A simple business model ontology for commercial systems 

Context in source publication

Context 1

... days). Thus, it would be very useful to have a unifying framework for co-evolutionary innovation across many time scales. One major obstacle to research is the lack of formal methods for modeling innovation in general and co- evolutionary, adversarial innovation in particular. We believe that formal modeling of innovation processes will make a significant contribution by helping defenders increase their agility in defending against adversaries that innovate rapidly. Formal modeling of the innovation facilitates simulation, including multi-agent systems (MAS). (The agents in MAS represent intelligent actors or groups of actors, or formal organizations. They can also represent autonomous technical systems or socio- technical systems.) Simulations can be used to explore scenarios and to challenge conventional wisdom. They can help analysts explore the possible paths of innovation and to devise advantageous strategies that would ‘change the game’ in their favor. Operationally, simulation systems can integrate intelligence regarding attacker and defender capabilities. This would reveal gaps and possible consequences. This would then provide valuable guidance in system engineering, risk analysis, resource deployment, metrics and leading indicators, incentive systems, institution design, governance, regulatory mandates, etc. A useful starting place to model innovation is to study existing informal methods used by business and engineering practitioners. In this paper we consider three methods in particular: • Capabilities [2] [3] [4] • Business Models [5] • Pattern Language [6] These informal methods have the advantage that they have been tested, at least conceptually, by a community of practitioners who are innovating in real-world settings. Informal methods help the practitioners share their experience and what they have learned, and they also reinforce certain viewpoints and ways of acting. We can’t be sure if they are the best methods or even that they are widely used. The best we can say is that they are each sufficiently plausible for their given application and purposes. This is good enough for our purposes. But lack of formalization makes it hard or impossible to implement them in a computational model. Another obstacle is that they are not easy to use together because they operate on different levels of abstraction and define the system of interest in ways that are incommensurate. This presents an opportunity to formalize them so they can be used together in computational models aimed at simulating realistic scenarios. This paper presents two formalizations for modeling socio-technical innovation in adversary multi-agent systems. First, the informal concepts of capabilities, dynamic capabilities, and business models are combined into a formal model of ‘viable systems’. This simulates a type of holistic thinking where the various components and aspects are brought together into a whole system and considered according to its potential for performance in various environments. Second, the Pattern Language is generalized and formalized to provide an agent with the capability to generate and reason about alternative architectural solutions. This simulates a type of creative inventiveness. In future work, we will generalize and formalize a method of inventive problem solving to allow simulation of heuristic search in the design space. II. A FORMAL MODEL OF VIABLE SYSTEMS A system is said to be viable if the people in the system have good reason to believe that the system will perform well in the future, in the face of a challenging and selective environment. This concept of ‘viable system’ is close to the evolutionary biology notion of ‘fit’ and ‘fitness’. In contrast, ‘viability’ doesn’t imply that the system is optimal in the sense used by the engineers or economists. Viability is achieved and maintained through constant adjustment, anticipation, and a bit of imagination, not by any process of optimization or optimal selection. Agents in the system judge it to be ‘good enough’ and perhaps ‘better than most’. Thus, a ‘viable system’ is always a tentative judgment by the people in the system and can never be fully falsified because it’s not possible to rerun history to explore all the counterfactual paths. Because the future environment is hard or impossible to predict in this setting, people adopt heuristics that allow them to judge viability of alternatives ex ante and also to apply past experiences to new opportunities and environments. In this paper we adopt the concept of ‘business model’ as a viable system heuristic for commercial enterprises, and adapt it to adversarial settings. In the following, we draw primarily on Osterwalder [5]. In a commercial marketplace, a business model can be viewed ontologically as the interaction between three semantic entities – a target customer, a value proposition tuned to that target customer, and a set of capabilities that enable fulfillment of that value proposition (Figure 1). However, in the adversarial setting, we need to modify this ontology to reflect the coupling between attackers and defenders, as shown in Figure 2. What was previously called ‘value proposition’ becomes, for attackers, their exploitation scheme to extract value from their target. While a commercial value proposition is attractive to the target customer, exploitation is repugnant to the target entity. Conversely, the ‘value proposition’ of the defender is their protection scheme. Instead of providing ‘value’ to the target entity as in the commercial setting, protection provides risk reduction – roughly, it reduces the possible future downside costs of successful attacks. (The term “Asset Owner” is chosen for the domain of information security. Also, we assume the attacker is motivated by profit. Other motives could be incorporated without significant changes.) This business model ontology could be further extended to include a ‘Counter-attacker’, which could be a law enforcement agent or similar. But the extension in Figure 2 is sufficient to set the stage for co-evolutionary innovation. Osterwalder [5] expanded this into a complete and formal ontology for commercial business models. We adapt his business model ontology to one-way adversarial systems in the Fig. 3 below. For attackers, major ontology categories are: • Asset Interface : What assets does the attacker go after? How does it get access to those assets, and how does the attacker stay shielded (i.e. hide their actions and intent, cloak their identity, deflect counter-attacks, etc.) • Attack : What are the primary modes of attack and modes of exploiting target assets? This roughly defines the ‘business segment’ of the attacker. • Infrastructure Management : How the attacker efficiently performs operations, processes, logistics, management, learning, and innovation, and in what organizational form? • Financial Aspects : How does the attacker monetize the results of their attacks? What is their cost structure? How is the business model sustainable? The defender’s ontology would have the same categories, but would be defined slightly differently. For example, in Financial Aspects, the defender’s equivalent to “revenue” is “loss”, and their equivalent to “profit” is “risk”. (Detailed description of the ontology of both business models is beyond the scope of this paper.) Osterwalder [5] created a markup language for his ontology called BM 2 XL. It can easily be adapted to the one-way adversarial system following the approach used above to adapt the top-level ontology. This formal ontology provides modelers with a way to define the computational agents and objects in the adversarial system. But it doesn’t provide any way to for agents to understand how a given business model might perform in a given situation and it doesn’t give the agents any method for modifying business models or creating new ones. That is why we need to add formal descriptions of capabilities and, later, the pattern language. Broadly speaking, ‘capabilities’ are how anything gets done in the face of some resistance, difficulty, or constraints, with an eye toward efficient and effective performance. Capabilities require resources, which could be in the form of physical assets or inputs, physical energy, activity of people, data or information, and time. Moreover, capabilities require knowledge and skill to put into action, and this is usually developed through experience, also known as learning-by-doing. Wallin [7] describes capabilities as repeatable patterns of action in the use of assets to create, produce, and/or offer products and services to the market. Capabilities can be performed internally or they are outsourced to partners. In information security as elsewhere, information and communication technology (ICT) has made it possible for both attackers and defenders to "unbundle" and outsource capabilities and resources that do not belong to their core competencies [8]. Abstractly, capabilities can be seen as defining the upper limits of feasible performance or results for a given set of resources and skills. But putting capabilities into action may take time and effort to ramp up. Thus, capabilities define the scope of strategic options and the frontier of possibilities, and not the actual performance at any specific time. The concept of capabilities is used widely in management science and related fields. In the Resource- based Theory of the firm (RBT) [9], capabilities that are unique and hard to replicate are seen as the major source of sustainable competitive advantage and profitability. A firms’ capability to innovate its capabilities has been called ‘dynamic capabilities’ [4], which is a central theme in evolutionary economics. The concept of capabilities has also been used extensively in military planning [10]. From a design point of view, capabilities can be seen as a type of external specification. Gero [11] defined the Function-Behavior-Structure (FBS) ...