managing a secure requirements engineering flow within a
TRANSCRIPT
Test and Verification Solutions
Managing a secure requirements
engineering flow
within a complex product family
environment
in order to attain ISO26262 compliance
Delivering Tailored Solutions for
Hardware Verification and Software Testing
Presentation to Verification Futures February 2016
Copyright TVS Limited | Private & Confidential | Page 2
Requirements Engineering
“Systematic and disciplined approach to the specification and management of requirements”
• Elicitation
• Validation and Negotiation
• Documentation
4
• Management
Copyright TVS Limited | Private & Confidential | Page 3
Elicitation
What • Requirement
“Statement of need, clearly and accurately stated”
• Types of requirements
“Functional requirement”
“Non-Functional Requirement”
Who • Stakeholders
• Identification
• Responsibilities
• Requirement Engineers
Copyright TVS Limited | Private & Confidential | Page 4
Validation and Negotiation
Requirements Quality Gateway • Review or Tool, boilerplates or modelling • Constraints and conflicts identified, negotiated and incorporated
DIA – Development Interface Agreement • Determines which work products delivered by which partner
• HARA Hazard Analysis and Risk Assessment decides which level of Safety
Communication • ReqIF proposes use of “HIS Exchange Process for Requirements” • Loss
• Complete set of data at both IF’s Tier 1 OEM etc-
• Data Integrity • Data correct at both IF’s Tier 1 OEM etc-> corruption, metadata, hierarchy, ontologies
• Security • Malicious or accidental data loss, corruption or theft
• Safety • Proof of Safety Culture and adherence from supplier to customer
Copyright TVS Limited | Private & Confidential | Page 5
Documenting the Requirements
Natural Language • Discipline, Training, ontologies
MBSE • Tools, Training, Common understanding (ontologies)
Semi-formal notation • Highly recommended but not defined in the standard*
Configuration management • Tools, Discipline, Process, Variability management
Change management • Tools, Discipline, Process, Variability management
Copyright TVS Limited | Private & Confidential | Page 6
Requirements Tracing
Join the Dots …. Simple!
Figure : Typical Requirements Tree
Copyright TVS Limited | Private & Confidential | Page 7
Management of product Family
Orthogonal data view
Figure : Typical Requirements Tree Figure : Typical Requirements Tree
Copyright TVS Limited | Private & Confidential | Page 9
Tooling ecoSystem
Copyright T&VS 2015. All rights reserved.
Change
management
Requirement
management
Requirement
Quality
management
Interoperability
Standards Configuration
management
Middleware
SW test tools HW test tools
Copyright TVS Limited | Private & Confidential | Page 10
Tool Choice Considerations
Complete ALM/PLM tools most effective and suited • May not consider all the domains required • May require some manual intervention • Data translation/movement may not suit secure solutions
Correct tool for the job • Different tool solutions suit different domains or work environments • Support of other tooling being used (at least no conflict)
Legacy tooling • Expensive to move • Extensive tailoring • Also expensive to stick together existing solutions
Costing • Multiple tools are expensive • Many ALM solutions have hidden extra costs • May be high on resource overheads to maintain or use tooling
Overkill • Don’t buy tools that have extras that you don’t use or need • If its small use Excel and good discipline and process!
Copyright TVS Limited | Private & Confidential | Page 11
Process
Requirements Database
Variant x
xml
Variant x
Target Spec
Change
management
Refine
Refine
Variant x
Copyright TVS Limited | Private & Confidential | Page 12
Auditability – Proving its been implemented
Requirements, need to be mapped to test and test to results
Copyright TVS Limited | Private & Confidential | Page 13
MetaData
Ensure all the information gathered is reproducible
Copyright TVS Limited | Private & Confidential | Page 14
Variant management
Reusability and management