Interim Report of a Review of the Next Generation
Air Transportation System Enterprise Architecture,
Software, Safety, and Human Factors

Committee to Review the Enterprise Architecture, Software Development Approach, and
Safety and Human Factor Design of the Next Generation Air Transportation System

Computer Science and Telecommunications Board

Division on Engineering and Physical Sciences

NATIONAL RESEARCH COUNCIL
                         OF THE NATIONAL ACADEMIES

THE NATIONAL ACADEMIES PRESS

Washington, D.C.

www.nap.edu



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement



Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page R1
Interim Report of a Review of the Next Generation Air Transportation System Enterprise Architecture, Software, Safety, and Human Factors Committee to Review the Enterprise Architecture, Software Development Approach, and Safety and Human Factor Design of the Next Generation Air Transportation System Computer Science and Telecommunications Board Division on Engineering and Physical Sciences

OCR for page R1
THE NATIONAL ACADEMIES PRESS  500 Fifth Street, NW  Washington, DC 20001 NOTICE: The project that is the subject of this report was approved by the Governing Board of the National Research Council, whose members are drawn from the councils of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the committee responsible for the report were chosen for their special competences and with regard for appropriate balance. This project was supported by the Federal Aviation Administration under award number DTFAWA-12-A-80013. Any opinions, findings, conclusions, or recommendations expressed in this publication are those of the author(s) and do not necessarily reflect the view of the organizations or agencies that provided support for this project. Additional copies of this report are available from: The National Academies Press 500 Fifth Street, NW, Keck 360 Washington, DC 20001 (800) 624-6242 (202) 334-3313 http://www.nap.edu Copyright 2014 by the National Academy of Sciences. All rights reserved. Printed in the United States of America

OCR for page R1
The National Academy of Sciences is a private, nonprofit, self-perpetuating society of distinguished scholars engaged in scientific and engineering research, dedicated to the furtherance of science and technology and to their use for the general welfare. Upon the authority of the charter granted to it by the Congress in 1863, the Academy has a mandate that requires it to advise the federal government on scientific and technical matters. Dr. Ralph J. Cicerone is president of the National Academy of Sciences. The National Academy of Engineering was established in 1964, under the charter of the National Academy of Sciences, as a parallel organization of outstanding engineers. It is autonomous in its administration and in the selection of its members, sharing with the National Academy of Sciences the responsibility for advising the federal government. The National Academy of Engineering also sponsors engineering programs aimed at meeting national needs, encourages education and research, and recognizes the superior achievements of engineers. Dr. C. D. Mote, Jr., is president of the National Academy of Engineering. The Institute of Medicine was established in 1970 by the National Academy of Sciences to secure the services of eminent members of appropriate professions in the examination of policy matters pertaining to the health of the public. The Institute acts under the responsibility given to the National Academy of Sciences by its congressional charter to be an adviser to the federal government and, upon its own initiative, to identify issues of medical care, research, and education. Dr. Harvey V. Fineberg is president of the Institute of Medicine. The National Research Council was organized by the National Academy of Sciences in 1916 to associate the broad community of science and technology with the Academy’s purposes of furthering knowledge and advising the federal government. Functioning in accordance with general policies determined by the Academy, the Council has become the principal operating agency of both the National Academy of Sciences and the National Academy of Engineering in providing services to the government, the public, and the scientific and engineering communities. The Council is administered jointly by both Academies and the Institute of Medicine. Dr. Ralph J. Cicerone and Dr. C. D. Mote, Jr., are chair and vice chair, respectively, of the National Research Council. www.national-academies.org

OCR for page R1
Other Recent Reports of the Computer Science and Telecommunications Board Geotargeted Alerts and Warnings: Report of a Workshop on Current Knowledge and Research Gaps, 2013. Professionalizing the Nation’s Cybersecurity Workforce? Criteria for Future Decision-Making, 2013. Public Response to Alerts and Warnings Using Social Media: Summary of a Workshop on Current Knowledge and Research Gaps, 2013. Continuing Innovation in Information Technology, 2012. Computing Research for Sustainability, 2012. The Safety Challenge and Promise of Automotive Electronics: Insights from Unintended Acceleration, 2012 (with the Board on Energy and Environmental Systems and the Transportation Research Board). Strategies and Priorities for Information Technology at the Centers for Medicare and Medicaid Services, 2011. The Future of Computing Performance: Game Over or Next Level?, 2011. Wireless Technology Prospects and Policy Options, 2011. Public Response to Alerts and Warnings on Mobile Devices: Summary of a Workshop on Current Knowl- edge and Research Gaps, 2011. Critical Code: Software Producibility for Defense, 2010. Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy, 2010. Achieving Effective Acquisition of Information Technology in the Department of Defense, 2010. Improving State Voter Registration Databases, 2010. Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop, 2010. Limited copies of CSTB reports are available free of charge from: Computer Science and Telecommunications Board National Research Council The Keck Center of the National Academies 500 Fifth Street, NW, Washington, DC 20001 (202) 334-2605/cstb@nas.edu www.cstb.org iv

OCR for page R1
Committee to Review the Enterprise Architecture, Software Development Approach, and Safety and Human Factor Design of the Next Generation Air Transportation System DAVID E. LIDDLE, U.S. Venture Partners, Chair STEVEN M. BELLOVIN, Columbia University JOHN-PAUL B. CLARKE, Georgia Institute of Technology GEORGE L. DONOHUE, George Mason University R. JOHN HANSMAN, JR., Massachusetts Institute of Technology MATS P.E. HEIMDAHL, University of Minnesota, Twin Cities JOHN C. KNIGHT, University of Virginia LEON J. OSTERWEIL, University of Massachusetts, Amherst WALKER E. ROYCE, International Business Machines Corporation GAVRIEL SALVENDY, Purdue University THOMAS B. SHERIDAN, Massachusetts Institute of Technology ROBERT F. SPROULL, University of Massachusetts, Amherst JAMES W. STURGES, Independent Consultant, Greer, South Carolina ELAINE WEYUKER, Independent Consultant, Metuchen, New Jersey Staff JON EISENBERG, Director, Computer Science and Telecommunications Board LYNETTE I. MILLETT, Associate Director, Computer Science and Telecommunications Board DWAYNE A. DAY, Senior Program Officer, Aeronautics and Space Engineering Board VIRGINIA BACON TALATI, Program Officer, Computer Science and Telecommunications Board ERIC WHITAKER, Senior Program Assistant, Computer Science and Telecommunications Board v

OCR for page R1
COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD ROBERT F. SPROULL, University of Massachusetts, Amherst, Chair LUIZ ANDRE BARROSO, Google, Inc. ROBERT F. BRAMMER, Brammer Technology, LLC EDWARD FRANK, Apple, Inc. JACK L. GOLDSMITH III, Harvard Law School SEYMOUR E. GOODMAN, Georgia Institute of Technology LAURA HAAS, IBM Corporation MARK HOROWITZ, Stanford University MICHAEL KEARNS, University of Pennsylvania ROBERT KRAUT, Carnegie Mellon University SUSAN LANDAU, Google, Inc. PETER LEE, Microsoft Corporation DAVID E. LIDDLE, U.S. Venture Partners BARBARA LISKOV, Massachusetts Institute of Technology JOHN STANKOVIC, University of Virginia JOHN A. SWAINSON, Dell, Inc. PETER SZOLOVITS, Massachusetts Institute of Technology ERNEST J. WILSON, University of Southern California KATHERINE YELICK, University of California, Berkeley Staff JON EISENBERG, Director VIRGINIA BACON TALATI, Program Officer SHENAE BRADLEY, Senior Program Assistant RENEE HAWKINS, Financial and Administrative Manager HERBERT S. LIN, Chief Scientist LYNETTE I. MILLETT, Associate Director ERIC WHITAKER, Senior Program Assistant For more information on CSTB, see its website at http://www.cstb.org, write to CSTB, National Research Council, 500 Fifth Street, NW, Washington, DC 20001, call (202) 334-2605, or e‑mail the CSTB at cstb@nas.edu. vi

OCR for page R1
Preface The Next Generation Air Transportation System (NextGen) is an effort begun in 2003 whose goals include improving the capacity, efficiency, and safety of the U.S. air transportation system and also enabling reduction in noise, pollution, and energy use. The Federal Aviation Administra- tion (FAA), and various stakeholders, including equipment providers, airlines, and contractors, are currently implementing both near-term and midterm capabilities of this effort. Section 212 of the FAA Modernization and Reform Act of 2012, Public Law 112-95 (Box P-1) called for an examination of NextGen’s enterprise architecture and related issues by the National Research Council (NRC). The project that was a result of this call was funded by the FAA. The Committee to Review the Enterprise Architecture, Software Development Approach, and Safety and BOX P-1 FAA Modernization and Reform Act of 2012, Public Law 112-95 SEC. 212. EXPERT REVIEW OF ENTERPRISE ARCHITECTURE FOR NEXTGEN. (a) REVIEW.—The Administrator of the Federal Aviation Administration shall enter into an arrangement with the National Research Council to review the enterprise architecture for the NextGen. (b) CONTENTS.—At a minimum, the review to be conducted under subsection (a) shall— (1)  highlight the technical activities, including human- system design, organizational design, and other safety and human factor aspects of the system, that will be necessary to successfully transition cur- rent and planned modernization programs to the future system envisioned by the Joint Planning and Development Office of the Administration; (2)  assess technical, cost, and schedule risk for the software development that will be necessary to achieve the expected benefits from a highly automated air traffic management system and the impli- cations for ongoing modernization projects; and (3)  determine how risks with automation efforts for the NextGen can be mitigated based on the experi- ences of other public or private entities in developing complex, software-inten-sive systems. (c) REPORT.—Not later than 1 year after the date of enactment of this Act, the Administrator shall submit to the Committee on Transportation and Infrastructure of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate a report containing the results of the review conducted pursuant to subsection (a). vii

OCR for page R1
BOX P-2 Statement of Task As stipulated in Sec. 212 of the FAA Modernization and Reform Act of 2012, PL 112-95, a National Research Council study would review the enterprise architecture, software development approach, and safety and human factor design aspects of the Next Generation Air Transportation System (NextGen). An ad hoc committee will conduct a study and prepare a report that will (1) highlight the technical activities, including human-system design and testing, organizational design, and other safety and human factor aspects of the system, that will be necessary to successfully transition current and planned modernization programs to the future system envisioned by the Joint Planning and Development Office of the Administration and obtain necessary certifications and operational approval; (2) assess technical, cost, and schedule risk for the soft- ware development that will be necessary to achieve the expected benefits from a highly automated air traffic management system and the implications for ongoing modernization projects; and (3) determine how risks with automation efforts for the NextGen can be mitigated based on the experiences of other public or private entities in developing complex, software-intensive systems, particularly for life-critical, real-time operational systems, and including past aviation system development programs. The committee will issue a brief interim report within 12 months providing an initial assessment focusing on software development challenges and a final report within 18 months providing a full assessment of the issues listed above. Human Factor Design of the Next Generation Air Traffic System was formed under the auspices of the NRC’s Computer Science and Telecommunications Board in 2012 to conduct the study. The statement of task for the study committee can be found in Box P-2. The study committee has received a number of briefings on NextGen efforts, particularly as related to the study’s focus on enterprise architecture, software development approach, safety, and human factors. For the purposes of this interim report, the committee offers a brief encapsulation of some of the areas of focus and concern it has been discussing up to this point in the study process. The original focus of this interim report was expected to be on software development challenges, per the statement of task (see Box P-2). Based on what it has learned so far, coupled with the fact that software development is affected by every stage (from conception to deployment and mainte- nance) of system development and integration, the committee has reframed that discussion around the challenges of system architecture for software-intensive systems. Chapter 1 offers context and background information, Chapter 2 briefly discusses numerous and complex constraints to which the FAA and NextGen are subject, and Chapter 3 describes the committee’s emerging areas of focus and concern, along with some of the questions that have been under discussion thus far in the study process. Committee biographies can be found in Appendix A. A list of briefers from meetings prior to the release of this interim report can be found in Appendix B. The committee thanks the FAA staff and the other experts who took the time to brief the com- mittee. The committee also thanks the reviewers who made many thoughtful comments and also had several suggestions regarding additional topics to explore. The committee expects to receive additional briefings and inputs and explore those and other topics further and is reliant on timely availability of FAA staff and information to do so. The committee expects to issue its final report with findings and recommendations in 2014. David E. Liddle, Chair Committee to Review the Enterprise Architecture, Software Development Approach, and Safety and Human Factor Design of the Next Generation Air Transportation System viii

OCR for page R1
Acknowledgment of Reviewers This report has been reviewed in draft form by individuals chosen for their diverse perspec- tives and technical expertise, in accordance with procedures approved by the National Research Council’s Report Review Committee. The purpose of this independent review is to provide candid and critical comments that will assist the institution in making its published report as sound as possible and to ensure that the report meets institutional standards for objectivity, evidence, and responsiveness to the study charge. The review comments and draft manuscript remain confidential to protect the integrity of the deliberative process. We wish to thank the following individuals for their review of this report: Laura Haas, IBM Corporation, Norman Fujisaki, Independent Contractor, Broadlands, Virginia, Barbara Liskov, Massachusetts Institute of Technology, Amadeo Odoni, Massachusetts Institute of Technology, Amy Pritchett, Georgia Institute of Technology, William Scherlis, Carnegie Mellon University, Edmond Soliday, United Airlines (ret.), John Swainson, Dell, Inc., and John Tracy, The Boeing Company. Although the reviewers listed above have provided many constructive comments and sugges- tions, they were not asked to endorse the conclusions or recommendations, nor did they see the final draft of the report before its release. The review of this report was overseen by Peter M. Banks, Red Planet Capital Partners. Appointed by the National Research Council, he was responsible for making certain that an independent examination of this report was carried out in accordance with institutional procedures and that all review comments were carefully considered. Responsibility for the final content of this report rests entirely with the authoring committee and the institution. ix

OCR for page R1

OCR for page R1
Contents SUMMARY 1 1 INTRODUCTION 4 2 CONSTRAINTS 6 Operational and Capacity Constraints, 6 Political, Economic, and Cultural Constraints, 7 Technical Constraints, 7 3 EMERGING TOPICS OF FOCUS AND CONCERN 9 Understanding and Managing Benefit and Cost Expectations, 9 Architecture, 10 System Integration and Software Development Approaches, 12 System Safety, 13 Human Factors, Automation, and Decision Support Tools, 13 System Security, 15 Unmanned Aircraft System Integration, 15 Spectrum Management, 16 The Importance and Necessity of Modernization, 16 APPENDIXES A Biographies of Committee Members and Project Staff 21 B Briefers to the Study Committee 29 xi

OCR for page R1