SlideShare une entreprise Scribd logo

Sociotechnical systems resilience

Jean-René RUAULT
Jean-René RUAULT
1  sur  26
Télécharger pour lire hors ligne
Sociotechnical systems resilience Jean-René Ruault(1, 2), Frédéric Vanderhaegen(1), Dominique Luzeaux(2) 1) UVHC, LAMIH, F-59313 Valenciennes, France 2) DGA, 7-9 rue des Mathurins, F-92221 Bagneux, France jean-rene.ruault@dga.defense.gouv.fr frederic.vanderhaegen@univ-valenciennes.fr dominique.luzeaux@dga.defense.gouv.fr 22nd Annual INCOSE International Symposium - Rome, Italy - July 9-12, 2012
Summary • Issues and aims • About sociotechnical systems • About resilience • Factors enhancing or reducing resilience capacity • Impacts upon systems engineering foundations • Conclusion and perspectives 22nd Annual INCOSE International Symposium - Rome, Italy 2 - July 9-12, 2012
Beacon • Issues and aims • About sociotechnical systems • About resilience • Factors enhancing or reducing resilience capacity • Impacts upon systems engineering foundations • Conclusion and perspectives 22nd Annual INCOSE International Symposium - Rome, Italy 3 - July 9-12, 2012
Issues & aims Resilience: capability of sociotechnical systems • To cope with unpredictable, unforeseeable events • To adjust faced with disturbing events, • To adapt and learn adequate rules of adaptation, Disturbances out of the system’s adaptation mechanisms Impacts of resilience upon sociotechnical systems: • Systems engineering processes • Systems engineering models • Systems architecture • Systems utilization processes 22nd Annual INCOSE International Symposium - Rome, Italy 4 - July 9-12, 2012
Complex sociotechnical Systems Sociotechnical system Operational environment in which the sociotechnical systems is operated (threat, adversaries, adversaries’ doctrine, …) Crew To provide services To appropriate To fit onto Technical system A sociotechnical systems a human part and a technical one …… … the human part appropriates the technical system, to fit it onto missions in which users operate it, function of operational environments and constraints ... ... the design technical system is modelled and specified in order to be operated by users in a reference operational situation To operate To react To make demands on The actual operational environment is different from the reference one (unpredictable events).
Resilience definitions • “safety and risks in complex organizations are emergent, not resultant properties: safety and risk cannot be predicted or modeled on the basis of constituent components and their interaction” (1) • “we can only measure the potential of resilience, but not resilience itself” (2) • resilience as a “management at the border of the domain of application…” (3) 1. S. Dekker: Resilience engineering: chronicling the emergence of confused consensus ; in E. Hollnagel, D. Woods N. Levenson (eds), Resilience Engineering. Concepts and precepts, Ashgate, Hampshire, Great Britain, 2006 2. E. Hollnagel D. Woods: Epilogue – Resilience engineering precepts; in E. Hollnagel, D. Woods et N. Levenson (eds), Resilience Engineering. Concepts and precepts, Ashgate, Hampshire, Great Britain, 2006 3. D. Luzeaux: Engineering Large-scale Complex Systems in D. Luzeaux, J.-R. Ruault J.-L. Wippler, Complex Systems and Systems of Systems Engineering, ISTE Ltd and John Wiley Sons Inc, 2011 22nd Annual INCOSE International Symposium - Rome, Italy 6 - July 9-12, 2012
Four main resilience functions (1) 1. Avoidance (capacity for anticipation) 2. Resistance (capacity for absorption) 3. Adaptation (capacity for reconfiguration) 4. Recovery (capacity for restoration) This paper deals with: 1. Avoidance 2. Adaptation 1. D. Luzeaux: Engineering Large-scale Complex Systems in D. Luzeaux, J.-R. Ruault J.-L. Wippler, Complex Systems and Systems of Systems Engineering, ISTE Ltd and John Wiley Sons Inc, 2011 22nd Annual INCOSE International Symposium - Rome, Italy 7 - July 9-12, 2012
Avoidance function decomposition Acquiring information at the operators’ level anticipate and avoid accidents • Obtain a representation of the environment • Obtain a representation of the dynamic system • Identify the environment states that were not envisioned • Evaluate the instantaneous or trend drifts • Evaluate the proximity of the state of the system compared to the zones of danger 22nd Annual INCOSE International Symposium - Rome, Italy 8 - July 9-12, 2012
Adaptation function decomposition Adaptation of rules, operational procedures, as well as system functional architecture • Institute and systematize operators’ training • Allow the operators to evolve procedures to take account the environment evolutions • Generalize good practices from procedures evolutions • Design an evolutionary system architecture 22nd Annual INCOSE International Symposium - Rome, Italy 9 - July 9-12, 2012
About resilience (1/3) • Resilience characteristics • Reserve (buffering capacity) • Flexibility • Margin • Tolerance • Multilevel interactions • Among factors of context • Crew’s training and experiment • Work conditions • Human-system interfaces (HSI) quality • Availability of the resources • Methods and procedures accessibility and • Team collaboration quality availability • Mechanisms dealing with resilience • Migration phenomenon (omerta) • Barriers removal (costs; benefits) • Compensation/decompensation mechanism • Dynamic process of “visual piloting” • Threats and appropriate responses 22nd Annual INCOSE International Symposium - Rome, Italy 10 - July 9-12, 2012
About resilience (2/3) • Positive / negative effects of the observance / non-observance specified procedures (Hollnagel’s dark matter1) Consequence Positive (no accident) Negative (accident) Actual environment different from the reference situation. Procedure observance generates a failure. Unsuited adaptation mechanism Failure of a compensation mechanism Signal indicating the probability of an accident Sociotechnical system functioning in its specified domain Sociotechnical system adaptation to the actual environment Compensation mechanism Enhance vigilance because decompensation risks Observance Non-observance Procedure 1. E. Hollnagel: Resilience – The challenge of the Unstable; in E. Hollnagel, D. Woods et N. Levenson (eds), Resilience Engineering. Concepts and precepts, Ashgate, Hampshire, Great Britain, 2006 22nd Annual INCOSE International Symposium - Rome, Italy 11 - July 9-12, 2012
About resilience (3/3) Capability dimensions • Doctrine: operating mode, rules, habits, culture, ethos • Organization: enterprise and team structured • Training: operators prepared and trained to do their work • Materiel: all technical components needed to operate • Leadership: managers prepared to lead and make decision • Personnel: availability of qualified and skilled • Facilities: installations and industrial facilities 22nd Annual INCOSE International Symposium - Rome, Italy 12 - July 9-12, 2012
Beacon • Issues and aims • About sociotechnical systems • About resilience • Factors enhancing or reducing resilience capacity • Impacts upon systems engineering foundations • Conclusion and perspectives 22nd Annual INCOSE International Symposium - Rome, Italy 13 - July 9-12, 2012
Factors of context and capability dimensions 22nd Annual INCOSE International Symposium - Rome, Italy 14 - July 9-12, 2012
Resilience characteristics and capability dimensions 22nd Annual INCOSE International Symposium - Rome, Italy 15 - July 9-12, 2012
Actual operational situation; blind zone Risky operation Operation outside specified domain Real operational scenarios and situations Reference operational scenarios and situations Halo of operation Diversion / bypassing 22nd Annual INCOSE International Symposium - Rome, Italy 16 - July 9-12, 2012
Visual piloting • Control between the situation of reference and the risky use of the system Risky use Use outside the field of definition Real operational situations Reference operational scenarios and situations Variation without compensation. Risk of decompensation. Increase vigilance 22nd Annual INCOSE International Symposium - Rome, Italy 17 - July 9-12, 2012
Beacon • Issues and aims • About sociotechnical systems • About resilience • Factors enhancing or reducing resilience capacity • Impacts upon systems engineering foundations • Conclusion and perspectives 22nd Annual INCOSE International Symposium - Rome, Italy 18 - July 9-12, 2012
Impacts upon systems engineering processes • Integrate human-centred processes within systems engineering (appropriation and adaptation processes) • Carry out experience feedback from actual operational situations • Take care of the necessary evolutions of the technical system 22nd Annual INCOSE International Symposium - Rome, Italy 19 - July 9-12, 2012
Impacts upon engineering models • Model the factors of context and the associated variability • Model complexity, non-linearity, non-monotony, phase transition • Capture and model actual operators’ activities 22nd Annual INCOSE International Symposium - Rome, Italy 20 - July 9-12, 2012
Impacts upon system architecture • Make trade-off between resilience and performance • Design relevant and efficient human-system interface allowing situation awareness • Specify introspection capability • Design flexible architecture 22nd Annual INCOSE International Symposium - Rome, Italy 21 - July 9-12, 2012
Impacts upon enabling system architecture • Use high fidelity prototype and evaluate human-system interfaces • Trace and report current system states and evaluate the gap against reference ones • Trace and report experience feedback • Support training 22nd Annual INCOSE International Symposium - Rome, Italy 22 - July 9-12, 2012
Impacts upon operational processes • Develop collective learning and experience feedback • Set up a management which supports, institutionalizes and gratifies these practices • Deploy adapted procedures to unforeseen events management and train operators • Work out the virtuous loop of the control of execution, the drift measurement, the training and change management • Privilege regulated safety instead of controlled safety 22nd Annual INCOSE International Symposium - Rome, Italy 23 - July 9-12, 2012
Conclusion and perspectives • Resilience encompasses safety and is larger since it takes into account unforeseeable situations and exceptional occurrences • Resilience is a dynamic process which cannot be a priori evaluated • Impacts on the systems engineering processes, the operational processes, the system of interest architecture and the enabling system architecture • This is the first article of my PhD. We details these impacts in further articles • Resilience has impacts also on other processes, such as recruitment, training, team building, these will be the issues of further articles 22nd Annual INCOSE International Symposium - Rome, Italy 24 - July 9-12, 2012
Books 22nd Annual INCOSE International Symposium - Rome, Italy 25 - July 9-12, 2012
THANK YOU VERY MUCH FOR YOUR ATTENTION 22nd Annual INCOSE International Symposium - Rome, Italy 26 - July 9-12, 2012

Recommandé

Introducing sociotechnical systems
Introducing sociotechnical systemsIntroducing sociotechnical systems
Introducing sociotechnical systems
sommerville-videos
 
Socio Technical Systems
Socio Technical SystemsSocio Technical Systems
Socio Technical Systems
Vikram Rao
 
CS 5032 L3 socio-technical systems 2013
CS 5032 L3 socio-technical systems 2013CS 5032 L3 socio-technical systems 2013
CS 5032 L3 socio-technical systems 2013
Ian Sommerville
 
Socio Technical Systems
Socio Technical SystemsSocio Technical Systems
Socio Technical Systems
Joe Christensen
 
Socio-technical System
Socio-technical SystemSocio-technical System
Socio-technical System
Rahul Hada
 
Software engineering socio-technical systems
Software engineering socio-technical systemsSoftware engineering socio-technical systems
Software engineering socio-technical systems
Dr. Loganathan R
 
SOCIOTECHNICAL SYSTEMS IN INFORMATION TECHNOLOGY
SOCIOTECHNICAL SYSTEMS IN INFORMATION TECHNOLOGYSOCIOTECHNICAL SYSTEMS IN INFORMATION TECHNOLOGY
SOCIOTECHNICAL SYSTEMS IN INFORMATION TECHNOLOGY
Riri Satria
 
System success and failure
System success and failureSystem success and failure
System success and failure
sommerville-videos
 

Recommandé

Introducing sociotechnical systems
Introducing sociotechnical systemsIntroducing sociotechnical systems
Introducing sociotechnical systems
sommerville-videos
 
Socio Technical Systems
Socio Technical SystemsSocio Technical Systems
Socio Technical Systems
Vikram Rao
 
CS 5032 L3 socio-technical systems 2013
CS 5032 L3 socio-technical systems 2013CS 5032 L3 socio-technical systems 2013
CS 5032 L3 socio-technical systems 2013
Ian Sommerville
 
Socio Technical Systems
Socio Technical SystemsSocio Technical Systems
Socio Technical Systems
Joe Christensen
 
Socio-technical System
Socio-technical SystemSocio-technical System
Socio-technical System
Rahul Hada
 
Software engineering socio-technical systems
Software engineering socio-technical systemsSoftware engineering socio-technical systems
Software engineering socio-technical systems
Dr. Loganathan R
 
SOCIOTECHNICAL SYSTEMS IN INFORMATION TECHNOLOGY
SOCIOTECHNICAL SYSTEMS IN INFORMATION TECHNOLOGYSOCIOTECHNICAL SYSTEMS IN INFORMATION TECHNOLOGY
SOCIOTECHNICAL SYSTEMS IN INFORMATION TECHNOLOGY
Riri Satria
 
System success and failure
System success and failureSystem success and failure
System success and failure
sommerville-videos
 
Socio Technical Complex Systemsstcs
Socio Technical Complex SystemsstcsSocio Technical Complex Systemsstcs
Socio Technical Complex Systemsstcs
Networked Research Lab, UK
 
Stakeholders, viewpoints and concerns
Stakeholders, viewpoints and concernsStakeholders, viewpoints and concerns
Stakeholders, viewpoints and concerns
sommerville-videos
 
Infrastructure dependability
Infrastructure dependabilityInfrastructure dependability
Infrastructure dependability
sommerville-videos
 
Critical systems engineering
Critical systems engineeringCritical systems engineering
Critical systems engineering
sommerville-videos
 
Availability and reliability
Availability and reliabilityAvailability and reliability
Availability and reliability
sommerville-videos
 
Intro to requirements eng.
Intro to requirements eng.Intro to requirements eng.
Intro to requirements eng.
sommerville-videos
 
Critical systems intro
Critical systems introCritical systems intro
Critical systems intro
sommerville-videos
 
Agile methods for large systems
Agile methods for large systemsAgile methods for large systems
Agile methods for large systems
sommerville-videos
 
Socio technical systems process interventions - Organizational Change and ...
Socio technical systems process interventions - Organizational Change and ...Socio technical systems process interventions - Organizational Change and ...
Socio technical systems process interventions - Organizational Change and ...
manumelwin
 
Introduction to Critical Systems Engineering (CS 5032 2012)
Introduction to Critical Systems Engineering (CS 5032 2012)Introduction to Critical Systems Engineering (CS 5032 2012)
Introduction to Critical Systems Engineering (CS 5032 2012)
Ian Sommerville
 
Cybersecurity 4 security is sociotechnical issue
Cybersecurity 4 security is sociotechnical issueCybersecurity 4 security is sociotechnical issue
Cybersecurity 4 security is sociotechnical issue
sommerville-videos
 
Introduction to real time software systems script
Introduction to real time software systems scriptIntroduction to real time software systems script
Introduction to real time software systems script
sommerville-videos
 
L2 Socio Tech Systems
L2 Socio Tech SystemsL2 Socio Tech Systems
L2 Socio Tech Systems
Ian Sommerville
 
Autonomic computing seminar documentation
Autonomic computing seminar documentationAutonomic computing seminar documentation
Autonomic computing seminar documentation
Georgekutty Francis
 
Difference between systems engineering and computer engineering
Difference between systems engineering and computer engineeringDifference between systems engineering and computer engineering
Difference between systems engineering and computer engineering
Oluwatosin Lawal
 
System analysis
System analysisSystem analysis
System analysis
Nikhil Sharma
 
testing slide
testing slidetesting slide
testing slide
guest08962a
 
Autonomic Computing and Self Healing Systems
Autonomic Computing and Self Healing SystemsAutonomic Computing and Self Healing Systems
Autonomic Computing and Self Healing Systems
William Chipman
 
AutonomicComputing
AutonomicComputingAutonomicComputing
AutonomicComputing
Kaushik Patidar
 
Dependability requirements for LSCITS
Dependability requirements for LSCITSDependability requirements for LSCITS
Dependability requirements for LSCITS
Ian Sommerville
 
Resilience: a brief view on the state of the art
Resilience: a brief view on the state of the artResilience: a brief view on the state of the art
Resilience: a brief view on the state of the art
Henry Muccini
 
Future Research in (Software) Resilience
Future Research in (Software) ResilienceFuture Research in (Software) Resilience
Future Research in (Software) Resilience
Henry Muccini
 

Contenu connexe

Tendances

Autonomic Computing and Self Healing Systems
Autonomic Computing and Self Healing SystemsAutonomic Computing and Self Healing Systems
Autonomic Computing and Self Healing Systems
William Chipman
 

Tendances (20)

Socio Technical Complex Systemsstcs
Socio Technical Complex SystemsstcsSocio Technical Complex Systemsstcs
Socio Technical Complex Systemsstcs
 
Stakeholders, viewpoints and concerns
Stakeholders, viewpoints and concernsStakeholders, viewpoints and concerns
Stakeholders, viewpoints and concerns
 
Infrastructure dependability
Infrastructure dependabilityInfrastructure dependability
Infrastructure dependability
 
Critical systems engineering
Critical systems engineeringCritical systems engineering
Critical systems engineering
 
Availability and reliability
Availability and reliabilityAvailability and reliability
Availability and reliability
 
Intro to requirements eng.
Intro to requirements eng.Intro to requirements eng.
Intro to requirements eng.
 
Critical systems intro
Critical systems introCritical systems intro
Critical systems intro
 
Agile methods for large systems
Agile methods for large systemsAgile methods for large systems
Agile methods for large systems
 
Socio technical systems process interventions - Organizational Change and ...
Socio technical systems process interventions - Organizational Change and ...Socio technical systems process interventions - Organizational Change and ...
Socio technical systems process interventions - Organizational Change and ...
 
Introduction to Critical Systems Engineering (CS 5032 2012)
Introduction to Critical Systems Engineering (CS 5032 2012)Introduction to Critical Systems Engineering (CS 5032 2012)
Introduction to Critical Systems Engineering (CS 5032 2012)
 
Cybersecurity 4 security is sociotechnical issue
Cybersecurity 4 security is sociotechnical issueCybersecurity 4 security is sociotechnical issue
Cybersecurity 4 security is sociotechnical issue
 
Introduction to real time software systems script
Introduction to real time software systems scriptIntroduction to real time software systems script
Introduction to real time software systems script
 
L2 Socio Tech Systems
L2 Socio Tech SystemsL2 Socio Tech Systems
L2 Socio Tech Systems
 
Autonomic computing seminar documentation
Autonomic computing seminar documentationAutonomic computing seminar documentation
Autonomic computing seminar documentation
 
Difference between systems engineering and computer engineering
Difference between systems engineering and computer engineeringDifference between systems engineering and computer engineering
Difference between systems engineering and computer engineering
 
System analysis
System analysisSystem analysis
System analysis
 
testing slide
testing slidetesting slide
testing slide
 
Autonomic Computing and Self Healing Systems
Autonomic Computing and Self Healing SystemsAutonomic Computing and Self Healing Systems
Autonomic Computing and Self Healing Systems
 
AutonomicComputing
AutonomicComputingAutonomicComputing
AutonomicComputing
 
Dependability requirements for LSCITS
Dependability requirements for LSCITSDependability requirements for LSCITS
Dependability requirements for LSCITS
 

Similaire à Sociotechnical systems resilience

How can usage monitoring improve resilience?
How can usage monitoring improve resilience?How can usage monitoring improve resilience?
How can usage monitoring improve resilience?
Jean-René RUAULT
 
Process Improvement for better Software Technical Quality under Global Crisis...
Process Improvement for better Software Technical Quality under Global Crisis...Process Improvement for better Software Technical Quality under Global Crisis...
Process Improvement for better Software Technical Quality under Global Crisis...
Optimyth Software
 
Mi 291 chapter 2 (engineering analsysis)
Mi 291 chapter 2 (engineering analsysis)Mi 291 chapter 2 (engineering analsysis)
Mi 291 chapter 2 (engineering analsysis)
varun teja G.V.V
 
Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2
Chonghua Yin
 
The Usability of everyday things
The Usability of everyday thingsThe Usability of everyday things
The Usability of everyday things
Rosa Quiroga
 

Similaire à Sociotechnical systems resilience (20)

Resilience: a brief view on the state of the art
Resilience: a brief view on the state of the artResilience: a brief view on the state of the art
Resilience: a brief view on the state of the art
 
Future Research in (Software) Resilience
Future Research in (Software) ResilienceFuture Research in (Software) Resilience
Future Research in (Software) Resilience
 
How can usage monitoring improve resilience?
How can usage monitoring improve resilience?How can usage monitoring improve resilience?
How can usage monitoring improve resilience?
 
Organizational Failure (LSCITS EngD 2012)
Organizational Failure (LSCITS EngD 2012)Organizational Failure (LSCITS EngD 2012)
Organizational Failure (LSCITS EngD 2012)
 
01_Principles.pdf rata Tata principles and rules
01_Principles.pdf rata Tata principles and rules01_Principles.pdf rata Tata principles and rules
01_Principles.pdf rata Tata principles and rules
 
Process Improvement for better Software Technical Quality under Global Crisis...
Process Improvement for better Software Technical Quality under Global Crisis...Process Improvement for better Software Technical Quality under Global Crisis...
Process Improvement for better Software Technical Quality under Global Crisis...
 
Object Orientation Fundamentals
Object Orientation FundamentalsObject Orientation Fundamentals
Object Orientation Fundamentals
 
Socio technical systems (LSCITS EngD)
Socio technical systems (LSCITS EngD)Socio technical systems (LSCITS EngD)
Socio technical systems (LSCITS EngD)
 
Rtlws2013
Rtlws2013Rtlws2013
Rtlws2013
 
Past and Future of Systems Engineering in ASD Programs : Spain vs the World
Past and Future of Systems Engineering in ASD Programs : Spain vs the WorldPast and Future of Systems Engineering in ASD Programs : Spain vs the World
Past and Future of Systems Engineering in ASD Programs : Spain vs the World
 
Mi 291 chapter 2 (engineering analsysis)
Mi 291 chapter 2 (engineering analsysis)Mi 291 chapter 2 (engineering analsysis)
Mi 291 chapter 2 (engineering analsysis)
 
Ultra Large Scale Systems
Ultra Large Scale SystemsUltra Large Scale Systems
Ultra Large Scale Systems
 
Redes de sensores sem fio autonômicas: abordagens, aplicações e desafios
Redes de sensores sem fio autonômicas: abordagens, aplicações e desafios Redes de sensores sem fio autonômicas: abordagens, aplicações e desafios
Redes de sensores sem fio autonômicas: abordagens, aplicações e desafios
 
Software Architecture: Introduction to the abstraction (May 2014_Split)
Software Architecture: Introduction to the abstraction (May 2014_Split)Software Architecture: Introduction to the abstraction (May 2014_Split)
Software Architecture: Introduction to the abstraction (May 2014_Split)
 
Systems Engineering and Requirements Management in Medical Device Product Dev...
Systems Engineering and Requirements Management in Medical Device Product Dev...Systems Engineering and Requirements Management in Medical Device Product Dev...
Systems Engineering and Requirements Management in Medical Device Product Dev...
 
PERICLES workshop (IDCC 2016) - Introduction to the PERICLES project
PERICLES workshop (IDCC 2016) - Introduction to the PERICLES projectPERICLES workshop (IDCC 2016) - Introduction to the PERICLES project
PERICLES workshop (IDCC 2016) - Introduction to the PERICLES project
 
A Survey On Empirical Requirements Engineering Research Practices
A Survey On Empirical Requirements Engineering Research PracticesA Survey On Empirical Requirements Engineering Research Practices
A Survey On Empirical Requirements Engineering Research Practices
 
Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2
 
The Usability of everyday things
The Usability of everyday thingsThe Usability of everyday things
The Usability of everyday things
 
**Exploring and Assessing Project Complexity-Dao;17.pdf
**Exploring and Assessing Project Complexity-Dao;17.pdf**Exploring and Assessing Project Complexity-Dao;17.pdf
**Exploring and Assessing Project Complexity-Dao;17.pdf
 

Sociotechnical systems resilience

  • 1. Sociotechnical systems resilience Jean-René Ruault(1, 2), Frédéric Vanderhaegen(1), Dominique Luzeaux(2) 1) UVHC, LAMIH, F-59313 Valenciennes, France 2) DGA, 7-9 rue des Mathurins, F-92221 Bagneux, France jean-rene.ruault@dga.defense.gouv.fr frederic.vanderhaegen@univ-valenciennes.fr dominique.luzeaux@dga.defense.gouv.fr 22nd Annual INCOSE International Symposium - Rome, Italy - July 9-12, 2012
  • 2. Summary • Issues and aims • About sociotechnical systems • About resilience • Factors enhancing or reducing resilience capacity • Impacts upon systems engineering foundations • Conclusion and perspectives 22nd Annual INCOSE International Symposium - Rome, Italy 2 - July 9-12, 2012
  • 3. Beacon • Issues and aims • About sociotechnical systems • About resilience • Factors enhancing or reducing resilience capacity • Impacts upon systems engineering foundations • Conclusion and perspectives 22nd Annual INCOSE International Symposium - Rome, Italy 3 - July 9-12, 2012
  • 4. Issues & aims Resilience: capability of sociotechnical systems • To cope with unpredictable, unforeseeable events • To adjust faced with disturbing events, • To adapt and learn adequate rules of adaptation, Disturbances out of the system’s adaptation mechanisms Impacts of resilience upon sociotechnical systems: • Systems engineering processes • Systems engineering models • Systems architecture • Systems utilization processes 22nd Annual INCOSE International Symposium - Rome, Italy 4 - July 9-12, 2012
  • 5. Complex sociotechnical Systems Sociotechnical system Operational environment in which the sociotechnical systems is operated (threat, adversaries, adversaries’ doctrine, …) Crew To provide services To appropriate To fit onto Technical system A sociotechnical systems a human part and a technical one …… … the human part appropriates the technical system, to fit it onto missions in which users operate it, function of operational environments and constraints ... ... the design technical system is modelled and specified in order to be operated by users in a reference operational situation To operate To react To make demands on The actual operational environment is different from the reference one (unpredictable events).
  • 6. Resilience definitions • “safety and risks in complex organizations are emergent, not resultant properties: safety and risk cannot be predicted or modeled on the basis of constituent components and their interaction” (1) • “we can only measure the potential of resilience, but not resilience itself” (2) • resilience as a “management at the border of the domain of application…” (3) 1. S. Dekker: Resilience engineering: chronicling the emergence of confused consensus ; in E. Hollnagel, D. Woods N. Levenson (eds), Resilience Engineering. Concepts and precepts, Ashgate, Hampshire, Great Britain, 2006 2. E. Hollnagel D. Woods: Epilogue – Resilience engineering precepts; in E. Hollnagel, D. Woods et N. Levenson (eds), Resilience Engineering. Concepts and precepts, Ashgate, Hampshire, Great Britain, 2006 3. D. Luzeaux: Engineering Large-scale Complex Systems in D. Luzeaux, J.-R. Ruault J.-L. Wippler, Complex Systems and Systems of Systems Engineering, ISTE Ltd and John Wiley Sons Inc, 2011 22nd Annual INCOSE International Symposium - Rome, Italy 6 - July 9-12, 2012
  • 7. Four main resilience functions (1) 1. Avoidance (capacity for anticipation) 2. Resistance (capacity for absorption) 3. Adaptation (capacity for reconfiguration) 4. Recovery (capacity for restoration) This paper deals with: 1. Avoidance 2. Adaptation 1. D. Luzeaux: Engineering Large-scale Complex Systems in D. Luzeaux, J.-R. Ruault J.-L. Wippler, Complex Systems and Systems of Systems Engineering, ISTE Ltd and John Wiley Sons Inc, 2011 22nd Annual INCOSE International Symposium - Rome, Italy 7 - July 9-12, 2012
  • 8. Avoidance function decomposition Acquiring information at the operators’ level anticipate and avoid accidents • Obtain a representation of the environment • Obtain a representation of the dynamic system • Identify the environment states that were not envisioned • Evaluate the instantaneous or trend drifts • Evaluate the proximity of the state of the system compared to the zones of danger 22nd Annual INCOSE International Symposium - Rome, Italy 8 - July 9-12, 2012
  • 9. Adaptation function decomposition Adaptation of rules, operational procedures, as well as system functional architecture • Institute and systematize operators’ training • Allow the operators to evolve procedures to take account the environment evolutions • Generalize good practices from procedures evolutions • Design an evolutionary system architecture 22nd Annual INCOSE International Symposium - Rome, Italy 9 - July 9-12, 2012
  • 10. About resilience (1/3) • Resilience characteristics • Reserve (buffering capacity) • Flexibility • Margin • Tolerance • Multilevel interactions • Among factors of context • Crew’s training and experiment • Work conditions • Human-system interfaces (HSI) quality • Availability of the resources • Methods and procedures accessibility and • Team collaboration quality availability • Mechanisms dealing with resilience • Migration phenomenon (omerta) • Barriers removal (costs; benefits) • Compensation/decompensation mechanism • Dynamic process of “visual piloting” • Threats and appropriate responses 22nd Annual INCOSE International Symposium - Rome, Italy 10 - July 9-12, 2012
  • 11. About resilience (2/3) • Positive / negative effects of the observance / non-observance specified procedures (Hollnagel’s dark matter1) Consequence Positive (no accident) Negative (accident) Actual environment different from the reference situation. Procedure observance generates a failure. Unsuited adaptation mechanism Failure of a compensation mechanism Signal indicating the probability of an accident Sociotechnical system functioning in its specified domain Sociotechnical system adaptation to the actual environment Compensation mechanism Enhance vigilance because decompensation risks Observance Non-observance Procedure 1. E. Hollnagel: Resilience – The challenge of the Unstable; in E. Hollnagel, D. Woods et N. Levenson (eds), Resilience Engineering. Concepts and precepts, Ashgate, Hampshire, Great Britain, 2006 22nd Annual INCOSE International Symposium - Rome, Italy 11 - July 9-12, 2012
  • 12. About resilience (3/3) Capability dimensions • Doctrine: operating mode, rules, habits, culture, ethos • Organization: enterprise and team structured • Training: operators prepared and trained to do their work • Materiel: all technical components needed to operate • Leadership: managers prepared to lead and make decision • Personnel: availability of qualified and skilled • Facilities: installations and industrial facilities 22nd Annual INCOSE International Symposium - Rome, Italy 12 - July 9-12, 2012
  • 13. Beacon • Issues and aims • About sociotechnical systems • About resilience • Factors enhancing or reducing resilience capacity • Impacts upon systems engineering foundations • Conclusion and perspectives 22nd Annual INCOSE International Symposium - Rome, Italy 13 - July 9-12, 2012
  • 14. Factors of context and capability dimensions 22nd Annual INCOSE International Symposium - Rome, Italy 14 - July 9-12, 2012
  • 15. Resilience characteristics and capability dimensions 22nd Annual INCOSE International Symposium - Rome, Italy 15 - July 9-12, 2012
  • 16. Actual operational situation; blind zone Risky operation Operation outside specified domain Real operational scenarios and situations Reference operational scenarios and situations Halo of operation Diversion / bypassing 22nd Annual INCOSE International Symposium - Rome, Italy 16 - July 9-12, 2012
  • 17. Visual piloting • Control between the situation of reference and the risky use of the system Risky use Use outside the field of definition Real operational situations Reference operational scenarios and situations Variation without compensation. Risk of decompensation. Increase vigilance 22nd Annual INCOSE International Symposium - Rome, Italy 17 - July 9-12, 2012
  • 18. Beacon • Issues and aims • About sociotechnical systems • About resilience • Factors enhancing or reducing resilience capacity • Impacts upon systems engineering foundations • Conclusion and perspectives 22nd Annual INCOSE International Symposium - Rome, Italy 18 - July 9-12, 2012
  • 19. Impacts upon systems engineering processes • Integrate human-centred processes within systems engineering (appropriation and adaptation processes) • Carry out experience feedback from actual operational situations • Take care of the necessary evolutions of the technical system 22nd Annual INCOSE International Symposium - Rome, Italy 19 - July 9-12, 2012
  • 20. Impacts upon engineering models • Model the factors of context and the associated variability • Model complexity, non-linearity, non-monotony, phase transition • Capture and model actual operators’ activities 22nd Annual INCOSE International Symposium - Rome, Italy 20 - July 9-12, 2012
  • 21. Impacts upon system architecture • Make trade-off between resilience and performance • Design relevant and efficient human-system interface allowing situation awareness • Specify introspection capability • Design flexible architecture 22nd Annual INCOSE International Symposium - Rome, Italy 21 - July 9-12, 2012
  • 22. Impacts upon enabling system architecture • Use high fidelity prototype and evaluate human-system interfaces • Trace and report current system states and evaluate the gap against reference ones • Trace and report experience feedback • Support training 22nd Annual INCOSE International Symposium - Rome, Italy 22 - July 9-12, 2012
  • 23. Impacts upon operational processes • Develop collective learning and experience feedback • Set up a management which supports, institutionalizes and gratifies these practices • Deploy adapted procedures to unforeseen events management and train operators • Work out the virtuous loop of the control of execution, the drift measurement, the training and change management • Privilege regulated safety instead of controlled safety 22nd Annual INCOSE International Symposium - Rome, Italy 23 - July 9-12, 2012
  • 24. Conclusion and perspectives • Resilience encompasses safety and is larger since it takes into account unforeseeable situations and exceptional occurrences • Resilience is a dynamic process which cannot be a priori evaluated • Impacts on the systems engineering processes, the operational processes, the system of interest architecture and the enabling system architecture • This is the first article of my PhD. We details these impacts in further articles • Resilience has impacts also on other processes, such as recruitment, training, team building, these will be the issues of further articles 22nd Annual INCOSE International Symposium - Rome, Italy 24 - July 9-12, 2012
  • 25. Books 22nd Annual INCOSE International Symposium - Rome, Italy 25 - July 9-12, 2012
  • 26. THANK YOU VERY MUCH FOR YOUR ATTENTION 22nd Annual INCOSE International Symposium - Rome, Italy 26 - July 9-12, 2012