Author_Institution :
Dept. of Electr. & Comput. Eng., Missouri-Rolla Univ., Rolla, MO
Abstract :
Summary form only given. The very label "critical infrastructure" implies that such systems are important. They are. Within the US alone, there are approximately 28,600 networked Federal Deposit Insurance Corporation (FDIC) institutions, 2 million miles of oil/gas pipelines, 2,800 power plants with 300,000 production sites, 104 nuclear power plants, 80,000 dams, 60,000 chemical plants, 87,000 food processing plants, and 1,600 water treatment plants. And, this is just part of our national infrastructure. Add to this telecommunications and other "everyday" utilities and the scope is enormous. Most of these systems, alone, would qualify as a network-centric system; that is, a system of systems (SoS) whose totality provides additional functionality over each of the aggregate systems - in other words, an SoS is truly greater than the sum of each of its parts. For example, in the electric power grid, a utility can trade power daily (even hourly) with its neighbors, thereby assuring its customers of continued service. This connectivity provides robustness of service; unfortunately, it also provides an access point for interdependency which can lead to a cascading failure, - "the domino effect" that was seen in the 14 August 2003 blackout and numerous other incidents. With the realization that most network-centric systems are critical comes the acceptance that we need to make these systems more "trustworthy". Given the complexity and scale of these systems, zero-defect software (while admirable) is a daunting goal. Trustworthiness, however, may be achievable. By trustworthiness we mean that "as humans" we expect that the "non-human system" will behave in some reliable, predictable form with "reasonable" recovery techniques when problems are encountered. This paper highlights the network-centric system attributes which should be considered in any integration effort, as well as commercial off-the-shelf (COTS) encapsulation techniques, and other engineering trade-offs in a lar- - ge-scale design and development effort
Keywords :
safety-critical software; security of data; aggregate systems; commercial off-the-shelf encapsulation; network-centric system; nonhuman system; service robustness; system of systems; trustworthy computing needs; zero-defect software; Aggregates; Chemical processes; Chemical products; Insurance; Petroleum; Pipelines; Power generation; Power systems; Production; Robustness;
