Legal information

Copyright DB Netz AG, licensed under CC-BY SA 3.0 DE (see full text in CC-BY-SA-3.0-DE)

ARCH.R.1 Operational capability review

Jira tickets

SM-3493 - Define criteria for review ARCH.R.1 Finished

SM-5282 - Add batches of artefacts to ARCH process diagram Finished

RCAMT-299 - Update design review critieria/evidence to indicate the 50126 phase where the artefacts are created/updated Finished

Configuration status report

ARCH process configuration

The version of the ARCH process used to create the content being reviewed here is: uncontrolled edit in Confluence unqualified release x.y / qualified release.

Content configuration

The version of the Capella model that is being reviewed here is: uncontrolled / unqualified baseline / qualified baseline.

Limitations on the use of this review

If (ARCH process version is a latest Confluence edit OR an unqualified release ) OR ( Capella model version is uncontrolled OR unqualified baseline )

Content that is reviewed here may only proceed further to next ARCH steps, Safe Enough To Try (ARCH.R.1-8) reviews, and simulation or prototyping work of TRL 1-6

Else (that is, ARCH process version is a qualified release AND Capella model version is a qualified baseline )

Content that is reviewed here may proceed further to the Safe Enough To Fly area ( ARCH.R.9/10 and GEN process )

AREV-1.1 Artefacts list


AREV-1.2 Review criteria 

Activity & viewpoint completion

This section of the review is complete when

  • all the tickets in the Tickets column are closed;
  • modelling rule compliance has been confirmed by the review proposer.

If a line is not applicable, note the reason for this in the Notes column.

The tickets should only be closed when all produced views are fully compliant with the modelling rules.

ID

Prefix AREV-1.2.1.x

EN 50126 phaseActivityTicketsViewpoint output

Scope of compliance

Notes
010O1ARCH.002 Create initial set of operational capabilities
AMOD-021Capability-based
020O1ARCH.003 Create initial set of operational actors & operational entities
AMOD-022Capability-based
030O1

ARCH.008 Define abstract concepts relevant to the wider system of interest


AMOD-025

Capability-based
040O2ARCH.080 Model operational activities and interactions
AMOD-028Full
050O2ARCH.078 Create bare business operational scenario
AMOD-027Full
060O2ARCH.079 Create "bare business" operational process
AMOD-029Full
070O2

ARCH.153 Model data flowing between operational activities


AMOD-105Capability-based
080
AMOD-110Capability-based
090O2ARCH.159 Model operational states
AMOD-023Capability-based
100O2
AMOD-028Capability-based
110O2ARCH.177 Complete the definition of the operational capability of interest
AMOD-137Full
120O3ARCH.026 Define the state model of accidents, hazardous and safe state
AMOD-030Capability-based
130O3ARCH.013 Identify risks to business effectiveness (business loss-risk mapping)
AMOD-130Capability-based
140O3ARCH.170 Identify security losses & threats
AMOD-131Capability-based
150O3ARCH.020 Identify & classify operational deviations
AMOD-030Capability-based
160
AMOD-136Full
170O3ARCH.014 Evaluate risks to business effectiveness

AMOD-031

Capability-based
180O3ARCH.021 Evaluate security risks
AMOD-031Capability-based
190O3ARCH.027 Evaluate operational safety risks
AMOD-031Capability-based
200O4ARCH.904 Incorporate risk control measures in the operational needs
AMOD-105Capability-based
210
AMOD-110Capability-based
220

O4

ARCH.904 Incorporate risk control measures in the operational needs
AMOD-033Full
230O4ARCH.904 Incorporate risk control measures in the operational needs
AMOD-035Full

Content criteria

This section of the review is only complete when:

  • All required review roles have agreed that each review criterion has been achieved (the Achieved y/n column contains only (tick) );
  • All the tickets in the "Blocking corrective action" column have been closed;
  • All non-blocking corrective actions have been ticketed and are shown in the "Non-blocking corrective action" column (note: they do not need to be closed in order for the review to complete);
  • All reviewer identities and comments are recorded.

The criterion can first be evaluated in the phase indicated in column "EN 50126 phase - initial", which is the first point at which evidence becomes available. However, this evidence may be updated later. Hence, reviews at this phase are optional because they do not reflect the final picture.

The criterion must be evaluated for the final time at the phase indicated in column "EN 50126 phase - final update" because up to this point, the evidence (artefacts) may have changed during the design process.

ID

Prefix AREV-1.2.2.x

EN 50126 phase - initialEN 50126 phase - final updateContent criterionEvidence

Achieved 

(tick)/(error)

Required review roleReviewer identityReviewer commentaryBlocking corrective actionNon-blocking corrective action
010O1O4The operational capability under review represents a genuine stakeholder need

AMOD-021

AMOD-137

Description of OC


Design authority



030O1O4Abstract concepts defined for the operational capability under review are safe enough to tryAMOD-025
Design authority



040O1O4Operational states defined to support description of the operational capability under review are safe enough to tryAMOD-023
Design authority



050O2O2

The flow of the operational bare business process for the operational capability under review is safe enough to try.

(the set of activities and the arrangement in the flow is judged to be sufficient to achieve the end conditions of the operational capability under review)

AMOD-029
Design authority



060O2O4Operational interactions defined for the operational capability under review are safe enough to tryAMOD-027
Design authority



070O2O4Operational activities defined for the operational capability under review are safe enough to tryAMOD-028
Design authority



080O2O4Assignments of operational activities to operational states defined for the operational capability under review are safe enough to tryAMOD-028
Design authority



090O2O4Exchange item definitions and supporting data types defined for the operational capability under review are safe enough to try

AMOD-110

AMOD-105


Design authority



100O2O4Allocation of operational activities to operational actors/entities for the operational capability under review is safe enough to tryAMOD-027
Design authority



110O3O4The operational safety risks associated with for the operational capability under review have been identified, assessed, and mitigated to a non-qualifiable level (safe enough to try only)

AMOD-031

AMOD-035

AMOD-033


Design authority



130O3O4The business risks associated with for the operational capability under review have been identified, assessed, and mitigated to a non-qualifiable level (safe enough to try only)

AMOD-031

AMOD-035

AMOD-033


Design authority



150O3O4The security risks associated with for the operational capability under review have been identified, assessed, and mitigated to a non-qualifiable level (safe enough to try only)

AMOD-031

AMOD-035

AMOD-033


Design authority



160-O4The content in the scope of this review is safe enough to try starting system needs analysis on the corresponding single operational capability.All submitted viewpoints
Lead system architect