safety and security compliance Archives

Tag Archive for: safety and security compliance

Editors Note: This post on safety and security in in automotive development is a guest post by from our partner Ansys. To learn more about Ansys, visit their website.

Safety and security have always represented a driving force in automotive engineering. Today, these performance criteria are more important than ever, as vehicles continue to grow exponentially in technological complexity. Advanced technologies deliver benefits, but also create new risks and potential failure modes.

With sales of electric vehicles projected to reach $567 billion by 20251, the design of powertrains and battery management systems has been brought to the forefront. Automakers also hope to capture a share of the global autonomous vehicle market, which will account for $556.67 billion by 20262, placing more focus on embedded control software, perception systems and sensors.

Before these diverse innovations can be commercialized, they must be analyzed and verified for reliable performance under every operating condition. Equally important, all electronics must be proven to work together at the system level, which means developing a robust system-level architecture, testing every integration point, and identifying and addressing weaknesses.

The Industry’s Leading Software for Automotive Modeling, Analysis and Simulation

Mastering these diverse, complex automotive engineering tasks may seem overwhelming ― or even impossible ― but there is good news. An established leader in engineering simulation for over 50 years, Ansys enables automakers to navigate the complex design and verification challenges associated with electrification, ADAS and other technology advancements.

The depth and breadth of the Ansys portfolio mirrors the complexity of today’s vehicle designs ― bringing modeling, analysis and simulation together in a robust, connected platform. From physics-based simulations that focus on crash-worthiness to the verification of embedded software, sensors, cameras and radars, Ansys solutions help automakers analyze every component in today’s cars.

Navigating the Unique Challenges of Safety and Security

Regarding electronics safety and security, software from Ansys helps automotive engineers by supporting safe software development, functional safety analysis and cybersecurity analysis.

Safer Embedded Software Development

Underlying the advanced electronic systems found in modern cars are millions of lines of embedded software code that ensure their flawless operation under every driving scenario. Ensuring that the overall software model, and every line of code, deliver the desired functionality is critical to protecting the safety of human passengers. To meet the highest safety standards and comply with regulatory guidelines, software engineers must subject this code to rigorous testing.

With Ansys SCADE, engineers can streamline design and verification processes via automatic code generation of ISO 26262 critical software up to ASIL D. SCADE can be easily integrated into existing AUTOSAR development flows for software components, eliminating time-consuming manual reviews.

For example, as Subaru created control software code for its first hybrid vehicle, it automated 95% of the development process by relying on Ansys SCADE to generate code for the car’s innovative engine, called the e-BOXER. Today, it only takes Subaru engineers half a day to implement a model for the e-BOXER’s electronic control unit (ECU) once the control logic has been defined. This enables Subaru’s developers to modify the ECU’s logic and architecture much more frequently and easily as they explore continuing design innovations.

Explore how automakers are improving the accuracy and speed of embedded software development by 50%.

*Robust, Automated Safety Analysis***

Functional safety analysis ensures that automotive electronics deliver reliable performance over time, without system failures leading to unreasonable risk. This analysis must encompass the entire electronics architecture, including down to the chip level.

Ansys medini analyze streamlines and automates functional safety analysis via a model-based environment that supports executing the safety-related activities required by applicable standards like ISO 26262. It has helped many customers reduce time and costs, without sacrificing analytic rigor.

For example, LiTHIUM BALANCE develops battery management system (BMS) solutions for electric vehicles in keeping with the most stringent safety, performance and reliability standards. By leveraging medini analyze, engineers at LiTHIUM BALANCE quickly and affordably manage the functional safety verification of their BMS designs.

By providing an easy-to-understand, visual representation of complex electronics and their integration points, Ansys has benefited ZF Friedrichshafen AG, a global technology company that supplies systems to automakers. Ansys medini analyze has streamlined and accelerated functional safety analysis for hardware, software and systems ― delivering possible efficiencies including an up to 50% reduction in the time devoted to these tasks.

The emergence of automated driving has brought an even greater challenge: What if components such as sensors are working as designed, but their capabilities fall short under real-world conditions? A new standard, ISO 21448, focuses on safety of the intended functionality (SOTIF). Ansys medini analyze helps engineers not only identify weaknesses, triggering conditions and causal effects, but also interfaces with simulation and testing tools to validate perception software and other ADAS components.

Ready to take your safety case to the next level? Request an Ansys medini trial.

Rigorous Cybersecurity Analysis

The increased amount of software and connectivity in cars has made them vulnerable to cyberattacks. Recent headlines, as well as the ISO 21434 cybersecurity standard, have made cybersecurity analysis an essential part of the automotive development process.

Ansys medini analyze for Cybersecurity addresses system-level security via an easy-to-use modeling and analysis environment, ensuring that the complex electronics architecture is impervious to attacks. By quickly identifying and addressing potential threats and vulnerabilities, engineers can deliver secure products, reduce time to market, maximize profits and comply with upcoming cybersecurity regulations.

Learn more about systematically performing threat analysis and risk assessment via Ansys medini analyze

A Partnership That Delivers Added Value

Today many automotive leaders are applying Ansys solutions, while also leveraging Jama Connect for product development. A value-added partnership between these companies means that Jama customers can seamlessly and directly integrate Ansys SCADE and Ansys medini analyze. For the first time, the automotive electronics development and testing process is supported by a linked set of industry-leading software tools.

To learn more about the benefits of this partnership, watch our recent webinar or review our white paper.

To learn more about how Jama Connect for Automotive can help your team achieve safety and security compliance, streamline development, and speed time to market, download our solution overview.

DOWNLOAD NOW

Designing complex electronic systems not only requires a significant number of specialized stakeholders, but also efficient collaboration during safety-critical product development and verification activities. With some teams working remote and working together around the globe, there may be gaps in communication, locations, or tools that need to be overcome in order to deliver the expected product on time and on budget.

In a recent webinar Michael Jastram, Senior Solutions Architect at Jama Software and Francois Xavier Dormoy, Senior Product Manager at Ansys discuss how you can bridge these gaps by integrating a product development platform, such as Jama Connect, together with a model-based embedded software tool, such as Ansys SCADE. From high-level requirements to verification and validation (V&V) activities to implementation, this allows you to share a single source of truth among the stakeholders and facilitate alignment across teams.

Below you’ll find an abbreviated transcript and the full webinar recording.

Bridging the Gaps in Safety-Critical Product Development

Michael Jastrom: In case you’ve never heard of Jama Software, Jama Connect is a solution for product development. Product development includes, of course, capturing the requirements, requirements management but also activities like test and quality management, which gives you end to end traceability. Also, risk and hazard analysis because a lot of our customers are using Jama Connect for functional safety-critical work the same way that

Ansys SCADE is being used. Jama Connect is a platform that achieves these things by providing you with key capabilities, like traceability, collaboration, reuse, and many others. I don’t want to go here into detail. In a minute, Francois and I will give you a live demonstration so that you can actually see how all this plays out in practice.

One thing that is very important that I would like to point out is that Jama Connect is an open platform. It is very easy to seamlessly integrate it with other tools. We see Jama Connect as the best of class solution. For this part of your development you want to use best of class and so do you want for others. That’s why you’re using SCADE, I assume. We ensure that you have a seamless integration.

Before I give you a tour of the solution, let’s look at the problem with respect to product development today. In product development, you typically follow the V-model if you have to do with functional safety critical systems. This has been practiced since the ’60s very successfully. There’s just one problem with it. The V-model in systems engineering tends to be slow. By the time you define your concept of operations, you went all the way down to implementation there. By the time you can do the verification and validation activities of the top level, a lot of time passed. There’s a lot of interest these days in HM methodologies. One question that we often hear is how do you apply HM methods in the context of functional safety critical work and systems engineering. The answer to that we call continuous engineering.

This is how it works and where Jama Connect applies. Jama Connect basically covers the top two thirds of the V-model by providing you with a platform for modern requirements management that gives you cross functional collaboration, which allows you to easily exchange information, capture decision, conduct reviews of electronic signatures, and so forth.

At some point, you reach the point where the scope of Jama Connect ends. That’s where something like Ansys SCADE comes in. We provide you with real time and seamless traceability across two boundaries so that you have end to end traceability with best of class solutions. On the top right here, this is again where Jama Connect comes in. Jama Connect also supports you with test management activities so that you have end to end traceability from your requirements all the way to your test cases and test results. Jama Connect doesn’t end there because Jama Connect provides you with reuse capabilities that allows you to build the next version by using branching and merging of variant management so that you can easily manage multiple variants and take advantage of the good work that you already did.

The next question is how do you actually apply that in practice? This requires a paradigm shift. This is visualized on the left-hand side here by depicting the traditional systems engineering approach, which tends to be document based, which you can see here with example outlines from the corresponding RS standard. Now, we haven’t worked with documents in systems engineering for a while. There are tools around for requirements management. Yet, if you look at all the generation of requirements tools, that still has a very strong document feel to it. In Jama Connect we really switch away from that and go to an item-based mindset where you have fine grade traceability. Obviously, to really understand on a fine grade level what the impact of change is, where you have gaps in your coverage, and so forth.

Here you see you simply find relationship model that shows you how you can connect to various items. For example, you can have themes and epics, which are terms from the ancient world, but still mixed it up with things like product concept and system architecture, which are more traditional systems engineering. If we have a look at that, then you get something like this. This relationship diagram has been actually taken directly from Jama Connect so you can flexibly adapt it there. The arrows indicate the traceability capabilities. For example, you that epics and user stories are connected. Jama Connect will tell you if you have a gap between your epic and your user story. You can find gaps in your coverage. Jama Connect helps you with impact and change management. If you change the epic, then all the connected user stories and validation test cases will be marked as suspect. There are a number of other features, roles, workflows, templates. A number of capabilities that really allow you to have repeat iterations following the traditional systems engineering process but with an agile mindset. We have customers from many different industries. Just to provide you with one example, one of our customers from the avionics industry used Jama Connect in a lot of areas. Just to pick up one metric, they managed to increase the speed of resolving issues by 30% by using what Jama Connect provides you with.

Francois Xavier Dormoy: Yes, the topic is how we can make this synchronization and how we can integrate both SCADE models, and these requirements, and these traceability. In fact, we have in SCADE and in all SCADE tools, we have a gateway. A gateway to requirement management tool, like Jama Connect. For instance, in Jama Connect, of course, you will be able to create requirements, to manage requirements, manage traceability links. You can create links. You can see all the traceability. You can perform your impact analysis. You can generate matrices, etc. All these, of course, will be done in Jama Connect and you will use SCADE for design, for the architecture, for the testing, etc.

What we allow in this gateway is for people designing to have a look at the requirements. We have a way to import in SCADE requirements and we have a way in SCADE to create links between SCADE elements, SCADE artifacts, and any requirements. These links will not be stored in SCADE. They will be stored in Jama Connect. We have the six portraiture in order to export back to Jama SCADE artifacts together with traceability.

To learn more about how Jama Connect for Automotive can help your team simplify compliance, streamline development, and speed time to market, download our solution overview.

DOWNLOAD NOW

In today’s competitive market, automobile makers are racing to define the future of transportation. And given the complexity of modern, connected automobiles, it’s imperative that vehicle safety is adequately accounted for in the product development process.

Plus, as vehicles become more complex — e.g. autonomous driving and connected systems — so too are the standards for emissions, fuel economy, functional safety, cybersecurity, and system designs.

That’s why we’ve partnered with LHP Engineering Solutions (LHP) to ensure our visionary clients comply with all relevant functional safety and cybersecurity standards — like ISO 26262 and SAE J3061 — by seamlessly integrating compliance into the product development process.

Founded in 2001 with the mission to make safer products, LHP provides a variety of engineering services and products to assist customers in speeding up their product development cycles and solving product design and testing issues.

We recently spoke with the LHP team to talk about modern challenges in complex product development, and how this new partnership between LHP and Jama Software can help. Let’s dive into what customers can gain from this partnership:

Jama Software: Can you give us a rundown of the state of the automotive industry? How is it different than 10 years ago?

LHP: The next generation of automobiles are increasingly incorporating modern electronic technologies, from on-board diagnostics to engine controllers to infotainment systems to driver assist systems. As technology advances, the trend is to partially/fully automate vehicles. While some new features are entertainment- and convenience-based, the trend for autonomous vehicles is, to a large extent, functional safety related. The end goal is to reduce the number of deaths on public roadways by providing vehicles with the ability to recognize and avoid hazards or security threats.

Safety and security are the two biggest barriers to innovation and we’re helping companies overcome those barriers. The biggest reason why we don’t see self-driving cars everywhere is because, before that happens, we must prove that they’re not going to harm people, that they’re safe, and that the software can’t be compromised and used for unintended usage.

JS: What are some of the biggest challenges facing product development teams in the automotive industry today?

LHP: Compliance to ISO 26262 and SAE J3061 involves a change in culture that is difficult for established product development teams to implement. Part of this change means looking at the product(s) being developed differently, and part is a change in infrastructure to better control the product development lifecycle and the development artifacts.

Learn more about ISO 26262 and automotive electronics development.

JS: How does leveraging the partnership between LHP and Jama Software help customers when it comes to overall functional safety as well as complying with ISO 26262?

LHP: ISO 26262 complements good systems engineering practices by requiring that hardware and software safety concerns be addressed and documented in a systematic way throughout the product development lifecycle. In the past, safety design was considered part of general requirements activity. But merely identifying and tracing requirements in the software and hardware designs is not enough. The common practice of hardware and software teams working in silos will not guarantee the level of safety coverage required by ISO 26262.

Part of LHPs offering is development of data, infrastructure consultation, and process optimization. Now, thanks to our partnership with the Jama team, we can implement proper functional safety workflows in Jama Connect, with templates to facilitate the creation of data. Additionally, Jama Software customers in the automotive industry who have questions and concerns about how to use Jama Connect to support a safety lifecycle can tap into LHPs extensive knowledge and experience in functional safety and ISO 26262.

In order to demonstrate compliance with ISO 26262, you must have the ability to manage safety requirements, including traceability. Typically, our respective customers would need to address functional safety and requirements management separately. Working together, LHP and Jama Software can address both sets of concerns in concert.

Learn how Jama Software worked with TÜV SÜD on our ISO 26262 certification process, and how you can lower the costs and risks of complying with functional safety standards, by watching our webinar.

JS: What does LHP bring to the table that other requirements management platforms might not have access to?

LHP: What makes us better and unique compared to a lot of the other organizations is our wealth of knowledge. Our functional safety team actually came out of the aerospace industry with multiple decades of experience implementing safety-critical systems. The experience that they bring with them has time and time again proven to make us stand above the rest.

Just like Jama, LHP excels at custom integrations and tailoring flexible solutions for our customers. At LHP, we consult on and implement the latest automotive industry practices to ensure vehicle systems are safe, reliable, and secure. Customers come to LHP for our deep knowledge in embedded controls, integration support, and overall implementation of functional safety and cybersecurity processes.

Proving compliance with functional safety and cybersecurity standards like ISO 26262 and SAE J3061 requires a harmonious balance of processes, people, and tools. And together with LHP Engineering Solutions, Jama Software is helping automotive companies safely and confidently bring the future of transportation to market.

To learn more about how to maintain compliance with automotive functional safety standards and how to avoid common ISO 26262 mistakes, download our whitepaper, “Top 15 ISO 26262 Snafus.”

Automakers continue to look toward the bright future of autonomous vehicles, but some are perhaps rightfully prioritizing safety over expediency.

GM originally planned to roll out thousands of self-driving electric cars this year through its subsidiary Cruise Automation. Those plans have been pushed out, however, as the company pursues further testing.

And while autonomous vehicle developers continue to put functional safety at the forefront of development, major players are also acknowledging that the public’s perception of the safety of driverless vehicles is critical. Recently, Waymo and AAA partnered to educate young people on the safety advantages of self-driving technology through its “Let’s Talk Self-Driving” program.

Meanwhile, ride-sharing companies Uber and Lyft continue to gradually roll out test vehicles in certain markets. Uber plans to begin testing self-driving cars in Dallas, Texas, in early November 2019, and Waymo intends to make up to ten Chrysler Pacifica self-driving cars available to Lyft users in Phoenix, Arizona.

One exception in the shift in the autonomous vehicle marketplace is Tesla. CEO Elon Musk continues to predict the arrival of full Level 5 automation by the end of 2020, but he’s never been one to fear going out on a limb.

Learn how Jama Software worked with TÜV SÜD on our ISO 26262 certification process, and how you can lower the costs and risks of complying with functional safety standards, by watching our webinar.

Autonomous Vehicle Technology Moving Freight

With 71% of US freight moved by truck and a persistent shortage of drivers, many in the trucking industry look forward to at least Level 2 and Level 3 technology improvements. Many Level 2 and Level 3 technologies simply improve features such as automated braking and lane guidance.

Increased automation could also mean greater efficiency. Truck drivers might be able to operate trucks for a longer period of time, and trucking companies can eventually save fuel and driver costs by “platooning” autonomous trucks

While questions still abound regarding the potential for autonomous vehicle technology impacting the job market for truck drivers, many in the industry welcome the coming automation. With a predicted driver shortage of up to 175,000 drivers by 2026, autonomous vehicle technology could help take the pressure off of a short-staffed industry.

Currently, Daimler, Tesla, and Volvo all have AV trucks and prototypes in development.

Learn more about ISO 26262 and automotive electronics development.

Other Applications of Autonomous Vehicle Technology

Even if fully automated, Level 5 autonomous vehicles are still some time away from deployment across the general population, autonomous vehicle technology is still advancing on a smaller scale.

Refraction AI, a Michigan start-up, aims to make food delivery services automatic with its three-wheeled REV-1 vehicle. The 4-foot tall, 32-inch wide robot is designed to operate in a bike lane at maximum speeds of about 12 mph.

Another startup, Starship Technologies, recently announced plans to expand its autonomous delivery service for food and groceries to 100 college campuses over the next two years.

Private sites show great promise for the growth of the autonomous vehicle industry. Planned communities, university campuses, and industrial and government sites have significant advantages for autonomous vehicle technology. The sites are smaller and easier to map and offer lower traffic densities and speed limits, making autonomous vehicle technology inherently safer.

Read our white paper about how one Fortune 100 semiconductor company is meeting the challenges of autonomous vehicle software safety with a compliance-ready solution that streamlines the development of products that adhere to relevant functional safety standards. Download: “Driving Compliance with Functional Safety Standards.”

This post on the pains of compliance is part of a series. You can find Part II on legacy software pains here, Part III on enabling innovation here, Part V on moving from DOORS to Jama Connect here, and Part VI on migration solutions here.

As the devices around us become increasingly powerful, their ability to harm us may be increasing as well. And while the majority of connected devices and products are safe, there are recent headlines that reinforce the importance of compliance audits and properly managing risk.

Recently, a hacker remotely killed the engine of a car while a motorist unknowingly drove down the highway. Another recent example happened to Toyota, when mistakes during development caused failing brakes and random accelerations, resulting in the automobile maker recalling almost two million cars.

But in spite of dramatic incidents like these, today’s products are remarkably reliable. We generally feel safe stepping into a plane or taking a ride in our car. We feel safe, because those in the automotive and aerospace industries must prove compliance with industry standards and regulations that ensure their products adhere to high safety standards.

Regulatory Compliance is Good for Business

Even though corners are sometimes cut, most companies recognize that compliance is essential in the long run. While the ethical argument is a no-brainer, compliance with regulatory standards also enables customer confidence, boosts quality, and motivates employees.

Compliance audits are based on standards like ISO 26262 for automotive developers or DO178B/C for aeronautics. These have been around for decades and have helped shape the design of countless safe products. Many of these standards are based on IEC 61508, which conceptually describes best practices that lead to safe systems.

Regardless of whether you are developing a car component or nuclear reactor, there are certain capabilities that your development process must exhibit in order to pass a compliance audit. In this day and age, it is next to impossible to do this without the support of quality solutions. Selecting the right product development solution will help you:

Prove complete traceability throughout every step of the development process
Standardize best practices, ideally with automated compliance reporting
Visualize and effectively manage the impact of changes
Support your product schedule and ensure that it is not compromised by quality and compliance requirements
Act as your single source of truth for risk, test, and requirements

Learn more about requirements traceability by downloading our eBook, “The Jama Software Guide to Requirements Traceability.”

Complex Product Development Demands More than Legacy Requirements Management Tools

IBM® DOORS® (IBM Engineering Requirements Management – DOORS Family) was an amazing tool – when it was originally published in 1991, almost 30 years ago. A new product was developed from scratch, called DOORS Next (IBM Engineering Requirements Management – DOORS Next) and released to the market in 2012^1. Yet many users of DOORS hesitate to switch. This is because instead of an easy transition to DOORS’ new product, there is a lengthy migration to DOORS Next required that’s usually very costly.

DOORS has many capabilities for working in regulated industries, but the limitations far outweigh the benefits. It does not deal well with increasing complexity or the need for collaboration and seamless integration in existing tool ecosystems. Let’s have a look at some of the limitations of DOORS:

Traceability: DOORS has powerful traceability capabilities, but they are hidden behind a cumbersome interface. This leads to outdated traces. Users find traceability maintenance to be difficult with DOORS, and sometimes traces are created “after the fact” for compliance audits and nothing else. This is a missed opportunity, as an up to date, easy-to-use traceability matrix creates transparency and confidence when reacting to change. Traceability is also an enabler for agility.
Change Management: The traceability of DOORS does support change management, e.g. via suspect links in principle. Unfortunately, this information is hidden and hard to put to use. Compare that to the actionable traceability of Jama Connect™, which proactively points out issues in the traceability matrix and suggests how to fix them.
Compliance Reporting: DOORS allows you to report on virtually everything – but almost everything requires scripting with its proprietary scripting language, DXL. Unless you have a responsive programmer on your team, you will have a hard time getting the information you need.
Best Practices: Every “module” (document) in DOORS has its own fields, and without an in-house expert, users sometimes find themselves with little guidance on how to use the tool. This results in inconsistencies, which in turn result in confusion and lack of transparency. Consider two “system specifications” with inconsistent values for “priority.” Likewise, standardized workflows guide users through their daily work. In DOORS, you need a programmer to provide this functionality.
Collaboration: Collaboration is the foundation for high-quality product development and a foundation for compliance, which requires transparency and managerial oversight. But when Rational DOORS was released, the Word Wide Web was just two years old. Initially, no collaboration capabilities existed at all.
Single Source of Truth: DOORS provides you with a single source of the truth – as long as the truth resides in DOORS. In 1991, nobody was thinking about integrating various tools into a seamless tool chain. And therefore, DOORS is an isolated silo. Due to the complexity of the user interface, often stakeholders refuse to take a peek into that silo.

See how IBM DOORS customers can migration to Jama Connect by viewing our datasheet.

What about DOORS Next?

The only thing DOORS Next shares with the DOORS solution is the name. Otherwise, it’s newly developed software. This means that the raw requirements data can be migrated, but this is possible with virtually all requirements solutions on the market. The customizations that were done to DOORS cannot be migrated. This means that users who want to switch away from DOORS are not constrained by a particularly attractive migration path.

Whether you migrate from DOORS to DOORS Next or to Jama Connect, the effort is the same. And that allows you to compare the capabilities of solutions on the market without having to worry about the migration path: It will take some effort, no matter which solution you choose.

Leaving Legacy RM Solutions in the Past

We at Jama Software acknowledge everything that legacy RM solutions have done in the past for the discipline of requirements management and requirements engineering. But after almost 30 years, it’s time to reinvent modern requirements management.

In particular, the demands for compliance for today’s complex products can no longer be satisfied by legacy RM tools. Transparency, collaboration, best practices, and oversight – all these were non-issues in 1991 when legacy RM solutions were built.

If you are in an organization that uses a legacy RM solution, it is time to assess if it’s up to the challenges ahead and you have a choice of many modern requirements management solutions on the market.

See how Jama Connect can transform your requirements management process for legacy software customers in our whitepaper, “Jama Connect: A Modern Requirements Management Alternative to IBM DOORS.”

*IBM® and DOORS® are registered trademarks of IBM Corporation.

¹ IBM United States Software Announcement 212-505, dated November 27, 2012

Welcome to the grassroots demo hit list of the worst tools
TrustRadius: IBM Rational Next Generation Reviews
Trustradius: IBM Rational DOORS Reviews
TrustRadius Announces the Top Rated Application Lifecycle Management (ALM) Tools for 2019
Gartner, Refreshed 20 June 2019, Published 18 January 2018 – ID G00344837 , Use Continuous Modernization to Build Digital Platforms From Legacy Application

Companies in regulated industries often struggle to get the functional safety team involved at the right stage of the development process.

When building complex products that must adhere to standards such as ISO 26262, IEC 61508, or DO-178C, for instance, too often the functional safety team gets looped in after the system is already designed and development has begun. And, by that point, it’s too late.

Real-World Implications

Imagine a company that uses Word documents to house multiple test cases defined using ID strings to refer to other artifacts like design or requirements.

When it comes time to review the test cases or adapt to changes in design, think of all the agonizing time the functional safety team will waste manually going through the list. Then consider the increased risk and quality issues should something being missed.

Time for Change

We’re at a pivotal point in defining when and where the functional safety team fits in a modern systems development process.

In a recent webinar, Jan Mauersberger, Lead Software Architect with our partner ANSYS, described the four roles of the functional safety team, as well as the negative effects of integrating the functional safety team too late in the development process:

Risk Assessments

This is done in order to know the criticality of failures in the system. The risk assessment results may imply more testing or development effort, and can have a big impact on both the timeline and cost of the project. Logically, the earlier this can take place, the better.

Safety Concepts

Typically, not a one-and-done solution, a safety analysis needs iterations and refinement – which may affect the design several times. The results of a safety analysis have to be visible early in order to react to the required changes.

Reliability Engineering

Dynamic formulas — based on industry standards and handbooks — calculate reliability data and have to be quickly adapted. If the functional safety team does not know of a change in design, for example, it can cause a lot of manual work.

Safety Management

The functional safety team has to compile and sign off on the safety case, and they are responsible for the product. Involvement and traceability from start to finish is essential for eliminating issues in safety, development and testing.

A Modern Approach

Today’s processes are iterative, with modifications introduced later and later. That’s why it’s recommended – and why most safety standards demand – that safety management and engineering start at the beginning of the development process.

The functional safety team can then mitigate issues early and stay connected throughout. It’s also critical that the team’s tools integrate with other solutions in the development process – without that, traceability is near impossible.

To learn more about the challenges of modern systems development in a regulated environment, watch our webinar with ANSYS. Plus, you’ll find out how the integration of Jama Connect and ANSYS medini analyze can help address these issues.

Smart, Internet-connected devices don’t always get the design attention they need. As a result, they may be difficult to use and lack security, and it will be hard to get different manufacturers’ devices to work together. When industry uses these devices, the problems turn into unnecessary costs and lower productivity. Leading thinkers are looking at ways to set design standards for the IIoT (Industrial Internet of Things). The aim is better and more interoperable products.

A model-based approach

In an EE Times article, “The Problem with IIoT Design,” Rich Quinnell argues that “IoT designs are all too often piecemeal and rushed to market.” He supports an approach based on “a model-based system of systems.” A single device is just one part of the system, and the overall system is often too complex to grasp directly in full.

Model-based systems engineering provides a method of abstraction which rigorously defines how the pieces fit together. Designers can consider the model separately from the implementation. Each device will comply with the abstract design, so other devices can interact with it in a standardized way. The Industrial Internet Consortium (IIT) is working toward an interoperable IIoT architecture.

Bringing industrial groups together

Three industrial groups, OPC Foundation, OMAC, and PLCopen, have begun working together to reconcile the standards they’ve developed and allow greater interoperability. They plan to fit their efforts together with the IIC’s planned architecture. The OPC UA (unified architecture) is a protocol designed for cross-platform communication based on a service-oriented architecture. It includes both binary and web service protocol definitions. APIs are available in several programming languages.

Standardization promotes innovation

In “The Road to IIoT: What Can We Learn from Other Industries?” John Fryer calls for a standards-based approach. He argues that proprietary standards drive up costs and limit businesses to a single vendor. Using a standards-based infrastructure encourages innovation and makes upgrades easier.

Businesses often equate connectivity with risk, and certainly opening more connections opens more avenues of attack. The IIoT is all about connectivity, though. It’s necessary to work with it and make connections both easy and secure. Fryer advocates “distributed intelligence,” combining all available information gathered from the devices to optimize production and detect potential and actual failures.

Loss of data can be expensive. Fryer stresses fault tolerance, so that a failure at any point doesn’t cascade into a serious break in gathering information. A distributed architecture, rather than dependence on a single server, increases fault tolerance.

Security standards

Security has been an ongoing and embarrassing problem for the IoT. The IIT has published an Industrial Internet Security Framework report. It observes that the design of many industrial devices dates from the days when connectivity was very limited. These designs, brought over into large computer networks, carry risks that the designers never anticipated. Because the devices carry out physical tasks, a data breach could have serious physical consequences. A misbehaving device could trigger a serious industrial accident.

The report states that IIoT security needs to consider both information technology (IT) and operational technology (OT). Safety, in the physical sense, isn’t a major concern in IT, but it’s vital in OT. The framework described doesn’t call for specific technologies but defines a set of layers for building security. The emphasis is on endpoint protection, including physical security, identity, integrity, access control, data protection, and secure configuration and management.

Final thoughts

The development of standards is often a difficult process, as stakeholders each defend their own preferred approaches. It falls upon the product management function to facilitate the dynamic connection between information needed by system engineers using MBSE, evolving standards, and security risk coverage. These three areas can pull a PM in multiple directions and requires careful management. Over time, though, we can expect a consensus to develop, simply because it’s inefficient for each manufacturer’s products to work differently and not talk to the others. With growing adoption of standards, we should see more interoperability, lower costs, better security, and greater productivity.

As a provider of a modern, connected Product Management platform , we at Jama are actively developing technologies and best practices to meet this challenge. Successfully keeping engineering teams on track and tuned into the latest information related to IIoT standards will drive efficiency and cut down risk of defects dramatically.

http://jamasoftware-1.wistia.com/medias/s85m28t52u?embedType=async&seo=false&videoFoam=true&videoWidth=640

The work of defining and developing products for industries that require demonstration of regulatory safety and security compliance – like DO-178, DO-254, or ISO 14508 – can feel like a burden, but it doesn’t have to! Jama is created for companies developing products with multiple safety-critical, complex subsystems requiring engineering expertise across systems, electrical, mechanical, and software.

This is an overview video of how an aerospace company might use Jama for developing a new variant on a tactical control system for an UAV product. This video shows how Jama can increase confidence that a product will meet regulatory safety and security compliance while reducing design and review cycle times and making it easier for the DER to audit your work.

To start a Free Trial of Jama, click HERE.