NextGen - SESAR Data Model Coordination Group (NSDMCG) ICAO AIRM Governance Considerations 1 General 1.1 Mandate The NSDMCG Terms of Reference (dated 11 October 2011) specifies the following output: Recommendations describing governance related aspects (e.g. profiling). 1 August 2013 As a part of the NSDMCG proceedings, a task was created in order to explore the aspects of governance related to information and data models. However, as the outputs of the task matured and a greater understanding of the ICAO AIRM was achieved, it became clear that a sharper focus was needed. Therefore, the current document focuses on the governance considerations in relation to the ICAO AIRM as outlined in the ICAO AIRM Considerations document [Ref 11]. This means that many of the data/information governance aspects envisaged by the Terms of Reference are now out of scope of this document. 1.2 Scope This document introduces governance and outlines a number of considerations that will need to take place when an ICAO AIRM is established. Addressing the considerations is necessary to ensure that the ICAO AIRM governance is established in a manner that will help to ensure buy-in for the ICAO AIRM. It is not in the scope of the document to propose final recommendations. These cannot be reached without a long and detailed analysis and consultation. This is expected to happen in the process of defining the wider Global Interoperability Framework. 1.3 Audience The anticipated readership for this document includes: The NSDMCG team. The leadership of Coordination Plan 2.1 (CP2.1), CP3.1, CP3.2, and NextGen/SESAR leadership. Federal Aviation Administration (FAA) / EUROCONTROL. 1.4 Acronyms AIDX AIRM AIXM ANC ATM CLDM CONOPS CP EATMA Aviation Information Data Exchange ATM Information Reference Model Aeronautical Information Exchange Model Air Navigation Conference Air Traffic Management Consolidated Logical Data Model Concept of Operations Coordination Plan European ATM Architecture 1 2013-08-01
EUROCONTROL European Organisation for the Safety of Air Navigation Exchange Model Current ATM related Exchange Models such as AIXM, WXXM, FIXM, ASTERIX, AIDX, etc FAA Federal Aviation Administration FIXM Flight Information Exchange Model GIF Global Interoperability Framework ICAO International Civil Aviation Organization ICAO AIRM The AIRM as considered in the global interoperability discussion at the ICAO level ISO International Organization for Standardization LDM Logical Data Model NAS National Airspace System NCOIC Network Centric Operations Industry Consortium NextGen Next Generation Air Transportation System NextGen OV-7 NextGen Operational View 7 Logical Data Model NSDMCG NextGen - SESAR Data Model Coordination Group OECD Organization for Economic Cooperation and Development OV Operational Information Model View SCL SWIM Compliance Level SESAR Single European Sky ATM Research SESAR AIRM-CLDM Single European Sky ATM Research AIRM Consolidated Logical Data Model SOA Service Oriented Architecture SV System View SWIM System Wide Information Management TOGAF The Open Group Architecture Framework UML Unified Modelling Language UNESCAP United Nations Economic and Social Commission for Asia and the Pacific WXXM Weather Information Exchange Model 1.5 References [Ref 1] SESAR SWIM Concept of Operation (CONOPS) [Ref 2] SESAR SWIM Compliance Framework [Ref 3] The Open Group [TOG 2006]. [Ref 4] European Interoperability Framework http://ec.europa.eu/isa/documents/isa_annex_ii_eif_en.pdf [Ref 5] Master Data Management and Information Strategic Planning [Ref 6] SESAR AIRM Governance Handbook [Ref 7] TOGAF: http://pubs.opengroup.org/architecture/togaf9-doc/arch/ [Ref 8] OECD Principles of Corporate Governance, Organization for Economic Co-operation and Development, December 2001; refer to www.oecd.org [Ref 9] FAA SWIM: SOA Governance Best Practices, 2013 [Ref 10] ISO Glossary of terms and abbreviations used in ISO/TC Business Plans (http://isotc.iso.org/livelink/livelink/fetch/2000/2122/687806/glossary.htm?nodei d=2778927&vernum=0) [Ref 11] NSDMCG: ICAO AIRM Considerations 1.6 Key Assumptions This document is based on the following assumptions: 2 2013-08-01
States and state organizations will have ongoing governance over data, services and architecture. The ICAO AIRM will be governed at a higher (inter-state) level. Logically, ICAO will be the governing body of the ICAO AIRM. The higher level of governance will not harm the interoperability of shared information. Therefore, it will impose constraints on the shared information. Governance at the state and state level will continue to exist but within the constraints imposed at the higher level. The ICAO AIRM governance operates within the international legal framework (e.g. it is recognized by an ICAO Annex). 1.7 Document Organization This document contains the following sections: Introduction to Governance Ongoing activities within SESAR and FAA Considerations for ICAO AIRM Governance Implementing Governance Recommendations Summary Contributors Appendix 2 Introduction to Governance 2.1 What is Governance? The Organization for Economic Cooperation and Development (OECD) [Ref 8] describes governance as:... the system by which business corporations are directed and controlled. The corporate governance structure specifies the distribution of rights and responsibilities among different participants in the corporation - such as the board, managers, shareholders, and other stakeholders - and spells out the rules and procedures for making decisions on corporate affairs. By doing this, it also provides the structure through which the company objectives are set and the means of attaining those objectives and monitoring performance. The SESAR SWIM CONOPS [Ref 1] defines governance, within the context of SWIM, as the Ability of decision-makers to set policies regarding stakeholders, services, and their relationships. The FAA SWIM SOA Best Practices report [Ref 9] defines governance as: the set of rules, practices, roles, responsibilities, and agreements whether formal or informal - that control how we work. The common thread in these definitions is the assignment of some authority to an entity for the execution of some activity through the establishment of rules and practices that are subsequently enforced and modified as needed to ensure the activity is successful. 2.2 Characteristics of Good Governance The implementation and execution of governance to meet a desired goal can either be positive or negative. The result of good governance is the achievement of a desired outcome. The United Nations Economic and Social Commission for Asia and the Pacific (UNESCAP) identifies 8 major characteristics of good governance: 3 2013-08-01
Participatory. Participation is a cornerstone of good governance. Participation could be either direct or through legitimate intermediate institutions or representatives. Consensus oriented. Good governance requires mediation of the different interests to reach a broad consensus on what is in the best interest of the whole community and how this can be achieved. Accountable. In general an organization or an institution is accountable to those who will be affected by its decisions or actions. Accountability cannot be enforced without transparency and the rule of law. Transparent. Transparency means that decisions taken and their enforcement are done in a manner that follows documented rules and regulations. It also means that information is freely available and directly accessible to those who will be affected by such decisions and their enforcement. Responsive. Good governance requires that institutions and processes try to serve all stakeholders within a reasonable timeframe. Effective and efficient. Good governance means that processes and institutions produce results that meet the needs of stakeholders while making the best use of resources at their disposal. Equitable and inclusive. Society s well-being depends on ensuring that all its members feel that they have a stake in it and do not feel excluded from the mainstream of society. This also means that all processes, decision-making, and mechanisms used will be established so as to minimize or avoid potential conflicts of interest. and Follows the rule of law. Good governance requires fair legal frameworks that are enforced impartially. This also requires discipline in that all parties have a commitment to adhere to the established organizational processes, procedures and authority structures. 2.3 Levels of Governance Governance structures can be put in place at various levels within an enterprise or programme 1. Each level will have a different purpose. The two levels of most relevance in the context of this document are: Data/Information Governance; Architecture Governance. 2.3.1 Data Governance Data governance (which should not be confused with data management) refers to the overall management of the availability, usability, integrity, and security of the data employed in an enterprise. A sound data governance program includes a governing body or council, a defined set of procedures, and a plan to execute those procedures. 2.3.2 Architecture Governance According to the Open Group [Ref 3], architecture governance is the practice and orientation by which enterprise architectures and other architectures are managed and controlled at an enterprise-wide level. It includes the following: Implementing a system to ensure compliance with internal and external standards and regulatory obligations 1 SOA, technology and IT governance are out of the scope of this document. Gartner defines IT governance (ITG) as the processes that ensure the effective and efficient use of IT in enabling an organization to achieve its goals. SESAR has discussed Service Oriented Architecture (SOA) governance for SWIM. 4 2013-08-01
Establishing processes that support effective management of the above processes within agreed parameters Developing practices that ensure accountability to a clearly identified stakeholder community, both inside and outside the organization Controls over the creation and monitoring of all architectural components and activities, to ensure the effective introduction, implementation, and evolution of architectures within the organization. Figure 1: Architecture Governance Framework - Conceptual Structure The key concepts of an architecture governance framework are illustrated in Figure 1 (taken from TOGAF [Ref 7]). It highlights, for example, the need to consider compliance, organizational standards and a repository as part of an architecture governance framework. 3 Ongoing activities within SESAR and FAA Within SESAR SWIM the focus has been on defining the architecture governance through a SWIM Standards and Architecture Group. However, the FAA has concentrated on defining governance of data (Master Data Management). Both approaches are complementary. Both approaches provide valuable experiences that can be leveraged in defining the ICAO AIRM governance framework. 3.1 SESAR SWIM CONOPS The SESAR SWIM CONOPS outlines key SWIM Principles that can be fed-into future discussions on a governance framework. These include the: Principle of open standards: SWIM services will be based on open and internationally agreed standards when fit for purpose. Principle of information and service life cycle governance: SWIM information and services will be governed throughout their life cycle. 5 2013-08-01
3.2 SESAR AIRM Governance The SESAR AIRM 2 is an integral part of the overall European ATM Enterprise Architecture (EATMA). SESAR AIRM governance mechanisms are already in place. They provide a framework within which the work towards producing the SESAR AIRM is carried out. The SESAR AIRM Governance Handbook [Ref 6] outlines: Who is involved in governance, their interests, duties and responsibilities; The items related to governance. Some of the items are classified as Managed Objects, meaning that any modifications to them constitute a modification to the SESAR AIRM; The change requests procedures. 3.3 SESAR SWIM Compliance Framework SESAR proposes a SWIM Compliance Framework [Ref 2]. This allows objects under assessment to demonstrate that they meet the requirements of the specified standards and specifications. The framework consists of two main components: Principles: the rules, templates and processes that are followed during a compliance assessment. Criteria: detailed list of criteria that should be applied during the assessment in order to determine the result. The result of the assessment is the assignment of a SWIM Compliance Level. SCL1 is the lowest level of maturity and SCL 4 is the highest. SCL1 and SCL2 allow an object under assessment to claim it is SWIM Ready while SCL3 and SCL4 allow the SWIM Compliant stamp. 3.4 FAA Master Data Management Master Data Management (MDM) is a set of processes and principles that consistently define and manage the core data entities of an organization. The goal of MDM is to ensure consistency, accuracy, security (authentication and authorization), and reliability of core data for use in business operations. Five roles are outlined in the FAA s MDM Concept of Operations [Ref 5]: A steward is a designated organization that originates and is accountable for quality and timeliness of data and information; The custodian is the organization designated as the party responsible for the integrity of data that has been transformed or copied for a business need; The technical steward is the designated person or organization responsible for the design and implementation of the infrastructure (data, applications, or technology); A stewardship community of practice (SCoP) is a cross-organizational set of subject matter experts (SMEs), who are responsible and accountable for the development and management of the requirements for a set of data/information within a subject area defined in the FAA (e.g. NAS base infrastructure information); The coordinator is the designated organization that provides user assistance and supports stewards in the use of the authoritative source or approved replicated source, but is not responsible for content. 2 The SESAR AIRM is being produced within the SESAR development phase and is not to be confused with the ICAO AIRM mentioned in the ICAO GANP. 6 2013-08-01
3.5 SESAR and FAA Registries Both FAA and SESAR are exploring registries. Registries are tools that allow a company to effectively manage the metadata of its products and services. Feedback from the FAA and SESAR trials may help identify suitable tools in support of ICAO AIRM governance. 4 Considerations for ICAO AIRM Governance 4.1 The Considerations Certain words and phrases recur within sections 2 and 3. These can be summarised as a number of considerations: Adhere to Good Governance ; Understand what is being governed; Define rules and standards to govern decision-making; Define roles, responsibilities and authorisations to make decisions; Define processes; Monitor performance. 4.2 Adhere to Good Governance As the ICAO AIRM will be a formal data/information model, it is important that a stringent approach is taken towards its governance. Conclusion: The ICAO AIRM governance framework must adhere to the characteristics of Good Governance. 4.3 Understand what is being governed The nature of governance changes depending on what is being governed and the desired outcome. Therefore, it is essential to know what is being governed and the desired outcome of the governance. This means the scope of global interoperability must be agreed. Conclusion: Set up an ICAO AIRM governance framework as part of the Global Interoperability Framework. 4.4 Define rules and standards to govern decision-making It is clear that rules and standards have to be written in order to govern decision-making. These should be based on an agreed set of high-level principles. An example of such a principle is: governance must enforce the principle of open standards 3. The principles have an impact on the precise rules to be followed. For example, to incorporate a principle of information and service life cycle governance would mean that if the ICAO AIRM changes the payload of a service may need to be changed. This knock-on effect needs to be acknowledged and rules established to manage it. The caution is that the rules cannot be too prescriptive. Therefore, consideration should be given to the principle of a performance-based approach (focus on the what rather than the how ). Individual state governance structures should be allowed to a certain degree of freedom within the construct of the global interoperability framework. 3 See the Appendix for the definition of open standard 7 2013-08-01
Conclusion: The first step towards ICAO AIRM governance is to write a set of principles. Conclusion: The principles already written within SESAR and FAA are good candidates e.g. open standard, lifecycle management and a performance-based approach. 4.5 Define roles, responsibilities and authorisations to make decisions There is a need to discover who is affected by governance (the stakeholders). Afterwards, the roles (e.g. custodian) and responsibilities of the stakeholders need to be defined. This should include what they are authorised to do and the rules they need to follow. The establishment of certain groups/units needs to be considered. For example, there may be a need for a Compliance Group (to define a compliance framework), an Assessment Unit (to evaluate objects under assessment ) and a SWIM Standards and Architecture Group (to agree which standards should be adopted as part of the ICAO AIRM). Obviously, not all roles need to be filled at ICAO level. Some roles may be left to states to fulfil. Conclusion: Stakeholders of the ICAO AIRM need to be discovered so they can be included. Conclusion: There is a need for an authority empowered to make sure the various roles satisfy their requirements. Conclusion: There is a need for agreed definitions of roles and responsibilities within the governance framework. Conclusion: Some roles should be allocated to the state to fulfil. 4.6 Define Processes Certain processes must be established to ensure that the ICAO AIRM governance is efficient. Some examples of the processes discussed are: A compliance process. Local data models should have the ability to be stamped as compliant with the ICAO AIRM. A change management process (which leads to need for a change control board). Tools that enable the automation of governance processes need to be identified and chosen. For example, Figure 1 outlines the need for a Repository. Conclusion: The need for compliance against the ICAO AIRM should be recognized. Conclusion: An authority is needed to assess whether the object under assessment is compliant. Conclusion: The compliance criteria need to be written. Conclusion: A registry can be a means to run the governance process. 4.7 Monitor Performance Once the ICAO AIRM governance framework is established, there is a need to monitor how it is functioning. For example, it is necessary to ensure decisions are documented and the decisions are followed. It should also be possible to refine the governance mechanisms themselves over time. Conclusion: The ICAO AIRM governance framework should be subject to monitoring so that it can be refined. 8 2013-08-01
5 Implementing Governance Moving towards an ICAO AIRM and Global Interoperability Framework will involve the creation of new authorisations, rules/policies, processes, and measures. This may have an impact on organizational models and cultures, and/or possibly modifying these components from the current environment. Conclusion: Therefore, there should be no big-bang but a planned, phased adoption of ICAO AIRM governance. 6 Recommendations Taking into account the discussions and conclusions outlined in this document, it is recommended to: Take note of the content and conclusions of this paper Support the idea to work towards a governance framework for the ICAO AIRM. 7 Summary Applying governance haphazardly will not result in the desired business benefits and will increase the likelihood of lack of buy-in for an ICAO AIRM and the failure of the Global Interoperability Framework. This document has outlined some initial consideration as far as ICAO AIRM governance is concerned. 8 Contributors Name Michael Burski Barbara L Cordell Paul Jackson Allen Perper Katrina Wilson Mariya Koleva Sam Van der Stricht Robert Suzić Scott Wilson Organisation FAA FAA FAA FAA FAA Eurocontrol Eurocontrol Eurocontrol Eurocontrol 9 2013-08-01
9 Appendix A A.1 Definition of an Open Standard Standard : Document, established by consensus and approved by a recognized body, that provides, for common and repeated use, rules guidelines or characteristics for activities or their results, aimed at the achievement of the optimum degree of order in a given context. [Ref 10 - ISO/TC Business Plans.] Open : The word "open" is here meant in the sense of fulfilling the following requirements: The standard is adopted and will be maintained by a not-for-profit organization, and its ongoing development occurs on the basis of an open decision-making procedure available to all interested parties (consensus or majority decision etc.). The standard has been published and the standard specification document is available either freely or at a nominal charge. It must be permissible to all to copy, distribute and use it for no fee or at a nominal fee. The intellectual property - i.e. patents possibly present - of (parts of) the standard is made irrevocably available on a royalty-free basis. There are no constraints on the re-use of the standard [Ref 4 - European Interoperability Framework] 10 2013-08-01