Challenges for Requirements Engineering of Cyber-Physical Systems in Distributed Environments

. Engineering of systems is highly inﬂuenced by rapid technological changes, such as the emergence of Cyber-Physical Systems (CPS). These are interconnected embedded systems enabled by human-machine interaction. Real‐ isation of CPS require a collaboration between mechanical engineering, electrical engineering, and computer science since diﬀerent components are delivered and developed by diﬀerent disciplines. Consequently, the Requirements Engineering (RE) process needs to consider multi-disciplinary perspectives. The objective of this paper is to elaborate the speciﬁc challenges of RE for CPS in a distributed environment and to identify knowledge sources and targets in CPS engineering. It describes the relevant types of knowledge and deﬁnes appropriate exchange mechanisms and standards.


Introduction
Manufacturing is often a complex process based on economy of scale principles [1] and involving globally distributed partners [2]. The supply chain can be seen as an ecosystem of different actors with different needs, acting and interacting in a dynamic environment [3]. New levels of human-machine interaction have become possible and more widespread, paving the way for reliable, sustainable, technology-driven ecosystems. Follett [4] enlists as significant emerging technologies a networked, intelligent world connected by IoT: more efficient and effective manufacturing aided by advanced robotics and customised, just-in-time manufacturing, driven by additive fabrication/3D printing. The growth, maturity, and widespread adoption of these technologies have the potential to disrupt and innovate. Intelligent materials, wearable technologies, tangible interfaces, human-robot collaboration, evolving tools, processes and interactions in neuroscience, avatar-quality VR, ubiquitous usage of machine learning and deep learning algorithms will increase the added value of technology and open the way towards technical breakthroughs as a result of synergies of near-simultaneous events.
The relevance of these technological advances has been recognised by being implemented in several governmental programmes like the German "Industrie 4.0" paradigm [5] and the United States Smart Manufacturing Leadership Coalition (SMLC) [6] aiming at introducing Cyber-Physical Systems (CPS) into manufacturing [7]. Such systems emerge through the complex networking and integration of embedded systems, application systems, and infrastructure, enabled by human-machine interaction. Contrary to conventional production or logistics systems, CPS follow an holistic system approach and can thus be seen as systems of systems, requiring the collaboration of different disciplines such as mechanical engineering, electrical engineering, and computer science for their realization [4]. Rapid technological changes combined with a highly competitive market have induced a need for implementing new processes and production methods for reducing "time to market" [8,9] as well as in order to be both appropriate in terms of quality and cost effective [10] and meet the customers' expectation. Customers nowadays demand integrated solutions and services, covering the whole system life cycle. Consequently, understanding the underlying needs, and the thus the requirements on a product or service throughout the entire life cycle is a prerequisite for successful systems engineering and the provision of cost-effective solutions [11][12][13], also contributing to an improved usage of resources. From a technical point of view this can be realized today focusing on reusability of components [14] as well as through better collaboration across different process steps [15]. What does this mean for Requirements Engineering on CPS however? The main challenges, which increase the complexity, are the dynamical aspects of CPS as well as the increased number of stakeholders and system components involved covering the whole life cycle [15]. Operating in a dynamic environment requires high flexibility, re-configurability etc. as well as evolutionary changes in the requirements.
Inadequate Requirements Engineering (RE) is one of the main sources for the failure of development projects and culminates in exceeding budgets, missing functionalities or even the abortion of the project [16]. Consequently, for dynamic systems with evolutionary requirements, the need for continuous interaction between the development process and the requirement elicitation process is inevitable for ensuring a consistent and traceable elicitation and management of requirements [17]. However, what do actually dynamical changes mean for the RE, and how do the rapid advances in technology and sensors (f. ex. regarding the data analysis, used sensors etc.) actually influence the process? The next Sect. 2 will first describe the research approach. Section 3 will cover the foundation of CPS and RE, before in Sect. 4 the major gaps are outlined and the research questions are derived. Section 5 will present the initial findings for a RE framework for CPS, whereas Sect. 6 will conclude and present next steps.

Research Approach
The main objective of our study is two-folded (i.e. how can we improve RE for CPS, and how can this be done based on existing approaches with best possible quality). For this we first need to know what characterises CPS systems and which characteristic are relevant for the RE process. Secondly, which RE approaches exist and which limitation do they have. Based upon such analysis, we can develop or change existing tools and framework for CPS, thus in order to address these points, our methodological approach is based on combination of the research methods literature review and action research.
A literature review was carried out targeting knowledge processes, and information on CPS and supporting technologies. Scientific papers were accessed through Google Scholar searching for key words (sensors; CPS components, SOA, actuators, communication and network; Requirements Engineering + dynamic systems, RE + CPS) [18]. The relevance of the downloaded papers for this article was based on assessing the abstract, as well as by searching for the combination of RE and CPS in the full papers.
The work with the specific RE process for CPS had a different methodical approach. The researchers have been involved in the specifications and development of the scenarios. Design Science was the overall scientific approach in this work [19,20]. More specific, action research was applied [21].
Section 3 outlines the key findings from the literature review, Sect. 3.1 focusing on CPS, Sect. 3.2 on RE.

Theoretical Background
This chapter identifies the specific characteristics of Cyber-Physical Systems related to systems engineering. This allows to derive challenges for the Requirements Engineering of CPS. Based on the results, in Sect. 3.2, existing RE approaches are examined, in order to investigate to which extent the identified gaps are addressed.

Engineering of Cyber-Physical Systems
CPS integrate physical capabilities and require new ways of human-machine interaction using advanced sensors and actuators. They rely on knowledge and engineering principles from computational and engineering disciplines [7]. Additionally, for reaching the full potential of CPS, the system will also comprise the logistics and management processes, as well as internet services receiving, processing and analysing data from the sensors and controlling the actuators, connected by digital networks and multi-model human-machine interfaces. As such, CPS are open socio-technical systems with a functionality far exceeding controlled embedded systems [22].

Requirements Engineering Approaches
As already mentioned in the introduction, RE for CPS has to define requirements for a rising amount of tangible and intangible components from a growing number of distributed stakeholders from multiple disciplines and consequently only RE approaches being able to deal with the complexity of the system, its openness and evolutionary nature can be considered as suitable. Furthermore, due to the complexity of the systems, they also have to enable direct involvement of the user and information exchange between different stakeholders. Finally, the different formalisms and tools of the involved disciplines have to be considered and integrated or replaced.
Hauksdóttir et al. [16] investigate the management of requirements for complex systems or products. They recognize requirement reuse as an enabler to increase efficiency and quality of Requirements Engineering and propose a structure for a reusable requirement specification. The proposed structure has five groups of requirements (business requirements, standards and laws, product properties, life phase requirements, design constraints) that are applicable to different products. Each group contains several sub-groups that have to be defined for each product individually and contain different requirement types. The structure has been tested with embedded products but not with CPS and the authors argue that it has to be tested with other product types and might require different categorization.
Penzenstadler and Eckhardt [24] agree that ensuring communication and consistency of requirements for CPS is a challenge due to the variety of stakeholders involved. The authors propose a RE content model for requirements elicitation and documentation at different levels as a solution. The model originates from a research project (ARAMiS) with stakeholders from 30 companies and defines the artefacts that have to be defined during RE instead of a specific RE process. This leaves the organisation of the RE activities in the hand of each stakeholder. The content model features five levels (context, system, subsystem, architecture) with several items. It has been implemented in the Enterprise Architect tool based on SysML and UML diagrams. However this requires the adoption of the content model by all stakeholders involved.
Wiesner et al. [23] also address the problem of information exchange between the different disciplines. They propose Natural Language Processing (NLP) as a way to translate non-formal requirements to formal descriptions in different disciplines, thus enabling automated information processing. Natural language is a universal format, understood by the end user and stakeholders from all involved disciplines. NLP techniques can assist requirements engineers when writing specifications. The application of NLP could establish a dialog system, which supports resolving ambiguities and semiautomatically transform requirements in natural language into discipline specific models. However this theoretical approach has not yet been tested for CPS development in practice.

Gap Analysis and Research Questions
In systems of systems like CPS, the independence of the constituent systems and their evolutionary nature lead to exceptionally distributed RE activities for a multitude of stakeholders with isolated RE approaches in several disciplines. In the next step we are therefore looking at how existing approaches contribute to that and which gaps we can identify.
Regarding managing the complexity of CPS, a modular approach would lead to a better usage of resources. From a technical point of view this can be realized today focusing on reusability of components [14] as well as through better collaboration across different process steps [15]. For Requirements Engineering, this demands for a requirements structure that allows the specification of the CPS components from different domains and their interaction, as well as the reuse of requirements from previous CPS projects in a modular way. Hauksdóttir [16] defines a reusable requirements structure in a generic way, not focused on the specific characteristics of CPS, while Penzenstadler and Eckhardt [24] primarily focus on fostering information exchange between stakeholders.
For the inclusion of all distributed stakeholders, it has to be ensured that participatory approaches can be used with the limitation that knowledge specific CPS models and components should not be required. Furthermore, a common basis is needed to dynamically exchange requirements between a multitude of stakeholders. The content model from Penzenstadler and Eckhardt [24] provides a framework for the specification of the targeted CPS on different levels in SysML and UML. This is a suitable approach to exchange information between the technical design departments of stakeholders, if they agree to adhere to a common standard. At the same time it might be too difficult to be used by non-technical stakeholders, such as the user. Wiesner et al. [23] offer a way to transform requirements between natural language and formal models, which might be a good extension to bridge this gap.
The information exchange between different disciplines is partly addressed by two approaches described above. However, they either require to implement a common standard for all stakeholders instead of the domain specific models, or use natural language for information exchange which produces ambiguity problems. However, as it might not be feasible to implement a common standard on all levels for the stakeholders, a translation might be needed between domain specific models on lower levels and a common model on higher levels. Based upon this analysis our research questions are: 1. How can existing tools and frameworks be adapted to take the the distributed environment, dynamic evolvement and the need of flexible integration of new, not existing components into account? 2. How can a new framework look like if no existing approach is applicable?

Initial Requirements Towards an RE Framework for Cyber-Physical Systems
Section 5.1 identifies three main challenges in the Requirements Engineering process for CPS systems, while in Sect. 5.2 first requirements for a CPS RE framework are derived.

Challenges Identified for RE for CPS Based on the Literature Review
Geisberger and Broy [22] give RE a central role for CPS development, integration, maintenance and evolution. However, several challenges for engineering of CPS could be found in literature, which have to be addressed by a suitable RE approach. In summary, three main areas were identified: the complexity of the CPS itself, the distributed stakeholder environment around the CPS and the different disciplines involved in CPS development.
CPS consist of a large number of different cyber and physical components that create the desired functionality through emergent behavior. Furthermore, they are open systems that have to be interoperable and can evolve. According to Ncube [25], for interoperation between systems that have been separately developed, RE has to be able to identify the key interoperation influencing requirements. Due to the complexity inherent to systems of systems, such as CPS, requirements are distributed among many disciplines and can be conflicting, unstable, unknowable or not fully defined. Schätz [26] describes three dimensions of CPS complexity: cross (application domains, engineering disciplines, technologies, organizations), live (reconfiguration, redeployment, update) and self (documentation, monitoring, adaptation). The joint presence of these dimensions is typical for CPS and has to be considered already during RE.
CPS have a large number of stakeholders that are typically separated spatially and organizationally. In addition to the user, who defines the scope and purpose of the CPS, specialized partners with distinct processes develop the individual system components. Following Geisberger and Broy [22], users and other stakeholders from different domains have to be actively involved into the development from the start. The CPS has to be adapted to the needs and competences of the users.
The stakeholders are not only distributed, they also stem from multiple disciplines with own formalisms and tools. During CPS development, information and requirements have to be exchanged between the disciplines in order to create a common view of the targeted system. Baheti and Gill [7] emphasize the need for theories and tools to design, analyse and verify the components at various levels, understand the interactions between systems and ensure safety and performance with minimal cost. Currently, CPS components are handled by isolated disciplines with their own formalisms and tools, which either represent the cyber or physical process. This hinders the verification of the overall system design and component-to-component interaction. Broy et al. [27] demand the synthesis of knowledge across different domains of application, including methods of requirements analysis and modelling.

Requirements for a CPS RE Framework
Based on the gaps identified in the analysis carried out above, we can identify three main requirements on RE methods for CPS: • The development of a reusable requirements structure for CPS, which allows the definition of modular components, which can be combined to the overall system. To support modular design and interoperability of CPS, standardized abstractions and architectures are needed. This also refers to verification and validation of the system at the design stage. This requirement addresses the challenge to manage the complexity inherent to CPS. • Definition of a CPS content model that is formal enough to describe the targeted system unambiguously and in a verifiable way, but has the flexibility to include nonformal inputs. The different stakeholder needs and changing requirements must be managed by RE processes and tools, which have to be able to manage emergent effects with predictable results. This requirement addresses the challenge to involve all stakeholders, including the final user, into CPS development.
• The inclusion of the most relevant domain specific models into the CPS content model, e.g. using semantic mediation. It needs to integrate mechanical and software engineering models for the formal description of requirements, which have to be mapped to the system elements and communicated between stakeholders from different disciplines. This requirement addresses the challenge to integrate all domains involved in CPS development.

Initial Outline of a CPS RE Framework
Based on the requirements identified in the previous section, a CPS RE framework can be outlined. Requirements in the CPS development process can be assigned to two distinguished areas: the problem domain and the solution domain. The problem domain includes the needs and business goals for system development and their formulation into stakeholder requirements, without preselecting any specific CPS characteristics. The solution domain contains the system requirements describing the targeted functionalities of the solution and subsequently the architectural design, which specifies how the CPS will meet the system requirements.
Business requirements are derived from the business goals or objectives of the organization, which interpret the underlying business vision. They are mostly given in natural language. Methods for documentation of business requirements can be Business Process Model and Notation (BPMN) or data flow diagrams, showing the difference between "as-is" and "to-be" business processes. Stakeholder requirements in general are derived from the statements of need, using various methods like use scenarios, and are stated in non-technical terms normally not adequate for design purposes.
Describing the targeted CPS behavior in terms of conditions or capabilities of the envisaged solution can be done through developing system models describing functionality and then documenting system requirements that capture the vision of the customer in technical terms, enable the definition of the scope of the system and allow estimating the cost and schedule required to build the system. The description of the architectural design of a system identifies the different system elements and shows how they work together through their relationships to meet the system requirements. In the case of CPS, this can be the interaction between product and services, or between software and hardware. These models can be documented in SysML or domain specific notation.
As it is often not possible to use a common notation, such as SysML, for all involved stakeholders, a mediation or translation has to be established between the different domain models. The framework covers this in two different ways: For the semi-automatic translation between non-formal (natural language) and formalized notations, Natural Language Processing [23] can be implemented. Transformation between the different formal domain specific models can be achieved using methods such as semantic mediation, which enable conversion between model using ontologies. In this way, domain barriers can be greatly reduce or fully removed.

Conclusion and Future Work
The scale and complexity of the objects targeted by systems engineering is constantly growing, reflected by the emergence of CPS. Current methods and tools, in particular for requirements engineering, do not provide full support for these new challenges. The realization of CPS usually requires the temporary collaboration of a multitude of stakeholders from different domains, such as hardware, software and services. Besides the customer/user and the system integrator, there are stakeholder groups for the system components, life cycle services and system environment, each with their own objectives and context.
In the paper, it could be shown that CPS have special characteristics compared with conventional systems that affect Requirements Engineering. The main points identified are greater complexity, multiple distributed stakeholders and the involvement of several disciplines with their own formalisms and models. At the same time, first approaches to address these issues for Requirements Engineering could be found.
Complexity can be addressed with a suitable management structure that supports the reuse of requirements from earlier projects and thus enables modularization of CPS. Future work in this area should include the specification of such a requirements structure, which also helps to manage changing requirements and predicts the emerging properties of a CPS.
Multiple distributed stakeholders for the system as a whole may have limited knowledge of the needs and constraints for the individual components, and vice versa. They can be included by implementing a universal content model for CPS that helps to exchange unambiguous information about the targeted system requirements. Nontechnical stakeholders, such as the user of the CPS could participate in system development using NLP technology. Future work should extend such a content model with interfaces to natural language and domain specific models, where necessary.
The involvement of different disciplines requires the implementation of a common standard, as either described above or appropriate interfaces between domain specific and common models. As it might not be possible to replace domain specific models in all cases, future work should deals with the implementation of such interfaces that are able to translate between different models without information loss or delay.
Systems engineering is evolving from a centralized development process for individual systems and components towards the orchestration of distributed software, hardware and business processes for a common purpose. Addressing the identified requirements with a CPS Requirements Engineering framework would help to make the development of CPS more cost effective and faster, while retaining a high system quality.