Automotive Embedded Systems Development

ALM for Automotive Software Development

Compliance with ISO 26262, IEC 61508 Automotive SPICE, CMMI and more

solutions-automotive Automotive Embedded Systems Development

Automotive embedded devices and software developers today have to cope with the increasing complexity of their products, and that of the entire development lifecycle. More and more systems and features in road vehicles are reliant on embedded electronics and software. With a new modern car featuring more than 100,000,000 lines of code, the chance of system failures and other hazards (in certain cases leading to recalls in the automotive market) is on the increase, resulting in more and more stringent safety regulations.

In such a highly regulated safety-critical environment, safety and reliability are of vital importance, and are consequently a fundamental concern for developers in the automotive field.

Relevant regulations and guidelines include IEC 61508, ISO 26262, ISO 15504 (SPICE), and CMMI (Capability Maturity Model Integration) for vehicle software and equipment suppliers and OEMs.

These standards in general stipulate:

  • the need for transparency on requirements
  • clear documentation and
  • effective development methods and processes.

codebeamer-TÜV-trusted-tool-certification-336x336 Automotive Embedded Systems Development Intland’s Automotive ISO 26262 Template helps reduce the effort, time, and cost requirements of ensuring all the above, and therefore can greatly simplify compliance with automotive industry regulations and standards. codeBeamer ALM has obtained a “Trusted Tool” Certification for IEC 61508 and Automotive ISO 26262 Compliance by TÜV NORD. This qualification provides assurance that specific features of codeBeamer meet critical functional safety requirements as per the guidelines of the general safety standard IEC 61508, and its derivative ISO 26262 for automotive systems development.

Intland’s Automotive ISO 26262 Template

codeBeamer ALM relies on a single repository and allows you to establish links between all work items throughout the process of development in a convenient manner, providing gapless end-to-end traceability with minimal effort. Its security and process workflow features are designed to comply with regulations and standards defined by regulatory bodies in the automotive industry. Intland’s Automotive ISO 26262 Template leverages the advanced capabilities of codeBeamer ALM throughout the entire development lifecycle to help developers of automotive systems implement mature processes, and thus reach continuous compliance in their development efforts.

automotive-iso26262 Automotive Embedded Systems Development

codeBeamer supports electronic records and electronic signatures, and provides advanced risk management, quality assurance and reporting features. Thus, codeBeamer’s capabilities support compliance with the international standard ISO 26262, adherence to the Automotive SPICE and CMMI models, and overall enable you to develop safety-related embedded systems up to ASIL D or SIL 3.

codeBeamer’s Features for Automotive Development

Automotive Requirements Management

codeBeamer’s requirements trackers are flexibly configurable to store all relevant data (for example ASIL, type, complexity), as well as the complete change history of each item. The system handles the exporting and importing of requirements using ReqIF, and offers a round-trip export-import feature with MS Office (both Excel and Word). This helps ensure data consistency and collaboration between both internal departments and third party suppliers. UML diagrams can be simply imported from Enterprise Architect. Requirements may be saved into libraries for re-use, supporting the management of product variants.

codeBeamer’s integrated architecture & single repository let you manage requirements throughout the lifecycle, with tasks, risks and test cases derived from them, all the while maintaining gapless end-to-end traceability.Functional safety requirements (both hardware and software) may be derived from your safety goals. Compliance audits are further facilitated by the Traceability Browser, which allows you to simply visualize, and easily pull & export traceability reports. Workflows (with optional conditions and e-signatures) may be used to ensure process enforcement and security (access control). codeBeamer’s Automotive Template comes with preconfigured workflows & connections to other work items.

Automotive Software Development & Release Management

In codeBeamer, the process of software development is fully integrated in the lifecycle, so complete traceability between requirements, tasks, source code, test cases and releases is maintained. Release management lets you plan and manage all activities (with time and effort estimates) and releases (milestones, versions), and allows you to monitor the performance of separate development streams and individual releases. Release management, as well as codeBeamer’s entire feature set, is process agnostic, meaning that whether you decide to use the Waterfall (or V-Model) method, Agile, a Hybrid (Agile-Waterfall) approach, or a combination of these, codeBeamer can aptly support and streamline your processes.

Hazard Management & Failure Mode and Effects Analysis (FMEA)

codeBeamer’s Automotive Template comes with preconfigured trackers for hazards, risks, failure modes, and safety goals to support ISO 26262 compliance. ASIL values may be added to all hazards, and Risk Priority Numbers (RPNs) of failure modes will be automatically calculated to help risk prioritization.

codeBeamer’s FMEA Template comes with a comprehensive guide to conducting FMEA, and can be used to simply identify, define, and control the mitigation / reduction of potential risks. Traceability between requirements, risks, test cases, and safety goals is maintained, and Risk Matrix Diagrams help visualize your risk levels before and after mitigation/reduction actions. An exportable FMEA Worksheet helps you present your risk management lifecycle.

Security Features, Advanced Workflows

Our ALM solution supports role and member-based permissions, letting you control and restrict access to certain types of work items, or even individual artifacts. Using codeBeamer’s advanced workflow configuration options, you can add steps to require authorization (e-signatures), letting you define safety-related approval workflows.

By default, codeBeamer comes with a predefined hazard workflow out of the box that will help you identify and classify hazards (determine their ASIL), and achieve safety goals by planning and executing actions for the control and mitigation of hazards (with predefined links to other work items). This workflow may be flexibly customized to suit your internal processes, and codeBeamer also lets you create complex workflows tailored to your needs.

Automotive Quality Assurance & Testing

Test Management in codeBeamer enables the manual capturing of test cases and test sets, and saving these to test libraries for reuse (facilitating variants management). During test execution, defects can be created and linked. Automated testing is available via codeBeamer’s Jenkins integration. Parametrized testing is supported, and test cases may be run on different hardware and software configurations. Test results and metrics may be simply exported.

Change Management

codeBeamer supports integrated change management, providing the following benefits:

  • Collecting, managing and tracking change requests
  • Linking change requests to their related requirements
  • Suspect management which assists in propagating changes
  • Plan changes along with requirements to releases
  • Effort estimation and time tracking
  • Release readiness visualization and work assignment
Configuration Management

codeBeamer supports various configuration management systems such as CVS, Subversion, Git and Mercurial. In addition to the out-of-the-box functionality of these version control systems, codeBeamers providesrepository management and access control plus traceability of code changes. When using Git for example, distributed source code development is supported by specific workflows.

Most important for ISO 26262 is the feature to relate defects, change requests or tasks to source code changes when committing source code into the repository. Issue relation can be enforced upon commit so no uncontrolled changes occur on the software level and the traceability between processes and development is guaranteed.

Audit Preparation, Wiki & Reporting, Document Management

To help you prepare for ISO 26262 compliance audits, codeBeamer provides various reporting options. Results/screens of the flexible Traceability Browser may be exported, along with those of the Test Coverage Browserwhich helps ensure the complete coverage of requirements with test cases. Flexible Wiki plugins allow you to create custom reports, and a preconfigured ‘Hazard by ASIL’ report is also available, showing hazards sorted by their assigned ASIL levels. Associations between hazards, safety goals and requirements can be displayed in matrices and conveniently exported. Risk Matrixes showing associations and the general risk level are also available.

codeBeamer’s Documents Management functionality offers a platform to support collaboration across teams and departments, providing a single source of truth as well as full change history on all documents. Access rules and dependencies are respected and versioning on all issues is taking place automatically in the background, so traceability into the past is guaranteed as well.


Baselines in codeBeamer are actually lightweight snapshots of the current state of all your artifacts. You can select individual trackers or items to create baselines of. Baselines cover wiki pages, documents, comments, images, attachments etc. and may be compared with each other any time to see what has been changed.

Challenges of Standards Compliance in Automotive Development

As mentioned above, due to the critical importance of safety and reliability in road vehicles, the development of automotive-related end products is subject to stringent regulations. A rapid growth in the use of electrical, electronic and programmable safety-related systems in passenger cars has also propelled the need for safety standards. One of the most important standards is ISO 26262, defining functional safety guidelines for automotive safety systems.

That said, companies and development teams have to understand and meet the requirements of several other standards including IEC 61508 (Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems), Automotive SPICE and CMMI.

Car manufacturers have to face the problem of managing large networks of dispersed manufacturing facilities, and vetting OEM suppliers, who themselves must vet their own suppliers. Ensuring that partners and suppliers are capable to meet the standards reduces risk and improves quality, shortening the development cycle and time to market.

Automotive Project Management & Reporting

automotive-figure-1 Automotive Embedded Systems Development

Overview of Related Standards

ISO 26262 (Road vehicles – Functional safety)

ISO 26262 is an adaption of IEC 61508 for the automotive industry (more specifically, for automotive electric/electronic systems). Titled ‘Road vehicles – Functional safety’, this standard covers the entire lifecycle of all E/E safety-related systems in the automotive industry, from requirements and design through implementation, integration, configuration, validation and verification. In addition to requirements for individual products, it also defines requirements for safety management for the entire organization.

ISO 26262 is a risk-based standard standard that aims to define measures to avoid or control system failures, and to detect or mitigate the effects of random failures. The standard describes a safety lifecycle for automotive products, affecting the functional safety-aspects of all phases of the lifecycle, but supports the tailoring of processes to individual needs to fulfil its requirements. A major part of ISO 26262 is the process that helps determine risk classes or ASILs (Automotive Safety Integrity Levels), and the necessary safety measures to reach an acceptable risk level.

codeBeamer’s Automotive Template supports compliance with ISO 26262 through its predefined artifacts, workflows, risk-related features, etc. and a comprehensive guide on ISO 26262. The template allows you to define and interlink hazards, risks, safety goals, requirements, tasks, test cases, etc. with full traceability maintained throughout the lifecycle. codeBeamer’s automotive-related trackers and workflows allow you to assign ASILs to each hazard, and to define safety requirements based on safety goals. Various (customizable) reports are available to support compliance audits.

IEC 61508 (Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems)

As the parent standard of ISO 26262 and a number of other standards, IEC 61508 is a general functional safety standard that is widely applied in various industry sectors. Several other sector-specific standards have been derived from the “umbrella” standard IEC 61508, such as:

  • ISO 26262 – Automotive industry
  • IEC 62279 – Railway applications
  • IEC 61511 – Process industry / manufacturing processes
  • IEC 61513 – Nuclear power plants
  • IEC 62061 – Machinery system design

IEC 61508 employs a risk-based approach to safety-related system design, and specifies a safety lifecycle encompassing the analysis, realization and operation phases. The safety lifecycle set out by the standard begins with hazard and risk analysis. Once the likelihood and the consequence factors of risks have been determined, the risks are added to the risk class matrix. In this matrix, four classes are defined, from unacceptable risks (I) to risks that are acceptable but may need to be monitored (IV). Then, IEC 61508 defines four Safety Integrity Levels (SILs) with each level representing a more stringent degree of safety regulations.

codeBeamer’s advanced capabilities enable you to develop safety-related systems up to SIL 3. Its relevant ALM features that support compliance with IEC 61508 include:

  • gapless end-to-end traceability across the phases of requirements management, development management, and QA & test management
  • wikis, document management and reporting features
  • security and access control, advanced workflows with optional e-signatures for process enforcement
  • change management & baselining of all artifacts
  • highly customizable data structure, flexibly configurable artifacts, workflows, filtering options, etc.
Automotive SPICE (Software Process Improvement and Capability Determination)

As a derivative of the SPICE maturity model (ISO/IEC 15504), Automotive SPICE enables organizations within the automotive industry to assess and evaluate the suitability of themselves or their business partners and suppliers against a set of industry best practices. It’s a set of technical documents that guide software development processes, while also applying to relevant business management functions, basically making safety and reliability an organization-wide priority.

Based on these aspects, assessed businesses (processes) can reach capability maturity levels between 0 and 5 using the Process Assessment Model (PAM). Reaching the highest capability maturity level means that the company (process) shows evidence of a complete and systemic approach to, and full achievement of, the defined process attribute in the assessed process”, as well as implements innovation to further optimize processes.

With the latest release of Automotive SPICE v3 in July 2015, PAM is now compliant with the new ISO 330xx series of standards, although the transition period for training and certification will not be completed until 2017. In PAM v3, the emphasis is still on traceability but in addition, it also addresses the issue of consistency when dealing with the traceability matrix in review.

codeBeamer ALM can greatly assist compliance with ISO/IEC 15504 (Automotive SPICE). It contains specific trackers, and features such as the Traceability Browser to help ensure, visualize and prove gapless end-to-end traceability, as well as advanced risk management functionality. Dependencies between items such as requirements, risks and test cases are also recorded. codeBeamer also supports the use of workflows to enforce processes and manage approvals (sign-offs with e-signatures), and offers convenient reporting functionality to facilitate compliance audits.

Capability Maturity Model Integration (CMMI)

Similar to ASPICE, the CMMI model assists businesses in developing or optimizing their working processes that are in line with business goals. Many large companies and government institutions require CMMI for large projects, usually only allowing companies with CMMI (relevant levels) to participate in tenders. From the 5 levels of CMMI, most small companies can qualify for Level 2 and 3 enabling them to participate in tenders once qualified. CMMI measures capability maturity (the higher the maturity level, the lower the risk). Level 5 is especially dedicated for large enterprises. Organizational performance is measured via the Standard CMMI Appraisal Method for Process Improvement (SCAMPI).

The advanced capabilities of codeBeamer ALM can help you achieve CMMI Level 2 compliance. This includes complying with requirements in the following fields:

  • Project Management (Planning, monitoring and control)
  • Requirements Management
  • Change and Configuration Management
  • Issue Management
  • Document Management
  • QA & Test Management

For more information on CMMI, please feel free to download our document titled Achieving Capability Maturity Model Integration (CMMI) – Maturity Level 2.

Related Posts

Related Webinar Recordings