 
The Early Stage Analysis of a Systemic Innovation Lab
RSD7 Symposium
 
A constructivist and soft view of systemic design. A tribute to Jean Michel L...
RSD7 Symposium
 
Accidental techie
Michigan Nonprofit Association
 
Software design - Write solid software with the ideal chalk
Alejandro Claro Mosqueda
 
Finding the emic in systemic design: Towards systemic ethnography
RSD7 Symposium
 
Capturing Design (When you really have to)
Eoin Woods
 
Ad

Viewers also liked (17)

PPTX
Security Engineering 1 (CS 5032 2012)
Ian Sommerville
 
PPTX
Dependablity Engineering 1 (CS 5032 2012)
Ian Sommerville
 
PPTX
CS 5032 L12 security testing and dependability cases 2013
Ian Sommerville
 
PPTX
Security testing (CS 5032 2012)
Ian Sommerville
 
PPTX
CS5032 L11 validation and reliability testing 2013
Ian Sommerville
 
PPTX
Cooperative work (LSCITS EngD 2012)
Ian Sommerville
 
PPTX
Introduction to Critical Systems Engineering (CS 5032 2012)
Ian Sommerville
 
PPTX
CS 5032 L1 critical socio-technical systems 2013
Ian Sommerville
 
PPTX
Static analysis and reliability testing (CS 5032 2012)
Ian Sommerville
 
PDF
Ultra-large Scale Systems (LSCITS EngD 2011)
Ian Sommerville
 
PPT
An overview of software requirements engineering
Ian Sommerville
 
PPTX
Safety specification (CS 5032 2012)
Ian Sommerville
 
PPT
Requirements Engineering Process Improvement
Ian Sommerville
 
PPT
Requirements Engineering: A Good Practice Guide
Ian Sommerville
 
PPTX
Dependability and security (CS 5032 2012)
Ian Sommerville
 
PPTX
CS 5032 L6 reliability and security specification 2013
Ian Sommerville
 
PDF
Facebook Global Pages for Brands
Ogilvy Consulting
 
Security Engineering 1 (CS 5032 2012)
Ian Sommerville
 
Dependablity Engineering 1 (CS 5032 2012)
Ian Sommerville
 
CS 5032 L12 security testing and dependability cases 2013
Ian Sommerville
 
Security testing (CS 5032 2012)
Ian Sommerville
 
CS5032 L11 validation and reliability testing 2013
Ian Sommerville
 
Cooperative work (LSCITS EngD 2012)
Ian Sommerville
 
Introduction to Critical Systems Engineering (CS 5032 2012)
Ian Sommerville
 
CS 5032 L1 critical socio-technical systems 2013
Ian Sommerville
 
Static analysis and reliability testing (CS 5032 2012)
Ian Sommerville
 
Ultra-large Scale Systems (LSCITS EngD 2011)
Ian Sommerville
 
An overview of software requirements engineering
Ian Sommerville
 
Safety specification (CS 5032 2012)
Ian Sommerville
 
Requirements Engineering Process Improvement
Ian Sommerville
 
Requirements Engineering: A Good Practice Guide
Ian Sommerville
 
Dependability and security (CS 5032 2012)
Ian Sommerville
 
CS 5032 L6 reliability and security specification 2013
Ian Sommerville
 
Facebook Global Pages for Brands
Ogilvy Consulting
 
Ad

Similar to LSCITS engineering (20)

PPTX
L6 LSCITS Engineering
Ian Sommerville
 
PPTX
Rethinking Software Engineering
Ian Sommerville
 
PPTX
An introduction to LSCITS
Ian Sommerville
 
PDF
Systems Practice in Engineering (SPiE)
mikeyearworth
 
PPTX
Ultra Large Scale Systems
Ian Sommerville
 
PPTX
The future of engineering education
Design Concepts
 
PPT
Engineering engagement
Philosophy, Engineering & Technology
 
PPTX
What is the Future of Systems Engineering?
Elizabeth Steiner
 
PPTX
Requirements Engineering for LSCITS
Ian Sommerville
 
PDF
SSoE InFocus, Spring 2006
pberzins
 
PPT
2010-06-30 (UC3M) Sheila MacNeill, CETIS, I jornadas eMadrid
eMadrid network
 
PPTX
Requirements reality
Ian Sommerville
 
PDF
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Lionel Briand
 
PDF
Engineered Resilient Systems, overview and status, 31 october 2011
RNeches
 
PPTX
Moser lightfoot pmc2012pres
NASAPMC
 
PPTX
EngD in Systems (thinking)
richard_craig
 
PPTX
Socio technical systems (LSCITS EngD)
Ian Sommerville
 
PDF
Tapia fireside chat-towns
John Towns
 
PDF
CESESA2016_BDelicado
Bernardo A. Delicado
 
PDF
Applied Science - Engineering Systems
University of Hertfordshire
 
L6 LSCITS Engineering
Ian Sommerville
 
Rethinking Software Engineering
Ian Sommerville
 
An introduction to LSCITS
Ian Sommerville
 
Systems Practice in Engineering (SPiE)
mikeyearworth
 
Ultra Large Scale Systems
Ian Sommerville
 
The future of engineering education
Design Concepts
 
Engineering engagement
Philosophy, Engineering & Technology
 
What is the Future of Systems Engineering?
Elizabeth Steiner
 
Requirements Engineering for LSCITS
Ian Sommerville
 
SSoE InFocus, Spring 2006
pberzins
 
2010-06-30 (UC3M) Sheila MacNeill, CETIS, I jornadas eMadrid
eMadrid network
 
Requirements reality
Ian Sommerville
 
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Lionel Briand
 
Engineered Resilient Systems, overview and status, 31 october 2011
RNeches
 
Moser lightfoot pmc2012pres
NASAPMC
 
EngD in Systems (thinking)
richard_craig
 
Socio technical systems (LSCITS EngD)
Ian Sommerville
 
Tapia fireside chat-towns
John Towns
 
CESESA2016_BDelicado
Bernardo A. Delicado
 
Applied Science - Engineering Systems
University of Hertfordshire
 

More from Ian Sommerville (20)

PPTX
Resilience and recovery
Ian Sommerville
 
PPTX
Dependability requirements for LSCITS
Ian Sommerville
 
PPTX
Conceptual systems design
Ian Sommerville
 
PPTX
Internet worm-case-study
Ian Sommerville
 
PPTX
Designing software for a million users
Ian Sommerville
 
PPTX
Security case buffer overflow
Ian Sommerville
 
PPTX
CS5032 Case study Ariane 5 launcher failure
Ian Sommerville
 
PPTX
CS5032 Case study Kegworth air disaster
Ian Sommerville
 
PPTX
CS5032 L19 cybersecurity 1
Ian Sommerville
 
PPTX
CS5032 L20 cybersecurity 2
Ian Sommerville
 
PPTX
L17 CS5032 critical infrastructure
Ian Sommerville
 
PPTX
CS5032 Case study Maroochy water breach
Ian Sommerville
 
PPTX
CS 5032 L18 Critical infrastructure 2: SCADA systems
Ian Sommerville
 
PPTX
CS5032 L9 security engineering 1 2013
Ian Sommerville
 
PPTX
CS5032 L10 security engineering 2 2013
Ian Sommerville
 
PPTX
CS 5032 L7 dependability engineering 2013
Ian Sommerville
 
PPTX
CS 5032 L5 safety specification 2013
Ian Sommerville
 
PPTX
CS 5032 L4 requirements engineering 2013
Ian Sommerville
 
PPTX
CS 5032 L3 socio-technical systems 2013
Ian Sommerville
 
PPTX
CS 5032 L2 dependability and security 2013
Ian Sommerville
 
Resilience and recovery
Ian Sommerville
 
Dependability requirements for LSCITS
Ian Sommerville
 
Conceptual systems design
Ian Sommerville
 
Internet worm-case-study
Ian Sommerville
 
Designing software for a million users
Ian Sommerville
 
Security case buffer overflow
Ian Sommerville
 
CS5032 Case study Ariane 5 launcher failure
Ian Sommerville
 
CS5032 Case study Kegworth air disaster
Ian Sommerville
 
CS5032 L19 cybersecurity 1
Ian Sommerville
 
CS5032 L20 cybersecurity 2
Ian Sommerville
 
L17 CS5032 critical infrastructure
Ian Sommerville
 
CS5032 Case study Maroochy water breach
Ian Sommerville
 
CS 5032 L18 Critical infrastructure 2: SCADA systems
Ian Sommerville
 
CS5032 L9 security engineering 1 2013
Ian Sommerville
 
CS5032 L10 security engineering 2 2013
Ian Sommerville
 
CS 5032 L7 dependability engineering 2013
Ian Sommerville
 
CS 5032 L5 safety specification 2013
Ian Sommerville
 
CS 5032 L4 requirements engineering 2013
Ian Sommerville
 
CS 5032 L3 socio-technical systems 2013
Ian Sommerville
 
CS 5032 L2 dependability and security 2013
Ian Sommerville
 

Recently uploaded (20)

PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PPTX
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Approach and Philosophy of On baking technology
30anthuong17
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 

LSCITS engineering

  • 1. LSCITS Engineering,York EngD Programme, 2010 Slide 1 LSCITS Engineering Prof. Ian Sommerville St Andrews University
  • 2. LSCITS Engineering,York EngD Programme, 2010 Slide 2 Objectives •  To discuss why the traditional approach to engineering is not adequate for building LSCITS •  To introduce the notion of LSCITS engineering and to introduce LSCITS engineering challenges •  To suggest a research agenda for LSCITS engineering
  • 3. LSCITS Engineering,York EngD Programme, 2010 Slide 3 What is an LSCITS? •  The key difference between an LSCITS and other classes of large system is that there are significant ‘unknowns’ in the environments in which LSCITS is procured, developed and operated. •  An LSCITS is an LSITS (or a collection of LSITSs) where unknown, unstable and uncontrollable factors in the systems procurement, development and operational environment affect the design and use of the system •  LSCITS have a close and entangled relationships with the socio-technical systems that rely on these LSCITS
  • 4. LSCITS Engineering,York EngD Programme, 2010 Slide 4 An LSCITS model S1 S3 S4 S5 S6 S7 S2 STS 1 STS 2
  • 5. LSCITS Engineering,York EngD Programme, 2010 Slide 5 The basis of engineering A discussion of the fundamental assumption that is a foundation for engineering and systems development
  • 6. LSCITS Engineering,York EngD Programme, 2010 Slide 6 Reductionism •  Reductionism –  “an approach to understanding the nature of complex things by reducing them to the interactions of their parts, or to simpler or more fundamental things”. •  Reductionism underpins most engineering, including software engineering •  We see reductionism in notions such as •  Contractor/sub-contractor relationships •  Top-down design
  • 7. LSCITS Engineering,York EngD Programme, 2010 Slide 7 Reductionist assumptions •  Control –  Reductionist approaches assume that we have control over the organisation of the system. It is then possible to decompose the system into parts that can themselves be engineered using reductionist approaches •  Understandable relationships –  The relationships between the parts are visible and understandable •  A rational world –  Reductionist approaches assume that rationality will be the principal influence in decision making •  Definable problems –  Reductionist approaches assume that the problem can be defined and the system boundaries established
  • 8. LSCITS Engineering,York EngD Programme, 2010 Slide 8 Software engineering •  Developments in software engineering have largely adopted a reductionist perspective: –  Design methodologies –  Formal methods –  Agile approaches –  Software architecture –  Model-driven engineering •  Reductionist approaches to software engineering have been successful in allowing us to construct larger software systems •  More effective reductionist approaches allow us to deal with increasingly complicated systems.
  • 9. LSCITS Engineering,York EngD Programme, 2010 Slide 9 Problems with reductionism •  Scale •  When things get too big, then reductionist approaches become intellectually unmanageable because of the complexity of the interactions between the parts of the whole •  Environment •  The relationships between a system and its environment are often uncontrollable •  People •  Who refuse to behave in a rational and deterministic way
  • 10. LSCITS Engineering,York EngD Programme, 2010 Slide 10 Engineering project failures •  Engineering projects ‘fail’ (go over schedule and budget) when reductionist assumptions break down •  Edinburgh tramways project –  Environment problems. There are no maps of existing utilities and there have been complex problems of moving pipes and cabling to accommodate the tram system –  There has been considerable political wrangling between the local government and the national government •  Software project failures –  Relatively common because, even for LSITS, reductionist assumptions are dubious
  • 11. LSCITS Engineering,York EngD Programme, 2010 Slide 11 Complex and complicated systems •  Reductionist approaches are intended to help deal with complicated systems i.e. systems where the relationships between elements are largely static and which can (in principle) be understood and controlled •  However, LSCITS are complex systems, with dynamic relationships between elements. It is is impossible to acquire and maintain a complete understanding of the system and where elements are independently controlled and often have undocumented side-effects
  • 12. LSCITS Engineering,York EngD Programme, 2010 Slide 12 LSCITS engineering Reductionism + Reality
  • 13. LSCITS Engineering,York EngD Programme, 2010 Slide 13 LSCITS development Software capabilities S1 S2 S3 S4 LSCITS Systems contribute capabilities Used to construct Systems Development Creates new ??? ???
  • 14. LSCITS Engineering,York EngD Programme, 2010 Slide 14 Continuous development •  It is rare (perhaps unknown) for an LSCITS to be developed from ‘scratch’ •  Rather, an LSCITS emerges from an assembly of existing technical and socio-technical systems that are supplemented by the development of new software to help achieve a broad set of goals •  LSCITS engineering is a continual process of procurement, development, deployment, operation and de-commissioning
  • 15. LSCITS Engineering,York EngD Programme, 2010 Slide 15 Brownfield development •  LSCITS are rarely, if ever, developed from scratch •  It is often the case that an LSCITS emerges after experience with a range of individual systems •  By the time we recognise the need for an LSCITS, we have already accumulated a range of constraints: –  Legacy systems –  Technologies –  Socio-technical systems –  Laws and regulations
  • 16. LSCITS Engineering,York EngD Programme, 2010 Slide 16 Alternatives to reductionism •  Bricolage –  Systems are developed opportunistically by integrating available systems and components and by using whatever integration mechanisms work at the time –  Mashups, where different web services are combined opportunistically, are examples of bricolage •  Problems with fit to socio-technical world, security, dependability, maintainability
  • 17. LSCITS Engineering,York EngD Programme, 2010 Slide 17 Alternatives to reductionism •  Emergence –  Systems are developed using an evolutionary ‘survival of the fittest’ approach based on genetic algorithms, etc. –  The argument is made that this is what underlies the development of the web •  Problems –  Uncontrollable. You cannot be sure that you get the system that you need or that the system will not have undesirable properties –  Visibility. It is hard to demonstrate compliance, safety, etc. –  Scale. Notwithstanding the example of the web, there is no evidence that current approaches based on emergence scale to large systems
  • 18. LSCITS Engineering,York EngD Programme, 2010 Slide 18 Has reductionism had its day? •  At the moment, reductionism is the only tool that we have for the specification, design and construction of LSCITS •  The problem is not in reductionism in itself, but in believing that it is all that is required to engineering complex systems •  We need to move to a situation where we use reductionism as far as possible but recognise that we need to temper this with a dose of reality
  • 19. LSCITS Engineering,York EngD Programme, 2010 Slide 19 Better software engineering? •  LSCITS engineering problems cannot be solved by –  improved software processes, process maturity, quality management etc. –  better tools and technology –  more rigorous methods of development –  Better project management •  These can all contribute and are worth doing but break down in the face of large-scale uncertainty •  A key requirement for LSCITS engineering is the ability to represent, model and demanage both scale and uncertainty
  • 20. LSCITS Engineering,York EngD Programme, 2010 Slide 20 LSCITS Engineering •  LSCITS Engineering (LSCITS-E) is the process of creating, evolving and managing LSCITSs. •  Not just a technical discipline – needs involvement of people with a wide range of expertise (social science, psychology, engineering, management, etc.) •  We need new systems and software engineering approaches (e.g. designing for failure) that take into account the inherent complexities of LSCITS and the need to cope with uncertainty •  LSCITS-E will incorporate current software engineering activities (notably requirements engineering and system architecture), you should bear in mind that current methods are what we’ve got rather than what we need
  • 21. LSCITS Engineering,York EngD Programme, 2010 Slide 21 The realities of LSCITS-E •  Social and technical are inseparable –  Focus on the social and the technical together rather than consider technical issues in isolation •  Perfection is unattainable –  Adopt a pragmatic acceptance of the world as it is, populated by imperfect people •  You can’t win –  Accept that systems will always be a compromise, with multiple, often conflicting, notions of what is meant by ‘success’ and where the system boundaries lie •  Things will go wrong –  Adopt a view of dependability where partial failure is normal and tolerable
  • 22. LSCITS Engineering,York EngD Programme, 2010 Slide 22 LSCITS-E Challenges Problems that we have to address to make LSCITS engineering a reality
  • 23. LSCITS Engineering,York EngD Programme, 2010 Slide 23 LSCITS – E challenges •  Managing scale •  Dealing with uncertainty •  Thinking and reasoning about LSCITS •  Making systems work together effectively •  Standards for LSCITS
  • 24. LSCITS Engineering,York EngD Programme, 2010 Slide 24 Scale causes problems •  No centralised or unified understanding of the ‘system as a whole’ •  The ability to understand an individual constituent of the system and its relationships decreases as the number of constituents increases •  Problems of management and governance are exacerbated and increase as new systems are added and the overall LCSITS increases in size •  The (socio-technical) effects of changes to constituents of the system become impossible to predict •  Size makes it more difficult to reach consensus about system requirements
  • 25. LSCITS Engineering,York EngD Programme, 2010 Slide 25 Coping with uncertainty •  Uncertainty is a universal characteristics of LSCITS and the principal cause of system problems is unpredicted events and behaviour in both the technical and socio-technical systems –  Aleatory uncertainty •  Uncertainty that relates to the fact that the world is uncertain. –  Epistemic uncertainty •  Uncertainty that arises because our knowledge of the world is incomplete •  Coping with uncertainty is about designing for flexibility and utilising the abilities of people to deal with unseen problems •  Will be discussed in more detail in the following lecture
  • 26. LSCITS Engineering,York EngD Programme, 2010 Slide 26 LSCITS abstractions •  Our existing abstractions (functions, objects, component, etc.) that we use in defining software systems are based on a reductionist view of the world •  We need new abstractions which are more effective at representing large-scale systems and accommodating uncertainty to allow us to represent and reason about LSCITS •  Examples of possible abstractions –  Responsibilities •  A duty to achieve, maintain or avoid some state, subject to constraints. –  Capabilities •  The ability to completely or partially discharge a responsibility
  • 27. LSCITS Engineering,York EngD Programme, 2010 Slide 27 Interoperability and integration •  The constituents of LSCITS have to interoperate (ensuring that constituent systems that can operate smoothly together) and integrate (ensuring that constituent systems can exchange information in a controlled way) –  Interoperability is about control; integration is about data –  Integration is not just about physical data exchange but also must take into account business rules and data regulations •  To achieve effective interoperation and integration, we need to pay attention to socio-technical issues, system requirements and architecture
  • 28. LSCITS Engineering,York EngD Programme, 2010 Slide 28 Standards •  General interoperability/integration can only be achieved if standards are widely adopted and systems are built that implement these standards •  Currently, the standards that have been accepted and that are widely adopted are low-level standards –  Standards for data exchange –  Standards for service syntax •  We need standards based on semantics if true interoperability is to be achieved
  • 29. LSCITS Engineering,York EngD Programme, 2010 Slide 29 Research agenda for LSCITS engineering •  Requirements engineering for LSCITS –  LSCITS means uncertainty and we need better tools and techniques for understanding where uncertainties exist and how the system should cope with these uncertainties. –  Better techniques are required to understand the requirements from the socio-technical environment in which the LSCITS is used •  Managing failure –  Moving from a world where failure is something to be avoided to a world where failure is normal and simply has to be lived with –  Ensuring the ‘small failures’ do not cascade to ‘large failures’
  • 30. LSCITS Engineering,York EngD Programme, 2010 Slide 30 Research agenda for LSCITS engineering •  LSCITS architecture –  Abstractions for representing LSCITS architecture –  Architectural styles and patterns for LSCITS –  Architecture trade-offs and system consequences •  Dynamic systems –  Integration mechanisms that allow systems to evolve rapidly in response to changing demands and capabilities, governance, standards and regulation –  Methods of understanding and managing these systems
  • 31. LSCITS Engineering,York EngD Programme, 2010 Slide 31 Key points •  Reductionism is the basis of engineering, including software engineering. However reductionism cannot cope effectively with complexity •  Better reductionist approaches are not adequate, in themselves, for building LSCITS but we cannot simply discard our current approaches •  Key challenges for LSCITS engineering are managing scale, developing new abstractions to model LSCITS, integration and interoperation and challenges