Defining and decomposing safety policy for systems of systems

A 'system of systems' (SoS) comprises many other systems operating collectively with a shared purpose. Individual system autonomy can give rise to unpredictable, and potentially undesirable, emergent behaviour. A policy is a set of rules that bounds the behaviours of entities. Policy can be expressed at various levels of abstraction. By building on existing goal-based decomposition approaches this paper proposes policy as a means of achieving safety in SoS. The decomposition of policy to lower levels of abstraction must be carried out in a consistent, complete and systematic manner. The approach is agent-oriented and emphasises the recognition of contextual assumptions (such as knowledge of other agents' behaviour) in decomposing policy. To this end we present patterns of decomposition based on KAOS tactics of refinement. The application of these patterns, expressed in the Coal Structuring Notation, is illustrated using existing civil aerospace policy (the Rules of the Air Regulations).