This series of articles presents an in-depth look at the challenges facing the rapid advance of mechatronics in the automotive industry, and discusses business best practices gleaned from our customers successfully using Polarion solutions to meet the challenges.
Part 1 was an overview of the challenges. Part 2 looked at effective real-time collaboration strategies. Part 3 discussed the strategy of proactive protection of quality and functional safety. Part 4 looked at the strategy of rapid response to defects after market introduction. This fifth article continues the discussion of strategies.
Smooth Compliance with Automotive Standards
Electronics technology not only helps differentiation, but has become indispensable to ensuring reliability. In fact, as the code size of software for microcomputer control continues to expand, ensuring its reliability has become a crucial matter. In addition, car manufacturers utilize hundreds of suppliers to develop the various components that go into a car.
Each of these components must pass stringent audits regarding compliance with processes such as Automotive SPICE and CMMI, as well as safety standards like ISO 26262 and MISRA.
The underlying software developed by diverse specialized companies and then incorporated into the development chain in different stages by the manufacturer sheds light on the increasing importance of standards. Growing regulatory environments, higher business complexity and increased focus on accountability have led enterprises to pursue a broad range of governance, risk and compliance initiatives across their organizations.
But these initiatives tend to be dangerously uncoordinated in an era where risks are interdependent and controls are shared. When initiatives get planned and managed in silos and sometimes in parallel, they increase the overall business risk, while the duplication of efforts can cause costs to spiral out of control.
To put things in context, Governance, Risk, and Compliance processes have the ability to help coordinate and integrate initiatives and manage them more successfully through control, definition, enforcement, and monitoring:
Governance is the oversight role and the process by which companies manage and mitigate business risks.
Risk Management enables the evaluation of relevant business and regulatory risks and controls, and monitors mitigation actions in a structured, fully documented manner.
Compliance ensures that an organization has the processes and internal controls to meet the requirements imposed by governmental bodies, regulators, industry mandates and internal policies.
Polarion’s ISO 26262 / IEC 61508 qualification by TÜV NORD, mentioned in Part 3 of this series, makes it easy for customers to demonstrate that they can reliably implement and replicate the processes, and meet the functional safety requirements of ISO 26262. Additionally, Polarion’s integrated workflows, with automated control mechanisms, help customers demonstrate that steps cannot be missed or bypassed even at “crunch time”. Indeed, customers report that they have been able to pass audits and regulatory inspections smoothly due to their use of workflow control as well as the comprehensive artifact history, which removes headaches usually associated with compliance documentation.
Customers and auditors alike appreciate the automated tracking of every change via the configuration management system, which records a complete audit trail of who did what, when and why, which in turn makes it easy to pull the information as a report for compliance documentation. Beyond this critical role, a wide range of reports provide real-time insight into the state of projects and increase release predictability at any moment in time. Teams can choose from a range of ready-made versions as well as quickly establish their own, plus browse and report on any historical baseline state via the Polarion TimeMachine™.
All in all, Polarion has proven to be a powerful tool for the highly regulated automotive industry as it enables the automation of Verification and Validation (V&V) of products and systems over their full lifecycle via comprehensive traceability, forensic level accountability, enforcement of electronic signatures, and real-time reporting. This ensures that no requirement goes unapproved and untested, no test goes unexecuted, and no risk goes unmitigated.
"Polarion's ISO 26262 qualification is saving us a great deal of effort and cost in our own qualification process. We leverage Polarion's ALM solution across our complete development lifecycle for requirements tracking, release packaging, test results, and full traceability coverage for vehicle hazards ISO 26262."
— Maria Eugenia Zuniga, Quantum Technologies