2017

Adopting Model Based Engineering M. Michael Briggs, Joshua Spiegel, Brian Ladson Presented by: M. Michael Briggs Vice President – Engineering 650-265-1988, 650-400-1446 cell, [email protected] Millennium Engineering and Integration Company, November 1, 2017

1 2017 Model-Based Origins

• Alfred North Whitehead (co-authored “Principa Mathmatica” with Betrand Russell, also wrote “Science and the Modern World” in 1925, furthering Philosophy of Science and Process Philosophy. Whitehead Viewed “the world as a web of integrated processes” • Bell Telephone Labs, Douglas Aircraft Co.(1945-1950) Nike air defense systems, MIT: 1st SE course 1950 • RAND Corp (spinoff from Douglas,1947-48) modern Analysis • K.E. Boulding (1956): “General (GST) is a name which has come into use to describe a level of theoretical model-building which lies somewhere between the highly generalized constructions of pure mathematics and the specific theories of the specialized disciplines- - - -.” • (Orgasmic System Theory, Cofounder-Soc. General Systems Research SGSR 1956, GST Theory book 1968, Open Systems) “Integrating Philosophy and Theory as Knowledge, and Method and Application as action, Systems Inquiry then is knowledgeable action.” • , C, West Churchman, Alfred Emerson, , Béla H. Bánáthy, Howard T. Odum, Eugene Odum, Fritjof Capra, Peter Senge, James Grier Miller among others.

page 2 2017 Some Model-Based Systems Engineering (MBSE) Definitions: • “The formalized application of modeling to support system requirements, design, analysis, verification and validation activities beginning in the conceptual design phase and continuing throughout development and later life cycle phases.” INCOSE SE Vision 2020, Jul 2015 • “Models and simulations should be used, to the greatest extent feasible, in systems engineering and program/project risk management; cost and schedule planning; and providing critical capabilities to effectively address issues in areas including but not limited to interoperability, joint operations, and systems of systems across the entire acquisition life cycle.” DoD Digital Engineering Working Group

MBSE Applies General Systems Theory to Engineering, Exploiting Computer- aided Definition and Simulation of Fundamental Truths Universally Applicable Across Disciplines, i.e. Anything Subject to the Laws of Nature and Physics page 3 2017 MBSE Approaches Vary in their Simulation Emphasis • Some MBSE definition sources emphasize design intent specification, e.g.: • Architecture, interfaces, I/O & messages, sequencing/timing, modes & states etc. • Other sources emphasize the need for Modeling and SIMULATION, e.g. • Interim DoDI 5000.02, Operation of the Defense Acquisition System, Requires the integration of Modeling&Simulation activities into program planning and engineering efforts: (http://www.dtic.mil/whs/directives/corres/pdf/500002_interim.pdf) • INCOSE SE Vision 2025 (2014) predicts: “Formal systems modeling is standard practice for specifying, analyzing, designing, and verifying systems and is fully integrated with other engineering models”. • MBSE at Millennium Engineering & Integration Co. defines design intent in UML/SysML diagrams then translated to visual programming of dynamic-system simulations supported by data from CAD/Multiphysics and automatic code generation • Functionality/behavior is represented with closed-loop Plant & Software models. • Simulation is vital to every Systems Engineering function, practiced since 1950’s advent of programmable computers & 1970’s introduction of interactive terminalspage 4 2017 Unifying the MBSE Process • MBSE requires “Descriptive Models” early in project to convey & document Requirements, Design Intent, Architectures and desired attributes (e.g. the many UML and SysML diagramming tools). • MBSE requires “Dynamic Models” that can be “simulated” to analytically “test” behavior of concepts and design candidates (e.g. MATLAB/Simulink & other CAE software tools). • Neither category of SW tools performs both of these function sets.

Obvious Integrated Solution: exploit XMI to automate transfer of UML/SysML diagram data into a block-diagram programming & simulation tool, & provide for transfer of behavioral auto-generated code back to UML/SysML as desired.

page 5 2017 Unifying the MBSE Process with ModelLink Common Architecture Across Design-Intent-Description & Simulation Tools Requirements & Configuration Management System ModelLink UML/SysML Definition Tool Model Exchange: • Export Out: as XMI UML Design • Import: Into MATLAB and Simulation Simulink & Modeling Tool

SysML Design Simulation Model Exchange • Export Out: Block Diagram specs to XMI, & generated code to XML/SysML tool loadable files

page 6 2017 End-To-End Model-Based Systems Engineering Processes • Requirements Definition & Analysis • Analysis: Functional Analysis & Allocation, Architecture I/O timing etc definition & graphical depiction. Requirements derivation, function flowdown & I/O testing using conceptual first-order algorithms. • Concept Synthesis, Analysis/Testing, Control & Verification • Concept alternatives definition & simulation- based testing • Concept simulation-based performance evaluation to support trade studies, configuration management & control • Systems Engineering Management of Product Design, Realization & Support • Baseline performance evaluation & functional & performance requirements compliance testing & traceability • Reconciliation of simulation models with subsystem acceptance & qual test data • Reconciliation of system test data with system simulation • Simulation-Driven Fault identification & isolation for delivered product support

page 7 2017 Key Role of Simulations in MBSE & MBE Delivered Simulation-Driven Capability Fault Diagnosis for Product Support Next Generation Advanced Concepts UML/SysML Sim-Driven T&E Descriptions & Opeval Performance Requirements Sim-Driven Predictions & Verification Documents Concept Explore Assessment Requirements rebalancing techniques Rhapsody enable performance assessment as a Common Framework M&S-based Model function of cost before requirements HWIL Sim-Driven Testbed (Digital, Real- Functional are regimented Verification + Time, HWIL) ModelLink Translates UML/SysML Analysis, T&E Test Diagrams Into Simulink Requirmnts Def Planning Requirements Architectures & Flowdown Rebalancing Tool Updates (in development) Sim- Driven Simulink Simulation Development & Simulation- Design, Simulink Embedded Coder Realtime Simulation Architecture Generated Supported Assessment tailoring generates C/C++ code Code AI&T, sim & Spec into Higher-Level System- Reconciliation Of_systems simulation Frameworks Production Planning & Release Refined Models, Reconciled Into Fabrication Against Test Data

High-Fidelity Communications HW/SW Algorithms Interface Development

Derived From DoD Systems Engineering Process (DAG Ch. 4) 15 2017 An End-to-End Model-Based Systems Engineering Process

V&V Reports STAKEHOLDER OPERATIONAL SUPPORT NEEDS & Requirements Verification & Traceability Matrix, Verification Strategy Requirements CONSTRAINTS CM & SIM-DRIVEN RISK MANAGEMENT Criticality & Design V&V Intended Uses Risks Risk Register & Design Reports & Criteria Burn-Down Plans Mitigation Results Descriptions REQUIREMENTS, & Test IMPLEMENTATION & VERIFICATION & ARCHITECTURE & Approaches Architecture & INTEGRATION DESIGN-SysML Design VALIDATION Requirements FMECA Master Concept Design / Test and Baselines Hardware Test V&V Derived Test Implementation Test Configuration Plan Requirements Results Info Items Items Simulation-Driven FMECA Acceptance & Eval Capability Iterative Software Tests Assessments Configuration Decomposition & Items Test-By-Test Prediction & Synthesis Reconciliation w/Simulation

SIMULINK Hardware- V&V Derived M&S Common Models & In-The- Requirements issues& Auto-Generated Problem Reports Warfighter SW Code Generation Software Loop Feedback Plan Field M&S Descriptions Open Architecture M&S Framework/ Common Models and V&V Results Define Assess Joint M&S Plans Federated Sims System Test & User Feedback Design Verify Subsystem External System M&S Design & Build page 9 2017 Engineering Tools with Block Diagram Programming, Simulation & Code Generation • MATLAB/Simulink/RT-Workshop/Embedded Coder (1992-Present) • Developed & sold by The Mathworks Corp, over a million users • MATRIXx Line: Xmath/SystemBuild/AutoCode (1988-Present) • Developed by Integrated Systems, Inc (ISI), now owned/distributed by NI • CTRL-C/Model-C: Developed by Systems Control Technology (~1977-1992) • Purchased by ISI in 1992 and EOL’d • ACSL with Protoblock: Late 1980’s, ACSL lives on, Protoblock disappeared • EASY-5: MSCsoftware for Simulation only (Boeing Code Generator Retained Inhouse) • LabVIEW Real Time : by National Instruments • SCADE: Esterel Technologies (France), DO-178B Qualified, • IEC 61508 & EN 50128 Certified, HQ Elancourt, France & Mountain View, CA • SciLab/Scicos: Offered by INRA (France) • OTHERS: SystemView, Visual System Simulator, VisSim, ASCET-SE, VAPS

page 15 2017 Phased Strategic MBSE Adoption Approach • Planning for MBSE Adoption • Project-Specific Modeling Standards & Guidelines • Hands-On Training • Starting New Projects or Project Segments with MBSE Payoffs: “The Promised Land”: • Dramatic Reduction in time/effort/cost to System Concept Review • Robust concept tested & verified via appropriate-fidelity simulations • Handoff of baseline concept definition/specification as visual & executables diagrams

page 11 2017 Planning for Phased Strategic MBSE Adoption • Formulate concept for a Pilot MBSE-based Project • Clearly define purpose, objectives, requirements & project execution metrics • Assign or hire a MBSE Guru as project lead • Experienced in applying a simulation-driven MBSE tool chain • Identify, procure & install MBSE CAE software tool chain including CM/VC • Select Core Team participants & define roles/responsibilities • Prepare Pilot Project Plan based upon concept • Define Systems Engineering tasks to be accomplished & schedule • Define standards, modeling guidelines & CM policy to be followed • Define an end-to-end project that includes MBE so participants understand the complete integrated end-to-end MBSE/MBE process. • Mandate integration of some selected legacy hardware & software Secure Management Buy-In & Execute the Pilot Project Plan

page 12 2017 Importance of Project-Oriented Modeling Guidelines The key MBSE tools that implement UML/SysML & Block Diagram Programming offer more realization & annotation options than needed for most systems, many of which can waste effort & increase fault risk. • Recommendation: Each project review the CAE SW tool diagramming & simulation options, select the reduced set that satisfies project needs with least risk & document in a Project Modeling Guidelines Document. • Examples: MathWorks Automotive Advisory Board (MAAB) “Control Algorithm Modeling Guidelines - - “, “Millennium Simulink Modeling Guidelines” (MEI), “Harmony MBSE Modeling Standards for use with UML,SysML, and Rhapsody”(IBM), “Guidelines for UML or SysML modelling within an enterprise architecture” (Mälardalen University Academy of Innovation, Design and Technology) Tailor Your Modeling Guidelines to Suit Project Needs, & Establish Compliance Mechanisms page 13 2017 Core Team Hands-On Training • Assign Lead Guru & Core Team to accomplish pilot MBSE project plan. • Provide Introductory training for application of UML/SysML, Block Diagram Simulation & Code Generation tools to pilot project. • Provided by MBSE Lead Guru or SW tool vendor • Present modeling & CM/VC guidelines to Core Team & mandate use • Review policy, procedures, accounts & usage • Establish & apply means of checking compliance • Execute the pilot project tasks using MBSE tool chain under MBSE Guru direction, peer review progress/task completion, track metrics

Document the Training Tools & Training Models/Results & Metrics For Evolution & Use in Future Training Events & Projects page 14 2017 Transition to MBSE from Legacy Processes - New Project • MBSE should be adopted at the outset of a new project • Avoids rework of accomplished tasks & disgruntlement of existing staff • Define extent of Model-Based Engineering (MBE) to be applied in Design, Implementation, & AI&T, plan cooperative concurrency & multi-disciplinary support of MBSE & MBE, and define/procure QTY/type of CAE-tool seats req’d • Appoint MBSE Guru or well-trained “Star” as SE lead, prepare task plan, allocate “mixed” staff & MBSE tools, then execute (as pilot was). • Identify applicable legacy or mandated hardware, middleware & OS targets, as well as legacy simulation & software components. • Update/enforce Modeling Guidelines; create, launch & follow “Plan” Collect Models for Integration into Model Libraries; enables re- parameterization for re-use on other projects page 15 2017 MBSE Applications Examples & Payoffs • Control System Concept Definition - Tethered Airship in Gusty Winds • Requirements: 232,000 kg, 355,514 m3, Limits: pitch/roll attitude 0.5°, 0.1g, 2 deg/sec, wind 6 kts mean, gusts to 15 kts • Architecture Definition & System Simulation in Simulink • Functional Analysis/Allocation: #actuators & perf., sensors/NAV, multi-axis control • Concept Synthesis/Verification: 12 props, GPS-augmented IMU NAV, LQR MIMO, 6DOF • SWORDS Space Launch Vehicle Avionics Systems Engineering • Requirements: Low cost GNC, ±15 km RMS to 650 km circ. orbit, suppress flexible modes, margins: 6db gain/30° phase, separation rate limits 2°/s q&r, 0.5°/s p • Architecture Definition & System Simulation in Simulink • Functional Analysis /Allocation: SLV configuration & alignments, GNC HW & SW, comm • Concept Synthesis/Verification: -guidance, MEMS IMU, GPS/IMU fusion, LTI PID, 6DOF

page 16 MBSE Example: Passenger-Tolerable 2017 Control of Tethered Airship in Gusty Winds

• Proved feasibility of airship stabilization in very gusty wind conditions for concerned customer • 6DOF/12-actuator Simulation with MIMO control was developed & applied in 60 working hours • Demonstrates the tremendous efficiency and cost/effectiveness of MBSE AirShip Gust Loads Feasibility Analysis determined Torque and Motor sizing requirements <60 person-hrs

17 MBSE Example: Avionics for SWORDS Space 2017 Launch Vehicle

Photo or illustration

• Ascent-to-orbit 6DOF Launch Vehicle simulation with GPS/INS extended Kalman Filter Nav, flex modes model & isolation, parameter uncertainties, & Monte-Carlo statistics all in 12 months. • Initial build operational in 3 months, applied to trade studies & multiple SLV design-update releases over subsequent 6 months. Parameter • Assessed multiple GNC alternatives & SLV design options & Graphs control through disturbances early in program, established configuration & control actuation requirements.

18 2017 Summary • Automated transfer of models between universally-accepted UML/SysML tools and visually-programmed simulation tools provides direct solution. to the MBSE “behavioral simulation” problem • Direct transfer of specified design intent into behavioral simulations • Simulation-driven MBSE segways naturally to simulation-driven MBE. • Phased MBSE adoption approach spreads investment over time as teams learn tools & process, learn from mistakes and climb the learning curve. • Planning, Training, Guidelines & fresh Application to New Projects are essential • Hands-on application to real problems is the best learning method The two IP-Free MBSE application examples shown, while compelling, represent a small portion of the body of high-payoff MBSE accomplishments achieved by enlightened organizations worldwide.

page 19