Tag Archive for: ISO 26262


Automotive companies are under relentless pressure to innovate while ensuring they design and build functionally safe vehicles. Consumers expect more from the driving experience, leading to more electronic systems within product development. With the upsurge in complex electronic components like advanced driver-assistance systems (ADAS), meeting functional safety standards becomes even more critical.

We recently held a webinar, “From ADAS to Connected Systems, How to Accelerate Innovation in Automotive Development with Requirements Management?,” where we explored the common challenges that automotive developers face, and how to implement best practices aligned to functional safety standards.

Some of the key topics that were covered included:

  • Aligning how you work with best practices to meet functional safety standards
  • Integrating functional safety with normal product development
  • Using Jama Connect™ to align your product development processes with relevant parts of governing regulations and standards ISO 26262:2018 and ASPICE

This was a great webinar, and we don’t want you to miss out on the content! Below you can find a recording of the webinar, and an abbreviated transcript.

From ADAS to Connected Systems, How to Accelerate Innovation in Automotive Development with Requirements Management?


Adrian Rolufs: In today’s automotive development landscape, there’s an increase in focus on mobility services, connectivity between vehicles and other systems, higher focus on safety and more systems that are involved in safety and then as well as the electronic vehicle and the autonomous vehicle technical challenges that are being worked on. This has really changed the landscape quite significantly for companies operating in the space. We’re seeing vehicles that last longer that need to be reliable over a longer period of time. We’re seeing more regulations taking into effect that companies need to consider and there’s a lot more electronic and software systems being integrated into vehicles.  

This is really having a big impact on automotive development, and there are a couple major factors that we see. One is that existing vehicle companies and suppliers are starting new teams to work on these challenges and we also see a lot of new companies coming into the automotive space. This is where Jama Connect comes in. We have put together a solution for these new teams and new companies that are working in the automotive space to help them get going quickly. A lot of these teams have a common need which is to develop technology quickly, get to market quickly while still being compliant with the safety standards and following best practices. 

RELATED: Watch a demonstration of the Jama Connect for Automotive Solution

A big part of that is using a requirements management tool and having well defined requirements managing process. So, when an automotive customer buys Jama Connect for Automotive, this comes along with a process and documentation of that process for how to use the tool in a way that’s compliant with both ISO 26262 as well as Automotive SPCE which are the most common standards that companies are following in this space. We find that a lot of companies don’t have the time to set these processes up from scratch. They would prefer to leverage known practices that we can provide  

So, what does this solution look like? We first start by clarifying the scope of what Jama Connect is best used for in this space. So, there are elements of meeting ISO 26262 as well as Automotive SPICE that Jama Connect is ideally suited for and there’s other elements of those standards that don’t really apply to a tool like Jama Connect. 

We provide recommended procedures for how to use Jama Connect in this framework and to meet these standards and we provide a justification for those processes linking back to the specific elements of the standards that companies must follow. And then we also provide detailed activities that are best performed in Jama Connect. And finally, we provide export templates so that all the work that you do in Jama Connect can be exported into documents for long term archival and for audit purposes.  

Jama Connect for Automotive is primarily focused on requirements management, hazard and risk analysis, and test management, and the traceability between those. Jama Connect is a product that focuses on meeting those needs that customers have and the automotive solution provides the guidance for how to do that work in a way that’s compliant with automotive standards. We provide an out of the box configuration of the tool. Since Jama Connect is a highly configurable too, there are many different ways to set up the tool but this solution provides a framework that’s designed specifically to meet the industry standards for automotive in a way that makes the best use of the functionality of Jama Connect. 

We also provide a process documentation to provide you guidance on how to do the work in the tool, export templates to allow you to export your documents, a Functional Safety Kit so that you can help with qualifying the software tool. We also have the ability to provide you with a data exchange for exchanging requirements in ReqIF format between suppliers and other companies.  

And finally, Jama Connect for Automotive includes consulting and training services from our Professional Services group so that your teams can learn the tool quickly and efficiently and any questions can be answered. It’s also possible during that engagement to customize the framework. The framework is offered as a starting point but a lot of customers choose to customize it to their specific business needs and our consultants will help with that. 

To learn more about how Jama Connect for Automotive can help your team simplify compliance, streamline development, and speed time to market, download our solution overview.



In 2016, the Jama Software team proudly announced that we had received a certification from internationally-recognized testing body TÜV SÜD. Jama Connect™ was certified as a software tool for development of safety-related products according to ISO 26262 (up to ASIL D) and IEC 61508 (up to SIL 3). It was especially noteworthy, as Jama Software was one of the first vendors to be both SaaS and agile to have received this certification. 

Three years later, we are excited to announce we have extended the scope of our certification from TÜV SÜD. Jama Connect is now also certified as a software tool for development of medical devices according to IEC 62304 and railway applications according to EN 50128.

This new certification gives medical device developers and railway application developers confidence that Jama Connect has been evaluated and qualified for defining, building and testing products that have to meet critical functional safety requirements. 

We recently talked with Christian Nowak, Functional Safety Expert at TÜV SÜD, to discuss what is required to receive such certifications and what they mean for our customers. 

Jama Software: Can you explain, generally, how the certification process is completed 

Christian NowakFor a software tool certification, we are focusing our assessment on the development processes and the validation approach and evidences provided by our customers. An important activity is the on-site audit at the customer’s premises. The first audit was conducted in 2016 as part of the original certification and we performed a three-day re-audit in June 2018 at Jama Software’s headquarters in Portland, OR. 

During the initial audit we looked at the organization’s processes in the light of the functional safety standards’ requirements for developing and maintaining safety-relevant software. The recent re-audit included sample checks to see if these processes are being followed based on the evidences created.  

We also discussed and assessed modifications and improvements of processes, which play an important role for verification and validation especially in the context of the Agile development approach at Jama Software. 

RELATED: 3 Ways Products Became More Complex in the Last Five Years

JS: What is required in addition to the on-site audit?  

CN: The on-site activities are usually supported by off-site reviews of the documentation evidences generated by the customer. Due to the agile development approach at Jama Software leading to frequent releases, our assessment approach had to be adapted and is following this pace.  

In other words, we are regularly assessing the modifications Jama Software is applying remotely and updating our certification report accordingly. In a way, our assessment approach has, in this case, also become “agile.”  

JS: What does this certification mean for our customers? How can they benefit from these certifications?  

CNEvery Jama customer who is attempting to adhere to the mentioned standards for developing safety-related systems, hardware or software must provide documentation evidences addressing the requirements defined in the standards.  

Those requirements also consider the software tools that are used for the development of safety-related systems, hardware or software. The idea is that systematic faults should be avoided not only in the actual developed systems, hardware or software, but also in the software tools used for the development.  

By undergoing a successful third-party certification by an accredited testing body like TÜV SÜD, Jama Software demonstrates that they are following adequate development processes and performing adequate validation activities for preventing systematic faults. 

Thus, Jama customers can use the TÜV SÜD certificate as an argument for software tool qualification in projects where increased confidence in the software tool is required. They do not have to spend all the efforts for qualifying the tool themselves; they only have to make sure that they are following the safety manual that Jama Software is providing for each release. 

RELATED: Watch a demonstration of the Jama Connect for Automotive Solution

JS: What is the value for organizations developing products in accordance with these standards?   

CN: In some industry fields, functional safety standards are mandatory to be complied with – in others, product liability is a main driver. In general, the quality, reliability and of course the safety of those products are being improved, which helps avoiding recalls, sanctions, and worse – consumer injury. 

JS: How long is the certificate valid for? 

CSGenerally, a TÜV SÜD functional safety product certificate is valid for five years. During this timeframe, TÜV SÜD is however regularly monitoring the adherence to the requirements by accompanying the agile development remotely as mentioned before and by returning every two years for an on-site audit.    

JS: Is TÜV SÜD involved in the development of the functional safety standards?  

CN: Yes, TÜV SÜD is actively participating in the standardization committees. Please note that just recently the second edition of the automotive functional safety standard was released (ISO 26262:2018). 

RELATED: Learn more about ISO 26262 and automotive electronics development

JS: How long does the tool certification process take, on average?  

CNWell, this depends on the maturity of the existing development processes, the complexity of the tool and the experience of the company with functional safety when we start with the assessment. I would say the initial certification can be achieved within six months, but it can also take much longer if many iteration loops are required. 

To learn more about how Jama Connect can help your team simplify compliance, streamline development, and speed time to market, download our solution overview.


In today’s competitive market, automobile makers are racing to define the future of transportation. And given the complexity of modern, connected automobiles, it’s imperative that vehicle safety is adequately accounted for in the product development process.

Plus, as vehicles become more complex — e.g. autonomous driving and connected systems — so too are the standards for emissions, fuel economy, functional safety, cybersecurity, and system designs.

That’s why we’ve partnered with LHP Engineering Solutions (LHP) to ensure our visionary clients comply with all relevant functional safety and cybersecurity standards — like ISO 26262 and SAE J3061 — by seamlessly integrating compliance into the product development process.

Founded in 2001 with the mission to make safer products, LHP provides a variety of engineering services and products to assist customers in speeding up their product development cycles and solving product design and testing issues.

We recently spoke with the LHP team to talk about modern challenges in complex product development, and how this new partnership between LHP and Jama Software can help. Let’s dive into what customers can gain from this partnership:

Jama Software: Can you give us a rundown of the state of the automotive industry? How is it different than 10 years ago?

LHP: The next generation of automobiles are increasingly incorporating modern electronic technologies, from on-board diagnostics to engine controllers to infotainment systems to driver assist systems. As technology advances, the trend is to partially/fully automate vehicles. While some new features are entertainment- and convenience-based, the trend for autonomous vehicles is, to a large extent, functional safety related. The end goal is to reduce the number of deaths on public roadways by providing vehicles with the ability to recognize and avoid hazards or security threats.

Safety and security are the two biggest barriers to innovation and we’re helping companies overcome those barriers. The biggest reason why we don’t see self-driving cars everywhere is because, before that happens, we must prove that they’re not going to harm people, that they’re safe, and that the software can’t be compromised and used for unintended usage.

JS: What are some of the biggest challenges facing product development teams in the automotive industry today?

LHP: Compliance to ISO 26262 and SAE J3061 involves a change in culture that is difficult for established product development teams to implement. Part of this change means looking at the product(s) being developed differently, and part is a change in infrastructure to better control the product development lifecycle and the development artifacts.

Learn more about ISO 26262 and automotive electronics development.

JS: How does leveraging the partnership between LHP and Jama Software help customers when it comes to overall functional safety as well as complying with ISO 26262?

LHP: ISO 26262 complements good systems engineering practices by requiring that hardware and software safety concerns be addressed and documented in a systematic way throughout the product development lifecycle. In the past, safety design was considered part of general requirements activity. But merely identifying and tracing requirements in the software and hardware designs is not enough. The common practice of hardware and software teams working in silos will not guarantee the level of safety coverage required by ISO 26262.

Part of LHPs offering is development of data, infrastructure consultation, and process optimization. Now, thanks to our partnership with the Jama team, we can implement proper functional safety workflows in Jama Connect, with templates to facilitate the creation of data. Additionally, Jama Software customers in the automotive industry who have questions and concerns about how to use Jama Connect to support a safety lifecycle can tap into LHPs extensive knowledge and experience in functional safety and ISO 26262.

In order to demonstrate compliance with ISO 26262, you must have the ability to manage safety requirements, including traceability. Typically, our respective customers would need to address functional safety and requirements management separately. Working together, LHP and Jama Software can address both sets of concerns in concert.

Learn how Jama Software worked with TÜV SÜD on our ISO 26262 certification process, and how you can lower the costs and risks of complying with functional safety standards, by watching our webinar.

JS: What does LHP bring to the table that other requirements management platforms might not have access to?

LHP: What makes us better and unique compared to a lot of the other organizations is our wealth of knowledge. Our functional safety team actually came out of the aerospace industry with multiple decades of experience implementing safety-critical systems. The experience that they bring with them has time and time again proven to make us stand above the rest.

Just like Jama, LHP excels at custom integrations and tailoring flexible solutions for our customers. At LHP, we consult on and implement the latest automotive industry practices to ensure vehicle systems are safe, reliable, and secure. Customers come to LHP for our deep knowledge in embedded controls, integration support, and overall implementation of functional safety and cybersecurity processes.

Proving compliance with functional safety and cybersecurity standards like ISO 26262 and SAE J3061 requires a harmonious balance of processes, people, and tools. And together with LHP Engineering Solutions, Jama Software is helping automotive companies safely and confidently bring the future of transportation to market.

To learn more about how to maintain compliance with automotive functional safety standards and how to avoid common ISO 26262 mistakes, download our whitepaper, “Top 15 ISO 26262 Snafus.”

safety-critical product development

Bridging the Gaps in Safety-Critical Product Development

In increasingly complex, competitive, rapidly evolving, and highly regulated industries (including aerospace, automotive, and defense), market forces are creating new challenges for development teams building safety-critical products. To address this challenge, Ansys is hosting a webinar to discuss how combining a product development platform like Jama Connect with a model-based embedded software tool can help you bridge safety-critical product development gaps.

Date: September 15, 2020
Time: 11 AM EDT / 3 PM GMT /8:00 a.m. PT / 17:00 p.m. CEST

Designing complex cyber-physical systems not only requires a significant number of specialized stakeholders, but also efficient collaboration during development and verification activities. With some teams working remotely around the globe, there may be gaps in communications, locations, or tools that must be overcome to deliver the expected product in time and on budget, while being compliant with functional safety regulations.

In this webinar, Ansys and Jama Software show how to bridge the gaps by integrating a modern product development platform, such as Jama Connect, and a model-based embedded software tool, such as Ansys SCADE. From high-level requirements to V&V activities to implementation, you’ll be able to share a single source of truth that provides value to all stakeholders and facilitates alignment across teams.

Register and learn how to:
  • Design a product from stakeholder requirements to implementation according to safety standards like DO178-C or ISO 26262
  • Move from natural language requirements to formalized implementation with a high level of automation and using appropriate guidelines
  • Manage end-to-end traceability from requirements to tests and code that provides transparency to practitioners and management

Francois Xavier Dormoy, Senior Product Manager, Ansys
Michael Jastram, Senior Solutions Architect, Jama Software


Jama Connect for Automotive

For automotive manufacturers, compliance to safety standards is important, but it is not the only factor when delivering safe and reliable products to market. To achieve compliance, organizations need defined processes for automotive development and production and detailed traceability, from the high-level user needs through to test management.

In the automotive industry, the cost of being late to market is not just about your bottom line or market share. Today’s consumers have high expectations and won’t have the patience to wait for your solution. Leaders seek to spend less time on paperwork and more on innovation as part of an effort to streamline their product development and simplify compliance.

Over the coming months, we’ll be publishing a series on best practices for automotive development and how Jama Connect for Automotive can help teams align to industry standards, simplify functional safety compliance processes, and accelerate time to market. Below you’ll find a description of what you can expect from this series, and what topics will be covered.

Note: Now that our automotive development blog series has concluded, you can go back and read the Part I and Part II.

Related: Five Challenges in Modern Automotive Product Development

Part I: Thursday, September 10th: Automotive Spice (ASPICE)

Modern automobiles are complex systems of systems that must be reliable and safe. One of the ways to increase reliability and safety is for automotive OEMs and suppliers to follow established development processes. In this post, we’ll discuss how Jama Connect for Automotive aligns with Automotive Spice (ASPICE) and other regulatory standards.

Part II: Thursday, September 17th: Functional Safety (ISO 26262)

Functional safety is a key part of the overall safety of a system or piece of equipment in automotive development. Functional safety is crucial for automotive developers who aim to eliminate risk. In this post, we’ll detail how automotive development teams can build safety-critical products, while accelerating time to market with frameworks and templates aligned to functional safety industry standards.

Part III: Thursday, September 24th: Collaboration Across the Ecosystem

Effective collaboration with your customers and suppliers is crucial for automotive developers. In this blog post, we’ll discuss how with Jama Connect for Automotive, developers are able to collaborate across the ecosystem with requirements exchange, including standard Req-IF based data exchange.We’ll demonstrate how automotive developers can use Jama Connect for Automotive while effectively interfacing with other requirements management tools, avoid manual rework, and verify that all requirements are met, regardless of their original source.

Part IV: Thursday, October 1st: IATF 16949

IATF 16949:2016 (replaces ISO/TS 16949:2009) is a standard that establishes the requirements for a Quality Management System (QMS) in automotive development. In this blog post, we’ll discuss how Jama Connect for Automotive aligns with IATF 16949 and how developers can speed development with a platform designed specifically for automotive development.

Part V: Thursday, October 8th: TÜV SÜD

Jama Connect is certified by internationally recognized testing body, TÜV SÜD, as suitable for use in the development of safety-related software according to EN 50128, IEC 61508, and/or ISO 26262 up to SIL 3 or ASIL D. Jama Software provides a certification by TÜV SÜD for each cloud and self-hosted release. In this post, we’ll discuss what this certification means, and how it can help your team.

Part VI: Thursday, October 15th: Requirements Engineering for Remote Automotive Teams

In the final post of our 6-part series, we’ll discuss how to increase early stakeholder visibility and participation in the review process. We’ll demonstrate how teams can leverage Jama Connect for Automotive to exchange requirements data to collaborate with remote engineering teams, customers, and suppliers.

To learn more about how Jama Connect for Automotive can help your team simplify compliance, streamline development, and speed time to market, download our solution overview.


Jama Connect for AutomotiveToday we’re excited to introduce Jama Connect for Automotive, a new solution designed specifically to accelerate product development for automotive engineering teams in the autonomous, electric, and traditional vehicle space. This new solution is designed to assist engineering teams in improving development lifecycles and to better manage requirements, risk, hazard analysis, and test management, while simplifying alignment to safety-critical standards, including ISO 26262. 

The average life of vehicles on the road today exceeds 12 years, increasing the impact to the business of safety recalls and associated expenses to repair. Continued innovation in automotive product development, coupled with the need to meet safety-critical standards, creates a development environment where engineering teams must balance speed-to-market with product quality in support of functional safety standards. 

As the requirements management platform for six of the top 10 electric vehicle startups on the frontlines of innovation, we recognize these challenges and have been working closely with companies in the automotive industry to offer an all-in-one solution. Jama Connect for Automotive helps engineering teams get set up quickly, allowing them to focus on product design and innovation, while reducing the costs and effort required to align their development processes to functional safety standards. 

“Developers are balancing safety-critical standards and regulations with getting innovative products to market faster and in a highly disruptive and competitive climate,” said Josh Turpen, Chief Product Officer at Jama Software. “We’re excited to introduce our new solution designed specifically for automotive development teams, which will help facilitate the development process from the start. Jama Connect allows developers to hit the ground running with preconfigured templates and best practices built for automotive teams, saving critical time in the development process. This will be hugely beneficial for them especially now as teams continue to navigate the complexities of a remote work lifestyle.”  

RELATED: 5 Challenges in Automotive Product Development

Jama Connect for Automotive accelerates the development lifecycle with key features including: 

  • Automotive framework aligned to key industry standards and regulations: ISO 26262:2018, Automotive SPICE (ASPICE) and SEBoK 
  • Best practices including procedure and configuration guides for automotive manufacturing activities 
  • Document export templates including requirements specifications 
  • Functional safety kit with TÜV SÜD certificate and report 
  • Supply chain collaboration to enable an ongoing exchange of requirements between customers and suppliers 
  • Training and documentation aligned to automotive regulations, that provide accelerated onboarding to set developers up quickly   

The built-in templates and best practices guides provided in Jama Connect enable engineering teams to reduce development cycle times. Jama Software is helping to streamline development processes, ultimately accelerating new product launches to market while ensuring customers meet safety-critical standards and regulations for the highly evolving automotive industry.  

Register for our upcoming webinar with Ansys to learn more about bridging the gaps in safety-critical product development. 



How to Choose the Right Tool for ASIL D Requirement Management ISO 26262 / IEC 61508

Editor’s Note: This posts on tool selection around ASIL D requirement management for ISO 26262 / IEC 61508 was originally published here by LHP Engineering Solutions and written by Steve Neemeh. When the options for choosing a requirements management tool are endless, what factors should you be looking at to help make your decision? This article provides some concrete considerations you may use to guide your selection.

requirement management


Which tools should I use for ASIL D requirement management ISO 26262 / IEC 61508?

There are a multitude of requirements management tools in the marketplace (e.g., IBM DNG, Siemens Polarion, Jama Software, Helix). How does an organization make the important decision of which is best for its needs when the options are endless or when using Microsoft Word/Excel or Google Docs for requirements management can be considered? Is there even one tool that can meet all of the organization’s needs? This blog will describe why selecting a tool based on one specific departmental need, such as requirements management, might be impractical.

To begin the search, here are five items that might be considered:

1. Cost of Tools
  • The range of costs can vary significantly. For a small organization, some of the larger toolchains may not be affordable. On the other hand, some of the smaller tools may not address parts of requirements management that are critical for ASIL D development.
2. Size and Distribution of the Organization
  • How many engineers need the tools and in how many locations? Some license agreements are floating so utilization could be optimized if the tools are used across multiple time zones (e.g. India and USA).
3. Number of Requirements and Requirements Hierarchy
  • Are there 100 safety-critical requirements or 5,000? Out of these requirements, how many of them are related to software, hardware, or test cases? How large is the HARA and how many safety goals are there? This will define the size of the requirements hierarchy.
4. Existing tools
  • The selection and integration of a new tool will inevitably impact the use of the exiting toolchains.
5. Full ISO 26262 workflow
  • Refer to V diagram.
requirements management ISO 26262 / IEC 61508

LHP’s requirements management V diagram for the Application Lifecycle Management toolchain


When researching tools for an organization, it is a common discovery that there is not one tool that meets all of the needs. The tools industry has not caught up with the complexity of the safety lifecycle. What is found in the marketplace are versions of Application Lifecycle Management (ALM) tools, but what is really needed is an LHP ecosystem-based Safety Lifecycle Management (SLM) toolchain. This SLM is based on guidelines for safety-critical development as defined in the 700+ pages of requirements, work products, and methods in standards such as ISO 26262 or the Safety of The Intended Functionality (SOTIF).

What is the Workflow for Functional Safety, ASPICE, and Other Safety-Critical Applications?

The V diagram covers the foundational items that need to be considered in addressing a standard like ISO 26262: project management, task management, and change management. In this particular case, four tools have been considered: ANSYS Medini, Jama Software, Atlassian JIRA, and National Instruments. All four tools provide partial solutions to meeting the needs of functional safety.

  • ANSYS Medini: HARA and systems-level modeling, as well as hardware metrics calculations (Parts 3 & 5 of ISO 26262)
  • Jama Software: Requirements management (required by ISO 26262, emphasized in Part 8)
  • Atlassian JIRA: Project management and change management
  • National Instruments Tools: Automated test and test scripting

By combining the engineering best practices with the tools’ strengths and considering an organization’s main drivers, a workflow can be defined; one that optimizes tool usage and reduces the load on engineers. Ultimately, to be successful within safety-critical development, an organization needs to develop against a standard while also reducing the labor associated with engineering and testing.

Without the latter, the cost and time for development escalate exponentially. Are engineers going to copy and paste data across tools? Are they going to have multiple versions of the same information across different toolchains? As the complexity of systems increases, a non-optimized toolchain can paralyze an organization and its development process.

In the absence of a commercial off-the-shelf fully-compliant SLM tool, the solution of integration tools can provide the same functionality. For this purpose, the tools provide methods of connectivity with REST (Representational State Transfer) API. An example of a REST API between Jama Software and JIRA is shown in the appendix.


When selecting a requirements management tool, it is crucial to consider the needs of the organization as a whole, the safety workflow, and the customization and connectivity for optimization of the tools. In a typical implementation of a safety-critical system, most organizations just consider one, or parts of one, of these critical items, causing large rework and tool spend that can otherwise be avoided.

  • There is no one tool that meets the needs of requirements management in compliance with functional safety.
  • The tool capability varies greatly based on cost, and there is feature overlap between tools.
  • The holistic organization, not just a single department, needs to be involved in making the tool selection. The needs of each department: management, engineering, IT, manufacturing, regulators, and even certification agencies all must be considered.
  • The tool must be appropriate for the size and scale of the organization.
  • There are methods of automating data transfer that significantly reduce labor and cost on development programs (as shown in the appendix).
  • Successful organizations are going to get ahead by creating efficient workflows that allow them to release products faster and more economically in the new electric vehicle/autonomous vehicle (EV/AV) world of transportation.

Appendix: More Details About REST API

Both Jama Software and JIRA provide access to their cloud resources via Representational State Transfer (REST API). REST is a web-based application programming interface that exposes a set of Uniform Resource Locators (URLs) with which to carry out Create, Read, Update, Delete (CRUD) operations in the tool. LHP Engineering Solutions has implemented a Domain Object Model (DOM) connection for both Jama Software and JIRA with a third integration piece to connect the two. The integration piece is a configurable application that implements the customer use cases.

REST API integration

Benefits of Using REST API
  • Ease of implementation
    • REST is a standard specification of how to access web resources
    • All web and cloud-based tools expose REST APIs
    • Returns data, as well as metadata, which allows for conditional and iterative processing
    • Implemented in a JAVA wrapper making it configurable and portable to any system
  • Customizable authentication feature
    • Simple user and password authentication if desired
    • Simple user and access token authentication if more security is desired
    • OAuth authentication is also available but not required
  • Portability of output to Web and other tool frameworks
    • XML/JSON that any tool can consume
    • XML/JSON are standard serialized data formats for web resources
    • Web applications typically take XML/JSON as input files for data exchange, data migration, report building, etc.
REST API Complexities
  • Requires a non-standard mapping of attributes from Jama Software to JIRA and vice-versa. Each customer mapping will need to be customized.
    • The REST specification defines what the API should do but not how it should do it. No standardization of data schema. Therefore, tools will have disparate data models.
    • Attribute A in Tool A must be mapped via a mapping file to Attribute B in Tool B etc. This goes for attributes, links, attachments, and all data elements in each data model.
    • A UI will have to be developed to allow for the mapping creation and management.
Standard Feature Set of REST API
  • Mapping and transfer of attributes and attachments from one tool to the other
    • Data models are mapped as closely to 1:1 as possible
    • UI to build and manage mappings
  • Scheduled and on-demand synchronization
    • Synchronization data between toolsets via UI
    • Synchronize data between toolsets by scheduling a task
  • Intermediate transformations (e.g., risk calculations)
    • Calculating or transforming the data from the source tool before reaching the target tool
  • Linking from one tool to the other via hypertext links
    • URLs from source resources to target resources and vice versa for traceability
  • Reports
    • Since the REST APIs produce a consumable output, any reporting tool that can consume XML/JSON can be used to produce reports.
      • Jama Software reports
      • JIRA reports
      • Requirements gap analysis
      • Test coverage gap analysis
      • Requirements Traceability Matrix
      • Bug reports
      • Customized reports

We’ve compiled a list of helpful resources for requirements management in automotive development, click the button to learn more!


Compliance Audit with modern requirements management

This post on the pains of compliance is part of a series. You can find Part II on legacy software pains here, Part III on enabling innovation here, Part V on moving from DOORS to Jama Connect here, and Part VI on migration solutions here

As the devices around us become increasingly powerful, their ability to harm us may be increasing as well. And while the majority of connected devices and products are safe, there are recent headlines that reinforce the importance of compliance audits and properly managing risk.

Recently, a hacker remotely killed the engine of a car while a motorist unknowingly drove down the highway. Another recent example happened to Toyota, when mistakes during development caused failing brakes and random accelerations, resulting in the automobile maker recalling almost two million cars.

But in spite of dramatic incidents like these, today’s products are remarkably reliable. We generally feel safe stepping into a plane or taking a ride in our car. We feel safe, because those in the automotive and aerospace industries must prove compliance with industry standards and regulations that ensure their products adhere to high safety standards.

Regulatory Compliance is Good for Business

Even though corners are sometimes cut, most companies recognize that compliance is essential in the long run. While the ethical argument is a no-brainer, compliance with regulatory standards also enables customer confidence, boosts quality, and motivates employees.

Compliance audits are based on standards like ISO 26262 for automotive developers or DO178B/C for aeronautics. These have been around for decades and have helped shape the design of countless safe products. Many of these standards are based on IEC 61508, which conceptually describes best practices that lead to safe systems.

Using safety standards for compliance audits

Regardless of whether you are developing a car component or nuclear reactor, there are certain capabilities that your development process must exhibit in order to pass a compliance audit. In this day and age, it is next to impossible to do this without the support of quality solutions. Selecting the right product development solution will help you:

  • Prove complete traceability throughout every step of the development process
  • Standardize best practices, ideally with automated compliance reporting
  • Visualize and effectively manage the impact of changes
  • Support your product schedule and ensure that it is not compromised by quality and compliance requirements
  • Act as your single source of truth for risk, test, and requirements

Learn more about requirements traceability by downloading our eBook, The Jama Software Guide to Requirements Traceability.”

Complex Product Development Demands More than Legacy Requirements Management Tools

IBM® DOORS® (IBM Engineering Requirements Management – DOORS Family) was an amazing tool – when it was originally published in 1991, almost 30 years ago. A new product was developed from scratch, called DOORS Next (IBM Engineering Requirements Management – DOORS Next) and released to the market in 20121. Yet many users of DOORS hesitate to switch. This is because instead of an easy transition to DOORS’ new product, there is a lengthy migration to DOORS Next required that’s usually very costly.

DOORS has many capabilities for working in regulated industries, but the limitations far outweigh the benefits. It does not deal well with increasing complexity or the need for collaboration and seamless integration in existing tool ecosystems. Let’s have a look at some of the limitations of DOORS:

  • Traceability: DOORS has powerful traceability capabilities, but they are hidden behind a cumbersome interface. This leads to outdated traces. Users find traceability maintenance to be difficult with DOORS, and sometimes traces are created “after the fact” for compliance audits and nothing else. This is a missed opportunity, as an up to date, easy-to-use traceability matrix creates transparency and confidence when reacting to change. Traceability is also an enabler for agility.
  • Change Management: The traceability of DOORS does support change management, e.g. via suspect links in principle. Unfortunately, this information is hidden and hard to put to use. Compare that to the actionable traceability of Jama Connect™, which proactively points out issues in the traceability matrix and suggests how to fix them.
  • Compliance Reporting: DOORS allows you to report on virtually everything – but almost everything requires scripting with its proprietary scripting language, DXL. Unless you have a responsive programmer on your team, you will have a hard time getting the information you need.
  • Best Practices: Every “module” (document) in DOORS has its own fields, and without an in-house expert, users sometimes find themselves with little guidance on how to use the tool. This results in inconsistencies, which in turn result in confusion and lack of transparency. Consider two “system specifications” with inconsistent values for “priority.” Likewise, standardized workflows guide users through their daily work. In DOORS, you need a programmer to provide this functionality.
  • Collaboration: Collaboration is the foundation for high-quality product development and a foundation for compliance, which requires transparency and managerial oversight. But when Rational DOORS was released, the Word Wide Web was just two years old. Initially, no collaboration capabilities existed at all.
  • Single Source of Truth: DOORS provides you with a single source of the truth – as long as the truth resides in DOORS. In 1991, nobody was thinking about integrating various tools into a seamless tool chain. And therefore, DOORS is an isolated silo. Due to the complexity of the user interface, often stakeholders refuse to take a peek into that silo.

See how IBM DOORS customers can migration to Jama Connect by viewing our datasheet.

What about DOORS Next?

The only thing DOORS Next shares with the DOORS solution is the name. Otherwise, it’s newly developed software. This means that the raw requirements data can be migrated, but this is possible with virtually all requirements solutions on the market. The customizations that were done to DOORS cannot be migrated. This means that users who want to switch away from DOORS are not constrained by a particularly attractive migration path.

Whether you migrate from DOORS to DOORS Next or to Jama Connect, the effort is the same. And that allows you to compare the capabilities of solutions on the market without having to worry about the migration path: It will take some effort, no matter which solution you choose.

Leaving Legacy RM Solutions in the Past

We at Jama Software acknowledge everything that legacy RM solutions have done in the past for the discipline of requirements management and requirements engineering. But after almost 30 years, it’s time to reinvent modern requirements management.

In particular, the demands for compliance for today’s complex products can no longer be satisfied by legacy RM tools. Transparency, collaboration, best practices, and oversight – all these were non-issues in 1991 when legacy RM solutions were built.

If you are in an organization that uses a legacy RM solution, it is time to assess if it’s up to the challenges ahead and you have a choice of many modern requirements management solutions on the market.

See how Jama Connect can transform your requirements management process for legacy software customers in our whitepaper, “Jama Connect: A Modern Requirements Management Alternative to IBM DOORS.”

*IBM® and DOORS® are registered trademarks of IBM Corporation.

1 IBM United States Software Announcement 212-505, dated November 27, 2012

Compliance standards, especially those that involve relatively new functional safety elements, will likely add additional requirements to the development process.

For example, the increasing complexity and abundance of automotive electronic systems led to the creation of a functional safety standard called ISO 26262 in 2011. And to ensure that new electronic functions remain functionally safe in the industry’s rapidly evolving environment, the International Organization for Standardization (ISO) recently introduced a second edition of ISO 26262 in December 2018. Similar regulations for other industries abound: DO-178B/C for aerospace standards, and IEC 60601 and ISO 14971 for medical standards.

Common to all of these safety standards is a risk-based approach to determine the criticality and potential hazards associated with key system functions. The primary goal of these standards is to prevent the failure of a system or device that could cause injury, harm or death. If a failure is unavoidable, then the system should fail gracefully.

Watch our webinar: “Understanding ISO 26262 Compliance for Automotive Suppliers”

The Impact of Tools in Functional Safety

ISO 26262 complements good systems engineering practices by requiring that hardware and software safety concerns be addressed and documented in a systematic way throughout the development lifecycle. In the past, safety design was considered part of general requirements activity. But merely identifying and tracing requirements in the software and hardware teams is not enough. The common practice of hardware and software teams working in silos will not guarantee the level of safety coverage required by ISO 26262.

How can the problem be resolved?

One of the key things missing from the general approach to requirements are the traceability links between phases. Many tools do a great job of requirements management and traceability within a particular phase but provide a poor auditable trail for traceability between phases. The activities of comprehensive and complete lifecycle traceability become an auditing afterthought, to be finished after the project is completed. This is the result that ISO 26262 tries to avoid through documented attention to the development process, decision-making and selection of supporting tools.

And because functional safety is a top priority for so many of our customers, Jama went through the process of earning a certification from internationally recognized testing body TÜV SÜD. Jama Connect™ is certified as a fit-for-purpose software tool for development of safety-related products according to ISO 26262 (up to ASIL D), IEC 61508 (up to SIL 3), IEC 62304 and EN 50128, giving our customers confidence that the products they are building are safe to use.

Learn more about ISO 26262 and automotive electronics development.

Tool Implementation Strategies

Tool qualification depends upon how the tool is used, which in turn determines what impact it could have on safety. For example, depending upon its usage, can the tool introduce a hardware defect or software bug into the system? How the tool is used within a tool chain will also determine the probability that an error introduced by the tool will be detected.

A confidence level is assigned to a given tool, or a flow within a tool, based upon the probability that it will insert or cause an error, combined with the likelihood that the error will be detected during the development process. The importance of the tool confidence level is that it will determine the cost an organization must invest in tool qualification.

As with other standards, implementing the ISO 26262 process requires iteration of a number of basic steps:

  1. Determine the existing process and tools to answer the question “Where are we now?”: Review the current embedded hardware and software development processes and tool chains. Understand the application(s) to be developed and assign levels of confidence in terms of safety.
  2. Gap analysis to answer the question “Where would we like to be?”: Perform a gap or impact analysis to identify current challenges and process efficiency improvements – often done using model-based design techniques.
  3. Training and instruction: Provide design-for-safety training and instruction to address the previously identified gaps.
  4. Hands-on deployment support: Apply the knowledge gained in the previous steps to a specific pilot project. This will require assistance in a wide range of areas including requirements traceability, modeling, simulation, code generation, verification, validation, tool qualification and system integration.

Jama Software is the first SaaS and Agile vendor to be ISO 26262 fit-for-purpose certified by TÜV SÜD. Read more.

Alignment with Best Practices for Functional Safety

This holistic approach to functional safety exemplifies several key elements of good system engineering processes: collaboration, traceability, validation and verification (V&V), risk analysis and mitigation, and careful integration within the tool chain.

Watch our webinar, “Jama ISO 26262 Certification and Best Practices for Development,” to learn more about how teams creating products for any safety-critical industry can lower the costs and risks of complying with functional safety standards.

Product development

Close gaps in product development with Jama Connect™ and LDRA

Interested in closing gaps in your product development lifecycle? It’s no secret that developers of mission-critical software are facing increasingly complex system requirements and stringent standards for safety and efficacy. That’s why Jama Software has partnered with LDRA to deliver a test validation and verification solution for safety- and security-critical embedded software. LDRA has been a market leader in verification and software quality tools for over 40 years. They serve customers across the aerospace and defense, industrial energy, automotive, rail, and medical device industries.

Integrating TÜV SÜD-certified Jama Connect with the LDRA tool suite gives teams bidirectional traceability across the development lifecycle. This transparency helps development teams build higher-quality products and get to market faster while mitigating risk. Whether teams are working from a standards-based V model or applying an Agile, Spiral, or Waterfall methodology, employing Jama Connect in concert with the TÜV SÜD- and TÜV SAAR-certified LDRA tool suite closes the verification gaps in the development lifecycle, helping to ensure the delivery of safe and secure software.

Let’s dive into some details to understand the value of using Jama Connect and the LDRA tool suite.

Requirements and test cases form the bond between Jama Connect™ and LDRA

Product managers and engineers use Jama Connect to manage requirements and testing from idea through development, integration, and launch. Managing requirements in the Jama Connect platform allows users to align teams, track decisions, and move forward with confidence that they are building the product or system they set out to build.

LDRA imports Jama requirements and test cases, mirroring the structure and levels of traceability established from the decomposition of stakeholder requirements down to software requirements and test cases. With the Jama artifacts in the LDRA tool suite, traceability down to the code can be realized and verification and validation of requirements can begin.

During the Jama test case import, the user can choose the type of test case it corresponds to (e.g. unit test, system test, code review test) and let LDRA create a test artifact that will invoke the proper part of the LDRA tool suite and realize that test case type.

Part of realizing Jama test cases in the LDRA tool suite includes the ability to follow the steps defined in the Jama test case description (e.g. inputs, outputs, expected results). Test cases executed by the LDRA tool suite can be executed either on a host machine, in a virtual environment, or on the actual target hardware. Verification results are captured, and Pass/Fail status results are produced. The verification results can then be exported from the LDRA tool suite into the Jama test case verification status field.

By way of the Jama Test Run feature, the change in verification status and included user notes can be logged and committed. Additionally, if the user desires, the LDRA tool suite verification results can also be exported into the Jama requirement verification status field, giving the Jama user additional touch points to analyze.

Another benefit of the integration is Jama’s ability to create, link, assign, track, and manage defects discovered during testing with the LDRA tool suite.

Partnering with standards and safety experts on product development

Many industries and their applications have safety-critical requirements drawn from process standards like ISO 14971 and ISO 26262. These requirements demand a higher level of visibility and traceability that can be achieved with the Jama-LDRA integration.

LDRA is heavily involved in the international standards body. They help lead the DO-178 standard in the aerospace market for safety in avionics. LDRA is also a significant contributor to the MISRA software coding standard and other standards like CERT. Their tool suite is ISO 9001:2008-certified as a quality management system and TÜV SÜD- and TÜV SAAR-certified.

The Jama-LDRA partnership benefits not only LDRA customers in the military and aerospace needing to comply with standards like DO-178B/C, but also one of the fastest-growing industries, and the one that keeps LDRA the busiest: the automotive industry and their need to comply with ISO 26262. The Jama-LDRA partnership also addresses applications for safety and security in the medical device industry (IEC 62304), rail (EN 50128), and industrial controls and energy (IEC 61508).

RELATED: Increasing Efficiency in Testing and Confidence in Safety Standard Compliance

Certification and code analysis

LDRA helps users achieve certification in standards like DO-178B/C, DO-331, ISO 26262, Future Airborne Capability Environment (FACE), IEC 61508, and others. The LDRA tool suite lays out a set of objectives for the relevant process standard, along with corresponding artifact placeholders and sample template documents. This guiding project structure with built-in progress metrics gives the user an intuitive understanding of what is required to achieve certification and the day-to-day gains toward that goal.

A major key benefit to customers is LDRA’s ability to perform on target hardware testing or Run-For-Score (RFS). These customers have a very strict process for achieving certification wherein step-by-step testing is followed and results are logged and eye-witnessed.

LDRA also has its own proprietary code analysis engine. Starting with static code analysis, a debugging method that examines the source code before the program is run, LDRA generally finds potential coding flaws and security vulnerabilities prior to code compilation. Once the code has been compiled, testing can be further complemented by LDRA’s dynamic testing, structural coverage, and unit testing.

Build with certainty

The complementary capabilities and automation offered by Jama and LDRA deliver a powerful solution for the development and test verification of software systems in the product development lifecycle. Whatever software development approach your team chooses to employ, requirements- combined with Jama’s product lifecycle management capacities can help you deliver safe, compliant products on time and on budget.

To learn more about test management with Jama, take a deeper look at our solution and download the datasheet.

To learn more on the topic of test management, we’ve compiled a handy list of valuable resources for you!