Tag Archive for: Compliance & Regulation

[Webinar Recap] Agile, Compliant, Competitive: Fast-Tracking Consumer Electronics Innovation

Deliver Faster. Stay Compliant. Stay Ahead.

Overcome complexity in consumer electronics development without compromising quality.

In the race to bring innovative consumer electronics to market, even small delays can lead to lost revenue, missed windows, and a shrinking competitive edge. At the same time, fast-changing regulations, global supply chains, and growing demands around cybersecurity, sustainability, and safety are making development more challenging than ever.

In this webinar recap blog, join Jama Software experts Patrick Garman and Yannick Selg for a practical discussion on how to integrate compliance into your development workflow in order to achieve full traceability, streamline variant management, and speed up time to market.

What You’ll Learn

  • Implement compliance as part of a unified workflow for a single source of truth
  • Ensure end-to-end traceability, connecting supply chain inputs to requirements
  • Manage product variants seamlessly with advanced reuse strategies
  • Scale traceability across your entire digital thread for improved alignment

 

Patrick Garman: Hi, everyone, and welcome. Thank you for joining us for today’s session. Agile, Compliant, Competitive: Fast-Tracking Consumer Electronics Innovation. I’m Patrick Garman, and I manage professional solutions for consumer electronics here at Jama Software. I’m excited to be joined today by my colleague Yannick Selg, one of our Senior Solutions Architects. Together, we’ll explore what it takes to succeed in the fast-paced, high-stakes world of consumer electronics development.

The consumer electronics industry is one of the most dynamic out there, driven by innovation, defined by short lifecycles, and shaped by intense competition. A must-have device today can become obsolete in a matter of months. This creates enormous pressure, not just to innovate but to deliver quickly and get it right the first time. And development is no longer linear, it’s fast-paced, global, and layered. And while speed to market is essential, navigating the increasingly complex regulatory environment is just as critical. The bar for compliance isn’t just higher, it’s shifting under our feet.

So, here’s how we’re going to break this down today. First, we’ll explore how rapid innovation is reshaping development cycles and how teams can keep up without burning out. Then we’ll examine the regulatory landscape and what it takes to build compliance into your development process from the start. Next, we’ll look at the challenge of maintaining quality and compliance while accelerating delivery. We’ll share practical strategies and tools to help your teams move faster without compromising rigor, including how Jama Connect® supports modular design, regulatory traceability, and smarter collaboration.

Finally, Yannick will provide a live demo of Jama Connect, showing how our platform streamlines and accelerates your product development process without sacrificing quality. If there’s one message to take away today, it’s this. Innovation is not just about what’s new. It’s about navigating complexity with confidence. Developing innovative consumer electronics is difficult. Even under the best conditions, these products are incredibly complex. Even in a stable environment, managing requirements across disciplines, hardware, software, UX, compliance is challenging. But in reality, we’re rarely working in a stable environment. We are constantly navigating shifting market trends, emerging technologies, global supply chain fluctuations and evolving regulations. Add in social and geopolitical disruptions and it’s no surprise that teams often find themselves tripping over their own processes, not due to a lack of talent or effort but because the complexity outpaces the tools they’re using to manage it.

RELATED: The Top Challenges in Industrial Manufacturing and Consumer Electronic Development

Garman: Here’s what we often hear from customers before they adopt Jama Connect. Things like, “We keep building the wrong thing because requirements weren’t clear or accessible,” or, “Engineering is out of sync with compliance,” or, “We didn’t realize we missed a requirement until testing, or worse, after launch.” Sound familiar? These are not just anecdotes, these are measurable pain points. 62% of companies have been reprimanded or fined by regulatory agencies. 83% of design teams cite immature requirements management as the root cause of project failures. And roughly one-third of a typical product development budget is spent on unplanned work. Things like rework, defect resolution, or scrambling to address gaps that could have been caught earlier. And here’s the bottom line. A six-month delay can result in a 33% loss in potential revenue.

That’s not just a product issue; that’s a business issue. The takeaway is clear. Without a structured collaborative requirements management approach, you’re not just risking quality, you’re risking profitability, compliance, and your speed to market.

Let’s start with the simple truth. Speed matters. If you’re late to market even by a few months, you’ve already lost ground, lost revenue, lost mindshare, and lost relevance. But here’s the challenge. Today’s breakthrough is tomorrow’s baseline. Innovation doesn’t slow down. The pressure to stay ahead pushes teams to take risks and move fast. But fast alone is not enough. Today’s development isn’t clean or consequential. It’s global, concurrent and complex. Hardware might be built in one country, software in another with compliance teams spread across all time zones. All of that coordination has to happen in real time. Meanwhile, regulations might evolve mid-cycle. A product that met requirements at design freeze may fall out of compliance before it ships. That finish line keeps moving. So yes, fast is good, but flawless is better. Success means not just getting to market, but getting there with a product that meets expectations across the board; technical, legal and consumer. That’s what we’ll unpack throughout this session. How to balance agility with accuracy and move quickly without breaking things.

We’re developing products in a world where innovation is constant and accelerating. AI, automation, personalization, these aren’t high-end features anymore. They are expected. Devices are no longer isolated, they’re connected, adaptive and increasingly intelligent. This raises the bar and the complexity. Development cycles are now parallel, not sequential. Hardware, firmware, AI models, mobile apps, supplier planning, everything is happening at once and feeding into each other. The only way to manage this pace is with agile cross-functional workflows. Compatibility is another hurdle. Whether it’s Matter, Alexa, Google Home, your product must play nicely in a connected ecosystem. Standards like USBC don’t just reflect technical choices that reflect regulatory pressure and consumer expectations.

And it’s not just technology that’s shifting. The market itself is transforming. Boundaries between industries are disappearing. A fitness tracker is now a health monitor and a social device. Do self-driving cars belong to the automotive industry or consumer electronics? That blurring of categories brings new competition and new risk. Add to this geopolitical disruption, chip shortages, trade regulations. And you’re not just designing for a performance, you’re designing for resilience. The takeaway? Speed still wins, but only when it’s paired with flexibility. It’s time to stop asking how fast can we ship and start asking how well can we adapt? Of course, building great products is hard. Making them legal, safe and certifiable, even harder. Regulatory complexity isn’t just growing, it’s fragmenting. Every region brings a different rule book. Europe has CE Marking, RoHS, REACH and the WEEE Directive. And now, the Cyber Resilience Act and AI Act are adding new layers of cybersecurity and transparency expectations.

The U.S. is more decentralized. The FCC rules govern emissions. UL handles safety. And states like California are adding laws like CCPA that impact product labeling and data handling. China requires CCC certification, local testing, cybersecurity reviews, and strict data localization policies. And that’s just a few markets. Here’s the kicker. Even a minor design change like swapping out a chip can trigger retesting and recertification. That’s time, money, and launch risk. So, compliance is not a checklist, it’s a discipline that has to be embedded from the beginning. Get it right and you move confidently. Get it wrong and you risk delays, recalls, fines, or even exclusion from key markets. To be clear, in this industry, compliance is a product feature.

RELATED: Eliminate Gaps and Risks with Proven Traceability Best Practices

Garman: We’ve all heard the phrase “move fast and break things,” but in regulated high-stakes product development, that mindset can backfire. Yes, speed to market is important. Yes, regulatory compliance is non-negotiable. But getting there first with a buggy product, that’s a fast track to customer dissatisfaction and reputational damage. As this chart illustrates, the later a defect is found, the more expensive it is to fix, not just in dollars but in lost time and market opportunity. A defect that’s missed in integration testing might cost 40 times more to resolve in system testing. If it makes it to acceptance testing, that cost jumps to 110 times. And if the issue is discovered after launch, you’re not just paying in engineering hours, you’re paying in trust. That’s why verification and validation can’t be an afterthought. They must be built into every phase of development. And quality is not just about testing. It starts with the clarity and completeness of your requirements. Are your teams writing precise, actionable requirements? Do you have traceability across development artifacts to ensure nothing is missed? Do you have review stage gates with all stakeholders? That means bringing in legal, compliance, security and business teams early, even if you think they’ll just slow things down.

High-performing teams invest in both product quality and process quality because the cost of getting it wrong grows with every step forward. So, the question isn’t speed, compliance or quality, it’s how do we build all three into our process so that we can control complexity before it controls us. This means breaking down silos. Engineering, compliance, manufacturing, support, these teams can’t operate in isolation. They need shared visibility and synchronized workflows. Provide visibility and transparency early and you’ll discover what you don’t know much faster and avoid having to backtrack later when it’s more expensive. And reuse what works. You don’t have to start from scratch each time. You can reuse validated IP, swappable components with their requirements and even test cases to move faster without increasing risk.

Testing also has to evolve. Coverage gaps are the silent killers. Traceability from requirements to validation ensures you’re testing the right things and finding gaps before your customers do. And testing should be continuous, not a final step. Validation is part of development, not the end of it. The bottom line: speed without structure is guesswork. Speed with discipline is leadership. So, how do you implement all of this? That’s where Jama Connect comes in. Jama Connect is purpose-built to help consumer electronics product teams move faster while staying aligned and compliant.

Here’s how. Streamlining your regulatory compliance. Jama Connect enables teams to reuse standards across projects and push updates automatically from a central source of truth. And track which projects are falling behind or are out of compliance using comparison views. For modular design and reuse, standards are not the only reusable artifacts in Jama Connect. Library projects allow you to easily manage requirements for reusable or swappable components and product variants, complete with linked test cases.

RELATED: IEC 61508 Overview: The Complete Guide for Functional Safety in Industrial Manufacturing

Garman: Reuse accelerates development and reduces redundant validation so you can focus on what’s truly new. Jama Connect also supports you in spreading your traceability across the digital thread. You can create a real-time data connection between Jama Connect and Jira using Jama Connect Interchange™ to trace requirements to development activities and have the current status for all tasks visible with your requirements. Also, Jama Connect’s best-in-class REST API extends that interoperability even further across your toolchain. You get end-to-end traceability from ideation to requirements to tests from risks to releases. Jama Connect also builds in quality insights. Tools like Live Trace Explorer™ show where your project has trace gaps or low maturity and provides you with a score for your project coverage completeness. Jama Connect Advisor™ provides real-time guidance on requirement clarity, helping you catch issues before they cascade and quantifies the maturity of your requirements so that you can measure improvement.

With Jama Connect, you’re not just documenting development, you’re orchestrating it. You gain clarity, reuse what works, integrate where it counts and stay compliant without losing speed. In fact, this is a great time to turn things over to Yannick to show us what this looks like in action.

WATCH THE ENTIRE WEBINAR HERE:
Agile, Compliant, Competitive: Fast-Tracking Consumer Electronics Innovation

Ticking clock wearing graduation hat against blue background with the topic showing a tutorial video about categories for milestones.

Jama Connect® Features in Five: Categories for Milestones

Milestone Tracking Made Simple with Jama Connect’s Categories Feature

Learn how you can supercharge your systems development process! In this blog series, we’re pulling back the curtains to give you a look at a few of Jama Connect’s powerful features… in under five minutes.

In this Features in Five session, Patrick Knowles, Senior Solutions Architect at Jama Software, demonstrates how Jama Connect’s Categories feature streamlines milestone tracking, boosts transparency, reduces risks, and ensures compliance.

VIDEO TRANSCRIPT

Patrick Knowles:  Hello, I’m Patrick Knowles, Senior Solutions Consultant for Aerospace and Defense at Jama Software. In this video, I’ll demonstrate how teams can use Jama Connect’s Categories feature to improve visibility of deliverables at key development milestones throughout an airborne system’s product development cycle. This approach helps increase transparency, reduce risk, and ensure timely delivery of critical data.

When developing a complex system of systems such as an aircraft like an eVTOL, teams heavily rely on milestones. Tracking what is due at each milestone and certification stage can be a complex web of documents, schedules, and loose threads. Jama Connect’s Categories feature simplifies this by clearly organizing what’s due and when. This boosts transparency for engineering teams and reduces the risk of missed deadlines, as well as ensuring compliance with standards like ARP-4754 for systems such as an eVTOL.

RELATED: Buyer’s Guide: Selecting a Requirements Management and Traceability Solution for Aerospace

Knowles: Solution. An organization administrator can set up milestone-specific Categories in Jama Connect. These Categories are assigned to the information due at each stage of a program, enabling teams to create filters, dashboards, and reviews for clear visibility. Unlike tags or other manual methods, Categories provide a structured error-resistant way to manage milestone data, reducing risks like copy-paste mistakes. Let’s open Jama Connect and learn how to enable this strategy in the tool.

The first step is to ensure Categories is enabled within the project. An organization administrator will enter the admin tab within their Jama Connect instance. From there, they will navigate to the category section of the tab and turn the toggle that enables Categories. After Categories is enabled, the administrator will begin to develop the specific Categories that will enable the team to track each milestone. The administrator will add a system development phase category by selecting add and populating the name. This will serve as the parent category, which the rest of the lifecycle milestones will be grouped underneath. From here, the administrator will add the rest of the milestones as individual Categories and move them under the system development phase parent.

It is a best practice in this case to use the move functionality rather than the copy functionality to keep the Categories trees simple and clean. Additionally, when complying with regulatory standards and requirements, it is best to clearly align your milestone. The milestones used throughout the rest of this example are derived from the ARP-4754B and its systems requirements process. This method can be expanded to any number of other regulatory docu ments as well. With all of the milestones created, the administrator has one last step to complete, assigning the parent system development phase category to the appropriate projects or enabling it to be globally accessible.

RELATED: Jama Connect for Air, Land, Sea, and Space Datasheet

Knowles: After your team’s organization administrator has completed the creation of the milestone Categories, it is time to implement within the project. First, a user will go into a project and begin to categorize components, sets, and folders that belong to each of the Categories. It is easiest to categorize top-down from components, sets, and folders, and then to batch manage Categories of each of the item types within the logical organizers. With the organizers categorized, the user can then manage the Categories of the individual items within each organizer.

Now that the hard work is done, it is time to harvest the fruits of the labor. The simplest way to do this is to open the Categories tab in the project and select any of the milestone Categories. With one click, the user will see all the items associated with that milestone. However, this isn’t the only way to visualize the information. A best practice for viewing Categories is to set up filters. By developing filters that narrow in on the information due at the upcoming milestone, a team can target that work and ensure it is effectively completed. Once a filter is created, the user can even utilize it to narrow down the project’s explorer by right-clicking on the filter and selecting apply filter to explorer. This will automatically sort the explorer to only display the information within the specific filter. Additionally, a team can use this filtering to help expedite exports or reports related to this narrowed down amount of information.

RELATED: Innovating Aviation with Jama Connect and Vertical Aerospace

Knowles: At Jama Software, we strive to ensure our customers are able to successfully implement and develop their products through the use of Jama Connect. Lifecycle milestones are no small feat, and the team here at Jama Software knows that. Creating a user-friendly and maintainable approach to developing and tracking data due at each lifecycle milestone is the driving force behind this Jama Connect features inside. By tracking data deliverables for lifecycle milestones in Jama Connect with Categories, a team will increase transparency, reduce the potential for error, and improve their data delivery process at Lifecycle Milestones. Through simple organization administration setup, a team can quickly align the work they are developing in Jama Connect to lifecycle milestones and improve their current processes. To find out more about tracking developmental milestones with Categories in Jama Connect, please visit our website at jamasoftware.com.

To view more Jama Connect Features in Five topics, visit:
Jama Connect Features in Five Video Series

Navigating IEC 62443: Strengthening Cybersecurity in Industrial Automation & Control Systems

Understanding IEC 62443

IEC 62443 is a comprehensive set of standards aimed at securing Industrial Automation and Control Systems (IACS) against cybersecurity threats. It provides guidelines for designing, implementing, and maintaining secure industrial automation systems, ensuring the integrity, availability, and confidentiality of these critical infrastructures.

Structure

This IEC series is organized into several parts, each focusing on different aspects of IACS security:

  1. General: Introduces fundamental concepts, models, and terminology related to security.
  2. Policies and Procedures: Focuses on establishing and managing security
  3. Components and Requirements: Specifies technical security requirements for IACS components and secure product development practices.
  4. Profiles: Defines industry-specific cybersecurity requirements and provides a structured approach to implementing measures based on cybersecurity profiles.
  5. Evaluation: Describes assessment methodologies to ensure consistent and reproducible evaluation results concerning the requirements of individual parts.

RELATED: Mastering ISO/IEC 27001: A Guide to Information Security Management

Key Components

  1. IEC 62443-1-1: Covers terminology, concepts, and models, laying the foundation for understanding the standards.
  2. IEC 62443-2-1: Provides guidance on establishing security programs for asset owners, aligning with standards like ISO/IEC 27001.
  3. IEC 62443-3-3: Specifies system security requirements and security levels, detailing technical requirements for systems
  4. IEC 62443-4-1: Focuses on secure product development lifecycle requirements, outlining how to develop secure products.
  5. IEC 62443-4-2: Defines technical security requirements for IACS components, ensuring components meet specific security standards.

Recent Developments

This IEC series is continually evolving to address emerging cybersecurity challenges. Recent updates include:

  1. IEC 62443-1-5: Introduced in September 2023, this technical specification outlines the scheme for IEC 62443 security profiles, providing a structured approach to implementing cybersecurity measures based on defined profiles.
  2. IEC 62443-2-1: The second edition, released in August 2024, updates the security program requirements for IACS asset owners, aligning with evolving industry practices and emerging threats.
  3. IEC 62443-2-4: The second edition, published in December 2023, revises the requirements for IACS service providers, ensuring that integrators meet current cybersecurity capabilities across various domains.
  4. IEC 62443-6-1: Released in March 2024, this technical specification introduces a security evaluation methodology for IEC 62443-2-4, aiming to ensure consistent and reproducible assessment results.consistent and reproducible assessment results.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Impact on Industrial Automation

This standard has a significant impact on industrial automation by establishing a structured framework for cybersecurity in industrial control systems (ICS) and operational technology (OT) environments. Here’s how it influences the industry:

  1. Enhances Cybersecurity in Industrial Automation: IEC 62443 provides comprehensive guidelines to protect industrial networks, control systems, and automation components from cyber threats. It helps in mitigating risks associated with unauthorized access, malware attacks, and insider threats.
  2. Establishes a Risk-Based Approach: The standard encourages risk assessment and mitigation strategies based on the specific threats and vulnerabilities of an automation system. This ensures tailored security measures rather than a one-size-fits-all approach.
  3. Defines Roles & Responsibilities: IEC 62443 categorizes the responsibilities of different stakeholders in industrial automation, including:
    1. Asset owners (e.g., manufacturing plants, energy companies)
    2. System integrators (those designing and configuring industrial systems)
    3. Product suppliers (hardware and software vendors) Each entity must implement security controls based on its role in the automation.
  4. Promotes Secure System Development & Lifecycle Management: The standard provides guidance on secure development, configuration, and maintenance of industrial automation components, ensuring security is embedded from design to decommissioning.
  5. Improves Compliance & Regulatory Alignment: Many governments and industries are aligning cybersecurity regulations with IEC 62443, making it essential for organizations to adopt the standard to stay compliant with industry best practices and legal requirements.
  6. Encourages Interoperability & Secure Communication: By enforcing secure communication protocols and access controls, IEC 62443 ensures that automation systems can safely interact with IT networks, cloud services, and IIoT (Industrial Internet of Things) applications without compromising security.
  7. Supports Business Continuity & Resilience: A strong cybersecurity framework reduces downtime caused by cyber incidents, ensuring uninterrupted industrial operations and minimizing financial losses.

THIS HAS BEEN A PREVIEW – TO READ THIS EBOOK IN ITS ENTIRETY, VISIT:
Navigating IEC 62443: Strengthening Cybersecurity in Industrial Automation & Control Systems

Ticking clock wearing a graduation cap next to text reading that this topic is about AEC project management with Jama Connect.

Jama Connect® Features in Five: Architecture, Engineering, and Construction (AEC) Solution

Learn how you can supercharge your systems development process! In this blog series, we’re pulling back the curtains to give you a look at a few of Jama Connect’s powerful features… in under five minutes.

In this Features in Five video, Michelle Solis, Solutions Architect at Jama Software, explores how Jama Connect helps the Architecture, Engineering, and Construction (AEC) Industry manage complex requirements and streamline project communication.

VIDEO TRANSCRIPT

Michelle Solis: Hello, I’m Michelle Solis, a Solutions Architect at Jama Software. In this video, we’ll explore how Jama Connect helps the AEC (architecture, engineering, and construction) industry manage complex requirements and streamline project communication.

AEC projects, whether it’s building a structure, designing a rail system, or developing an airport, come with complex requirements involving multiple teams. Communication is often fragmented and mid-project requirement changes can add confusion. Traditionally, the process unfolds in a linear workflow. The owner issues an RFP, teams respond, and the project is awarded. Once the project is underway, however, the owner may change requirements, making it hard for teams to see what parts of the project are affected.

Managing this process with documents alone, whether in Word, Excel, or PDF, is insufficient for managing these changes effectively, leading to missed updates, delays, and financial losses. Project management tools store documents but don’t provide visibility into relationships between requirements and tasks, making it hard to track changes across teams.

RELATED: Six Key Challenges in the Architecture, Engineering, Construction, and Operations (AECO) Industry and How to Solve Them with Jama Connect

Solis: Jama Connect addresses these challenges by shifting from a document-centric to a requirements-driven approach. Instead of static Word documents, Jama Connect allows you to break down requirements into actionable items, improving clarity and manageability.

AEC projects often involve strict compliance requirements, such as LEED or ADA regulations, which can be difficult to track in traditional documents leading to missed updates or compliance gaps. With features like traceability, Jama Connect ensures these requirements are continuously monitored and managed throughout all project phases from the bidding process to construction, helping teams stay aligned with project goals.

By eliminating document silos, Jama Connect fosters collaboration across teams, providing real-time visibility into requirement changes, and ensuring that all requirements remain clear, traceable, and adaptable.

Let’s dive into Jama Connect and take a look at how this solution works. Here’s an example of a project with requirements entailing a new building. This project includes a traceability information model that begins with owner requirements. These requirements represent the written specifications and expectations set by the project owner. They are imported into Jama Connect, and then broken down into project requirements.

Those further break down to system requirements, design documents, and regulatory compliance, all of which we can validate and link to evidence provided by subcontractors ensuring full traceability across different aspects of the project lifecycle.

On the left panel is the explorer tree where the requirements live. If we click on a set of our requirements, we can see them in our List View, which is similar to Excel with rows and columns that we can adjust by dragging and dropping, or our document view, which is similar to working in Word and functions like a live document that we can edit by double-clicking and making our changes.

Jama Connect’s traceability features illustrate to us as end-users how change impacts our project. If I want to make changes to a project requirement, like this example of vertical circulation, I can first run an Impact Analysis to see if there are any potential upstream and downstream impacts. This shows me all of the requirements that may be impacted if I change this requirement. If this requirement changes because there’s a new weight capacity regulation to the elevator, then downstream, we should make the according changes to the elevator control system requirement and further downstream to the elevator validation and load monitoring subsystem requirement.

RELATED: Buyer’s Guide: Selecting a Requirements Management and Traceability Solution

Solis: There are requirements here that will not be affected if I were to make these changes because it’s specific to the elevator functionality, so some of these escalator downstream requirements won’t be impacted. Impact Analysis shows us all of the potential impacts, but it’s up to us to decide if there’s indeed an impact and to make the necessary changes.

Jama Connect also has a full version history for all of our projects and other types of requirements. If I click on the version history, I can compare version two to version three and see all of the red and green line differences. So it looks like I removed some text and added that weight capacity regulation compliance.

With Jama Connect, AEC teams can move beyond static documents to a dynamic, requirements-driven approach, breaking down complex project requirements into actionable items, ensuring traceability, and maintaining compliance with industry regulations like LEED and ADA. By fostering real-time collaboration and eliminating silos, Jama Connect helps teams stay aligned, adapt to changes seamlessly, and keep projects on track from design to construction.

Thank you for watching this demonstration of Jama Connect for AEC Industries. If you would like to learn more about how Jama Connect can optimize your AEC projects, please visit our website at jamasoftware.com. If you’re already a Jama Connect customer and would like more information, please contact your customer success manager or Jama Software consultant.

To view more Jama Connect Features in Five topics, visit:
Jama Connect Features in Five Video Series

Cybersecurity in Unregulated Industries: Proactive Strategies for Mitigating Risk

Cybersecurity in Unregulated Industries: Proactive Strategies for Mitigating Risk

In today’s modern, digital landscape, cybersecurity threats are not limited to heavily regulated industries like aerospace, automotive, and medical devices. While government mandates drive compliance in regulated sectors, industries without strict cybersecurity oversight for specific products — such as consumer electronics, financial services, insurance, industrial manufacturing, and software development — are increasingly taking proactive steps to address cybersecurity risks. With cyberattacks growing in frequency and sophistication, companies in these industries must prioritize security to protect intellectual property, maintain customer trust, and prevent costly disruptions.

RELATED: Integrate Cybersecurity and Safety Risk Management in Jama Connect® to Simplify and Accelerate Medical Device Development.

Cybersecurity Challenges in Unregulated Industries

Unlike regulated markets, where adherence to standards such as ISO 21434 (for automotive) or DO-326A (for Aerospace & Defense) is required, many industries operate without formal cybersecurity frameworks. However, recent high-profile breaches have underscored the need for stronger security measures:

  • Consumer Electronics: A leading smart home device manufacturer recently faced scrutiny after vulnerabilities in its IoT ecosystem allowed hackers to access users’ security cameras. Without strict regulatory oversight, companies must self-impose cybersecurity best practices to safeguard consumer data.
  • Industrial Manufacturing: A ransomware attack on a global industrial equipment provider disrupted production lines and resulted in significant financial losses. As manufacturers embrace Industry 4.0 and connected systems, cybersecurity must become a core consideration.
  • Software Development: Open-source software dependencies have become a major target for cybercriminals. The recent exploitation of a widely used software library demonstrated how vulnerabilities in third-party components can create widespread security risks.
  • Insurance: A major insurance provider suffered a data breach when cybercriminals exploited weaknesses in its cloud-based claims processing system. The breach exposed sensitive policyholder information, including Social Security numbers and financial details, highlighting the need for robust encryption and access controls in an industry handling vast amounts of personal data.
  • Financial Services: A global investment firm fell victim to a sophisticated phishing attack that compromised employee login credentials, allowing attackers to execute fraudulent transactions. As financial institutions increasingly rely on digital banking and AI-driven trading, strengthening identity verification and fraud detection measures is critical to mitigating cybersecurity threats.

Even without formal regulations, companies in these industries recognize that cybersecurity is a business imperative – and also crucial to remaining trusted and respected in the market. Many are implementing best practices, such as adopting secure development methodologies, integrating threat modeling, and enhancing collaboration between security and development teams.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

How Jama Connect® Supports Cybersecurity in Unregulated Industries

While unregulated industries may not face the same compliance pressures as sectors like automotive, medical devices, or aerospace & defense, they still need robust cybersecurity risk management. Jama Connect provides the tools necessary to build a strong cybersecurity foundation by:

  • Embedding Security into Development Processes: Jama Connect enables teams to integrate cybersecurity considerations throughout product, project, and program development, ensuring that security is addressed from the earliest stages.
  • Enhancing Collaboration and Risk Visibility: With real-time collaboration and traceability, teams can proactively identify, assess, and mitigate security risks before they escalate.
  • Facilitating Secure Software Development: By providing structured frameworks for security requirements and risk assessments, Jama Connect helps organizations adopt secure coding practices and threat modeling techniques.
  • Supporting Industry-Specific Best Practices: Even without formal regulatory requirements, Jama Connect allows organizations to implement cybersecurity frameworks aligned with industry standards such as NIST Cybersecurity Framework and Secure Software Development Lifecycle (SSDLC).

As cyber threats continue to evolve, companies in unregulated industries must take proactive steps to secure their products and operations. By leveraging Jama Connect, organizations can establish a structured, security-first approach that reduces vulnerabilities and builds resilience against emerging cyber risks.

Want to learn about how to mitigate cybersecurity risks in regulated markets? Check out this blog post.

Note: This article was drafted with the aid of AI. Additional content, edits for accuracy, and industry expertise by Mario Maldari, Brian Morrisroe, and Kenzie Ingram.

Strengthening Cybersecurity in Regulated Markets: How Jama Connect® Enhances Risk Management in Product Development

Strengthening Cybersecurity in Regulated Markets: How Jama Connect® Enhances Risk Management in Product Development

Discover how Jama Connect® empowers product development teams in regulated markets like aerospace, automotive, and medical devices to integrate cybersecurity and safety risk management with requirements management

In today’s connected world, cybersecurity is a critical concern for product development in regulated markets. According to a recent report by Cybersecurity Ventures, cybercrime is predicted to cost the world $10.5 trillion annually by 2025, underscoring the growing risks facing industries that rely on connected products.

As products become increasingly software-driven and connected, they present new vulnerabilities that require robust security measures. Industries such as aerospace, automotive, and medical devices must navigate complex cybersecurity regulations to protect sensitive data, ensure product safety, and maintain compliance with evolving standards. Failure to address cybersecurity risks not only jeopardizes user safety but can also lead to costly delays, recalls, regulatory penalties, and reputational damage.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

The Importance of Cybersecurity in Regulated Markets

Regulated markets operate under strict guidelines to protect data, ensure operational integrity, and maintain public trust. Cybersecurity compliance involves adhering to laws, standards, and regulatory requirements established by governments and industry authorities to safeguard digital information and systems from threats like unauthorized access, data breaches, and cyberattacks.

Recent incidents underscore the urgency of robust cybersecurity measures:

  • Medical Devices: The U.S. Food and Drug Administration (FDA) issued updated guidance requiring medical device manufacturers to submit cybersecurity plans as part of their premarket submissions. This move follows increasing concerns about vulnerabilities in connected medical devices that could jeopardize patient safety and data security.
  • Automotive Industry: A notable cybersecurity breach involving a major automaker demonstrated how connected vehicles can be remotely accessed and controlled. This incident has accelerated the push for stricter compliance with ISO 21434, the international standard for automotive cybersecurity risk management.
  • Aerospace & Defense: Cyberattacks targeting defense contractors have highlighted the need for stringent cybersecurity protocols. The implementation of DO-326A and other cybersecurity standards is becoming increasingly critical to protect sensitive information and ensure the safety of airborne systems.

RELATED: Jama Connect Enables DevSecOps Through Robust API and Integrations That Connect All Activity to Requirements

Jama Software’s Approach to Cybersecurity in Regulated Markets

Jama Software recognizes the critical importance of cybersecurity in regulated industries and has integrated out-of-the-box cybersecurity risk management capabilities into its industry-specific frameworks for Jama Connect. This integration facilitates a proactive approach to cybersecurity across various sectors, including airborne systems, automotive, and medical devices.

Aerospace & Defense

Aircraft, system, and subsystem manufacturers and their suppliers benefit from a customizable solution with a robust REST API aligning all cybersecurity activity with an integrated DevSecOps CI/CD pipeline, easy collaboration and reviews involving internal and external teams, and customizable reports to demonstrate compliance with the “Airworthiness Security Process Specification” (DO-326A). Jama Connect for Airborne Systems provides a framework to identify potential cyber threats, assess vulnerabilities, and implement security measures.

Automotive Industry

The shift towards software-defined vehicles has introduced new cybersecurity challenges. Jama Connect for Automotive offers OEMs and suppliers the capability to develop necessary work products that comply with ISO 21434 for cybersecurity management. It offers comprehensive cybersecurity diagnostics including Threat Analysis and Risk Assessment (TARA) templates and reports, as well as case management, progress monitoring, and reporting features to demonstrate compliance. By facilitating collaborative planning, validation, and alignment, it reduces risks through enhanced collaboration among specialized teams, removes guesswork from threat analysis, and accelerates project launches through efficient reuse of components.

Medical Device Industry

For medical device manufacturers, managing cybersecurity risk under standards like ANSI/AAMI SW96:2023 is complex. Jama Connect for Medical Devices harmonizes cybersecurity and safety risk management, simplifying complex risk evaluations and accelerating responses to threats. This integration reduces complexity, increases efficiency in managing risks, and ensures comprehensive documentation of traceability, which is crucial for regulatory compliance and patient safety. By embedding cybersecurity risk management into its industry-specific frameworks for Jama Connect, Jama Software empowers organizations to integrate cybersecurity risk management into product development processes for efficient and proactive identification, evaluation, and mitigation of cybersecurity risks, compliance with regulatory standards, and enhanced overall security posture of their products.

As cybersecurity threats continue to evolve, regulated industries must take proactive steps to safeguard their products, data, and users. The growing complexity of cybersecurity regulations highlights the need for robust risk management frameworks that integrate security into every stage of the product development lifecycle. By leveraging Jama Connect’s industry-specific cybersecurity capabilities, organizations can streamline compliance efforts, enhance collaboration, and mitigate risks more effectively. Investing in secure-by-design practices today ensures a safer and more resilient future for the products and industries that shape our world.

Note: This article was drafted with the aid of AI. Additional content, edits for accuracy, and industry expertise by Mario Maldari and McKenzie Jonsson.

[Webinar Recap] Systems Engineering MedTech Challenges

In this blog, we recap our recent webinar, “Systems Engineering MedTech Challenges”

Systems Engineering MedTech Challenges

Implementing systems engineering (SE) practices in MedTech presents unique challenges. From aligning with regulatory standards like ISO 13485 to managing time-to-market pressures and technical complexity, MedTech professionals must navigate a highly regulated and rapidly evolving environment.

In this webinar, industry experts Mike Johnson, Trainer & Co-Founder of SE-Training GmbH and Vincent Balgos, Director of Medical Device Solutions at Jama Software share actionable strategies to overcome these obstacles and explore how MedTech can lead the way in adopting SE methodologies.

Key Takeaways:

  • Overview of Systems Engineering practices in the Medical Device industry
  • Common early-career challenges and practical tips to overcome them in MedTech
  • Aligning SE practices with regulatory standards like ISO 13485 and addressing gaps in conceptualization, system analysis, and risk management
  • Opportunities for adopting SE methodologies, including Model-based Systems Engineering (MBSE)
  • Don’t miss this opportunity to learn from industry leaders and gain strategies for addressing MedTech’s common SE challenges.

The video above is a preview of this webinar – Click HERE to watch it in its entirety!

VIDEO TRANSCRIPT

Mike Johnson: Thank you very much to all the people of Jama Software for supporting this webinar this evening. The topic is Systems Engineering MedTech Challenges. I’m Mike Johnson and I’m working for a company called SE-Training GmbH. To give you a little introduction on tonight’s topics, so firstly, I have a short introduction about SE-Training, the company I co-founded. Then I want to dive into practical perspectives, aligning systems engineering, challenges, systems engineering opportunities, tips and tricks for overcoming common obstacles, and we have some time then at the end for a wrap-up summary and questions.

Short introduction about the company SE-Training. We are a group of systems engineering experts working on the development and support of technically complex systems. So, the technical complexity is the thing that unites us all and is very much what unites the systems engineering approach. The problems caused by complexity are often very multifaceted, often have a lot of non-linearities, many dependencies, et cetera, and it’s not easy to overcome them. We are an endorsed training provider by the INCOSE UK group. So INCOSE stands for the International Council on Systems Engineering. We are accredited here in Switzerland by the EduQua training accreditation and many people come to us because they would like to achieve one of the accreditations in INCOSE.

That’s the ASEP, the CSEP, or the ESEP. ASEP is the Associated Systems Engineering Professional. CSEP is the Chartered Systems Engineering Professional. ESEP is very experienced. And of course, with both the ASEP and the CSEP, you need to take an exam and it’s not an easy exam. You have to revise quite a lot for it, and so we have a dedicated training course to prepare you for it. Also, for anyone in Switzerland, which may be quite a few people in this webinar, anyone working in Switzerland, if you’re working as a temporary worker, then you can find us on tempservice.ch.

So the challenges for this webinar that we’re trying to overcome, firstly I want to talk about the practical perspectives on the context and constraints. I want to talk about aligning systems engineering implementation initiatives with the applicable standards, ongoing challenges in the MedTech industry, opportunities, and tips and tricks for overcoming the common obstacles in highly regulated industries. Short introduction about myself, I’m British, which means sometimes I make silly jokes. That is of course what the British do. And growing up I attended the University of Exeter firstly to study physics. Following my undergraduate in physics, I went to the University of St. Andrews to gain my master’s in optics and optoelectronics there. My first job was at Thales Optronics in the UK and already from a young age, I was a systems engineer. I was always a systems engineer in my early career, firstly working as an optical systems engineer, especially working with the military.

RELATED: Buyer’s Guide: Selecting a Requirements Management and Traceability Solution for Medical Device & Life Sciences

Johnson: And many of you may know the company Thales. Thales is very big on systems engineering. It’s a core competence there and there I was able to already at a young age, deliver a very big category, a project for the infantry on some very complex systems. I then moved to Switzerland and in Switzerland, I moved to a space company called RUAG Space, which is now called Thales Alenia Space, Switzerland, and there as well as leading the systems engineering group. In addition, I was also a systems engineer, and probably my best application of systems engineering at that time was on the very, very quick development of a space telescope called CaSSIS. The CaSSIS is on the ExoMars Trace Gas Orbiter. Been in orbit since 2017 and we had to do end-to-end development and verification activities, et cetera, and deliver in under two years, which really, really was challenging. I must say though that it is also a very good application of systems engineering, especially from a value-oriented perspective.

There after five years at RUAG Space, I moved to Roche Diagnostics. I moved to the MedTech industry. There, I was head of systems engineering in the molecular division, especially all the systems there using PCR or the polymerase chain reaction, I was there for seven years with a group of about 30 people, business analysts, systems engineers, requirements engineers, et cetera, really specializing on a lot of the upfront product definition activities on these, again, very complex systems. Whether they’re pre-analytics or analytics or analytics systems, both are equally very complex, with many aspects that you need to consider. You can’t just go in and start writing software or start cutting metal as such. Also introduce many organizational initiatives across the whole of Roche Diagnostics, not just in our site in Switzerland. And then for the last two years, I’ve been full-time with my company SE-Training as a consultant and trainer.

So for this webinar, first topic I want to talk about is practical perspectives. The importance here of considering firstly many aspects of MedTech context and constraints. And I say this of course based a lot on my history and my history is that I’ve come from a strong systems engineering background in aerospace, defense, and then come into MedTech. So of course my views and my reflections are based very much on my experience here may not be the same for everybody. How do I see things? Well, number one, it’s a very high compliance-driven development process, so it’s very important in MedTech that you show evidence for what you’ve done or what you said you were going to do. That’s really important in the development processes. Now of course, if I’m just making a very simple product, just a few requirements, a few verification activities, well, that’s not so difficult, is it?

But of course,e if I’m making very complex systems, I have many different subcontractors supporting them as well, many aspects possibly changing, then actually having that evidence to show compliance is really important, especially since I’ve got a high level of confidence that everything is available and is consistent. Otherwise, I’m open very much to a lot of liability. So you’re going to expect that in this industry. In particular, in MedTech, the development process is very centered around usability and safety. Now of course, safety is called product risk, but it’s a term that I must say I’m not a particular fan of. I’d rather we call things safety, but these are core to the development processes. So right from the beginning of the development you circle around usability and safety is absolutely critical. And of course, we know why or any of us working in the MedTech industry know why, because we’ve seen how both usability and safety can lead to, of course, in many cases, deaths. Unfortunately, from the misuse of medical devices or from liability issues, et cetera.

I mean, it’s medical devices you could be connected to, which if they failed you could be dead within two or three minutes or seriously injured within two or three minutes. So of course these two quality attributes or -ilities or emerging or engineering specialties or emergent properties, whatever you want to call them, these two in particular are very, very critical and of course, we know that as we go through the development processes, we need to circle around them. In both these cases, we should already be thinking we want to be supported in implementing and executing these processes. Just so that I say something that’s obvious, there’s high pressure on time to market, no one’s in denial about that.

That’s probably one of the critical constraints on any project you work on in MedTech is the pressure to get to market first is absolutely as high as you can imagine from any other industry. Often, of course, projects have dropped because they’re not achieving their timelines or simply a competitor has moved in. An unexpected competitor has got their product to market before you, really, really critical time to market. And that’s where actually from my time in the space industry, I can relate to that as well with our developing telescopes. If we were late, we simply wouldn’t get onto the rocket. We simply wouldn’t have gone to Mars.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Johnson: So actually that’s quite similar and I used to say to people actually in the MedTech industry, I used to say to my colleagues often, imagine it’s a space rocket that you’re trying to get your product onto because the space rocket doesn’t work, doesn’t wait for you. I say this as well after working across all three industries. What I saw in MedTech, is often technically the most complex systems, especially when you start analyzing the complexity of the system of systems that they’re operating within. And interestingly here, it’s not just that it’s a very high level of complexity, but also what I often saw in MedTech was that the complexity was underestimated.

People weren’t realizing just how complex these systems were, whether they were taking over jobs that people could do, so automating activities, or doing some very high-level chemistry for the samples. But whatever they were doing, often the people themselves didn’t realize just how technically complex these things were, which I would say is actually quite different to the aerospace and defense industry. Often there actually I found that you didn’t so much underestimate the complexity. You were more aware of the complexity. Often actually I think you could do overkill, you could do too much, or get to try and navigate your way around the complexity. Whereas in MedTech, I often found it was quite underestimated and yet these were really, really complex systems.

So after the contextualization and constraints, look at alignment with standards. Now of course, the one big standard we should all know is the ISO 13485. Very interesting. If you do a control F, so you look at what’s in the ISO 13485 standard. Of course, you won’t find the word systems engineering. So having failed on your first control F, you start to look for other words, don’t you? You say, well, what is that is systems engineering? What do we find in there? It’s clear they want to see a high level of traceability throughout the design and development process. Now, you think typically that products can be developed, like mid-complex products may be developed in three to five years, scales, things like this, three to five years. And well, in those three to five years what can happen? A whole load of things can change, your scope can change, your design can change, your verification can change, da, da, da. A whole load of things can change.

Project team members can change, and subcontractor suppliers can change. All these things, of course, can change. And if at the end of it you say, the regulator comes to you and says, “Well, where’s the evidence that you did what you said you were going to do five years ago?” And you look back at them with a bit of surprise and you’ve got no way of showing that evidence through the traceability of the process and of course,e you’re in trouble. Which again is often why we will have infrastructure supporting us through that process.

THIS IS A PREVIEW OF OUR WEBINAR, WATCH IT IN ITS ENTIRETY:
Systems Engineering MedTech Challenges

Headshot of a speaker who is talking about use cases for variant management.

In this blog, we recap a recent webinar, visit “Use Cases and Strategies for Simplifying Variant Management” to watch it in its entirety.

Use Cases and Strategies for Simplifying Variant Management

Variant management enables organizations to efficiently tailor requirements for diverse markets while maintaining alignment across teams.

Jama Connect® offers flexible strategies to simplify creation, adaptation, and tracking of multiple variants. These approaches facilitate efficient reuse, reduce complexity, and maintain traceability across complicated product lines.

In this webinar, Matt Mickle – Director of Automotive Solutions at Jama Software discusses common variant management use cases and strategies.

What You’ll Learn:

  • Identifying and adapting product variants based on evolving market dynamics, regulatory requirements, and unique customer needs to ensure consistent compliance.
  • Streamlining variant creation by configuring specific versions of product components, optimizing reuse, and fostering alignment across complex product lines.
  • Leveraging a structured feature model to effectively manage options and better understand complex product variations.

Below is an abbreviated transcript and a recording of our webinar.

The video above is a preview of this webinar – Click HERE to watch it in its entirety!

VIDEO TRANSCRIPT

Matt Mickle: We have a fun topic today, walking through variant management use cases with the goal of simplifying this sometimes complicated topic. I will start off by walking through some of the common use cases that we often hear, followed by some concrete examples of how we would see these within the industry. I’ll talk a little bit about how we’ll solve these within Jama Connect and then have some demonstration of this directly in the tool. I’ll do this for each use case as we proceed, and then we’ll move on to some Q&A and I’ll answer some of your questions.

So, what do I mean when I say variant management? Well, simply, I would describe variant management as any process or technique that is used to manage variability and assets within a project. This could be in the form of certain techniques, such as feature-based product line engineering, which we’ll talk a little bit more about later. Configuration management, product derivation, or branch and merge. A product can vary in many ways, such as different features, material or components, premium services, or levels of performance. Here are some examples you might recognize. Models of home appliances with different sizes or capabilities, like these refrigerators. Microcontrollers with a configuration of reusable IP blocks. Medical devices, such as insulin pumps or digital thermometers having an array of features based on setting, method of application or type of consumer. As well as everyday devices, such as smartphones or smartwatches with different uses or consumer profiles.

Nearly every product you could think of has some amount of variation. And the process of managing those variants extends from the conception of the products, all the way into their description at the point of sale, and maintenance thereafter. So, one of these methods, which we will mention in the discussion today, is product line engineering, or PLE for short. And for this, we’ll use the simple definition, a focus on engineering for a family of products with similar features, components or modules as a single product line to leverage commonality and variability, minimize the duplication of effort, and maximize reusability.

RELATED: Expert Perspectives: Integrating Safety of Intended Functionality (SOTIF) Into the Automotive Requirements Engineering Process

Mickle: Now, a couple of definitions that go along with that from the standards for product line engineering, from ISO 26550, the definition of a feature would be an abstract functional characteristic of a system of interest that end users and other stakeholders can understand. And from the product line engineering for feature-based product line engineering standard, ISO 26580, a product line would be a family of similar products with variations in features. So, product line engineering could be considered as the next step in maturity. Single system engineering. And as the ISO standard on software and system engineering for product line engineering and management states, product companies utilizing single system engineering and management approaches may end up with highly complex and low-quality products. Low productivity, high employee turnover, and less than expected customer satisfaction.

So, let’s instead talk about the benefits of moving from single-system engineering into product-line engineering. Product line engineering enables organizations to create product line architecture that allows for the systematic reuse of components, modules, and assets across different products within a product line. This promotes efficiency by reducing redundancy in the need to recreate similar functionalities for each product. By reusing existing components and assets, organizations can significantly reduce development costs. Product line engineering allows for economies of scale, as the investment in creating a core set of assets can be spread across multiple products, leading to cost savings in the long run.

With product line engineering, organizations can streamline the development process by leveraging existing components and architectures. Faster time to market for new products, since development efforts are focused on creating unique features, rather than rebuilding common functionalities. Product line engineering helps ensure consistency in products across the product line. By reusing well-tested and validated components, the likelihood of introducing defects or inconsistencies is reduced. And this will lead to higher overall product quality. As market demands change or new technologies emerge, product line engineering provides a framework that allows organizations to adapt and evolve their product line more easily. This enables the addition of new features or modification of existing ones without starting the development from scratch.

RELATED: Traceable Agile™ – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Mickle: Product line engineering supports efficient configuration management, allowing organizations to define and manage variations and products through configuration, rather than by creating separated versions or desynchronized copies of content. This simplifies the task of handling different customer requirements or market-specific adaptations. Product line engineering makes maintenance and upgrades more manageable. Changes or bug fixes can be applied to common components, and then the updates can be propagated to all of the products within the line, ensuring that each product benefits from the improvements without having to undergo individual modifications.

And finally, product line engineering helps mitigate the risks associated with product development by relying on well-established and proven components. Since these components have been used and tested across multiple products, the likelihood of critical issues arising is reduced. Now, of course, there are many benefits for product line engineering, but there are a lot of challenges that a company goes through in order to try and move towards product line engineering. For example, let’s say a company starts out with a single product and then begins to build variants on that product, turning it into a product line. As the number of variants and variation between them grows, the ability to manage them becomes more and more challenging.

When a change is made, it’s important to assess not only the impact of that change within the product, where the change is made, but also in any products that are part of the same product line. If the change is against common requirements, then the decision is needed on whether they need variation. New versions or configurations of components of a system will need to be thoroughly reviewed with regards to how they interconnect. This becomes even more challenging and complex when considered as the product development data moves from one development application to the next. Throughout the supply chain, information about progress and change needs to flow and be collected in order to see overall status.

THIS HAS BEEN A PREVIEW OF OUR WEBINAR, WATCH IT IN ITS ENTIRETY:
Use Cases and Strategies for Simplifying Variant Management

2025 Expert Predictions for the AEC Industry: How Technology, Emerging Trends, and Innovation Will Shape the Industry in 2025 and Beyond

2025 Expert Predictions for the AEC Industry: How Technology, Emerging Trends, and Innovation Will Shape the Industry in 2025 and Beyond

As we look toward the next five years in the Architecture, Engineering, and Construction (AEC) industry, emerging technologies are set to revolutionize how buildings are designed, constructed, and maintained. From the rise of digital twins to the growing integration of AI and machine learning, the tools and strategies transforming the industry promise to boost efficiency, sustainability, and collaboration. As companies prepare for these advancements, understanding how these technologies will shape the landscape and adopting the right tools will be critical.

In part five of our annual predictions series, Joe Gould, Senior Account Executive at Jama Software, shares his insights on the trends, challenges, and innovations shaping the future of AEC.

We like to stay on top of trends in other industries as well. Read our predictions for Industrial & Consumer Electronics (ICE), Automotive, Aerospace & Defense, Semiconductor, and Medical Device & Life Sciences.

Question 1: What emerging technologies or digital tools do you believe will most significantly reshape the AEC industry in the next five years, and how can companies prepare to integrate these advancements effectively?

Joe Gould: 

  • Digital Twins – The use of digital twins to create real-time, virtual representations of physical assets is set to revolutionize operations and maintenance. This technology provides actionable insights, predictive maintenance, and enhanced asset performance management. Implement IoT sensors and connect data streams to develop digital twin capabilities. Start with pilot projects to showcase value and gradually expand their use.
  • AI and Machine Learning – AI-driven tools will enhance project planning, risk management, and resource optimization. Machine learning models can analyze historical data to predict delays, optimize schedules, and reduce costs. Integrate AI into existing workflows, such as predictive analytics for scheduling or automated quality control checks, to reduce manual errors and inefficiencies.
  • Modular and Prefabrication Technologies – Offsite construction and prefabrication are becoming more efficient with advancements in design automation and digital manufacturing tools. Adopt software platforms that integrate modular construction workflows with design and scheduling tools. Establish partnerships with prefabrication facilities.
  • Sustainability Focused Tools – These are tools for energy modeling, lifecycle analysis, and carbon tracking will drive environmentally responsible design and construction. Embed sustainability metrics into project KPIs and adopt tools that facilitate compliance with green building certifications like LEED or BREEAM.

RELATED: Jama Connect Advisor™

Question 2: As sustainability goals become increasingly prioritized, what role do you see software and product development playing in achieving more environmentally friendly and energy-efficient designs within the AEC sector?

Gould: Software and product development play a pivotal role in advancing sustainability and energy efficiency within the AEC sector by enabling more data-driven, holistic, and collaborative approaches to design and construction. Tools such as Building Information Modeling (BIM), energy simulation software, and lifecycle assessment platforms allow architects and engineers to optimize designs for energy performance, material efficiency, and reduced carbon footprints from the earliest project stages. Digital twins extend this capability by facilitating real-time monitoring and optimization of building performance throughout its lifecycle, ensuring long-term energy efficiency and reduced environmental impact. By leveraging these technologies, companies can not only meet regulatory demands but also position themselves as leaders in creating environmentally responsible and energy-efficient designs that contribute to a sustainable future.

Question 3: With remote and hybrid work now a permanent reality for many industries, how do you anticipate these work models impacting collaboration and innovation in the AEC space, especially regarding software and project management tools?

Gould: With remote and hybrid work becoming the norm, the AEC industry is seeing some interesting shifts in how teams collaborate and innovate. While it used to be all about in-person meetings and site visits, now software and project management tools are stepping up to bridge the gap. Cloud-based platforms make it easier than ever for teams to share updates, track progress, and stay connected no matter where they’re working from. This new way of working is also pushing companies to adopt more streamlined workflows and better communication practices, which can actually spark innovation!

Question 4: How do you foresee AI and machine learning influencing decision-making and risk management in AEC projects? What are some challenges or limitations the industry might face in adopting these technologies?

Gould: AI and machine learning are definitely shaking things up in the AEC industry, especially when it comes to decision-making and risk management! These technologies can analyze massive amounts of data — like project schedules, historical performance, and even weather patterns — to predict potential delays, budget overruns, or safety risks before they happen. It’s like having an early warning system that helps teams make smarter, faster decisions. On top of that, AI can optimize workflows, improve resource allocation, and even suggest more efficient designs.

RELATED: Six Key Challenges in the Architecture, Engineering, Construction, and Operations (AECO) Industry and How to Solve Them with Jama Connect®

Question 5: As a follow up question: Do you have any concerns or anticipate any negative impacts as it pertains to AI & ML.

Gould: I believe there are some challenges to getting these tools up and running. One big hurdle is the quality of data — if your data isn’t clean or consistent, the AI’s predictions won’t be reliable. There’s also a learning curve; not everyone in the industry is ready to fully embrace these new tools, so training and change management are crucial. Plus, while AI is great for identifying trends, it still relies on human expertise for context and final decisions. So, while the potential is huge, there’s still some work to do in terms of adoption and integration in my opinion.

Question 6: Given the current emphasis on data-driven project management and predictive analytics, what strategies would you recommend for AEC firms to better leverage data for optimizing project outcomes and resource allocation?

Gould: If AEC firms want to get more out of data-driven project management, it starts with organizing their data. Centralizing everything — budgets, schedules, progress updates —into tools like BIM or Procore makes it easier to analyze and act on insights. Predictive analytics can then help spot issues early, like delays or resource shortages, so teams can adjust before problems escalate. The key is to train people to use the data effectively and start with small pilot projects to build confidence. When everyone’s on the same page and using the same data, decisions get smarter, and projects run smoother.

Question 7: Are there any additional insights you have regarding predictions, events, or trends you anticipate happening in 2025 and beyond?

Gould: Looking ahead to 2025 and beyond, I think we’ll see a bigger push for sustainability in AEC, with more focus on net-zero buildings and carbon tracking tools. AI and automation will likely play an even larger role in design and project management, making workflows faster and more efficient. Plus, digital twins and smart buildings will continue to grow, especially as IoT tech gets better. The challenge will be adapting quickly while balancing innovation with practicality, but the opportunities for transformation are huge!

2025 Expert Predictions for Aerospace and Defense: AI, Sustainability, and the Next Frontier

2025 Expert Predictions for Aerospace and Defense: AI, Sustainability, and the Next Frontier

Aerospace and defense are at the cusp of revolutionary changes, driven by advancements in artificial intelligence, autonomous systems, sustainable technologies, and digital transformation.

In part four of our annual predictions series, Vance Hilderman, CEO at AFuzion and Jama Software’s industry experts Cary Bryczek , Director of Solutions & Consulting; Karl Mulcahy, Global Sales Manager of Aerospace & Defense and Matt Macias, General Manager of Aerospace & Defense share their insights on the trends, challenges, and innovations shaping the future of aerospace and defense.

From the integration of AI in autonomous systems to the adoption of digital twins for operational efficiency and the pursuit of sustainable practices, these insights offer a glimpse into the opportunities and disruptions that lie ahead. Whether it’s navigating cybersecurity challenges or adapting to shifting geopolitical conditions, this year’s predictions provide a roadmap for industry leaders to thrive in 2025 and beyond.

We like to stay on top of trends in other industries as well. Read our predictions for Industrial & Consumer Electronics (ICE) HERE, Automotive HERE, and Semiconductor HERE – Plus, stay tuned for future topics, including Medical Device & Life Sciences, and AECO.

Editor’s Note: Responses reflect a mix of British and American English, depending on the respondent.

Question 1 – With the rising integration of AI, machine learning (ML), and autonomous systems, how do you foresee these technologies reshaping aerospace and defense operations? What are the most promising applications and potential challenges?

Vance Hilderman: AI & ML are already used for ground planning, flight plan optimization, flight deck monitoring, and assists. Militaries are using AI onboard UAVs (Unmanned Aerial Vehicle) and fighter aircraft but real-time AI on commercial aircraft is not yet allowed for safety-related operations.

Cary Bryczek: We will see an explosion in systems engineering utilizing AI. AI will not only be used to write requirements but decompose the requirements into lower-level requirements, create architecture models and establish traceability throughout. It’s beginning to happen right now! AI assistants for systems engineers will create enormous time savings so the actual engineering can be performed.

Karl Mulcahy: AI/ML I’m sure is of interest to these companies to make internal development practices more efficient, but also to enhance their offerings e.g., AI monitoring for better insights/decision making on a battlefield.

However, with ongoing security aspects a constant concern for sensitive projects within the defence world particularly, it may require more maturity and capabilities within customer environments for internal efficiency gains.

Matt Macias: The aviation industry is already demonstrating prototypes leveraging AI and autonomous operation with a large number of new and existing companies developing transformational vehicles to provide new ways for people and goods to utilize airborne mobility’s advantages. There is a strong desire to bring the consumer faster, safer and more cost-effective ways to travel. We see many new startups and innovative ideas in the work, which is very exciting. We also see a great rise in the pursuit of novel, innovative cyber-system approaches and new vehicle designs, propulsion and operations.

In the defense world we see AI/Autonomous systems enabling disruptive changes in the systems and total architectures utilized for security. These new technologies are enabling breakthroughs in new missions and exposing unexpected vulnerabilities. We saw this clearly in Ukraine with the successful use of inexpensive, modified consumer drones defeating far more expensive systems. We also see this in the changes and cancelations of some larger DOD systems programs, where there appears to be a shift in focus to very different, lower-cost systems. For example, drones that operate in a “constellation” of unique, adaptable, or “swarms” of “expendable” or essentially single-use systems that can potentially overwhelm more traditional manned or legacy systems. This is not only changing the approaches to military strategy, but it is revolutionizing the development of tomorrow’s military systems, leading (as in commercial aviation) to an explosion of new ideas and new programs. We also see a rapid growth of disruptive companies taking market share from traditional defense contractors.

All in all, this is a very exciting time for anyone who is interested in aviation, space and defense innovation.

RELATED: Buyer’s Guide: Selecting a Requirements Management and Traceability Solution for Aerospace

Question 2 – As a follow-up question: Do you have any concerns or anticipate any negative impacts as it pertains to AI & ML?

Hilderman: When used on the flight deck for real-time flight controls, it needs to be certified which is not yet possible for commercial aviation. We’re working on this.

Bryczek: I would say none to be honest. The technology is there to protect intellectual property. Perhaps the only concern I have is do we have the energy infrastructure ready to drive some of the computing power behind it all.

Macias: Currently, the most immediate negative impacts of AI & ML is the disruption of well-established commercial markets and in the case of defense, the unexpected vulnerability of military systems that we have invested heavily into ensure our security.

We don’t know yet how advanced air mobility systems might change the flow of people and goods around our cities, but it is likely that not likely in 2025. In the mid-term future, we will see disruptions as we seek new norms, such as increased noise, safety challenges, privacy challenges, etc. We can also see that the major militaries of the world are very concerned about countering the asymmetric threats autonomous systems pose to our larger defense platforms, likely to accelerate as AI is applied in the future.

Question 3 – As global demand for sustainable practices intensifies, what innovations in product design, materials, or manufacturing processes do you think will most significantly impact sustainability efforts in aerospace and defense?

Hilderman: eVTOL. [Editor’s note: Electric Vertical Take-Off and Landing (eVTOL) aircraft are a type of VTOL (Vertical Take-Off and Landing) vehicle that use electric power for vertical takeoff, landing, and hovering. Unlike traditional VTOLs, eVTOLs rely solely on electric propulsion.]

Bryczek: We are going to continue to see more research and development efforts into alternative geological materials to mitigate the need to use rare earth elements. Systems will need to be redesigned, or new systems built altogether that utilize different materials. It’s not just global political unrest that is driving this but also socio-environmental resistance to the mining/extraction process that ruin the environment.

Mulcahy: Better collaboration across teams using tools to capture outcomes, integrate data sets, and ensure better decision-making/more efficient ways of incorporating science and research into the manufacture of products.

Macias: Aerospace and Defense is an industry that has struggled greatly with achieving solutions for sustainability. A significant innovation focus is being applied to this ongoing challenge. We can see major positive impacts already in more efficient structures (increased use of carbon fiber composites and advanced designs) and advancement in the efficiency of traditional propulsion systems. In work and over the horizon there is a strong desire to harness advanced, model-based design approaches (including AI, generative design, MDO, MBSE), and advanced manufacturing automations (3D printing, advanced robotics, etc.) to enable dramatic innovations that will increase the efficiency of flight and other operations.

However, what the industry most dearly seeks is a sustainable power source for A&D systems. This will have great value as these systems consume a great deal of energy and in the case of defense systems, the cost of getting fuel to the point of need is extremely high. The challenges of electrification, sustainable aviation fuels (SAF), hydrogen propulsion, etc. continue to be a major focus of the A&D industry but also continue to present very significant challenges of affordability, reliability, power density/weight, and the logistics of fuel delivery.

Question 4 – Cybersecurity remains a top priority in aerospace and defense. What proactive steps do you believe the industry should take to strengthen security measures, particularly in software development and data management for connected and autonomous systems?

Hilderman: Mandate formal usage of DO-326A and ED-202A for cybersecurity within Avionics.

Bryczek: We already have terrific security policies and guidelines as Vance has pointed out that both the US and Europe have crafted. Developers need to be held accountable to follow security by design and to leverage zero-trust architecture. Still too often do I see security performed as an afterthought.

Macias: Security assurance is critical as we advance our use of autonomous systems and integrated data networks. This is and will remain a subject of constant focus, priority and challenge. The application of careful and advanced cybersecurity approaches must be a primary focus of all parts of the A&D system lifecycle including IP protection and security in operational data. As our systems become more intelligent and as the leverage is greater and greater computing power, this will only increase.

Question 5 – Given the shift toward digital transformation, what role do you see digital twins and simulation technologies playing in enhancing operational efficiency, project accuracy, and training in aerospace and defense?

Hilderman: Aircrafts are increasingly automated meaning less pilot involvement which means less onboard “practice;” this means simulation-based training is even more important.

Mulcahy: With more complex products being designed and worked across companies to deliver a larger product/initiative, going digital will be important to ensure alignment.

It will be important to ensure ways to share data seamlessly across tools to understand wider impacts, relationships and identify risks at an earlier stage.

Macias: The A&D industry is seeking the total usage of comprehensive digital twins that harness simulations in near real-time to instruct all aspects of a system’s lifecycle. Simulation driven, model-based development when harmonized into a comprehensive digital twin will enable dramatic breakthroughs in program efficiency, quality, and innovative capabilities. Because of the dramatic increase in ability of the engineering teams to cycle through massive numbers of virtual design and operational scenarios leading companies are enabling dramatic improvements in optimization and deep insights into the function of the designed systems early and throughout ongoing design changes.

This will extend to every aspect of the lifecycle, first into manufacturing and sustainment/service, mission development and operations health monitoring. We can envision a future where every operation of a system/vehicle is both simulated before it happens and after to assess the most efficient operation and the overall health of the system, safety of its occupants/environment. This can also have a significant impact on sustainability if the digital twin is harnessed to optimize operations for minimum energy consumption and maximize life of the system.

RELATED: Cybersecurity in the Air: Addressing Modern Threats with DO-326A

Question 6 – How do you anticipate changing geopolitical conditions and regulatory demands influencing the development of next-generation aerospace and defense products? What strategies should industry leaders consider to remain agile and compliant?

Hilderman: Defense demands will only grow; Europe will need to greatly increase spending, and USA will need to counter increased China spending.

Bryczek: In the defense industry, meeting the mission requirements and providing capabilities quickly to the warfighter trumps regulatory safety compliance requirements. Since there is no “certification” activity as in civilian aerospace systems, there is less burden on development practices. I see very little regulatory changes that will greatly impact defense. On the civilian side, regulations continue to evolve still very slowly. Leaders need to remain agile with their business strategy and align with what the political conditions offer. If there is a way to morph your product to a different market; then be bold and make it happen.

Mulcahy: With the rise of more worldwide conflicts, especially in Europe and the Middle East, more countries are spending more of their GDP on defence spending.

In today’s world, defense now goes more than just weapons, but also into space, cyber security and of course ensuring systems are secure and reliable.

New threats require new solutions to help mitigate these threats. That’s where more companies will develop more solutions and start-ups will emerge.

We often hear of a grey area in the UAV world in terms of regulations, but with more focus on the SORA (Specific Operations Risk Assessment) / SAIL (Safety Assessment Integrity Level,) it will be interesting to see what standards emerge with more civilian/military uses for UAVs for both attack and defence purposes.

Macias: As the broader world adjusts to an accelerated rate of change, we will need to introduce innovative solutions faster and leverage solutions from global partners. This will demand secure, virtual collaboration methods, new ways of joint development while protecting IP and data security, and new standards for safety, communication, and joint operations. Industry leaders should continue to seek secure, virtual collaboration methods that can bring global/multi-disciplinary teams together and ensure harmonized efforts.

Question 7 – Are there any additional insights you have regarding predictions, events, or trends you anticipate happening in 2025 and beyond?

Hilderman: Demand for engineers is greater than supply and this will only worsen.

Mulcahy: More innovation in the UAV / Advanced Air Mobility (AAM) markets, but also more focus on the security of these solutions and the supporting infrastructure and regulations. It will be interesting to see how this combines with AI to develop fully autonomous and intelligent UAVs for civilian/military use cases. The need for larger companies to become more digital, deliver faster, and streamline operations will continue to be a focus.

Macias: The recent past has shown that innovative concepts are accelearating at such a high pace that we are continuously being surprised and amazed at new possibliities and impacts. The industry as a whole must seek faster awareness, greater agility and increase creativity to respond, leverage, and compete in the face of such dynamic times for Aerospace and Defense systems.