MBSE

Model Based Systems Engineering (MBSE)
Process Using SysML for Architecture

Design, Simulation and Visualization
October 20, 2011

Senior Principal Enterprise Architect
gundars.osvalds@ngc.com
Northrop Grumman
Copyright 2010 NORTHROP GRUMMAN CORPORATION
Objectives
Motivation and description of an Model-Based Systems
Engineering (MBSE) approach
Present a sample Architecture, Simulation and Visualization
Application of processes and tools for MBSE
OMG Systems Modeling Language (SysML)
IBM Rational Harmony Process for Systems Engineers
IBM Rational Rhapsody modeling tool for SysML and Harmony
Agenda
Applying Modeling and Simulation for Systems Engineering
Conceptual Model Black Box

Logical Model White Box
Visualization Executable Model
Outline
Applying Modeling and Simulation to System Engineering
Architectural Modeling Purpose
Advantages Model Based Systems Engineering (MBSE)
SysML and Model Based Systems Engineering
SysML Model Functional Grouping
MBSE Process Using SysML Rhapsody and Harmony
Application of Modeling
Demo Problem Description
Architectural Modeling Purpose

Why
To provide a solution that satisfies the Stakeholders
When
Before implementation is started
What
Documents the design of the solution
How
Use the Systems Modeling Language (SysML) specification for models
Where
Executable Architecture provides system Simulation and Visualization
Who
Systems Engineer and Architect
Advantages of Model Based Systems Engineering

Provides a mechanism to capture and verify requirements
Requirements can be allocated and traced to its source

Diagrams are integrated with each other to provide a cohesive view of the
architecture
Models are used to define message definition and port interfaces that
define the systems interface specification
System integration and testing risks are reduced with the use of model
diagrams that are the basis for system specifications and test plans
Objects can be defined with interfaces (messages, message formats, and
ports) and functions be defined with models that can be simulated
6
SysML and
Model Based Systems Engineering (MBSE)
SysML was developed as an extension to UML to provide a modeling
capability for the Systems Engineers to create static and dynamic models
of the systems architecture
Uses SysML to:
Support the concepts of describing a model with all activities performed by one or more
system scenarios
Provide allocation of scenario activates to objects that can then be defined as system
hardware components
Implement the architectural model using state diagram that when executed provide a
simulation of the scenario execution on the architectural model
Provides a verification of model execution state diagram functionality against the
designed scenario activities and interactions between actors and the system
MBSE Strategic Roadmap

MBSE Capability
System of systems
interoperability
Reduced cycle times
Institutionalized
MBSE across
Academia/Industry
Design optimization across broad trade space

Cross domain effects based analysis
Distributed & secure model repositories

crossing multiple domains
We are here
Well
Defined
MBSE
Maturity
Defined MBSE theory, ontology, and formalisms
Architecture model integrated

with Simulation, Analysis, and Visualization
Matured MBSE methods and metrics,

Integrated System/HW/SW models
Ad Hoc MBSE
Document Centric
Emerging MBSE standards
2010
2020
Source: INCOSE MBSE Initiative, June 2007
2025
Four Pillars of SysML

Requirements -
Operational,
functional, and non-functional requirements
and their relationships with other
requirements and/or model objects.
Structure -
Enterprise and system

level contexts from both the logical and
physical viewpoints.
Behavior -Intended and unintended
behaviors for a given system of interest.
Parametrics - Formal relationships
and constraints levied on system and its

components such as Measures of
Effectiveness/Key Performance Parameters
(MOEs/KPPs). Tied to system architecture
and/or Processes. Allows SEs to perform
various systems analysis activities such as
trade studies, engineering budgets and
design optimization.
9
Source: The OMG SysML Resource Page, 11 February 2008

SysML Pillar Artifacts

SysML can be grouped into four functional areas
Each group is implemented using the shown SysML diagrams
The groups also interact with each other to provide a cohesive architectural
model
Requirements
(system, subsystem,
component)
Parametrics
Structure
(mathematic formulas,
constraints)
(external, and internal

block)
Behavior
(use case, activity, sequence,
state machine)
10
Modeling Framework for MBSE

SE Domain Models
Requirements
Models
Non-functional
Requirements
Parametrics
Models
(Mathematic Formulas and
Constraints)
Other Engineering Domain

Models
(DOORS, ReqPro, Excel)
Design
Parameters
Structure
Models
Functional
Requirements
Behavior
Models
Structure and
Interfaces
(Use Case, Activity, Sequence

and State Machine)
(External and Internal Block)
Sequence
Network Component
Specifications
H/W Component
Specifications
S/W Component
Specifications
System
Visualizations
(GUI Software)
Network
Design
Models
(OPNET, QUALNET)
Hardware
Design
Models
(VHDL, Modelica, Matlab)
Software
Design
Models
(UML)
11
IT TAKES MANY MODELS TO DESCRIBE A SYSTEM

MBSE Process Using SysML Rhapsody and

Harmony
12
12
Application of Modeling
Modeling artifacts can support the development of:
Concept of Operations
specification (CONOP)
System Capabilities
Validation
Architecture Design
System Data use and flow
Component Specifications
Software
Hardware
Inputs to OpNet
performance modeler
Software
Activities
Messages
Data
Hardware
Parts list
Interconnect diagram
System Interface Verification
Test Plans
Architecture
Scenarios
13
Demo Problem Description

Data Exfiltration Using Botnet Demo
Hacker wants to gain access to User data on his system and have it sent back
Hacker created a Botnet consisting of multiple Drones (use of un-secure computers)

that are used to attack the User
On each Drone the hacker uses a Command and Control Computer to remotely install
Malware
User protection consists of a Firewall and Analyst to evaluate questionable messages

If Firewall or Analyst determine message sent is an attack then the message is blocked
from accessing the Users system
If Malware command gets through (unrecognized signature) the Firewall and Analyst
then the Malware downloads data from the Users system to the Hacker
14
Conceptual Model - Black Box
System Requirements- Black Box Diagrams
15
Use Case
Sequence Executable
Activity Scenario
State Executable
Sequence
Sequence Verified vs. Executable
Internal Block
State
Sub-State
System Requirements
Requirements in the
model supports
automated traceability
and allocation
16
BB Use Case
Define system context,

interfaces and
capabilities
17
BB Activity - Scenario
This activity will be highlighted
throughout this presentation
<<refine>>
fromExcel
REQ04 - Initialize Botnet

ID = REQ04
The hacker will s end t he command to the
Command Computer to create a Botnet
of Drones.
<<refine>>
fromExcel
REQ06 - Traceabilit y Av oidance

ID = REQ06
The hacker will attempt t o av oid det ection
by using a Botnet .
Engineer define actions

required to perform
scenario operations
18
BB Sequence
fromExcel
REQ08 - Malware
ID = REQ08
The hacker will c reate Malware to be
host ed by a Drone.
<<refine>>
Auto generate
sequences from
Activity diagram
19
fromExcel
<<refine>>
ID = REQ04
of Drones.
BB Internal Block
fromExcel

ID = REQ04
of Drones.
<<refine>>
Auto allocate messages and

operations to components
20
BB State
fromExcel
REQ02 - Creat e Botnet
Cyber Enterprise State
ID = REQ02
The hacker will c reate a Botnet to
perf orm t he at tack against the target.
fromExcel

ID = REQ04
of Drones.
<<refine>>
<<refine>>
HIGH LEVEL
<<refine>>
<<refine>>
fromExcel
REQ09 - Analy st
fromExcel
ID = REQ09
REQ16 - Data Exf iltrat ion

ID = REQ16
The hacker will be able to remov e sensitiv e data
f rom the target machine and copy it to his own
<<refine>>
21
This is the state model of

the activities defined to
satisfy the requirements
The analy st will be alerted to sus picious

traf f ic.
BB Sub-State
fromExcel

ID = REQ04
of Drones.
<<refine>>
Develop the
behavior of
systems via the
executable model
that is driven by the
states
Cyber Enterprise State
<<refine>>
fromExcel
REQ07 - Targets
ID = REQ07
The hacker will be able to at tack multiple
targets simultaneously v ia the Drones.
22
BB Sequence - Executable
<<refine>>
fromExcel

ID = REQ04
of Drones.
<<refine>>
Validate the
executable
sequence against
the scenario
requirements
fromExcel

ID = REQ06
by using a Botnet .
23
BB State Executable - Visualized
<<refine>>
fromExcel
REQ07 - Targets
ID = REQ07
fromExcel

ID = REQ04
<<refine>>
of Drones.
The Rhapsody
modeling tool
provides a built-in
visualization of
each state as the
model is executed
24
BB Sequence Verified Versus Executable
Verify that the

executable
sequence diagrams
accurately
implements the
designed scenario
25
Logical Model White Box
White Box Diagrams

Activity Swim Lanes
Sequence Logical
Internal Block Physical

Block Definition Physical
State Allocated
Sub-State Allocated
Sequence Executable
State Executable
Sequence Verified vs. Executable
26
WB Activity Swim Lanes
Add swim lanes

to original Black
Box Diagram
and allocate
Activities to the
objects
<<refine>>
Black Box Activity

fromExcel

ID = REQ04
of Drones.
27
WB Sequence
Presents the five
objects that
execute the use
case functionality
fromExcel
fromExcel
ID = REQ04
of Drones.
REQ08 - Malware
ID = REQ08
The hacker will c reate Malware to be
host ed by a Drone.
<<refine>>
<<refine>>
<<refine>>
fromExcel

ID = REQ06
28

by using a Botnet .
WB Internal Block
Objects are
shown with
Operations and
Messages
automatically
allocated from the
White Box
Activity/Sequence
diagrams
Black Box Internal Block
29
WB Block Definition
System Objects are Logical but can be

allocated to Physical devices
30
WB State - Allocated
fromExcel

ID = REQ04
Detail
DETAIL
<<refine>>

of Drones.
<<refine>>
<<refine>>
HIGH LEVEL
From BB Cyber Enterprise State
Re-uses state operations

from the BB state diagram
31
WB Sub-State - Allocated
fromExcel

ID = REQ04
of Drones.
<<refine>>
Re-used state
operations
integrated into
Hostile Enterprise
Object
32
fromExcel
REQ07 - Targets
ID = REQ07
<<refine>>
WB Sequence - Executable
fromExcel

ID = REQ04
of Drones.
<<refine>>
Check for proper

execution of
reapportioned state
diagram
33
WB State Executable - Visual

The Rhapsody
modeling tool
provides a built-in
visualization of
each state as the
model is executed
<<refine>>
fromExcel
REQ07 - Targets
fromExcel
ID = REQ07

ID = REQ04
of Drones.
<<refine>>
34
WB Sequence Verified vs. Executable
Verify that the

reallocate activities
correctly
implement the
scenarios in each
object
35
Visualization
Purpose
Verification of Requirements
Models provides a mechanism to verify that Requirements are implemented in
the design
Validation of Design
The model visualization allows the Stakeholder to Validate that the systems
performs that capabilities that were intended
Demonstration
Visualization of Executable Demo on World Map
A high level animation is shown on the world map to present visually how
attacks are directed and detected
36
Demo
37
Hacker Uploading Malware to Command and

Control
1. Hacker creates Malware

2. Uploads Malware to Command and Control computer
3. CC uploads Malware to Drones
4. Hacker instructs CC to command the Drones to attack User
5. Drones use Malware to attack the Firewall

6. Attack is blocked by Firewall or
7. Firewall routes attack packets to either Analyst or User
Attack is blocked by Analyst
or
Attack of User is successful and sends Exfiltrated data to Hacker via

the Drones to the CC computer and then back to Hacker
38
Command and Control Uploads Malware to

Drones

or
39
Drones Use Malware to Attack Firewall

or
40
Firewall Blocks Packet

or
41
Firewall Routes Attack Packets to Analyst

or
42
Analyst Blocks Packet

or
43
Firewall Routes Attack Packets to User


or
44
Successful Data Exfiltration to Hacker

or
45
Conclusions
The Model Based System Engineering capability:

Reduce design and specification errors that have to be corrected at
greater cost during the system development
Reduced manually induced design errors since the tool has the
capability to automatically create diagrams from data entered into the
previous diagram
Provides for modeling of the requirements in the architecture of the
system for an integrated view of the system
The simulation of the architecture and its visualization provided a more

accurate view for the Stakeholders to determine that the design meets
the needs their needs
46
Data Exfiltration Using a Botnet Model Simulation
Video
YouTube: Search NGMBSE
47
Questions
Gundars Osvalds
Senior Principal Enterprise Architect
Northrop Grumman
gundars.osvalds@ngc.com
48

MBSE

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

MBSE

Încărcat de

Drepturi de autor:

Formate disponibile

Model Based Systems Engineering (MBSE)

Process Using SysML for Architecture

October 20, 2011

Copyright 2010 NORTHROP GRUMMAN CORPORATION

Conceptual Model Black Box

Visualization Executable Model

Copyright 2010 NORTHROP GRUMMAN CORPORATION

Applying Modeling and Simulation to System Engineering

Architectural Modeling Purpose

Advantages Model Based Systems Engineering (MBSE)

SysML and Model Based Systems Engineering

SysML Model Functional Grouping

MBSE Process Using SysML Rhapsody and Harmony

Demo Problem Description

Copyright 2010 NORTHROP GRUMMAN CORPORATION

Architectural Modeling Purpose

Copyright 2010 NORTHROP GRUMMAN CORPORATION

Advantages of Model Based Systems Engineering

Requirements can be allocated and traced to its source

Copyright 2010 NORTHROP GRUMMAN CORPORATION

Copyright 2010 NORTHROP GRUMMAN CORPORATION

MBSE Strategic Roadmap

Reduced cycle times

Design optimization across broad trade space

Distributed & secure model repositories

Defined MBSE theory, ontology, and formalisms

Architecture model integrated

Matured MBSE methods and metrics,

Emerging MBSE standards

Copyright 2010 NORTHROP GRUMMAN CORPORATION

Four Pillars of SysML

Enterprise and system

Behavior -Intended and unintended

behaviors for a given system of interest.

Parametrics - Formal relationships

and constraints levied on system and its

Source: The OMG SysML Resource Page, 11 February 2008

SysML Pillar Artifacts

(external, and internal

Copyright 2010 NORTHROP GRUMMAN CORPORATION

Modeling Framework for MBSE

Other Engineering Domain

(DOORS, ReqPro, Excel)

(Use Case, Activity, Sequence

(External and Internal Block)

(VHDL, Modelica, Matlab)

IT TAKES MANY MODELS TO DESCRIBE A SYSTEM

MBSE Process Using SysML Rhapsody and

Copyright 2010 NORTHROP GRUMMAN CORPORATION

System Data use and flow

System Interface Verification

Copyright 2010 NORTHROP GRUMMAN CORPORATION

Demo Problem Description

Hacker created a Botnet consisting of multiple Drones (use of un-secure computers)

User protection consists of a Firewall and Analyst to evaluate questionable messages

Copyright 2010 NORTHROP GRUMMAN CORPORATION

Conceptual Model - Black Box

System Requirements- Black Box Diagrams

Sequence Verified vs. Executable

Copyright 2010 NORTHROP GRUMMAN CORPORATION

Copyright 2010 NORTHROP GRUMMAN CORPORATION

Define system context,

Copyright 2010 NORTHROP GRUMMAN CORPORATION

REQ04 - Initialize Botnet