Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Augmented Agile Delivery -
Agile Behaviour Meets
Digital Engineering
Dave Norton
Consortium for
Information & Software
Qua...
It’s a Complex World – And Not Getting Any
Simpler
We Need Continuous Delivery Of Features To Stay Ahead
http://giphy.com/gifs/KW3nydTAyPaU0
Learning to Play on a VUCA Pitch
Volatility
Uncertainty
Complexity
Ambiguity
Understand How The Modes Relate and Interact
Stacey Model
The Theory Bit - Models Of Complexity
The Cynefin framework
Adjust Your Decisions Making Process To Fit The Situation
“Decisions without actions are pointless. Actions
without decisi...
©2019 CISQ 7
So We Are Turning To
Digital Engineering
©2019 CISQ 8
Building Information
Modelling
With BIM (Building Information Modeling) technology, one
or more accurate virt...
©2019 CISQ 9
USS Gerald R. Ford
(CVN-78)
First ship to be fully designed using
3D-Models. Has saved the Navy $4
Billion in...
©2019 CISQ 10
Digital Dentistry
“Direct digital impression technique was statistically more
accurate, they showed signific...
Digital Twins
So Augmented Agile Is Agile Plus …..
©2019 CISQ 12
MBSE
AI/ML
Enterprise
Agile
Digital
Twins
Cyber
Physical
Systems
SoSE
D...
So Augmented Agile Is Agile Plus …..
©2019 CISQ 13
MBSE
AI/ML
Enterprise
Agile
Digital
Twins
Cyber
Physical
Systems
SoSE
D...
Re-evaluating MBSE in the context of agile and digital
twins to support complex business ecosystems from
strategy to imple...
©2019 CISQ 15
Myth - Agile and MBSE Don’t Mix
©2019 CISQ 16
Traffic Flow
Automotive
(Various)
Mobile
Device (s)
Payment
Systems
Ground
Water Sensor
Automatic
Beer Stock...
©2019 CISQ 17
Traffic Flow
Control
Automotive
(Various)
Mobile
Device (s)
Payment
Systems
Ground
Water Sensor
Automatic
Be...
©2019 CISQ
19
Real World
Digital
Cyber-Physical
Instrument
Collect
©2019 CISQ
20
Real World Digital
Ontology
©2019 CISQ
22
<<service>>
Order
<<service>> Customer
getTodaysStockLevel
confirmCustomer
getEstShipDate
validatePayment
<<...
©2019 CISQ 23
Traffic Flow
Automotive
(Various)
Mobile
Device (s)
Payment
Systems
Ground
Water Sensor
Automatic
Beer Stock...
©2019 CISQ 24
Local Council
Automotive
Manufactures
Mobile
Operators
Banking
Systems
Environmental
Agency
Brewery
Police
H...
©2019 CISQ
25
<
<
s
e
r
v
i
c
e
>
>
O
r
d
e
r
<<s
ervi
ce>
>
Cust
ome
rgetTodaysStockLevel
confirmCustomer
getEstShipDate
...
System of Systems – Net Centric Warfare – Where it
all started
1 2
3
4
5
6
System of Systems – TeleHealthcare & TeleFitness
Out Patient
Mobile Device
Telecommunication
Network
Healthcare ProviderCa...
System of Systems – A Very Practical Example – Haiti
Disaster Response
OpenStreetMap
Satellite
Images
2000
Users
GPS
Aid W...
©2019 CISQ
29
MBSE Ontology Holt & Perry
Devils in the Detail
©2019 CISQ
30
<<service>> Order <<service>> Customer
getTodaysStockLevel
confirmCustomer
getEstShipDate
validatePayment
<<...
The Manifesto for Agile Software Development
1.Customer satisfaction by early and continuous delivery of valuable software...
When dealing with complex mission critical systems
in a system of systems environment (Smart city’s,
open banking, healthc...
MBSE
©2019 CISQ 34
Model Based Systems Engineering
Methods
PracticesDecisions
Implementation
Frameworks
CPS
SoS
Social
Abstract...
MBSE
TOOLS
PEOPLE
TRAININGEFFORT
Modeling is a
nice to have
We don’t
have the time
Its vendor
hype
Its too complex
Always ...
“MBSE is the old way, agile is much faster”
©2019 CISQ 37
Model It Tom Cut It Joe
©2019 CISQ 38
VS
Tom
Joe
©2019 CISQ 39
Model It Tom
What will the
performance be ?
Cut It Joe
We can run
simulation against
the model based on
real...
©2019 CISQ 40
Model It Tom
What will happen if
we change a
component?
Cut It Joe
The model will show
how the behavior and
...
©2019 CISQ 41
Model It Tom
How will we do
threat analysis ?
Cut It Joe
We can red team and
run threat model, and
even use ...
©2019 CISQ 42
Model It Tom
What will be the total
cost of ownership ?
Cut It Joe
We can assign
operating effort and
costs ...
©2019 CISQ 43
It is not black and white. It depends on
complexity and mission criticality
“MBSE Models are to generic, you still need
to write a lot of code
©2019 CISQ 45
General Development Concepts
General Syntax and Semantics
Standard Meta-Model
General Graphical Notation
Lev...
©2019 CISQ 46
General Development Concepts
General Syntax and Semantics
Standard Meta-Model
General Graphical Notation
Lev...
©2019 CISQ 47
1. Structure 2. Behavior
3. Requirements 4. Parametrics
Analysis
Models
Requirements
V&V
Models
Hardware
Mod...
©2019 CISQ 48
UML Profile for BPMN Processes BPMNProfile™
UML Profile for Enterprise Distributed Object Computing EDOC™
UM...
©2019 CISQ
49
<<service>> Order <<service>> Customer
getTodaysStockLevel
confirmCustomer
getEstShipDate
validatePayment
<<...
©2019 CISQ 50
Domain Ontology
General & Domain Semantics
General & Domain Graphical Notation
Extended Meta-Model
Conceptua...
©2019 CISQ 51
Hi-Fidelity MBSE
Models Have Greater
Value and Utility
“MBSE Models require centralized modeling
and BDUF. It is Waterfull”
©2019 CISQ 53
Event Window
Event: Order Notification
Active Order
[validOrder] OrderNotification
Event: Line Item Picked (...
©2019 CISQ 54
Warehousing
Squad
Payment
Squad
Dispatch
Squad
Event Bus
Event Driven Architecture
and Microservices Allow
F...
©2019 CISQ 55
System Models Can Be
Developed Incrementally,
Feature by Feature
“Models can not help when we are dealing
with legacy systems”
©2019 CISQ 57
WSDL Java/C# XML DB
<asp:DataGrid
id="DataGrid1"
</asp:DataGrid>
Scripts
StockCheck
Inventory
<<service>>
St...
©2019 CISQ 58
It is a myth Agile and MBSE
don’t mix.
Agile MBSE works, and is
being used today.
©2019 CISQ 59
Questions
• Is the goal clear?
• Level of urgency
• Who is involved?
• Complexity
• Information source
• Pot...
2. Treat Digital Twins and Agile MBSE as System of Systems
(SoS) Governance Challenge.
• Directed — The SoS is created and...
Acknowledged, Collaborative & Virtual - BUT NOT Directed
Factors
beyond your
influence
Factors you
you can
influence
Facto...
©2019 CISQ 62
3. Mesh the Models for Optimum Decision Making — Mind the Gap
Real-Time
Transformation
Models
Models
"Meshed...
4. Adopt Architecture Runway For Major Models — Just in Time, Not
Just to Late
Core Models
Architecture
Story's Backlog
Co...
4. Adopt Architecture Runway For Major Models — Just in Time, Not
Just to Late
SAFe has the
concept of MBSE.
You can use M...
©2019 CISQ 65
5. Informal and Unofficial Knowledge Is a Factor — Go See 現場
(Genba)
Knowledge Type Definition
Unofficial Po...
©2019 CISQ 66
No Return To The Bad Old Days
Waterfall Central Control
So Where Does All This
Agile Systems Engineering
Get Us ?
©2019 CISQ 68
Rules
Strategy
Business Dashboards
Fly-By-Wire
©2019 CISQ 69
Organization Flight Envelope
Business Dashboards
WARNING UNSAFE MANEUVER
©2019 CISQ 70
Sadly, Reality Is Often Different!!!
Re-evaluating MBSE in the context of agile and digital
twins to support complex business ecosystems from
strategy to imple...
Drive for Velocity
Everyone wants faster time to market,
but few want to hear about the risks
Complex Toolchains
•Production metrics, objects and feedback
•Requirements
•Business metrics
•Update release metrics
•Rele...
Increasing Technical Debt
Software Quality Iceberg (Code Complete, Steve McConnell)
Code complexity
Maintainability
Intern...
Greater Reliance on Suppliers
Hope is not a
strategy
Quality
Productivity
Security
Cost
The Nine-Digit Glitch
Board of Directors
CEO, COO, CFO
Business VPs
Corporate
Auditors
CIO
Now affect Accountable for
Gove...
Lets Learn From The Past
As industry's mature they automate, from robots
to fly-by-wire
Standards
Question – What's
your favourite
standard ?
We built this city, we built this city on rock an' roll
We Need Standards We Can Implement
We Need Standards We Can Implement
We built this city, we built this city on rock an' roll
ISO 25010 Software Quality Model
• Functionality - "A set of attributes that bear on the existence of a set of functions a...
ISO 25010 In Structural Code Analysis
• OWASP Top 10 Vulnerabilities—most critical web application security risks – CWEs &...
CISQ Structural Quality Measures
Example architectural and
coding weaknesses included in
the CISQ measures
• SQL injection...
CISQ/OMG Standards Process
CISQ
Executive
Forums
Automated
Function Points
Reliability
Performance
Efficiency
Security
Mai...
Sample RFP CISQ has been referenced by the U.S. General Services
Administration (GSA), formally citing CISQ requirements i...
Standards Are Only Effective If Implemented
We have to deal with the risk link - people.
Focus on Culture and Behavior
• Don’t expect everyone to like
automation, some people just
like doing it the hard way
• In...
Develop The Correct Skills
Process
Design
Scripting
Toolchain
Integration
Standards
Definition
Obtain Commitment From The Team
Product
Backlog
Risk
Backlog
[Requirements, Policy's, Definition of Done]
Compliance
Offic...
Certify The Environment, Don’t Assume
Product
Backlog
Risk
Backlog
[Requirements, Policy's, Definition of Done]
Complianc
...
Have a virtual quality and security assistant
?
!
?
Chatbot integrated
into the toolchain
Gamify - Link Automation to Autonomy
Autonomy
Time of
Deployments
Intra-day
allowed
After hours and
on weekends
Frequency ...
Stay in Control of Quality With Agile Governance
• Communities of
Practice
• Toolchain
Consistency
• Tools Register
• Auto...
Link Automation to KPI, and Set Targets
• Feature throughput
• Lead-time/Cycle-time
• IT Downtime
• Business Downtime
• Pe...
Focus on Outcomes
Business
Outcomes
Higher
Productivity
Grater
Agility
Improves
Quality
Reduces
Risk
©2019 CISQ 97
Thank You
Any Questions ?
Augmented Agile: Agile Behavior Meets Digital Engineering
Upcoming SlideShare
Loading in …5
×

Augmented Agile: Agile Behavior Meets Digital Engineering

Agile2019 presentation
David Norton, Executive Director, CISQ

The human aspect that has been at the heart of agile success since its inception may well be its Achilles heel when it comes to scaling, and dealing with complex mission-critical environments; indeed, this sentiment has been used by many agile detractors. However, this does not have to be the case and could be the catalyst for an enhanced form of agile that combines the best of agile values and behaviour with modern systems engineering practices.
Next-generation agile will have to leverage unprecedented levels of automation from inception to implementation, and beyond. Techniques such as Model-Based Systems Engineering (MBSE), and Continuous Quality will enable digital twins augmented with AI and IoT sensor feedback, allowing developers to work with increasing levels of complexity in a safe and secure way - without sacrificing agile principles.
This interactive session will focus on a number of interrelated topics to help delegates formulate a strategy for next-generation agile engineering practices, including the following:
Tackling the problem of quality at speed, agile at scale with the correct application of relevant guidelines and standards to form a solid foundation to build on.
Re-evaluating MBSE in the context of agile and digital twins to support complex business ecosystems from strategy to implementation.
Dealing with human factors in the engineering process as we increase automation - when do we augment and when do we remove human actor.

Learning Outcomes:
How to maximise automation within agile and the DevOps toolchain with a strategy that takes advantage of emerging standards and best practices.
How to combine human-centric approaches such as design thinking and hypothesis- driven development with AI and IoT to improve the customer experience and innovation.
How to increase velocity and reduce lead time without sacrificing quality or generating high levels of technical debt.
How engineering methods such as Model-Based Systems Engineering and Systems of Systems Engineering combined with agile can tackle complex business ecosystems.

  • Be the first to comment

  • Be the first to like this

Augmented Agile: Agile Behavior Meets Digital Engineering

  1. 1. Augmented Agile Delivery - Agile Behaviour Meets Digital Engineering Dave Norton Consortium for Information & Software Quality
  2. 2. It’s a Complex World – And Not Getting Any Simpler
  3. 3. We Need Continuous Delivery Of Features To Stay Ahead http://giphy.com/gifs/KW3nydTAyPaU0
  4. 4. Learning to Play on a VUCA Pitch Volatility Uncertainty Complexity Ambiguity
  5. 5. Understand How The Modes Relate and Interact Stacey Model The Theory Bit - Models Of Complexity The Cynefin framework
  6. 6. Adjust Your Decisions Making Process To Fit The Situation “Decisions without actions are pointless. Actions without decisions are reckless.” ― John Boyd
  7. 7. ©2019 CISQ 7 So We Are Turning To Digital Engineering
  8. 8. ©2019 CISQ 8 Building Information Modelling With BIM (Building Information Modeling) technology, one or more accurate virtual models of a building are constructed digitally. They support design through its phases, allowing better analysis and control than manual processes. When completed, these computer-generated models contain precise geometry and data needed to support the construction, fabrication, and procurement activities through which the building is realized.”
  9. 9. ©2019 CISQ 9 USS Gerald R. Ford (CVN-78) First ship to be fully designed using 3D-Models. Has saved the Navy $4 Billion in ownership costs
  10. 10. ©2019 CISQ 10 Digital Dentistry “Direct digital impression technique was statistically more accurate, they showed significantly better inter-proximal contact”
  11. 11. Digital Twins
  12. 12. So Augmented Agile Is Agile Plus ….. ©2019 CISQ 12 MBSE AI/ML Enterprise Agile Digital Twins Cyber Physical Systems SoSE DevOps Trustworth iness Ethics Bots Standards Big Data Social Theory Self- Determinati on Theory
  13. 13. So Augmented Agile Is Agile Plus ….. ©2019 CISQ 13 MBSE AI/ML Enterprise Agile Digital Twins Cyber Physical Systems SoSE DevOps Trustworth iness Ethics Bots Standards Big Data Social Theory Self- Determinati on Theory
  14. 14. Re-evaluating MBSE in the context of agile and digital twins to support complex business ecosystems from strategy to implementation. Tackling the problem of quality at speed, agile at scale with the correct application of relevant guidelines and standards to form a solid foundation to build on. ©2019 CISQ 14
  15. 15. ©2019 CISQ 15 Myth - Agile and MBSE Don’t Mix
  16. 16. ©2019 CISQ 16 Traffic Flow Automotive (Various) Mobile Device (s) Payment Systems Ground Water Sensor Automatic Beer Stocking Enforcement Dementia Care TrackingParking Sensors
  17. 17. ©2019 CISQ 17 Traffic Flow Control Automotive (Various) Mobile Device (s) Payment Systems Ground Water Sensor Automatic Beer Stocking Enforcement Dementia Care Tracking
  18. 18. ©2019 CISQ 19 Real World Digital Cyber-Physical Instrument Collect
  19. 19. ©2019 CISQ 20 Real World Digital
  20. 20. Ontology
  21. 21. ©2019 CISQ 22 <<service>> Order <<service>> Customer getTodaysStockLevel confirmCustomer getEstShipDate validatePayment <<service>> Payment StockCheck Inventory <<service>> Stock <<Component>> Warehouse <<Service>> StockMan <<Component>>StockUpDate Order Management Customer Order Line Items Address BillingShipping Account Payment Method Domain Model Preparing Cancelled Fulfilled Model of Real World, But Not The Real World Ontology as a philosophical discipline aims at developing a system of general categories, the relationships between them and the rules that govern them which together form a theory of reality. OMG • Instances or objects • Classes • Attributes • Relations • Function • Restrictions • Rules • Axioms
  22. 22. ©2019 CISQ 23 Traffic Flow Automotive (Various) Mobile Device (s) Payment Systems Ground Water Sensor Automatic Beer Stocking Enforcement Dementia Care TrackingParking Sensors
  23. 23. ©2019 CISQ 24 Local Council Automotive Manufactures Mobile Operators Banking Systems Environmental Agency Brewery Police Health TrustPrivate car park operator Apps Owners
  24. 24. ©2019 CISQ 25 < < s e r v i c e > > O r d e r <<s ervi ce> > Cust ome rgetTodaysStockLevel confirmCustomer getEstShipDate validatePay ment <<s ervi ce> > Pa ym ent Sto ckC hec k Inventory <<servi ce>> Stock <<Component>> Warehouse <<Service>> StockMan <<Component>>Stoc kUp Date Order Management Customer Order Line Items Address BillingShipping Accou nt Pay me nt Met hod Domain Model Preparing Cancelled Fulfilled Digital Ecosystem < < s e r v i c e > > O r d e r < < s er vi c e > > C u st o m er getTodaysStockLevel confirmCustomer getEstShipDate validate Paymen t < < s e r v i c e > > P a y m e n t S t o c k C h e c k Inventory <<se rvice >> Stoc k <<Component>> Warehouse <<Service>> StockMan <<Component>>St oc kU pD at e Order Management Customer Order Line Items Address BillingShipping Acc ount P a y m e nt M et h o d Domain Model Preparing Cancelled Fulfilled < < s e r v i c e > > O r d e r < < s e r v i c e > > C u s t o m e r getTodaysStockLevel confirmCustomer getEstShipDate valid ateP aym ent < < s e r v i c e > > P a y m e n t S t o c k C h e c k Inventory < < s e r vi c e > > S t o c k <<Component>> Warehouse <<Service>> StockMan <<Component>>S t o c k U p D a t e Order Management Customer Order Line Items Address BillingShipping A c c o u n t P a y m e n t M e t h o d Domain Model Preparing Cancelled Fulfilled < < s e r v i c e > > O r d e r < < s e r v i c e > > C u s t o m e r getTodaysStockLevel confirmCustomer getEstShipDate va lid at eP ay m en t < < s e r v i c e > > P a y m e n t S t o c k C h e c k Inventory < < s e r v i c e > > S t o c k <<Component>> Warehouse <<Service>> StockMan <<Component>>S t o c k U p D a t e Order Management Customer Order Line Items Address BillingShipping A c c o u n t P a y m e n t M e t h o d Domain Model Preparing Cancelled Fulfilled A Digital Ecosystem Is A System of Systems Finance Health Retail Government
  25. 25. System of Systems – Net Centric Warfare – Where it all started 1 2 3 4 5 6
  26. 26. System of Systems – TeleHealthcare & TeleFitness Out Patient Mobile Device Telecommunication Network Healthcare ProviderCardiovascular Monitor Application Local Doctor Patient System Emergency Services
  27. 27. System of Systems – A Very Practical Example – Haiti Disaster Response OpenStreetMap Satellite Images 2000 Users GPS Aid Workers Event 12 H 24 H "Over just a few days, it saved me and my driver from getting lost twice, and the alternative would have been long delays. We are running fast trying to help people and your work makes it easier.“ Kjeld Jensen - Red Cross 1 2 3 4
  28. 28. ©2019 CISQ 29 MBSE Ontology Holt & Perry Devils in the Detail
  29. 29. ©2019 CISQ 30 <<service>> Order <<service>> Customer getTodaysStockLevel confirmCustomer getEstShipDate validatePayment <<service>> Payment StockCheck Inventory <<service>> Stock <<Component>> Warehouse <<Service>> StockMan <<Component>>StockUpDate Order Management Customer Order Line Items Address BillingShipping Account Payment Method Domain Model Preparing Cancelled Fulfilled Physical World Digital World Ontology Reflects Realty Realty Drives the Ontology
  30. 30. The Manifesto for Agile Software Development 1.Customer satisfaction by early and continuous delivery of valuable software. 2.Welcome changing requirements, even in late development. 3.Deliver working software frequently (weeks rather than months) 4.Close, daily cooperation between business people and developers 5.Projects are built around motivated individuals, who should be trusted 6.Face-to-face conversation is the best form of communication (co-location) 7.Working software is the primary measure of progress 8.Sustainable development, able to maintain a constant pace 9.Continuous attention to technical excellence and good design 10.Simplicity—the art of maximizing the amount of work not done—is essential 11.Best architectures, requirements, and designs emerge from self-organizing teams 12.Regularly, the team reflects on how to become more effective, and adjusts accordingly
  31. 31. When dealing with complex mission critical systems in a system of systems environment (Smart city’s, open banking, healthcare) it not always possible to have daily cooperation and Face-to-face conversation with the key stakeholders. Not good, but reality of life
  32. 32. MBSE
  33. 33. ©2019 CISQ 34 Model Based Systems Engineering Methods PracticesDecisions Implementation Frameworks CPS SoS Social Abstraction Algorithms Risk Support Process Syntax Semantics Viewpoints Ontology Authoritative Collaboration Planning Analysis Maturity Models Engineering Operational
  34. 34. MBSE TOOLS PEOPLE TRAININGEFFORT Modeling is a nice to have We don’t have the time Its vendor hype Its too complex Always ends up in analysis paralyses Its too formal and we need to be agile We don’t have the cash Requires Process/Org Change $ $ $ $
  35. 35. “MBSE is the old way, agile is much faster”
  36. 36. ©2019 CISQ 37 Model It Tom Cut It Joe
  37. 37. ©2019 CISQ 38 VS Tom Joe
  38. 38. ©2019 CISQ 39 Model It Tom What will the performance be ? Cut It Joe We can run simulation against the model based on real data We can make an estimate from the design and architecture, then look at the MVP
  39. 39. ©2019 CISQ 40 Model It Tom What will happen if we change a component? Cut It Joe The model will show how the behavior and structure of the system will be impacted We can run a spike to look at the impact or even develop another MVP
  40. 40. ©2019 CISQ 41 Model It Tom How will we do threat analysis ? Cut It Joe We can red team and run threat model, and even use AI to look for new attack vectors. We can red team and review against the design and architecture, then verify the code.
  41. 41. ©2019 CISQ 42 Model It Tom What will be the total cost of ownership ? Cut It Joe We can assign operating effort and costs to the model then analyze the results. We can make assumption about the design and architecture, but will have to wait to the implementation to be sure.
  42. 42. ©2019 CISQ 43 It is not black and white. It depends on complexity and mission criticality
  43. 43. “MBSE Models are to generic, you still need to write a lot of code
  44. 44. ©2019 CISQ 45 General Development Concepts General Syntax and Semantics Standard Meta-Model General Graphical Notation LevelofAbstraction Business SolutionSpace HW&SW ProblemDomain Conceptual Gap MBSE Using General Purpose Languages All these models and we still get the requirements wrong, and I still have to write the hard code and tests. Automated Implementation Non-Automated
  45. 45. ©2019 CISQ 46 General Development Concepts General Syntax and Semantics Standard Meta-Model General Graphical Notation LevelofAbstraction Business SolutionSpace HW&SW ProblemDomain Conceptual Gap MBSE Using General Purpose Languages Automated Implementation Non-Automated “What if we add domain information, and add quality and testing needs”
  46. 46. ©2019 CISQ 47 1. Structure 2. Behavior 3. Requirements 4. Parametrics Analysis Models Requirements V&V Models Hardware Models Software Models System Model OMG SysML Narrowing the Conceptual Gap
  47. 47. ©2019 CISQ 48 UML Profile for BPMN Processes BPMNProfile™ UML Profile for Enterprise Distributed Object Computing EDOC™ UML Profile for MARTE MARTE UML Profile for NIEM NIEM-UML™ UML Profile for Modeling QoS and FT QFTP Software Radio Components SDRP™ UML Profile for System on a Chip SoCP™ UML Profile for Schedulability, Performance, & Time SPTP™ UML Profile for Telecommunication Services TelcoML™ SES Management TelcoML Extension TelcoML-SES™ UML Profile for ROSETTA UPR UML Testing Profile 2 UTP2 UML Profile for Voice-based Applications Example UML Profiles
  48. 48. ©2019 CISQ 49 <<service>> Order <<service>> Customer getTodaysStockLevel confirmCustomer getEstShipDate validatePayment <<service>> Payment StockCheck Inventory <<service>> Stock <<Component>> Warehouse <<Service>> StockMan <<Component>>StockUpDate Order Management Customer Order Line Items Address BillingShipping Account Payment Method Domain Model Preparing Cancelled Fulfilled The Model is Marked up ready for transformation, Architect (Model element mapping ) Physical World System Model
  49. 49. ©2019 CISQ 50 Domain Ontology General & Domain Semantics General & Domain Graphical Notation Extended Meta-Model Conceptual Gap? MBSE Using General Purpose Languages MBSE Using Domain Specific Languages General Development Concepts General Syntax and Semantics Standard Meta-Model General Graphical Notation Automated Implementation LevelofAbstraction Business SolutionSpace HW&SW ProblemDomain Conceptual Gap Non-Automated Automated Implementation Non-Automated
  50. 50. ©2019 CISQ 51 Hi-Fidelity MBSE Models Have Greater Value and Utility
  51. 51. “MBSE Models require centralized modeling and BDUF. It is Waterfull”
  52. 52. ©2019 CISQ 53 Event Window Event: Order Notification Active Order [validOrder] OrderNotification Event: Line Item Picked (1 of 3) Preparing Order Exit: [if hold false] RaiseEvent - OrderPrepared LineItemPicked (1 of 3) LineItemPicked (2 of 3) Event: Line Item Picked (2 of 3) Event: Line Item Picked (3 of 3) Hold LineItemOutofStock Event: Line Item Restock LineItemRestock Event: Line Item Out Of Stock LineItemPicked (3 of 3) Dispatch Event: Order Prepared [BillingSuccessful] Event: Billing Successful Order Fulfilled Event: Order Delivered OrderDelivered Cancelled Invoicing Customer Invoice Paid Entry: RaiseEvent – Billing Successful [non Account] OrderPrepared PaymentReceived Payment Squad Warehousing Squad Event: Payment Received Ready to Ship OrderPreparedDispatch Squad
  53. 53. ©2019 CISQ 54 Warehousing Squad Payment Squad Dispatch Squad Event Bus Event Driven Architecture and Microservices Allow For Smaller Decoupled System Models API API API
  54. 54. ©2019 CISQ 55 System Models Can Be Developed Incrementally, Feature by Feature
  55. 55. “Models can not help when we are dealing with legacy systems”
  56. 56. ©2019 CISQ 57 WSDL Java/C# XML DB <asp:DataGrid id="DataGrid1" </asp:DataGrid> Scripts StockCheck Inventory <<service>> Stock <<Component>> Warehouse <<Service>> StockMan <<Component>> StockUpDate Order Management Legacy System Model Customer Order Line Items Address BillingShipping Account Payment Method Domain Model New System Model T T ERP AppsCRM T Legacy Applications Conceptual Model System Use Case System Use Case BuyerSupplier Send Order Take Order Send Order Error Receive Order Error Send Order Responce Recive Order Respone Dispatch Order EA Repository Architecture Viewpoints TechnicalInformation Implementation Logical Conceptual Business Model Repository
  57. 57. ©2019 CISQ 58 It is a myth Agile and MBSE don’t mix. Agile MBSE works, and is being used today.
  58. 58. ©2019 CISQ 59 Questions • Is the goal clear? • Level of urgency • Who is involved? • Complexity • Information source • Potential bias • Frequency • Data presentation • Later justification ISO/IEC 42010 1. Understand You Stakeholders, Their Concerns and Questions
  59. 59. 2. Treat Digital Twins and Agile MBSE as System of Systems (SoS) Governance Challenge. • Directed — The SoS is created and managed to fulfill specific purposes and the other systems are subordinated to the SoS. The component systems maintain an ability to operate independently; however, their design and operationalization are subordinated to the central SoS goal. • Acknowledged — The SoS has recognized and agreed objectives, joint governance mechanism and resources for the SoS implementation; however, the supporting systems retain their independent ownership, objectives, funding, and development and sustainment approaches. • Collaborative — The component systems interact more or less voluntarily to achieve agreed upon central purposes. The central players collectively decide how to provide value and desired outcomes. • Virtual — The SoS has no central governance authority or a centrally agreed upon purpose for the SoS. Large-scale behavior emerges — and may or may not be desirable.
  60. 60. Acknowledged, Collaborative & Virtual - BUT NOT Directed Factors beyond your influence Factors you you can influence Factors you control Digital business model exist in a complex environment. • Pace of new technically • More cyber-physical devices • Ambiguity on regulation • Uncertainty of API strategies • Less time to respond • Less control over the value stream. • Lower barriers to entry allow new entrants and fast followers.
  61. 61. ©2019 CISQ 62 3. Mesh the Models for Optimum Decision Making — Mind the Gap Real-Time Transformation Models Models "Meshed" Policy Strategy Capability Programs Services Operations Capability Analysis Behavior Structure Organization Process Information Model Need to Be Linked; a Change In One Triggers Changes In the Others
  62. 62. 4. Adopt Architecture Runway For Major Models — Just in Time, Not Just to Late Core Models Architecture Story's Backlog Components, Frameworks, Libraries, Adaptors) Features Architecture Model Epics and Story's Local Sub System Models Product Backlog
  63. 63. 4. Adopt Architecture Runway For Major Models — Just in Time, Not Just to Late SAFe has the concept of MBSE. You can use MBSE without a enterprise agile framework, but it is harder.
  64. 64. ©2019 CISQ 65 5. Informal and Unofficial Knowledge Is a Factor — Go See 現場 (Genba) Knowledge Type Definition Unofficial Policy Actions that are carried out because they have become part of the group psyche but not documented policy Shadow Process Unofficial processes or sub-processes that are enacted in place of the official process Informal (Shadow) Organization Chain of command or structure used when the formal structure is deficient or where there's a desire to circumvent it Filling In the Gaps Knowledge on areas not addressed formally or addressed at the wrong level of detail Driven by Innovation Knowledge or practices that have emerged and have yet to be formally captured
  65. 65. ©2019 CISQ 66 No Return To The Bad Old Days Waterfall Central Control
  66. 66. So Where Does All This Agile Systems Engineering Get Us ?
  67. 67. ©2019 CISQ 68 Rules Strategy Business Dashboards Fly-By-Wire
  68. 68. ©2019 CISQ 69 Organization Flight Envelope Business Dashboards WARNING UNSAFE MANEUVER
  69. 69. ©2019 CISQ 70 Sadly, Reality Is Often Different!!!
  70. 70. Re-evaluating MBSE in the context of agile and digital twins to support complex business ecosystems from strategy to implementation. Tackling the problem of quality at speed, agile at scale with the correct application of relevant guidelines and standards to form a solid foundation to build on. ©2019 CISQ 71
  71. 71. Drive for Velocity Everyone wants faster time to market, but few want to hear about the risks
  72. 72. Complex Toolchains •Production metrics, objects and feedback •Requirements •Business metrics •Update release metrics •Release plan, timing and business case •Security policy and requirement •Design of the software and configuration •Coding including code quality and performance •Software build and build performance •Release candidate •Acceptance testing •Regression testing •Security and vulnerability analysis •Performance •Configuration testing •Approval/preapprovals •Package configuration •Triggered releases •Release staging and holding •Infrastructure storage, database and network provisioning and configuring •Application provision and configuration. •Performance of IT infrastructure •End-user response and experience •Production metrics and statistics •Application monitoring
  73. 73. Increasing Technical Debt Software Quality Iceberg (Code Complete, Steve McConnell) Code complexity Maintainability Internal Coupling Functional Size Redundant code Testability External Coupling Operating Cost Maintenance Cost Reliability Performance Business Value
  74. 74. Greater Reliance on Suppliers Hope is not a strategy Quality Productivity Security Cost
  75. 75. The Nine-Digit Glitch Board of Directors CEO, COO, CFO Business VPs Corporate Auditors CIO Now affect Accountable for Governance Risk management Business Continuity Brand protection Customer experience Nine Digit Defects Cyber incidents see a 1087% increase year on year (RSM research).
  76. 76. Lets Learn From The Past As industry's mature they automate, from robots to fly-by-wire
  77. 77. Standards
  78. 78. Question – What's your favourite standard ?
  79. 79. We built this city, we built this city on rock an' roll We Need Standards We Can Implement
  80. 80. We Need Standards We Can Implement We built this city, we built this city on rock an' roll
  81. 81. ISO 25010 Software Quality Model • Functionality - "A set of attributes that bear on the existence of a set of functions and their specified properties. The functions are those that satisfy stated or implied needs." • Reliability - "A set of attributes that bear on the capability of software to maintain its level of performance under stated conditions for a stated period of time.” • Usability - "A set of attributes that bear on the effort needed for use, and on the individual assessment of such use, by a stated or implied set of users." • Efficiency - "A set of attributes that bear on the relationship between the level of performance of the software and the amount of resources used, under stated conditions.” • Maintainability - "A set of attributes that bear on the effort needed to make specified modifications." • Portability - "A set of attributes that bear on the ability of software to be transferred from one environment to another."
  82. 82. ISO 25010 In Structural Code Analysis • OWASP Top 10 Vulnerabilities—most critical web application security risks – CWEs & CVEs • OWASP Application Security Verification Std v4.0 – 14 categories guide automated unit & integration tests – most all verification checks have corresponding CWEs • SANS/CWE Top 25 — most commonly encountered cyber weakness enumerators (CWEs), • CISQ Object Management Group (OMG) Automated Source Code Measures for technical debt & structural quality (Security, Reliability, Performance Efficiency & Maintainability) – all based on CWEs
  83. 83. CISQ Structural Quality Measures Example architectural and coding weaknesses included in the CISQ measures • SQL injection • Cross-site scripting • Buffer overflow • Empty exception block • Unreleased resources • Circular dependency • Expensive loop operation • Un-indexed data access • Unreleased memory • Excessive coupling • Dead code • Hard-coded literals CISQ Structural Quality Measures Security 22 weaknesses (Top 25 CWEs) Reliability 29 weaknesses Performance Efficiency 15 weaknesses Maintainability 20 weaknesses An international team of experts selected the weaknesses to include in CISQ measures based on the severity of their impact on operational problems or cost of ownership. Only weaknesses considered severe enough that they must be remediated were included in the CISQ measures. CISQ Structural Quality measures are currently being extended to embedded systems software.
  84. 84. CISQ/OMG Standards Process CISQ Executive Forums Automated Function Points Reliability Performance Efficiency Security Maintainability OMG Approved Standards ISO Fasttrack Deployment Workshops OMG
  85. 85. Sample RFP CISQ has been referenced by the U.S. General Services Administration (GSA), formally citing CISQ requirements in a Information Technology (IT) statement of work from the Office of the CIO for the Office of Public Buildings. GSA is an independent agency of the U.S. government that supports general services of Federal agencies. See page 21, section 5.9 in GSA’s document, Schedule 70 Blank Purchase Agreement for IT and Development Services… “PB-ITS (Project Based IT Services) is seeking to establish code quality standards for its existing code base, as well as new development tasks. As an emerging standard, PB-ITS references the Consortium for IT Software Quality (CISQ) for guidance on how to measure, evaluate and improve software.” Working With Suppliers
  86. 86. Standards Are Only Effective If Implemented We have to deal with the risk link - people.
  87. 87. Focus on Culture and Behavior • Don’t expect everyone to like automation, some people just like doing it the hard way • Incentivize the behavior you want for the individual and team. • Have agreed metrics and KPI linked to automation. • Show results
  88. 88. Develop The Correct Skills Process Design Scripting Toolchain Integration Standards Definition
  89. 89. Obtain Commitment From The Team Product Backlog Risk Backlog [Requirements, Policy's, Definition of Done] Compliance Officer Team Product Owner Product Manager GRC Stores/Themes Compliance Strategy [Working software, documentation] Risk Log / Board Escalations GRC Questions Information “Radiator” Standards, Good Practice, Regulations
  90. 90. Certify The Environment, Don’t Assume Product Backlog Risk Backlog [Requirements, Policy's, Definition of Done] Complianc e Officer Team Product Owner Product Manager GRC Stores/Themes Compliance Strategy [Working software, documentation] Risk Log / Board Escalations GRC Questions Information “Radiator” Standards, Good Practice, Regulations Automated Environment Certified Tool Team Align
  91. 91. Have a virtual quality and security assistant ? ! ? Chatbot integrated into the toolchain
  92. 92. Gamify - Link Automation to Autonomy Autonomy Time of Deployments Intra-day allowed After hours and on weekends Frequency of Deployments No limits on changes per today Few changes per week Change Advisory Board CAB for information purposes only CAB for all changes Freeze Periods Only exceptional change freeze periods apply All freeze periods apply Continuous Integration Environments Quality Assurance Incident Management Release Management Coding Practices Team A Level of Automation Team B
  93. 93. Stay in Control of Quality With Agile Governance • Communities of Practice • Toolchain Consistency • Tools Register • Automation Best Practice
  94. 94. Link Automation to KPI, and Set Targets • Feature throughput • Lead-time/Cycle-time • IT Downtime • Business Downtime • Percentage of task automated • Refactoring rate and cost
  95. 95. Focus on Outcomes Business Outcomes Higher Productivity Grater Agility Improves Quality Reduces Risk
  96. 96. ©2019 CISQ 97 Thank You Any Questions ?

×