This study, Ecology-Inspired Techniques for Resilient Design of Systems of Systems (SoS) set out to determine if a biological ecosystem-inspired approach to the evaluation of engineered systems could identify optimally resilient designs. Degree of System Order (DoSO) is a metric used by ecologists that correlates with the survivability and resilience of a system. The metric is part of an Ecological Network Analysis (ENA) that ecologists use to quantify ecosystem characteristics. Given there is no single measure that captures engineered resilience, the research team ran the analyses to see if they could translate this approach into a tool to evaluate systems architectures early in the design process.
Principal investigators, Rich Malak and Astrid Layton, with the support of PhD student Abheek Chatterjee determined just that. “We now have evidence that this ENA approach can work in SoS designs. This approach is another mode by which you can analyze the resilience of an engineered SoS, and that it can be applied easily and earlier than you might apply detailed threat scenario simulations,” said Malak.
As for any transdisciplinary study the question of whether the discipline specific methodology of ENA would provide a useful framework by which to evaluate the resilience of engineered systems and systems of systems was central. The starting point for this research was the question of whether the ecosystem value range of DoSO known as the “window of vitality” is relevant to systems engineering. The window of vitality is the result of resilient ecosystems all demonstrating a similar degree of system order, suggesting ecologically superior system design rules may exist in nature. Based on her prior work using ENA to translate ecosystem characteristics to human engineered systems such as power grids and industrial resource networks for sustainability and resilience goals, Layton points out that, “ecosystems offer a unique design perspective for systems, and SoS, in that they are able to survive unexpected disturbances while still being able to grow and develop. Humans tend to prioritize efficiency in all things, especially where money is concerned. The unique balance between redundancy and efficiency highlighted by the window of vitality suggests that we may be undervaluing redundancy in our designs when goals shift towards survival. This and other work has shown that adopting ecologically-similar levels of redundancy helps systems survive disturbances without completely compromising other growth focused factors like profit.”
The strength of the tool is that there is no need to hypothesize specific threats, it can generalize system resiliency and provide one way to deal with the ‘unknown unknown’. By narrowing the field of systems architecture candidates to those that fall within the window of vitality, some freedom from having to generate threats models that accurately capture all potential threat scenarios for all candidates is created. It can also incorporate multiple flows within combined physical and non-physical systems networks; manufacturing, flows of money, people, information and so on, looking at anything from changes in policy (such as sanctions) the cost of labor, tax incentives, regulations and other factors that can all be modeled at some level of abstraction.
Malak pointed out there are many potential applications, “There is a wide range of both civil and defense applications such as evaluating the resiliency of supply chains, which is an especially acute issue for DoD acquisition, or systems that are complex and distributed, not owned and managed as a single system such as power infrastructures. As we start to examine the more sophisticated models of behaviors of the nodes within the network – we can start to implement any externalities and hypothesize what the new state, and degree of system order, looks like.”
Malak adds that “we think that for monitored systems, the ‘window of vitality’ can serve as a live indicator of a dynamic network as flows and circumstances change, providing early warning for what might become cascading failures system wide.”
The team is currently working on new case studies, tool refinements and extensions to the method. For example, one extension is the ability to account for uncertainties in flow information and network structure. They welcome contact from those interested in studies of engineered SoS resilience, including both case studies of existing SoS and design studies for new/modified SoS.
Contact the Principal Investigators for more information.