Software Engineering Institute | Carnegie Mellon University

SEI Insights


SEI Architecture Technology User Network (SATURN) News and Updates

SATURN 2013 Sustainability and Security Session (notes)

Posted on by in

Notes by Frank M. Rischner

Architecting Long-Lived Systems

Harald Wesenberg and Einar Landre, Statoil Arne Wiklund, Kongsberg

Statoil uses environmental-monitoring software for monitoring the impacts of their oil business on the environment. Statoil struggled to build a system that would live for a long time. Making sure there is no impact on the environment, how do we build a system that lives for 70 years and adapts to changes?

  • Don't monitor the major events like oils spills; monitor the little things and their impacts on the environment.
  • Use agile projects, since there are a huge number of unknowns in the unknowns.
  • Use stacking capabilities and business capabilities. Those business capabilities are driven by value, are measurable, and provide actions. Each capability is a small enterprise-architecture element.

IEM capability stack: When capabilities are stacked, they show the impacts. On the bottom of the stack is the Intelligent Infrastructure with the sensors. Then an Information and Collaboration Layer is added. Those layers are used to build better models. This step is done in the Knowledge-Sharing and Analytics Layer. At the top of the stack is the Business Operation Layer to make better decisions. The interesting fact about stacking is when we look at the stack, they are built on each other. Having a better sensor stack leads to better analysis. Managing complexity: How do we manage the complexity? Book: Domain-Driven Design Unified Concept definitions. Within the context, a useful tool for managing the complexity is using context maps to map the relations of the boundaries.

Architecting for change: An hour-glass approach keeps the interface between domains as narrow as possible. The interfaces should follow natural boundaries and focus on identifiers, formats, and protocols, such as TCP/IP or shipping. The value is the data that the applications collect, not the applications themselves. It is important to give the data a context. Also it is important to persist the data. The data has to be as widely usable as possible. The architecture can be documented well, but the internal documentation is hidden to keep it more black boxed. Architecture for IEM: Sensors are connected to the services and data stores over a network. They are themselves connected again over a network to the applications. Using Architecture to Guide Cybersecurity Improvements for the Smart Grid Elizabeth Sisley, Calm Sunrise Consulting, LLC Dr. Sisley has worked in the industry for 25 years. She currently works in a government-funded program in cybersecurity. Hypothesis: The model can be used in other industries as well. The U.S. Smart Grid is adopted all over the world. The Smart Grid is highly regulated. The Smart Grid is a complex system of systems and involves real-time control systems, transforming into advanced digital infrastructure and cybersecurity requirements. The model contains seven domains: Generation, Markets, Operations, Service Provider, Transmission, Distribution, and Customer. The purpose is to provide guidelines for the different domains. The organizations adapt the model in slightly different ways. Cybersecurity requirements: The most important requirement is availability. The data has mostly to be available in real time. The information about the customers is another important requirement. The customer information needs to been kept private. The data integrity is important and even has to be stable during attacks, such as the Stuxnet attack. There are 19 levels of requirements; here four of the domains have been broken down, and the three requirements are leveled from low to high priority. A swim-lane model has been applied to visualize the requirement workflows. The high-level security requirements are mapped. Each system or asset needs to be verified. Coming back to the hypothesis: The business processes, systems and assets, and interface categories will differ, but the process will still work.

Architecting Cyber-Physical Systems in the Age of the Industrial Internet

Amine Chigani, Joseph Salvo, Benjamin Beckmann, and Thomas Citriniti, GE Global Research

Background Cyber-physical systems (CPS) are large-scale, smart, networked systems. They are designed to interact with humans to provide real-time information. CPS systems are coming more and more online. The industrial internet is a conversion of the commercial ecosystem to the internet. How does this affect architecture practices?

  • Abstraction: A basic knowledge of the domain specific skills is required. So is a cross-discipline language and iconology. The architecture views have to cater to a broader audience.
  • Standards: Software is an important part of the architecture considerations, and it needs standards. Standards should hold the software accountable as well as other engineering disciplines.
  • Big data: The issue is at the edge; the systems generate huge amounts of data. How do we process them? There are a few options; either we ignore it and throw it away, process it at the generation, pass it away over the intranet, or use a hybrid option. We often want historical data for diagnostics to predict behavior in the future. One approach is the context-driven approach, where we decide what we store and save.
  • Cloud: One of the issues is scalability. We don't always use all resources all the time. There might be peaks, and there might be downsides. Benefits are the costs in up-front investments, since we don't need to spend on hardware. Issues are privacy concerns. The industry needs certifications and regulations for and in the cloud.
  • Engineering: For changes in design and development paradigms, the goal is to speed up the development processes.

Conclusion In the next 10 years, there will be changes in the industrial internet, which will apply the changes and technologies happening in the consumer internet.

About the Author

Bill Pollak

Contact Bill Pollak
Visit the SEI Digital Library for other publications by Bill
View other blog posts by Bill Pollak



We welcome comments with a wide range of opinions and views. To keep the conversation focused on topic, we reserve the right to moderate comments.

Add a Comment


Type the characters you see in the picture above.