Ever design a system, and then see a human operator lock it up by behaving in a manner you never imagined they would? If yes, your system is vulnerable to Off-Nominal Behaviors (ONBs). ONBs are behaviors invoked upon a system (often, by unpredictable human operators) that were unaccounted for by the system’s designers because of their human tendency to assume that operators will use the system in a nominal manner.
Contributing to ONB vulnerability is the fact that a specified system’s state space is typically much larger than imagined by the stakeholders. During the requirements phase, stakeholders focus on the system states they readily identify, in particular those states that they specify (such as a motor having to be on or off, or a valve being open or closed). These component states are fairly easy to keep track of. However, a system’s total state space is typically the Cartesian product of all the component states. Add to this the, larger than expected, number of transition paths between these states, and it becomes virtually impossible for stakeholders to anticipate every possible system behavior that can be caused by the system’s operating environment.
In a paper to be presented at SAE COMVEC 2016, DISTek Integration, Inc. looks at addressing ONB vulnerability by using a requirements modeling technique known as Causal Component Model (CCM). CCM can model requirements in such a way so as to expose every behavioral path, intended and unintended, as produced by the requirements. By examining those unintended paths and tracing them back to elicitation practices, a requirements elicitation checklist was compiled. This checklist raises questions that can help reduce the degree of ONB vulnerability in a set of requirements. The paper presents the checklist, how it was derived, and introduces the reader to an overview of CCM.
DISTek welcomes anyone wishing to attend the presentation or wishing to access the paper being published by SAE.
Venue: SAE 2016 Commercial Vehicle Engineering Congress (COMVEC)
Donald E. Stephens Convention Center in Rosemont, Illinois.
Date: October 5, 2016.
Session: Component Testing & HMI Displays and Information Prioritization, CV401.
Room and Time: Room 27, 4:00 pm.
(Advance registration required at SAE.org)
Elicitation Practices That Can Decrease Vulnerability to Off-Nominal Behaviors: Lessons from using the Causal Component Model
Senior Test Engineer
DISTek Integration Inc.
More from my site