Assurance-driven system engineering
Contact: Jon G. Hall (J.G.Hall 'at' open.ac.uk) or Lucia Rapanotti (L.Rapanotti 'at' open.ac.uk)
Software is the fabric of today’s digital society and economy, and the beating heart of most socio-technical systems, from transport to manufacturing to energy and medical care. With engineering problems of increasing complexity and volatility, the harm potential of getting the software wrong is very high. There is therefore an increasing need for assurance, whether for safety, security or, more generally, compliance to many existing norms, standards and guidelines.
The ultimate goal is for assurance to influence software and system design appropriately, rather than being a “bolt-on” extra performed when the design is finished. Early life cycle assurance integration is particularly critical, as studies have long demonstrated that a large proportion of anomalies occur at the requirements and specification stages, and assurance-related software errors arise most often from inadequate or misunderstood requirements and assumptions about the context in which software will operate. Early life cycle assurance integration is the main focus of this research.
Case study research is particularly suited for this type of research. In this context, by ”case-study research,” we mean an in-depth investigation of early life cycle assurance integration (a contemporary phenomenon) within the real-world context of a software developing organisation, with a view to gain insight and knowledge that generalises to other situations. You can find out more about case study research in (Yin, 2009) and (Oates, 2006).
You will apply assurance-driven engineering principles from Problem Oriented Engineering within a development context for software-intensive systems for which high assurance is required. Problem Oriented Engineering (POE, for short) is a theoretical framework developed at the Open University, in which engineering practice is thought of as a problem solving process: problems and solutions are defined through a process of discovery of relevant knowledge which involves relevant stake-holders, with assurance and risk mitigation as the outcome of stake-holders’ communication and interaction. POE recognises the situated nature of engineering problems and allows for the exploration of ecologies of interconnected problems.
Since 2005, POE has developed through collaboration with many industries, the safety industry in particular. It supports development approaches in which assurance drives design, with high-level descriptions of system requirements and context properties and assumptions being captured through detailed problem models coupled with their traceable and justifiable step-wise transformation to specifications and high-level architectural design artefacts.
You would be particularly suited for this research if you worked for or had access to an organisation which is involved in the development of software-intensive systems for which high assurance is required, particularly if early life-cycles assurance integration issues are known or experienced for which some process improvement would be beneficial. In such cases you would need permission from that organisation to conduct your research and to disclose its outcomes.
We recommend you consider the following resources on POE:
Jon G. Hall and Lucia Rapanotti (2009). Assurance-driven design in Problem Oriented Engineering. International Journal on Advances in Systems and Measurements, 2(1) (Available via the OU Library)
Mark O’Halloran, Jon G. Hall and Lucia Rapanotti (2003). Safety Engineering with COTS components: letting assurance guide product development across the supply chain. Technical Report No 2013/01, Department of Computing, Faculty of Mathematics, Computing and Technology The Open University (http://computing-reports.open.ac.uk/2013/TR2013-01.pdf)
Ann Nkwocha, Jon G. Hall and Lucia Rapanotti (2011). Design rationale capture for process improvement in the globalised enterprise: an industrial study. Software and Systems Modeling, Online First. (Available via the OU Library)
Problem Oriented Engineering wiki (http://www.problemorienteering.com/)
If you have any problem accessing any of the above, please get in touch directly with Dr Lucia Rapanotti (firstname.lastname@example.org).
You could also consider the following resources on research methodology:
Robert K. Yin (2009). Case Study Research. 4th Edition, SAGE Publications.
Briony J. Oates (2006). Researching Information Systems and Computing. SAGE Publications.