Common MBSE Modeling Questions and How Ontology Helps Abstract The promise of Model-based systems engineering (MBSE) is to reduce traditional problems of complexity management and allow for design evaluation before implementation. The promise has been difficult to realize. The promise requires the ability to share models without the necessity of the model being accompanied by a subject matter expert to explain what the model means and what assumptions are made. An ontological foundation, or formal foundation, for a modeling language enables model sharing between humans and computers as the meaning of the model is in a form that is independent of subject matter experts. An ontological foundation not only provides the ability to share models, but also provides the justification for inference. SysML does not currently have an ontological foundation. However, it can be retrofitted with one. The retrofit is outlined using a SysML model as an example. The formal foundation uses intuitionistic type theory. the semantics of type theory accords well with the informal semantics. An intuitionistic type theory is generated from axioms expressed in the language of a multi-sorted signature of types, properties, and operations. Henson Graves Conrad Bock January 10, 2011

Outline Examine meanings of some SysML / UML modelling examples. Discuss how ontology languages can help clarify those meanings.

What Does a Model Describe? Completeness Is the model a complete description of cars? In particular: Can a car have more than one engine and four wheels (maybe a spare wheel)? What about having other parts that are not engines or wheels? SysML/UML currently cannot capture whether the model is complete (open vs closed). The author of the model might think it’s complete or not complete, but others can only guess the intention. Car poweredBy rollsOn 1 4 Engine Wheel

What Does a Model Describe? Combinations What combinations of cars, wheels and engines are allowed? In particular: Can any kind of engine or wheel be used in any kind of car? Can specialized engines and wheels add more parts internal to them? SysML/UML say no, combination constraints might exist, but: SysML/UML cannot capture whether the specified constraints are complete (see previous slide). Modeler might not specify constraints expecting others will, but the others cannot tell from the model. Software practioners typically assume no constraints specified means none will ever be specified. Car poweredBy rollsOn 1 4 Engine Wheel

What Does a Model Describe? Sufficient Conditions Are the specified parts sufficient to call something a car? Is anything with an engine and four wheels a car (even a go- cart)? SysML/UML say yes, but: It requires a deep knowledge of the SysML/UML metamodel to know this. SysML/UML currently cannot capture “no” if that’s the intention. Car poweredBy rollsOn 1 4 Engine Wheel

What Does a Model Describe? Part Equivalence When are parts the same? In particular: Do powered wheels need to also be rolling wheels? UML (w/o OCL) currently cannot capture whether parts are the same or not. The author of the model might think they can be the same, but others can only guess the intention. SysML can capture when parts are the same. But only when they are exactly the same set, not this example. SysML (w/o OCL) cannot capture when parts are not the same. Car drivenWheels rollsOn 2 4 Wheel

What Does a Model Describe? Generalization 1 What does generalization mean exactly? In particular: Could John’s car be small? SysML/UML say yes (John’s car might be small, the modeler just doesn’t know it yet), but: Many modelers, especially object- oriented practioners, say no. SysML/UML currently cannot capture “no” if that’s the intention. Car «instanceOf» Small Car John’s Car

What Does a Model Describe? Generalization 2 What does generalization mean exactly? In particular: Is John’s car an instance of Car? SysML/UML say yes (small cars are cars, and John’s car is small), but: Some modelers, especially software practioners, say no. SysML/UML currently cannot capture “no” if that’s the intention. Sometimes an issue of convention: Are squares rectangles? Mathematics says yes, squares have four equal angles, which makes them rectangles. Non-mathematicians sometimes say no. They typically classify objects under the narrowest category they are aware of. Car Small Car «instanceOf» John’s Car

What Does a Model Describe? Generalization 3 What does generalization mean exactly? In particular: Are all inexpensive cars small? SysML/UML say no (some large cars might be inexpensive), but: Many modelers say yes. SysML/UML currently cannot capture “yes” if that’s the intention. Inexpensive Product Car Small Car

What Does a Model Describe? Generalization 4 What does generalization mean exactly? In particular: Can some small cars be deisel? Are all cars either small or deisel? SysML/UML says yes to the first and no to the second, but: Many modelers think say no to the first and yes to the second. SysML/UML can say no and yes, respectively, but many modelers don’t know how. Car Small Car Deisel Car

What Does a Model Describe? Instance Equivalence Modeled instances are only in the model, not reality. Are instances in the model the same real things? In particular: Are John and Mary’s cars the same car in reality? SysML/UML currently cannot capture whether modeled instances are about the same thing but: Some modelers, especially software practioners, say no. Car «instanceOf» «instanceOf» John’s Car Mary’s Car

What Does a Model Describe? Associations in Context Do associations apply in some context? In particular: Does the engine in a car drive the wheels in that same car? SysML/UML say maybe. Some modelers, especially knowing only UML 1, say yes. Are associations limited to some context? In particular: Can an engine in one car power the wheels in another? SysML/UML say yes. Some modelers, especially knowing only UML 1, say no. Car poweredBy rollsOn 1 4 Engine Wheel drives

What Does a Model Describe? Connectors Connectors in SysML internal block diagrams (UML composite structure) apply associations to the context of a block. In particular: Connectors between part properties, rather than classes. Engines in each car drive wheels in that same car. Currently SysML/UML (w/o OCL) cannot limit associations to the context of a block. In particular: SysML/UML (w/o OCL) cannot prevent an engine in one car from driving the wheels in another. Related to completeness. If model is assumed complete, then an engine in a car only drives the wheels in that same car. Car 1 poweredBy : Engine 4 rollson : Wheel drives

Does a Model Describe Different Things? Many of the previous questions can be summed up as: Are the things described by a model all the same, or can they be different? In particular, do they all have the same parts linked together in the same way? The answer is no (perhaps intentionally) if The model is incomplete. Does a car have more than engines and wheels? Are there any specializations of the model? Is there more than one model of the same car? The model is complete, but isn’t specific. What kind of engine? What kind of wheel? Which goes with which? Parts aren’t distinguished or equated. Does the car roll on the driven wheels?

Does a Model Describe Different Things? Intentional Variation Vehicle Impeller Engine Frame Boat Propeller Hull Car pw : Wheel Wheel Chasis Rudder upw : Wheel Chassis t: Tire h : Hub Design Refinement Design Alternatives The Vehicle block is intentionally inspecific.

Ontology Languages Ontology languages enable modelers to say how they want these questions to be answered. Doesn’t mean system engineers need to learn ontology languages. Ontology languages can motivate and validate extensions to SysML/UML and other modeling languages to address ambiguities. Improves quality of communication between people, between people and machines, and between machines. Giving a model a descriptive name (“complete car model”) does not mean that people or machines know exactly what you are talking about.

Existing Ontology Extensions for SysML/UML Some in the SysML / UML already, just not well known: Disjointness and covering for specializations (using generalization sets). Subsets and redefinition for properties, specialization for association classes/blocks. Others in the UML Profile for OWL (Ontology Web Language), part of the Ontology Definition Metamodel. Intersection constraint on generalizations. Dependencies dependencies for indicating two instance specifications are the same or different (sameAs and differentFrom). Complement and equivalent classes, equivalent properties. Restriction classes for expressing necessary, sufficient, or equivalent conditions on classes (conditions are limited to property types and values, and multiplicities).

Possible Ontology Extensions for SysML/UML From OWL 2, for properties: Property chains for clarying connector semantics. Disjoint properties. Property negation. Ontology-inspired: Completeness property for models, or parts of models (classes, properties, etc). Necessary and sufficiency properties for classes and properties.

Translation to Ontology Languages SysML/UML and other modeling languages (and their ontology extensions) can be translated to ontology languages Clarifies semantics of the modeling language. Support automated checking and reasoning. Requires reporting back in a modeling syntax. Might be easier to translate ontology reasoners to work on modeling languages.

Summary SysML/UML models contain alot of ambiguity regarding their meaning. The ambiguity can be resolved using ontology: Modeling extensions derived from ontology languages, or ontology language themselves. Translation to ontology languages.