1 00:00:00,120 --> 00:00:02,460 The following content is provided under a Creative 2 00:00:02,460 --> 00:00:03,880 Commons license. 3 00:00:03,880 --> 00:00:06,090 Your support will help MIT OpenCourseWare 4 00:00:06,090 --> 00:00:10,180 continue to offer high quality educational resources for free. 5 00:00:10,180 --> 00:00:12,720 To make a donation or to view additional materials 6 00:00:12,720 --> 00:00:16,650 from hundreds of MIT courses, visit MIT OpenCourseWare 7 00:00:16,650 --> 00:00:17,880 at ocw.mit.edu. 8 00:00:25,370 --> 00:00:28,140 PROFESSOR: You have to make some design decisions. 9 00:00:28,140 --> 00:00:31,100 And then once you've made those design decisions, 10 00:00:31,100 --> 00:00:34,250 then you can actually write your level 2, level 3 requirements 11 00:00:34,250 --> 00:00:37,530 and so forth, it's an iterative process. 12 00:00:37,530 --> 00:00:40,280 But when you look at the classic v model, 13 00:00:40,280 --> 00:00:42,570 you don't really see those iterations. 14 00:00:42,570 --> 00:00:44,220 But they actually exist. 15 00:00:44,220 --> 00:00:46,970 So what we typically do at the system requirements 16 00:00:46,970 --> 00:00:50,780 review is we review and then agree on the high level 17 00:00:50,780 --> 00:00:53,750 requirements, level 0, level 1, maybe 18 00:00:53,750 --> 00:00:56,780 level 2 requirement, but not the lower level ones, 19 00:00:56,780 --> 00:00:58,610 because you can't, because you typically 20 00:00:58,610 --> 00:01:00,398 haven't done the design yet. 21 00:01:03,990 --> 00:01:06,460 The other thing I want to say is a lot of the-- 22 00:01:06,460 --> 00:01:08,280 this is really a critical issue. 23 00:01:08,280 --> 00:01:10,630 And a lot of the problems we talked about last time 24 00:01:10,630 --> 00:01:14,450 in the schedule, cost overruns, really, a lot of these things 25 00:01:14,450 --> 00:01:16,730 are traceable back to the requirements. 26 00:01:16,730 --> 00:01:19,670 Either the requirements were over ambitious. 27 00:01:19,670 --> 00:01:23,330 You can set requirements that were essentially unachievable. 28 00:01:23,330 --> 00:01:27,839 Or you missed requirements that actually became clear later on. 29 00:01:27,839 --> 00:01:28,880 But they weren't written. 30 00:01:28,880 --> 00:01:31,310 So nobody paid attention to them. 31 00:01:31,310 --> 00:01:32,350 A couple of examples. 32 00:01:32,350 --> 00:01:36,230 So I have sort of one example of core requirements, 33 00:01:36,230 --> 00:01:39,090 and then a good example. 34 00:01:39,090 --> 00:01:44,050 So this is a mission that you may have heard about. 35 00:01:49,100 --> 00:01:50,570 A 1998 MCO. 36 00:01:50,570 --> 00:01:52,280 So who was born in-- 37 00:01:52,280 --> 00:01:53,920 I'm looking at you guys. 38 00:01:53,920 --> 00:01:55,380 Justin, right? 39 00:01:55,380 --> 00:01:58,390 Justice, when were you born? 40 00:01:58,390 --> 00:01:59,050 '94? 41 00:01:59,050 --> 00:02:03,030 OK, so you're older than MCO by four years. 42 00:02:03,030 --> 00:02:06,580 So MCO was a very well-known just about not quite 43 00:02:06,580 --> 00:02:11,070 20 years ago, a very well known mission failure that happened. 44 00:02:11,070 --> 00:02:16,550 A Mars climate orbiter, it was launched on December 1998. 45 00:02:16,550 --> 00:02:20,560 And it had multiple functions study the Martian climate, 46 00:02:20,560 --> 00:02:22,300 weather and surface changes. 47 00:02:22,300 --> 00:02:26,380 And it was to act as a relay satellite for the Mars polar 48 00:02:26,380 --> 00:02:29,750 Lander, which came after it and also failed. 49 00:02:29,750 --> 00:02:32,320 Both failed. 50 00:02:32,320 --> 00:02:35,320 And unfortunately MCO burned up. 51 00:02:35,320 --> 00:02:39,310 We think contact was lost with a spacecraft 52 00:02:39,310 --> 00:02:43,370 after it basically entered the Martian atmosphere. 53 00:02:43,370 --> 00:02:47,170 And you know nothing-- there was no more communication. 54 00:02:47,170 --> 00:02:49,120 So we don't know for sure. 55 00:02:49,120 --> 00:02:53,194 But their best guess is that the spacecraft burned up 56 00:02:53,194 --> 00:02:58,580 in the approach to Mars, that the actual altitude at which 57 00:02:58,580 --> 00:03:00,170 had entered the Martian atmosphere 58 00:03:00,170 --> 00:03:04,420 was about 57 kilometers. 59 00:03:04,420 --> 00:03:07,190 And it was supposed to be about 220. 60 00:03:07,190 --> 00:03:09,740 So even though the Martian atmosphere is very thin, 61 00:03:09,740 --> 00:03:12,920 when you enter at very high velocities, 62 00:03:12,920 --> 00:03:16,060 that's not a good thing. 63 00:03:16,060 --> 00:03:17,300 This is the very famous-- 64 00:03:17,300 --> 00:03:20,170 you've heard about this-- confusion of units problem, 65 00:03:20,170 --> 00:03:25,710 like this mission that one part of the team used SI units, 66 00:03:25,710 --> 00:03:29,890 specifically Newton's seconds, this is momentum, right? 67 00:03:29,890 --> 00:03:34,610 Force times time, that gives you momentum. 68 00:03:34,610 --> 00:03:38,900 So when you burn your engines for x number of seconds 69 00:03:38,900 --> 00:03:41,780 the sum of the product of those two is your momentum. 70 00:03:41,780 --> 00:03:43,160 And then another part of the team 71 00:03:43,160 --> 00:03:49,150 used English units, pounds of force times second. 72 00:03:49,150 --> 00:03:55,215 OK, and so that was fundamentally the problem that 73 00:03:55,215 --> 00:03:56,860 caused the burn up. 74 00:03:56,860 --> 00:03:59,710 Now if you read the accident report. 75 00:03:59,710 --> 00:04:02,620 And I have a link here to the accident report, 76 00:04:02,620 --> 00:04:06,490 you will notice that the requirements were actually OK. 77 00:04:06,490 --> 00:04:09,980 The requirements were written correctly. 78 00:04:09,980 --> 00:04:12,910 So specifically, there was a document called the software 79 00:04:12,910 --> 00:04:17,110 interface specification, SIS, that specified everything 80 00:04:17,110 --> 00:04:20,880 should be in SI units on the ground segment 81 00:04:20,880 --> 00:04:22,570 and on the space segment. 82 00:04:22,570 --> 00:04:27,520 But the problem is that this was not checked and implemented. 83 00:04:27,520 --> 00:04:30,730 And so here's a quote from the accident report. 84 00:04:30,730 --> 00:04:33,220 Items that the mission assurance manager, which 85 00:04:33,220 --> 00:04:35,000 didn't exist for this mission. 86 00:04:35,000 --> 00:04:37,720 So the mission Assurance Manager role 87 00:04:37,720 --> 00:04:40,760 is to make sure the requirements are actually followed. 88 00:04:40,760 --> 00:04:43,960 There was no mission Assurance Manager on the MCO mission. 89 00:04:43,960 --> 00:04:48,070 Included ensuring that the AMD file, which 90 00:04:48,070 --> 00:04:52,480 is one of the files put out by the propulsion system, 91 00:04:52,480 --> 00:04:55,120 met the requirements of the softwares 92 00:04:55,120 --> 00:04:58,050 in the interface specification And that did not happen. 93 00:04:58,050 --> 00:05:02,440 And so that was sort of the root cause there. 94 00:05:02,440 --> 00:05:04,940 Here's a good example for requirements. 95 00:05:04,940 --> 00:05:07,270 This is a little bit older. 96 00:05:07,270 --> 00:05:09,200 This is the DC-3. 97 00:05:09,200 --> 00:05:11,750 This is an old plane. 98 00:05:11,750 --> 00:05:17,790 First flight in December 1935. 99 00:05:17,790 --> 00:05:21,190 This was this was really an airplane that 100 00:05:21,190 --> 00:05:25,420 kickstarted civil aviation as a commercial service. 101 00:05:25,420 --> 00:05:29,290 And so first of all, the DC-3 was 102 00:05:29,290 --> 00:05:33,820 based on an earlier evolution of the DC-2. 103 00:05:33,820 --> 00:05:38,740 And I first saw this when I worked in St. Louis. 104 00:05:38,740 --> 00:05:40,870 There was a little museum at the headquarters. 105 00:05:40,870 --> 00:05:44,820 And they had like a, like a nice plaque on the wall 106 00:05:44,820 --> 00:05:49,030 with actually a replica of the contract. 107 00:05:49,030 --> 00:05:53,620 You know, the original letter that left the DC-3 contract. 108 00:05:53,620 --> 00:05:56,830 And the story is that this-- these requirements-- 109 00:05:56,830 --> 00:05:57,510 these are-- 110 00:05:57,510 --> 00:06:01,110 this is level 0 requirements, what's written here, 111 00:06:01,110 --> 00:06:03,630 was hammered out in a single quote, 112 00:06:03,630 --> 00:06:07,930 end quote marathon phone call between Smith and Douglas. 113 00:06:07,930 --> 00:06:11,290 So Smith was, at that time, the head of what 114 00:06:11,290 --> 00:06:13,600 was today essentially United Airlines. 115 00:06:13,600 --> 00:06:16,630 And Douglas, who by the way, is a graduate of this department 116 00:06:16,630 --> 00:06:21,820 here at MIT, Donald Douglas, was the head of the Douglas 117 00:06:21,820 --> 00:06:23,260 Aircraft Company. 118 00:06:23,260 --> 00:06:27,040 And here are the requirements: range about 1,000 miles. 119 00:06:27,040 --> 00:06:31,070 So this means that you don't have a trans-continental range, 120 00:06:31,070 --> 00:06:31,570 right? 121 00:06:31,570 --> 00:06:33,730 If you want transcontinental range in the US, 122 00:06:33,730 --> 00:06:35,080 you need about how many miles? 123 00:06:38,480 --> 00:06:43,080 Like Boston to San Diego, Seattle to Miami. 124 00:06:43,080 --> 00:06:43,850 3,000? 125 00:06:43,850 --> 00:06:45,680 Yeah, reserves. 126 00:06:45,680 --> 00:06:47,420 Yeah, 3,000 miles. 127 00:06:47,420 --> 00:06:50,970 So this means that, if you go transcontinental with the DC-3, 128 00:06:50,970 --> 00:06:53,460 you've got to refuel twice, basically. 129 00:06:53,460 --> 00:06:55,360 But you know, that was OK. 130 00:06:55,360 --> 00:06:58,620 Today, we wouldn't-- we probably wouldn't accept it. 131 00:06:58,620 --> 00:07:00,830 But that's OK back then. 132 00:07:00,830 --> 00:07:03,670 Cruise speed about 150 miles. 133 00:07:03,670 --> 00:07:07,130 20 to 30 passengers, depending on the configuration. 134 00:07:07,130 --> 00:07:08,630 Twin engines. 135 00:07:08,630 --> 00:07:10,970 And then something that we would say today. 136 00:07:10,970 --> 00:07:14,420 That's a fuzzy-- that's a not a well written requirement, 137 00:07:14,420 --> 00:07:15,680 because it's fuzzy. 138 00:07:15,680 --> 00:07:19,440 But it said, it should be a rugged and economical. 139 00:07:19,440 --> 00:07:21,710 And based on this sort of high level requirements 140 00:07:21,710 --> 00:07:24,320 that were pretty clearly defined, 141 00:07:24,320 --> 00:07:26,420 the airplane was then designed, built, 142 00:07:26,420 --> 00:07:28,710 and very, very successful. 143 00:07:28,710 --> 00:07:34,560 And over 10,000 copies of this airplane were built. 144 00:07:34,560 --> 00:07:38,870 So what happened since then is the requirements explosion. 145 00:07:38,870 --> 00:07:42,080 This is a chart from a document called 146 00:07:42,080 --> 00:07:46,160 the technical multi-disciplinary design optimization 147 00:07:46,160 --> 00:07:48,290 white paper. 148 00:07:48,290 --> 00:07:51,500 And it's a little dated, but the basic message here 149 00:07:51,500 --> 00:07:54,950 is pretty stunning if you think about it. 150 00:07:54,950 --> 00:07:57,920 So first, heavier than air flight, 151 00:07:57,920 --> 00:08:00,620 1903, the Wright brothers, right? 152 00:08:00,620 --> 00:08:02,240 1G flight. 153 00:08:02,240 --> 00:08:06,530 What is the requirement for 1G flight? 154 00:08:06,530 --> 00:08:07,940 Get off the ground. 155 00:08:07,940 --> 00:08:09,200 Get off the ground. 156 00:08:09,200 --> 00:08:12,470 And stay off the ground for at least a few seconds, right? 157 00:08:12,470 --> 00:08:15,440 Not just ballistic. 158 00:08:15,440 --> 00:08:16,610 That's the requirement. 159 00:08:16,610 --> 00:08:17,840 Get off the ground. 160 00:08:17,840 --> 00:08:19,610 Heavier than air flight. 161 00:08:19,610 --> 00:08:20,900 Yeah, big success. 162 00:08:20,900 --> 00:08:22,440 Big milestone. 163 00:08:22,440 --> 00:08:27,380 Well, pretty clear after not too long, it was well-- 164 00:08:27,380 --> 00:08:29,054 we also want to turn. 165 00:08:29,054 --> 00:08:30,470 We don't want to just fly straight 166 00:08:30,470 --> 00:08:36,510 on the beach and land again, so maneuvering, gust acceleration. 167 00:08:36,510 --> 00:08:38,280 There are winds buffeting. 168 00:08:38,280 --> 00:08:39,840 You've got to handle those gusts. 169 00:08:39,840 --> 00:08:42,090 So that that's important. 170 00:08:42,090 --> 00:08:44,810 And then what were the first airplanes made of? 171 00:08:44,810 --> 00:08:47,050 Let's see an EPFL, guys. 172 00:08:47,050 --> 00:08:48,350 What's the first airplanes? 173 00:08:48,350 --> 00:08:50,874 What materials did they use? 174 00:08:50,874 --> 00:08:52,862 [STATIC] 175 00:08:52,862 --> 00:08:53,856 [INAUDIBLE] 176 00:08:53,856 --> 00:08:54,850 AUDIENCE: Wood. 177 00:08:54,850 --> 00:08:56,970 PROFESSOR: Wood, yeah. 178 00:08:56,970 --> 00:08:57,470 What else? 179 00:08:57,470 --> 00:08:58,178 AUDIENCE: Canvas. 180 00:08:58,178 --> 00:08:59,050 PROFESSOR: Canvas. 181 00:08:59,050 --> 00:09:01,730 AUDIENCE: [INAUDIBLE] 182 00:09:01,730 --> 00:09:02,630 PROFESSOR: Exactly. 183 00:09:02,630 --> 00:09:06,590 so then very soon after that, maybe in the 20s and 30s, 184 00:09:06,590 --> 00:09:08,180 we started using metals, right? 185 00:09:08,180 --> 00:09:09,576 Metallic structures. 186 00:09:09,576 --> 00:09:11,450 And the big issue there, especially if you're 187 00:09:11,450 --> 00:09:15,010 flying close to the ocean and salt water, 188 00:09:15,010 --> 00:09:16,840 is corrosion control. 189 00:09:16,840 --> 00:09:18,740 Your airplanes can't rust. 190 00:09:18,740 --> 00:09:22,010 And so a corrosion control became important. 191 00:09:22,010 --> 00:09:25,580 And pressurization, what is that all about? 192 00:09:29,240 --> 00:09:31,020 Higher, faster. 193 00:09:31,020 --> 00:09:35,070 So at some point, you need to pressurize the cabin, right? 194 00:09:35,070 --> 00:09:36,690 That's a new requirement. 195 00:09:36,690 --> 00:09:38,980 The Wright brothers never thought about that. 196 00:09:38,980 --> 00:09:40,980 Well, they didn't-- maybe they thought about it. 197 00:09:40,980 --> 00:09:43,900 But they certainly didn't have to pressurize their Wright 198 00:09:43,900 --> 00:09:44,640 flyer. 199 00:09:44,640 --> 00:09:49,200 So you see you see what's happening is we get greedy. 200 00:09:49,200 --> 00:09:50,520 You know, we were excited. 201 00:09:50,520 --> 00:09:51,580 We can fly now. 202 00:09:51,580 --> 00:09:52,930 But now we want to go higher. 203 00:09:52,930 --> 00:09:54,490 We want to stay longer. 204 00:09:54,490 --> 00:09:56,100 So we get greedy. 205 00:09:56,100 --> 00:09:59,050 And we go to more extreme environments and so forth. 206 00:09:59,050 --> 00:10:04,230 And as we do that, it get harvested do and more and more 207 00:10:04,230 --> 00:10:06,630 requirements start piling up. 208 00:10:06,630 --> 00:10:10,305 And you see a big step here, World War II, right? 209 00:10:10,305 --> 00:10:12,990 Handling quality, radar transparency. 210 00:10:12,990 --> 00:10:14,670 Radar was invented. 211 00:10:14,670 --> 00:10:16,290 So now you want to have airplanes that 212 00:10:16,290 --> 00:10:19,880 are not visible on the radar. 213 00:10:19,880 --> 00:10:22,900 Fatigue, rough field landing. 214 00:10:22,900 --> 00:10:25,860 And then we have another big step here in the 60s and 70s. 215 00:10:25,860 --> 00:10:30,300 This was during the Cold War, smart weapons, nuclear, 216 00:10:30,300 --> 00:10:31,560 fly by wire, right? 217 00:10:31,560 --> 00:10:35,680 Replacing cables with electronic flight controls. 218 00:10:35,680 --> 00:10:39,060 And then a lot of the "ilitys" in the last 20 years, 219 00:10:39,060 --> 00:10:43,370 reducibility, affordability, portability, et cetera. 220 00:10:43,370 --> 00:10:47,250 So if you actually look at the requirements set 221 00:10:47,250 --> 00:10:49,200 for the new generation of airplanes, 222 00:10:49,200 --> 00:10:52,960 whether commercial or military, it's overwhelming. 223 00:10:52,960 --> 00:10:55,920 I mean, it's thousands and thousands of requirements, 224 00:10:55,920 --> 00:10:58,440 because we've gotten greedy. 225 00:10:58,440 --> 00:10:59,970 And we've gotten good at it. 226 00:10:59,970 --> 00:11:01,926 So we keep adding more requirements. 227 00:11:01,926 --> 00:11:03,300 And that's a big issue right now. 228 00:11:03,300 --> 00:11:04,799 And we'll talk later in the semester 229 00:11:04,799 --> 00:11:07,260 about complexity management. 230 00:11:07,260 --> 00:11:09,090 But the key message here is requirements 231 00:11:09,090 --> 00:11:12,330 have been growing over time. 232 00:11:12,330 --> 00:11:14,460 More and more requirements added as systems grow 233 00:11:14,460 --> 00:11:17,590 and in performance and complexity. 234 00:11:17,590 --> 00:11:19,560 So here's some standards. 235 00:11:19,560 --> 00:11:21,270 I won't go through those in detail. 236 00:11:21,270 --> 00:11:25,600 But people recognize, in the system engineering community, 237 00:11:25,600 --> 00:11:27,940 how important it is, these requirements. 238 00:11:27,940 --> 00:11:30,070 So in the system engineering handbook, 239 00:11:30,070 --> 00:11:34,290 there's two sections, 4.2, which is about technical requirements 240 00:11:34,290 --> 00:11:36,970 definition, and then section 6.2, 241 00:11:36,970 --> 00:11:39,300 which is about requirements management. 242 00:11:39,300 --> 00:11:42,180 So definition means that's the initial definition 243 00:11:42,180 --> 00:11:43,710 of the initial requirement. 244 00:11:43,710 --> 00:11:45,510 And then management is the process 245 00:11:45,510 --> 00:11:49,670 of updating them, adding requirements, modifying them, 246 00:11:49,670 --> 00:11:51,530 making sure they're up to date. 247 00:11:51,530 --> 00:11:54,010 And there are a couple of appendices. 248 00:11:54,010 --> 00:11:56,780 INCOSE, the International Council of System Engineering 249 00:11:56,780 --> 00:11:59,570 has, in the handbook, a whole section. 250 00:11:59,570 --> 00:12:01,970 There's even a requirement working group, people 251 00:12:01,970 --> 00:12:05,150 who really specialize in this, and then 252 00:12:05,150 --> 00:12:07,940 as well in the ISO standard, you have a lot 253 00:12:07,940 --> 00:12:09,350 written about requirements. 254 00:12:09,350 --> 00:12:11,300 So this is really a big deal. 255 00:12:11,300 --> 00:12:13,520 So the last thing I want to do here in this section 256 00:12:13,520 --> 00:12:17,180 is to sort of, at a very high level, 257 00:12:17,180 --> 00:12:21,200 communicate to you what requirement really are about. 258 00:12:21,200 --> 00:12:24,020 What they are about is, like I said, 259 00:12:24,020 --> 00:12:25,880 don't set off in your ship without-- you 260 00:12:25,880 --> 00:12:28,370 don't know what port you're sailing to, right? 261 00:12:28,370 --> 00:12:31,340 So requirements set goals and constrain the design 262 00:12:31,340 --> 00:12:32,960 in the objective space. 263 00:12:32,960 --> 00:12:35,150 So whatever you're designing, you're 264 00:12:35,150 --> 00:12:38,180 always going to have two spaces that you're dealing with. 265 00:12:38,180 --> 00:12:40,440 The design space, on the one hand, 266 00:12:40,440 --> 00:12:44,000 that's the things you can choose as a designer. 267 00:12:44,000 --> 00:12:45,620 These are the knobs you can turn, 268 00:12:45,620 --> 00:12:47,150 the decisions you can make. 269 00:12:47,150 --> 00:12:48,650 And then the objective space, which 270 00:12:48,650 --> 00:12:52,490 is the things that, essentially, your customer cares about. 271 00:12:52,490 --> 00:12:55,800 I'll give you a quick example here. 272 00:12:55,800 --> 00:12:59,510 So when we use the word shall, which I'll get to in a minute. 273 00:12:59,510 --> 00:13:02,630 The English word, shall, means this is essentially 274 00:13:02,630 --> 00:13:04,220 a constraint. 275 00:13:04,220 --> 00:13:06,310 You must accomplish this. 276 00:13:06,310 --> 00:13:11,180 And when you use the word, should, it's more like a goal. 277 00:13:11,180 --> 00:13:12,650 It would be nice to do this. 278 00:13:12,650 --> 00:13:15,380 But it's not absolutely mandatory. 279 00:13:15,380 --> 00:13:18,080 So shall is a hard constraint. 280 00:13:18,080 --> 00:13:22,050 Should it is desirable as a goal. 281 00:13:22,050 --> 00:13:25,197 So let me give you this quick example here. 282 00:13:25,197 --> 00:13:26,780 So let's say you're designing a house. 283 00:13:26,780 --> 00:13:29,420 You're about setting off to design a house. 284 00:13:29,420 --> 00:13:32,380 And what would be some requirements for a house. 285 00:13:32,380 --> 00:13:34,670 So I wrote four of them here. 286 00:13:34,670 --> 00:13:38,840 And I'll map them to the design space and the objective space. 287 00:13:38,840 --> 00:13:41,270 First requirement, the house shall sleep 288 00:13:41,270 --> 00:13:43,580 between four and six people. 289 00:13:43,580 --> 00:13:45,740 Well, is that in the design space 290 00:13:45,740 --> 00:13:46,857 or in the objective space? 291 00:13:49,660 --> 00:13:51,389 That's in the objective space, right? 292 00:13:51,389 --> 00:13:52,180 Yeah, that's right. 293 00:13:52,180 --> 00:13:57,790 So here, we have an axis called occupance, right? 294 00:13:57,790 --> 00:14:01,610 So four is the minimum and six is sort of the maximum. 295 00:14:01,610 --> 00:14:03,730 So that's the upper bound. 296 00:14:03,730 --> 00:14:05,860 The next one, the total build cost 297 00:14:05,860 --> 00:14:09,280 should be less than $550,000. 298 00:14:09,280 --> 00:14:10,990 Should be. 299 00:14:10,990 --> 00:14:13,180 What is that? 300 00:14:13,180 --> 00:14:15,702 Maybe an EPFL. 301 00:14:15,702 --> 00:14:17,602 AUDIENCE: It's a goal. 302 00:14:17,602 --> 00:14:18,560 PROFESSOR: It's a goal. 303 00:14:18,560 --> 00:14:19,720 Yup, that's right. 304 00:14:19,720 --> 00:14:22,540 And is it in the design space or the objective space? 305 00:14:26,040 --> 00:14:27,617 AUDIENCE: The objective space. 306 00:14:27,617 --> 00:14:28,700 PROFESSOR: That's correct. 307 00:14:28,700 --> 00:14:33,050 So I put this as a dashed line, OK, because it's a should. 308 00:14:33,050 --> 00:14:36,500 So what I've done here, just by writing these two sentences, 309 00:14:36,500 --> 00:14:40,100 these two requirements, is I've essentially carved out a space, 310 00:14:40,100 --> 00:14:40,600 right? 311 00:14:40,600 --> 00:14:42,740 And I can shape that box. 312 00:14:42,740 --> 00:14:44,600 Basically, what these two requirements 313 00:14:44,600 --> 00:14:49,310 do is they put a box around in the objective space saying 314 00:14:49,310 --> 00:14:51,770 that, whatever house you're going to design, 315 00:14:51,770 --> 00:14:55,310 it has to fit within this box. 316 00:14:55,310 --> 00:14:59,420 Then the third one is the house shall have at least at least 317 00:14:59,420 --> 00:15:01,000 three bedrooms. 318 00:15:01,000 --> 00:15:01,940 What is that? 319 00:15:01,940 --> 00:15:05,390 In the design space or objective space? 320 00:15:05,390 --> 00:15:06,440 Design space, right? 321 00:15:06,440 --> 00:15:11,840 Because defining a bedroom is a design decision, right? 322 00:15:11,840 --> 00:15:15,410 And the house should have a fireplace. 323 00:15:15,410 --> 00:15:19,700 So you can show the lower bound here, at least three bedrooms. 324 00:15:19,700 --> 00:15:23,540 And then the fireplace is a-- 325 00:15:23,540 --> 00:15:24,680 it would be nice to have. 326 00:15:24,680 --> 00:15:27,290 But you don't absolutely have to have it. 327 00:15:27,290 --> 00:15:29,260 So you can sort of draw this-- 328 00:15:29,260 --> 00:15:31,010 it's more like a line here, right? 329 00:15:31,010 --> 00:15:32,710 Yes, fireplace. 330 00:15:32,710 --> 00:15:34,280 But it's a dashed line. 331 00:15:34,280 --> 00:15:36,580 And then at least three bedrooms. 332 00:15:36,580 --> 00:15:40,360 So just these four sentences, we've now put a-- 333 00:15:40,360 --> 00:15:43,760 we've defined the space that we're going to be designing in. 334 00:15:43,760 --> 00:15:46,250 So we have constraints in the design space. 335 00:15:46,250 --> 00:15:48,340 And we have constraints in the objective space. 336 00:15:48,340 --> 00:15:51,240 And that's fundamentally the role of requirement 337 00:15:51,240 --> 00:15:54,620 is to constrain, to give us direction as to what 338 00:15:54,620 --> 00:15:57,550 we're going to design. 339 00:15:57,550 --> 00:16:02,240 OK, so let's do our first concept question for today. 340 00:16:02,240 --> 00:16:05,000 And that's the following question, 341 00:16:05,000 --> 00:16:07,880 do you think there's a fundamental difference 342 00:16:07,880 --> 00:16:09,560 in the meaning between the words, 343 00:16:09,560 --> 00:16:13,010 requirements, which we've talked about so far, 344 00:16:13,010 --> 00:16:15,320 and then the word, specifications, 345 00:16:15,320 --> 00:16:17,510 which I haven't mentioned yet. 346 00:16:17,510 --> 00:16:22,250 So no, you think they're essentially the same. 347 00:16:22,250 --> 00:16:24,020 Yes, there is a difference. 348 00:16:24,020 --> 00:16:26,530 Requirements are like the input, and specifications 349 00:16:26,530 --> 00:16:29,420 are the output of the design process. 350 00:16:29,420 --> 00:16:31,070 Yes, you think a difference. 351 00:16:31,070 --> 00:16:35,550 Specifications include the requirements as a subset. 352 00:16:35,550 --> 00:16:36,980 Or you're not sure. 353 00:16:36,980 --> 00:16:39,080 So think about this. 354 00:16:39,080 --> 00:16:41,600 And then submit your answers. 355 00:16:41,600 --> 00:16:44,180 And as far as these URLs are concerned, 356 00:16:44,180 --> 00:16:46,940 for the concept questions, I went to all lowercase. 357 00:16:46,940 --> 00:16:49,670 Hopefully, that's a little bit easier. 358 00:16:49,670 --> 00:16:52,460 So secc3. 359 00:16:52,460 --> 00:16:54,890 tiny.cc/secc3. 360 00:16:54,890 --> 00:16:55,640 What do you think? 361 00:16:55,640 --> 00:16:58,920 Requirements and specifications. 362 00:16:58,920 --> 00:17:00,610 The same thing or not? 363 00:17:37,370 --> 00:17:38,270 Who needs more time? 364 00:17:38,270 --> 00:17:39,000 Anybody? 365 00:17:39,000 --> 00:17:39,500 OK. 366 00:17:52,880 --> 00:17:57,780 OK, so we have nobody thinks they're the same. 367 00:17:57,780 --> 00:18:00,910 62 thirds of you think that requirements are the input, 368 00:18:00,910 --> 00:18:02,930 specifications are the output. 369 00:18:02,930 --> 00:18:07,710 9 of you think that requirements are a subset. 370 00:18:07,710 --> 00:18:09,540 And then 6% are not sure. 371 00:18:09,540 --> 00:18:11,370 So that's good. 372 00:18:11,370 --> 00:18:13,020 I agree with that. 373 00:18:13,020 --> 00:18:17,090 So a lot of people use requirements and specifications 374 00:18:17,090 --> 00:18:18,060 as the same thing. 375 00:18:18,060 --> 00:18:19,130 They're really not. 376 00:18:19,130 --> 00:18:24,510 OK, so think of requirements and you haven't actually 377 00:18:24,510 --> 00:18:25,710 started to design that. 378 00:18:25,710 --> 00:18:29,270 This is your putting constraints in the design space, 379 00:18:29,270 --> 00:18:30,510 defining the direction. 380 00:18:30,510 --> 00:18:33,450 But we don't actually know what the design will look like. 381 00:18:33,450 --> 00:18:37,680 You may have some requirements may say you must use this box, 382 00:18:37,680 --> 00:18:40,050 or you must use this sensor, right? 383 00:18:40,050 --> 00:18:43,170 And you might actually find some of those in the CanSat. 384 00:18:43,170 --> 00:18:48,630 But basically the requirements are the input. 385 00:18:48,630 --> 00:18:53,490 So any-- What are your experiences? 386 00:18:53,490 --> 00:18:56,700 When have you heard those terms, requirements or specifications 387 00:18:56,700 --> 00:19:01,140 used interchangeably or not interchangeably? 388 00:19:01,140 --> 00:19:03,150 Has this come up as an issue for you before? 389 00:19:08,710 --> 00:19:10,980 [? Marissa, ?] you're worked at-- 390 00:19:10,980 --> 00:19:13,940 you're worked on human spaceflight, right? 391 00:19:13,940 --> 00:19:15,860 Space tourism vehicles. 392 00:19:15,860 --> 00:19:18,335 So what-- how did you guys do it at Virgin Galactic? 393 00:19:20,936 --> 00:19:22,310 AUDIENCE: Well, I think something 394 00:19:22,310 --> 00:19:24,620 that you generally saw was like people will look at sensors. 395 00:19:24,620 --> 00:19:27,050 And they would-- there's a specification for a sensor. 396 00:19:27,050 --> 00:19:29,600 And they would not necessarily compare the requirements 397 00:19:29,600 --> 00:19:31,700 to the specification. 398 00:19:31,700 --> 00:19:34,700 So or they would not understand how the two intersected. 399 00:19:34,700 --> 00:19:37,160 So I think there was a bit of a misunderstanding 400 00:19:37,160 --> 00:19:39,760 of the difference between what the actual requirements were, 401 00:19:39,760 --> 00:19:43,489 versus what the specifications were designed to be. 402 00:19:43,489 --> 00:19:45,280 PROFESSOR: The sensors you're talking about 403 00:19:45,280 --> 00:19:47,930 would be sensors, I'm assuming, that you would purchase, right? 404 00:19:47,930 --> 00:19:49,000 As commercial-- 405 00:19:49,000 --> 00:19:49,610 AUDIENCE: Yeah, absolutely. 406 00:19:49,610 --> 00:19:51,235 So I think we were buying of the shelf. 407 00:19:51,235 --> 00:19:53,340 And so I mean, sometimes the specifications 408 00:19:53,340 --> 00:19:54,800 were broader than what we wanted and sometimes they 409 00:19:54,800 --> 00:19:55,650 were narrower. 410 00:19:55,650 --> 00:19:58,010 But you know, you can do additional testing on it. 411 00:19:58,010 --> 00:20:00,343 So there was sometimes a breakdown between understanding 412 00:20:00,343 --> 00:20:03,171 really whether the sensor met what we are looking for or it 413 00:20:03,171 --> 00:20:03,670 didn't. 414 00:20:03,670 --> 00:20:04,801 PROFESSOR: OK. 415 00:20:04,801 --> 00:20:05,300 Good. 416 00:20:05,300 --> 00:20:08,210 What about an EPFL. 417 00:20:08,210 --> 00:20:11,101 Any experiences? [? Walker, ?] you worked on slip rings, 418 00:20:11,101 --> 00:20:11,600 right? 419 00:20:11,600 --> 00:20:15,270 Slip rings was one of the big specialties of your company. 420 00:20:15,270 --> 00:20:17,330 I'm assuming that you guys had to make 421 00:20:17,330 --> 00:20:18,560 that distinction, right? 422 00:20:18,560 --> 00:20:20,990 Between requirements and specifications. 423 00:20:20,990 --> 00:20:24,770 What are your thoughts at EPFL on this? 424 00:20:24,770 --> 00:20:26,671 GUEST SPEAKER: Well, yes, from outside, 425 00:20:26,671 --> 00:20:31,054 we clearly had a separation also on an ether level. 426 00:20:31,054 --> 00:20:33,489 But I was wondering here in the class, 427 00:20:33,489 --> 00:20:37,348 has anybody seen the difference between specification 428 00:20:37,348 --> 00:20:38,775 requirements? 429 00:20:38,775 --> 00:20:39,316 Any comments? 430 00:20:39,316 --> 00:20:41,041 Maybe some of the PhD students that 431 00:20:41,041 --> 00:20:43,290 have been around the block? 432 00:20:43,290 --> 00:21:18,020 AUDIENCE: [INAUDIBLE] 433 00:21:18,020 --> 00:21:20,150 PROFESSOR: Yeah, OK, great. 434 00:21:20,150 --> 00:21:23,570 So I found here, I, you know, I wanted 435 00:21:23,570 --> 00:21:26,690 to sort of find a real example that everybody can 436 00:21:26,690 --> 00:21:30,020 relate to very, very easily. 437 00:21:30,020 --> 00:21:32,300 So the answer is there is a distinction. 438 00:21:32,300 --> 00:21:33,680 They are quite different. 439 00:21:33,680 --> 00:21:36,380 But they're-- got to be careful, because you can mix them up. 440 00:21:36,380 --> 00:21:40,210 So requirements specify what the product or system should-- 441 00:21:40,210 --> 00:21:42,390 shall or should do, right? 442 00:21:42,390 --> 00:21:46,670 Functions it shall perform, how well it should perform these. 443 00:21:46,670 --> 00:21:48,800 Also maybe the degree of autonomy, 444 00:21:48,800 --> 00:21:50,210 how automated is the system? 445 00:21:50,210 --> 00:21:54,460 So what the operators must do, when the system is operating. 446 00:21:54,460 --> 00:21:57,350 And also compatibility with other devices. 447 00:21:57,350 --> 00:22:02,450 And then specifications are about how the system is built 448 00:22:02,450 --> 00:22:04,130 and how it actually works. 449 00:22:04,130 --> 00:22:05,870 So the form, right? 450 00:22:05,870 --> 00:22:07,640 What the materials that are used, 451 00:22:07,640 --> 00:22:11,240 the dimensions, schematics, blueprints, 452 00:22:11,240 --> 00:22:13,650 the details of the user interface. 453 00:22:13,650 --> 00:22:16,670 Those are things-- those are all specifications. 454 00:22:16,670 --> 00:22:21,140 So I try to look up a very simple consumer product 455 00:22:21,140 --> 00:22:26,300 that we all are familiar with, a microwave oven. 456 00:22:26,300 --> 00:22:30,620 Kenmore Elite Countertop 2.2 cubic foot. 457 00:22:30,620 --> 00:22:32,720 You go to Sears website. 458 00:22:32,720 --> 00:22:36,660 And what's interesting is they actually do a pretty good job. 459 00:22:36,660 --> 00:22:40,100 It's actually pretty consistent with what I'm saying here, 460 00:22:40,100 --> 00:22:42,210 except they don't talk about requirements. 461 00:22:42,210 --> 00:22:44,150 They call it description. 462 00:22:44,150 --> 00:22:46,740 So what's listed on their description. 463 00:22:46,740 --> 00:22:50,390 And this is, I'm pretty much quoting here, verbatim. 464 00:22:50,390 --> 00:22:54,770 This microwave is large enough to accommodate the big dishes, 465 00:22:54,770 --> 00:22:55,270 right? 466 00:22:55,270 --> 00:22:59,240 So the idea is this is sort of family style, right? 467 00:22:59,240 --> 00:23:03,860 This is not a small microwave just for a frozen meals. 468 00:23:03,860 --> 00:23:06,950 This is-- you should be able to put a big casserole in it. 469 00:23:06,950 --> 00:23:10,320 And reheat meals and so forth. 470 00:23:10,320 --> 00:23:14,150 So the idea that what are the things you're 471 00:23:14,150 --> 00:23:15,440 going to use in the microwave. 472 00:23:15,440 --> 00:23:17,000 What's the use case, right? 473 00:23:17,000 --> 00:23:18,260 CONOPS. 474 00:23:18,260 --> 00:23:19,790 CONOPS for the microwave. 475 00:23:19,790 --> 00:23:25,320 You know, family, for kids, both parents are working, 476 00:23:25,320 --> 00:23:27,950 busy, you know, not time to spend 477 00:23:27,950 --> 00:23:29,800 two hours preparing dinner. 478 00:23:29,800 --> 00:23:32,300 Therefore, big dishes, a lot of people. 479 00:23:32,300 --> 00:23:33,620 It has to be quick, right? 480 00:23:33,620 --> 00:23:36,710 That's a CONOPS. 481 00:23:36,710 --> 00:23:38,720 And the requirements, this description, 482 00:23:38,720 --> 00:23:40,130 is essentially the requirement. 483 00:23:40,130 --> 00:23:43,130 1,200 watts of power to reheat food quickly. 484 00:23:43,130 --> 00:23:45,200 So time is important. 485 00:23:45,200 --> 00:23:48,470 And then one touch settings for different food types, 486 00:23:48,470 --> 00:23:50,302 rice, pizza, frozen meals. 487 00:23:50,302 --> 00:23:51,260 And that, what is that? 488 00:23:51,260 --> 00:23:52,910 That's automation, right? 489 00:23:52,910 --> 00:23:55,100 Rather than having to guess how long and at what 490 00:23:55,100 --> 00:23:59,570 power level to reheat, there's some partial automation 491 00:23:59,570 --> 00:24:00,260 built in. 492 00:24:00,260 --> 00:24:04,320 That's essentially requirements, very user centric. 493 00:24:04,320 --> 00:24:05,600 Do you see that? 494 00:24:05,600 --> 00:24:07,780 And then when you look under specification, 495 00:24:07,780 --> 00:24:11,230 it says the following things: stainless steel exterior, 496 00:24:11,230 --> 00:24:11,730 right? 497 00:24:11,730 --> 00:24:13,350 Again, you don't want it to rust. 498 00:24:13,350 --> 00:24:15,400 The dimensions, the weight. 499 00:24:15,400 --> 00:24:17,340 There's a general warranty one year. 500 00:24:17,340 --> 00:24:19,740 The power cord is included. 501 00:24:19,740 --> 00:24:21,000 It's very different. 502 00:24:21,000 --> 00:24:24,690 Those are things that describe how it's made, the form of it, 503 00:24:24,690 --> 00:24:25,540 and so forth. 504 00:24:25,540 --> 00:24:30,620 So make sure you keep those separate. 505 00:24:30,620 --> 00:24:34,870 OK, so let me talk about the NASA requirements process. 506 00:24:34,870 --> 00:24:37,680 And then we'll talk about challenges. 507 00:24:37,680 --> 00:24:42,160 So getting back to the system engineering engine. 508 00:24:42,160 --> 00:24:46,825 That's sort of the heart of the NASA system engineering 509 00:24:46,825 --> 00:24:47,325 process. 510 00:24:47,325 --> 00:24:50,320 You remember, this is the-- 511 00:24:50,320 --> 00:24:53,280 this happens at every level of decomposition. 512 00:24:53,280 --> 00:24:55,930 After stakeholder expectations. 513 00:24:55,930 --> 00:24:59,850 The second step is technical requirements definition. 514 00:24:59,850 --> 00:25:02,520 And there's some pretty strong language in the handbook 515 00:25:02,520 --> 00:25:04,800 that this really has to be done well. 516 00:25:04,800 --> 00:25:07,680 So the center directors or their designees 517 00:25:07,680 --> 00:25:10,260 shall establish and maintain a process 518 00:25:10,260 --> 00:25:12,750 to include activities, requirements, guidelines, 519 00:25:12,750 --> 00:25:18,730 documentation for the definition of technical requirements. 520 00:25:18,730 --> 00:25:20,800 So I think I've already said this, 521 00:25:20,800 --> 00:25:23,655 but I just want to make it clear again, this is kind of-- 522 00:25:23,655 --> 00:25:24,870 I like this cartoon. 523 00:25:24,870 --> 00:25:26,580 This is Moses, right? 524 00:25:26,580 --> 00:25:27,480 Up on thee-- 525 00:25:27,480 --> 00:25:30,600 Moses just got the tablets, right? 526 00:25:30,600 --> 00:25:31,770 The stone tablets. 527 00:25:31,770 --> 00:25:34,800 They-- the 10 commandments. 528 00:25:34,800 --> 00:25:37,740 And one of them is, thou shalt not steal. 529 00:25:37,740 --> 00:25:40,290 And God says, out of the clouds, no, they're 530 00:25:40,290 --> 00:25:42,900 requirements, not goals, right? 531 00:25:42,900 --> 00:25:49,045 So what God is saying is that the 10 commandments are, shall, 532 00:25:49,045 --> 00:25:50,410 right? 533 00:25:50,410 --> 00:25:52,500 And not should. 534 00:25:52,500 --> 00:25:56,510 Even though, I think, some of us don't always succeed at that. 535 00:25:56,510 --> 00:25:59,420 But that's basically the idea. 536 00:25:59,420 --> 00:26:03,000 Shall is a very hard constraint. 537 00:26:03,000 --> 00:26:05,160 And that's what you will be judged against. 538 00:26:05,160 --> 00:26:09,330 And should is essentially a desirable goal. 539 00:26:09,330 --> 00:26:16,920 But the degree of attainment is somewhat flexible. 540 00:26:16,920 --> 00:26:18,340 Why are we doing this? 541 00:26:18,340 --> 00:26:22,180 Why are we spending our time writing technical requirements? 542 00:26:22,180 --> 00:26:26,160 It's essentially to transform those stakeholder expectations 543 00:26:26,160 --> 00:26:28,590 we talked about last time, transform them 544 00:26:28,590 --> 00:26:31,860 into measurable technical requirements. 545 00:26:31,860 --> 00:26:33,700 Requirements come in different flavors. 546 00:26:33,700 --> 00:26:35,560 And I'll mention those flavors. 547 00:26:35,560 --> 00:26:40,790 And we express them in these shall statements. 548 00:26:40,790 --> 00:26:43,080 They also provide a basis for agreement 549 00:26:43,080 --> 00:26:45,360 among the stakeholders and developers. 550 00:26:45,360 --> 00:26:49,230 So you will often find requirements part of contracts, 551 00:26:49,230 --> 00:26:50,610 right? 552 00:26:50,610 --> 00:26:54,240 Now it becomes serious, you know when the requirements set 553 00:26:54,240 --> 00:26:56,060 actually has legal implications. 554 00:26:56,060 --> 00:26:59,010 You're legally signing up to develop a system that 555 00:26:59,010 --> 00:27:01,200 will meet these requirements. 556 00:27:01,200 --> 00:27:04,370 That's pretty serious stuff. 557 00:27:04,370 --> 00:27:06,510 By writing good technical requirements, 558 00:27:06,510 --> 00:27:10,530 you can reduce the development effort, because of less rework. 559 00:27:10,530 --> 00:27:13,760 So a lot of rework and iterations and confusion 560 00:27:13,760 --> 00:27:17,510 is based on missing or poorly written requirement, right? 561 00:27:17,510 --> 00:27:21,240 And writing those early and before the design begins 562 00:27:21,240 --> 00:27:23,160 is helpful. 563 00:27:23,160 --> 00:27:26,640 A requirements set is also a basis for cost and schedule 564 00:27:26,640 --> 00:27:28,120 estimates. 565 00:27:28,120 --> 00:27:30,770 And so some of these missions that overran. 566 00:27:30,770 --> 00:27:33,300 Do you remember I showed you this chart last time. 567 00:27:33,300 --> 00:27:37,680 We analyzed 40 missions, earth and space science missions. 568 00:27:37,680 --> 00:27:41,285 Like 20% of them were responsible for 80% 569 00:27:41,285 --> 00:27:42,600 of the overruns. 570 00:27:42,600 --> 00:27:45,720 A lot of that had to do with unrealistic goals 571 00:27:45,720 --> 00:27:50,370 or expectations and requirements. 572 00:27:50,370 --> 00:27:54,360 And then the next point here is that the requirements provide 573 00:27:54,360 --> 00:27:56,610 the basis for verification. 574 00:27:56,610 --> 00:27:58,650 In other words, the better, the more 575 00:27:58,650 --> 00:28:01,780 crisp, the better written your requirements are, 576 00:28:01,780 --> 00:28:04,860 the easier it is to test the system 577 00:28:04,860 --> 00:28:07,170 and to check whether these-- 578 00:28:07,170 --> 00:28:09,540 whether the system is in compliance 579 00:28:09,540 --> 00:28:11,040 with the requirements. 580 00:28:11,040 --> 00:28:13,800 And then, eventually, the basis for acceptance. 581 00:28:13,800 --> 00:28:16,650 Acceptance is also a big deal, right? 582 00:28:16,650 --> 00:28:19,470 It basically means, I accept your design. 583 00:28:19,470 --> 00:28:21,210 I take ownership of it. 584 00:28:21,210 --> 00:28:24,120 And I say, you, as the developer of the system, 585 00:28:24,120 --> 00:28:25,680 have done your job properly. 586 00:28:25,680 --> 00:28:29,130 And there's a legal transfer of the assets that happens. 587 00:28:29,130 --> 00:28:34,870 So facilitates the transfer of the product to the users. 588 00:28:34,870 --> 00:28:36,780 And then even later, if you're going 589 00:28:36,780 --> 00:28:38,820 to do it like a version 2 or a block 590 00:28:38,820 --> 00:28:41,120 upgrade, a next generation product, 591 00:28:41,120 --> 00:28:44,400 it's much easier to do when you have a clear requirements, 592 00:28:44,400 --> 00:28:47,430 because it tells you what the original system or the earlier 593 00:28:47,430 --> 00:28:51,790 version was able to do or not do. 594 00:28:51,790 --> 00:28:52,750 Graphically. 595 00:28:52,750 --> 00:28:56,210 So this is figure 4.0.1. 596 00:28:56,210 --> 00:28:58,940 I briefly talked about this last time. 597 00:28:58,940 --> 00:29:02,010 We start, essentially, here at the development. 598 00:29:02,010 --> 00:29:03,870 We have mission authority. 599 00:29:03,870 --> 00:29:05,880 We do the stakeholder expectations. 600 00:29:05,880 --> 00:29:07,770 We talked about that last time. 601 00:29:07,770 --> 00:29:11,070 And then here, right away, comes a high level requirement. 602 00:29:11,070 --> 00:29:15,220 So that means your level 0, level 1 requirement. 603 00:29:15,220 --> 00:29:20,990 And then as you try to get more detailed in the requirements, 604 00:29:20,990 --> 00:29:23,590 what do you think happens? 605 00:29:23,590 --> 00:29:25,690 Ideally, you want to write all the requirements 606 00:29:25,690 --> 00:29:26,470 upfront, right? 607 00:29:26,470 --> 00:29:27,750 That would be great. 608 00:29:27,750 --> 00:29:32,082 But you try to do that, you hit a wall. 609 00:29:32,082 --> 00:29:34,470 Why is that? 610 00:29:34,470 --> 00:29:36,030 What's the issue? 611 00:29:36,030 --> 00:29:38,250 Why can't we just write all the requirements 612 00:29:38,250 --> 00:29:40,330 and then be done with it in one shot? 613 00:29:40,330 --> 00:29:40,830 Yes. 614 00:29:40,830 --> 00:29:42,170 Go ahead. 615 00:29:42,170 --> 00:29:44,100 AUDIENCE: Well, your system changes over time. 616 00:29:44,100 --> 00:29:45,700 And some of the requirements clash. 617 00:29:45,700 --> 00:29:48,444 And you can't achieve all of them simultaneously. 618 00:29:48,444 --> 00:29:50,610 PROFESSOR: Yes. so there's two things you mentioned. 619 00:29:50,610 --> 00:29:52,187 So one is the sort of-- 620 00:29:52,187 --> 00:29:52,770 and I'll talk. 621 00:29:52,770 --> 00:29:55,120 This is known as, requirements volatility, 622 00:29:55,120 --> 00:29:57,510 like the requirements are changing as you learn more 623 00:29:57,510 --> 00:29:58,740 about the problem. 624 00:29:58,740 --> 00:30:02,370 And then the other is you detect conflict between requirements. 625 00:30:02,370 --> 00:30:04,550 And you have to clean those up. 626 00:30:04,550 --> 00:30:06,840 Those are two very valid issues. 627 00:30:06,840 --> 00:30:09,360 But it's not quite what I was going for. 628 00:30:09,360 --> 00:30:12,060 AUDIENCE: There's another one, requirements creep, 629 00:30:12,060 --> 00:30:15,540 in which your customer levies these new requirements on you, 630 00:30:15,540 --> 00:30:16,950 once you've started the process. 631 00:30:16,950 --> 00:30:19,540 PROFESSOR: Yes, so new requirements get added. 632 00:30:19,540 --> 00:30:22,764 Hopefully, you get more budget, too. 633 00:30:22,764 --> 00:30:24,180 That doesn't always happen, right? 634 00:30:24,180 --> 00:30:26,100 So that's another issue. 635 00:30:26,100 --> 00:30:27,550 But it's a little different. 636 00:30:27,550 --> 00:30:29,600 Let's see, EPFL, you guys. 637 00:30:29,600 --> 00:30:32,700 Why don't we write like all four or five levels of requirements 638 00:30:32,700 --> 00:30:34,260 all at once? 639 00:30:34,260 --> 00:30:36,990 Why can't we do that, typically? 640 00:30:36,990 --> 00:30:38,844 Why do you think? 641 00:30:38,844 --> 00:30:42,610 AUDIENCE: Usually, the other requirements aren't clear. 642 00:30:42,610 --> 00:30:44,560 They don't exist yet. 643 00:30:44,560 --> 00:30:47,490 Later on in the process, they become clear. 644 00:30:47,490 --> 00:30:50,250 And you start to realize the details, which at first, 645 00:30:50,250 --> 00:30:51,259 you don't. 646 00:30:51,259 --> 00:30:53,550 PROFESSOR: That's-- I think that's pretty close to what 647 00:30:53,550 --> 00:30:54,370 I'm looking for. 648 00:30:54,370 --> 00:30:58,980 So the issue is you do your level 0, level 1 requirements. 649 00:30:58,980 --> 00:31:01,860 And then sort of as you get to level 2, 650 00:31:01,860 --> 00:31:04,710 you can't really write that level 2 requirement 651 00:31:04,710 --> 00:31:08,040 until you've made some key design decisions. 652 00:31:08,040 --> 00:31:10,890 Are we going to use electric propulsion or are we going 653 00:31:10,890 --> 00:31:12,870 to use chemical propulsion? 654 00:31:12,870 --> 00:31:16,290 You know, that's a huge decision in space system design. 655 00:31:16,290 --> 00:31:19,770 And unless you've made that decision, 656 00:31:19,770 --> 00:31:22,560 you can't really write lower level requirements, 657 00:31:22,560 --> 00:31:25,860 because the fundamental working principles 658 00:31:25,860 --> 00:31:29,580 of chemical and electrical propulsion are quite different. 659 00:31:29,580 --> 00:31:33,390 So that's the key issue is that you can only do the high level 660 00:31:33,390 --> 00:31:38,310 requirements in a solution neutral space. 661 00:31:38,310 --> 00:31:40,320 And then you hit the wall, because you've 662 00:31:40,320 --> 00:31:45,750 got to make some key concept technology selection decision. 663 00:31:45,750 --> 00:31:47,640 And that's shown here by this red box 664 00:31:47,640 --> 00:31:50,670 called functional and logical composition. 665 00:31:50,670 --> 00:31:54,140 I don't like that nomenclature a lot. 666 00:31:54,140 --> 00:31:56,490 This should really say, system architecture 667 00:31:56,490 --> 00:31:58,440 or concept selection, which we'll get 668 00:31:58,440 --> 00:32:01,110 into in the next couple weeks. 669 00:32:01,110 --> 00:32:04,200 Once you've chosen a high level architecture and concept, 670 00:32:04,200 --> 00:32:08,222 then you say, OK, we're going to go for ion propulsion. 671 00:32:08,222 --> 00:32:09,930 Well, then you can write the requirements 672 00:32:09,930 --> 00:32:13,620 for the ion propulsion system, which 673 00:32:13,620 --> 00:32:18,210 are we through the find in this yellow box here. 674 00:32:18,210 --> 00:32:20,340 So this is your design and product structure, 675 00:32:20,340 --> 00:32:23,910 derived an allocated requirements at lower levels. 676 00:32:23,910 --> 00:32:25,430 You see that? 677 00:32:25,430 --> 00:32:28,140 That's the fundament-- all the things you said, 678 00:32:28,140 --> 00:32:30,390 requirements creep requirements conflict. 679 00:32:33,420 --> 00:32:35,170 All those things are true. 680 00:32:35,170 --> 00:32:36,750 But the fundamental reason why we 681 00:32:36,750 --> 00:32:38,700 can't write all the requirements upfront, 682 00:32:38,700 --> 00:32:42,240 because, at some point, the lower level requirements depend 683 00:32:42,240 --> 00:32:44,880 on design decisions made. 684 00:32:44,880 --> 00:32:47,910 That's the fundamental issue. 685 00:32:47,910 --> 00:32:51,480 OK, any questions about that point? 686 00:32:51,480 --> 00:32:52,947 Yes? 687 00:32:52,947 --> 00:32:54,780 AUDIENCE: It's not totally about that point. 688 00:32:54,780 --> 00:32:55,654 But it's still like-- 689 00:32:55,654 --> 00:32:57,600 So requirements versus specification. 690 00:32:57,600 --> 00:33:00,630 So if you're like buying a component 691 00:33:00,630 --> 00:33:02,460 from a vendor, some piece of hardware, 692 00:33:02,460 --> 00:33:04,876 and you want identify like the specific locations 693 00:33:04,876 --> 00:33:06,250 where it should attach to things, 694 00:33:06,250 --> 00:33:09,042 it's more of like a form as opposed to really-- 695 00:33:09,042 --> 00:33:10,500 so does that fall into requirements 696 00:33:10,500 --> 00:33:11,550 or is that like a specification? 697 00:33:11,550 --> 00:33:12,040 PROFESSOR: Great point. 698 00:33:12,040 --> 00:33:13,950 So there are-- what you're describing 699 00:33:13,950 --> 00:33:16,230 is a peculiar type of requirement 700 00:33:16,230 --> 00:33:18,240 that we call interface requirements. 701 00:33:18,240 --> 00:33:21,930 And it's a perfect segue to this next-- 702 00:33:21,930 --> 00:33:23,310 you know, if I could only include 703 00:33:23,310 --> 00:33:26,650 like I don't five slides in this lecture, 704 00:33:26,650 --> 00:33:28,920 this would be one of them. 705 00:33:28,920 --> 00:33:31,450 This basically is what are the different flavors 706 00:33:31,450 --> 00:33:33,400 of requirements or types of requirements. 707 00:33:33,400 --> 00:33:35,920 And there are six of them here. 708 00:33:35,920 --> 00:33:38,050 So first of all, the functional requirements. 709 00:33:38,050 --> 00:33:40,050 I think we've sort of talked about those, right? 710 00:33:40,050 --> 00:33:42,870 Define the functions that need to be done to accomplish 711 00:33:42,870 --> 00:33:44,630 the mission objectives. 712 00:33:44,630 --> 00:33:48,490 There's some examples here around thrust vector control. 713 00:33:48,490 --> 00:33:50,310 So basically, the idea here is that you 714 00:33:50,310 --> 00:33:51,570 have a thrusting system. 715 00:33:51,570 --> 00:33:56,420 And it has or you can actually direct the thrust. 716 00:33:56,420 --> 00:33:59,130 And in this case, you should control the thrust. 717 00:33:59,130 --> 00:34:03,420 You shall provide thrust control around pitch and your axes. 718 00:34:03,420 --> 00:34:06,360 So this statement is a high level functional statement. 719 00:34:06,360 --> 00:34:11,429 And it's written in the actor verb, object form, right? 720 00:34:11,429 --> 00:34:14,080 So that's sort of the classic, you know, 721 00:34:14,080 --> 00:34:16,409 the classic requirement and the functional requirement. 722 00:34:16,409 --> 00:34:19,010 And then we have performance requirements. 723 00:34:19,010 --> 00:34:20,960 The performance requirements are, in a sense, 724 00:34:20,960 --> 00:34:24,719 qualifiers on the functional requirements. 725 00:34:24,719 --> 00:34:26,460 So a performance requirement will 726 00:34:26,460 --> 00:34:31,770 specify how well the function should be performed, 727 00:34:31,770 --> 00:34:34,679 how fast should it fly, how much thrust. 728 00:34:34,679 --> 00:34:38,230 You know, this is where you have to actually put numbers in. 729 00:34:38,230 --> 00:34:41,780 So in this case, this thrust vector controller 730 00:34:41,780 --> 00:34:47,040 shall gimbal the engine 9 degrees, right? 731 00:34:47,040 --> 00:34:50,280 That's the deflection angle, at least 9 degrees, 732 00:34:50,280 --> 00:34:52,229 plus or minus 1 degree, degree. 733 00:34:52,229 --> 00:34:53,250 0.1 degree. 734 00:34:53,250 --> 00:34:56,820 That's the performance requirement. 735 00:34:56,820 --> 00:34:59,170 Then we have constraints. 736 00:34:59,170 --> 00:35:02,000 OK, yeah? 737 00:35:02,000 --> 00:35:04,000 STUDENT: Isn't the performance department saying 738 00:35:04,000 --> 00:35:05,940 that the engine has to gimbal 9 degrees, 739 00:35:05,940 --> 00:35:08,550 isn't that kind of pushing toward the specification. 740 00:35:08,550 --> 00:35:09,400 Or is that? 741 00:35:09,400 --> 00:35:11,420 I mean, I guess, is can also be a requirement. 742 00:35:11,420 --> 00:35:12,480 But isn't that? 743 00:35:12,480 --> 00:35:15,570 PROFESSOR: Right, in this case, we have a set, 744 00:35:15,570 --> 00:35:20,610 and we're not specifying how those 9 degrees are achieved, 745 00:35:20,610 --> 00:35:27,090 you know, whether it's through a gimbal or the actual mechanism 746 00:35:27,090 --> 00:35:29,280 or how it's not described here. 747 00:35:29,280 --> 00:35:31,690 All that's described is the angular [? range, ?] 748 00:35:31,690 --> 00:35:33,110 essentially, that this. 749 00:35:33,110 --> 00:35:36,760 And that is a performance requirement. 750 00:35:36,760 --> 00:35:38,820 But you'll see, there will be some examples 751 00:35:38,820 --> 00:35:42,630 of things that are putting limits on the form, which looks 752 00:35:42,630 --> 00:35:44,640 more like a specification. 753 00:35:44,640 --> 00:35:46,440 So then we have constraints. 754 00:35:46,440 --> 00:35:52,362 Constraints are things on like weight, mass, power, 755 00:35:52,362 --> 00:35:53,070 things like that. 756 00:35:53,070 --> 00:35:56,070 So constraints are requirements that cannot be traded off with 757 00:35:56,070 --> 00:35:58,450 respect that cost, schedule, or performance. 758 00:35:58,450 --> 00:36:03,300 So for example, the prospector controller unit module 759 00:36:03,300 --> 00:36:06,210 shall weigh less than 120 pounds. 760 00:36:06,210 --> 00:36:08,860 So that's a-- that's not, if you think about it, 761 00:36:08,860 --> 00:36:10,770 that is not functional, right? 762 00:36:10,770 --> 00:36:16,190 The weight of the thrust vector controller 763 00:36:16,190 --> 00:36:20,450 shall not be more than 100-- that is not performance. 764 00:36:20,450 --> 00:36:23,120 It's not functional requirement, but it's a constraint 765 00:36:23,120 --> 00:36:24,860 on the form, essentially. 766 00:36:24,860 --> 00:36:28,570 So this looks more like what we would call a specification 767 00:36:28,570 --> 00:36:30,230 constraint. 768 00:36:30,230 --> 00:36:32,390 The fourth one is what [? Marissa ?] brought up. 769 00:36:32,390 --> 00:36:34,580 This is an interface requirement. 770 00:36:34,580 --> 00:36:38,510 OK, so in this case, our thrust vector controller 771 00:36:38,510 --> 00:36:42,560 shall interface with the J-2x The J-2x is 772 00:36:42,560 --> 00:36:44,400 a very famous engine. 773 00:36:44,400 --> 00:36:48,120 And J-2x is a kind of-- 774 00:36:48,120 --> 00:36:50,060 this is sort of, this was written 775 00:36:50,060 --> 00:36:53,150 during the constellation days of the constellation program 776 00:36:53,150 --> 00:36:57,500 at NASA is the idea of a new generation of the J-2 engine. 777 00:36:57,500 --> 00:37:00,500 So the idea is that whatever you do, 778 00:37:00,500 --> 00:37:03,590 however you design your thrust vector controller, 779 00:37:03,590 --> 00:37:07,670 it must be able to interface with the J-2x engine, 780 00:37:07,670 --> 00:37:10,490 according to conditions specified 781 00:37:10,490 --> 00:37:13,890 in this interface control document. 782 00:37:13,890 --> 00:37:18,230 So this is called an interface requirement. 783 00:37:18,230 --> 00:37:22,050 Then the fifth category are environmental requirements. 784 00:37:22,050 --> 00:37:27,120 So the TVC shall use [? Biber ?] acoustic shocks and loads 785 00:37:27,120 --> 00:37:30,020 according, again, to some environmental document. 786 00:37:30,020 --> 00:37:32,300 And by the way, for the CanSat competition, 787 00:37:32,300 --> 00:37:33,300 we have that, right? 788 00:37:33,300 --> 00:37:34,640 There's two documents. 789 00:37:34,640 --> 00:37:36,080 There's the mission guide. 790 00:37:36,080 --> 00:37:38,660 And then there's this environmental testing guide. 791 00:37:38,660 --> 00:37:43,930 So what this essentially says is under what conditions shall 792 00:37:43,930 --> 00:37:46,860 the performance, and functional-- 793 00:37:46,860 --> 00:37:48,950 the functions and performance that 794 00:37:48,950 --> 00:37:50,960 are specified in the first two type 795 00:37:50,960 --> 00:37:54,350 of requirements, under what conditions shall that 796 00:37:54,350 --> 00:37:56,300 be performed, right? 797 00:37:56,300 --> 00:37:58,340 And if anything you think about it, 798 00:37:58,340 --> 00:38:01,640 designing whether it's a sensor or anything 799 00:38:01,640 --> 00:38:07,880 to operate between 0 degrees Celsius and 30 degrees Celsius 800 00:38:07,880 --> 00:38:13,400 or between minus 60 and plus 80, is a huge difference, right? 801 00:38:13,400 --> 00:38:15,350 You can write that down. 802 00:38:15,350 --> 00:38:18,170 But what that actually means to open up 803 00:38:18,170 --> 00:38:21,200 the range of environmental conditions, 804 00:38:21,200 --> 00:38:23,330 it has a big, big impact on the design. 805 00:38:23,330 --> 00:38:25,970 And so this is a big deal in practice. 806 00:38:25,970 --> 00:38:29,797 And then, at least in Space Systems design, 807 00:38:29,797 --> 00:38:31,880 you know a lot of these environmental requirements 808 00:38:31,880 --> 00:38:35,930 are of course, driven by the space environment or the launch 809 00:38:35,930 --> 00:38:36,980 environment. 810 00:38:36,980 --> 00:38:39,530 If you're designing airplanes, whether you're 811 00:38:39,530 --> 00:38:42,140 flying in a small mountainous country like Switzerland 812 00:38:42,140 --> 00:38:45,320 or on the ocean off of an aircraft carrier, 813 00:38:45,320 --> 00:38:47,539 those are very different environments. 814 00:38:47,539 --> 00:38:48,830 And they're going to influence. 815 00:38:48,830 --> 00:38:51,050 You have to specify the operating requirement. 816 00:38:51,050 --> 00:38:53,480 The bigger the envelope that you make 817 00:38:53,480 --> 00:38:56,780 for the environmental requirements, the more complex 818 00:38:56,780 --> 00:38:59,120 the system will be. 819 00:38:59,120 --> 00:39:04,505 Also medical-- anybody working on medical devices here? 820 00:39:04,505 --> 00:39:05,340 EPFL. 821 00:39:05,340 --> 00:39:05,960 Anybody? 822 00:39:05,960 --> 00:39:07,940 Medical devices? 823 00:39:07,940 --> 00:39:11,030 So in medical devices, it's the same thing. 824 00:39:11,030 --> 00:39:12,680 Is this medical device going to be 825 00:39:12,680 --> 00:39:15,100 used in a hospital setting, where 826 00:39:15,100 --> 00:39:16,910 everything is kind of clean. 827 00:39:16,910 --> 00:39:19,190 You have clean power. 828 00:39:19,190 --> 00:39:21,980 The nurses, everybody is very well-trained. 829 00:39:21,980 --> 00:39:22,800 That's one thing. 830 00:39:22,800 --> 00:39:26,510 Or is his medical device going to be used in the field, 831 00:39:26,510 --> 00:39:27,580 you know? 832 00:39:27,580 --> 00:39:31,670 In Africa, in India, in a rural area, where people are not, 833 00:39:31,670 --> 00:39:35,090 maybe not trained, medically and professionally and so forth. 834 00:39:35,090 --> 00:39:35,910 Very different. 835 00:39:35,910 --> 00:39:37,890 The function may be the same. 836 00:39:37,890 --> 00:39:40,130 But the environmental conditions are very different. 837 00:39:40,130 --> 00:39:43,130 You have to really specify those. 838 00:39:43,130 --> 00:39:46,460 And then we have-- the last category is kind of the other. 839 00:39:46,460 --> 00:39:49,220 It's sort of a catchall. 840 00:39:49,220 --> 00:39:51,210 But it can be very important. 841 00:39:51,210 --> 00:39:54,980 So this includes a lot of the human factors, reliability 842 00:39:54,980 --> 00:39:56,390 and safety requirements. 843 00:39:56,390 --> 00:39:59,900 Those are-- and you know, they're listed here as other. 844 00:39:59,900 --> 00:40:01,340 And I think it's really important 845 00:40:01,340 --> 00:40:04,820 to say that just because they're listed here 846 00:40:04,820 --> 00:40:06,410 doesn't mean they're less important. 847 00:40:06,410 --> 00:40:09,740 These are often neglected, unfortunately. 848 00:40:09,740 --> 00:40:12,360 And it really can hurt you in the long term. 849 00:40:12,360 --> 00:40:16,070 So pay attention to those human factors, reliability, 850 00:40:16,070 --> 00:40:17,540 and safety requirements. 851 00:40:17,540 --> 00:40:22,250 So six types of requirements. 852 00:40:22,250 --> 00:40:25,220 So let's talk about what makes good or acceptable 853 00:40:25,220 --> 00:40:26,810 requirements. 854 00:40:26,810 --> 00:40:30,500 And there's a distinction here between a single requirement 855 00:40:30,500 --> 00:40:33,050 statement and then sets of a requirements. 856 00:40:33,050 --> 00:40:35,480 So first of all, requirements should 857 00:40:35,480 --> 00:40:37,670 be written in natural language. 858 00:40:37,670 --> 00:40:41,480 They should be complete sentences. 859 00:40:41,480 --> 00:40:44,600 And each of the requirement statements 860 00:40:44,600 --> 00:40:52,010 should be clear and consistent, meaning that it's not a novel 861 00:40:52,010 --> 00:40:54,260 or it's not a poem. 862 00:40:54,260 --> 00:40:55,100 But it's clear. 863 00:40:55,100 --> 00:40:56,240 It's understandable. 864 00:40:56,240 --> 00:40:57,890 It's well-written. 865 00:40:57,890 --> 00:40:58,730 It's correct. 866 00:40:58,730 --> 00:40:59,930 There's no errors in it. 867 00:40:59,930 --> 00:41:00,980 It's feasible. 868 00:41:00,980 --> 00:41:02,780 Now that's a really tricky one. 869 00:41:02,780 --> 00:41:06,170 That's the first thing here that's really tricky, 870 00:41:06,170 --> 00:41:07,490 when you think about it. 871 00:41:07,490 --> 00:41:09,140 Feasible means, what? 872 00:41:09,140 --> 00:41:12,680 It means this requirement can be satisfied 873 00:41:12,680 --> 00:41:17,120 within the laws of physics and state of the art technologies 874 00:41:17,120 --> 00:41:18,680 and other project constraints. 875 00:41:18,680 --> 00:41:22,022 So why is that a tricky one? 876 00:41:22,022 --> 00:41:23,960 Go ahead. 877 00:41:23,960 --> 00:41:26,270 AUDIENCE: I was going to ask a question regarding that, 878 00:41:26,270 --> 00:41:29,120 in terms of how do you deal with a program 879 00:41:29,120 --> 00:41:31,360 where you're working on things or you're 880 00:41:31,360 --> 00:41:34,160 trying to actually maybe define the state of the art 881 00:41:34,160 --> 00:41:37,220 or figure out what is feasible. 882 00:41:37,220 --> 00:41:38,060 PROFESSOR: Right. 883 00:41:38,060 --> 00:41:41,720 so if you're basically designing a product or a project 884 00:41:41,720 --> 00:41:46,010 or a system that's a repeat of what's already been done, 885 00:41:46,010 --> 00:41:49,160 then you can have pretty good confidence, right, 886 00:41:49,160 --> 00:41:51,230 that those poles are feasible. 887 00:41:51,230 --> 00:41:55,121 But what if you're doing, let's say the-- 888 00:41:55,121 --> 00:41:57,110 I think I mentioned this last time. 889 00:41:57,110 --> 00:41:58,880 You're going to Europa. 890 00:41:58,880 --> 00:42:00,980 And you're going to drill through the ice. 891 00:42:00,980 --> 00:42:03,980 And you're going to explore the ocean under the ice in Europa. 892 00:42:03,980 --> 00:42:05,720 It's never been done before. 893 00:42:05,720 --> 00:42:07,370 You know, can we actually do this? 894 00:42:07,370 --> 00:42:09,920 So this is the tricky thing. 895 00:42:09,920 --> 00:42:13,400 How ambitious, how ambitious can the requirements 896 00:42:13,400 --> 00:42:16,040 be and you still claim feasibility? 897 00:42:16,040 --> 00:42:18,380 And that's also one of the big reasons 898 00:42:18,380 --> 00:42:21,210 why programs get in trouble is when they're actually 899 00:42:21,210 --> 00:42:26,870 defining requirements that are not really feasible within-- 900 00:42:26,870 --> 00:42:29,060 they're definitely way beyond the state of the art. 901 00:42:29,060 --> 00:42:32,900 And within the time frame and budget allocated, 902 00:42:32,900 --> 00:42:34,460 you can't get there. 903 00:42:34,460 --> 00:42:37,430 And many, many programs that run into this problem 904 00:42:37,430 --> 00:42:39,650 are the ones where the technologies 905 00:42:39,650 --> 00:42:42,570 that you're going to use are not really ready yet. 906 00:42:42,570 --> 00:42:45,260 You know, there-- we'll talk later about technology 907 00:42:45,260 --> 00:42:47,020 readiness levels scale. 908 00:42:47,020 --> 00:42:49,730 You're not really ready yet to do this, 909 00:42:49,730 --> 00:42:51,830 but you're going to try anyway. 910 00:42:51,830 --> 00:42:54,530 So that's a tricky one, feasibility. 911 00:42:54,530 --> 00:42:57,920 Flexibility is, you know, don't over specify 912 00:42:57,920 --> 00:42:59,010 how things should be done. 913 00:42:59,010 --> 00:43:01,850 So don't say how it should be satisfied. 914 00:43:01,850 --> 00:43:02,990 Without ambiguity. 915 00:43:02,990 --> 00:43:06,320 That means if 10 people read this requirement, 916 00:43:06,320 --> 00:43:10,390 they should have the same or very similar interpretation. 917 00:43:10,390 --> 00:43:13,350 Singular statement, one actor [? verb ?] object. 918 00:43:13,350 --> 00:43:16,580 And then the last point here is verifiability. 919 00:43:16,580 --> 00:43:19,730 How are you going to check whether or not 920 00:43:19,730 --> 00:43:22,794 this requirement will, in fact, satisfy you. 921 00:43:22,794 --> 00:43:24,710 AUDIENCE: With regard to that, the feasibility 922 00:43:24,710 --> 00:43:26,570 again for some of these programs I 923 00:43:26,570 --> 00:43:32,220 had large, [? overrun ?] schedule, overruns. 924 00:43:32,220 --> 00:43:34,370 I mean, would it be almost better in a sense 925 00:43:34,370 --> 00:43:40,270 to have some of the requirements be more shalls, like-- 926 00:43:40,270 --> 00:43:41,810 or goal. 927 00:43:41,810 --> 00:43:45,410 In other words, you know, if you can do this, go for it. 928 00:43:45,410 --> 00:43:47,690 But if you're going to run over 10 years, 929 00:43:47,690 --> 00:43:50,580 maybe back off a couple of percent. 930 00:43:50,580 --> 00:43:51,580 PROFESSOR: That's right. 931 00:43:51,580 --> 00:43:53,496 And what-- we'll talk about this a little bit. 932 00:43:53,496 --> 00:43:56,750 But if you-- all of them are shall statements. 933 00:43:56,750 --> 00:43:58,520 They're all hard constraints. 934 00:43:58,520 --> 00:44:01,100 The objective space that I showed you 935 00:44:01,100 --> 00:44:04,730 may, in fact, have 0 feasible space. 936 00:44:04,730 --> 00:44:08,060 So really knowing where, what is a hard constraint, what 937 00:44:08,060 --> 00:44:11,880 is a hard requirement, and what is flexible, 938 00:44:11,880 --> 00:44:13,790 that's very tricky. 939 00:44:13,790 --> 00:44:17,570 And that's why it's important to actually not just accept 940 00:44:17,570 --> 00:44:18,290 requirements. 941 00:44:18,290 --> 00:44:21,026 You know, if you're going to run a project, every requirement, 942 00:44:21,026 --> 00:44:22,400 you want to really understand it. 943 00:44:22,400 --> 00:44:27,260 And if you think this requirement is infeasible, 944 00:44:27,260 --> 00:44:28,550 you have to negotiate. 945 00:44:28,550 --> 00:44:30,130 That's where the upfront negotiation 946 00:44:30,130 --> 00:44:31,650 becomes really important. 947 00:44:31,650 --> 00:44:35,251 Did we lose our EPFL? 948 00:44:35,251 --> 00:44:35,750 OK. 949 00:44:35,750 --> 00:44:36,020 GUEST SPEAKER: Hello? 950 00:44:36,020 --> 00:44:37,186 PROFESSOR: Go ahead, please. 951 00:44:37,186 --> 00:44:40,002 GUEST SPEAKER: [INAUDIBLE] 952 00:44:40,002 --> 00:44:41,210 PROFESSOR: Please, go for it. 953 00:44:44,280 --> 00:44:49,882 AUDIENCE: So in 1990, we got the requirements from NASA 954 00:44:49,882 --> 00:44:52,512 to build a space [? bioreactor. ?] 955 00:44:52,512 --> 00:44:54,400 And all the students will love this. 956 00:44:54,400 --> 00:44:57,694 It was the smallest brewery that ever flew in space. 957 00:44:57,694 --> 00:45:02,910 And the initial requirements was that all fluid containers had 958 00:45:02,910 --> 00:45:05,570 to be solid with double walls. 959 00:45:05,570 --> 00:45:10,855 And this meant that we had another solution with bladders. 960 00:45:10,855 --> 00:45:11,793 [INAUDIBLE] bladders. 961 00:45:11,793 --> 00:45:15,550 So we had a real fight up front in the proposal phase 962 00:45:15,550 --> 00:45:19,885 to demonstrate the compliancy to the requirement 963 00:45:19,885 --> 00:45:23,436 of going the cell culture, yeast cell culture, 964 00:45:23,436 --> 00:45:27,930 and still being non-compliant, actually, 965 00:45:27,930 --> 00:45:33,271 to this requirement of hard double-walled fluid containers. 966 00:45:33,271 --> 00:45:37,199 And so this is exactly [? the point, finding these ?] 967 00:45:37,199 --> 00:45:42,271 [INAUDIBLE] since the last 15 to 20 years. 968 00:45:42,271 --> 00:45:44,210 And this was a breakthrough in technology. 969 00:45:44,210 --> 00:45:46,653 And there, you will always have these challenges 970 00:45:46,653 --> 00:45:49,479 with the agencies, with your customers. 971 00:45:49,479 --> 00:45:51,632 They are [INAUDIBLE] set in their ways. 972 00:45:51,632 --> 00:45:55,880 And you have to demonstrate the feasibility to them 973 00:45:55,880 --> 00:45:58,330 to make them change the requirement that allows you 974 00:45:58,330 --> 00:46:00,074 to change the specification. 975 00:46:00,074 --> 00:46:01,990 PROFESSOR: No, I think that's a great example. 976 00:46:01,990 --> 00:46:04,730 So in the end, you were successful to argue 977 00:46:04,730 --> 00:46:07,886 for the bladder the bladder solution. 978 00:46:07,886 --> 00:46:10,035 GUEST SPEAKER: Well, the bladder was just how 979 00:46:10,035 --> 00:46:14,550 to keep the fresh medium and the used medium, meaning the beer. 980 00:46:14,550 --> 00:46:19,270 The technology was to put in [INAUDIBLE] 981 00:46:19,270 --> 00:46:23,160 And actually, it needed to have flexibility 982 00:46:23,160 --> 00:46:26,825 on the pressure in the reservoir. 983 00:46:26,825 --> 00:46:29,775 That's why the argument to put [INAUDIBLE] in space 984 00:46:29,775 --> 00:46:32,740 finally won the day, and allowed to relax 985 00:46:32,740 --> 00:46:33,850 the other requirements. 986 00:46:33,850 --> 00:46:36,200 PROFESSOR: Yeah, thank you, thank you. 987 00:46:36,200 --> 00:46:37,880 A great example there. 988 00:46:37,880 --> 00:46:39,440 Any other comments? 989 00:46:39,440 --> 00:46:42,730 AUDIENCE: [COUGHING] 990 00:46:42,730 --> 00:46:45,690 PROFESSOR: OK, so so all this is a pretty long list. 991 00:46:45,690 --> 00:46:48,600 And this applies to single requirements. 992 00:46:48,600 --> 00:46:51,480 And then there's a set of-- this is really important. 993 00:46:51,480 --> 00:46:53,370 Then there's a set of characteristics 994 00:46:53,370 --> 00:46:56,760 that we want to see when you look at sets of requirements, 995 00:46:56,760 --> 00:46:58,440 groups that require. 996 00:46:58,440 --> 00:47:00,220 Absence of redundancy. 997 00:47:00,220 --> 00:47:04,220 This means that each requirement is specified only once, right? 998 00:47:04,220 --> 00:47:06,870 You don't want to have redundancy. 999 00:47:06,870 --> 00:47:09,240 Redundancy can be good in system design, 1000 00:47:09,240 --> 00:47:11,850 but not in the requirements. 1001 00:47:11,850 --> 00:47:14,220 Consistency, using terms. 1002 00:47:14,220 --> 00:47:16,410 Completeness, this basically means 1003 00:47:16,410 --> 00:47:18,480 not missing key requirements. 1004 00:47:18,480 --> 00:47:21,240 And then this idea of absence of conflict. 1005 00:47:21,240 --> 00:47:23,670 And this is also similar to the feasibility. 1006 00:47:23,670 --> 00:47:25,650 This is a tricky one. 1007 00:47:25,650 --> 00:47:28,150 Requirements can be in tension with each other, 1008 00:47:28,150 --> 00:47:30,810 particularly their should goals. 1009 00:47:30,810 --> 00:47:33,960 But they shouldn't be in direct conflict with each other, 1010 00:47:33,960 --> 00:47:37,410 like you know you shall use aluminum for this unit. 1011 00:47:37,410 --> 00:47:40,020 And then another requirements says, no metals 1012 00:47:40,020 --> 00:47:42,660 are allowed to be used in this unit. 1013 00:47:42,660 --> 00:47:44,420 You can't. 1014 00:47:44,420 --> 00:47:46,260 That conflict is not solvable. 1015 00:47:46,260 --> 00:47:48,120 That's a direct contradiction. 1016 00:47:48,120 --> 00:47:51,240 That's different from having competing requirements 1017 00:47:51,240 --> 00:47:54,010 or requirements in tension. 1018 00:47:54,010 --> 00:47:56,610 So let's do a quick exercise. 1019 00:47:56,610 --> 00:47:59,230 And then we'll actually take a break, as well. 1020 00:47:59,230 --> 00:48:03,870 So this is a turn to your partner exercise. 1021 00:48:03,870 --> 00:48:05,490 And then we'll have a break. 1022 00:48:05,490 --> 00:48:08,670 And we'll restart in like about seven minutes. 1023 00:48:08,670 --> 00:48:10,200 So here's what I'd like you to do. 1024 00:48:10,200 --> 00:48:12,240 I have three systems here. 1025 00:48:12,240 --> 00:48:15,130 They're very different in scale and complexity. 1026 00:48:15,130 --> 00:48:17,280 So A is sticky tape. 1027 00:48:17,280 --> 00:48:19,710 And I'll tell you this quick story here. 1028 00:48:19,710 --> 00:48:23,440 I grew up in Switzerland surrounded by farms, you know. 1029 00:48:23,440 --> 00:48:25,650 And I spent all my time at the farms 1030 00:48:25,650 --> 00:48:28,260 and you know, big tables, big families. 1031 00:48:28,260 --> 00:48:30,850 And this is-- they have these things here. 1032 00:48:30,850 --> 00:48:34,380 This is basically-- these are flies sticking on tape. 1033 00:48:34,380 --> 00:48:37,570 This is to keep the flies off the dinner table. 1034 00:48:37,570 --> 00:48:41,880 It's called Mr. sticky tape for trapping flies. 1035 00:48:41,880 --> 00:48:43,560 Really kind of gross. 1036 00:48:43,560 --> 00:48:45,890 But I remember it. 1037 00:48:45,890 --> 00:48:48,670 B is I just a couple of weeks ago had 1038 00:48:48,670 --> 00:48:50,820 a test drive and the new I3. 1039 00:48:50,820 --> 00:48:55,110 This is the BMW small electric city car. 1040 00:48:55,110 --> 00:48:56,850 Very cool. 1041 00:48:56,850 --> 00:49:01,590 And then C is something that at EPFL, you guys know very well. 1042 00:49:01,590 --> 00:49:03,570 This is the Rolex center. 1043 00:49:03,570 --> 00:49:05,190 It looks kind of like Swiss cheese, 1044 00:49:05,190 --> 00:49:06,690 when you look from the top. 1045 00:49:06,690 --> 00:49:10,630 This is the equivalent of W-20 here at MIT. 1046 00:49:10,630 --> 00:49:11,970 This is the student center. 1047 00:49:11,970 --> 00:49:14,260 So there's a library there. 1048 00:49:14,260 --> 00:49:16,930 There's a cafeteria there and so forth. 1049 00:49:16,930 --> 00:49:21,010 So what I'd like you to do is turn to your partner, 1050 00:49:21,010 --> 00:49:25,140 pick one of those three, and come up 1051 00:49:25,140 --> 00:49:29,280 with one single statement, one good requirement 1052 00:49:29,280 --> 00:49:33,030 that you think was possibly used in the development 1053 00:49:33,030 --> 00:49:36,300 of that solution, whichever one you pick, OK? 1054 00:49:36,300 --> 00:49:38,460 So pick one of those three. 1055 00:49:38,460 --> 00:49:41,790 And then jointly discuss and write a requirement 1056 00:49:41,790 --> 00:49:45,510 that you think led to this design, OK? 1057 00:49:45,510 --> 00:49:47,550 So take about five minutes. 1058 00:49:47,550 --> 00:49:48,420 Take a break. 1059 00:49:48,420 --> 00:49:51,900 And then we'll sample what you came up with. 1060 00:49:51,900 --> 00:49:55,520 So let's hear from EPFL first. 1061 00:49:55,520 --> 00:49:59,200 did anybody do A? 1062 00:49:59,200 --> 00:50:00,570 AUDIENCE: We did A. 1063 00:50:00,570 --> 00:50:02,010 PROFESSOR: OK, go for it. 1064 00:50:02,010 --> 00:50:04,200 Speak up. 1065 00:50:04,200 --> 00:50:06,660 AUDIENCE: We had four requirements for. 1066 00:50:06,660 --> 00:50:08,430 PROFESSOR: OK, go for it. 1067 00:50:08,430 --> 00:50:09,470 AUDIENCE: All right. 1068 00:50:09,470 --> 00:50:15,570 So The tape shows [INAUDIBLE] of the tape 1069 00:50:15,570 --> 00:50:18,600 should be less than 4 grand. 1070 00:50:18,600 --> 00:50:26,554 The tape should be able to catch up to 60 insects. 1071 00:50:26,554 --> 00:50:29,270 And the sticky tape should not be toxic for humans. 1072 00:50:29,270 --> 00:50:31,500 PROFESSOR: OK, I like, yeah, the toxicity. 1073 00:50:31,500 --> 00:50:32,250 That's good. 1074 00:50:32,250 --> 00:50:33,570 Excellent. 1075 00:50:33,570 --> 00:50:34,320 Very good. 1076 00:50:34,320 --> 00:50:36,120 ow who did A here at MIT. 1077 00:50:36,120 --> 00:50:36,810 Anybody? 1078 00:50:36,810 --> 00:50:37,990 A? 1079 00:50:37,990 --> 00:50:38,490 Go for it. 1080 00:50:42,400 --> 00:50:46,830 AUDIENCE: We said if greater than 10% 1081 00:50:46,830 --> 00:50:50,070 of the surface area of the fly contacts the paper, 1082 00:50:50,070 --> 00:50:53,630 it shall not be able to release itself. 1083 00:50:53,630 --> 00:50:55,000 PROFESSOR: Ah, I see. 1084 00:50:55,000 --> 00:50:57,750 So this is a trapping requirement. 1085 00:50:57,750 --> 00:50:59,459 AUDIENCE: Yeah, how effective should it-- 1086 00:50:59,459 --> 00:51:01,958 PROFESSOR: There are different, very different flies, right? 1087 00:51:01,958 --> 00:51:03,630 There like these little day flies. 1088 00:51:03,630 --> 00:51:05,400 And then there's huge horseflies. 1089 00:51:05,400 --> 00:51:08,710 So which type of fly did this apply to. 1090 00:51:08,710 --> 00:51:11,190 AUDIENCE: We said 10% of the surface area of the fly. 1091 00:51:11,190 --> 00:51:12,840 PROFESSOR: Oh, any type of fly. 1092 00:51:12,840 --> 00:51:14,835 Any different fly species. 1093 00:51:14,835 --> 00:51:15,460 AUDIENCE: Yeah. 1094 00:51:15,460 --> 00:51:16,043 PROFESSOR: OK. 1095 00:51:16,594 --> 00:51:17,260 All right, cool. 1096 00:51:17,260 --> 00:51:18,516 So go ahead. 1097 00:51:18,516 --> 00:51:19,890 Well, you know the point of this. 1098 00:51:19,890 --> 00:51:21,570 You get the point of this is, right? 1099 00:51:21,570 --> 00:51:26,290 A is like the sort of you think trivial system. 1100 00:51:26,290 --> 00:51:28,170 But once you really start thinking about it, 1101 00:51:28,170 --> 00:51:32,700 it's pretty tricky, right? 1102 00:51:32,700 --> 00:51:36,300 Who else wants to, A-- something that hasn't been mentioned yet 1103 00:51:36,300 --> 00:51:38,860 on A. Sam, go for it. 1104 00:51:38,860 --> 00:51:40,550 Make sure you push the button. 1105 00:51:43,310 --> 00:51:45,990 AUDIENCE: Yeah, for the sticky trap 1106 00:51:45,990 --> 00:51:50,470 we said that the product shall fit on a store shelf 1107 00:51:50,470 --> 00:51:52,060 when packaged. 1108 00:51:52,060 --> 00:51:54,180 PROFESSOR: OK, so that's kind of packaging, 1109 00:51:54,180 --> 00:51:57,240 logistics, distribution requirement. 1110 00:51:57,240 --> 00:51:58,990 Very good. 1111 00:51:58,990 --> 00:52:00,715 Mike? 1112 00:52:00,715 --> 00:52:02,590 AUDIENCE: They kind of already touched on it, 1113 00:52:02,590 --> 00:52:05,570 but the sticky tape shall not be toxic and allow for-- 1114 00:52:05,570 --> 00:52:08,716 allow for removal of human skin without bodily harm. 1115 00:52:08,716 --> 00:52:09,590 PROFESSOR: OK, great. 1116 00:52:09,590 --> 00:52:12,492 So that's in the same-- you know, human factors 1117 00:52:12,492 --> 00:52:13,450 requirement, basically. 1118 00:52:13,450 --> 00:52:13,950 Yeah. 1119 00:52:13,950 --> 00:52:15,210 Very good. 1120 00:52:15,210 --> 00:52:17,715 Anything else on A at EPFL? 1121 00:52:17,715 --> 00:52:29,100 AUDIENCE: [INAUDIBLE] 1122 00:52:29,100 --> 00:52:31,290 PROFESSOR: OK, so installation requirement. 1123 00:52:31,290 --> 00:52:32,200 OK. 1124 00:52:32,200 --> 00:52:36,090 Nobody mentioned the ones I remember as a child are 1125 00:52:36,090 --> 00:52:36,930 bigger than this. 1126 00:52:36,930 --> 00:52:38,880 They were really long. 1127 00:52:38,880 --> 00:52:40,350 So capacity, right? 1128 00:52:40,350 --> 00:52:43,470 You could sort of have a length or capacity requirement, 1129 00:52:43,470 --> 00:52:44,500 as well. 1130 00:52:44,500 --> 00:52:45,090 Good. 1131 00:52:45,090 --> 00:52:45,590 All right. 1132 00:52:45,590 --> 00:52:51,480 I think we want to move on from the sticky flies to BMW i3. 1133 00:52:51,480 --> 00:52:55,170 So we had a little discussion here during the break. 1134 00:52:55,170 --> 00:52:56,100 [? Lucy, ?] go for it. 1135 00:52:58,950 --> 00:53:02,700 AUDIENCE: So the car shell meet environmental regulations 1136 00:53:02,700 --> 00:53:08,270 through mechanical or software tweaking with a proposal. 1137 00:53:08,270 --> 00:53:10,410 PROFESSOR: Could you guys hear this at EPFL? 1138 00:53:10,410 --> 00:53:12,010 You've been following the news, right? 1139 00:53:12,010 --> 00:53:12,990 With Volkswagon. 1140 00:53:14,390 --> 00:53:16,180 So what happened? 1141 00:53:16,180 --> 00:53:20,190 Why did Volks-- the CEO just step down, right? 1142 00:53:20,190 --> 00:53:21,720 It's kind of a big deal. 1143 00:53:21,720 --> 00:53:23,205 Trust in the company has eroded. 1144 00:53:26,400 --> 00:53:29,100 What happened there? 1145 00:53:29,100 --> 00:53:33,130 AUDIENCE: So the requirements that were set at the start. 1146 00:53:33,130 --> 00:53:36,030 So the car shell meet environmental regulations 1147 00:53:36,030 --> 00:53:37,930 on emissions. 1148 00:53:37,930 --> 00:53:40,290 This requirement was probably not met. 1149 00:53:40,290 --> 00:53:43,140 But the realization that it wasn't met was probably too 1150 00:53:43,140 --> 00:53:46,770 late in the design process, such that it cannot be changed. 1151 00:53:46,770 --> 00:53:51,540 And so the easy or cheap way to meet environmental regulations, 1152 00:53:51,540 --> 00:53:55,272 in that case, was to tweak the software, I guess. 1153 00:53:55,272 --> 00:53:55,980 PROFESSOR: Right. 1154 00:53:55,980 --> 00:53:58,660 So by the way this is kind of interesting. 1155 00:53:58,660 --> 00:54:02,110 But how do you measure environmental compliance 1156 00:54:02,110 --> 00:54:03,525 of emissions for cars? 1157 00:54:03,525 --> 00:54:06,152 Do you know how that's done in practice? 1158 00:54:06,152 --> 00:54:06,860 Do you guys know? 1159 00:54:09,460 --> 00:54:13,000 AUDIENCE: So it's having [? the car ?] run on a-- 1160 00:54:13,000 --> 00:54:17,350 having the engine run, but the car is not rolling. 1161 00:54:17,350 --> 00:54:23,200 And there's, behind the [FRENCH] the exhaust. 1162 00:54:23,200 --> 00:54:26,050 Behind the exhaust, you measure whatever is emitted. 1163 00:54:26,050 --> 00:54:28,570 PROFESSOR: And it's like another rolling carpet, right? 1164 00:54:28,570 --> 00:54:32,390 It's a dynamo, basically. 1165 00:54:32,390 --> 00:54:35,980 And the way they do it is they have so-called drive cycles, 1166 00:54:35,980 --> 00:54:38,890 like the [? FT6 ?] drive cycle. 1167 00:54:38,890 --> 00:54:41,030 You know, the highway, the city cycle, 1168 00:54:41,030 --> 00:54:42,592 which was a lot of on and off. 1169 00:54:42,592 --> 00:54:44,050 And those drive cycles are actually 1170 00:54:44,050 --> 00:54:47,590 different in Europe and the US and other countries. 1171 00:54:47,590 --> 00:54:50,380 Every country has different drive cycles. 1172 00:54:50,380 --> 00:54:55,360 So that's-- and what is a drive cycle, essentially? 1173 00:54:55,360 --> 00:54:57,859 What word would we, as systems engineers, what word 1174 00:54:57,859 --> 00:54:58,650 would we put on it? 1175 00:54:58,650 --> 00:54:59,500 AUDIENCE: CONOPS. 1176 00:54:59,500 --> 00:55:01,810 PROFESSOR: A drive cycle is just an, over time, 1177 00:55:01,810 --> 00:55:04,862 accelerations velocity of the car, right? 1178 00:55:04,862 --> 00:55:05,820 STUDENT: It's a CONOPS. 1179 00:55:05,820 --> 00:55:09,370 PROFESSOR: It's a CONOPS A drive cycle is a CONOPS. 1180 00:55:09,370 --> 00:55:11,980 And so for diesel engines, this issue that 1181 00:55:11,980 --> 00:55:14,620 happened with Volkswagen, it's only 1182 00:55:14,620 --> 00:55:17,170 an issue with the diesel, the TDI engines, 1183 00:55:17,170 --> 00:55:19,060 right, not the gasoline engine. 1184 00:55:19,060 --> 00:55:23,530 So the issue is that the CONOPS, the drive cycle, 1185 00:55:23,530 --> 00:55:27,640 in the US with TDI engines, they couldn't meet it. 1186 00:55:27,640 --> 00:55:30,952 So they came up with this trick, right? 1187 00:55:30,952 --> 00:55:32,410 Whereas in Europe, they didn't have 1188 00:55:32,410 --> 00:55:35,590 to do that, because the European drive cycle, there's a lot more 1189 00:55:35,590 --> 00:55:38,710 diesel engines use in European cars. 1190 00:55:38,710 --> 00:55:41,440 They didn't have to do that in Europe, because the CONOPS, 1191 00:55:41,440 --> 00:55:43,960 the drive cycle it's used for checking 1192 00:55:43,960 --> 00:55:47,260 the environmental compliance is different in Europe. 1193 00:55:47,260 --> 00:55:48,730 So great. 1194 00:55:48,730 --> 00:55:51,520 Anybody else on the I-3. 1195 00:55:51,520 --> 00:55:54,730 Now the I3 is interesting, because that's actually 1196 00:55:54,730 --> 00:55:56,740 an electric car, right? 1197 00:55:56,740 --> 00:56:00,640 And so it doesn't have an engine, a diesel engine 1198 00:56:00,640 --> 00:56:05,280 or a combustion engine, except if you get the range extender. 1199 00:56:05,280 --> 00:56:06,880 So it's all electric, but you can 1200 00:56:06,880 --> 00:56:10,630 actually, as an option get the range extender, which does 1201 00:56:10,630 --> 00:56:11,870 use fuel. 1202 00:56:11,870 --> 00:56:19,140 OK, EPFL, the i3, any other requirements there? 1203 00:56:19,140 --> 00:56:37,144 AUDIENCE: So we have four [INAUDIBLE] 1204 00:56:37,144 --> 00:56:37,810 PROFESSOR: Yeah. 1205 00:56:37,810 --> 00:56:53,560 AUDIENCE: As a third one, the car shall carry [INAUDIBLE] 1206 00:56:53,560 --> 00:56:55,450 PROFESSOR: OK, so recharging. 1207 00:56:55,450 --> 00:56:57,200 The third requirement is interesting. 1208 00:56:57,200 --> 00:56:59,380 You said of average build, right? 1209 00:56:59,380 --> 00:57:01,630 That's the word you use. 1210 00:57:01,630 --> 00:57:02,290 AUDIENCE: Yes. 1211 00:57:02,290 --> 00:57:04,000 PROFESSOR: Now that's great. 1212 00:57:04,000 --> 00:57:06,370 That's a human factors requirement. 1213 00:57:06,370 --> 00:57:10,120 Now of average build is a little fuzzy, right? 1214 00:57:10,120 --> 00:57:14,110 How would you make that more verifiable? 1215 00:57:18,840 --> 00:57:44,520 AUDIENCE: [INAUDIBLE] 1216 00:57:44,520 --> 00:57:48,840 PROFESSOR: Yeah, so there's actually people that, you know, 1217 00:57:48,840 --> 00:57:54,106 the size distribution, male, female, you know, weight. 1218 00:57:54,106 --> 00:57:55,100 AUDIENCE: [INAUDIBLE] 1219 00:57:55,100 --> 00:57:58,030 PROFESSOR: And [INAUDIBLE] the metric measurements 1220 00:57:58,030 --> 00:58:01,570 are actually being recorded and updated. 1221 00:58:01,570 --> 00:58:03,460 People are getting taller around the world. 1222 00:58:03,460 --> 00:58:06,050 People are getting heavier. 1223 00:58:06,050 --> 00:58:07,209 We know that, right? 1224 00:58:07,209 --> 00:58:09,250 So the way you would write that third requirement 1225 00:58:09,250 --> 00:58:13,150 to be verifiable is that the car shall accommodate 1226 00:58:13,150 --> 00:58:19,960 for passengers in a, say, P10 male or P5 female 1227 00:58:19,960 --> 00:58:23,260 and a P90 male, right? 1228 00:58:23,260 --> 00:58:26,920 And if you write it that way, then you know the actual weight 1229 00:58:26,920 --> 00:58:29,980 and dimensions of the human body can actually 1230 00:58:29,980 --> 00:58:33,970 be traced to a database that's pretty well known. 1231 00:58:33,970 --> 00:58:36,370 So then instead of saying average build, 1232 00:58:36,370 --> 00:58:40,930 you say it's a PT50, P50 female. 1233 00:58:40,930 --> 00:58:43,480 And that's something that's very verifiable. 1234 00:58:43,480 --> 00:58:45,688 Does that make sense? 1235 00:58:45,688 --> 00:58:46,596 AUDIENCE: Yes. 1236 00:58:46,596 --> 00:58:47,470 PROFESSOR: OK, great. 1237 00:58:47,470 --> 00:58:49,750 So what about the last one? 1238 00:58:49,750 --> 00:58:53,800 So by the way, here at MIT, anybody who's been to EPFL? 1239 00:58:53,800 --> 00:58:57,580 Been to the-- [INAUDIBLE] He has a Master's from there. 1240 00:58:57,580 --> 00:59:01,180 [INAUDIBLE] been there? 1241 00:59:01,180 --> 00:59:03,040 This is a very cool building. 1242 00:59:03,040 --> 00:59:05,470 It's pretty unusual. 1243 00:59:05,470 --> 00:59:08,180 I mean, we have some very unusual building on campus, 1244 00:59:08,180 --> 00:59:08,680 too, here. 1245 00:59:08,680 --> 00:59:11,410 But if you get a chance, it's pretty. 1246 00:59:11,410 --> 00:59:14,920 Unusual so let's hear from you guys. 1247 00:59:14,920 --> 00:59:18,430 So what do you think was a requirement for the [? Rolex ?] 1248 00:59:18,430 --> 00:59:20,790 center design? 1249 00:59:24,240 --> 00:59:27,370 AUDIENCE: The building should be a recognizable structure, that 1250 00:59:27,370 --> 00:59:30,565 would be memorable for EPSL. 1251 00:59:30,565 --> 00:59:31,690 PROFESSOR: Ah, interesting. 1252 00:59:31,690 --> 00:59:36,100 A recognizable structure that should be memorable. 1253 00:59:36,100 --> 00:59:39,400 So that's-- I think I know where you're going with this. 1254 00:59:39,400 --> 00:59:41,170 But it's a little-- 1255 00:59:41,170 --> 00:59:42,580 you know, recognizable. 1256 00:59:42,580 --> 00:59:45,940 Every building is recognizable in a sense, right? 1257 00:59:45,940 --> 00:59:48,460 I think-- I like it. 1258 00:59:48,460 --> 00:59:50,050 I know where you're going with this. 1259 00:59:50,050 --> 00:59:54,260 But it's a little fuzzy still, right? 1260 00:59:54,260 --> 00:59:57,295 So why do you think it has holes in it? 1261 00:59:57,295 --> 00:59:58,420 Why do you think the holes? 1262 01:00:01,535 --> 01:00:06,260 AUDIENCE: [INAUDIBLE] unique might be a better word. 1263 01:00:06,260 --> 01:00:08,624 [INAUDIBLE] 1264 01:00:08,624 --> 01:00:09,290 PROFESSOR: Yeah. 1265 01:00:09,290 --> 01:00:11,120 So that's really. 1266 01:00:11,120 --> 01:00:14,450 The holes are, in some sense, inefficient, right? 1267 01:00:14,450 --> 01:00:16,880 Because you're putting holes in the middle of a building. 1268 01:00:16,880 --> 01:00:18,770 But they provide natural lighting. 1269 01:00:18,770 --> 01:00:21,410 And there's a symbolism there, right? 1270 01:00:21,410 --> 01:00:24,510 There's a symbolism, the Swiss cheese symbolism. 1271 01:00:24,510 --> 01:00:28,310 So if the holes, in a sense, have at least two functions, 1272 01:00:28,310 --> 01:00:29,030 right? 1273 01:00:29,030 --> 01:00:29,730 That's good. 1274 01:00:29,730 --> 01:00:30,400 I like that. 1275 01:00:30,400 --> 01:00:31,650 That's very good. 1276 01:00:31,650 --> 01:00:32,480 What else? 1277 01:00:32,480 --> 01:00:37,200 Another example of a requirement for the [? Rolex ?] center? 1278 01:00:37,200 --> 01:00:39,910 AUDIENCE: You're taking and making [INAUDIBLE] category. 1279 01:00:39,910 --> 01:01:18,960 [INAUDIBLE] 1280 01:01:18,960 --> 01:01:20,140 PROFESSOR: Good. 1281 01:01:20,140 --> 01:01:21,350 No, that was great. 1282 01:01:21,350 --> 01:01:22,970 So you have functional requirement, 1283 01:01:22,970 --> 01:01:24,770 you had interface requirements. 1284 01:01:24,770 --> 01:01:26,600 You had a lot of those six categories 1285 01:01:26,600 --> 01:01:28,350 we talked about, right? 1286 01:01:28,350 --> 01:01:28,850 Good. 1287 01:01:28,850 --> 01:01:29,260 Excellent. 1288 01:01:29,260 --> 01:01:29,759 Yeah? 1289 01:01:29,759 --> 01:01:30,950 Go ahead. 1290 01:01:30,950 --> 01:01:33,920 AUDIENCE: So how do you write a requirement about something 1291 01:01:33,920 --> 01:01:38,330 aesthetic in a way that's not fuzzy or is there a way 1292 01:01:38,330 --> 01:01:40,730 to do that? 1293 01:01:40,730 --> 01:01:42,810 PROFESSOR: That's a great question. 1294 01:01:42,810 --> 01:01:45,800 I'm not sure I'm the best person to answer that. 1295 01:01:45,800 --> 01:01:50,390 What I can't tell you is, in the automotive world, 1296 01:01:50,390 --> 01:01:54,200 the aesthetics of automobiles and how people judge 1297 01:01:54,200 --> 01:01:56,900 whether a car is beautiful or appealing, 1298 01:01:56,900 --> 01:02:00,700 that's actually moved from being kind of just a very fuzzy thing 1299 01:02:00,700 --> 01:02:02,060 to quite measurable. 1300 01:02:02,060 --> 01:02:04,970 You know, there's different shapes and then 1301 01:02:04,970 --> 01:02:07,460 the building blocks of shapes and streamlines. 1302 01:02:07,460 --> 01:02:10,430 Those things are-- that's really a science today. 1303 01:02:10,430 --> 01:02:13,190 And eventually, you know, there's ratings. 1304 01:02:13,190 --> 01:02:17,820 These are people rate vehicles for aesthetics and so forth. 1305 01:02:17,820 --> 01:02:21,140 And usually, it's a five point scale, like a Likert scale, 1306 01:02:21,140 --> 01:02:24,920 like JD Power and associates is a very well-known marketing 1307 01:02:24,920 --> 01:02:25,860 firm. 1308 01:02:25,860 --> 01:02:30,980 And so they'll say, this looks-- this will prob-- 1309 01:02:30,980 --> 01:02:32,810 they can actually, at this point, 1310 01:02:32,810 --> 01:02:35,890 you can show them a-- not a sketch, but a model. 1311 01:02:35,890 --> 01:02:39,590 And based on past data and information, they'll tell you, 1312 01:02:39,590 --> 01:02:44,190 this car will probably score between a 4.2 and 4.4 1313 01:02:44,190 --> 01:02:48,100 on the 5 point aesthetic scale, JD Power scale. 1314 01:02:48,100 --> 01:02:50,110 It's really pretty remarkable. 1315 01:02:50,110 --> 01:02:54,270 But I guess the bigger point is there's some things that really 1316 01:02:54,270 --> 01:02:56,565 delight us, that have an artistic quality 1317 01:02:56,565 --> 01:02:59,540 and surprise us in aesthetic quality. 1318 01:02:59,540 --> 01:03:01,200 And it's true. 1319 01:03:01,200 --> 01:03:03,470 That is one of the tensions is yet-- 1320 01:03:03,470 --> 01:03:06,180 system engineering should-- you know, this very precise. 1321 01:03:06,180 --> 01:03:08,440 Write it down. 1322 01:03:08,440 --> 01:03:12,090 Make sure there is no fuzziness there or as little as possible. 1323 01:03:12,090 --> 01:03:13,860 And then on the other hand, we want 1324 01:03:13,860 --> 01:03:18,690 delightful, surprising things that have an artistic nature 1325 01:03:18,690 --> 01:03:19,440 to them. 1326 01:03:19,440 --> 01:03:21,390 And that is absolutely a tension. 1327 01:03:21,390 --> 01:03:23,980 And we just acknowledge that. 1328 01:03:23,980 --> 01:03:27,180 OK, any questions? 1329 01:03:27,180 --> 01:03:29,290 Comments before we move on? 1330 01:03:29,290 --> 01:03:30,949 AUDIENCE: I had a question about--? 1331 01:03:30,949 --> 01:03:31,740 PROFESSOR: Hang on. 1332 01:03:31,740 --> 01:03:32,970 Just one second. 1333 01:03:32,970 --> 01:03:35,400 OK, go ahead. 1334 01:03:35,400 --> 01:03:37,675 At EPFL? 1335 01:03:37,675 --> 01:03:40,050 AUDIENCE: And to which extent can we refer [? to norms ?] 1336 01:03:40,050 --> 01:03:42,301 and [? loads ?] in the requirements? 1337 01:03:42,301 --> 01:03:43,800 PROFESSOR: Yeah, you should do that. 1338 01:03:43,800 --> 01:03:48,570 So compliance, being compliant with standards and just 1339 01:03:48,570 --> 01:03:51,390 to make clear, standards and regulations 1340 01:03:51,390 --> 01:03:53,320 are not the same, right? 1341 01:03:53,320 --> 01:03:57,290 A standard, like an IEEE standard or an ISO standard, 1342 01:03:57,290 --> 01:03:58,300 it's not a law. 1343 01:03:58,300 --> 01:03:59,760 It's not a legal thing. 1344 01:03:59,760 --> 01:04:04,140 It's-- a standard it is something that maybe a group 1345 01:04:04,140 --> 01:04:07,320 of companies or a group of organizations have agreed to. 1346 01:04:07,320 --> 01:04:09,960 This is how we will do it, right? 1347 01:04:09,960 --> 01:04:13,320 The IEEE Wi-Fi standard, what is it? 1348 01:04:13,320 --> 01:04:17,050 802.11g. 1349 01:04:17,050 --> 01:04:18,030 And that's not a law. 1350 01:04:18,030 --> 01:04:19,260 That's a standard. 1351 01:04:19,260 --> 01:04:22,720 And if you're going to be 802.11g compliant, 1352 01:04:22,720 --> 01:04:25,410 you write that in the requirements. 1353 01:04:25,410 --> 01:04:28,460 The environmental emissions standards we talked about, 1354 01:04:28,460 --> 01:04:30,360 those are actually laws. 1355 01:04:30,360 --> 01:04:33,570 If you are going to sell a vehicle in country x, 1356 01:04:33,570 --> 01:04:36,750 it has to comply legally with these regulations. 1357 01:04:36,750 --> 01:04:39,300 But you're absolutely right, if you 1358 01:04:39,300 --> 01:04:41,460 need to comply with these things, 1359 01:04:41,460 --> 01:04:43,620 it needs to be part of the requirements set, 1360 01:04:43,620 --> 01:04:48,680 because otherwise, it will not happen just automatically. 1361 01:04:48,680 --> 01:04:49,965 [? Weston? ?] 1362 01:04:49,965 --> 01:04:51,840 AUDIENCE: Yeah, it's kind of along that vein. 1363 01:04:51,840 --> 01:04:55,151 If you have to comply, say, with ADA, 1364 01:04:55,151 --> 01:04:57,150 instead you have to be called out, specifically, 1365 01:04:57,150 --> 01:04:59,940 or do you say must comply with building codes or building 1366 01:04:59,940 --> 01:05:00,450 laws? 1367 01:05:00,450 --> 01:05:02,280 And it's sort of a blanket requirement? 1368 01:05:02,280 --> 01:05:03,904 PROFESSOR: No, you have to be specific, 1369 01:05:03,904 --> 01:05:07,320 because building codes are, first of all, a lot of these 1370 01:05:07,320 --> 01:05:09,280 are local, as well. 1371 01:05:09,280 --> 01:05:11,670 And it's very chaotic. 1372 01:05:11,670 --> 01:05:15,730 So and some of these might be conflicting. 1373 01:05:15,730 --> 01:05:18,960 So you should be as specific as possible. 1374 01:05:18,960 --> 01:05:21,900 OK, let's move on here. 1375 01:05:21,900 --> 01:05:25,060 My sense is you're getting it just for what requirements are. 1376 01:05:25,060 --> 01:05:27,190 And why they're important. 1377 01:05:27,190 --> 01:05:31,290 So let me talk briefly about requirements, decomposition, 1378 01:05:31,290 --> 01:05:32,850 allocation, and validation. 1379 01:05:32,850 --> 01:05:35,490 This is a figure from the NASA handbook. 1380 01:05:35,490 --> 01:05:39,750 And basically, what it talks about is the high level system 1381 01:05:39,750 --> 01:05:43,050 functional requirements are broken down 1382 01:05:43,050 --> 01:05:45,120 into the performance requirements. 1383 01:05:45,120 --> 01:05:47,040 And then as you make design decisions, 1384 01:05:47,040 --> 01:05:50,460 as you decompose your system into different subsystems, 1385 01:05:50,460 --> 01:05:53,850 each subsystem will have its own functional and performance 1386 01:05:53,850 --> 01:05:55,020 requirements. 1387 01:05:55,020 --> 01:05:58,650 And then the important thing is the difference between 1388 01:05:58,650 --> 01:06:01,290 allocated and derived requirements. 1389 01:06:01,290 --> 01:06:03,930 So allocated requirements are requirements 1390 01:06:03,930 --> 01:06:08,220 that you choose to allocate. 1391 01:06:08,220 --> 01:06:10,620 And then derived requirements are calculated 1392 01:06:10,620 --> 01:06:13,590 based on the dependent requirements, 1393 01:06:13,590 --> 01:06:15,240 based on the allocated requirements. 1394 01:06:15,240 --> 01:06:18,120 And I'll get into this in a minute. 1395 01:06:18,120 --> 01:06:19,740 So requirements are hierarchical. 1396 01:06:19,740 --> 01:06:21,330 We talked about this. 1397 01:06:21,330 --> 01:06:24,480 Functional performance requirements are allocated. 1398 01:06:24,480 --> 01:06:28,800 And then from these, we can further decompose and derive 1399 01:06:28,800 --> 01:06:29,637 requirements. 1400 01:06:29,637 --> 01:06:31,470 And then the total set of these requirements 1401 01:06:31,470 --> 01:06:34,380 needs to be verified and then validated 1402 01:06:34,380 --> 01:06:38,500 against the stakeholder expectations. 1403 01:06:38,500 --> 01:06:41,550 So let me briefly talk about requirements margins 1404 01:06:41,550 --> 01:06:42,690 management. 1405 01:06:42,690 --> 01:06:46,290 So because you don't know everything upfront, 1406 01:06:46,290 --> 01:06:47,640 there's uncertainty. 1407 01:06:47,640 --> 01:06:50,820 We typically build in reserves into our requirements. 1408 01:06:50,820 --> 01:06:52,270 And those are called margins. 1409 01:06:52,270 --> 01:06:55,200 So we put in margins for mass, power, maybe 1410 01:06:55,200 --> 01:06:57,460 memory in computer systems. 1411 01:06:57,460 --> 01:07:00,290 So margins are essentially reserves 1412 01:07:00,290 --> 01:07:02,940 that are not allocated to particular subsystems, 1413 01:07:02,940 --> 01:07:05,580 but are controlled by the project managers 1414 01:07:05,580 --> 01:07:07,270 or at a higher level. 1415 01:07:07,270 --> 01:07:10,140 So the idea is that you write the requirement 1416 01:07:10,140 --> 01:07:14,070 in a way that is a little bit more stringent than it really 1417 01:07:14,070 --> 01:07:16,810 needs to be. 1418 01:07:16,810 --> 01:07:19,230 And then by being more stringent, 1419 01:07:19,230 --> 01:07:21,840 you've built some reserve into the system 1420 01:07:21,840 --> 01:07:24,360 to handle unexpected things. 1421 01:07:24,360 --> 01:07:27,540 So I'll just give you the example with mass growth. 1422 01:07:27,540 --> 01:07:30,480 You know, this is very typical in aerospace vehicles. 1423 01:07:30,480 --> 01:07:34,560 Mass growth can range between, here, 10 to 60%. 1424 01:07:34,560 --> 01:07:35,920 I'll show you some examples. 1425 01:07:35,920 --> 01:07:38,910 And a lot of it depends on the novelty of the project. 1426 01:07:38,910 --> 01:07:42,930 So a typical guideline, specifically for mass margins, 1427 01:07:42,930 --> 01:07:50,220 is about 30% reserve at the SRR, 20% PDR, 10% CPR, 1428 01:07:50,220 --> 01:07:55,170 and keep about 5% right before you operate the system. 1429 01:07:55,170 --> 01:07:58,380 IOC is initial operating capability. 1430 01:07:58,380 --> 01:08:00,960 So here's some historical data. 1431 01:08:00,960 --> 01:08:05,400 This is for manned or crude vehicles, 1432 01:08:05,400 --> 01:08:07,710 starting with Mercury, Gemini, Apollo, 1433 01:08:07,710 --> 01:08:09,840 Skylab, and then the shuttle. 1434 01:08:09,840 --> 01:08:14,760 You can see the mass growth from the concept stage, which 1435 01:08:14,760 --> 01:08:18,990 is phase A or prephase A, all the way to operations, 1436 01:08:18,990 --> 01:08:21,750 you know, between 10 and 60%. 1437 01:08:21,750 --> 01:08:25,740 The new Orion spacecraft is not yet included on this chart. 1438 01:08:25,740 --> 01:08:28,020 So what you do is you essentially write 1439 01:08:28,020 --> 01:08:31,979 the requirement, knowing that this growth will happen 1440 01:08:31,979 --> 01:08:33,450 during the design process. 1441 01:08:33,450 --> 01:08:36,569 That's the basic idea of margins. 1442 01:08:36,569 --> 01:08:38,010 And then the next thing you get is 1443 01:08:38,010 --> 01:08:41,100 that you monitor the satisfaction 1444 01:08:41,100 --> 01:08:44,020 of the requirements during the design process. 1445 01:08:44,020 --> 01:08:47,510 And so let's say you have, in a performance requirement, 1446 01:08:47,510 --> 01:08:49,830 you say that the system shall not 1447 01:08:49,830 --> 01:08:54,090 emit more than x number of [? NOX ?] emissions, 1448 01:08:54,090 --> 01:08:58,000 or the systems shall not be heavier than such and such. 1449 01:08:58,000 --> 01:08:59,270 That's on the y-axis here. 1450 01:08:59,270 --> 01:09:01,649 That's your technical performance measure. 1451 01:09:01,649 --> 01:09:04,020 And then you move through time and, you know, 1452 01:09:04,020 --> 01:09:06,450 as the design gets more detailed, 1453 01:09:06,450 --> 01:09:07,620 usually it gets heavier. 1454 01:09:07,620 --> 01:09:09,779 You add more things. 1455 01:09:09,779 --> 01:09:11,430 And you monitor that. 1456 01:09:11,430 --> 01:09:14,340 And then you have your final current estimate 1457 01:09:14,340 --> 01:09:17,430 of where you will be at the end of the project. 1458 01:09:17,430 --> 01:09:21,630 And as you do that, your limits, your reserves, your margins, 1459 01:09:21,630 --> 01:09:24,420 and here there is an upper and lower margin shown, 1460 01:09:24,420 --> 01:09:29,560 is going to be narrowing down. 1461 01:09:29,560 --> 01:09:31,080 I'll give you a quick example. 1462 01:09:31,080 --> 01:09:36,390 When I was at McDonnell Douglas, the F18 EF version, the Super 1463 01:09:36,390 --> 01:09:38,250 Hornet, was being developed. 1464 01:09:38,250 --> 01:09:42,240 And the key thing there was GTOW, 1465 01:09:42,240 --> 01:09:45,899 GTOW, gross take off weight. 1466 01:09:45,899 --> 01:09:50,350 It's basically the weight of the plane with crew, fuel, 1467 01:09:50,350 --> 01:09:53,960 any payloads all in. 1468 01:09:53,960 --> 01:09:57,450 The gross take off weight of the airplane, very important, 1469 01:09:57,450 --> 01:09:59,370 because it determines the range. 1470 01:09:59,370 --> 01:10:00,840 It determines a lot of things. 1471 01:10:00,840 --> 01:10:03,480 And the number, not to exceed number, 1472 01:10:03,480 --> 01:10:08,020 which is shown here on this chart as the maximum contract 1473 01:10:08,020 --> 01:10:11,200 or allocated requirements threshold, 1474 01:10:11,200 --> 01:10:12,780 was contractually specified. 1475 01:10:12,780 --> 01:10:17,160 Not only that, but there were penalties, financial penalties, 1476 01:10:17,160 --> 01:10:21,960 associated with every kilogram that you would be over. 1477 01:10:21,960 --> 01:10:23,160 So this was a big deal. 1478 01:10:23,160 --> 01:10:25,170 And they had a huge the wall chart 1479 01:10:25,170 --> 01:10:27,000 in the hallway, the main hallway, 1480 01:10:27,000 --> 01:10:28,680 of the engineering building. 1481 01:10:28,680 --> 01:10:32,580 And every day somebody would actually manually update 1482 01:10:32,580 --> 01:10:35,569 that day's best estimate of what the gross take off weight 1483 01:10:35,569 --> 01:10:36,610 of the airplane would be. 1484 01:10:36,610 --> 01:10:38,890 And it's like a Brownian motion thing. 1485 01:10:38,890 --> 01:10:42,320 And as soon as you hit some critical threshold, 1486 01:10:42,320 --> 01:10:44,070 you would see there'd be people with would 1487 01:10:44,070 --> 01:10:46,590 come together and say, we've got to take weight out 1488 01:10:46,590 --> 01:10:49,290 of the airplane somehow, again, right? 1489 01:10:49,290 --> 01:10:52,410 And then basically try to get the design 1490 01:10:52,410 --> 01:10:55,720 to comply with that requirement as you move through the design 1491 01:10:55,720 --> 01:10:56,400 process. 1492 01:10:56,400 --> 01:10:59,280 You can't do that with too many of the requirements. 1493 01:10:59,280 --> 01:11:01,870 But the most important technical performance 1494 01:11:01,870 --> 01:11:03,870 measures, that's what you do. 1495 01:11:03,870 --> 01:11:06,510 It's a big deal. 1496 01:11:06,510 --> 01:11:09,609 So here's the flow chart, basically, for requirements. 1497 01:11:09,609 --> 01:11:11,400 I'm not going to go through this in detail. 1498 01:11:11,400 --> 01:11:14,940 But the basic idea is the inputs come from the stakeholder 1499 01:11:14,940 --> 01:11:18,410 expectations, the stakeholder work we talked about a lot 1500 01:11:18,410 --> 01:11:19,440 last time. 1501 01:11:19,440 --> 01:11:21,840 You go through the requirements definition process 1502 01:11:21,840 --> 01:11:25,860 and outcomes invalidated set of technical requirements, 1503 01:11:25,860 --> 01:11:27,930 measures of performance that you can measure, 1504 01:11:27,930 --> 01:11:29,820 and then these technical performance 1505 01:11:29,820 --> 01:11:36,330 measures that you can then track and validate against later. 1506 01:11:36,330 --> 01:11:38,850 Here's a question that I often get asked. 1507 01:11:38,850 --> 01:11:41,010 Well, OK, so we write these requirements. 1508 01:11:41,010 --> 01:11:43,440 You guys write them on paper or your tablet. 1509 01:11:43,440 --> 01:11:47,250 But how do these requirements actually get recorded, right? 1510 01:11:47,250 --> 01:11:48,360 And managed. 1511 01:11:48,360 --> 01:11:50,917 So I would say there's sort of two-- 1512 01:11:50,917 --> 01:11:52,500 there's the low cost, and then there's 1513 01:11:52,500 --> 01:11:55,640 sort of the professional version of doing this. 1514 01:11:55,640 --> 01:11:58,230 The easy way to do it is you just write them, 1515 01:11:58,230 --> 01:12:00,420 you capture them in a document. 1516 01:12:00,420 --> 01:12:04,530 So that means Microsoft Word, Excel, Google 1517 01:12:04,530 --> 01:12:09,930 Docs, just a document, a well written, organized document. 1518 01:12:09,930 --> 01:12:12,060 And then you capture and revise your requirements. 1519 01:12:12,060 --> 01:12:14,640 And the one thing I strongly recommend 1520 01:12:14,640 --> 01:12:18,110 is using hyperlinks to link requirements. 1521 01:12:18,110 --> 01:12:22,890 And this is the idea that every requirement 1522 01:12:22,890 --> 01:12:25,044 has to be linked to some other requirement. 1523 01:12:25,044 --> 01:12:27,210 So if it's a low level requirement, you want to ask, 1524 01:12:27,210 --> 01:12:29,530 well, where does that come from? 1525 01:12:29,530 --> 01:12:31,020 Why did we write that requirement? 1526 01:12:31,020 --> 01:12:33,240 Well, it has a parent requirement. 1527 01:12:33,240 --> 01:12:35,250 You want to have a hyperlink there 1528 01:12:35,250 --> 01:12:37,270 to get you from one to the other. 1529 01:12:37,270 --> 01:12:39,030 And I have a little example for that. 1530 01:12:41,860 --> 01:12:47,430 And I think this is OK for smaller projects, where 1531 01:12:47,430 --> 01:12:50,070 you have dozens or a few hundred requirements, right? 1532 01:12:50,070 --> 01:12:52,590 And so here's my rule of thumb for this. 1533 01:12:52,590 --> 01:12:54,720 Do you remember the magic number 7? 1534 01:12:54,720 --> 01:12:57,300 So we talked last time, where does 1535 01:12:57,300 --> 01:13:00,000 the world of really complex systems start. 1536 01:13:00,000 --> 01:13:03,000 And the argument was, well, if you need more than three levels 1537 01:13:03,000 --> 01:13:04,110 of the decomposition. 1538 01:13:04,110 --> 01:13:05,140 What does that mean? 1539 01:13:05,140 --> 01:13:08,580 Well, 7 plus, minus 2 to the third power 1540 01:13:08,580 --> 01:13:13,890 is somewhere between 125 and 729, right? 1541 01:13:13,890 --> 01:13:16,980 So if you're sort of in that world or fewer, right? 1542 01:13:16,980 --> 01:13:21,020 If a few hundred, a few dozen, or few hundred requirements 1543 01:13:21,020 --> 01:13:23,640 kind of what we have in CanSat. 1544 01:13:23,640 --> 01:13:26,130 It's OK to do it this way. 1545 01:13:26,130 --> 01:13:28,241 It's still going to be a lot of requirements. 1546 01:13:28,241 --> 01:13:29,490 And you have to do a good job. 1547 01:13:29,490 --> 01:13:31,530 But you can do it that way. 1548 01:13:31,530 --> 01:13:34,710 If you have more than that, and that typically means 1549 01:13:34,710 --> 01:13:37,740 more than 1,000 requirements to handle, 1550 01:13:37,740 --> 01:13:41,880 and there are big projects that have 5,000, 10,000 1551 01:13:41,880 --> 01:13:46,260 requirements, there is no way you can manage that effectively 1552 01:13:46,260 --> 01:13:48,720 in a kind of document based way. 1553 01:13:48,720 --> 01:13:51,180 So what you need then is a database. 1554 01:13:51,180 --> 01:13:52,980 You basically capture the requirements 1555 01:13:52,980 --> 01:13:55,620 in a relational database where that 1556 01:13:55,620 --> 01:13:57,400 allows you to link each requirement 1557 01:13:57,400 --> 01:13:58,480 to other requirements. 1558 01:13:58,480 --> 01:14:02,430 And so this is not meant as an advertisement, 1559 01:14:02,430 --> 01:14:06,570 but one of the most heavily used requirements tools 1560 01:14:06,570 --> 01:14:08,880 out there is called, DOORS. 1561 01:14:08,880 --> 01:14:14,100 And this was relatively recently bought by IBM. 1562 01:14:14,100 --> 01:14:15,360 This was a separate company. 1563 01:14:15,360 --> 01:14:17,280 It was bought by IBM and included it 1564 01:14:17,280 --> 01:14:23,250 in a suite of software tools called IBM Rational for System 1565 01:14:23,250 --> 01:14:24,540 Development. 1566 01:14:24,540 --> 01:14:26,400 And so DOORS allows you. 1567 01:14:26,400 --> 01:14:28,170 It's a database, relational database, 1568 01:14:28,170 --> 01:14:30,450 that allows you to write requirements, share 1569 01:14:30,450 --> 01:14:31,110 requirements. 1570 01:14:31,110 --> 01:14:33,540 And the latest version of DOORS is actually 1571 01:14:33,540 --> 01:14:36,570 web based, so you can have people in India, 1572 01:14:36,570 --> 01:14:39,990 in Europe, in the US, you're co-developing a system. 1573 01:14:39,990 --> 01:14:42,390 You can all write requirements and manage them 1574 01:14:42,390 --> 01:14:43,890 on this common database, right? 1575 01:14:43,890 --> 01:14:46,340 Because if you have a document, very quickly 1576 01:14:46,340 --> 01:14:48,000 it's going to be confusing, as what's 1577 01:14:48,000 --> 01:14:51,690 the latest version, who has the latest update. 1578 01:14:51,690 --> 01:14:53,501 Version management becomes a nightmare. 1579 01:14:54,000 --> 01:14:55,890 So just so you're aware of this. 1580 01:14:55,890 --> 01:14:58,037 We're not going to be using DOORS in this class. 1581 01:14:58,037 --> 01:14:59,370 We'll just do it document based. 1582 01:14:59,370 --> 01:15:01,620 But you know the rule of thumb here 1583 01:15:01,620 --> 01:15:03,240 is, more than 1,000 requirements, 1584 01:15:03,240 --> 01:15:06,370 you've got to go to some professional solution. 1585 01:15:06,370 --> 01:15:09,600 So here's a very sort of trivial example 1586 01:15:09,600 --> 01:15:12,330 of hierarchical requirements with links. 1587 01:15:12,330 --> 01:15:14,020 Requirement one, the systems shall 1588 01:15:14,020 --> 01:15:17,700 fit into a volume not exceeding one cubic meter. 1589 01:15:17,700 --> 01:15:19,160 And then we have sub-requirements. 1590 01:15:19,160 --> 01:15:24,230 The system's width shall be between 0.5 and 1 meter. 1591 01:15:24,230 --> 01:15:26,190 The height, the depth. 1592 01:15:26,190 --> 01:15:28,290 The system shall be made entirely 1593 01:15:28,290 --> 01:15:30,660 from aluminum 60/60 alloy. 1594 01:15:30,660 --> 01:15:32,550 A sub-requirement here is the system 1595 01:15:32,550 --> 01:15:35,770 shall not contain any internal voids or cavities. 1596 01:15:35,770 --> 01:15:39,690 Requirement three, the shape of the system must be a cube. 1597 01:15:39,690 --> 01:15:42,390 And then a sub-requirement, the angles between the sides 1598 01:15:42,390 --> 01:15:45,670 shall be 90 degrees plus or minus 1 degree. 1599 01:15:45,670 --> 01:15:48,660 And so I did this here just in the slides. 1600 01:15:48,660 --> 01:15:52,030 But if you click on this, it'll actually transport you 1601 01:15:52,030 --> 01:15:53,570 into another requirement. 1602 01:15:53,570 --> 01:15:55,080 This is the requirement four. 1603 01:15:55,080 --> 01:15:58,890 The mass of the system shall not exceed 2,700 kilograms, right? 1604 01:15:58,890 --> 01:16:04,110 Aluminum has a density of about 2,700 kilograms 1605 01:16:04,110 --> 01:16:05,550 per cubic meter. 1606 01:16:05,550 --> 01:16:07,710 So I click back, it transports me back 1607 01:16:07,710 --> 01:16:09,620 to the earlier requirement. 1608 01:16:09,620 --> 01:16:15,150 So the fact that it's made of aluminum and the volume cannot 1609 01:16:15,150 --> 01:16:18,840 exceed one cubic meter, then this requirement four, 1610 01:16:18,840 --> 01:16:20,040 the mass shall not exceed. 1611 01:16:20,040 --> 01:16:21,670 It's not an independent requirement. 1612 01:16:21,670 --> 01:16:24,330 It's an dependent or derived requirement 1613 01:16:24,330 --> 01:16:25,980 based on the first two. 1614 01:16:25,980 --> 01:16:27,260 And therefore, they're linked. 1615 01:16:27,260 --> 01:16:29,170 Do you see how this works? 1616 01:16:29,170 --> 01:16:32,430 And to really manage requirements well and then link 1617 01:16:32,430 --> 01:16:34,530 them, use these hyperlinks. 1618 01:16:34,530 --> 01:16:37,930 It's very, very effective. 1619 01:16:37,930 --> 01:16:40,990 So what would be an object that satisfies these requirements? 1620 01:16:40,990 --> 01:16:43,830 So here's our one cubic meter envelope. 1621 01:16:43,830 --> 01:16:46,500 So an aluminum cube with a side length 1622 01:16:46,500 --> 01:16:51,000 of 60 centimeters this volume and this mass 1623 01:16:51,000 --> 01:16:52,590 will satisfy the requirements. 1624 01:16:52,590 --> 01:16:53,730 It's not the only thing. 1625 01:16:53,730 --> 01:16:58,014 There's a lot of other geometries 1626 01:16:58,014 --> 01:16:58,930 that would satisfy it. 1627 01:16:58,930 --> 01:17:01,230 But this particular instantiation 1628 01:17:01,230 --> 01:17:03,700 would satisfy these requirements. 1629 01:17:03,700 --> 01:17:06,840 So that's the idea hierarchical requirements, 1630 01:17:06,840 --> 01:17:10,560 linking them to hyperlinks. 1631 01:17:10,560 --> 01:17:13,770 OK, so let me talk briefly about the challenges now 1632 01:17:13,770 --> 01:17:15,150 of requirements definition. 1633 01:17:15,150 --> 01:17:16,840 And there's-- this is not easy. 1634 01:17:16,840 --> 01:17:18,670 There's a lot of challenges. 1635 01:17:18,670 --> 01:17:21,000 The first one is requirements allocation. 1636 01:17:21,000 --> 01:17:23,310 You know, there's composition and flowing requirements 1637 01:17:23,310 --> 01:17:24,930 to the lower levels. 1638 01:17:24,930 --> 01:17:27,510 And then the idea is that, whatever 1639 01:17:27,510 --> 01:17:30,210 requirements you derive at a lower level, 1640 01:17:30,210 --> 01:17:33,990 if you satisfy the lower level requirements, that 1641 01:17:33,990 --> 01:17:37,320 should guarantee that you then automatically satisfy a higher 1642 01:17:37,320 --> 01:17:40,170 level requirements from which the lower level 1643 01:17:40,170 --> 01:17:42,180 requirements were derived. 1644 01:17:42,180 --> 01:17:45,590 That's the basic idea of requirements allocation. 1645 01:17:45,590 --> 01:17:47,390 And so the way you can think of this, 1646 01:17:47,390 --> 01:17:50,020 graphically, is we start out at the high level. 1647 01:17:50,020 --> 01:17:51,290 Here's our stakeholders. 1648 01:17:51,290 --> 01:17:53,330 Stakeholder needs requirements. 1649 01:17:53,330 --> 01:17:54,830 This is level 0. 1650 01:17:54,830 --> 01:17:56,660 You set the system boundary. 1651 01:17:56,660 --> 01:17:58,430 What's the lifecycle? 1652 01:17:58,430 --> 01:17:59,730 And then we apply it. 1653 01:17:59,730 --> 01:18:01,640 That's our first application. 1654 01:18:01,640 --> 01:18:04,370 And then we apply it by decomposing the system 1655 01:18:04,370 --> 01:18:07,080 into its function. 1656 01:18:07,080 --> 01:18:09,087 And so that's the second application. 1657 01:18:09,087 --> 01:18:10,670 And then you say, well, how do these-- 1658 01:18:10,670 --> 01:18:13,770 how will these companies be carried out? 1659 01:18:13,770 --> 01:18:15,980 So we define subsystems. 1660 01:18:15,980 --> 01:18:19,250 And essentially, then, the subsystem requirements 1661 01:18:19,250 --> 01:18:21,320 are derived from the functional requirements. 1662 01:18:21,320 --> 01:18:25,510 And you put numbers, key system performance parameters, 1663 01:18:25,510 --> 01:18:26,350 behind these. 1664 01:18:26,350 --> 01:18:28,490 And depending on the complexity of the system, 1665 01:18:28,490 --> 01:18:30,790 you may have to go multiple layers down. 1666 01:18:30,790 --> 01:18:33,440 But that's the basic requirements allocation 1667 01:18:33,440 --> 01:18:35,810 process. 1668 01:18:35,810 --> 01:18:37,250 And I think I said this already. 1669 01:18:37,250 --> 01:18:40,820 It's difficult to do and stay solution neutral 1670 01:18:40,820 --> 01:18:44,030 the deeper you go into this. 1671 01:18:44,030 --> 01:18:46,910 Let me briefly mention, this will not 1672 01:18:46,910 --> 01:18:48,990 be, we will not sort of test you on this. 1673 01:18:48,990 --> 01:18:51,870 But I want to make you aware of this. 1674 01:18:51,870 --> 01:18:54,620 A methodology called ISO performance. 1675 01:18:54,620 --> 01:18:59,990 And that was actually the topic of my dissertation. 1676 01:18:59,990 --> 01:19:04,400 How do you allocate requirements to lower level parameters 1677 01:19:04,400 --> 01:19:08,000 in systems, when a higher level requirement is defined, 1678 01:19:08,000 --> 01:19:09,110 is clear. 1679 01:19:09,110 --> 01:19:13,550 So the idea is that you have a vector of desired performance 1680 01:19:13,550 --> 01:19:14,960 requirements. 1681 01:19:14,960 --> 01:19:17,300 And you want to understand, first of all, 1682 01:19:17,300 --> 01:19:20,120 you want to understand are those requirements feasible. 1683 01:19:20,120 --> 01:19:21,920 And if they are feasible, it usually 1684 01:19:21,920 --> 01:19:24,740 means there is more than one way that these requirements could 1685 01:19:24,740 --> 01:19:26,990 be satisfied, that the higher level requirements could 1686 01:19:26,990 --> 01:19:28,230 be satisfied. 1687 01:19:28,230 --> 01:19:32,810 So find different non-unique feasible combinations 1688 01:19:32,810 --> 01:19:36,260 to satisfy the high level requirements. 1689 01:19:36,260 --> 01:19:38,870 And so this is one of the readings. 1690 01:19:38,870 --> 01:19:40,850 Very quickly, we have our design space. 1691 01:19:40,850 --> 01:19:42,930 We have our objective space. 1692 01:19:42,930 --> 01:19:46,100 And then we have this cost risk objective space. 1693 01:19:46,100 --> 01:19:48,410 And so the idea is that, in the performance space, 1694 01:19:48,410 --> 01:19:49,910 you have the shall statements. 1695 01:19:49,910 --> 01:19:52,516 You shall perform at that level. 1696 01:19:52,516 --> 01:19:53,640 And that's this point here. 1697 01:19:53,640 --> 01:19:55,490 That's your performance target. 1698 01:19:55,490 --> 01:20:00,740 And if it's in this gray area, it's actually feasible. 1699 01:20:00,740 --> 01:20:04,170 And it usually means there's more than one way to do it. 1700 01:20:04,170 --> 01:20:07,310 So if you can then map backwards to the design space, 1701 01:20:07,310 --> 01:20:11,180 these points here are all ISO performance, 1702 01:20:11,180 --> 01:20:15,620 meaning they all satisfy and provide 1703 01:20:15,620 --> 01:20:16,730 this level of performance. 1704 01:20:16,730 --> 01:20:18,860 But they do it in different ways. 1705 01:20:18,860 --> 01:20:22,130 And then in order to select the final design 1706 01:20:22,130 --> 01:20:24,080 or final requirements set, you want 1707 01:20:24,080 --> 01:20:25,400 to look at other objectives. 1708 01:20:25,400 --> 01:20:27,980 This is where the should statements come in. 1709 01:20:27,980 --> 01:20:31,310 And these are typically cost and risk related objectives. 1710 01:20:31,310 --> 01:20:34,400 So let me give you, this sounds pretty 1711 01:20:34,400 --> 01:20:35,780 abstract and theoretical. 1712 01:20:35,780 --> 01:20:38,120 Let me give you a very specific example. 1713 01:20:38,120 --> 01:20:42,080 This was my case study, the Space Telescope. 1714 01:20:42,080 --> 01:20:45,890 This is the actually this has now become the James Webb Space 1715 01:20:45,890 --> 01:20:46,760 Telescope. 1716 01:20:46,760 --> 01:20:48,300 Hasn't launched yet. 1717 01:20:48,300 --> 01:20:50,220 This is 20 years ago. 1718 01:20:50,220 --> 01:20:52,440 We've been working on the James Webb for a long time. 1719 01:20:52,440 --> 01:20:54,680 But if it works, it will be exciting, 1720 01:20:54,680 --> 01:20:58,100 because it's going to get us very, very close to the Big 1721 01:20:58,100 --> 01:20:58,830 Bang, right? 1722 01:20:58,830 --> 01:21:03,190 That's what James Webb will look in the highly redshifted 1723 01:21:03,190 --> 01:21:06,380 infrared to really see the formation of the earliest 1724 01:21:06,380 --> 01:21:08,130 proto-galaxies in the universe. 1725 01:21:08,130 --> 01:21:11,340 So if this works, it will be very exciting. 1726 01:21:11,340 --> 01:21:15,120 So here's, essentially, a model of the spacecraft. 1727 01:21:15,120 --> 01:21:17,600 This is a precursor to James Webb. 1728 01:21:17,600 --> 01:21:20,330 And the big thing you need to do is 1729 01:21:20,330 --> 01:21:26,420 you need to point and be very, very stable for a long time 1730 01:21:26,420 --> 01:21:29,100 to take in these very, very faint images. 1731 01:21:29,100 --> 01:21:32,030 So we have wavefront error phasing requirements. 1732 01:21:32,030 --> 01:21:33,905 And then we have these pointing requirements. 1733 01:21:33,905 --> 01:21:37,640 You've got to a point very stable and in order 1734 01:21:37,640 --> 01:21:40,820 to achieve this optical pointing performance, 1735 01:21:40,820 --> 01:21:45,740 we have the structure of the spacecraft. 1736 01:21:45,740 --> 01:21:47,030 We have reaction wheels. 1737 01:21:47,030 --> 01:21:48,430 We have controllers. 1738 01:21:48,430 --> 01:21:51,290 And there is noise, different kinds of noise sources 1739 01:21:51,290 --> 01:21:55,420 that are trying to basically prevent us from pointing 1740 01:21:55,420 --> 01:21:57,350 with this precision. 1741 01:21:57,350 --> 01:22:01,970 So very quickly, this is what this Nexus precursor spacecraft 1742 01:22:01,970 --> 01:22:05,240 looks like in the deploy configuration, 1743 01:22:05,240 --> 01:22:10,740 here on the upper right in the stowed configuration. 1744 01:22:10,740 --> 01:22:12,480 Initial performance assessment. 1745 01:22:12,480 --> 01:22:14,660 So this is really trying to define the requirements 1746 01:22:14,660 --> 01:22:19,540 for deriving the requirements for the structure, 1747 01:22:19,540 --> 01:22:21,650 for the optics, for the controller, 1748 01:22:21,650 --> 01:22:23,600 knowing that this is the point. 1749 01:22:23,600 --> 01:22:26,330 If you want to have this science happen, 1750 01:22:26,330 --> 01:22:28,310 you've got a point with that precision. 1751 01:22:28,310 --> 01:22:28,910 That is known. 1752 01:22:28,910 --> 01:22:31,970 So let's flow that down. 1753 01:22:31,970 --> 01:22:35,400 So if we look at the pointing, for example, here on the right, 1754 01:22:35,400 --> 01:22:37,460 this is kind of fuzzy furball. 1755 01:22:37,460 --> 01:22:38,930 What does that represent? 1756 01:22:38,930 --> 01:22:42,400 That's a time domain simulation of the centroid of the image, 1757 01:22:42,400 --> 01:22:42,900 right? 1758 01:22:42,900 --> 01:22:46,440 The telescope is now observing a part of the sky, 1759 01:22:46,440 --> 01:22:49,620 trying to get these early proto-galaxies. 1760 01:22:49,620 --> 01:22:52,110 And it's flexible. 1761 01:22:52,110 --> 01:22:53,740 It's a very lightweight telescope. 1762 01:22:53,740 --> 01:22:56,160 It has these reaction wheels are turning, 1763 01:22:56,160 --> 01:22:57,690 trying to keep it stable. 1764 01:22:57,690 --> 01:23:00,130 You have electronic sources of noise. 1765 01:23:00,130 --> 01:23:04,020 So the blue furball here predicts that we would not 1766 01:23:04,020 --> 01:23:05,130 meet the requirements. 1767 01:23:05,130 --> 01:23:07,350 This is some initial design, some initial set 1768 01:23:07,350 --> 01:23:08,520 of requirements. 1769 01:23:08,520 --> 01:23:12,210 We need to find a way to get down to the-- 1770 01:23:12,210 --> 01:23:14,520 this is about 15 microns-- 1771 01:23:14,520 --> 01:23:16,210 [? root mean ?] square error. 1772 01:23:16,210 --> 01:23:20,010 So it's about three times worse than what we need to achieve. 1773 01:23:20,010 --> 01:23:21,900 And the requirement is we need to get down 1774 01:23:21,900 --> 01:23:25,450 to 5 microns of pointing or jitter precision. 1775 01:23:25,450 --> 01:23:27,720 So how do we do this? 1776 01:23:27,720 --> 01:23:30,780 So what ISO performance does is it 1777 01:23:30,780 --> 01:23:33,150 looks at the sensitivities in the system. 1778 01:23:33,150 --> 01:23:35,400 What are all the things that influence 1779 01:23:35,400 --> 01:23:38,190 the pointing performance of the telescope. 1780 01:23:38,190 --> 01:23:40,600 And you can see here. 1781 01:23:40,600 --> 01:23:42,000 These are the two key performance 1782 01:23:42,000 --> 01:23:46,530 measures on the left, wavefront error, and then line of sight. 1783 01:23:46,530 --> 01:23:49,320 And the bars essentially tell you 1784 01:23:49,320 --> 01:23:51,940 what are the really sensitive parameters that 1785 01:23:51,940 --> 01:23:53,285 drive performance. 1786 01:23:53,285 --> 01:23:56,880 So disturbance parameters, planned structural parameters, 1787 01:23:56,880 --> 01:23:58,280 optics, and then controls. 1788 01:23:58,280 --> 01:24:00,510 So it's really multi-disciplinary. 1789 01:24:00,510 --> 01:24:02,640 And what's neat about it is you can, 1790 01:24:02,640 --> 01:24:04,680 if you know these sensitivities, you 1791 01:24:04,680 --> 01:24:07,950 can essentially calculate the Jacobian a matrix. 1792 01:24:07,950 --> 01:24:09,750 The Jacobian matrix is essentially 1793 01:24:09,750 --> 01:24:12,720 the partial derivatives of your performance, which 1794 01:24:12,720 --> 01:24:15,210 is your higher level requirement, with respect 1795 01:24:15,210 --> 01:24:18,570 to these lower level parameters or requirements. 1796 01:24:18,570 --> 01:24:23,520 And you can then find, using this essentially the null space 1797 01:24:23,520 --> 01:24:26,010 of the Jacobian matrix, that will tell you 1798 01:24:26,010 --> 01:24:30,520 how do you move in that space to keep the performance fixed 1799 01:24:30,520 --> 01:24:33,100 at the requirement level. 1800 01:24:33,100 --> 01:24:37,020 Let me explain this just using two parameters. 1801 01:24:37,020 --> 01:24:40,140 And this was a big deal in the Hubble Space Telescope. 1802 01:24:40,140 --> 01:24:41,820 So the two parameters I'm going to use 1803 01:24:41,820 --> 01:24:46,810 are KR ISO and UD, the dynamic wheel and balance. 1804 01:24:46,810 --> 01:24:49,080 So these spacecrafts have reaction wheels 1805 01:24:49,080 --> 01:24:52,620 that are turning to point the spacecraft 1806 01:24:52,620 --> 01:24:55,610 and counteract any momentum that you get from, for example, 1807 01:24:55,610 --> 01:24:57,090 from solar pressure. 1808 01:24:57,090 --> 01:25:02,010 So UD is the amount of imbalance that you have in these wheels. 1809 01:25:02,010 --> 01:25:04,860 If you have imbalance, that will cause chatter. 1810 01:25:04,860 --> 01:25:08,010 It will cost torques, which will cause that jitter. 1811 01:25:08,010 --> 01:25:14,460 And then KR ISO is the vibration isolation of the reaction wheel 1812 01:25:14,460 --> 01:25:15,250 assembly. 1813 01:25:15,250 --> 01:25:18,780 How stiff or soft is the vibration isolation. 1814 01:25:18,780 --> 01:25:20,340 And what you can see in this clock 1815 01:25:20,340 --> 01:25:21,870 is that, our initial design-- 1816 01:25:21,870 --> 01:25:23,820 this is based on a simulation-- 1817 01:25:23,820 --> 01:25:26,970 does not satisfy a higher level requirement. 1818 01:25:26,970 --> 01:25:29,940 In order to satisfy that, we need to go down to the blue 1819 01:25:29,940 --> 01:25:35,490 line, labelled with 5 microns appointing precision. 1820 01:25:35,490 --> 01:25:39,060 And what you can see is that there are different ways 1821 01:25:39,060 --> 01:25:41,370 to achieve that 5 microns. 1822 01:25:41,370 --> 01:25:44,580 We could go over here. 1823 01:25:44,580 --> 01:25:46,530 This is labeled as HST. 1824 01:25:46,530 --> 01:25:49,110 That's what Hubble Space Telescope is. 1825 01:25:49,110 --> 01:25:51,240 The Hubble Space Telescope basically 1826 01:25:51,240 --> 01:25:55,470 went for ultra, ultra, ultra quiet reaction wheels, 1827 01:25:55,470 --> 01:25:59,260 very, very low dynamic imbalance. 1828 01:25:59,260 --> 01:26:02,910 So [? Marissa, ?] you talked about buying sensors 1829 01:26:02,910 --> 01:26:04,830 from a supplier and putting them in. 1830 01:26:04,830 --> 01:26:06,240 These reactors, there's companies 1831 01:26:06,240 --> 01:26:08,580 that really specialize in making reaction wheels 1832 01:26:08,580 --> 01:26:10,270 and things like that. 1833 01:26:10,270 --> 01:26:12,480 So if you're going to go for this point here. 1834 01:26:12,480 --> 01:26:15,990 Let me point that out again, so you guys can see it at EPFL. 1835 01:26:15,990 --> 01:26:19,140 If you're going to go, if you're going to derive and allocate 1836 01:26:19,140 --> 01:26:21,840 this requirement, it means you put a lot of pressure 1837 01:26:21,840 --> 01:26:25,650 on your supplier to achieve that level of dynamic wheel 1838 01:26:25,650 --> 01:26:27,380 imbalance. 1839 01:26:27,380 --> 01:26:28,830 If they can do it, that's great. 1840 01:26:28,830 --> 01:26:30,600 But it could be very expensive. 1841 01:26:30,600 --> 01:26:35,850 But it makes your job easier as the spacecraft integrator. 1842 01:26:35,850 --> 01:26:40,740 Or you can go straight down to this point here called spec. 1843 01:26:40,740 --> 01:26:45,720 So you're essentially tolerating a noisier reaction wheel. 1844 01:26:45,720 --> 01:26:50,680 But then you need a very, very soft, very capable isolation 1845 01:26:50,680 --> 01:26:53,790 stage, very soft isolator. 1846 01:26:53,790 --> 01:26:57,462 What's the disadvantage of having very soft isolation? 1847 01:26:57,462 --> 01:26:58,920 What do you think is the big issue? 1848 01:27:01,794 --> 01:27:05,630 AUDIENCE: [INAUDIBLE] 1849 01:27:05,630 --> 01:27:06,810 PROFESSOR: So the launch. 1850 01:27:06,810 --> 01:27:10,030 You probably have to lock it down during launch. 1851 01:27:10,030 --> 01:27:11,950 You have a big displacements. 1852 01:27:11,950 --> 01:27:14,860 You need, if you have a very soft isolation stage, you 1853 01:27:14,860 --> 01:27:17,140 need volume, because the isolator 1854 01:27:17,140 --> 01:27:19,320 is going to move a lot, right? 1855 01:27:19,320 --> 01:27:21,760 And you may not have that volume. 1856 01:27:21,760 --> 01:27:24,760 Or you could do a little bit of each. 1857 01:27:24,760 --> 01:27:27,070 So this test point here. 1858 01:27:27,070 --> 01:27:30,430 We're going to have quieter wheels, but not ultra quiet. 1859 01:27:30,430 --> 01:27:32,110 And we're going to have a soft isolator. 1860 01:27:32,110 --> 01:27:34,970 But we have the right combination of the two. 1861 01:27:34,970 --> 01:27:37,870 And we're going to go for that point there. 1862 01:27:37,870 --> 01:27:40,150 So now if you go for that point, you're 1863 01:27:40,150 --> 01:27:42,590 going to satisfy your pointing requirement, 1864 01:27:42,590 --> 01:27:45,160 bu you've allocate at the lower level requirement, 1865 01:27:45,160 --> 01:27:48,910 in this case, to the isolation stage and the dynamic wheel 1866 01:27:48,910 --> 01:27:50,890 imbalance in a kind of balanced way. 1867 01:27:50,890 --> 01:27:53,920 So everybody's job is roughly equally difficult. 1868 01:27:53,920 --> 01:27:55,400 That's the sort of idea here. 1869 01:27:55,400 --> 01:27:56,650 Yes? 1870 01:27:56,650 --> 01:27:59,560 AUDIENCE: Does this model assume that all of these variables 1871 01:27:59,560 --> 01:28:03,130 are independent and, I guess, kind 1872 01:28:03,130 --> 01:28:08,000 of continuous in terms of you can incrementally work better? 1873 01:28:08,000 --> 01:28:10,990 PROFESSOR: So they're not independent in the sense 1874 01:28:10,990 --> 01:28:13,620 that they're coupled through the performance of the system. 1875 01:28:13,620 --> 01:28:15,370 But you can choose-- the assumption is you 1876 01:28:15,370 --> 01:28:18,550 can choose these independently. 1877 01:28:18,550 --> 01:28:20,170 But they're coupled, because you need 1878 01:28:20,170 --> 01:28:21,820 to achieve that requirement. 1879 01:28:21,820 --> 01:28:23,860 And yes, in this case, they're continuous. 1880 01:28:23,860 --> 01:28:26,960 But you can think of this as a discrete, as well. 1881 01:28:26,960 --> 01:28:29,440 So for example, the reaction wheels could be, 1882 01:28:29,440 --> 01:28:33,040 you're picking from a catalog, in which case 1883 01:28:33,040 --> 01:28:36,940 now you're really picking specifications for components 1884 01:28:36,940 --> 01:28:40,310 that are off the shelf. 1885 01:28:40,310 --> 01:28:42,010 OK, so let me-- 1886 01:28:42,010 --> 01:28:43,580 I'm going to skip here for time. 1887 01:28:43,580 --> 01:28:47,200 So basically, following this ISO performance process, 1888 01:28:47,200 --> 01:28:50,310 you can go from some initial requirements, derived 1889 01:28:50,310 --> 01:28:53,940 requirements that are infeasible, to, 1890 01:28:53,940 --> 01:28:57,170 in blue here I'm showing you the results of this. 1891 01:28:57,170 --> 01:28:58,547 It's very close to 5. 1892 01:28:58,547 --> 01:29:00,130 There's some numerical tolerance here. 1893 01:29:00,130 --> 01:29:03,970 But by but essentially rebalancing the requirements 1894 01:29:03,970 --> 01:29:06,550 within the system, we're achieving a higher level 1895 01:29:06,550 --> 01:29:07,310 requirement. 1896 01:29:07,310 --> 01:29:09,430 But in a way that this [INAUDIBLE] 1897 01:29:09,430 --> 01:29:13,940 sort of the challenge equitably across sub-systems. 1898 01:29:13,940 --> 01:29:15,060 Does that make sense? 1899 01:29:15,060 --> 01:29:17,710 At EPFL, did you guys follow this? 1900 01:29:17,710 --> 01:29:19,030 I know this was a bit fast. 1901 01:29:19,030 --> 01:29:23,080 But that's the basic idea of ISO performance. 1902 01:29:23,080 --> 01:29:24,402 Any questions on your side? 1903 01:29:28,340 --> 01:29:31,620 AUDIENCE: [INAUDIBLE] 1904 01:29:31,620 --> 01:29:33,690 AUDIENCE: Maybe I have one. 1905 01:29:33,690 --> 01:29:35,810 So given that you have [? distance ?] requirements 1906 01:29:35,810 --> 01:29:39,580 and you probably have [INAUDIBLE] for each one, 1907 01:29:39,580 --> 01:29:41,725 is there a way that we would integrate all those 1908 01:29:41,725 --> 01:29:46,550 [? lines, ?] that you could see the [INAUDIBLE] for those? 1909 01:29:46,550 --> 01:29:48,300 If you don't mind, maybe it's a little bit 1910 01:29:48,300 --> 01:29:50,674 [? softer, ?] but maybe there's another requirement where 1911 01:29:50,674 --> 01:29:55,284 [INAUDIBLE] 1912 01:29:58,220 --> 01:30:02,508 PROFESSOR: [INAUDIBLE] 1913 01:30:02,508 --> 01:30:04,472 AUDIENCE: We don't hear you. 1914 01:30:21,190 --> 01:30:23,530 PROFESSOR: Sorry, guys, ran out of battery here. 1915 01:30:23,530 --> 01:30:24,979 Can you hear me again? 1916 01:30:27,880 --> 01:30:29,240 Can you hear me? 1917 01:30:29,240 --> 01:30:30,540 Yeah? 1918 01:30:30,540 --> 01:30:34,260 So the question was, well if you have multiple 1919 01:30:34,260 --> 01:30:37,230 of these performance, ISO performance lines, that's 1920 01:30:37,230 --> 01:30:38,090 exactly right. 1921 01:30:38,090 --> 01:30:41,220 If you have a vector of higher level requirements, 1922 01:30:41,220 --> 01:30:44,039 you're going to have ISO performance surfaces. 1923 01:30:44,039 --> 01:30:45,830 And so it gets, you know, the more of these 1924 01:30:45,830 --> 01:30:49,660 you have to satisfy at the same time, the more complex 1925 01:30:49,660 --> 01:30:50,310 this gets. 1926 01:30:50,310 --> 01:30:53,010 But we can handle that computationally. 1927 01:30:53,010 --> 01:30:55,920 So you have to do some simulation and computation 1928 01:30:55,920 --> 01:30:58,140 upfront to make sure you pick. 1929 01:30:58,140 --> 01:31:02,170 These requirements are not just wild guesses. 1930 01:31:02,170 --> 01:31:05,360 They're actually based on some calculation and simulation. 1931 01:31:05,360 --> 01:31:07,590 OK? 1932 01:31:07,590 --> 01:31:08,220 All right. 1933 01:31:08,220 --> 01:31:10,620 So let's do this. 1934 01:31:10,620 --> 01:31:12,990 Let's do this in a kind of simplified way. 1935 01:31:12,990 --> 01:31:17,200 This is going to be our last concept question for today. 1936 01:31:17,200 --> 01:31:21,030 Here's the higher level requirement is a balloon. 1937 01:31:21,030 --> 01:31:23,941 Those of you that have done unified engineering here, 1938 01:31:23,941 --> 01:31:24,940 you've done this, right? 1939 01:31:24,940 --> 01:31:26,460 We did this in unified. 1940 01:31:26,460 --> 01:31:29,850 A balloon shall lift the payload of 1,000 kilograms, which 1941 01:31:29,850 --> 01:31:33,030 includes its own mass. 1942 01:31:33,030 --> 01:31:36,780 You can use either helium, which has a density of 0.2 1943 01:31:36,780 --> 01:31:38,260 kilograms per cubic meters. 1944 01:31:38,260 --> 01:31:40,200 This is in standard atmosphere conditions. 1945 01:31:40,200 --> 01:31:42,240 Or hydrogen, 0.1. 1946 01:31:42,240 --> 01:31:45,230 I've rounded these numbers, as a lift gas. 1947 01:31:45,230 --> 01:31:50,400 The standard density of air is 1.3. 1948 01:31:50,400 --> 01:31:54,360 Which of the following requirements is infeasible? 1949 01:31:54,360 --> 01:31:56,340 A, the balloon shall have a radius 1950 01:31:56,340 --> 01:31:58,920 of 6.1 meters and the balloon shall 1951 01:31:58,920 --> 01:32:02,190 use 99.9 percent pure helium. 1952 01:32:02,190 --> 01:32:05,800 B, a radius of 5.9 and the balloon 1953 01:32:05,800 --> 01:32:11,310 shall use 99.99 point percent hydrogen as a lift gas. 1954 01:32:11,310 --> 01:32:16,920 And then 5.9 meters helium, 6.1 meters hydrogen, 1955 01:32:16,920 --> 01:32:19,620 all these requirements actually are OK. 1956 01:32:19,620 --> 01:32:23,320 Or none of these requirements are feasible. 1957 01:32:23,320 --> 01:32:28,080 OK, so I'll give you I'll give you three minutes 1958 01:32:28,080 --> 01:32:31,110 to try and figure this out. 1959 01:32:31,110 --> 01:32:34,090 And then I'll show you the solution. 1960 01:32:34,090 --> 01:32:34,590 Don't cheat. 1961 01:32:34,590 --> 01:32:35,714 Don't go to the next chart. 1962 01:32:39,610 --> 01:32:42,910 So think about this the high level requirement is 1963 01:32:42,910 --> 01:32:45,520 the balloon shall lift 1,000 kilograms, 1964 01:32:45,520 --> 01:32:47,410 including its own mass. 1965 01:32:47,410 --> 01:32:51,010 And we're trying to allocate lower level requirements 1966 01:32:51,010 --> 01:32:54,970 for the size of the balloon and the gas 1967 01:32:54,970 --> 01:32:58,275 that we're going to use. 1968 01:32:58,275 --> 01:32:59,772 So try to figure this out. 1969 01:33:05,699 --> 01:33:07,240 All right, I think we probably need-- 1970 01:33:07,240 --> 01:33:08,740 who needs more time for this? 1971 01:33:11,440 --> 01:33:15,740 OK, so we're going to leave this as a cliffhanger, OK? 1972 01:33:15,740 --> 01:33:18,530 We'll do the solution next time. 1973 01:33:18,530 --> 01:33:21,380 And take a little time to figure this out. 1974 01:33:21,380 --> 01:33:23,990 Try not to look at the next slide, OK? 1975 01:33:23,990 --> 01:33:27,440 So I'm going to skip this just for time. 1976 01:33:27,440 --> 01:33:30,950 And I want to talk briefly about the SRR, what it is, and then 1977 01:33:30,950 --> 01:33:32,630 kick off assignment 2. 1978 01:33:32,630 --> 01:33:33,890 So SRR. 1979 01:33:33,890 --> 01:33:36,500 So the idea is you've really been working 1980 01:33:36,500 --> 01:33:38,990 on these requirements hard, you know, as a team, 1981 01:33:38,990 --> 01:33:40,309 with your customers. 1982 01:33:40,309 --> 01:33:42,100 And this takes-- this is not a quick thing. 1983 01:33:42,100 --> 01:33:43,558 This is not just two or three days. 1984 01:33:43,558 --> 01:33:46,520 Typically, writing your level 0, level 1985 01:33:46,520 --> 01:33:51,470 1 requirements is a process that takes weeks, months, 1986 01:33:51,470 --> 01:33:54,980 sometimes at least a year. 1987 01:33:54,980 --> 01:33:58,490 But typically, it's on the order of three to six months 1988 01:33:58,490 --> 01:34:00,620 in many projects, roughly. 1989 01:34:00,620 --> 01:34:03,570 And once you have your high level requirements, 1990 01:34:03,570 --> 01:34:07,180 SRR is the milestone where you review those, right? 1991 01:34:07,180 --> 01:34:09,710 So here's an example. 1992 01:34:09,710 --> 01:34:11,300 So it's a social. 1993 01:34:11,300 --> 01:34:13,220 It's a peer review process. 1994 01:34:13,220 --> 01:34:16,700 And the main goal of SBAR is to vet the requirements 1995 01:34:16,700 --> 01:34:19,100 as they were written to see if you have 1996 01:34:19,100 --> 01:34:22,770 any missing, misstated, redundant, or otherwise 1997 01:34:22,770 --> 01:34:24,870 unsatisfactory requirements. 1998 01:34:24,870 --> 01:34:29,690 This is a picture from JPL, from MSL, actually, mission. 1999 01:34:29,690 --> 01:34:32,090 And I want to just point out a good friend of mine 2000 01:34:32,090 --> 01:34:35,280 who is a graduate here of our department, Richard Kornfeld. 2001 01:34:35,280 --> 01:34:38,030 [? Voelker ?] knows him, met him last summer. 2002 01:34:38,030 --> 01:34:40,220 He's been working on three different Mars 2003 01:34:40,220 --> 01:34:42,021 missions over the last decade. 2004 01:34:42,021 --> 01:34:43,520 And we're going to hear from Richard 2005 01:34:43,520 --> 01:34:47,180 later this semester about verification of requirements, 2006 01:34:47,180 --> 01:34:49,400 because he verified the entry descent and landing 2007 01:34:49,400 --> 01:34:51,770 requirements for MSL. 2008 01:34:51,770 --> 01:34:57,040 So here's essentially what it says in the NASA handbook. 2009 01:34:57,040 --> 01:35:01,490 SRR happens during phase A, before you go into phase B. 2010 01:35:01,490 --> 01:35:04,940 And you need at least your top two level requirements written 2011 01:35:04,940 --> 01:35:06,685 before you can do the SRR. 2012 01:35:09,410 --> 01:35:12,050 I do want to mention the second reading post reading. 2013 01:35:12,050 --> 01:35:14,600 This is about requirements volatility. 2014 01:35:14,600 --> 01:35:19,160 So just because you past the SRR doesn't 2015 01:35:19,160 --> 01:35:22,010 mean that the requirements are completely frozen. 2016 01:35:22,010 --> 01:35:24,860 First of all, you don't have a lot of lower level requirements 2017 01:35:24,860 --> 01:35:25,400 yet, right? 2018 01:35:25,400 --> 01:35:28,610 Those are going to be added post SRR. 2019 01:35:28,610 --> 01:35:30,020 and even some of the-- 2020 01:35:30,020 --> 01:35:33,302 you pointed out, some of you, the requirements creep 2021 01:35:33,302 --> 01:35:34,010 and these things. 2022 01:35:34,010 --> 01:35:38,540 So this second reading is about requirements volatility, which 2023 01:35:38,540 --> 01:35:40,220 you can actually quantify. 2024 01:35:40,220 --> 01:35:42,890 What are the sources of requirements volatility? 2025 01:35:42,890 --> 01:35:44,810 That's what this figure shows you. 2026 01:35:44,810 --> 01:35:47,810 And then what is the impact of requirements volatility? 2027 01:35:50,580 --> 01:35:52,610 What is the impact of requirements volatility 2028 01:35:52,610 --> 01:35:53,990 on a project? 2029 01:35:53,990 --> 01:35:57,200 So specifically, on the number of system requirements, 2030 01:35:57,200 --> 01:36:00,490 on rework, on project schedule, and so forth. 2031 01:36:00,490 --> 01:36:03,410 Really, it's a very, very recent paper 2032 01:36:03,410 --> 01:36:06,860 on requirements volatility. 2033 01:36:06,860 --> 01:36:09,380 So let me just kick off assignment 2. 2034 01:36:09,380 --> 01:36:10,670 And then we'll be done. 2035 01:36:10,670 --> 01:36:15,110 So assignment 2 goes out today and is due in two weeks. 2036 01:36:15,110 --> 01:36:17,270 So that's October 9. 2037 01:36:17,270 --> 01:36:19,640 And it's very focused on requirements. 2038 01:36:19,640 --> 01:36:23,600 Basically, what I want you-- and it's the same teams that you're 2039 01:36:23,600 --> 01:36:27,020 in for all the assignments. 2040 01:36:27,020 --> 01:36:29,540 Is essentially, first of all, first task 2041 01:36:29,540 --> 01:36:32,810 is find a project or program where 2042 01:36:32,810 --> 01:36:34,730 poorly written or managed requirements 2043 01:36:34,730 --> 01:36:36,090 were a major problem. 2044 01:36:36,090 --> 01:36:40,670 So as a team, discuss an example and discuss that example 2045 01:36:40,670 --> 01:36:42,050 as a team. 2046 01:36:42,050 --> 01:36:46,100 The second task is look at those CanSat 2016 2047 01:36:46,100 --> 01:36:49,580 requirements, those 47 base requirements 2048 01:36:49,580 --> 01:36:51,740 and analyze those critically. 2049 01:36:51,740 --> 01:36:55,730 So that means are they feasible, are they well-written. 2050 01:36:55,730 --> 01:36:56,990 Classify them. 2051 01:36:56,990 --> 01:36:58,670 What type of requirement is it? 2052 01:36:58,670 --> 01:37:00,230 Is it an interface requirement? 2053 01:37:00,230 --> 01:37:02,150 Is it a performance requirement? 2054 01:37:02,150 --> 01:37:05,690 And then figure out whether there's a hierarchy there. 2055 01:37:05,690 --> 01:37:09,080 And basically, then, from that, generate your own set 2056 01:37:09,080 --> 01:37:12,300 of requirements for the CanSat competition. 2057 01:37:12,300 --> 01:37:15,020 So you're going to either rewrite or organize 2058 01:37:15,020 --> 01:37:17,600 these requirements in a way that's better 2059 01:37:17,600 --> 01:37:20,180 and that works for you as a team. 2060 01:37:20,180 --> 01:37:22,520 And then the fourth requirement is 2061 01:37:22,520 --> 01:37:27,530 to figure out where you want your margins, 2062 01:37:27,530 --> 01:37:31,700 where do you think you need to have reserves and margins 2063 01:37:31,700 --> 01:37:33,410 in these requirements. 2064 01:37:33,410 --> 01:37:36,620 So it's very much looking and reorganizing 2065 01:37:36,620 --> 01:37:43,930 and critically analyzing the CanSat 2016 requirements set. 2066 01:37:43,930 --> 01:37:46,120 So let me summarize. 2067 01:37:46,120 --> 01:37:48,010 Good requirements are really essential. 2068 01:37:48,010 --> 01:37:50,950 It's the starting point for system design, 2069 01:37:50,950 --> 01:37:53,380 system engineering. 2070 01:37:53,380 --> 01:37:55,150 It is a challenging thing, especially 2071 01:37:55,150 --> 01:37:58,610 the flow down is challenging. 2072 01:37:58,610 --> 01:38:01,090 There are some methods and commercial tools for doing 2073 01:38:01,090 --> 01:38:02,590 formal requirements management. 2074 01:38:02,590 --> 01:38:04,840 So I mentioned ISO performance. 2075 01:38:04,840 --> 01:38:09,290 And then I mentioned DOORS, these commercial tools. 2076 01:38:09,290 --> 01:38:13,480 And then the last point here is just because you passed SRR, 2077 01:38:13,480 --> 01:38:15,850 and you have high level requirements approved, 2078 01:38:15,850 --> 01:38:18,310 doesn't mean that's the end of the story. 2079 01:38:18,310 --> 01:38:23,650 The requirements will continue to be updated, refined. 2080 01:38:23,650 --> 01:38:26,230 But you have to be you have to be very disciplined 2081 01:38:26,230 --> 01:38:27,370 to keep that in check. 2082 01:38:27,370 --> 01:38:30,410 If your requirements volatility is too high, 2083 01:38:30,410 --> 01:38:34,420 then bad things can happen to your project. 2084 01:38:34,420 --> 01:38:36,280 And I really recommend the reading 2085 01:38:36,280 --> 01:38:40,400 on requirements volatility, some very, very recent data on that, 2086 01:38:40,400 --> 01:38:41,510 OK? 2087 01:38:41,510 --> 01:38:45,880 So that's the end of the session for today. 2088 01:38:45,880 --> 01:38:49,520 I'm going to be online on the WebEx in about 10 minutes. 2089 01:38:49,520 --> 01:38:52,000 If any of you have questions, or any comments, or you 2090 01:38:52,000 --> 01:38:54,550 want to dive into this further. 2091 01:38:54,550 --> 01:38:57,160 I know this is not a great time for you at EPFL, 2092 01:38:57,160 --> 01:38:59,540 because it's Friday night for you guys. 2093 01:38:59,540 --> 01:39:02,210 So I think what we're going to do, 2094 01:39:02,210 --> 01:39:05,020 we'll figure this out with [? Leighs ?] and [? Johana. ?] 2095 01:39:05,020 --> 01:39:07,480 We'll see if we want to do a separate time, 2096 01:39:07,480 --> 01:39:10,780 a different time during the week for the office hours. 2097 01:39:10,780 --> 01:39:12,460 I'm happy to do this at a better time, 2098 01:39:12,460 --> 01:39:14,590 if this doesn't work for you guys, 2099 01:39:14,590 --> 01:39:16,270 because it's happy hour time for you. 2100 01:39:16,270 --> 01:39:18,580 So anyway. 2101 01:39:18,580 --> 01:39:19,600 OK, so great. 2102 01:39:19,600 --> 01:39:20,440 Have a great week. 2103 01:39:20,440 --> 01:39:22,770 And we'll see you next Friday.