No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Automotive SPICE for Cybersecurity – MAN.7 Cybersecurity Risk Management and TARA
Abstract
The Automotive SPICE for Cybersecurity Assessor Course has been developed in Q4/2021 and launched in Jan. 2022. From 6th July 2022 onwards Automotive projects need to declare the coverage of cybersecurity norms (UNECE 155, UNECE 156, ISO 21434) for the homologation of the vehicles in the EU. All car makers request in their customer requirements documents the performance of a TARA (Cybersecurity Threat and Risk Analysis) and all ASPICE assessments for cybersecurity need to evaluate the capability of the process MAN.7 Risk management for Cybersecurity. The Base Practices of MAN.7 are related to the steps of performing and tracking a TARA. In the EU project CyberENG a training for cybersecurity managers and cybersecurity assessors is currently developed which explains how such a TARA is performed and what steps and attributes need to be considered. For the development of the iNTACS ASPICE for cybersecurity assessor training the SOQRATES group contributed practical examples for MAN.7, and SEC.1 to SEC.4 to the course development. This paper outlines how the TARA based on ISO 21434 and ASPICE for cybersecurity is structured and uses the example from the CyberENG project to explain it in practice. KeywordsCybersecurity assessmentCybersecurity threat and risk analysisTARAMAN.7 risk management for Cybersecurity
... -It is very helpful to take into account ASPICE, safety, and security elements [17] regarding the system to be evaluated -Assessors must have a thorough understanding of the work product [4] -Management and support processes were found to be lacking [24] -The system being evaluated is not stand-alone, thus the system's interfaces must be taken into account [21] 3 Types of Audits New cybersecurity-related processes [36] to be examined as described in section 2.2 -Cybersecurity were included to the Automotive SPICE 3.1 assessment model's 2021 extension [36], which was published. The connections between the processes MAN.7 and SEC.1 to SEC.4 are highlighted in Figure 4. MAN.7 evaluates TARA (Threat and Risk Analysis) management and produces cybersecurity objectives and risk management decisions [22]. SEC.1 takes the cybersecurity goals as top-level requirements and further develops them into cybersecurity system, software, and hardware requirements [5,25] while also taking threat modeling at various tiers into account. ...
... SEC.1 takes the cybersecurity goals as top-level requirements and further develops them into cybersecurity system, software, and hardware requirements [5,25] while also taking threat modeling at various tiers into account. SEC.2 improves the design, incorporates cybersecurity measures [4,22,20,21,26], and enriches them with controls. The cybersecurity standards are assessed as part of SEC.3's planning and implementation of the cybersecurity verification. ...
ASPICE has been designed to help automotive suppliers build embedded systems and assess the effectiveness of workflows. Processes for software, systems, quality assurance, configuration management, problem solving, change management, project management, and supplier monitoring are included in the ASPICE framework as defined by the VDA (Verband der Automobilindustrie). It outlines a technique for determining the maturity of the process by placing the PAM at its core. In addition, HW Spice is considered since, in contrast to mechanical Spice, it is crucial for cybersecurity. Based on ASPICE, VDA has developed the procedures for cybersecurity engineering, cybersecurity risk management, and supplier request and selection. The technical team and assessors have more work to do when the ASPICE assessment is expanded to include cybersecurity processes in order to comply with standard ISO/SAE 21434. The VDA also includes Guidelines and Recommendations for rating techniques in accordance with the NPLF system of ASPICE for processes listed in VDA Scope and for Cybersecurity. This study examines the questions that ought to be covered throughout the assessments with a concentrate on work products in order to raise the caliber of the output.
This paper documents the results of the PIM.3 (Process Improvement Management) working group in INTACS (International Assessor Certification Schema) supported by the VDA‐QMC (Verband der Deutschen Automobilindustrie/German Automotive Association–Quality Management Center). INTACS promotes Automotive SPICE, which is an international standard that allows process capability assessment of projects, which implement systems that integrate mechanics, electronics, and software including optionally cybersecurity, functional safety, and machine learning. The paper outlines that for the first time since more than 20 years, the INTACS and VDA‐QMC included a process like PIM.3 Process Improvement Management in the scope for the assessor training. Before that, the assessments focused on the management, engineering, and support processes of series projects, while the improvement management has not been trained or assessed.
div class="section abstract"> Recent advancements towards autonomous heavy-duty vehicles are directly associated with increased interconnectivity and software driven features. Consequently, rise of this technological trend is bringing forth safety and cybersecurity challenges in form of new threats, hazards and vulnerabilities. As per the recent UN vehicle regulation 155, several risk-based security models and assessment frameworks have been proposed to counter the growing cybersecurity issues, however, the high budgetary cost to develop the tool and train personnel along with high risk of leakage of trade secrets, hinders the automotive manufacturers from adapting these third party solutions. This paper proposes an automated Threat Assessment & Risk Analysis (TARA) framework aligned with the standard requirements, offering an easy to use and fully customizable framework. The proposed framework is tailored specifically for heavy-duty vehicular networks and it demonstrates its effectiveness on a case study. The proposed framework incorporates the findings of UN Task Force on Cyber Security and over-the-air (OTA) issues and guidelines from ISO/SAE 21434 to identify the security lapses in the design phase of a vehicular electrical and/or electronic E/E network. It is designed to automate the process of TARA, thereby assisting the security analysts and reducing the inconsistencies in TARA evaluation. It draws the architectural model of the case study using data flow diagrams (DFD), performs threat modeling, estimates the risk value for the system and suggests controls for the reported threats. The versatile nature of the framework enables it to be adapted for threat modeling of other types of vehicles and cyber physical systems in general. *
</div
A modern car is like an IT network. Car makers became IP service providers, and each car has a gateway server with a fixed IP address. Gateway servers are connected to domain controllers and each domain controller has a subnet of ECUs. An ECU (Electronic Control Unit) represents an embedded system integrating electronics, sensors, software and actuators. Such an IT service and communication-based architec-tures makes the vehicle vulnerable to attacks from outside. The UN (United Nations) reacted on this situation and published the UN 155 regulation for Cybersecurity Management Systems and UN 156 for Software Update Management Systems for automotive. This paper discusses what assessments and audits the automotive industry has been implemented to address the requirements for UN155 and UN156 and illustrates recent research done to closer link the different types of assessments and audits for cybersecurity. These different types of assessments and audits can be supported by the tool Capability Advisor (CapAdv).
Cybersecurity has become one of the most crucial challenges in the automotive development lifecycle. The upcoming ISO/SAE 21434 standard provides only a generic framework that is insufficient to derive concrete design methods. This article proposes an actionable cybersecurity development lifecycle model that provides concrete action and work product guidance aligned with the ISO/SAE 21434 and Automotive SPICE® extension for cybersecurity. The model has been inspired by action research in “next” industry practice pilot projects, which ensures that it is actionable. It has been augmented by insights gained from literature research in cybersecurity development for embedded systems. The proposed lifecycle model complements the ISO/SAE 21434 standard and provides the basis for the company-specific process and practice specifications. It has been validated through the integration of cybersecurity-related aspects in an electric power steering system. A core characteristic of the model is the central role of threat modeling, vulnerability analyses, and cybersecurity requirements derivation on both system and subsystem levels. Without concrete practice guidelines, the ISO/SAE 21434 is very difficult to understand and apply at this stage. This contribution aims to fill this gap through a model inspired by cutting-edge embedded cybersecurity practices interpreted for the current and near-future automotive electronic architectures.
This is a special issue in cooperation with EuroSPI (www.eurospi.net). EuroSPI represents a large international network of renowned experts and annual European conference series running successfully since its foundation in 1994. From 2013 onwards, an international functional safety and from 2016 onwards a functional safety and cybersecurity workshop has been established, to which leading European and Asian industry and research have been actively contributing to.
High-quality, original papers about best practices for implementing functional safety and cybersecurity in automotive, IT, and connected services have been selected for this special issue. They provide insights into the current state of the art implementations in automotive safety and cybersecurity, IT security, and safety in future highly autonomous self-learning vehicles.
Among the strong trends that are impacting society, autonomous driving stands out clearly as one of the prime candidates to cause disruptive changes in automotive industry. Fully automated driving is identified as a major enabler for mastering the grand societal challenges of safe, clean, and efficient mobility. A major probation for highly automated driving is the step change from partial to conditional automation and above. At these high levels of automation, the driver is unable to intervene in a timely and appropriate manner. Consequently, the automation must be capable of independently handling safety-critical situations. Fail-operational behavior is essential at all layers of automated driving. These layers include sensing, computation and vehicle architecture. The PRYSTINE project targets realization of Fail-operational Urban Surround perceptION (FUSION), based on robust Radar and LiDAR sensor fusion, and control functions enabling safe automated driving. PRYSTINE addresses development and validation of new fail operational platforms, as well as high performing and dependable sensor fusion on different levels. In this paper, an overview of fail-operational approaches on different layers (vehicle and sensor level) is provided, together with a description of the interplay between safety and security aspects. It is further enhanced with description of a fail-operational sensor-fusion framework on component and system level.
The trends for connected and automated vehicles and their related technologies are radically changing the automotive industry: from engineering automotive systems, through their production and down to their use. All of these phases will be characterized by a high level of dynamism: the driving behavior of automated cars and production processes in a factory will likewise be controlled by learning and adaptive systems that evolve over time to deal with quickly changing tasks and environments. Automated cars on the roads and robots in factories are both highly mobile and need to collaborate in dynamic neighborhoods. What are the ICT infrastructures and engineering methods that are required to build such highly dynamic but at the same time trustworthy autonomous systems? In this position paper we argue that in the context of infrastructure, a “Decimeter Internet” will be needed that offers low-enough communication latencies, adequately accurate localization plus update rates equal to the task of dependably controlling mobile cars and robots at decimeter level. With respect to engineering methods, we argue the strong need for approaches, which will ensure the dependability of learning and adaptive systems that change their behavior during runtime.
The evolution of IoT technology is opening new avenues for value creation in many domains. The automotive industry is impacted on by several additional trends. One of those is autonomous driving (AD), which needs to be propped up by integration of Internet of Things (IoT) and Cyber-Physical Systems (CPS) to improve user acceptance. Strong reliance of proposed solutions on communication and data management, as well as on a variety of complex and heterogeneous architectures and components exposes a range of vulnerabilities. The weaknesses are strongly correlated to dependability, which is crucial factor for success of AD. IoT4CPS, a flagship Austrian project, contributes to improvements in required dependability. It is developing guidelines, methods and tools for safe and secure integration of IoT into AD and corresponding smart production. The project addresses safety and security aspects of AD in a holistic manner. Some of the resulting considerations are described in this paper, alongside possible solutions based on virtualisation through usage of digital twins.
Highly autonomous vehicles will have no steering wheel, will not need a driver interaction and will have some new design strategies to allow self-driving of vehicles. This paper will take a look at design patterns which are implemented in recent car developments and which are used to release self-driving cars to the road. To reach fail operational architectures different car manufacturers invest into new car models and governments in Germany and USA currently work on a new insurance law where not drivers but cars are assured. In this paper we come up with a first list of highly autonomous vehicle (system) design patterns which will evolve over the next years.
Today many connected and automated vehicles are available and connectivity features and information sharing is increasingly used for additional vehicle-, maintenance- and traffic safety features. This highly connected networking also increase the attractiveness of an attack on vehicles and the connected infrastructure by hackers with different motivations and thus introduces new risks for vehicle cybersecurity. Highly aware of this fact, the automotive industry has therefore taken high efforts in designing and producing safe and secure connected and automated vehicles. Therefore the domain invested efforts in the development of industry standards to tackle automotive cybersecurity issues and protect their assets. The joint working group of the standardization organizations International Organization for Standardization (ISO) and Society of Automotive Engineers (SAE) has recently established and published a committee draft of the “ISO-SAE Approved new Work Item (AWI) 21434 Road Vehicles - Cybersecurity Engineering” standard. In addition to that SAE is also working on a set of cybersecurity guidance, ISO is addressing specific automotive cybersecurity related topics in additional standards and European Telecommunications Standards Institute (ETSI) and International Telecommunication Union (ITU) is working on security topics of connected vehicles. Further activities are national and international regulations on Automotive Cybersecurity. In the course of this document, a review of the available work and ongoing developments is given and the outline of the automotive cybersecurity framework is given. The aim of this work is to provide a position statement for discussion of available standards, methods and recommendations for automotive cybersecurity.
Currently developed automotive systems exhibit an increased level of automation as well as an ever-tighter integration with other vehicles, traffic infrastructure and cloud services. Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cyber-security as an integral part of the development of modern vehicles. Novel features, such as advanced driver assistance systems or automated driving functions drive the need for built-in security solutions and cyber-security aware system design. Unfortunately, there is still a lack of experience with security concerns in the context of safety engineering in general and in the automotive safety departments in particular. A European partnership developed a skill set, training materials and best practices for ISO 26262 in the context of the EU project SafEUr. This working party (SoQrates working group) shares knowledge and experiences and integrated the Automotive SPICE assessment model with functional safety requirements, which was further used in integrated Automotive SPICE and safety assessments. The members of the SoQrates working group are, to a large extent, certified Automotive SPICE assessors dealing with security-related project in practice. From 2016 onwards, the SoQrates working party started to analyse the SAE J3061 cyber-security guidebook and integrated the additional requirements of SAE J3061 into this assessment model. This paper will summarise the previous results and extensions of the assessment model and the working group’s vision, how an Automotive SPICE assessor can support also the auditing of projects with close security relation.
This paper discusses the extension of AQUA (Automotive Knowledge Alliance AQUA – Integrating Automotive SPICE, Six Sigma, and Functional Safety) into the higher education studies. Follow-up project Automotive quality universities (AQU) aims to the adaptation of the AQUA integrated concept to the universities ECTS granted courses. The goal is to bridge the knowledge gap between the automotive industry needs and graduates capabilities in the area of Automotive SPICE, Functional Safety and Six Sigma. The integrated concept of AQU and AQUA complex approach to the education of graduates and engineers to enhance the knowledge in this area is described.
The automotive industry has an annual increase rate of software implemented functions of about 30 %. In the automotive domain the increasing complexity of systems became challenging with consumer demands for advanced driving assistance systems and automated driving functionalities, and the thus broadening societal sensitivity for security and safety concerns, such as remote control of cars by hacking their IT infrastructure.
As vehicle providers gear up for the cyber-security challenges, they can leverage experiences from many other domains, but nevertheless have to face several unique challenges. The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides high-level principles for automotive organizations to identify and assess cyber-security threats and design cyber-security aware systems in close relation to ISO 26262. Although functional safety and cyber-security engineering have a considerable overlap regarding many facets, such as analysis methods and system function thinking, the definition of system borders (item definition vs. trust boundaries) often differs largely. Therefore, appropriate systematic approaches to support the identification of trust boundaries and attack vectors for the safety- and cybersecurity-relates aspects of complex automotive systems are essential. In the course of this paper, we analyze a method to identify attack vectors on complex systems via signal interfaces. We focus on a central development artifact of the ISO 26262 functional safety development process, the hardware-software interface (HSI), and propose an extension for the HSI to support the cyber-security engineering process.
AQUA stands for Knowledge Alliance for Training Quality and Excellence in Automotive. The AQUA project is financially supported by the European Commission in the Leonardo da Vinci part of the Lifelong Learning Programme under the project number EAC-2012-0635. This paper extends the EuroSPI 2013 publication [4] which discussed (based on the EU project AQUA) how the core elements of three complementary approaches (Automotive SPICE, Functional safety, Six Sigma) and standards can be integrated into one compact skill set with training and best practices to be applied. In this paper we describe the modular knowledge base which was elaborated and highlight some aspects where the integrated use of all three methods can be demonstrated. The results of the project are disseminated to Automotive industry in partnership with a set of European Automotive associations.
This paper discusses (based on the EU project AQUA) how the core elements of three complementary approaches and standards can be integrated into one compact skill set with training and best practices to be applied. In this project experts from Automotive SPICE (ISO 15504), Functional Safety (ISO 26262) and Lean Six Sigma collaborate. In a first analysis the experts identified an architecture of core elements where all three approaches fit together and where a holistic view about improvement is needed. The Automotive Clusters from Austria and Slovenia are trial partners and will roll out this knowledge in pilot courses to the industry. Other Automotive Clusters showed interest and will join the trial phase.
Looking back to the last 10 years of SPI, we can see a rapid change of focus from models to people. Models like CMMI, SPICE, Information Technology Infrastructure Library (ITIL) or others still will remain useful. However, they do not have the power to create competitive advantage. What we see in all analysed approaches is that people really count. That competitive advantage has one important source in the commitment and the responsibility of people for their processes in terms of effectiveness, efficiency and results quality. And it has also a source in the people's attitude to reasonable changes. Even if the approaches of Hammer, Jacobson, the ImprovAbility Model, the SPI manifesto, the ECQA Scheme and the SPI manager qualification scheme seem to be different on the first view, they all agree on the relevance of people and their needs.
The Automotive SPICE for Cybersecurity Assessment Model has been published as a first version in February 2021. It will be used for cybersecurity homologation assessments of projects. A new UNECE norm requires from summer 2022 onwards the presence of a CSMS (Cybersecurity Management System) for organisations and the VDA AK13 published in Feb 2021 a new assessment model for the cybersecurity of Automotive development projects. The SOQRATES group as a working party of Automotive suppliers and research and training bodies has developed a cybersecurity engineer job role and training and best practice examples of how to cover the new security engineering practices. Also, first trials of using the new security related questions have been done and first experiences are shared in this paper.
Technological progress and new lifestyle demand is changing the way we live and affects the future development and usage of technologies in different areas including the automotive sector. According to this demand, the future car is aiming to be smart, clean and autonomous. To be able to achieve that in the relatively short time given by the social demand, we need to assess, evaluate and establish a combination of new, emerging and existing skills pools to define future job roles and skills required for the design, production and maintenance of cars. Mapping these skills onto the phases of engineering, production, and maintenance in the automotive life cycle outlines an interesting future picture of a vehicle that will integrate smart technologies, smart production, smart maintenance and continuous machine learning. In this paper the job roles supporting this future are proposed and discussed.
Vehicle functions are 90% controlled by electronic and software thus, modern vehicles need to comply with cybersecurity standards and data security law. Under the EU Blueprint for Automotive - DRIVES project (www.project-drives.eu), key skills and job roles for future Automotive development are designed. These also include cybersecurity management, cybersecurity engineering, and cybersecurity testing. The working party SOQRATES (www.soqrates.de) agreed to develop the pattern of such skills set in cooperation with DRIVES. Also, to share required best practices and skills to be transferred to allow implementing the norms. This paper provides an overview of the current version of the skills set, and an example of what type of best practice is shared.
The VDA Guidelines used for the interpretation of ASPICE 3.1 contain many rules and recommendations and allow to check the consistency of ratings in an assessment. The VDA Guidelines contain detailed procedures and templates to be used in planning, performing and reporting an assessment. However, an assessment is only a small part compared to the support and effort needed to improve a project (level 2) and to establish a companywide process (level 3). While the ISO norm ISO/IEC TR 33014:2013 (Information technology – Process assessment – Guide for process improvement) defines a process improvement process, this has not been considered so far in the VDA Guidelines. In this paper we will (1) outline a proposal submitted by the SOQRATES working group (www.soqrates.de) to iNTACS and VDA AK 13, (2) describe the improvement guide from ISO, and (3) discuss Dos and Don’ts per principle of the SPI manifesto based on the experience from improvement projects.
Nowadays many projects are distributed with e.g. the project management in one country, the systems development in another, and software development even on another continent. Travelling restrictions, even more so in Corona virus times, lead to a lot of issues to be solved when performing an assessment in such a largely distributed setting. This paper describes experiences with online distributed assessment and describes case studies of how this was implemented and lessons learned. In addition the paper describes how the infrastructure helped in applying the Automotive SPICE 3.1 assessment model and the VDA Automotive SPICE Guidelines. The VDA Automotive SPICE Guidelines (blue-gold book [2]) contain rules and recommendations to interpret ASPICE 3.1 and also consider dependencies in the ratings. Assessors are now confronted with hundreds of additional rules and recommendations.
DRIVES is a 4‐year project created to deliver human capital solutions to the automotive supply chain and small‐ and medium‐sized enterprises (SMEs). The establishment of an Automotive Sector Skills Alliance covers all levels of the value chain (vehicle production, supply, sales, aftermarket services, and disposal). The automotive sector is facing many disruptive changes in this rapidly changing world. This paper, based on literature review, outlines the drivers of change that impact future developments in the automotive industry. This serves as an input to a questionnaire, which will provide a prioritisation and guidance to which direction the DRIVES project proposed and European Union (EU) skills agenda should concentrate.
When applying the Automotive SPICE 3.1 assessment model the VDA Automotive SPICE Guidelines need to be considered. This has an impact on the assessment planning, the interpretation of base practices and generic practices and the assessment reporting. The VDA Automotive SPICE Guidelines (blue-gold book [2]) contain rules and recommendations to interpret ASPICE 3.1 and also consider dependencies in the ratings. Assessors are now confronted with hundreds of additional rules and recommendations. The paper outlines from first experiences about how to handle this additional effort.
The introduction of automated vehicles to the market raises various questions and problems. One of those problems is the trustworthiness of the automated systems and in this connection the user’s perception and acceptance. The user’s perception is especially important during SAE level 3 automated driving (L3AD), where the driver has to be able to resume vehicle control, and during the initial deployment of automated systems, where mixed traffic situations occur, in which automated and human-driven vehicles share the same road space. The Horizon 2020 project TrustVehicle aims at investigating critical scenarios, especially in mixed traffic situations and under harsh weather conditions, and at improving the trustworthiness and availability of L3AD functionalities through a user-centric approach.
Cars of the future (ADAS – Autonomous self-driving assistant) will need to cover a number of new standards for mechatronic design and networking of the car in the cloud. This includes job roles for ISO 26262, IEC 61508 (functional safety), SAE J3061 (cybersecurity), etc. For instance, a car driving on a street will exchange information with neighbouring cars and learn the right steering angle, speed, etc. while the driver is using the car like a work place. Manufacturers plan to produce from 2030 only cars which have such a self-driving function incorporated. The design of new electric cars will require new infrastructures, new energy management, new battery concepts, and also new materials design (light weight and still resistant), and the job role pool will include these key skills as well. The production of cars will be with connected plants, robots to be programmed, and central production servers to coordinate the industry 4.0 type of production virtually across the world. And the new cybersecurity norm SAE J3061 will develop further in the next years because by moving the cars to the cloud and the production to industry 4.0 leaves Europe’s industry vulnerable to attacks if this is not handled. Also the medical systems move towards an IoT (Internet of Things) approach where people receive implants which read out the data and transport them to the mobile which forwards the data to a medical service in the cloud where data are used by states and hospitals.
Driven by the rapidly increasing share of embedded automotive systems implementing functions for powertrain control, comfort, and driver assistance, the automotive industry has driven the establishment and deployment of standards for ensuring the quality of both the related products and the development processes. While Automotive SPICE (ASPICE) has been transforming the development processes of automotive embedded systems since 2003, the ISO 26262 standard has been applied to cover the integration of functional safety into these systems since 2011. This has become necessary, since an increasing number of automotive embedded systems are safety critical; that is, their malfunctioning might lead to hazards in particular situations. The next particular challenge automotive original equipment manufacturers (OEMs) and their suppliers are facing is cybersecurity, that is, the protection of vehicles and their highly networked electronics subsystems from IT security threats. This article gives a contribution to the OEMs’ and suppliers’ increasing efforts to achieve the integration of ASPICE, functional safety, and cybersecurity in their development processes. Building on their works aiming at the integration of ASPICE and functional safety published previously in SQP, the authors suggest methods to integrate cybersecurity considerations as well.
In 2009 and 2010 [6], [7] papers were published at EuroSPI explaining how a task force of leading suppliers extended Automotive SPICE with additional practices to cover aspects of IEC 61508 and ISO 26262 as well. In 2011 [8] the partnership published at EuroSPI an example of how Automotive SPICE compliant engineering processes have been extended to cover functional safety architectures as well. This integrated assessment model has been used in 2011 in trial assessments at Tier 1 (leading Automotive) suppliers and in this paper we describe the lessons learned and the next steps the working group is taking in 2012.
The AOUA Automolive Sector Skill Alliance integrates core elements of three complementary disciplines in automotive into one practical, compact skill set. Alliance experts on Automotive SPICE (ISO 15504], Functional Safety (ISO 26262), and Six Sigma collaborated to collect best integrated practice and devise a training with personal certification. The AOUA skill set is highly modular, and comprises 11 learning elements, each with four very compact subviews: Automotive SPICE, Functional Safety, Design for Six Sigma, and an integration view. Some integrated topics are highlighted and illustrated by an example: integrated development process, multidiscipline information flows, and entangled iterations. AOUA courses are currently offered via automotive clusters and training providers across Europe, and as regular university courses. Feedback confirms AOUA is meeting a vital demand in automotive not covered so far
Software process improvement (SPI) can be seen as a profession having its own competence needs and its own community of interest. European projects EQN and EU Cert have defined skill sets and a common certification scheme for about 20 professions, mainly in the IT domain. European Certification and Qualification Association ECQA is created to manage certification and provide the necessary infrastructure. A common way to approach the IT domain from a process perspective is the ‘3S’ concept (Software, Systems, Services). Software process can be seen as the first spearhead among these. The first software process models, such as CMM and SPICE, have already existed for about 20 years. With all the experience that the models bring, it is reasonable to start the PI profession from the software process. Software Process Improvement Manager (SPI Manager) is one of the new topics in ECQA. The development of the SPI Manager training and certification scheme has been done in many small steps so far. This paper explains the current structure and the main components of SPI Manager competences, training needs and the certification scheme. Several other schemes will be developed in the future for process improvement-related competences. The current version of the SPI Manager skill set is mainly based on software, systems and service processes and their related reference models. It could also be used in the future in domains other than IT. Copyright © 2010 John Wiley & Sons, Ltd.
Many new product development (NPD) companies must nowadays work under turbulent conditions. The market competition is often fierce, while at the same time new and sometimes even disruptive technological uncertainties emerge. Speed and flexibility are ...
In 2005 Automotive SPICE (based on ISO 15504) has been published (see http://www.automotivespice.com) and used in major automotive firms world wide. In parallel the topic ‘Functional Safety’ became important due to changes in liability law and the development of IEC 61508 as an application and branch independent standard for functional safety. As a result, ISO WD 26262 a ISO draft for functional safety has been initiated classifying systems with ASIL (automotive safety integrity levels) levels and requiring additional processes, techniques, and methods to illustrate the competence for managing systems that have an impact on the loss of lives.
An Automotive SPICE assessment usually takes (for the processes defined in the scope of the German automotive manufacturing association) 4 days per project. Adding the scope of a safety assessment this dramatically increases the number of hours used in assessments. In a working group of major automotive suppliers and assessment tool suppliers, we developed from 2005 to 2009 an integrated assessment approach. Portals in the above-mentioned automotive suppliers already use this environment.
The working group that elaborated the methods and tools described in this paper are part of the SOQRATES initiative (http://www.soqrates.de) where more than 20 leading German firms collaborate in cross-company task forces.
In this paper, we want to explain the results of the analysis done, the assessment model applied, and what kind of reports the integrated assessment environment is producing. The results of all work (except of the proprietary assessment tools) will be made public to all suppliers in 2009. Copyright
Best practices in e-commerce: strategies, skills, and processes
- E Feuer
- R Messnarz
- N Sanchez
Innovation and transformation in a digital world-27th interdisciplinary information management talks
- C Schmittner