D-FAMS

Context

D-FAMS evolved out of a need to implement past research from DARPA HACMS, CASE and other programs which proved that system componentization and the use of modern systems engineering tools can dramatically speed engineering processes and reduce cyber vulnerabilities during system development, maintenance and sustainment. These research paradigms, however, were struggling with adoption as they were not organized into scalable methodologies and processes that were aligned to organizational engineering outcomes. Thus D-FAMS sought to prove that the creation of a methodology with an aligned set of processes and supporting tools could modernize and impact the speed and accuracy of engineering without increasing costs.

Challenge

Cyber Physical Systems (CPS) such as modern aircraft, medical devices, and automobiles have challenges with integrating their physical components with increasingly large and complex codebases. Although engineers have a good understanding of how changing or upgrading a mechanical component would impact, for example, an aircraft’s ability to fly, much less is understood about the interconnected web of code woven throughout – how it all fits together in the system as a whole, and what depends on what.

As a result, even a seemingly simple software upgrade or component change can have unexpected performance or security impacts. Because software development for these complex cyber-physical systems traditionally relies on artisan and craft practices, certifying even the simplest modification can be extremely time-consuming and expensive, while dependence on underlying hardware limits reuse, portability, and reconfigurability. The result is high lifecycle costs and slow response to roll out system features, enhancement or security/safety fixes.

This isn’t an isolated problem: the same delays, costs, and risks are par for the course across cyber-physical systems, from satellites to hospitals to power plants and beyond.  To meet tomorrow’s strategic demands, and to retain the United States’ global technological advantage, the U.S. Air Force needs to drastically reduce the time and cost to field, maintain, and sustain new capabilities.

Solution

In the Digital Future Acquisition, Maintenance, and Sustainment (D-FAMS) project, Galois is working with the U.S. Air Force to develop an end-to-end Rigorous Digital Engineering (RDE) solution to this challenge.

RDE encompasses a model-based systems engineering (MBSE) methodology, infused with the rigor of formal methods, and equipped with a set of integrated analysis tools that can precisely and accurately reason about requirements and systems architectures, as well as both software and hardware implementations. At each step in the systems engineering process, RDE facilitates traceability and mechanized analysis with mathematical precision which enables rapid change with confidence.

With D-FAMS, we are creating a handbook of methodologies, processes, and procedures for conducting RDE across Air Force uses cases; building an extensible MBSE development environment, including integrated and automated tooling, to make those MBSE processes possible; and a representative demonstration of our RDE methodologies and toolings on the SuperVolo UAV platform.

Our approach leverages digital-first design and development methodologies that wholly embrace modular and standardized architectures (e.g., MOSA, SOSA, OMS), shift verification and validation left, streamline the software development lifecycle, and facilitate the use of digital artifacts to support certification efforts. In addition to streamlining the development of from-scratch correct-by-construction systems, our RDE methodology gives us the ability to retrofit legacy systems or reuse legacy components – auto-generating models from legacy codebases, then generating new code, interfaces, and tests based on those models.

Value Add

Reduced time and cost to develop, maintain, and sustain complex cyber-physical systems

  • Accelerated Compliance
  • Efficient Integration and Interoperability
  • Increased Safety, Security, and Reliability
  • Improved Documentation and Traceability to Requirements
  • Streamlined Maintenance, Sustainment, and Modernization
  • Automated Test and Architecture-Driven Development
  • Reduced Cost due to Significant Increases in Efficiency and Speed

How it Works

Our methodology has four key phases: Frame, Model, Analyze, and Contain.

Phase 1: Frame

In phase 1, we frame the challenge in terms of a need or a goal – for example, introducing a new component to an existing cyber-physical system, the impact of which is unknown.

Phase 2:  Model

Next, we create a dynamic digital map, or model, of the hardware and software that explicitly shows how each component relies on, or is relied on by, other components throughout the system. With this map in hand, our systems engineers can test changes in a virtual environment, receiving immediate, automated feedback about the impact of that change. This mapmaking process is done using industry standard modeling languages, like SysML, and Galois-developed tools, like Taphos, which automatically analyzes code, generating a map of the dependency relationships between each component. Together, these tools give system engineers and platform managers the data they need to make well-informed decisions regarding change, impact and risk.

Phase 3: Analyze

Once we have a model of the system, we can use Galois tools like MADS to annotate the architecture and define analyzable component domains and relationships. For example, if we want to update a system’s software to mitigate a cybersecurity threat, our tools can tell us which other components in the system might be impacted by a change to that software. If we want to upgrade the system architecture so that future upgrades have minimal re-verification requirements, our tools can tell us exactly where to change the architecture to move towards maximum flexibility.

Phase 4: Contain

Finally: optimizing the system for modularity. By analyzing the virtual system map created in the “Model” step, we learn where interfaces, cross-domain solutions, and Government Reference Architectures like FACE and OMS can be strategically applied to isolate domains and increase modularity for faster deployment and lower cost.

Once the system has been mapped and modeled, and its domains analyzed and isolated for modularity, we can use tools like Tangram Pro® to automatically generate standards-compliant code and components dramatically faster, with full understanding of impact.

Impact

The project successfully demonstrated four key facets:

  1. Systems engineering practices can be automated with the support and use of standards and architectures
  2. Certification practices can benefit from the use of digital-first artifacts to simplify and speed certification attainment
  3. Digital-first practices can create longitudinal system artifacts to support life-cycle engineering from research to development, acquisition, maintenance and sustainment
  4. We can retrofit legacy systems to digital first engineering practices

The era of guesswork in systems engineering is coming to an end. With D-FAMS, Galois is leading the way towards a future where every complex system is just a blueprint away from rapid change — ready for whatever the world demands next.

Meet the TEAM