ML23192A071

From kanterella
Jump to navigation Jump to search
Assurance: Cyber Physical Systems - Exploring International Collaboration
ML23192A071
Person / Time
Issue date: 06/29/2023
From: Sushil Birla
NRC/RES/DE
To:
Sushil Birla 301-415-2311
References
Download: ML23192A071 (18)
v  d  e


Text

Assurance:

Cyber Physical Systems Exploring International Collaboration June 29, 2023 Presenter: Sushil Birla Office of Nuclear Regulatory Research Division of Engineering 1

Outline

1. Historic background of U.S. Govt Policy on this topic:

White House Office of Science & Technology Policy (OSTP):

NSTCCoT NITRD IWGs {CPS>CNPS; }

USA-NSF Cyber-Physical Systems (CPS) Program The Jeannette Wing flower model Example case: NPP digital reactor protection systems OSTP M-14-11 SEI

2. A plausible Assurance R&D roadmap Co-developed with the Software Engineering Institute circa 2014
3. International collaboration opportunities
4. Discussion 2

Inter-agency CPS coordination background OSTP M-14-11 guidance summary:

  • Address societal needs where private sector cannot make the required investments economically.
  • In supporting tools and infrastructure, seek opportunities to leverage resources from other agencies and the private sector.
  • Clean energy: Safe use of nuclear energy
  • Preserve & provide access to knowledge in corpus
  • Advance state of the art in enabling technologies for industries of the future that benefit multiple sectors:

- Example (not from OSTP): CPS developed with built-in assurance

- OUSD(R&E)DDR&E(S&T) SEI: historic background of vision.

3

CPS Generalization-Specialization framework Common core R&D: medical

  • Govt-funding devices
  • To Academia health aero finance Space Domain-specific R&D: auto transportation
  • Industry Common core
  • Govt (e.g.: NASA) energy civil chemical materials Demo/pilot, e.g.: nuclear Concept inspired by
  • DOE Jeannette M. Wing

Evolve Assurance capability incrementally Goal state Goal G state Goal G-1 state G-2 State Capability S+3 State S+2 State S+1 Current state S Time

Evolve Assurance capability: NPP Case ITAAC G Design certification Application acceptance S+6 S+5 Implementation System architecture Detailed design Capability S+4 Requirements S+3 Software architecture Concept S+2 S+1 Current state S Time

One vision of the Assurance Process Accrediting, certifying authority certify Pre-certified Procedures International common core standards Pre-certified Facilities accredit derive Pre-certified Country-specialized evaluation People criteria Accredited Evaluation-basis 3rd party Learning cycle Object of Object is submit Evaluate evaluation certified Rework cycle

Envisioned pre-certification activities Object of pre-certification: Accredited certifying authority Processes Procedures Methods & techniques People Ob Learning cycle Tools Facilities Other reusable assets, e.g.:

  • Libraries Object is Evaluate certified Rework cycle

Creating the appropriate standards: One vision R&D organization Other voices develops Technical basis for:

Processes Procedures Methods & techniques Government Ob Standards body People Coordinator Tools Facilities Standard Other reusable assets, e.g.:

  • Libraries Guideline

Reasoning Model to support performance-based evaluation (based on the Toulmin model)

Theoretical or causal model Basis for Inference rule Used in Premise / Evidence Reasoning Assertion Qualifiers Factors influencing validity (Strength; of evidence link Condition)

Challenges; rebuttals; inconsistencies 10

Understanding the Cost of Correcting Defects McConnell, Steve. Software Quality at Top Speed. August 1996.

http://www.stevemcconnell.com/articles/art04.htm Introduction to Assured Software Engineering [DISTRIBUTION STATEMENT A] Approved for public release

© 2018 Carnegie Mellon University and unlimited distribution. 7

Refinement principle Abstraction Requirements Declarative (what)

R E

F Architecture I

N E

M E

N Detailed design T

Concretion Imperative (how)

Implementation

Leverage domain engineering Development Phase Constraints to enable refinement Requirements Domain-specific controlled natural language refinement Semantically compatible Architecture Domain-specific architecture modeling language refinement Semantically compatible Detailed design Domain-specific design specification language refinement Semantically compatible Implementation Domain-specific coding/programming language Create precertified reusable assets

  • Domain modeling
  • Domain engineering (see IEEE Std 1517:2010; ISO/IEC 26550; NUREG/CR-6263)

Holistic roadmap needed

1. Technical infrastructure
2. Integrated development & assurance
3. Business case development
4. Community development
5. Workforce development 14

Why holistic? Effects of Missing Elements of Change Vision Resources Capable Capable Organizational Incentives Sanctions Action Workforce Processes Culture reinforcements Plan Change Resources Capable Capable Organizational Incentives Sanctions Action Workforce Processes Culture reinforcements Plan Confusion Vision Capable Capable Organizational Incentives Sanctions Action Anxiety &

Workforce Processes Culture reinforcements Plan frustration Vision Resources Capable Organizational Incentives Sanctions Action Slow or little Processes Culture reinforcements Plan progress Vision Resources Capable Organizational Incentives Sanctions Action Reinventing Workforce Culture reinforcements Plan the wheel Vision Resources Capable Capable Incentives Sanctions Action Barriers to change Workforce Processes reinforcements Plan Vision Resources Capable Capable Organizational Sanctions Action Sporadic change reinforcements Workforce Processes Culture Plan Vision Resources Capable Capable Organizational Incentives Action Misaligned Workforce Processes Culture Plan behaviors Vision Resources Capable Capable Organizational Incentives Sanctions reinforcements False starts Workforce Processes Culture Adapted by Dr. Palma Buttles-Valdez, SEI from: Delorise Ambrose, 1987

Some challenging areas of research

1. Identification & prevention of hazards rooted in engineering
2. Formulation of safety requirements
3. Flow-down; Correct-by-construction evidence generation
4. Performance-based Assurance Framework
1. CPS ontological framework: General; domain-specific
2. Composability
5. Education Technology
6. Science-based business case

Discussion

[Discussion notes]

17

Acronyms

  • AF/FAA - Air Force/Federal Aviation Administration
  • ASD(R&E) - Office of the Assistant Secretary of Defense for Research & Engineering
  • CISE - Computer & Information Science & Engineering
  • CPS - Cyber Physical Systems
  • DoD - Department of Defense
  • EPRI - Electric Power Research Institute
  • FDA - U.S. Food and Drug Administration
  • ITAAC - Inspection, Test, Analysis and Acceptance Criteria
  • NASA - National Aeronautics and Space Administration
  • NIH - National Institutes of Health
  • NIST - National Institute of Standards & Technology
  • NPP - Nuclear Power Plant
  • NRC - U.S. Nuclear Regulatory Commission
  • NSA - National Security Agency
  • NSF - National Science Foundation
  • OSTP - Office of Science and Technology Policy
  • R&D - Research and Development
  • SEI - Software Engineering Institute
  • ST - Science and Technology
  • VU - Vanderbilt University 18
Retrieved from "https://kanterella.com/w/index.php?title=ML23192A071&oldid=3579069"