SlideShare una empresa de Scribd logo

Resp modellingintro

Descargar como PPTX, PDF
Ian Sommerville
Ian Sommerville

The document discusses responsibility modeling for socio-technical systems. It describes how responsibility models can be used to identify vulnerabilities in systems by clarifying agent responsibilities and information needs. The document presents examples of responsibility models for emergency response coordination and uses HAZOP analysis to identify potential failures based on deviations to information resources. The goal of responsibility modeling is to improve system dependability by facilitating analysis of social and organizational factors.

Tecnología
1 de 33
Responsibility modelling, LSCITS ENgD course, 2010 Slide 1 Responsibility Modelling in Socio- technical Systems Ian Sommerville St Andrews University
Responsibility modelling, LSCITS ENgD course, 2010 Slide 2 System dependability • General premise of our work is that a significant class of system ‘failures’ are due to inadequate consideration of social, organisational and cultural factors that affect the design and operation of a computer-based system • Often manifested as a misfit between a system and the organisation using that system, resulting in: – User interaction ‘errors’ – Unreliable and inefficient processes – Provision of incorrect or inappropriate information to system users
Responsibility modelling, LSCITS ENgD course, 2010 Slide 3 Socio-technical system failure • Failures are not just catastrophic events but normal, everyday system behaviour that disrupts normal work and that mean that people have to spend more time on a task than necessary • A system failure occurs when a direct or indirect user of a system has to carry out extra work, over and above that normally required to carry out some task, in response to some inappropriate system behaviour • This extra work constitutes the cost of recovery from system failure
Responsibility modelling, LSCITS ENgD course, 2010 Slide 4 Responsibility • A suitable abstraction for modelling the components and interactions of socio-technical systems of systems “A duty, held by some agent, to achieve, maintain or avoid some given state, subject to conformance with organisational, social and cultural norms.” • More abstract than goals or tasks (but...) • Not (too) concerned with different types of agents • Easier to express less formalised types of work • Easier to discuss with stakeholders
Responsibility modelling, LSCITS ENgD course, 2010 Slide 5 Responsibility as an Abstraction Responsibilities Goals Tasks Activities Functions ... “Financial Management” Improve Profitability by 5% over FY
Responsibility modelling, LSCITS ENgD course, 2010 Slide 6 Why responsibility? • System failures can result from misunderstandings about responsibilities and failures of people to discharge their responsibilities as expected • Responsibilities are high-level abstractions that define (informally) what is expected of a human or automated agent. No assumptions are made about how an agent will discharge its responsibilities • Responsibilities are natural abstractions that people can relate to and talk about – In system design, technical abstractions (such as objects) that are alien to system stakeholders are often used
Responsibility modelling, LSCITS ENgD course, 2010 Slide 7 Responsibility vulnerabilities • Unassigned responsibility • Duplicated responsibility • Uncommunicated responsibility • Misassigned responsibility • Responsibility overload • Responsibility fragility
Responsibility modelling, LSCITS ENgD course, 2010 Slide 8 What is a responsibility model? • A succinct definition of the responsibilities in a system, the agents who have been assigned these responsibilities and the resources that should be available to these agents in discharging their responsibilities.
Responsibility modelling, LSCITS ENgD course, 2010 Slide 9 Responsibility models • Simple graphical presentation that shows: – Responsibilities – Organisations/people/automated systems who are assigned specific responsibilities (agents) – Authority structures (where appropriate) i. e. information about accountability in an organisation – Responsibility dependencies – Information, and other resources required to discharge responsibilities
Responsibility modelling, LSCITS ENgD course, 2010 Slide 10 Types of responsibility models • Planning models – Describe the intended allocation of responsibilities in some situation – Define the agents who should discharge the responsibility – Set out the resources that are normally required to discharge a responsibility • Operational models – Planning models plus annotations that describe: • The agents that are actually assigned a responsibility • The resources that are actually used
Responsibility modelling, LSCITS ENgD course, 2010 Slide 11 Responsibility model notation Appoint Govt. Technical Advisor Declaration of Emergency Activate Central Nuclear Emergency Support Centre Activate Scottish Exec. Emergency Room Activate Site Emergency Control Centre <Site Emergency Controller> <Deputy Site Emergency Controller>, <<Scottish Executive>> <<Secretary of State>> Activate North Ayrshire Emergency Room <<Site Owner>> | Reactor Status Report |
Responsibility modelling, LSCITS ENgD course, 2010 Slide 12 Contingency Planning • Development of contingency scenarios and plans for coping with incidents • Plans can be for a generic contingency, or specific scenarios (e.g. flooding) • Single agency plans document resources, procedures etc to be utilised by the agency to discharge responsibilities • Inter-organisational plans document the responsibilities that each organisation holds and can expect others to discharge • Planning is evaluated through emergency exercises
Responsibility modelling, LSCITS ENgD course, 2010 Slide 13 Problems in Contingency Planning • Contingency plans are often verbose and rarely used during emergency responses • Misunderstandings occur between organisations regarding: – Who holds particular responsibilities – How responsibilities are interpreted • Circumstances may require unexpected agents to discharge responsibilities • The appropriate information may not be available to an agent for a responsibility to be discharged – E.g. Communication infrastructure or process failures
Responsibility modelling, LSCITS ENgD course, 2010 Slide 14 Coordination system for CP • Scenarios from a (socio-technical) coordination system for contingency management are used as the driver for our work • Each agency involved has its own C & C system and does not wish to invest in a shared C & C system for managing emergencies • System has to support – Joint planning – Sharing of information from different systems – Audit trail of actions taken during an emergency – Provision of information to managers in the field
Responsibility modelling, LSCITS ENgD course, 2010 Slide 15 Responsibility planning model Appoint Govt. Technical Advisor Declaration of Emergency Activate Central Nuclear Emergency Support Centre Activate Scottish Exec. Emergency Room Activate Site Emergency Control Centre <Site Emergency Controller>, <Deputy Site Emergency Controller> <<Scottish Executive>> <<Secretary of State>> Activate North Ayrshire Emergency Room <<Site Owner>> | Reactor Status Report |
Responsibility modelling, LSCITS ENgD course, 2010 Slide 16 Information resources Check on safety of vessels in incident area Broadcast Marine Safety Information<<MRCC Clyde>> | Navigation warnings | | Weather warnings | | Subfacts | | Gunfacts | | Alert Broadcast | | Incident information | << Police | NAECC Liaison Officer >> [ VHF Radio ] [ MF Radio ]
Responsibility modelling, LSCITS ENgD course, 2010 Slide 17 Responsibility modelling benefits • Responsibility models are a way of facilitating the analysis of responsibilities and discussing responsibilities across organisations • They support risk analysis and the identification of a class of potential vulnerabilities in a system • They serve as a means of identifying information requirements and help identify redundancy and diversity that should be planned for in a system • They may be useful as a means of documenting responsibilities and learning from experience
Responsibility modelling, LSCITS ENgD course, 2010 Slide 18 Information requirements • Requirements for information to be provided to agents to help them do their work, requirements for information sharing and access control and requirements for information that is to be generated • When systems are created by integrating and configuring existing systems, their behaviour is constrained. There is limited scope for defining the functionality of a system • We argue that, in such cases, a behavioural approach to requirements specification should be replaced by a focus on the information produced, consumed and shared by the agents in the system
Responsibility modelling, LSCITS ENgD course, 2010 Slide 19 Information analysis • We assume that the holder of a responsibility needs some information to discharge that responsibility • Information requirements are concerned with: – What: The information required – Where: The source of that information – How: The channel (or channels) through which that information is delivered – Structure: How the information is organised/should be organised – Presentation: How the information should be presented to a user of that information
Responsibility modelling, LSCITS ENgD course, 2010 Slide 20 Deriving information requirements • What information is required to discharge a responsibility? • Where does the information come from? • What channels are used to communicate this information? • What information is recorded in the discharge of this responsibility? • What channels are used to communicate the recorded information? • What are the consequences if the information is unavailable, inaccurate, incomplete, late, early, etc.?
Responsibility modelling, LSCITS ENgD course, 2010 Slide 21 Flood emergencies Flood forecasting Initiate Evacuation << Environment agency >> << Silver command >> | Flood warnings | Declare emergency << Local authority >>
Responsibility modelling, LSCITS ENgD course, 2010 Slide 22 Initiate Evacuation • Information requirements – Risk assessment showing properties at risk from predicted flooding, predicted times of flooding and the likelihood of flooding in specific areas (Environment agency, local authority) – Information about ‘special properties’ e.g. hospitals, care homes, schools, where the residents will require help to be evacuated (Local authority) – Availability of resources from emergency services and other agencies (Emergency services liaison officers)
Responsibility modelling, LSCITS ENgD course, 2010 Slide 23 Information analysis • Risk assessment – An assessment of the areas that are of risk from the flood and the probabilities of flooding in these areas (What info) – Based on flood warnings from environment agency and local knowledge (Where from) – Telephone, web, meetings (Channels) – Areas at risk and imminence of risk; Who made decision and what local knowledge used (What recorded) – Fax to silver command or meeting – Vulnerabilities - discussed later
Responsibility modelling, LSCITS ENgD course, 2010 Slide 24 Initiate evacuation Flood forecasting Risk Analysis Initiate Evacuation << Environment agency >> << Environment agency, Local authority >> << Silver command >> | Risk assessment | | Flood warnings | | Resource assessment | | Special properties |
Responsibility modelling, LSCITS ENgD course, 2010 Slide 25 Vulnerability analysis • The responsibility model reflects the understanding of an organisation about who is responsible for what and what that responsibility entails • Where multiple agencies are involved, there are likely to be discrepancies between their understanding of responsibility • Examining and comparing models allows us to identify: – Responsibility omissions - responsibilities that each organisation assumes are assigned to some other organisation or which are simply not assigned to any organisation – Responsibility misunderstandings - situations where different organisations understand a responsibility in different ways
Responsibility modelling, LSCITS ENgD course, 2010 Slide 26 HAZOPS • A HAZOPs-style ‘what if’ analysis can be applied to the information requirements for each responsibility – Analyses the robustness of the contingency plan in failure circumstances • Guide words were selected to query information channel failure for each requirement: [Do I mean this?] – Early – Late – Never – Inaccurate
Responsibility modelling, LSCITS ENgD course, 2010 Slide 27 HAZOPS Analysis
Responsibility modelling, LSCITS ENgD course, 2010 Slide 28 Evacuation responsibilities Inland Search and Rescue Arrange Transportation Initiate Evacuation Evacuation Collect Evacuee Information Establish Reception Centres Security Coordinate Evacuation << Silver command >> << District council >> << Fire service >><< County council >><< Police >>
Responsibility modelling, LSCITS ENgD course, 2010 Slide 29 Evacuation coordination Inland Search and Rescue Transportation Collect Evacuee Information Establish Reception Centres Coordinate Evacuation << District council >> << Fire service >> << Police >> << County council >> | Reception centre locations | | Evacuee list | | Assembly points |
Responsibility modelling, LSCITS ENgD course, 2010 Slide 30 HAZOPS Analysis
Responsibility modelling, LSCITS ENgD course, 2010 Slide 31 Deviations • HAZOPS style keyword/consequence method for assessing each information resource: • Example: Priority Premises Resource – Unavailable: Manual premises check required to see if vulnerable people to be evacuated. – Inaccurate: Manual premises check may be necessary. Possible delay in evacuation of vulnerable people. People may be left behind. – Incomplete: Possible delay in evacuation. – Late: Information has to be communicated to units in the field rather than at local coordination centre. – Early: No consequence.
Responsibility modelling, LSCITS ENgD course, 2010 Slide 32 Requirements Examples • The coordination system shall maintain a list of priority premises to be evacuated for each town in the local area. – This shall be updated by the local council when the coordination centre is established. (The premises list is maintained by the local government authority but may not be immediately available outside of normal working hours; While a central list may be out of date, it is better than nothing.) • The coordination centre system shall maintain a list of premises evacuated along with the time of evacuation and the units involved in the evacuation.
Responsibility modelling, LSCITS ENgD course, 2010 Slide 33 Conclusions Benefits of taking a responsibility perspective: • Naturalness – Responsibility is a natural object of discussion regarding organisations and systems • Scalability – Existing case studies are already sizable • User involvement – Several organisations interested in the modelling approach • Complementarity – Fit with existing conceptual frameworks, e.g. goals, tasks – Early stage RE

Recomendados

Resilience and recovery
Resilience and recoveryResilience and recovery
Resilience and recovery
Ian Sommerville
 
Ultra Large Scale Systems
Ultra Large Scale SystemsUltra Large Scale Systems
Ultra Large Scale Systems
Ian Sommerville
 
Designing Complex Systems for Recovery (LSCITS EngD 2011)
Designing Complex Systems for Recovery (LSCITS EngD 2011)Designing Complex Systems for Recovery (LSCITS EngD 2011)
Designing Complex Systems for Recovery (LSCITS EngD 2011)
Ian Sommerville
 
Using ICT to support water sector monitoring
Using ICT to support water sector monitoringUsing ICT to support water sector monitoring
Using ICT to support water sector monitoring
David Schaub-Jones
 
Design a rule based expert system for eia
Design a rule based expert system for eiaDesign a rule based expert system for eia
Design a rule based expert system for eia
Er. rahul abhishek
 
6 computer systems
6 computer systems6 computer systems
6 computer systems
hccit
 
CORE Group 2011 SixBlue Data
CORE Group 2011 SixBlue DataCORE Group 2011 SixBlue Data
CORE Group 2011 SixBlue Data
SixBlue Data
 
BA 257 C1.C2
BA 257 C1.C2BA 257 C1.C2
BA 257 C1.C2
mattheweric
 

Recomendados

Resilience and recovery
Resilience and recoveryResilience and recovery
Resilience and recovery
Ian Sommerville
 
Ultra Large Scale Systems
Ultra Large Scale SystemsUltra Large Scale Systems
Ultra Large Scale Systems
Ian Sommerville
 
Designing Complex Systems for Recovery (LSCITS EngD 2011)
Designing Complex Systems for Recovery (LSCITS EngD 2011)Designing Complex Systems for Recovery (LSCITS EngD 2011)
Designing Complex Systems for Recovery (LSCITS EngD 2011)
Ian Sommerville
 
Using ICT to support water sector monitoring
Using ICT to support water sector monitoringUsing ICT to support water sector monitoring
Using ICT to support water sector monitoring
David Schaub-Jones
 
Design a rule based expert system for eia
Design a rule based expert system for eiaDesign a rule based expert system for eia
Design a rule based expert system for eia
Er. rahul abhishek
 
6 computer systems
6 computer systems6 computer systems
6 computer systems
hccit
 
CORE Group 2011 SixBlue Data
CORE Group 2011 SixBlue DataCORE Group 2011 SixBlue Data
CORE Group 2011 SixBlue Data
SixBlue Data
 
BA 257 C1.C2
BA 257 C1.C2BA 257 C1.C2
BA 257 C1.C2
mattheweric
 
People & Organizational Issues in Health IT Implementation (March 25, 2019)
People & Organizational Issues in Health IT Implementation (March 25, 2019)People & Organizational Issues in Health IT Implementation (March 25, 2019)
People & Organizational Issues in Health IT Implementation (March 25, 2019)
Nawanan Theera-Ampornpunt
 
Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2
Chonghua Yin
 
Dokas Issil2011
Dokas Issil2011Dokas Issil2011
Dokas Issil2011
LUCA School of Arts
 
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Nawanan Theera-Ampornpunt
 
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Nawanan Theera-Ampornpunt
 
Artificial intelligence
Artificial intelligenceArtificial intelligence
Artificial intelligence
Kitty Soso
 
Responsibility Modelling
Responsibility ModellingResponsibility Modelling
Responsibility Modelling
Ian Sommerville
 
Develop a logic model for the formative evaluation of a new progra
Develop a logic model for the formative evaluation of a new prograDevelop a logic model for the formative evaluation of a new progra
Develop a logic model for the formative evaluation of a new progra
LinaCovington707
 
It resource needsassessment
It resource needsassessmentIt resource needsassessment
It resource needsassessment
MARIUM NASIR
 
Responsibility modelling for socio-technical systems
Responsibility modelling for socio-technical systemsResponsibility modelling for socio-technical systems
Responsibility modelling for socio-technical systems
Ian Sommerville
 
Understanding Basic Risk Management System - Session 5 Managing Project Prep...
Understanding Basic Risk Management System - Session 5 Managing Project Prep...Understanding Basic Risk Management System - Session 5 Managing Project Prep...
Understanding Basic Risk Management System - Session 5 Managing Project Prep...
UNDP Climate
 
Complex project – or poorly scoped? - Dr Liz Varga
Complex project – or poorly scoped? - Dr Liz VargaComplex project – or poorly scoped? - Dr Liz Varga
Complex project – or poorly scoped? - Dr Liz Varga
Association for Project Management
 
More Research Needed on Concurrent Usage of Information Systems during Emerge...
More Research Needed on Concurrent Usage of Information Systems during Emerge...More Research Needed on Concurrent Usage of Information Systems during Emerge...
More Research Needed on Concurrent Usage of Information Systems during Emerge...
Steve Peterson, CEM
 
IT Business Continuity Planning 2004
IT Business Continuity Planning 2004IT Business Continuity Planning 2004
IT Business Continuity Planning 2004
Donald E. Hester
 
Disaster Resistance City- Denizli
Disaster Resistance City- DenizliDisaster Resistance City- Denizli
Disaster Resistance City- Denizli
Dr. Yilmaz Ozmen
 
5 massimiliano riva
5 massimiliano riva5 massimiliano riva
5 massimiliano riva
FEST
 
Project Management and Practice
Project Management and PracticeProject Management and Practice
Project Management and Practice
Killian Vigna
 
1 presention richard hazenberg
1 presention richard hazenberg1 presention richard hazenberg
1 presention richard hazenberg
Minh Vu
 
Reporting and complexity
Reporting and complexityReporting and complexity
Reporting and complexity
Dimitris Antoniadis PhD, FAPM, FCMI
 
An introduction to LSCITS
An introduction to LSCITSAn introduction to LSCITS
An introduction to LSCITS
Ian Sommerville
 
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA (European Emergency Number Association)
 
Aviation Training, Safety Management System
Aviation Training, Safety Management SystemAviation Training, Safety Management System
Aviation Training, Safety Management System
pghclearingsolutions
 

Más contenido relacionado

La actualidad más candente

Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2
Chonghua Yin
 
Artificial intelligence
Artificial intelligenceArtificial intelligence
Artificial intelligence
Kitty Soso
 

La actualidad más candente (6)

People & Organizational Issues in Health IT Implementation (March 25, 2019)
People & Organizational Issues in Health IT Implementation (March 25, 2019)People & Organizational Issues in Health IT Implementation (March 25, 2019)
People & Organizational Issues in Health IT Implementation (March 25, 2019)
 
Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2Decision-making Support System for climate change adaptation_yin v2
Decision-making Support System for climate change adaptation_yin v2
 
Dokas Issil2011
Dokas Issil2011Dokas Issil2011
Dokas Issil2011
 
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
 
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
Case Studies in Health IT Implementation & Sociotechnical Aspect of Health In...
 
Artificial intelligence
Artificial intelligenceArtificial intelligence
Artificial intelligence
 

Similar a Resp modellingintro

Develop a logic model for the formative evaluation of a new progra
Develop a logic model for the formative evaluation of a new prograDevelop a logic model for the formative evaluation of a new progra
Develop a logic model for the formative evaluation of a new progra
LinaCovington707
 
It resource needsassessment
It resource needsassessmentIt resource needsassessment
It resource needsassessment
MARIUM NASIR
 
Understanding Basic Risk Management System - Session 5 Managing Project Prep...
Understanding Basic Risk Management System - Session 5 Managing Project Prep...Understanding Basic Risk Management System - Session 5 Managing Project Prep...
Understanding Basic Risk Management System - Session 5 Managing Project Prep...
UNDP Climate
 
More Research Needed on Concurrent Usage of Information Systems during Emerge...
More Research Needed on Concurrent Usage of Information Systems during Emerge...More Research Needed on Concurrent Usage of Information Systems during Emerge...
More Research Needed on Concurrent Usage of Information Systems during Emerge...
Steve Peterson, CEM
 
Disaster Resistance City- Denizli
Disaster Resistance City- DenizliDisaster Resistance City- Denizli
Disaster Resistance City- Denizli
Dr. Yilmaz Ozmen
 
5 massimiliano riva
5 massimiliano riva5 massimiliano riva
5 massimiliano riva
FEST
 
Project Management and Practice
Project Management and PracticeProject Management and Practice
Project Management and Practice
Killian Vigna
 
Aviation Training, Safety Management System
Aviation Training, Safety Management SystemAviation Training, Safety Management System
Aviation Training, Safety Management System
pghclearingsolutions
 
FinalReport-TheCommunityPartnership
FinalReport-TheCommunityPartnershipFinalReport-TheCommunityPartnership
FinalReport-TheCommunityPartnership
James Bussone
 

Similar a Resp modellingintro (20)

Responsibility Modelling
Responsibility ModellingResponsibility Modelling
Responsibility Modelling
 
Develop a logic model for the formative evaluation of a new progra
Develop a logic model for the formative evaluation of a new prograDevelop a logic model for the formative evaluation of a new progra
Develop a logic model for the formative evaluation of a new progra
 
It resource needsassessment
It resource needsassessmentIt resource needsassessment
It resource needsassessment
 
Responsibility modelling for socio-technical systems
Responsibility modelling for socio-technical systemsResponsibility modelling for socio-technical systems
Responsibility modelling for socio-technical systems
 
Understanding Basic Risk Management System - Session 5 Managing Project Prep...
Understanding Basic Risk Management System - Session 5 Managing Project Prep...Understanding Basic Risk Management System - Session 5 Managing Project Prep...
Understanding Basic Risk Management System - Session 5 Managing Project Prep...
 
Complex project – or poorly scoped? - Dr Liz Varga
Complex project – or poorly scoped? - Dr Liz VargaComplex project – or poorly scoped? - Dr Liz Varga
Complex project – or poorly scoped? - Dr Liz Varga
 
More Research Needed on Concurrent Usage of Information Systems during Emerge...
More Research Needed on Concurrent Usage of Information Systems during Emerge...More Research Needed on Concurrent Usage of Information Systems during Emerge...
More Research Needed on Concurrent Usage of Information Systems during Emerge...
 
IT Business Continuity Planning 2004
IT Business Continuity Planning 2004IT Business Continuity Planning 2004
IT Business Continuity Planning 2004
 
Disaster Resistance City- Denizli
Disaster Resistance City- DenizliDisaster Resistance City- Denizli
Disaster Resistance City- Denizli
 
5 massimiliano riva
5 massimiliano riva5 massimiliano riva
5 massimiliano riva
 
Project Management and Practice
Project Management and PracticeProject Management and Practice
Project Management and Practice
 
1 presention richard hazenberg
1 presention richard hazenberg1 presention richard hazenberg
1 presention richard hazenberg
 
Reporting and complexity
Reporting and complexityReporting and complexity
Reporting and complexity
 
An introduction to LSCITS
An introduction to LSCITSAn introduction to LSCITS
An introduction to LSCITS
 
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
EENA2019: Track1 session2 _Translating errors into operator safety nets: usin...
 
Aviation Training, Safety Management System
Aviation Training, Safety Management SystemAviation Training, Safety Management System
Aviation Training, Safety Management System
 
Collaborative working
Collaborative workingCollaborative working
Collaborative working
 
Cloud Class
Cloud ClassCloud Class
Cloud Class
 
IWMW 2006: User Testing on a Shoestring Budget (1)
IWMW 2006: User Testing on a Shoestring Budget (1)IWMW 2006: User Testing on a Shoestring Budget (1)
IWMW 2006: User Testing on a Shoestring Budget (1)
 
FinalReport-TheCommunityPartnership
FinalReport-TheCommunityPartnershipFinalReport-TheCommunityPartnership
FinalReport-TheCommunityPartnership
 

Más de Ian Sommerville

Security case buffer overflow
Security case buffer overflowSecurity case buffer overflow
Security case buffer overflow
Ian Sommerville
 
CS5032 Case study Ariane 5 launcher failure
CS5032 Case study Ariane 5 launcher failureCS5032 Case study Ariane 5 launcher failure
CS5032 Case study Ariane 5 launcher failure
Ian Sommerville
 
CS5032 Case study Kegworth air disaster
CS5032 Case study Kegworth air disasterCS5032 Case study Kegworth air disaster
CS5032 Case study Kegworth air disaster
Ian Sommerville
 
CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1
Ian Sommerville
 
CS5032 L20 cybersecurity 2
CS5032 L20 cybersecurity 2CS5032 L20 cybersecurity 2
CS5032 L20 cybersecurity 2
Ian Sommerville
 
L17 CS5032 critical infrastructure
L17 CS5032 critical infrastructureL17 CS5032 critical infrastructure
L17 CS5032 critical infrastructure
Ian Sommerville
 
CS5032 Case study Maroochy water breach
CS5032 Case study Maroochy water breachCS5032 Case study Maroochy water breach
CS5032 Case study Maroochy water breach
Ian Sommerville
 
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systemsCS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
Ian Sommerville
 
CS5032 L9 security engineering 1 2013
CS5032 L9 security engineering 1 2013CS5032 L9 security engineering 1 2013
CS5032 L9 security engineering 1 2013
Ian Sommerville
 
CS5032 L10 security engineering 2 2013
CS5032 L10 security engineering 2 2013CS5032 L10 security engineering 2 2013
CS5032 L10 security engineering 2 2013
Ian Sommerville
 
CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013
Ian Sommerville
 
CS 5032 L12 security testing and dependability cases 2013
CS 5032 L12 security testing and dependability cases 2013CS 5032 L12 security testing and dependability cases 2013
CS 5032 L12 security testing and dependability cases 2013
Ian Sommerville
 
CS 5032 L7 dependability engineering 2013
CS 5032 L7 dependability engineering 2013CS 5032 L7 dependability engineering 2013
CS 5032 L7 dependability engineering 2013
Ian Sommerville
 

Más de Ian Sommerville (20)

LSCITS-engineering
LSCITS-engineeringLSCITS-engineering
LSCITS-engineering
 
Requirements reality
Requirements realityRequirements reality
Requirements reality
 
Dependability requirements for LSCITS
Dependability requirements for LSCITSDependability requirements for LSCITS
Dependability requirements for LSCITS
 
Conceptual systems design
Conceptual systems designConceptual systems design
Conceptual systems design
 
Requirements Engineering for LSCITS
Requirements Engineering for LSCITSRequirements Engineering for LSCITS
Requirements Engineering for LSCITS
 
Internet worm-case-study
Internet worm-case-studyInternet worm-case-study
Internet worm-case-study
 
Designing software for a million users
Designing software for a million usersDesigning software for a million users
Designing software for a million users
 
Security case buffer overflow
Security case buffer overflowSecurity case buffer overflow
Security case buffer overflow
 
CS5032 Case study Ariane 5 launcher failure
CS5032 Case study Ariane 5 launcher failureCS5032 Case study Ariane 5 launcher failure
CS5032 Case study Ariane 5 launcher failure
 
CS5032 Case study Kegworth air disaster
CS5032 Case study Kegworth air disasterCS5032 Case study Kegworth air disaster
CS5032 Case study Kegworth air disaster
 
CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1
 
CS5032 L20 cybersecurity 2
CS5032 L20 cybersecurity 2CS5032 L20 cybersecurity 2
CS5032 L20 cybersecurity 2
 
L17 CS5032 critical infrastructure
L17 CS5032 critical infrastructureL17 CS5032 critical infrastructure
L17 CS5032 critical infrastructure
 
CS5032 Case study Maroochy water breach
CS5032 Case study Maroochy water breachCS5032 Case study Maroochy water breach
CS5032 Case study Maroochy water breach
 
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systemsCS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
 
CS5032 L9 security engineering 1 2013
CS5032 L9 security engineering 1 2013CS5032 L9 security engineering 1 2013
CS5032 L9 security engineering 1 2013
 
CS5032 L10 security engineering 2 2013
CS5032 L10 security engineering 2 2013CS5032 L10 security engineering 2 2013
CS5032 L10 security engineering 2 2013
 
CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013
 
CS 5032 L12 security testing and dependability cases 2013
CS 5032 L12 security testing and dependability cases 2013CS 5032 L12 security testing and dependability cases 2013
CS 5032 L12 security testing and dependability cases 2013
 
CS 5032 L7 dependability engineering 2013
CS 5032 L7 dependability engineering 2013CS 5032 L7 dependability engineering 2013
CS 5032 L7 dependability engineering 2013
 

Último

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Último (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Resp modellingintro

  • 1. Responsibility modelling, LSCITS ENgD course, 2010 Slide 1 Responsibility Modelling in Socio- technical Systems Ian Sommerville St Andrews University
  • 2. Responsibility modelling, LSCITS ENgD course, 2010 Slide 2 System dependability • General premise of our work is that a significant class of system ‘failures’ are due to inadequate consideration of social, organisational and cultural factors that affect the design and operation of a computer-based system • Often manifested as a misfit between a system and the organisation using that system, resulting in: – User interaction ‘errors’ – Unreliable and inefficient processes – Provision of incorrect or inappropriate information to system users
  • 3. Responsibility modelling, LSCITS ENgD course, 2010 Slide 3 Socio-technical system failure • Failures are not just catastrophic events but normal, everyday system behaviour that disrupts normal work and that mean that people have to spend more time on a task than necessary • A system failure occurs when a direct or indirect user of a system has to carry out extra work, over and above that normally required to carry out some task, in response to some inappropriate system behaviour • This extra work constitutes the cost of recovery from system failure
  • 4. Responsibility modelling, LSCITS ENgD course, 2010 Slide 4 Responsibility • A suitable abstraction for modelling the components and interactions of socio-technical systems of systems “A duty, held by some agent, to achieve, maintain or avoid some given state, subject to conformance with organisational, social and cultural norms.” • More abstract than goals or tasks (but...) • Not (too) concerned with different types of agents • Easier to express less formalised types of work • Easier to discuss with stakeholders
  • 5. Responsibility modelling, LSCITS ENgD course, 2010 Slide 5 Responsibility as an Abstraction Responsibilities Goals Tasks Activities Functions ... “Financial Management” Improve Profitability by 5% over FY
  • 6. Responsibility modelling, LSCITS ENgD course, 2010 Slide 6 Why responsibility? • System failures can result from misunderstandings about responsibilities and failures of people to discharge their responsibilities as expected • Responsibilities are high-level abstractions that define (informally) what is expected of a human or automated agent. No assumptions are made about how an agent will discharge its responsibilities • Responsibilities are natural abstractions that people can relate to and talk about – In system design, technical abstractions (such as objects) that are alien to system stakeholders are often used
  • 7. Responsibility modelling, LSCITS ENgD course, 2010 Slide 7 Responsibility vulnerabilities • Unassigned responsibility • Duplicated responsibility • Uncommunicated responsibility • Misassigned responsibility • Responsibility overload • Responsibility fragility
  • 8. Responsibility modelling, LSCITS ENgD course, 2010 Slide 8 What is a responsibility model? • A succinct definition of the responsibilities in a system, the agents who have been assigned these responsibilities and the resources that should be available to these agents in discharging their responsibilities.
  • 9. Responsibility modelling, LSCITS ENgD course, 2010 Slide 9 Responsibility models • Simple graphical presentation that shows: – Responsibilities – Organisations/people/automated systems who are assigned specific responsibilities (agents) – Authority structures (where appropriate) i. e. information about accountability in an organisation – Responsibility dependencies – Information, and other resources required to discharge responsibilities
  • 10. Responsibility modelling, LSCITS ENgD course, 2010 Slide 10 Types of responsibility models • Planning models – Describe the intended allocation of responsibilities in some situation – Define the agents who should discharge the responsibility – Set out the resources that are normally required to discharge a responsibility • Operational models – Planning models plus annotations that describe: • The agents that are actually assigned a responsibility • The resources that are actually used
  • 11. Responsibility modelling, LSCITS ENgD course, 2010 Slide 11 Responsibility model notation Appoint Govt. Technical Advisor Declaration of Emergency Activate Central Nuclear Emergency Support Centre Activate Scottish Exec. Emergency Room Activate Site Emergency Control Centre <Site Emergency Controller> <Deputy Site Emergency Controller>, <<Scottish Executive>> <<Secretary of State>> Activate North Ayrshire Emergency Room <<Site Owner>> | Reactor Status Report |
  • 12. Responsibility modelling, LSCITS ENgD course, 2010 Slide 12 Contingency Planning • Development of contingency scenarios and plans for coping with incidents • Plans can be for a generic contingency, or specific scenarios (e.g. flooding) • Single agency plans document resources, procedures etc to be utilised by the agency to discharge responsibilities • Inter-organisational plans document the responsibilities that each organisation holds and can expect others to discharge • Planning is evaluated through emergency exercises
  • 13. Responsibility modelling, LSCITS ENgD course, 2010 Slide 13 Problems in Contingency Planning • Contingency plans are often verbose and rarely used during emergency responses • Misunderstandings occur between organisations regarding: – Who holds particular responsibilities – How responsibilities are interpreted • Circumstances may require unexpected agents to discharge responsibilities • The appropriate information may not be available to an agent for a responsibility to be discharged – E.g. Communication infrastructure or process failures
  • 14. Responsibility modelling, LSCITS ENgD course, 2010 Slide 14 Coordination system for CP • Scenarios from a (socio-technical) coordination system for contingency management are used as the driver for our work • Each agency involved has its own C & C system and does not wish to invest in a shared C & C system for managing emergencies • System has to support – Joint planning – Sharing of information from different systems – Audit trail of actions taken during an emergency – Provision of information to managers in the field
  • 15. Responsibility modelling, LSCITS ENgD course, 2010 Slide 15 Responsibility planning model Appoint Govt. Technical Advisor Declaration of Emergency Activate Central Nuclear Emergency Support Centre Activate Scottish Exec. Emergency Room Activate Site Emergency Control Centre <Site Emergency Controller>, <Deputy Site Emergency Controller> <<Scottish Executive>> <<Secretary of State>> Activate North Ayrshire Emergency Room <<Site Owner>> | Reactor Status Report |
  • 16. Responsibility modelling, LSCITS ENgD course, 2010 Slide 16 Information resources Check on safety of vessels in incident area Broadcast Marine Safety Information<<MRCC Clyde>> | Navigation warnings | | Weather warnings | | Subfacts | | Gunfacts | | Alert Broadcast | | Incident information | << Police | NAECC Liaison Officer >> [ VHF Radio ] [ MF Radio ]
  • 17. Responsibility modelling, LSCITS ENgD course, 2010 Slide 17 Responsibility modelling benefits • Responsibility models are a way of facilitating the analysis of responsibilities and discussing responsibilities across organisations • They support risk analysis and the identification of a class of potential vulnerabilities in a system • They serve as a means of identifying information requirements and help identify redundancy and diversity that should be planned for in a system • They may be useful as a means of documenting responsibilities and learning from experience
  • 18. Responsibility modelling, LSCITS ENgD course, 2010 Slide 18 Information requirements • Requirements for information to be provided to agents to help them do their work, requirements for information sharing and access control and requirements for information that is to be generated • When systems are created by integrating and configuring existing systems, their behaviour is constrained. There is limited scope for defining the functionality of a system • We argue that, in such cases, a behavioural approach to requirements specification should be replaced by a focus on the information produced, consumed and shared by the agents in the system
  • 19. Responsibility modelling, LSCITS ENgD course, 2010 Slide 19 Information analysis • We assume that the holder of a responsibility needs some information to discharge that responsibility • Information requirements are concerned with: – What: The information required – Where: The source of that information – How: The channel (or channels) through which that information is delivered – Structure: How the information is organised/should be organised – Presentation: How the information should be presented to a user of that information
  • 20. Responsibility modelling, LSCITS ENgD course, 2010 Slide 20 Deriving information requirements • What information is required to discharge a responsibility? • Where does the information come from? • What channels are used to communicate this information? • What information is recorded in the discharge of this responsibility? • What channels are used to communicate the recorded information? • What are the consequences if the information is unavailable, inaccurate, incomplete, late, early, etc.?
  • 21. Responsibility modelling, LSCITS ENgD course, 2010 Slide 21 Flood emergencies Flood forecasting Initiate Evacuation << Environment agency >> << Silver command >> | Flood warnings | Declare emergency << Local authority >>
  • 22. Responsibility modelling, LSCITS ENgD course, 2010 Slide 22 Initiate Evacuation • Information requirements – Risk assessment showing properties at risk from predicted flooding, predicted times of flooding and the likelihood of flooding in specific areas (Environment agency, local authority) – Information about ‘special properties’ e.g. hospitals, care homes, schools, where the residents will require help to be evacuated (Local authority) – Availability of resources from emergency services and other agencies (Emergency services liaison officers)
  • 23. Responsibility modelling, LSCITS ENgD course, 2010 Slide 23 Information analysis • Risk assessment – An assessment of the areas that are of risk from the flood and the probabilities of flooding in these areas (What info) – Based on flood warnings from environment agency and local knowledge (Where from) – Telephone, web, meetings (Channels) – Areas at risk and imminence of risk; Who made decision and what local knowledge used (What recorded) – Fax to silver command or meeting – Vulnerabilities - discussed later
  • 24. Responsibility modelling, LSCITS ENgD course, 2010 Slide 24 Initiate evacuation Flood forecasting Risk Analysis Initiate Evacuation << Environment agency >> << Environment agency, Local authority >> << Silver command >> | Risk assessment | | Flood warnings | | Resource assessment | | Special properties |
  • 25. Responsibility modelling, LSCITS ENgD course, 2010 Slide 25 Vulnerability analysis • The responsibility model reflects the understanding of an organisation about who is responsible for what and what that responsibility entails • Where multiple agencies are involved, there are likely to be discrepancies between their understanding of responsibility • Examining and comparing models allows us to identify: – Responsibility omissions - responsibilities that each organisation assumes are assigned to some other organisation or which are simply not assigned to any organisation – Responsibility misunderstandings - situations where different organisations understand a responsibility in different ways
  • 26. Responsibility modelling, LSCITS ENgD course, 2010 Slide 26 HAZOPS • A HAZOPs-style ‘what if’ analysis can be applied to the information requirements for each responsibility – Analyses the robustness of the contingency plan in failure circumstances • Guide words were selected to query information channel failure for each requirement: [Do I mean this?] – Early – Late – Never – Inaccurate
  • 27. Responsibility modelling, LSCITS ENgD course, 2010 Slide 27 HAZOPS Analysis
  • 28. Responsibility modelling, LSCITS ENgD course, 2010 Slide 28 Evacuation responsibilities Inland Search and Rescue Arrange Transportation Initiate Evacuation Evacuation Collect Evacuee Information Establish Reception Centres Security Coordinate Evacuation << Silver command >> << District council >> << Fire service >><< County council >><< Police >>
  • 29. Responsibility modelling, LSCITS ENgD course, 2010 Slide 29 Evacuation coordination Inland Search and Rescue Transportation Collect Evacuee Information Establish Reception Centres Coordinate Evacuation << District council >> << Fire service >> << Police >> << County council >> | Reception centre locations | | Evacuee list | | Assembly points |
  • 30. Responsibility modelling, LSCITS ENgD course, 2010 Slide 30 HAZOPS Analysis
  • 31. Responsibility modelling, LSCITS ENgD course, 2010 Slide 31 Deviations • HAZOPS style keyword/consequence method for assessing each information resource: • Example: Priority Premises Resource – Unavailable: Manual premises check required to see if vulnerable people to be evacuated. – Inaccurate: Manual premises check may be necessary. Possible delay in evacuation of vulnerable people. People may be left behind. – Incomplete: Possible delay in evacuation. – Late: Information has to be communicated to units in the field rather than at local coordination centre. – Early: No consequence.
  • 32. Responsibility modelling, LSCITS ENgD course, 2010 Slide 32 Requirements Examples • The coordination system shall maintain a list of priority premises to be evacuated for each town in the local area. – This shall be updated by the local council when the coordination centre is established. (The premises list is maintained by the local government authority but may not be immediately available outside of normal working hours; While a central list may be out of date, it is better than nothing.) • The coordination centre system shall maintain a list of premises evacuated along with the time of evacuation and the units involved in the evacuation.
  • 33. Responsibility modelling, LSCITS ENgD course, 2010 Slide 33 Conclusions Benefits of taking a responsibility perspective: • Naturalness – Responsibility is a natural object of discussion regarding organisations and systems • Scalability – Existing case studies are already sizable • User involvement – Several organisations interested in the modelling approach • Complementarity – Fit with existing conceptual frameworks, e.g. goals, tasks – Early stage RE