Post on 24-Aug-2020
transcript
Ref: 1932602MBSEICONS01 Slide No.1 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Requirements Based Testing and MBSE in Defence
Mark Williamson BSc (Hons) CSEP
Director SyntheSys Technologies
WiSEB:Widening Systems
Engineering Borders
Copyright © 2020 by SyntheSys Systems Engineers Ltd.
Ref: 1932602MBSEICONS01 Slide No.2 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Tactical Data Links
• Encrypted
• Secure
• Message Transfer mechanism
• Multiple Links
• Multiple Bearers
• V/UHF
• HF
• SatCom
Ref: 1932602MBSEICONS01 Slide No.3 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Multiple Data Links
• Multiple evolving Standards for each Link
• Multiple Platforms
• Differing National Interests
• Multiple interfaces between Links
• Complexity
• Deliver the capability to the Operator to execute his mission
• Interoperability
The Problem
Ref: 1932602MBSEICONS01 Slide No.4 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Multiple Data Links
Multi Links
Link 22
Link 11
Link 16
VMFJRE(AP)
• VMF – Variable Message Format
• JRE(AP)-The Joint Range Extension Applications Protocol
Ref: 1932602MBSEICONS01 Slide No.5 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Multiple Standards
Message Standards
5516 Ed 6
6016C Chg 1
6016D
6016E5516 Ed 4
47001
188-220
5522
Ref: 1932602MBSEICONS01 Slide No.6 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Multiple platform and domain types
Multiple Platforms
The Joint Tactical
Information Distribution
System (JTIDS) is an L band
Distributed Time Division
Multiple Access (DTDMA)
network radio system used by
the United States armed
forces and their allies to
support data communications
needs, principally in the air
and missile defence
community.
Ref: 1932602MBSEICONS01 Slide No.7 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Multiple Hardware & Software Implementations
Multiple Physical Solutions
Ref: 1932602MBSEICONS01 Slide No.8 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Interoperability in exchange of informationbetween TDL equipped platforms isoperationally essential.
• Identification of capability gaps throughimplementation analysis support operationalwork arounds.
• Implementation against common standardsimproves interoperability.
• Testing against defined standards critical.
Requirements Based Testing and Interoperability
Ref: 1932602MBSEICONS01 Slide No.9 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Interoperability Issue??
Ref: 1932602MBSEICONS01 Slide No.10 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Systems Engineering V - Model
Implement
System Requirements
Subsystem Requirements
Architectural Requirements
System Tests
Subsystem Tests
Integration Tests
User Requirements
Verification
Verification
Verification
Are we building
the product right?
Operational
Test
Requirements
Definition
Requirements
Analysis
Requirements
Management
Design
Integration
Transition
Validation
Verification Operation
Ref: 1932602MBSEICONS01 Slide No.11 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Systems Engineering V – Model - TDL
Implement
TDL IORS
Platform Requirements
TDL Standards
IO Accept. Tests
Platform Imp. Tests
TDL Accept. Tests
TDL CONOPs Operational Accept. Tests
Verification
Verification
Verification
Requirements
Definition
Requirements
Analysis
Requirements
Management
Design
Integration
Transition
Validation
Verification Operation
Ref: 1932602MBSEICONS01 Slide No.12 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Requirements
• Establish clear, concise and unambiguous requirements
• Generally requirements are defined within the TDL standards and are often ambiguous
• Multiple requirements
• Complex terminology
• Abbreviations
Applying SE to TDL
Ref: 1932602MBSEICONS01 Slide No.13 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Apply MBSE techniques to reduce ambiguityand clarify functionality
• Systems Modelling Language (SysML)
• Unified Modelling Language (UML)
• Simulation
• Integration to Requirements
• Integration to Testing
Model Based Systems Engineering (MBSE)
Ref: 1932602MBSEICONS01 Slide No.14 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
“ An approach to realising successful systemsthat is driven by a model that represents acoherent and consistent set of representationsthat reflect multiple viewpoints of the system”
(Holt & Perry – SysML for Systems Engineers)
Model Based Systems Engineering (MBSE)
Ref: 1932602MBSEICONS01 Slide No.15 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Validation
• Has the right product been built?
• Validation Process (ISO/IEC 15288:2015)
Validation and Verification
The purpose of the Validation Processis to provide objective evidence thatthe services provided by a systemwhen in use comply with stakeholdersrequirements, achieving its intendeduse in its operational environment
Ref: 1932602MBSEICONS01 Slide No.16 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Verification
• Has the product been built right?
• Verification Process (ISO/IEC 15288:2015)
Validation and Verification
The purpose of the Verification is toconfirm that the specified designrequirements are fulfilled by thesystem.
Ref: 1932602MBSEICONS01 Slide No.17 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Capture and manage TDL Standards(Requirements) in industry standardrequirements management database
• Perform Validation of standards by applyingMBSE ( modelling the standard)
• Enable Verification by utilizing the MBSEoutputs to produce test cases against themodelled standard.
Strategy for TDL’s
Ref: 1932602MBSEICONS01 Slide No.18 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Transactional standards better suited to MBSE
Transactional Standards
Ref: 1932602MBSEICONS01 Slide No.19 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
MBSE for TDL
TDL Stds
TDL
IORs
Reqts Mgmt Tool
Imported Source
Documents
TDL Reqts
Derives
Dynamic UML Model
Validates
Links
Validates
TDL Test
Cases
(Generic)
Validates
Validates
Requirements
Management
Validation
Verification
Validation
Validation
Requirements
Definition
Requirements
Analysis
Ref: 1932602MBSEICONS01 Slide No.20 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Issues with Requirements
.
P.5.3.3.1 The host system shall alert (cat 3) the operatorto the reception of a Strength Change message indicatinga change from locally held data for a track. If the track isunder the control of own unit, the host system shallprovide the capability for the operator to accept or rejectthe change. If the change is rejected, the host systemshall stimulate Transaction P.5.1, C2 Preparation forTransmission of Strength Change, to cause transmissionof the local data and perform no further processing ofthis transaction
Ref: 1932602MBSEICONS01 Slide No.21 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Resolving Requirements - Clarification
The host system shall alert (cat 3) the operatorto the reception of a Strength Change messageindicating a change from locally held data for atrack.
If the track is under the control of own unit, thehost system shall provide the capability for theoperator to accept or reject the change.
If the change is rejected, the host system shallstimulate Transaction P.5.1, C2 Preparation forTransmission of Strength Change, to causetransmission of the local data
and perform no further processing of thistransaction
Ref: 1932602MBSEICONS01 Slide No.22 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Test cases written against model defined by standard
Test Cases
1.2 Receipt of a J7.0 Track Management message, message use 5
(Receive Strength Change Data) for Track JU#3 TN
[______].
Category 3 Alert. Routine Alert: The Host System shall display
the alert of a strength change message until the operator
acknowledges it or the condition causing the alert no longer
applies. The condition causing the alert shall be removed by
whichever occurs first of remedial action by the operator or
automatic change of system conditions.
Host system provides the capability for the operator to accept or
reject the change.
1.3 Operator rejects the Strength Change. Host system stimulates Transaction P.5.1, C2 Preparation for
Transmission of a Strength Change, to cause transmission of the
local data and perform no further processing of the transaction.
The host system shall alert (cat 3) the operator to the reception of a Strength Change message indicating a change from locally held data for a track.
If the track is under the control of own unit, the host system shall provide the capability for the operator to accept or reject the change.
If the change is rejected, the host system shall stimulate Transaction P.5.1, C2 Preparation for Transmission of Strength Change, to cause transmission of the local data
Ref: 1932602MBSEICONS01 Slide No.23 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Simulation
Ref: 1932602MBSEICONS01 Slide No.24 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Model Coverage
Ref: 1932602MBSEICONS01 Slide No.25 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Dynamic Execution of Model
Ref: 1932602MBSEICONS01 Slide No.26 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Dynamic execution of the model revealed anissue with the handover of a controlled unit.This has been seen first hand operationally.
• Validation of the standard through modellinghighlighted an error in the standard related totrack number accountancy for Land GroundPoints.
• Numerous examples of orphan transactionstimuli.
Examples of issues
Ref: 1932602MBSEICONS01 Slide No.27 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• The use of modelling to provide both static anddynamic visualisation of the transactionalprocessing defined by the standards reducesambiguity and therefore misinterpretation.
• The availability of predefined test cases writtenagainst the standard and validated by themodelling is appreciated by Industry asacceptance criteria.
• Association and traceability of requirements tomodels valuable for change management andimpact analysis.
Summary
Ref: 1932602MBSEICONS01 Slide No.28 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
• Tool migration – SysML modelling
• New functionality for Standards Management
• Configuration Management
• New functionality to manage platformdeviations from the standard – Deviation Editor
• Progression from specific test cases to testrationales.
• Inclusion of test rationales within platform testcreation.
Progress
Ref: 1932602MBSEICONS01 Slide No.29 F12907 www.synthesys.co.uk
COMMERCIAL-IN-CONFIDENCE
Questions and Discussion