Eliciting safety policy and balancing with operational fitness in systems of systems

Systems of Systems (SoS) demonstrate a number of distinguishing characteristics, such as the autonomy of their constituent systems and the resulting emergent behaviour. The elements of SoS are united by a common purpose but, in order to operate in a manner that does not lead to accidents, must also comply with a consistent set of rules. Policy is just such a set of rules that provides an effective means for constraining the behaviour of the elements in a SoS within the boundaries of acceptably safe behaviour. However, addressing safety as the utmost objective can affect, and potentially compromise, other operational characteristics of the SoS, such as performance, mission effectiveness and availability. This can have an adverse effect on the SoS achieving operational objectives, consequently leading to unacceptable operation. In this paper we present and demonstrate how we can balance safety with other operational characteristics. This is achieved by assessing the operational consequences of policy implementation decisions and by making justified trade-offs. This is illustrated using a Network Centric Warfare (NCW) example.