SlideShare a Scribd company logo

Resp modellingintro

Download as PPTX, PDF
Ian Sommerville
Ian Sommerville

The document discusses responsibility modeling for socio-technical systems. It describes how responsibility models can be used to identify vulnerabilities in systems by clarifying agent responsibilities and information needs. The document presents examples of responsibility models for emergency response coordination and uses HAZOP analysis to identify potential failures based on deviations to information resources. The goal of responsibility modeling is to improve system dependability by facilitating analysis of social and organizational factors.

1 of 33
Responsibility modelling, LSCITS ENgD course, 2010 Slide 1 Responsibility Modelling in Socio- technical Systems Ian Sommerville St Andrews University
Responsibility modelling, LSCITS ENgD course, 2010 Slide 2 System dependability • General premise of our work is that a significant class of system ‘failures’ are due to inadequate consideration of social, organisational and cultural factors that affect the design and operation of a computer-based system • Often manifested as a misfit between a system and the organisation using that system, resulting in: – User interaction ‘errors’ – Unreliable and inefficient processes – Provision of incorrect or inappropriate information to system users
Responsibility modelling, LSCITS ENgD course, 2010 Slide 3 Socio-technical system failure • Failures are not just catastrophic events but normal, everyday system behaviour that disrupts normal work and that mean that people have to spend more time on a task than necessary • A system failure occurs when a direct or indirect user of a system has to carry out extra work, over and above that normally required to carry out some task, in response to some inappropriate system behaviour • This extra work constitutes the cost of recovery from system failure
Responsibility modelling, LSCITS ENgD course, 2010 Slide 4 Responsibility • A suitable abstraction for modelling the components and interactions of socio-technical systems of systems “A duty, held by some agent, to achieve, maintain or avoid some given state, subject to conformance with organisational, social and cultural norms.” • More abstract than goals or tasks (but...) • Not (too) concerned with different types of agents • Easier to express less formalised types of work • Easier to discuss with stakeholders
Responsibility modelling, LSCITS ENgD course, 2010 Slide 5 Responsibility as an Abstraction Responsibilities Goals Tasks Activities Functions ... “Financial Management” Improve Profitability by 5% over FY
Responsibility modelling, LSCITS ENgD course, 2010 Slide 6 Why responsibility? • System failures can result from misunderstandings about responsibilities and failures of people to discharge their responsibilities as expected • Responsibilities are high-level abstractions that define (informally) what is expected of a human or automated agent. No assumptions are made about how an agent will discharge its responsibilities • Responsibilities are natural abstractions that people can relate to and talk about – In system design, technical abstractions (such as objects) that are alien to system stakeholders are often used
Responsibility modelling, LSCITS ENgD course, 2010 Slide 7 Responsibility vulnerabilities • Unassigned responsibility • Duplicated responsibility • Uncommunicated responsibility • Misassigned responsibility • Responsibility overload • Responsibility fragility
Responsibility modelling, LSCITS ENgD course, 2010 Slide 8 What is a responsibility model? • A succinct definition of the responsibilities in a system, the agents who have been assigned these responsibilities and the resources that should be available to these agents in discharging their responsibilities.
Responsibility modelling, LSCITS ENgD course, 2010 Slide 9 Responsibility models • Simple graphical presentation that shows: – Responsibilities – Organisations/people/automated systems who are assigned specific responsibilities (agents) – Authority structures (where appropriate) i. e. information about accountability in an organisation – Responsibility dependencies – Information, and other resources required to discharge responsibilities
Responsibility modelling, LSCITS ENgD course, 2010 Slide 10 Types of responsibility models • Planning models – Describe the intended allocation of responsibilities in some situation – Define the agents who should discharge the responsibility – Set out the resources that are normally required to discharge a responsibility • Operational models – Planning models plus annotations that describe: • The agents that are actually assigned a responsibility • The resources that are actually used
Responsibility modelling, LSCITS ENgD course, 2010 Slide 11 Responsibility model notation Appoint Govt. Technical Advisor Declaration of Emergency Activate Central Nuclear Emergency Support Centre Activate Scottish Exec. Emergency Room Activate Site Emergency Control Centre <Site Emergency Controller> <Deputy Site Emergency Controller>, <<Scottish Executive>> <<Secretary of State>> Activate North Ayrshire Emergency Room <<Site Owner>> | Reactor Status Report |
Responsibility modelling, LSCITS ENgD course, 2010 Slide 12 Contingency Planning • Development of contingency scenarios and plans for coping with incidents • Plans can be for a generic contingency, or specific scenarios (e.g. flooding) • Single agency plans document resources, procedures etc to be utilised by the agency to discharge responsibilities • Inter-organisational plans document the responsibilities that each organisation holds and can expect others to discharge • Planning is evaluated through emergency exercises
Responsibility modelling, LSCITS ENgD course, 2010 Slide 13 Problems in Contingency Planning • Contingency plans are often verbose and rarely used during emergency responses • Misunderstandings occur between organisations regarding: – Who holds particular responsibilities – How responsibilities are interpreted • Circumstances may require unexpected agents to discharge responsibilities • The appropriate information may not be available to an agent for a responsibility to be discharged – E.g. Communication infrastructure or process failures
Responsibility modelling, LSCITS ENgD course, 2010 Slide 14 Coordination system for CP • Scenarios from a (socio-technical) coordination system for contingency management are used as the driver for our work • Each agency involved has its own C & C system and does not wish to invest in a shared C & C system for managing emergencies • System has to support – Joint planning – Sharing of information from different systems – Audit trail of actions taken during an emergency – Provision of information to managers in the field
Responsibility modelling, LSCITS ENgD course, 2010 Slide 15 Responsibility planning model Appoint Govt. Technical Advisor Declaration of Emergency Activate Central Nuclear Emergency Support Centre Activate Scottish Exec. Emergency Room Activate Site Emergency Control Centre <Site Emergency Controller>, <Deputy Site Emergency Controller> <<Scottish Executive>> <<Secretary of State>> Activate North Ayrshire Emergency Room <<Site Owner>> | Reactor Status Report |
Responsibility modelling, LSCITS ENgD course, 2010 Slide 16 Information resources Check on safety of vessels in incident area Broadcast Marine Safety Information<<MRCC Clyde>> | Navigation warnings | | Weather warnings | | Subfacts | | Gunfacts | | Alert Broadcast | | Incident information | << Police | NAECC Liaison Officer >> [ VHF Radio ] [ MF Radio ]
Responsibility modelling, LSCITS ENgD course, 2010 Slide 17 Responsibility modelling benefits • Responsibility models are a way of facilitating the analysis of responsibilities and discussing responsibilities across organisations • They support risk analysis and the identification of a class of potential vulnerabilities in a system • They serve as a means of identifying information requirements and help identify redundancy and diversity that should be planned for in a system • They may be useful as a means of documenting responsibilities and learning from experience
Responsibility modelling, LSCITS ENgD course, 2010 Slide 18 Information requirements • Requirements for information to be provided to agents to help them do their work, requirements for information sharing and access control and requirements for information that is to be generated • When systems are created by integrating and configuring existing systems, their behaviour is constrained. There is limited scope for defining the functionality of a system • We argue that, in such cases, a behavioural approach to requirements specification should be replaced by a focus on the information produced, consumed and shared by the agents in the system
Responsibility modelling, LSCITS ENgD course, 2010 Slide 19 Information analysis • We assume that the holder of a responsibility needs some information to discharge that responsibility • Information requirements are concerned with: – What: The information required – Where: The source of that information – How: The channel (or channels) through which that information is delivered – Structure: How the information is organised/should be organised – Presentation: How the information should be presented to a user of that information
Responsibility modelling, LSCITS ENgD course, 2010 Slide 20 Deriving information requirements • What information is required to discharge a responsibility? • Where does the information come from? • What channels are used to communicate this information? • What information is recorded in the discharge of this responsibility? • What channels are used to communicate the recorded information? • What are the consequences if the information is unavailable, inaccurate, incomplete, late, early, etc.?
Responsibility modelling, LSCITS ENgD course, 2010 Slide 21 Flood emergencies Flood forecasting Initiate Evacuation << Environment agency >> << Silver command >> | Flood warnings | Declare emergency << Local authority >>
Responsibility modelling, LSCITS ENgD course, 2010 Slide 22 Initiate Evacuation • Information requirements – Risk assessment showing properties at risk from predicted flooding, predicted times of flooding and the likelihood of flooding in specific areas (Environment agency, local authority) – Information about ‘special properties’ e.g. hospitals, care homes, schools, where the residents will require help to be evacuated (Local authority) – Availability of resources from emergency services and other agencies (Emergency services liaison officers)
Responsibility modelling, LSCITS ENgD course, 2010 Slide 23 Information analysis • Risk assessment – An assessment of the areas that are of risk from the flood and the probabilities of flooding in these areas (What info) – Based on flood warnings from environment agency and local knowledge (Where from) – Telephone, web, meetings (Channels) – Areas at risk and imminence of risk; Who made decision and what local knowledge used (What recorded) – Fax to silver command or meeting – Vulnerabilities - discussed later
Responsibility modelling, LSCITS ENgD course, 2010 Slide 24 Initiate evacuation Flood forecasting Risk Analysis Initiate Evacuation << Environment agency >> << Environment agency, Local authority >> << Silver command >> | Risk assessment | | Flood warnings | | Resource assessment | | Special properties |
Responsibility modelling, LSCITS ENgD course, 2010 Slide 25 Vulnerability analysis • The responsibility model reflects the understanding of an organisation about who is responsible for what and what that responsibility entails • Where multiple agencies are involved, there are likely to be discrepancies between their understanding of responsibility • Examining and comparing models allows us to identify: – Responsibility omissions - responsibilities that each organisation assumes are assigned to some other organisation or which are simply not assigned to any organisation – Responsibility misunderstandings - situations where different organisations understand a responsibility in different ways
Responsibility modelling, LSCITS ENgD course, 2010 Slide 26 HAZOPS • A HAZOPs-style ‘what if’ analysis can be applied to the information requirements for each responsibility – Analyses the robustness of the contingency plan in failure circumstances • Guide words were selected to query information channel failure for each requirement: [Do I mean this?] – Early – Late – Never – Inaccurate
Responsibility modelling, LSCITS ENgD course, 2010 Slide 27 HAZOPS Analysis
Responsibility modelling, LSCITS ENgD course, 2010 Slide 28 Evacuation responsibilities Inland Search and Rescue Arrange Transportation Initiate Evacuation Evacuation Collect Evacuee Information Establish Reception Centres Security Coordinate Evacuation << Silver command >> << District council >> << Fire service >><< County council >><< Police >>
Responsibility modelling, LSCITS ENgD course, 2010 Slide 29 Evacuation coordination Inland Search and Rescue Transportation Collect Evacuee Information Establish Reception Centres Coordinate Evacuation << District council >> << Fire service >> << Police >> << County council >> | Reception centre locations | | Evacuee list | | Assembly points |
Responsibility modelling, LSCITS ENgD course, 2010 Slide 30 HAZOPS Analysis
Responsibility modelling, LSCITS ENgD course, 2010 Slide 31 Deviations • HAZOPS style keyword/consequence method for assessing each information resource: • Example: Priority Premises Resource – Unavailable: Manual premises check required to see if vulnerable people to be evacuated. – Inaccurate: Manual premises check may be necessary. Possible delay in evacuation of vulnerable people. People may be left behind. – Incomplete: Possible delay in evacuation. – Late: Information has to be communicated to units in the field rather than at local coordination centre. – Early: No consequence.
Responsibility modelling, LSCITS ENgD course, 2010 Slide 32 Requirements Examples • The coordination system shall maintain a list of priority premises to be evacuated for each town in the local area. – This shall be updated by the local council when the coordination centre is established. (The premises list is maintained by the local government authority but may not be immediately available outside of normal working hours; While a central list may be out of date, it is better than nothing.) • The coordination centre system shall maintain a list of premises evacuated along with the time of evacuation and the units involved in the evacuation.
Responsibility modelling, LSCITS ENgD course, 2010 Slide 33 Conclusions Benefits of taking a responsibility perspective: • Naturalness – Responsibility is a natural object of discussion regarding organisations and systems • Scalability – Existing case studies are already sizable • User involvement – Several organisations interested in the modelling approach • Complementarity – Fit with existing conceptual frameworks, e.g. goals, tasks – Early stage RE

Recommended

Resilience and recovery
Resilience and recoveryResilience and recovery
Resilience and recovery
Ian Sommerville
 
Ultra Large Scale Systems
Ultra Large Scale SystemsUltra Large Scale Systems
Ultra Large Scale Systems
Ian Sommerville
 
Designing Complex Systems for Recovery (LSCITS EngD 2011)
Designing Complex Systems for Recovery (LSCITS EngD 2011)Designing Complex Systems for Recovery (LSCITS EngD 2011)
Designing Complex Systems for Recovery (LSCITS EngD 2011)
Ian Sommerville
 
Using ICT to support water sector monitoring
Using ICT to support water sector monitoringUsing ICT to support water sector monitoring
Using ICT to support water sector monitoring
David Schaub-Jones
 
Design a rule based expert system for eia
Design a rule based expert system for eiaDesign a rule based expert system for eia
Design a rule based expert system for eia
Er. rahul abhishek
 
6 computer systems
6 computer systems6 computer systems
6 computer systemshccit
 
CORE Group 2011 SixBlue Data
CORE Group 2011 SixBlue DataCORE Group 2011 SixBlue Data
CORE Group 2011 SixBlue Data
SixBlue Data
 
BA 257 C1.C2
BA 257 C1.C2BA 257 C1.C2
BA 257 C1.C2mattheweric
 

Recommended

Resilience and recovery
Resilience and recoveryResilience and recovery
Resilience and recovery
Ian Sommerville
 
Ultra Large Scale Systems
Ultra Large Scale SystemsUltra Large Scale Systems
Ultra Large Scale Systems
Ian Sommerville
 
Designing Complex Systems for Recovery (LSCITS EngD 2011)
Designing Complex Systems for Recovery (LSCITS EngD 2011)Designing Complex Systems for Recovery (LSCITS EngD 2011)
Designing Complex Systems for Recovery (LSCITS EngD 2011)
Ian Sommerville
 
Using ICT to support water sector monitoring
Using ICT to support water sector monitoringUsing ICT to support water sector monitoring
Using ICT to support water sector monitoring
David Schaub-Jones
 
Design a rule based expert system for eia
Design a rule based expert system for eiaDesign a rule based expert system for eia
Design a rule based expert system for eia
Er. rahul abhishek
 
6 computer systems
6 computer systems6 computer systems
6 computer systemshccit
 
CORE Group 2011 SixBlue Data
CORE Group 2011 SixBlue DataCORE Group 2011 SixBlue Data
CORE Group 2011 SixBlue Data
SixBlue Data
 
BA 257 C1.C2
BA 257 C1.C2BA 257 C1.C2
BA 257 C1.C2mattheweric
 
People & Organizational Issues in Health IT Implementation (March 25, 2019)
People & Organizational Issues in Health IT Implementation (March 25, 2019)People & Organizational Issues in Health IT Implementation (March 25, 2019)
People & Organizational Issues in Health IT Implementation (March 25, 2019)
Nawanan Theera-Ampornpunt
 
Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2Chonghua Yin
 
Dokas Issil2011
Dokas Issil2011Dokas Issil2011
Dokas Issil2011LUCA School of Arts
 
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Nawanan Theera-Ampornpunt
 
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Nawanan Theera-Ampornpunt
 
Artificial intelligence
Artificial intelligenceArtificial intelligence
Artificial intelligenceKitty Soso
 
Responsibility Modelling
Responsibility ModellingResponsibility Modelling
Responsibility Modelling
Ian Sommerville
 
Develop a logic model for the formative evaluation of a new progra
Develop a logic model for the formative evaluation of a new prograDevelop a logic model for the formative evaluation of a new progra
Develop a logic model for the formative evaluation of a new progra
LinaCovington707
 
It resource needsassessment
It resource needsassessmentIt resource needsassessment
It resource needsassessmentMARIUM NASIR
 
Responsibility modelling for socio-technical systems
Responsibility modelling for socio-technical systemsResponsibility modelling for socio-technical systems
Responsibility modelling for socio-technical systems
Ian Sommerville
 
Understanding Basic Risk Management System - Session 5 Managing Project Prep...
Understanding Basic Risk Management System - Session 5 Managing Project Prep...Understanding Basic Risk Management System - Session 5 Managing Project Prep...
Understanding Basic Risk Management System - Session 5 Managing Project Prep...
UNDP Climate
 
Complex project – or poorly scoped? - Dr Liz Varga
Complex project – or poorly scoped? - Dr Liz VargaComplex project – or poorly scoped? - Dr Liz Varga
Complex project – or poorly scoped? - Dr Liz VargaAssociation for Project Management
 
More Research Needed on Concurrent Usage of Information Systems during Emerge...
More Research Needed on Concurrent Usage of Information Systems during Emerge...More Research Needed on Concurrent Usage of Information Systems during Emerge...
More Research Needed on Concurrent Usage of Information Systems during Emerge...
Steve Peterson, CEM
 
IT Business Continuity Planning 2004
IT Business Continuity Planning 2004IT Business Continuity Planning 2004
IT Business Continuity Planning 2004
Donald E. Hester
 
Disaster Resistance City- Denizli
Disaster Resistance City- DenizliDisaster Resistance City- Denizli
Disaster Resistance City- DenizliDr. Yilmaz Ozmen
 
5 massimiliano riva
5 massimiliano riva5 massimiliano riva
5 massimiliano rivaFEST
 
Project Management and Practice
Project Management and PracticeProject Management and Practice
Project Management and PracticeKillian Vigna
 
1 presention richard hazenberg
1 presention richard hazenberg1 presention richard hazenberg
1 presention richard hazenberg
Minh Vu
 
Reporting and complexity
Reporting and complexityReporting and complexity
Reporting and complexity
Dimitris Antoniadis PhD, FAPM, FCMI
 
An introduction to LSCITS
An introduction to LSCITSAn introduction to LSCITS
An introduction to LSCITS
Ian Sommerville
 
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA (European Emergency Number Association)
 
Aviation Training, Safety Management System
Aviation Training, Safety Management SystemAviation Training, Safety Management System
Aviation Training, Safety Management System
pghclearingsolutions
 

More Related Content

What's hot

People & Organizational Issues in Health IT Implementation (March 25, 2019)
People & Organizational Issues in Health IT Implementation (March 25, 2019)People & Organizational Issues in Health IT Implementation (March 25, 2019)
People & Organizational Issues in Health IT Implementation (March 25, 2019)
Nawanan Theera-Ampornpunt
 
Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2Chonghua Yin
 
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Nawanan Theera-Ampornpunt
 
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Nawanan Theera-Ampornpunt
 
Artificial intelligence
Artificial intelligenceArtificial intelligence
Artificial intelligenceKitty Soso
 

What's hot (6)

People & Organizational Issues in Health IT Implementation (March 25, 2019)
People & Organizational Issues in Health IT Implementation (March 25, 2019)People & Organizational Issues in Health IT Implementation (March 25, 2019)
People & Organizational Issues in Health IT Implementation (March 25, 2019)
 
Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2
 
Dokas Issil2011
Dokas Issil2011Dokas Issil2011
Dokas Issil2011
 
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
 
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
 
Artificial intelligence
Artificial intelligenceArtificial intelligence
Artificial intelligence
 

Similar to Resp modellingintro

Responsibility Modelling
Responsibility ModellingResponsibility Modelling
Responsibility Modelling
Ian Sommerville
 
Develop a logic model for the formative evaluation of a new progra
Develop a logic model for the formative evaluation of a new prograDevelop a logic model for the formative evaluation of a new progra
Develop a logic model for the formative evaluation of a new progra
LinaCovington707
 
It resource needsassessment
It resource needsassessmentIt resource needsassessment
It resource needsassessmentMARIUM NASIR
 
Responsibility modelling for socio-technical systems
Responsibility modelling for socio-technical systemsResponsibility modelling for socio-technical systems
Responsibility modelling for socio-technical systems
Ian Sommerville
 
Understanding Basic Risk Management System - Session 5 Managing Project Prep...
Understanding Basic Risk Management System - Session 5 Managing Project Prep...Understanding Basic Risk Management System - Session 5 Managing Project Prep...
Understanding Basic Risk Management System - Session 5 Managing Project Prep...
UNDP Climate
 
More Research Needed on Concurrent Usage of Information Systems during Emerge...
More Research Needed on Concurrent Usage of Information Systems during Emerge...More Research Needed on Concurrent Usage of Information Systems during Emerge...
More Research Needed on Concurrent Usage of Information Systems during Emerge...
Steve Peterson, CEM
 
IT Business Continuity Planning 2004
IT Business Continuity Planning 2004IT Business Continuity Planning 2004
IT Business Continuity Planning 2004
Donald E. Hester
 
Disaster Resistance City- Denizli
Disaster Resistance City- DenizliDisaster Resistance City- Denizli
Disaster Resistance City- DenizliDr. Yilmaz Ozmen
 
5 massimiliano riva
5 massimiliano riva5 massimiliano riva
5 massimiliano rivaFEST
 
Project Management and Practice
Project Management and PracticeProject Management and Practice
Project Management and PracticeKillian Vigna
 
1 presention richard hazenberg
1 presention richard hazenberg1 presention richard hazenberg
1 presention richard hazenberg
Minh Vu
 
Reporting and complexity
Reporting and complexityReporting and complexity
Reporting and complexity
Dimitris Antoniadis PhD, FAPM, FCMI
 
An introduction to LSCITS
An introduction to LSCITSAn introduction to LSCITS
An introduction to LSCITS
Ian Sommerville
 
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA (European Emergency Number Association)
 
Aviation Training, Safety Management System
Aviation Training, Safety Management SystemAviation Training, Safety Management System
Aviation Training, Safety Management System
pghclearingsolutions
 
Collaborative working
Collaborative workingCollaborative working
Collaborative working
Dimitris Antoniadis PhD, FAPM, FCMI
 
Cloud Class
Cloud ClassCloud Class
Cloud Class
Samiya Yesmin
 
IWMW 2006: User Testing on a Shoestring Budget (1)
IWMW 2006: User Testing on a Shoestring Budget (1)IWMW 2006: User Testing on a Shoestring Budget (1)
IWMW 2006: User Testing on a Shoestring Budget (1)
IWMW
 
FinalReport-TheCommunityPartnership
FinalReport-TheCommunityPartnershipFinalReport-TheCommunityPartnership
FinalReport-TheCommunityPartnershipJames Bussone
 

Similar to Resp modellingintro (20)

Responsibility Modelling
Responsibility ModellingResponsibility Modelling
Responsibility Modelling
 
Develop a logic model for the formative evaluation of a new progra
Develop a logic model for the formative evaluation of a new prograDevelop a logic model for the formative evaluation of a new progra
Develop a logic model for the formative evaluation of a new progra
 
It resource needsassessment
It resource needsassessmentIt resource needsassessment
It resource needsassessment
 
Responsibility modelling for socio-technical systems
Responsibility modelling for socio-technical systemsResponsibility modelling for socio-technical systems
Responsibility modelling for socio-technical systems
 
Understanding Basic Risk Management System - Session 5 Managing Project Prep...
Understanding Basic Risk Management System - Session 5 Managing Project Prep...Understanding Basic Risk Management System - Session 5 Managing Project Prep...
Understanding Basic Risk Management System - Session 5 Managing Project Prep...
 
Complex project – or poorly scoped? - Dr Liz Varga
Complex project – or poorly scoped? - Dr Liz VargaComplex project – or poorly scoped? - Dr Liz Varga
Complex project – or poorly scoped? - Dr Liz Varga
 
More Research Needed on Concurrent Usage of Information Systems during Emerge...
More Research Needed on Concurrent Usage of Information Systems during Emerge...More Research Needed on Concurrent Usage of Information Systems during Emerge...
More Research Needed on Concurrent Usage of Information Systems during Emerge...
 
IT Business Continuity Planning 2004
IT Business Continuity Planning 2004IT Business Continuity Planning 2004
IT Business Continuity Planning 2004
 
Disaster Resistance City- Denizli
Disaster Resistance City- DenizliDisaster Resistance City- Denizli
Disaster Resistance City- Denizli
 
5 massimiliano riva
5 massimiliano riva5 massimiliano riva
5 massimiliano riva
 
Project Management and Practice
Project Management and PracticeProject Management and Practice
Project Management and Practice
 
1 presention richard hazenberg
1 presention richard hazenberg1 presention richard hazenberg
1 presention richard hazenberg
 
Reporting and complexity
Reporting and complexityReporting and complexity
Reporting and complexity
 
An introduction to LSCITS
An introduction to LSCITSAn introduction to LSCITS
An introduction to LSCITS
 
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
 
Aviation Training, Safety Management System
Aviation Training, Safety Management SystemAviation Training, Safety Management System
Aviation Training, Safety Management System
 
Collaborative working
Collaborative workingCollaborative working
Collaborative working
 
Cloud Class
Cloud ClassCloud Class
Cloud Class
 
IWMW 2006: User Testing on a Shoestring Budget (1)
IWMW 2006: User Testing on a Shoestring Budget (1)IWMW 2006: User Testing on a Shoestring Budget (1)
IWMW 2006: User Testing on a Shoestring Budget (1)
 
FinalReport-TheCommunityPartnership
FinalReport-TheCommunityPartnershipFinalReport-TheCommunityPartnership
FinalReport-TheCommunityPartnership
 

More from Ian Sommerville

LSCITS-engineering
LSCITS-engineeringLSCITS-engineering
LSCITS-engineering
Ian Sommerville
 
Requirements reality
Requirements realityRequirements reality
Requirements reality
Ian Sommerville
 
Dependability requirements for LSCITS
Dependability requirements for LSCITSDependability requirements for LSCITS
Dependability requirements for LSCITS
Ian Sommerville
 
Conceptual systems design
Conceptual systems designConceptual systems design
Conceptual systems design
Ian Sommerville
 
Requirements Engineering for LSCITS
Requirements Engineering for LSCITSRequirements Engineering for LSCITS
Requirements Engineering for LSCITS
Ian Sommerville
 
Internet worm-case-study
Internet worm-case-studyInternet worm-case-study
Internet worm-case-study
Ian Sommerville
 
Designing software for a million users
Designing software for a million usersDesigning software for a million users
Designing software for a million users
Ian Sommerville
 
Security case buffer overflow
Security case buffer overflowSecurity case buffer overflow
Security case buffer overflowIan Sommerville
 
CS5032 Case study Ariane 5 launcher failure
CS5032 Case study Ariane 5 launcher failureCS5032 Case study Ariane 5 launcher failure
CS5032 Case study Ariane 5 launcher failureIan Sommerville
 
CS5032 Case study Kegworth air disaster
CS5032 Case study Kegworth air disasterCS5032 Case study Kegworth air disaster
CS5032 Case study Kegworth air disasterIan Sommerville
 
CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1Ian Sommerville
 
CS5032 L20 cybersecurity 2
CS5032 L20 cybersecurity 2CS5032 L20 cybersecurity 2
CS5032 L20 cybersecurity 2Ian Sommerville
 
L17 CS5032 critical infrastructure
L17 CS5032 critical infrastructureL17 CS5032 critical infrastructure
L17 CS5032 critical infrastructureIan Sommerville
 
CS5032 Case study Maroochy water breach
CS5032 Case study Maroochy water breachCS5032 Case study Maroochy water breach
CS5032 Case study Maroochy water breachIan Sommerville
 
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systemsCS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systemsIan Sommerville
 
CS5032 L9 security engineering 1 2013
CS5032 L9 security engineering 1 2013CS5032 L9 security engineering 1 2013
CS5032 L9 security engineering 1 2013Ian Sommerville
 
CS5032 L10 security engineering 2 2013
CS5032 L10 security engineering 2 2013CS5032 L10 security engineering 2 2013
CS5032 L10 security engineering 2 2013Ian Sommerville
 
CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013Ian Sommerville
 
CS 5032 L12 security testing and dependability cases 2013
CS 5032 L12 security testing and dependability cases 2013CS 5032 L12 security testing and dependability cases 2013
CS 5032 L12 security testing and dependability cases 2013Ian Sommerville
 
CS 5032 L7 dependability engineering 2013
CS 5032 L7 dependability engineering 2013CS 5032 L7 dependability engineering 2013
CS 5032 L7 dependability engineering 2013Ian Sommerville
 

More from Ian Sommerville (20)

LSCITS-engineering
LSCITS-engineeringLSCITS-engineering
LSCITS-engineering
 
Requirements reality
Requirements realityRequirements reality
Requirements reality
 
Dependability requirements for LSCITS
Dependability requirements for LSCITSDependability requirements for LSCITS
Dependability requirements for LSCITS
 
Conceptual systems design
Conceptual systems designConceptual systems design
Conceptual systems design
 
Requirements Engineering for LSCITS
Requirements Engineering for LSCITSRequirements Engineering for LSCITS
Requirements Engineering for LSCITS
 
Internet worm-case-study
Internet worm-case-studyInternet worm-case-study
Internet worm-case-study
 
Designing software for a million users
Designing software for a million usersDesigning software for a million users
Designing software for a million users
 
Security case buffer overflow
Security case buffer overflowSecurity case buffer overflow
Security case buffer overflow
 
CS5032 Case study Ariane 5 launcher failure
CS5032 Case study Ariane 5 launcher failureCS5032 Case study Ariane 5 launcher failure
CS5032 Case study Ariane 5 launcher failure
 
CS5032 Case study Kegworth air disaster
CS5032 Case study Kegworth air disasterCS5032 Case study Kegworth air disaster
CS5032 Case study Kegworth air disaster
 
CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1
 
CS5032 L20 cybersecurity 2
CS5032 L20 cybersecurity 2CS5032 L20 cybersecurity 2
CS5032 L20 cybersecurity 2
 
L17 CS5032 critical infrastructure
L17 CS5032 critical infrastructureL17 CS5032 critical infrastructure
L17 CS5032 critical infrastructure
 
CS5032 Case study Maroochy water breach
CS5032 Case study Maroochy water breachCS5032 Case study Maroochy water breach
CS5032 Case study Maroochy water breach
 
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systemsCS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
 
CS5032 L9 security engineering 1 2013
CS5032 L9 security engineering 1 2013CS5032 L9 security engineering 1 2013
CS5032 L9 security engineering 1 2013
 
CS5032 L10 security engineering 2 2013
CS5032 L10 security engineering 2 2013CS5032 L10 security engineering 2 2013
CS5032 L10 security engineering 2 2013
 
CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013
 
CS 5032 L12 security testing and dependability cases 2013
CS 5032 L12 security testing and dependability cases 2013CS 5032 L12 security testing and dependability cases 2013
CS 5032 L12 security testing and dependability cases 2013
 
CS 5032 L7 dependability engineering 2013
CS 5032 L7 dependability engineering 2013CS 5032 L7 dependability engineering 2013
CS 5032 L7 dependability engineering 2013
 

Recently uploaded

Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 

Recently uploaded (20)

Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 

Resp modellingintro

  • 1. Responsibility modelling, LSCITS ENgD course, 2010 Slide 1 Responsibility Modelling in Socio- technical Systems Ian Sommerville St Andrews University
  • 2. Responsibility modelling, LSCITS ENgD course, 2010 Slide 2 System dependability • General premise of our work is that a significant class of system ‘failures’ are due to inadequate consideration of social, organisational and cultural factors that affect the design and operation of a computer-based system • Often manifested as a misfit between a system and the organisation using that system, resulting in: – User interaction ‘errors’ – Unreliable and inefficient processes – Provision of incorrect or inappropriate information to system users
  • 3. Responsibility modelling, LSCITS ENgD course, 2010 Slide 3 Socio-technical system failure • Failures are not just catastrophic events but normal, everyday system behaviour that disrupts normal work and that mean that people have to spend more time on a task than necessary • A system failure occurs when a direct or indirect user of a system has to carry out extra work, over and above that normally required to carry out some task, in response to some inappropriate system behaviour • This extra work constitutes the cost of recovery from system failure
  • 4. Responsibility modelling, LSCITS ENgD course, 2010 Slide 4 Responsibility • A suitable abstraction for modelling the components and interactions of socio-technical systems of systems “A duty, held by some agent, to achieve, maintain or avoid some given state, subject to conformance with organisational, social and cultural norms.” • More abstract than goals or tasks (but...) • Not (too) concerned with different types of agents • Easier to express less formalised types of work • Easier to discuss with stakeholders
  • 5. Responsibility modelling, LSCITS ENgD course, 2010 Slide 5 Responsibility as an Abstraction Responsibilities Goals Tasks Activities Functions ... “Financial Management” Improve Profitability by 5% over FY
  • 6. Responsibility modelling, LSCITS ENgD course, 2010 Slide 6 Why responsibility? • System failures can result from misunderstandings about responsibilities and failures of people to discharge their responsibilities as expected • Responsibilities are high-level abstractions that define (informally) what is expected of a human or automated agent. No assumptions are made about how an agent will discharge its responsibilities • Responsibilities are natural abstractions that people can relate to and talk about – In system design, technical abstractions (such as objects) that are alien to system stakeholders are often used
  • 7. Responsibility modelling, LSCITS ENgD course, 2010 Slide 7 Responsibility vulnerabilities • Unassigned responsibility • Duplicated responsibility • Uncommunicated responsibility • Misassigned responsibility • Responsibility overload • Responsibility fragility
  • 8. Responsibility modelling, LSCITS ENgD course, 2010 Slide 8 What is a responsibility model? • A succinct definition of the responsibilities in a system, the agents who have been assigned these responsibilities and the resources that should be available to these agents in discharging their responsibilities.
  • 9. Responsibility modelling, LSCITS ENgD course, 2010 Slide 9 Responsibility models • Simple graphical presentation that shows: – Responsibilities – Organisations/people/automated systems who are assigned specific responsibilities (agents) – Authority structures (where appropriate) i. e. information about accountability in an organisation – Responsibility dependencies – Information, and other resources required to discharge responsibilities
  • 10. Responsibility modelling, LSCITS ENgD course, 2010 Slide 10 Types of responsibility models • Planning models – Describe the intended allocation of responsibilities in some situation – Define the agents who should discharge the responsibility – Set out the resources that are normally required to discharge a responsibility • Operational models – Planning models plus annotations that describe: • The agents that are actually assigned a responsibility • The resources that are actually used
  • 11. Responsibility modelling, LSCITS ENgD course, 2010 Slide 11 Responsibility model notation Appoint Govt. Technical Advisor Declaration of Emergency Activate Central Nuclear Emergency Support Centre Activate Scottish Exec. Emergency Room Activate Site Emergency Control Centre <Site Emergency Controller> <Deputy Site Emergency Controller>, <<Scottish Executive>> <<Secretary of State>> Activate North Ayrshire Emergency Room <<Site Owner>> | Reactor Status Report |
  • 12. Responsibility modelling, LSCITS ENgD course, 2010 Slide 12 Contingency Planning • Development of contingency scenarios and plans for coping with incidents • Plans can be for a generic contingency, or specific scenarios (e.g. flooding) • Single agency plans document resources, procedures etc to be utilised by the agency to discharge responsibilities • Inter-organisational plans document the responsibilities that each organisation holds and can expect others to discharge • Planning is evaluated through emergency exercises
  • 13. Responsibility modelling, LSCITS ENgD course, 2010 Slide 13 Problems in Contingency Planning • Contingency plans are often verbose and rarely used during emergency responses • Misunderstandings occur between organisations regarding: – Who holds particular responsibilities – How responsibilities are interpreted • Circumstances may require unexpected agents to discharge responsibilities • The appropriate information may not be available to an agent for a responsibility to be discharged – E.g. Communication infrastructure or process failures
  • 14. Responsibility modelling, LSCITS ENgD course, 2010 Slide 14 Coordination system for CP • Scenarios from a (socio-technical) coordination system for contingency management are used as the driver for our work • Each agency involved has its own C & C system and does not wish to invest in a shared C & C system for managing emergencies • System has to support – Joint planning – Sharing of information from different systems – Audit trail of actions taken during an emergency – Provision of information to managers in the field
  • 15. Responsibility modelling, LSCITS ENgD course, 2010 Slide 15 Responsibility planning model Appoint Govt. Technical Advisor Declaration of Emergency Activate Central Nuclear Emergency Support Centre Activate Scottish Exec. Emergency Room Activate Site Emergency Control Centre <Site Emergency Controller>, <Deputy Site Emergency Controller> <<Scottish Executive>> <<Secretary of State>> Activate North Ayrshire Emergency Room <<Site Owner>> | Reactor Status Report |
  • 16. Responsibility modelling, LSCITS ENgD course, 2010 Slide 16 Information resources Check on safety of vessels in incident area Broadcast Marine Safety Information<<MRCC Clyde>> | Navigation warnings | | Weather warnings | | Subfacts | | Gunfacts | | Alert Broadcast | | Incident information | << Police | NAECC Liaison Officer >> [ VHF Radio ] [ MF Radio ]
  • 17. Responsibility modelling, LSCITS ENgD course, 2010 Slide 17 Responsibility modelling benefits • Responsibility models are a way of facilitating the analysis of responsibilities and discussing responsibilities across organisations • They support risk analysis and the identification of a class of potential vulnerabilities in a system • They serve as a means of identifying information requirements and help identify redundancy and diversity that should be planned for in a system • They may be useful as a means of documenting responsibilities and learning from experience
  • 18. Responsibility modelling, LSCITS ENgD course, 2010 Slide 18 Information requirements • Requirements for information to be provided to agents to help them do their work, requirements for information sharing and access control and requirements for information that is to be generated • When systems are created by integrating and configuring existing systems, their behaviour is constrained. There is limited scope for defining the functionality of a system • We argue that, in such cases, a behavioural approach to requirements specification should be replaced by a focus on the information produced, consumed and shared by the agents in the system
  • 19. Responsibility modelling, LSCITS ENgD course, 2010 Slide 19 Information analysis • We assume that the holder of a responsibility needs some information to discharge that responsibility • Information requirements are concerned with: – What: The information required – Where: The source of that information – How: The channel (or channels) through which that information is delivered – Structure: How the information is organised/should be organised – Presentation: How the information should be presented to a user of that information
  • 20. Responsibility modelling, LSCITS ENgD course, 2010 Slide 20 Deriving information requirements • What information is required to discharge a responsibility? • Where does the information come from? • What channels are used to communicate this information? • What information is recorded in the discharge of this responsibility? • What channels are used to communicate the recorded information? • What are the consequences if the information is unavailable, inaccurate, incomplete, late, early, etc.?
  • 21. Responsibility modelling, LSCITS ENgD course, 2010 Slide 21 Flood emergencies Flood forecasting Initiate Evacuation << Environment agency >> << Silver command >> | Flood warnings | Declare emergency << Local authority >>
  • 22. Responsibility modelling, LSCITS ENgD course, 2010 Slide 22 Initiate Evacuation • Information requirements – Risk assessment showing properties at risk from predicted flooding, predicted times of flooding and the likelihood of flooding in specific areas (Environment agency, local authority) – Information about ‘special properties’ e.g. hospitals, care homes, schools, where the residents will require help to be evacuated (Local authority) – Availability of resources from emergency services and other agencies (Emergency services liaison officers)
  • 23. Responsibility modelling, LSCITS ENgD course, 2010 Slide 23 Information analysis • Risk assessment – An assessment of the areas that are of risk from the flood and the probabilities of flooding in these areas (What info) – Based on flood warnings from environment agency and local knowledge (Where from) – Telephone, web, meetings (Channels) – Areas at risk and imminence of risk; Who made decision and what local knowledge used (What recorded) – Fax to silver command or meeting – Vulnerabilities - discussed later
  • 24. Responsibility modelling, LSCITS ENgD course, 2010 Slide 24 Initiate evacuation Flood forecasting Risk Analysis Initiate Evacuation << Environment agency >> << Environment agency, Local authority >> << Silver command >> | Risk assessment | | Flood warnings | | Resource assessment | | Special properties |
  • 25. Responsibility modelling, LSCITS ENgD course, 2010 Slide 25 Vulnerability analysis • The responsibility model reflects the understanding of an organisation about who is responsible for what and what that responsibility entails • Where multiple agencies are involved, there are likely to be discrepancies between their understanding of responsibility • Examining and comparing models allows us to identify: – Responsibility omissions - responsibilities that each organisation assumes are assigned to some other organisation or which are simply not assigned to any organisation – Responsibility misunderstandings - situations where different organisations understand a responsibility in different ways
  • 26. Responsibility modelling, LSCITS ENgD course, 2010 Slide 26 HAZOPS • A HAZOPs-style ‘what if’ analysis can be applied to the information requirements for each responsibility – Analyses the robustness of the contingency plan in failure circumstances • Guide words were selected to query information channel failure for each requirement: [Do I mean this?] – Early – Late – Never – Inaccurate
  • 27. Responsibility modelling, LSCITS ENgD course, 2010 Slide 27 HAZOPS Analysis
  • 28. Responsibility modelling, LSCITS ENgD course, 2010 Slide 28 Evacuation responsibilities Inland Search and Rescue Arrange Transportation Initiate Evacuation Evacuation Collect Evacuee Information Establish Reception Centres Security Coordinate Evacuation << Silver command >> << District council >> << Fire service >><< County council >><< Police >>
  • 29. Responsibility modelling, LSCITS ENgD course, 2010 Slide 29 Evacuation coordination Inland Search and Rescue Transportation Collect Evacuee Information Establish Reception Centres Coordinate Evacuation << District council >> << Fire service >> << Police >> << County council >> | Reception centre locations | | Evacuee list | | Assembly points |
  • 30. Responsibility modelling, LSCITS ENgD course, 2010 Slide 30 HAZOPS Analysis
  • 31. Responsibility modelling, LSCITS ENgD course, 2010 Slide 31 Deviations • HAZOPS style keyword/consequence method for assessing each information resource: • Example: Priority Premises Resource – Unavailable: Manual premises check required to see if vulnerable people to be evacuated. – Inaccurate: Manual premises check may be necessary. Possible delay in evacuation of vulnerable people. People may be left behind. – Incomplete: Possible delay in evacuation. – Late: Information has to be communicated to units in the field rather than at local coordination centre. – Early: No consequence.
  • 32. Responsibility modelling, LSCITS ENgD course, 2010 Slide 32 Requirements Examples • The coordination system shall maintain a list of priority premises to be evacuated for each town in the local area. – This shall be updated by the local council when the coordination centre is established. (The premises list is maintained by the local government authority but may not be immediately available outside of normal working hours; While a central list may be out of date, it is better than nothing.) • The coordination centre system shall maintain a list of premises evacuated along with the time of evacuation and the units involved in the evacuation.
  • 33. Responsibility modelling, LSCITS ENgD course, 2010 Slide 33 Conclusions Benefits of taking a responsibility perspective: • Naturalness – Responsibility is a natural object of discussion regarding organisations and systems • Scalability – Existing case studies are already sizable • User involvement – Several organisations interested in the modelling approach • Complementarity – Fit with existing conceptual frameworks, e.g. goals, tasks – Early stage RE