This paper presents our work-in-progress study on reference architectures as boundary objects for realizing trustworthy collaborative Cyber-Physical Systems (CPS). Furthermore, the preliminary results from interviews with systems engineering experts from industry and academia are also discussed. The interview results reveal challenges in using reference architectures during the system development process. Furthermore, exactly which trustworthiness attributes (security, availability, reliability, etc.) should be addressed to realize trustworthy collaborative CPS is identified as an open question, which we will address in our future work.

The development of large-scale software intensive systems such as cyber-physical systems (CPS) involves many different professionals, in particular engineers from several engineering disciplines. \emph{Boundary objects} are commonly used in this context to facilitate the interactions between engineers. These are artefacts that hold different meaning to several groups and serve as a means of translating information between them. This paper presents a scoping review investigating the current state of the boundary object concept, and factors that can affect the effectiveness of boundary objects, within the discourse on the development of complex CPS. The results contribute to theory by selecting a promising approach to overcome the overextension of the concept, and using this approach to leverage on two orthogonal aspects of boundary objects. The latter reveals a two-dimensional continuum along which boundary objects are more or less (a) \emph{transparent} or \emph{opaque}, and (b) a \emph{support} or \emph{limiter} on human activity. Furthermore, the results contribute to management concerns of systems and software development practice by considering which contextual factors that influence the efficacy of boundary objects used for complex CPS development. The findings call for practitioners to put more effort into understanding culture as an important contextual factor that either enables or acts as a barrier to the continued success of boundary objects. In particular, many boundary objects are currently evolving into ‘intelligent boundary objects’ as engineering tools increasingly integrate (generative) artificial intelligence to support human augmentation. This study suggests that the shared meanings, values and assumptions of those that develop these tools must be made transparent in the boundary objects generated by them, lest the ability of engineers to make well-informed, unbiased decisions is compromised.

Context: The complexity of large-scale, software-intensive systems demands collaborative efforts across engineering disciplines to assure that all system properties are correctly implemented. Effective communication and knowledge sharing among the involved engineering are critical for fostering this collaboration. As a result, engineering artifacts, such as reference architectures, play a key role as boundary objects—shared objects used by different communities to reach a mutual understanding. Objective: This study aimed to understand how engineer should utilize reference architectures as boundary objects, and explored the challenges in using them in the co-engineering of system properties. Methodology and Methods: Semi-structured interviews were conducted with 10 experts from two engineering disciplines focusing on system properties of particular importance to contemporary large-scale software-intensive systems development. To analyze the data, an abductive thematic analysis approach was used. Results: Reference architectures can be used as promoters of synergy, change, and learning by the engineers involved in the co-engineering of system properties. However, related challenges with regard to organizational contexts were identified. These findings underscore the need for further investigations into the relationship between the role of reference architectures, power, and organizational theory.

Cyber-Physical Systems (CPS) are evolving to become smarter, more autonomous, connected and collaborating. Provided with unprecedented capabilities, the CPS also represent unprecedented complexity and bring new risks that go beyond classical dependability. This paper outlines a framework for complex CPS with the purposes to facilitate holistic considerations of trustworthiness and its various attributes. The framework addresses trustworthiness from both technical (e.g., safety, reliability and security, etc.) and social perspectives (e.g. w.r.t. ethics, transparency and privacy). The framework is not intended primarily to replace existing CPS frameworks, but rather to complement them by providing an approach for incorporating trustworthiness considerations as a first class citizen. The workflow for the proposed framework is presented and we briefly outline its application to two use cases in the domain of intelligent transportation systems.

This study provides an evaluation of an architecture framework intended to support stakeholders in realizing trustworthy cyber-physical systems (CPS), referred to as the T-Framework. The framework explicitly addresses CPS complexity, including the fact that multiple trustworthiness aspects will need to be considered for contemporary CPS, from classical dependability aspects to ethical concerns involving artificial intelligence. In addition, this study also investigates the problems that are repeatedly encountered by the stakeholders involved in realizing trustworthy CPS. To achieve the goals of the study, the boundary object and knowledge boundary concepts from social sciences were used. These concepts are useful tools to examine how various involved stakeholders can cooperate on a project through the utilization of objects, even though they have different perspectives and conflicting interests. Focus groups were used as the methodological approach to gather feedback from various experts in CPS from industry and academia. Findings show that stakeholders repeatedly encounter problems when making trade-offs between trustworthiness attributes and system aspects, dealing with prioritization, and making final decisions. The findings further show that the T-Framework can potentially guide stakeholders in addressing these problems as a boundary object. Furthermore, based on the feedback from the participants, several aspects for improvements or additional consideration in the T-Framework were identified, including clarifications regarding the framework workflow and terminology.

Developing trustworthy cyber-physical systems (CPS) demands cross-boundary collaboration among stakeholders with diverse disciplinary backgrounds, often creating challenges in crossing knowledge boundaries. Boundary objects, i.e., artifacts that enable shared understanding across domains, can help mitigate these challenges. This study examines the trustworthiness framework (T-Framework), as a boundary object, to support cross-boundary collaboration in trustworthy CPS development. Specifically, it addresses two research questions: (1) To what extent does the T-Framework, as a boundary object, support the crossing of knowledge boundaries in the development of trustworthy CPS? and (2) How can the T-Framework and its associated method be extended to address any identified gaps? Drawing on theories of knowledge boundaries and boundary objects, the study empirically evaluates the T-Framework through focus groups with CPS practitioners from academia and industry. Insights from these focus group sessions inform refinement of the T-Framework and its method to address identified gaps in its capability to support cross-boundary collaboration. In addition, the findings highlight the importance of incorporating structured mechanisms into both the design and utilization of architectural frameworks to promote shared understanding, address conceptual misalignment, and balance stakeholder influence during cross-boundary collaboration in the development of trustworthy CPS.

The development of large-scale software-intensive systems, such as cyber-physical systems (CPS), is increasingly complex, influenced by both technical and human aspects. Technically, critical system properties like safety and cybersecurity must be addressed from the early development stages, as these properties are interrelated and impact one another. Managing them requires cross-disciplinary collaborations among diverse engineers, i.e., co-engineering practice. Reference architectures are often viewed as boundary objects, i.e., objects used by diverse groups to reach common ground, to facilitate these co-engineering practices. However, the effectiveness of reference architectures as boundary objects in fostering co-engineering practices can be shaped by power dynamics within and among teams. This study investigates how different types of power held by engineers influence their preferences for specific types of reference architectures. A mixed-method approach was employed, beginning with quantitative data collection through surveys distributed to engineers and key stakeholders, such as project managers involved in co-engineering safety and cybersecurity.