4-day-mbse-with-core9_2018-reva

The Problem

• The systems that we develop are usually dynamic. Thus, the system specification should be dynamically consistent and executable at the system level • Can it be achieved by confirming that the individual subsystems are executable? • No. Modern Control Theory shows that just having executable subsystems does not provide an executable system. • Can we use simulation of the design? • Yes, but common dynamic verification simulators are not exact representations of the system being specified (see next chart) • If not executable, what happens? • Achievement of dynamic consistency is left to integration and test teams, or • The System fails to meet operational needs

327

How It Is Commonly Done?

• Give the simulator team a copy of our preliminary system specification (a word document or spreadsheet) • They interpret it and build the simulator • If the delivered simulator results seem reasonable, it is accepted • Question: Does the simulator team ever return a simulator that does not run? • Developers “debug” the simulation until it runs and seems to give reasonable answers • Debugging simulator code often modifies the system concept by accident • Results? • We dynamically verified a system that is different than specified • Integration and test team will likely find problems that must be fixed

328