Tag Archive for: Requirements & Requirements Management

Jama Software is always looking for news that would benefit and inform our industry partners. As such, we’ve curated a series of customer and industry spotlight articles that we found insightful. In this blog post, we share an article, sourced from AECMagazine, titled “Cyberattacks: safeguarding contractors” – originally published on May 22, 2024, and written by Ben Wallbank.

Cyberattacks: Safeguarding Contractors

It’s every construction firm’s biggest nightmare: criminals taking control of their data and holding them to ransom. Ben Wallbank, Trimble, shares some best practices to mitigate cyberattacks

Cybersecurity and cybercrime often conjure up images of hackers in dark hoodies, sneaking in the digital back door. In reality, nearly 90% of corporate cybercrime, such as phishing or ransomware attacks, is a result of employee error.

The UK construction industry is no exception and could be an even greater target than other industries. Protecting massive amounts of data, including warranty and latent defect remediation periods, makes contractors attractive to cyber criminals. Cybersecurity is so crucial to construction that the National Cyber Security Centre produced a construction industry-specific guide, along with the Chartered Institute of Building (CIOB).

Cybercriminals who target the construction industry usually do so by accessing, copying, and sharing data illegally or by installing malware on a company’s computers and network, taking control of files, and holding them for ransom. It’s called ransomware, and it’s probably the most common and one of the most debilitating types of cybersecurity breaches in the construction world.

Each year, we hear of new cyberattacks, taking critical infrastructure offline and crippling construction businesses worldwide, including many here in Europe. These attacks cost billions of pounds a year and can cause whole cities, businesses, and services to grind to a halt.

UK contractors should follow these best practices to safeguard against cyberattacks and improve outcomes in case of an attack.

Create a business continuity plan

Preparing for the worst puts your business in the best position moving forward because you can act quickly and have more control of the outcome. A solid cyber security disaster plan can get quite detailed. It should be consistently reviewed, practiced, and updated to net the best results in case of an incident. At a minimum, a business continuity plan should include the following:

  • Name of a leader to act as a central resource to manage disaster recovery across multiple departments.
  • A communication plan for sharing key messages and managing crises with employees, clients, and additional project stakeholders.
  • A maintenance plan for a continually updated (and backed up) list of employee contact information and asset inventory.

RELATED: Six Key Challenges in the Architecture, Engineering, Construction, and Operations (AECO) Industry and How to Solve Them with Jama Connect®

Backup all data

A crucial aspect of any good cyber security plan is to make sure that everything is backed up, preferably on the cloud or physically on an offsite server that’s not on your network. Backups should be frequent and automated, so ask your IT provider to set them up so that they either happen in real-time (if you’re backing up to the cloud) or that they run daily after everyone has left the office.

Secure mobile devices

Mobile devices are more challenging to secure than other data systems, but just as critical. Utilizing an enterprise management platform, such as Cisco Meraki, allows you to maintain enterprise-level control over all of your devices. These kinds of platforms ensure that individual devices are still managed centrally, and contractors can limit software installation, track devices using GPS, disable devices, and more.

Protect software and servers

When it comes to software and security risks in construction, contractors should choose platforms and software providers that take security seriously. Granular permissions, user-friendly management systems, and multi-factor authentication, for instance, are all must-haves in any construction software.

By using cloud-based, connected construction software, contractors shift the responsibility of maintaining servers, ensuring SOC 2 Type II compliance, and data backup and storage. Project and business data backups happen automatically, providing daily protection, with costs often included or rolled into users’ subscription costs. New software features and security functionality are also rolled out automatically.

By coupling the backups with cybersecurity protections, cloud vendors use the latest technologies to thwart cybercriminals and provide an extra level of protection not otherwise achieved through in-house backups. When shopping for business software, make security one of your first discussion points.

Additionally, your web and email servers need to be properly protected to avoid online attacks. Physical network servers need to be secured, and you need to ensure that any cloud-based solutions you’re using also implement rigorous security protocols.

RELATED: Jama Connect® Amazon Web Service (AWS) GovCloud US Hosting

Assure employee buy-in

Cybersecurity protection in construction requires every employee at every level to be fully engaged and actively vigilant. There are several steps to take to make that happen:

  • Ensure all employees receive regular cybersecurity training, especially if online workflows or procedures change.
  • Welcome feedback from team members and update cybersecurity policies and processes as needed.
  • Counsel employees on everyday things to look for before opening email, like spelling and grammar errors, verifying sender’s email address, and never opening unexpected attachments.

Take the first step: get started

The most important step is the first one. The UK government offers two certifications – Cyber Essentials and Cyber Essentials Plus – that are crash courses in the basics to keep businesses safer from cybercrime. While they don’t replace a cybersecurity risk assessment, they will show you how to do one and how to select the security measures your business needs.

Anywhere your data is stored or used is a potential entry point into your company’s digital existence. It only takes one slip to allow malicious code or ransomware in, and once it’s there, it can cause millions of pounds worth of damage.

Jama Connect® Strengthens its Lead as the #1 Requirements Management Solution in G2®’s Summer 2024 Report

We are thrilled to announce that Jama Connect® has once again been named the overall leader in the G2 Grid® Report for Requirements Management Software for Summer 2024.

G2’s rankings are based on authentic user reviews and data gathered from online sources and social networks, analyzed through their unique v3.0 algorithm. The Summer 2024 G2 Grid® Report reflects scores calculated up until June 4, 2024.

In addition to being recognized as the top requirements management software, Jama Connect® has earned several other accolades for Summer 2024:

  • Overall Leader
  • Enterprise Leader
  • EMEA Leader
  • Europe Leader
  • Small-Business Leader
  • Mid-Market Leader
  • Momentum Leader

Learn more about the Summer 2024 G2 Grid for top Requirements Management Software products:
DOWNLOAD IT HERE

Jama Software® is honored to receive this recognition, which highlights the value we bring to our customers, especially those moving from document-based approaches to complex product, systems, and software development. We are grateful to our customers for their valuable feedback on our product, services, and support.

Customer Feedback Highlights

“Jama [Connect] is not only a ‘document-oriented’ ALM tool, it gives the organization the ability to map the project structure the product structure making it an easy entry point for R&D folks. Configured properly, it is a real technical and regulatory ‘single source of truth.” – Frederic Fiquet, Director, Systems Engineering

 

“Product Design teams need a requirements management tool like Jama [Connect]. Using Jama Connect allows our software development team to have a well-organized and well-written set of requirements. It allows us to more easily maintain a baseline of features in our continuously evolving software.” — Mark M., Mid-Market

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Our commitment is to provide the best possible experience for our users, and being named the overall leader is a testament to their satisfaction and success with Jama Connect.

From all of us at Jama Software, thank you!

How to Overcome Development Challenges: Proving Regulatory Compliance in Complex Product and Systems Development

As we enter the second half of 2024, development of complex products and systems often encounters the intricate web of regulatory compliance. From medical devices and automotive components to aerospace systems and software applications, ensuring adherence to stringent regulations is critical for both market access and consumer safety. However, proving regulatory compliance presents a multitude of challenges that can impede development timelines, inflate costs, and complicate project management. Fortunately, tools like Jama Connect® offer robust solutions to these challenges, streamlining the compliance process and enhancing overall efficiency.

The Challenges of Proving Regulatory Compliance

1: Diverse and Evolving Regulation

  • Complexity: Different industries are governed by a myriad of regulatory bodies, each with its own set of rules and standards. For example, the medical device industry must comply with FDA regulations in the U.S., CE marking in Europe, and various other international standards.
  • Evolution: Regulations are not static; they evolve to keep pace with technological advancements, emerging risks, and geopolitical changes. This continuous evolution necessitates constant monitoring and adaptation.

2: Traceability and Documentation

  • Traceability: Ensuring traceability from requirements through to testing and validation is essential for demonstrating compliance. This involves linking every design decision, change, and test result back to the initial regulatory requirements.
  • Documentation: Regulatory bodies demand extensive documentation as proof of compliance. Managing and organizing these documents can be a herculean task, particularly in large-scale projects with numerous stakeholders.

3: Collaboration and Communication

  • Interdisciplinary Teams: Complex systems development typically involves interdisciplinary teams, including engineers, designers, testers, and compliance officers. Effective collaboration and communication across these teams are crucial for ensuring that compliance is maintained throughout the development lifecycle.
  • Stakeholder Alignment: Aligning all stakeholders on compliance goals and processes can be challenging, especially in large organizations with decentralized teams.

4: Risk Management

  • Identification: Identifying potential risks related to regulatory compliance early in the development process is critical. These risks can stem from technological uncertainties, supply chain issues, or changes in regulatory requirements.
  • Mitigation: Developing and implementing strategies to mitigate identified risks requires a proactive and systematic approach, integrating risk management into the overall development process.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

How Jama Connect® Helps Overcome These Challenges

Jama Connect is a comprehensive requirements management platform designed to address the complexities of regulatory compliance in product and systems development. Here’s how it helps teams navigate and overcome these challenges:

“We develop complex products that require multidisciplinary work and V-cycle traceability. A tool like Jama Connect is required, and Jama Connect does the job well.” – Nicolas Ohlmann, CTO, CIXI

1: Centralized Requirement Management

  • Unified Platform: Jama Connect provides a centralized platform where all requirements, tests, and risks can be managed and tracked. This unified approach ensures that all compliance-related information is easily accessible and up-to-date.
  • Real-Time Updates: With real-time updates and version control, teams can ensure that everyone is working with the most current information, reducing the risk of compliance breaches due to outdated data.

“Jama Connect is a modern solution for requirement management. Other tools are either outdated, cheap, modern-looking clones of IBM DOORS, or insufficient in functionality.” – Requirement Manager, Professional Services Company

2: Enhanced Traceability

  • End-to-End Traceability: Jama Connect enables end-to-end traceability by linking requirements, design decisions, test cases, and validation results. This comprehensive traceability ensures that all regulatory requirements are met and can be easily demonstrated during audits.
  • Audit Trails: Detailed audit trails provide a clear record of all changes and decisions, facilitating smoother and more efficient compliance audits.

3: Collaboration and Communication Tools

  • Cross-Functional Collaboration: Jama Connect fosters collaboration across interdisciplinary teams through its integrated communication tools. This ensures that all team members are aligned on compliance objectives and can easily share information and updates.
  • Stakeholder Engagement: The platform supports stakeholder engagement by providing customizable dashboards and reports, enabling clear and effective communication of compliance status and progress.

“Investing in a good requirements management tool is a logical step to avoiding the common pitfalls of software development projects. Jama Connect provides the necessary tools to allow a team to manage huge amounts of requirements.” – Director, Solutions Delivery

4: Robust Risk Management

  • Risk Identification and Assessment: Jama Connect includes tools for identifying and assessing compliance risks, integrating risk management into the overall development process from the outset.
  • Risk Mitigation Plans: The platform supports the development and tracking of risk mitigation plans, ensuring that potential compliance issues are addressed proactively and systematically.

“I have used various requirements management tools throughout my career spanning over two decades and Jama Connect scores big when it comes to user interface. It is very easy to onboard the tool into the system with minimal training needs for the user groups. This does not belittle the functional core that a creator could do with the tool configuring it. I highly recommend Jama Connect for any organization working on safety-critical systems.” – Senior Manager, Biotechnology Company

RELATED: Buyer’s Guide: Selecting a Requirements Management and Traceability Solution

Conclusion

Proving regulatory compliance in complex product and systems development is fraught with challenges, from navigating diverse and evolving regulations to ensuring traceability and effective collaboration. Jama Connect provides a powerful solution to these challenges, offering a centralized platform for requirement management, enhanced traceability, robust collaboration tools, and comprehensive risk management capabilities. With Jama Connect, teams can keep up with the ever-changing regulations thanks to our solutions developed and updated by our leading industry experts. By leveraging Jama Connect, teams can streamline the compliance process, reduce risks, and ultimately deliver high-quality, compliant products to market more efficiently.

“We use Jama Connect for requirements, risk, and verification/validation management, as well as integrating Jira and Enterprise Architect. Having traceability in one tool is going to be so helpful for our product development.” – Principal Systems Engineer, Health Care Providers & Services Company

Whether you’re developing cutting-edge medical devices, innovative automotive systems, or advanced software applications, Jama Connect can help you navigate the complexities of regulatory compliance and achieve your development goals with confidence.

Note: This article was drafted with the aid of AI. Additional content, edits for accuracy, and industry expertise by McKenzie Jonsson, and Mark Levitt.

In this image, you see a hand pointing to a tablet with information displayed, which portrays the power of simplifying an audit with an itemized database.

In this blog, we recap a section of our recent eBook, “Simplify Audit Documentation by Leveraging the Power of an Itemized Database” – Click HERE to read the whole thing.

Simplify Audit Documentation by Leveraging the Power of an Itemized Database

How to enhance efficiency, auditability, and stay ahead of the competition with Jama Connect® for Medical Device Development

In the current landscape of medical device and life sciences development — in addition to facing relentless pressures to innovate, remain competitive, and release quality products — medical device developers also must comply with rigorous regulations and standards for their products to be marketed, distributed, and sold in regulated markets like the United States and the European Union.

However, reliance on traditional documents or legacy document-driven systems like Cognition Cockpit and Polarion poses challenges for professionals, particularly those in roles such as quality assurance. This eBook delves into the transition from document-centric workflows to itemized databases, focusing on Jama Connect® as a solution to enhance efficiency and auditability in product development processes.

RELATED: Jama Connect® for Medical Device & Life Sciences Development Datasheet

The Challenge of Document-Centric Workflows

Traditional product development processes for medical device companies revolve around document-centric workflows. This section highlights the inherent limitations and complexities
associated with managing requirements, traceability, and change control solely through documents.

Challenges include:

  • Manual traceability matrices often lead to a time-consuming and error-prone process, making it challenging to maintain accurate and up-to-date links between requirements, design elements, and test cases, which are critical for regulatory compliance and product quality.
  • Version control issues can result in confusion, inconsistencies, and potential compliance risks, as stakeholders struggle to identify the most current documentation amidst multiple iterations, revisions, and parallel development efforts.
  • Difficulties working in an Agile workflow can hinder traceability and documentation, as the rapid pace of iterations and evolving requirements make it challenging to maintain clear and auditable links between user stories, tasks, and regulatory documentation, impacting the ability to demonstrate compliance and validation.

  • The absence of a single source of truth contributes to inefficiencies, as disparate document repositories result in data silos, inconsistent information, and difficulty in
    reconciling different versions of documentation, leading to confusion and potential errors in audits or reviews.
  • Slow quality management processes can delay the verification and validation of documentation, impacting the timely detection and resolution of compliance issues, and the ability to demonstrate adherence to regulatory standards, potentially delaying product approvals and market entry.
  • The risk of errors escalating during iterative design phases grows as manual documentation processes and fragmented tools make it difficult to track and manage changes, increasing the likelihood of overlooked requirements, design inconsistencies, and compliance gaps that can surface during regulatory assessments and audits.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

The Value Proposition of an Itemized Database

Central to this transition is understanding the inherent value of itemized databases like Jama Connect. This section explores the tangible benefits, including real-time traceability, proactive change management, and improved product quality.

By embracing itemized databases, organizations can:

  • Accelerate Product Development Cycles: By accelerating product development cycles, organizations can increase their market competitiveness and improve their ability to meet customer demands, while minimizing the risk of delays or missed opportunities caused by manual documentation processes.
  • Maintain Proactive Traceability: By maintaining proactive traceability, organizations can demonstrate compliance with regulatory requirements, ensuring transparency and accountability throughout the development process, while enabling faster detection and resolution of issues before they escalate.
  • Gain Visibility into Progress and Coverage: By gaining visibility into progress and coverage, organizations can identify gaps and redundancies in their documentation, prioritize requirements, and allocate resources effectively, improving overall product quality, and reducing the risk of compliance issues.
  • Proactively Manage Risks: By proactively managing risks, organizations can reduce the likelihood of errors and minimize the potential impact of issues, ensuring patient safety and reducing the risk of product recalls, legal liability, or damage to reputation.
  • Link Suspect Items and Manage Change: By linking suspect items and effectively managing change, organizations can streamline the change management process, minimizing the impact of revisions on other items, and ensuring that each change is properly reviewed and validated before implementation.
  • Maintain an Agile Workflow: By easily maintaining an Agile workflow, organizations can support their development teams, empowering them to collaborate and innovate effectively, while ensuring that their processes remain compliant and traceable throughout the development lifecycle.
  • Enhance Documentation: By enhancing compliance documentation, organizations can improve their ability to adhere to regulatory requirements and expectations, minimize the risk of non-compliance, and demonstrate their commitment to patient safety and quality outcomes.
  • Reuse Requirements: By reusing requirements and enabling release management, organizations can optimize their resources, reduce duplicative efforts, and improve their ability to deliver products that meet customer needs and expectations.
  • Automate Version Control: By automating version control, organizations can minimize the risk of errors caused by manual processes, streamline the review and approval of documentation, and improve their ability to manage multiple iterations and revisions while maintaining an accurate audit trail.

CLICK HERE TO READ THIS EBOOK IN ITS ENTIRETY:
Simplify Audit Documentation by Leveraging the Power of an Itemized Database

TÜV SÜD Certification

The Top Six Things You Should Know About

In the quest for innovation, product testing, compliance, and safety certifications remain key to accessing markets and gaining customers. No one wants to buy a product, service, or process that hasn’t been thoroughly vetted by an independent body. In the context of global markets, few certifications carry the importance or significance of those from TÜV SÜD, but in the United States, the various companies that are part of the TÜV Association are not widely known. So, what is TÜV SÜD, and why is it so important to product development?

1: What does TÜV SÜD stand for?

“TÜV” stands for “Technischer Überwachungsverein,” which translates to “Technical Inspection Association” in English. There are several independent companies that are part of the TÜV Association; TÜV SÜD is headquartered in Munich and employs approximately 25,000 people around the globe.

2: What type of company is TÜV SÜD?

TÜV SÜD is focused on protecting people and the environment through rigorous testing, certification, auditing, and advisory services. The company helps ensure regulatory compliance of new and updated technologies, especially in automotive innovation and development, and it functions as a notified body in Europe for medical devices. The TÜV companies trace their origins back to the 1860s when they were first formed to oversee the safety of steam engines.

3: What is the difference between TÜV SÜD and TÜV Rheinland?

TÜV SÜD and TÜV Rheinland are different companies that both provide similar services. All TÜV companies are at least 25.1% owned by the TÜV Association. There are currently six main members of the TÜV Association, all of whom are denoted by the brand “TÜV” plus the regional suffix, such as SÜD or Rheinland. The other TÜV companies include TÜV Nord, TÜV Thüringen, TÜV Saarland, and TÜV Austria.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

4: What is a TÜV SÜD Certification?

A TÜV SÜD Certification assures governing bodies and consumers that a product, service, or process has passed relevant safety testing and meets relevant compliance requirements. The certification process is rigorous and comprehensive and involves multiple steps, including steps to review requirements and establish processes followed during development.

5: Why is achieving TÜV SÜD Certification so important?

TÜV Certification is recognized internationally as a sign of quality and thorough review—similar to an ISO or UL certification. Although it originated in Germany, it is regarded globally as evidence that your product, service, or process has attained high standards of safety, quality, and sustainability. With a TÜV SÜD Certification, you can achieve access to additional markets and give your customers peace of mind.

6: Is Jama Connect® certified by TÜV SÜD?

Jama Connect received its first TÜV SÜD certification in 2016. Jama Connect is TÜV SÜD certified for developing safety-related products according to ISO 26262 (up to ASIL D) and IEC 61508 (up to SIL 3). Jama Software is the first vendor that is both SaaS and Agile to receive the certification. In 2019, Jama Software completed additional certification for Jama Connect as a software tool for the development of medical devices according to IEC 62304 and railway applications according to EN 50128.

RELATED READING: Simplify Compliance With Proactive Risk Management Software

Don’t neglect important certifications. Even if you are already pursuing other certifications, the TÜV SÜD Certification could be an important addition to your automotive, medical, or railway products and services. Jama Connect can help you meet the requirements tracing and process needs that will set you up to achieve the TÜV SÜD Certification and expand to new markets and customers. To learn more, contact us.

 

This image portrays a title page for an instructional video with a title stating the demo topic is Azure DevOps Integration with Jama Connect.

Jama Connect® Features in Five: Azure DevOps Integration

Learn how you can supercharge your systems development process! In this blog series, we’re pulling back the curtains to give you a look at a few of the powerful features in Jama Connect®… in about five minutes.

In this Features in Five Integration Series video, Susan Manupelli, Solutions Architect at Jama Software® – will demonstrate the Azure DevOps integration with Jama Connect®.

VIDEO TRANSCRIPT

Susan Manupelli: Hello, and welcome to the Features in Five Integration series. My name is Susan Manupelli, and I’m a Senior Solutions Architect at Jama Software. Today, we will be walking through Azure DevOps integration. We make it possible for you to integrate Jama Connect with your preferred best-of-breed software to achieve Live Traceability™ across the end-to-end development cycle.

Live Requirements Traceability is the ability for any engineer at any time to see the most up-to-date and complete upstream and downstream information for any requirement, no matter the stage of systems development or how many siloed tools and teams it spans. This enables significant productivity and quality improvements, dramatically reduces the risk of product delays, cost overruns, defects, rework, and recalls, and ultimately results in faster time to market.

RELATED: Jama Connect® Integrations for Live Traceability™

Manupelli: Before I demonstrate the integration, I’d like to share a slide that depicts the flow of information. The top represents our process as defined in Java Connect through relationship rules. At the bottom, we’re depicting Azure DevOps. This slide illustrates an implementation task in the form of a user story that syncs up into Jama Connect, as well as a defect created in Jama Connect that syncs down to Azure DevOps. The beauty of this integration is that developers can stay in their tool of choice, in this case, ADO. Product owners can stay in Jama Connect, yet both sides have access to the details of the task. More importantly, the task and related status become part of what’s Live Traceable in Jama Connect. Let’s demo this.

Here we are in Jama Connect. The integration can be configured as a bidirectional sync, so it doesn’t matter whether I create the task in Jama Connect or ADO. First, we’ll decompose a software requirement into a development task that’s in the form of a user story. Here we have a login requirement software requirement. I’m gonna go ahead and add a related downstream user story, which will bring up the form to create a new user story. Notice the editor template feature in Jama Connect prepopulates these with standard user story verbiage. So as a user, I need to log in so that I can view my account. We’re gonna go ahead and set the status to new, and then we’re gonna save and close.

Jama Connect is prompting me to where I wanna save this, so I am going to go ahead and save this where the user stories live in my hierarchy. Notice that upon saving, automatically, the relationship widget indicates the fact that I have traceability, and I could see that traceability back to the software requirement. Within seconds, this user story will flow into ADO.

And you can see that it’s completed already. The integration URL has been populated, and I can navigate this URL, which will open up the item ADO. Let’s take a look.  Here we are in ADO. You can imagine the developer has been assigned to implement the user story. They may add some context to the description. They may go ahead and add a comment, And they may go ahead and indicate that they’re starting to work on this user story by changing the status to active.

Notice that the developer can traverse a URL back to Jama Connect to see the requirements that are driving the user story. These links are handy, but the real advantage is the fact that the changes the developer made within seconds will be visible to anyone working in Jama Connect. Let’s flip back to Jama Connect and take a look. Notice the changes the developer made are now visible here in Jama Connect. The product owner can view and respond to the developer’s comment, and notice that the status has also been updated.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Manupelli: The updated status is reflected in a trace view that we can see here automatically, as well as any dashboard reports we have for user stories. So that’s Live Traceability in action. As a reminder, this thing can be configured by directional. So if your process varies and you create user stories in ADO, we support that use case as well.

Here we are in ADO. Let’s create a new user story. Let’s give it a title and give it a description, and let’s go ahead and save this. Within fifteen seconds, this user story will flow into Jama Connect. Here we are back in Jama Connect’s dashboard. Notice the widget showing these stories that are missing upstream relationships? That new user story has shown up here. Let’s open it.

Now let’s relate to existing and find the requirement that the user story fulfills, and we’re gonna go ahead and relate. Notice the traceability is updated automatically. This completes the traceability between the requirement and the user story.

Thank you for watching this Feature in Five session on the Azure DevOps integration for Jama Connect. If you are an existing customer and wanna learn more, please reach out to your customer success manager or consultant. If you’re not yet a client, please visit our website at jamasoftware.com to learn more about the platform and how we can help optimize your development process.

To view more Jama Connect Features in Five topics, visit:
Jama Connect Features in Five Video Series

In this blog, we recap our webinar, “Bridging ALM and MBSE: Strategies for Seamless Integration” – Click HERE to watch it in its entirety.

Integrate Jama Connect® and Sparx Systems’ Enterprise Architect (EA) using LemonTree.Connect to align business and engineering objectives.

Join our experts Philipp Kalenda, Head of Consulting & Training at LieberLieber and Cary Bryczek, Director of Solution Architecture at Jama Software ® to discover how this powerful collaboration eliminates the gap between requirements engineering, system architecture, design, and product management.

You will gain a thorough understanding of these topics and more:

  • How Jama Connect®’s Live Traceability™ capabilities allow for seamless integration across best-of-breed tools.
  • How leveraging Jama Connect Traceable MBSE™ can act as a starting point for your MBSE efforts.
  • How to create a workflow for deriving systems architecture based on requirements from Jama Connect.
  • How LemonTree.Connect enables standard engineering domain practices for configuration management.
  • How to facilitate streamlined evidence that proves your architecture is satisfying requirements.

Below is a preview of our webinar. Click HERE to watch it in its entirety.

The following is an abbreviated transcript of our webinar.

Bridging ALM and MBSE: Strategies for Seamless Integration

Cary Bryczek: My name is Cary Bryczek. I’m the Director of Aerospace & Defense Solutions here at Jama Software. I’m really looking forward to speaking with you today on this particular topic and looking forward to Philipp’s presentation as well. So to kick things off, we are going to set … I just want to set the stage with some trends across the A&D industry that we’re seeing. I’ll talk about how those trends are creating challenges for chief engineers and describe what’s keeping them up at night. Then I’ll set the stage for Philipp’s presentation by showing you what Jama Connect’s Traceable MBSE™ looks like and how that’s designed to solve some of those challenges, and Philipp’s going to definitely take you on a deeper dive to show you how system models in Jama Connect interoperate.

In the aerospace and defense industry, developing a new system has a complexity that far exceeds commercial product development. For example, the FAA’s program to develop the unmanned aircraft traffic management system involves not just the pilot and his drone but is designed to enable autonomous and semi-autonomous operation of multiple aerial systems, including passenger and cargo delivery in a tightly integrated civil aerospace. The elements in blue that you see are all distinct systems of their own, and the new traffic management system needs to be able to integrate communications and data across all of those systems to provide this new capability.

In the highly constrained environment of outer space, NASA’s Cislunar and the Artemis program, for example, are focusing on the operation and survivability of autonomous systems. To develop a space system, NASA does not do this alone but has many contracts with companies to deliver parts of the system. For example, Blue Origin, they have two programs like the Friction Stir Additive Manufacturing Program and the Metallic Thermal Protection System are two examples of just parts of the system.

RELATED: Buyer’s Guide: Selecting a Requirements Management and Traceability Solution for Aerospace

Bryczek: Canopy Aerospace, they’re developing a low-cost reusable thermal protection system. Roccor AKA Redwire in Erie, Colorado, they’re developing a characterization of high aspect ratio booms for these large apertures and so many more. This ecosystem of partners and contributing to a whole brings its own challenges to the pool when trying to collaborate, share data, and execute common systems engineering processes. Like the NASA’s Cislunar and Artemis initiatives for space exploration, they’re focusing on operation and survivability.

In the defense domain, we’re seeing all sorts of cases in unmanned aerial systems as well to aid tactical situations and help with strategic planning. The underlying theme of these large systems is the integration and the collaborative approaches to developing these different weapon systems and aerospace systems in very constrained environments.

So from a strategy perspective, what are these agencies trying to really do? Government agencies and aerospace and defense companies are always evolving their strategies to be able to deal with this complexity and to help streamline their engineering processes. For example, the Department of Defense (DOD) has published a new adaptive acquisition framework. This pathway is intended for large-scale traditional hardware acquisitions to facilitate rapid and iterative development and delivery of software capability to the user.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Bryczek: In 2018, the Digital Engineering strategy outlines a vision to modernize how the department designs, develops, delivers, and operates, as well as sustains systems securely and safely. Their vision is to connect people, processes, data, and capabilities across an end-to-end digital enterprise. The International Council on Systems Engineering (INCOSE) published its recent Vision 2035 document, and it is intended to inspire and guide the strategic direction of systems engineering, the practice of systems engineering for the global systems community.

MOSA, the Modular Open Systems Approach, it uses a system architecture that allows major subsystem components at the appropriate level to be incrementally added, removed, and replaced throughout the lifecycle of the major system. The DOD’s systems engineering and architecture group is focusing on modernizing the systems engineering practice. They’re leveraging capabilities from CERC. They’re using MOSA to build systems that can be upgraded and to incorporate new technology faster to respond to emerging threats.

When we look at this in a little bit larger view with this new modernization of the systems engineering approach, the DOD has moved away from visualizing its process using a V model in favor of what truly takes place from a process standpoint, which is that modern systems engineering is highly cyclic. You can see the outermost ring is as close to that old V model, where a concept definition is in the upper right, it moves the system definition through architecture and design and over to V & V and back-to-start around on the next cycle.

What’s important is that there’s a strong emphasis on measuring not just the system being built, but the process that’s building the system, your system’s engineering process and that data and models are at the heart of it all. To the fullest extent, models should be used in favor of documents and data should inform decision-making.

What is the industry saying? There’s a challenge to using data-driven approaches and models. The DOD has highlighted there’s a lack of an integrated approach to the implementation of these systems engineering focus areas, and it’s creating a delay in the full implementation of the digital transformation, which is necessary to ensure relevant guidance and skills.

RELATED: Leading Ground-to-Air Communications Systems Developer Indra Park Air Takes Off with Jama Connect®

Bryczek: Continuing to use legacy tools and approaches is what is making integrated approaches not possible. What is necessary is to take a federated approach to data across the tool ecosystem and to use tools with more robust APIs, and modern architectures that are standards-based. An MBSE approach requires an integrated approach to connect the system models, architecture, and requirements to the program teams the software teams, and the hardware teams. It doesn’t mean to use a siloed system modeling tool and expect those teams to be able to consume and understand that model.

What we hear quite often is, “How do I achieve the benefits of MBSE when no other engineers can access model parameters that they need for downstream decision-making?” Those with technical oversight, chief engineers who have technical oversight and responsibility for program success, executing MBSE, or even just traditional systems engineering commonly raise the following questions, “How do I know if the architecture and system requirements are satisfying all the needs? How do I know if a change in the architecture will impact testing? How do I know if a change in the architecture will impact downstream hardware or software teams? How do I detect unallocated systems architecture and requirements?”

So the question of, “How do I achieve the benefits of MBSE when no other engineers can access model parameters?” can be answered by using traceable MBSE. Now, the reality at most companies is that the end-to-end systems development process is fragmented into domain-specific tools and spreadsheets that have no built-in collaboration. Now, this leads to fragmented requirements traceability and requires significant manual effort through emails and meetings and sometimes luck to try and prevent delays rework, or cost overruns.

Most companies have come to accept the situation as an unchangeable reality given the lack of a single platform to enable this entire process, nor a method to integrate spreadsheets and desktop tools. Using Traceable MBSE, the system model in the modeling tool is joined with the Jama Connect model. Jama Connect is continually calculating traceability and coverage and provides scores that can be used to identify high-risk areas that can be drilled into to determine corrective actions. The system model can detect those changes and the modeling engineers can take the corrective actions.

CLICK HERE TO WATCH THIS WEBINAR IN ITS ENTIRETY:
Bridging ALM and MBSE: Strategies for Seamless Integration

In this blog post, we summarize our Whitepaper titled “How to Manage Cybersecurity in Jama Connect® for Automotive and Semiconductor Industries” – Written by Kevin Dibble and Jama Software. Click HERE to read the full thing.

How to Manage Cybersecurity in Jama Connect® for Automotive and Semiconductor Industries

Learn how automotive and semiconductor teams use requirements management tools to support meeting ISO/SAE 21434 while increasing visibility, collaboration, and review-cycle efficiency.

Security threats such as malware, ransomware, and data breaches impact many industries, but with expanded connectivity in the automotive and semiconductor sectors, increased urgency exists to safeguard against fast evolving risks.

Research shows that 91% of vehicles are connected, and that number is expected to rise to 96% by 2030. With more automobiles and semiconductor devices being connected, attack surfaces (cybersecurity vulnerabilities) are expanding quickly, and the ISO/SAE 21434 standard aims to understand and safeguard against potential threats.

However, managing a cybersecurity case within the standard requires many steps, and cross-team visibility and collaboration are often challenging. As a result, some teams are turning to requirements management tools to help improve visibility and increase transparency in review cycles.

If you haven’t used a formal requirements management tool before, understanding the benefits, advantages, and how it works helps determine if it’s right for your team.

RELATED: A Guide to Road Vehicle Cybersecurity According to ISO 21434

Why manage a cybersecurity case in a requirements management tool?

A cybersecurity case is a structured argument supported by the evidence of work products to detail why risks found within the Threat Analysis and Risk Assessment (TARA) are reasonable.

Creating a cybersecurity case for ISO/SAE 21434 is a complex process with many moving parts. Using a requirements management tool has many benefits, including improved traceability, easier collaboration, and improved functionality for reviews.

Here are several ways a tool can help.

1. Improved collaboration between OEMs and tier 1 and 2 suppliers. A requirements management tool, such as Jama Connect®, supports requirements interchange format (ReqIF), which can be used for bidirectional communication of requirements, item definitions, and more. Using the tool, you can support improved collaboration workflows.

2. Provides “trace as you go” visibility. You don’t want traceability to be an afterthought handled by your requirements engineer at the end of the project, especially when that project is complex. A purpose-built requirements management tool, like Jama Connect, allows you to create requirements tracing to parent requirements, design blocks for requirements allocation, and more. It supports a trace-as-you-go methodology.

3. Access impact analysis to handle midstream project changes more effectively. Jama Connect provides access to an impact analysis, a powerful capability supporting the trace-as-you-go approach. Running an impact analysis as project changes happen midstream allows for greater understanding and visibility.

4. Automatically generate test coverage reports. With Jama Connect, you can allocate requirements to design blocks or interconnect the requirements management system to design tools. Using tools like Design Architect provides powerful analytics and test coverage reports that are automatically generated.

5. Connect tools and avoid disjointed tooling challenges. Disconnected tools are often a source of visibility issues. Jama Connect links disparate tools and offers a “toolchain view” for more seamless tool functioning and visibility, like with the Design Architect example above.

6. View exactly where you’re at in a project in real-time. As you move through the management of a case, it’s important to see where you are in the process so you can stay on track. Jama Connect can provide analytics that clearly indicate where you’re at in a project, including allocated requirements, tests that have been covered, and more.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

How does a requirements management tool fit with the ISO/SAE 21434 standard?

Traceability, collaboration, and improved review processes are all benefits of a purpose-built requirements management tool, but to understand how it works, it helps to have an example. In the details below, we’ve used the Jama Connect platform as an example to see how it works – from product-dependent cybersecurity management to threat analysis and risk assessment methods.

ISO/SAE 21434 is organized by clauses and subclauses, broken out below.

The right requirements management tool will enable your teams to optimize the development process in many of the above areas. Specifically, here’s a breakdown of how the Jama Connect platform supports each of them, as indicated by the box’s color.

Green. These areas are fully supported and recommended to be implemented in Jama Connect. For example, when viewing section 9 in the chart above under the “Concept” heading, Jama Connect supports the item definition, cybersecurity goals, and cybersecurity concept.

Yellow. These are optional and can be implemented in Jama Connect. For example, you’ll see subclauses 5.4.3 “Information sharing” and 5.4.4. “Management systems” fall into this category.

Yellow-green. These are partially supported in the tool. In other words, Jama Connect can support some of the requirements but not all of them. As an example, 10.4.1 “Design” and 10.4.2 “Integration and verification” are included in this category.

Red boxes. These are not recommended for support in Jama Connect and are usually handled with an in-house tool instead—in that some are processes that expand throughout the organization, and some are activities or work products suited for alternative best-of-breed tools. The progression of these work products can, however, be brought back to Jama Connect to reflect status through the Cybersecurity case. An example is the areas under the “post-development phases, including 12 “Production” and 13 “Operations and maintenance.”

One of Jama Connect’s most powerful capabilities is supporting the green and yellow categories through document building and generation. The tool supports the process of building and reviewing documentation with real-time collaboration as well as creating documentation with a single click and no post-processing.

TO DOWNLOAD THIS WHITEPAPER IN ITS ENTIRETY, VISIT:
How to Manage Cybersecurity in Jama Connect® for Automotive and Semiconductor Industries

Jama Software is always looking for news that will benefit and inform our industry partners. As such, we’ve curated a series of customer and industry spotlight articles that we found insightful. In this blog post, we share an article, sourced from PBC Today, titled “Integrating AI in AEC/O to Enhance Efficiency.” – originally published on June 4, 2024.

Integrating AI in AEC/O to Enhance Efficiency

AI’s use in the AEC/O industry has the potential to increase sustainability, efficiency, and decision-making, says Nemetschek Group.

From ChatGPT to the realm of robotics, AI appears to be everywhere.

In the time-honored tradition that follows the introduction of any new major technological leap – from the printing press back in the 15th century, right up to the democratization of the internet – conversations on the topic swing from the benefits AI will deliver to concerns over the risks that it poses.

As we have also seen in the past, once the dust has settled, AI will find its niche, whether it’s noticeable at the front end or hidden away at the back end of the services and technologies that we use in the future.

There’s no doubt that bad actors will use AI to their advantage, but events like the AI Safety Summit hosted in the UK last November will unite governments and the technology industry in a joint mission to create guardrails to ensure that, where possible, AI is used to benefit society, rather than compromise it.

Opportunities for AI in the AEC/O industry

Even at this early stage of AI’s evolution, there’s no doubt that the AEC/O industry should be excited about the opportunities that AI presents.

The technology has a role to play in helping the industry cut its carbon emissions and raw material waste through the implement of better ways of designing and constructing buildings.

The good news is that AI – tailored for the construction sector – already exists, although its usage remains somewhat discreet.

While it is less tangible and visible than in architecture or interior design, AI nonetheless represents a significant innovation for the construction industry; and, as the technology evolves and finds more applications where it can add value to our profession, it will become an invaluable part of our essential toolkit.

It is important that we are receptive to AI, despite any initial reservations or concerns we may have. Solutions supplemented with AI will emerge as formidable allies in addressing the crucial challenges the industry faces.

They will be essential in redefining our standards of efficiency, especially in meeting the challenges of ecological transition, precision, and profitability throughout project lifecycles.

Those are all commendable ambitions, and AI can help the industry meet them.

RELATED: Buyer’s Guide: Selecting a Requirements Management and Traceability Solution

Planning and design: Navigating fluidly through complex data to facilitate decision-making while boosting productivity

Although the industry is still in the midst of a digital transition, data already plays an essential role. In fact, data processing – automated through AI-integrated tools – can revolutionize the planning and design phases of construction projects.

Aggregating information from multiple sources and stakeholders (architects, urban planners, project managers, etc) – which is always complex and prone to error or confusion – becomes smoother when supplemented with AI.

Furthermore, the digital model derived from Building Information Modelling (BIM) becomes more precise and detailed, reducing reliance on numerous – and sometimes very specific – third-party solutions.

AI also intervenes to provide more accuracy by analyzing data history heterogeneously and in real-time, thus avoiding manual inaccuracies. As a result, AI ensures the integrity of initial design models while establishing a mechanism for continuous improvement.

Such an approach significantly reduces the costly and time-consuming risks associated with human error.

Another major asset for the sector is the contextual analysis that AI can provide professionals. It leads to the overall design of a building, considering environmental factors such as local climate models. Those insights guide professionals in making proactive decisions when anticipating future challenges.

Construction and renovation: Enhancing quality and tackling logistics

AI facilitates real-time monitoring of construction progress by measuring it against the planned schedule. This approach immediately identifies programming issues or potential delays, enabling offsite managers to make informed decisions to meet deadlines.

During renovation and modernization processes, AI offers intelligent simulations, reducing the time and costs associated with these projects, even for older buildings.

While traditional buildings may lack complete historical data, AI has the capability to leverage 3D scanning and panoramic technologies to create new BIM models. This digitization process modernizes older structures to align with current design and sustainability standards.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Operations: Advancing data-driven management and sustainable practices through AI

AI will become an essential complement to the digital twin. It can already predict maintenance needs and automate malfunction detection through IoT sensors. This enables remote inspections and lifecycle analyses, increasing a building’s efficiency while reducing operating costs.

Perhaps more importantly, AI’s use in digital twins is pertinent in an era where sustainability is paramount, as AI algorithms can analyze real-time data from IoT sensors to identify inefficiencies in energy use.

It can also facilitate the smart search of structured and unstructured data. Therefore, AI-enhanced digital twins can also optimize other operational aspects – like space utilization and occupant comfort – by analyzing patterns and environmental variables to create an optimal work environment.

In this context, AI transforms the renovation and retrofitting process by enabling intelligent simulations that generate multiple design possibilities in seconds.

Whether the objective is sustainability or optimized lighting, AI-based models can visualize various scenarios, reducing both the time and cost associated with these projects.

The rapid advancements in AI are undeniably catalyzing a transformative shift across the AEC/O industry.

When used in conjunction with digital twins, AI is a powerful tool that enhances capabilities across planning, design, construction, and operations.

By way of practical example, a user can take a photo of a part of a building or an asset and search across the whole dataset for information relevant to the area they are interested in.

Building the future with AI

AI has quickly become a powerful tool for enhancing planning, design, construction, and operation capabilities.

It becomes the cornerstone of intelligent data-driven decision-making, which is essential for an industry aiming for innovation, sustainability, and operational excellence.

With so much focus on the environment – from governments, corporations, and consumers alike – and the AEC/O industry under immense pressure to address the damage it does to the environment, it’s imperative that it embraces technology like AI to become an even more responsible corporate citizen.

This image depicts components of the Machinery Directive 2006/42/EC to Machinery Regulation EU 2023/1230.

Navigating the Shift: From Machinery Directive 2006/42/EC to Machinery Regulation EU 2023/1230

Change is inevitable, especially in regulatory frameworks governing industries. In Europe, the transition from the Machinery Directive 2006/42/EC to the new Machinery Regulation EU 2023/1230 marks a significant step forward in ensuring safety, innovation, and harmonization in the machinery sector. This transition brings both challenges and opportunities for manufacturers, regulators, and stakeholders alike. The new regulation will go into effect in January of 2027. In this blog post, we’ll delve into the key aspects of this transition and explore its implications.

RELATED: Jama Connect® for Automotive

Understanding the Machinery Directive 2006/42/EC

Enacted in 2006, the Machinery Directive 2006/42/EC aimed to harmonize safety standards for machinery across the European Union (EU). It established essential health and safety requirements (EHSRs) that machinery must meet before being placed on the EU market or put into service. The directive provided guidelines for manufacturers to ensure that their machinery was designed and constructed to be safe for use.

Challenges and Limitations

While the Machinery Directive 2006/42/EC was a milestone in ensuring safety standards, over time, certain challenges and limitations became apparent. Rapid technological advancements, emerging risks, and inconsistencies in interpretation and application highlighted the need for a more robust regulatory framework.

The Machinery Regulation EU 2023/1230

A Step Forward: Recognizing the need for an updated and enhanced regulatory framework, the EU introduced the Machinery Regulation EU 2023/1230. This new regulation builds upon the foundation laid by its predecessor while addressing the shortcomings identified over the years.

Key Changes and Enhancements:

  • Scope Expansion: The Machinery Regulation EU 2023/1230 expands the scope to cover a wider range of products, including certain partially completed machinery and safety components. This broader scope ensures that all relevant products are subject to uniform safety standards.
  • Risk Assessment and Mitigation: The new regulation emphasizes a risk-based approach to safety, requiring manufacturers to conduct comprehensive risk assessments throughout the machinery’s lifecycle. This proactive approach aims to identify and mitigate potential hazards more effectively.
  • Digitalization and Connectivity: With the rise of Industry 4.0, the Machinery Regulation EU 2023/1230 addresses the integration of digital technologies and connectivity in machinery. It sets out requirements for cybersecurity, data protection, and interoperability to ensure the safe and secure operation of digitally enabled machinery.
  • Market Surveillance and Enforcement: Enhanced market surveillance measures and stricter enforcement mechanisms are integral parts of the new regulation. Authorities are empowered to monitor compliance more closely and take swift action against non-compliant products, safeguarding the safety of end-users.
  • Implications and Considerations: The transition from the Machinery Directive 2006/42/EC to the Machinery Regulation EU 2023/1230 presents both challenges and opportunities for stakeholders. Manufacturers need to adapt their processes and products to meet the updated requirements, investing in research, development, and compliance measures. Regulatory bodies must ensure smooth implementation and provide guidance to facilitate the transition for businesses.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

The transition from the Machinery Directive 2006/42/EC to the Machinery Regulation EU 2023/1230 signifies a proactive response to evolving challenges and opportunities in the machinery sector. By embracing enhanced safety standards, risk-based approaches, and digitalization, the EU aims to foster innovation while prioritizing the safety and well-being of users. As stakeholders navigate this transition, collaboration, adaptability, and adherence to best practices will be essential for ensuring a smooth and successful implementation of the new regulatory framework.

Note: This article was drafted with the aid of AI. Additional content, edits for accuracy, and industry expertise by McKenzie Jonsson and Matt Mickle.