Tag Archive for: Product Development & Management

In this blog, we recap our webinar, “DO-326 Airborne Security Assurance, Threat Modeling, and DevSecOps” – Watch the entire thing HERE.

Cyber vulnerabilities can have a significant impact on safety-critical systems.

Today there is an unprecedented level of digital interconnectivity in everything from vehicle sensors to rovers on the surface of Mars. The aerospace industry has a high degree of cyber connectedness where a negative impact could cause harm to not only aircraft but financial systems, company reputations, international relations, or even physical harm to humans and property.

During this informative session, Cary Bryczek, Director of Aerospace & Defense Solutions at Jama Software®, discusses how Jama Software applies a cybersecure-by-design approach to meeting DO-326A/DO-356A for aircraft systems and how this can be extended to the defense domain.

In this webinar, we covered:

  • Applying the Airworthiness Security Assurance Process
  • Threat (attack) modeling methods
  • Tracing security measures to requirements and tests
  • The role of requirements in DevSecOps tool ecosystems

DO-326 Airborne Security Assurance, Threat Modeling, and DevSecOps

Cary Bryczek: What we’re seeing today is just an unprecedented level of digital interconnectivity in seemingly every system out there. The aviation industry has a high degree of cyber connectedness where a negative impact could really cause harm to not just humans and property, but company reputations, international relations, or financial systems.

What we’re going to see today is how Jama Connect can provide a cyber secure-by-design approach to meeting the many aspects of DO-326 and DO-356, or ED-202 and ED-203 in Europe, the Middle East, and Africa (EMEA.) What we’re going to see is we’re going to apply the airworthiness security process that’s inside of DO-326, and use Jama Connect’s Live Traceability™ to trace security measures to security requirements, trace security requirements to testing, look and see how a threat analysis can all be incorporated into a single platform.

What is Cybersecurity by Design? So one of the things that we see a lot is in the tool ecosystem is a very disconnected set of processes and tools. So whether you’re tracing and using tools that do requirements identification, tracing those to verifications and hardware and software designs, or whether you’re using tools to do aircraft security analysis and tracing those to security architectures and security V&V, we’re noticing the disconnectedness of the processes in the tool ecosystem is causing product delays, cost overruns, product failures, audit failures, late identification of defects, and lack of visibility because the ecosystem is very disconnected, is taking place. There’s poor requirement coordination. Change management is hard between software and hardware, and you have a high degree of manual effort required to produce the traceability that’s required for certification. And you’re seeing this after the fact and Excel is used everywhere. Desktop tools are prevalent in the engineering of these systems, and it’s difficult to integrate desktop tools and Excel files into and across the ecosystem for product development.

RELATED: Jama Connect® Features in Five: Space Systems Framework

Bryczek: So what is Live Traceability? Live Traceability in Jama Connect gives the ability for any engineer at any time to see the most up-to-date upstream and downstream information for any requirement, no matter the stage of the systems development or however many siloed tools it spans. Now, this Live Traceability is important because it’s required by the industry standards like we’ve seen in aviation development and Live Traceability delivers a huge productivity improvement and it reduces the risk and the delay that happens when you have a disconnected tool environment.

So we’re going to talk about DO-326. DO-326 is really a set of standards jointly developed by RTCA and EUROCAE. It came about in 2006. It includes a few separate standards. DO-326 and ED-202 really is about the airworthiness security process specification. It explains the fundamental concepts behind airworthiness cybersecurity. DO-356 and ED-203, the airworthiness security methods and considerations, this explains how to perform cybersecurity investments, how to evaluate threats, and security measures of the system. How do you apply the mitigation measures? DO-355, we’re not going to really talk about that one today, but it’s applicable to if there are changes in an already certified system. So one of the most relevant documents you’re going to start with even before you start down the path for cybersecurity, is creating your product information and security risk assessment document. You’re going to perform an analysis of this, and this analysis should be conducted according to the standards.

So what exactly is airworthiness? So airworthiness security is the protection of the airworthiness of the aircraft from intentional unauthorized electronic interaction. So existing safety processes don’t consider intentional disruption. They look at the faults and failures of an aircraft or the aircraft system on a whole. But DO-326 is specifically looking at intentional human-initiated actions with the potential to affect the aircraft due to some unauthorized access or disclosure or causing some denial or disruption of the information systems, the networks, and the software that’s running on these aircraft systems. So this also might include things like malware or infected devices or the logical effects of any external systems. So the purpose of the airworthiness security process within DO-326 is to establish that when subjected to this unauthorized interaction, the aircraft is going to remain in a condition for safe operation.

So like I said earlier, DO-326 describes the what and DO-356 is the how. I’m sure that you guys have carefully looked at both of these guidelines and these are images from the guidelines. But I just wanted to point out what we’re going to talk about today. We’re going to talk about how the airworthiness security process and threats are mapped in Jama and how you can have security assurance and the risk assessment process from DO-356, how those can be conducted in Jama Connect itself. As you know, DO-326 live in its own. You’re having supporting processes from the development of the aircraft, the development of the system, DO-178, ARP-4754 are all interacting and being conducted at the same time. So there’s no linear, do this first, do this next, do this later. All of these processes are taking place pretty much simultaneously or iteratively as you design and develop the aircraft system.

So the airworthiness security process from a basic level, it’s again, it’s the protection of the aircraft from intentional unauthorized electronic interaction. There are four steps for the basic process. We’re going to first identify the system assets and its parameters. The second step is to identify the threats for all of those assets, identify those risks for each of the threats, so what might happen, and then create controls and mitigations for those risks. You’re going to be adjudicating the degree of harm and assigning a security assurance level, the strongest being SAL3 or the least would be a SAL zero where there’s this limited or protection needs required. So there’s a way to grade those as well.

RELATED: Traceable Agile – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Bryczek: The inside of Jama Connect itself, this image describes essentially the architecture of what you’re going to see that what we have in the product. We have a template that you can use to facilitate this. It sits alongside of our template that’s used for ARP-4754, and DO-178, or DO-254. The orange assets essentially is the data model that we’re using to capture the different types of things in the system. So we have assets, we have vulnerabilities. Those are tied to different threat assessments or a threat assessment is performed on these types of objects. We have security measures, we have the security architecture elements, and those feed into the security requirements. This comes pre-configured out of the box. We also have an area where you going to capture the data for that kind of thing.

Having this sort of a data model enables engineers to really perform the analysis to understand, all right, which assets have I not assessed yet? What’s the workflow? Who has reviewed the threat assessment? Have the security measures been satisfied by security requirements? Have we done security testing of the system? So this sort of data model enables the traceability to be instantiated and allows engineers to really more easily create the kind of a content. So one of the benefits you see of using Jama is that the security process is not disconnected from the design and development of the aircraft system itself. It’s done alongside. So that way you have that earlier touch points between the functional aircraft, design engineers and the security engineers. So you’re building in that secure by design approach.

Deep dive into the seven steps of DO-326A compliance in this related whitepaper:
Cybersecurity in the Air: Addressing Modern Threats with DO-326A

In this blog, we recap our eBook, “Buyer’s Guide: Selecting a Requirements Management and Traceability Solution for Aerospace” – To download the entire thing, click HERE.

Buyer’s Guide: Selecting a Requirements Management and Traceability Solution for Aerospace

Use a Single Platform to Accelerate Innovation in Aerospace Systems Development

Consistently meeting product security, reliability and safety requirements proves the top challenge for aerospace systems development lifecycles. Contract complexity, streams of new regulations and policies, in addition to the challenges presented by increasingly networked systems, add to the already onerous development processes. This can lead to unmet technical performance parameters or delayed airworthiness certification reviews which for commercial aviation today takes years, to possibly lengthen out even more.

Effective management of these shifting complexities impacts your ability to meet compliance and ultimately, critical timelines. As a result, your development teams could find themselves:

  • Mired in rework
  • Making trade-offs without context
  • Stuck in unproductive meetings

In this industry, aircraft and space systems development requires strict attention to safety and security requirements, as well as continuous innovation and fast paced development to remain competitive. Ineffective stakeholder collaboration and communication between suppliers, government customers, contractors, and vendors can lead to delivery delays and cost overruns.

Bottom Line: The accelerated development of safe, high-quality aerospace systems, coupled with a highly complex regulatory and contractual environment, create competing challenges, and make it difficult for teams to focus.

What if you didn’t have to compromise?

This Buyer’s Guide incorporates insights from Jama Software’s more than ten years of experience partnering with forward-thinking systems development teams. We’ve designed a platform to help aerospace systems development teams manage the systems engineering data and controls. This allows them to:

  • Align to industry regulations quickly
  • Simplify contract deliverables and certification preparations
  • Accelerate time to market and mission

Use these insights to better understand the challenges you’re up against and thoughtfully consider potential solutions. Plus, learn how to get the buy-in you need to undertake the kind of transformation necessary to succeed with complex systems development.

Making the Case for Change

Jama Connect for aerospace systems development helps organizations to manage systems complexity and replace documents or legacy tools with a single digital platform. When requirements, architecture, V&V, and safety analyses are managed in a centralized location, contract deliverables and certification preparations become a straightforward process and the business impact and value of the platform becomes clear across the organization. That makes executive buy-in easier.

Corrective actions can cost anywhere from $1.6 million for a small change (Gulfstream Model G–1159A and G–1159B airplanes and all Model G–IV and GIV–X airplanes to remediate the ground spoiler actuator installation) to a large corrective action that has indirect costs of lost revenue and diminished market cap at over $20 billion (Boeing 737 MAX). Those costs are especially significant considering the price tag of system development – $75 million in FAA compliance alone—and an average timeline of three to seven years for type certification alone. For a space system, a failure can mean the entire loss of a system or spacecraft; typically there is only a single system created.

Chart showing time-to-market competitive market costs.

If your company is not considering the importance of transitioning to a more streamlined development process, time is not on your side. Failing to act quickly can leave your organization even further behind. But to see the value a positive impact a system can have, stakeholders in an organization have to appreciate the challenges first.

This is where you come in. You can help quantify the problem within your organization and provide data to help make the case for change.

Go through the exercises in the next section using data from your organization to identify your current situation and the size of the potential opportunity.

RELATED: CIMdata: Digital Thread in Aerospace and Defense

Tools to Assess Four Development Pain Points

Throughout the past decade of working with organizations developing complex aerospace systems, four common systems development pain points continuously arise for those who have yet to transform their process.

We’ll provide context around the problems and share equations with examples to help you uncover the savings from a modern systems development solution. Remember to adjust the variables according to your company’s metrics to get a more precise estimate, and rethink how your team functions.

Improving any one of these four aspects of your development process produces real savings. While the calculations on the following pages aren’t cumulative, they impact one another and can add up to significant value for your organization.

This is the potential of using a modern systems development platform. If realized, it can radically change your business and be the competitive edge you need in today’s market.

The Four Common Development Pain Points

  • Unproductive Work Time
  • Lengthy Time-to-Market
  • Rework
  • Defects

Unproductive Work time

Are your days spent in inefficient meetings, sifting through emails and document versions for historical information or waiting for reviews and approvals? You’re not alone. Many teams suffer the repercussions of archaic, siloed development. A modern process maximizes efficiency by tackling the root causes of momentum-killing delays and holdups.

Calculate how much unproductive work time is costing your business and imagine the possibilities of getting that time back. What could you do with one extra hour each day?

PRO TIP: We’ve seen long status meetings shrink or vanish when teams have the right solutions in place. Think about your team’s schedule and adjust the average time saved per person based on the time spent in meetings each week.

Lengthy Time-to-Mark

Time to market or meeting a mission deadline and quality are usually seen as compounding challenges. Understanding the impact of change, capturing decisions, communicating feedback and reusing
existing intellectual property — all aspects that can help speed time-to-market — can be improved with a modern systems development solution.

PRO TIP: Cost savings can certainly be great and have an impact on your bottom line, but don’t forget the qualitative implications. Consider what it would mean for your systems line and brand to be first-to-market with game-changing systems.

RELATED: Tracing Your Way to Success: The Crucial Role of Traceability in Modern Product and Systems Development

Rework

In our experience, approximately 30-50% of a given project is rework. Rework is any time spent on extra work — including mid-development changes, incorrect testing or fixing defects — and it costs your company big time. Requirements errors cause the majority of rework. Improving the ability to track requirements from definition through testing to catch changes and adjust scope can ensure
you’re building the right thing and massively reducing overall lifecycle costs.

Complete the equation below to get an understanding of the number of hours your team spends in rework and the value of that in work hours alone.

PRO TIP: If your organization is working on more than one system at a time, repeat this calculation for each and add up the savings for a holistic view.

Defects

It’s common for requirements to have a defect at some point between definition and delivery. The important thing is to have a system in place that can quickly and accurately identify defects and
track their impact up and downstream. This provides visibility into the problem as early as possible when it’s less detrimental to fix.

PRO TIP: This calculation factors in personnel hours, but you should also think about the cost of parts, delays, and missed opportunities. Plus, should defects go undetected due to sub-par requirements or testing, releasing lower-quality systems could have devastating consequences.

“A document-centric approach often requires a gatekeeper and really limits collaboration – that creates a bottleneck. With Jama Connect, all our development teams can work together from anywhere with a shared collaboration hub.” – David Cubbage, Director, LEO Satellite Engineering and Production, Telesat

This is a preview of our eBOOK, “Buyer’s Guide: Selecting a Requirements Management and Traceability Solution for Aerospace”
– To download the entire thing, click HERE

this image shows a graduation cap and a clock, indicating this pot will teach visitors quickly on the topic of space systems.

Jama Connect® Features in Five: Space Systems Framework

Learn how you can supercharge your systems development process! In this blog series, we’re pulling back the curtains to give you a look at a few of the powerful features in Jama Connect®… in about five minutes.

In this Features in Five video, Cary Bryczek – Director, Aerospace & Defense Solution at Jama Software® – we will explore the Space Systems Framework available for Aerospace & Defense teams in Jama Connect.

VIDEO TRANSCRIPT

Cary Bryczek: Hi. I’m Cary Bryczek, Director of Aerospace & Defense Solutions at Jama Software. In this video, I’m going to introduce you to our Space Systems Framework available in Jama Connect. In this video, we will explore the benefits of using our pre-built template to get started with managing requirements, test cases, and architecture using our best practices inspired by industry standards and guidance from organizations like NASA and the European Space Agency.

With space systems exponentially growing in complexity, shortening development timelines due to mission need and customer demand, and cost reductions influencing the capabilities able to be delivered with the final design. Programs need to be able to get started quickly and begin the real work of engineering the system. Development and engineering tools need to be robust enough to tackle that complexity easy enough to deploy and then not get in the way of the real work of engineering the system.

Jama Connect and our Space Framework come preconfigured with a ready-to-use template. The framework is comprised of a requirements data model that provides requirements leveling and decomposition, a verification of validation data model that provides traceability to those requirements, an architecture data model that provides mechanisms to support systems architecture system functions, and allocation of requirements, and a data organization method that follows industry guidance with the best practices of data organization in Jama Connect. Let’s see what this looks like in Jama Connect.

RELATED: Buyer’s Guide: Selecting a Requirements Management and Traceability Solution for Aerospace

Bryczek: The Space Framework comes with two pre-built requirement data models. The one I’m showing now represents a full spacecraft product breakdown structure. The example shows how Jama Connect can handle the complexity of a full NASA or ESA space program. The requirements data model allows needs and requirements to be flowed down and fully traced from the stakeholder expectations, to the concept of operations, to system level requirements, down to segment element subsystem and component requirements.

This trace data model, what Jama calls the relationship model, provides a mechanism to enforce consistency and creation of data as well as a consistent method to trace that data. This allows you to do faster analysis, measurement of expected versus actual traceability, complex filtering, and easy trace matrix generation and reporting.

The left side of the screen is the exploratory and is where the data is organized. The Space Framework comes with this pre-built spec tree ready for users to start authoring content right away. You can see that it too is organized hierarchically from the highest level of abstraction at the mission level and then down to the component level. You can navigate this traceability in the tree as well.

We recognize that not every space system will be developed by a single entity that requires this combined breath of customer implementing requirements and those of the implementing organizations. Your organization might be merely developing only a component of a larger space system. For this, we have a second Space Framework for integrated systems. Let’s look at this one more closely.

RELATED: Traceable Agile – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Bryczek: In this CubeSat example that comes with the framework, it’s easy to see how the data is organized in the exploratory in a system, subsystem configuration. Inside each of the subsystems, you can see the specific requirements, their verifications, architecture, and design descriptions. Traceability throughout the entire project can easily be analyzed at any level.

What I’m showing is the traceability from the stakeholder expectations all the way down the decomposition tree. I can see the system requirements verification and validation test cases. I can see the architecture, the subsystem requirements, and even the test runs, these real-time trace views not only show requirements decomposition, but test covers as well as allocation to architecture.

The framework supports, as I said, not just requirements, but architectures, V & V, even risk management and security. We’ve preconfigured the way you organized that here in the tree. So if I wanted to see the system architecture, I am able to see all of the elements that are going into making up the system architecture of this CubeSat I can also see how I’ve organized by system subsystem within the tree itself. That enables me to reuse easily and do variant management in this particular CubeSat security.

So, if you need to have security requirements or if you need to do heavy cyber security and you wanna import things like NIST 800 you can easily do that kind of a thing. Risk management threats and risks moving the development cycle with security earlier in that life cycle is a big deal, or understanding how safety is influencing the design. We easily allow you to track risk management and threat analysis in Jama as well.

The intent of this is to provide ready-to-use solutions based on customer feedback, industry trends, and best practices, such as those of ESA and NASA. This enables engineers to tackle the complexity of space systems develop faster and collaborate at the speed of need. If you would like to learn more about how Jama Connect can optimize your product development processes, Please visit our website at www.jamasoftware.com. If you are already a Jama Connect customer and would like more information on the Space Framework, please contact your customer success manager or Jama Software consultant.

To view more Jama Connect Features in Five topics, visit: Jama Connect Features in Five Video Series

Co-workers portraying modern requirements management.

In this blog, we re-cap our eBook, “The Strategic Transition: From Word and Excel to Modern Requirements Management” – Download the entire thing HERE.

The Strategic Transition: From Word and Excel to Modern Requirements Management

Unless your organization’s business model is built on a foundation of inefficiency, you should not be using disparate documents for managing requirements. Whether it’s Microsoft Word, Excel, or a combination of both, trying to wrangle your product’s requirements soley in documents carries a lot of risk and will gradually eat away at your company’s bottom line.

There was a time when using disparate documents wasn’t such a problem for managing requirements, but as products grow in complexity, those days are fading. Many companies no longer produce products that contain just hardware or software; today it’s likely a combination of both, increasing development complexity exponentially.

Integrating hardware and software means teams spanning various engineering disciplines all need to stay aligned throughout development, especially when things like safety standards and regulations are involved.

Using documents alone, will simply not be up to the task of meeting today’s complex products, systems, and software development. When you need precision, context, and accountability for your requirements, a modern requirements management solution is really the only answer.

In this eBook, we’ll detail some of the reasons why you’ll want to leave disparate documents for managing requirements in your rearview. You’ll also get an overview of the benefits you’ll gain by moving to a purpose built software solution for requirements management.

What is requirements management?

To level set, requirements management is the process of gathering, analyzing, verifying, and validating the needs and requirements for a given product or system being developed.

Successful requirements management ensures that completed deliverables meet the expectations of the stakeholders.

Learn more

Five Drawbacks of Documents

Microsoft Word and Excel serve many purposes, and have done so for decades. And, in terms of requirements, for early-phase documentation and coordinating simple projects, they still remain effective tools.

As the complexity of product and systems development grows, so does your list of requirements. And teams need solutions that provide simple and streamlined collaboration, not jumbled — often quickly outdated — comments and suggested edits. Teams need to be able to instantly connect to globally distributed colleagues to facilitate real-time feedback and make smarter decisions with full context around requirements. Documents simply aren’t up to the challenge.

Here are some of the key limitations for a document-based approach for storing requirements:

1. Documents are tedious to maintain

Anyone who has ever managed requirements with documents and several collaborators is familiar with the unique pains of this approach. Whether it’s Word documents that are hundreds of pages long or Excel spreadsheets with thousands of lines, keeping them fresh with updates and free of errors is extremely cumbersome and time-consuming.

2. Versioning difficulties

Collaborating on any kind of important documentation can be painstaking, especially when there’s an enormous amount of requirements involved. For instance, when reviewing requirements, it’s incredibly easy for two people to be looking at different versions of the same set of requirements, and not even know it. And even if it’s a cloud-based version of requirements, there are still plenty of opportunities for someone to unintentionally change something without getting prior approval, and that adjustment not being accounted for in future versions. Plus, online/cloud-based documents do not automatically create different IDs and versions for each requirement or highlight the changes between versions.

3. No traceability

There’s so much room for error through email chains and undisclosed updates. It’s incredibly simple, for example, to miss a tiny change that could have critical ramifications upstream or downstream.

4. Reviews are time consuming

Without traceability, review cycles with an enormous document of requirements are extremely long. You’re likely looking at scheduling lengthy meetings or passing around version after version, pulling team members away from other priorities, which is not ideal when you’re focused on getting to market quickly. And if you’re trying to manage reviews asynchronously, collaboration becomes tricky and timelines are likely to get pushed as people’s schedules shift.

5. Exhausting collaboration between teams

Sharing constantly evolving requirements files among multiple stakeholders and different teams throughout the development and testing process is risky, frustrating, and time-consuming. And with your customer demanding a perfect product, system, or software delivered ASAP, you can no longer afford that kind of inefficiency.

In this eBook, The Jama Software® Guide to Requirements Traceability, we’ll highlight the importance of tracing requirements without the headaches and risks of a traceability matrix in Excel, but also how to do so in a way that sets your organization up for future success. Learn how Live Traceability™ helps teams:

    • Reduce the risk of delays, cost overruns, rework, defects, and recalls
    • Comply with industry standards with no after-the-fact manual effort
    • Allows engineering teams that continue working in their chosen best-of-breed tools
    • Increase productivity and satisfaction of engineers

Get it here

Seven Benefits of Using a Requirements Management Solution

Despite rising product complexity and regulation, most development teams do not have a sophisticated requirement management system in place. In fact, according to a recent survey, almost one third of teams have no system in place and rely on formal processes with email, documents, and shared spreadsheets.

Another 52% manage their requirements with a system which is not meant for managing requirements, like Application Lifecycle Management (ALM) or Product Lifecycle Management (PLM) systems. And only 15% have chosen to invest in a formal dedicated requirement management solution.

Using a dedicated requirements management solution allows teams to stop getting bogged down on processes and start innovating. For example MediSync, reports that investing in Jama Connect® has saved 80% of the time that would have otherwise been spent on meetings, sorting through versions of Word documents and emails, and consolidating feedback in review cycles.

Grifols saved around 80 hours per project in medical device development when using the Jama Connect Review Center. And RBC Medical saved around $150,000 per project by improving team collaboration and workflow efficiencies using Jama Connect.

Here are some of the benefits you’ll get from investing in a solid requirements management solution:

1. Version and change management

A solid requirements management solution will maintain a history of each change made to every requirement. You’ll also be able to record the rationale behind each change, and refer back to a previous version of a requirement if necessary. Some solutions contain a change proposal system that links change requests directly to requirements. And, with a formal requirements management solution, you’ll always know you’re looking at the most recent version of the requirements.

2. Requirements attributes

With a strong requirements management solution, you should be able to record several descriptive attributes for each requirement. The right requirements management software should generate several system-defined attributes such as the date the requirement was created, its current version number, and the person on the requirements should be able to view these attributes, even if only a couple of individuals are allowed to update the attributes’ values.

3. Facilitate impact analysis

A requirements management solution enables requirements tracing by letting you define links between different types of requirements, requirements and different subsystems, and individual requirements and related system components (designs, modules, tests, and user documentation). These links help you analyze the impact that the proposed change will have on a specific requirement. It’s also very helpful to have the ability to trace each functional requirement back to its origin or parent so that you know exactly where every requirement came from. And some solutions use a traceability link to raise suspect flags to a linked item whenever a change is made, so you know exactly what needs to be reviewed after a change.

4. Track requirements status

Collecting requirements in a database lets you know how many discrete requirements you’ve specified for the product. And tracking the status of each requirement during development helps communicate how things are coming along to those across the organization. So, a project manager has good insights into prior states if he or she knows that, for example, 55% of the requirements committed to the next release have been verified, 28% have been implemented but not verified, and 70% have not yet been fully implemented. This type of information gives the project manager information to anticipate the project’s progress, and relay the message to stakeholders accordingly.

5. Control access

A requirements management solution should let you bring as many people into the system as possible, and grant them permission to access the specific parts they’re working on. This helps teams across the organization feel more invested in the product being developed and its progress.

What if you didn’t have to compromise? A growing number of organizations are exploring and adopting product development solutions that manage the complexity that comes with designing connected systems. This allows them to:

  • Build higher-quality products
  • Get to market more efficiently
  • Capitalize on opportunities faster

Download this Buyer’s Guide: Selecting a Requirements Management and Traceability Solution to better understand the challenges you’re up against and thoughtfully consider potential requirements and test management solutions. Plus, get tips on how to get the buy-in you need to undertake the kind of change necessary to succeed with complex product development.

Get it here

6. Facilitating communication with stakeholders

A requirements management solution should allow team members to discuss requirements issues electronically through a threaded conversation, in one central location, as opposed to having communication spread out across various platforms. It will automatically trigger email messages and notify effective individuals when a new discussion entry is made or when a specific requirement is modified. And it should allow team members to reach out to each other, but also contact non-project members and external users.

7. Recycling/reusing requirements

Storing requirements in a central database facilitates the reuse of them in multiple projects or sub-projects. And requirements that logically fit into multiple parts of the same product can be stored once and referenced whenever necessary to avoid duplicates. This saves a lot of time and reduces the chance of making errors.

Leveraging Jama Connect® for Effective Development of Combination Products

Developing combination devices, also called combination products, such as inhalers or injectables, is a complex and interdisciplinary endeavor that lies at the intersection of pharmaceuticals, biologics, engineering, and medical science. These innovative devices are designed to provide patients with a more convenient and effective way to administer medications.

One of the primary objectives in developing combination products is to enhance treatment adherence, particularly in chronic conditions where consistent medication delivery is critical. By combining medication with a delivery system, patients can receive accurate doses, reducing the risk of errors and ensuring that the therapeutic benefits are maximized.

Image Showing a Combination Product Types Chart

Requirements management tools such as Jama Connect® have become indispensable assets in the product development process, helping streamline the complexities involved in producing safe and effective combination devices.

This article explores how Jama Connect can prove invaluable in areas such as reuse/variant management, hazard library maintenance, compliance standards, integrated risk management, and expeditious reviews, making it an essential tool for engineers and developers in the medical field.

RELATED: Buyer’s Guide: Selecting a Requirements Management and Traceability Solution for Medical Device & Life Sciences

Simplify Complex Traceability

  • The development of combination devices often involves integrating a complex hierarchy of requirements, from User Needs and System Requirements, down through Risk Evaluations, Subsystems, and Verifications and Validations. Maintaining proper traceability throughout the product development lifecycle is a vital component of developing safe and effective products. Jama Connect allows development teams to simplify this process by enabling Live Traceability™ between development artifacts. Product development team can establish traceability, ensuring that every design element, from the software components to physical hardware, aligns with the initial requirements. This robust traceability is essential for regulatory compliance and safety, particularly in the medical device industry.

Requirements Reuse

  • Combination product teams often face added levels of complexity in their development process as they work to adapt product designs to the specific requirements of multiple applications, and the diverse regulatory demands across markets. Jama Connect allows for the efficient reuse of requirements, hazards, risk assessments, and verification testing across projects, enabling development teams to take a platform approach to their development process, track the evolution of variants, assess the impact of change across all their systems, and ensure compliance with international standards is maintained. This significantly reduces redundancy, minimizes errors, and speeds up development cycles.

Compliance with Standards

  • Combination devices must adhere to stringent regulatory and quality standards, such as ISO 13485, ISO 14971, ISO 11608, and FDA requirements. Jama Connect aids in aligning the project with these standards by providing tools for document control, validation, and verification. It supports the creation of audit trails, which are essential for proving compliance. This streamlines the certification process and minimizes the risk of non-compliance.

Integrated Risk Management

  • Risk Management is a critical component of developing combination products, but development teams often struggle with highly disconnected risk management processes. Jama Connect’s integrated risk management capabilities allow teams to proactively identify, assess, and mitigate risks throughout the development process, and ensure Live Traceability between risk evaluations and controls. Risk matrices, failure mode and effects analysis (FMEA), and other risk management methodologies can be seamlessly integrated into the development workflow, ensuring that potential issues are addressed early and efficiently.

Hazard Library Management

  • Safety is of paramount importance in the development of combination products. Maintaining a comprehensive library of hazards, both known and potential, is crucial to mitigate risks effectively. Jama Connect facilitates the organization and accessibility of this critical information. It allows engineers to define, document, and classify hazards and their corresponding risk assessments. This central repository ensures that hazard management remains an integral part of the design process and that safety remains a top priority.

Efficient Reviews

  • Efficient and timely reviews are vital in the development of combination devices, as they help uncover issues, assess design tradeoffs, and ensure alignment with requirements. Jama Connect simplifies the review process by offering a collaborative platform for stakeholders to provide feedback, track changes, and sign off on design decisions. This collaborative approach fosters effective communication and reduces the time required for reviews, expediting the overall development cycle.

RELATED: Traceable Agile – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Developing combination products, which encompass a wide range of medical innovations, requires a multidisciplinary approach and careful management of various elements. Jama Connect is a powerful requirements management tool that streamlines the development process in multiple ways, from facilitating requirements reuse and variant management to managing hazard libraries, ensuring compliance, and integrating risk management.

By leveraging Jama Connect, product development teams can significantly improve their efficiency, reduce errors, enhance safety, and expedite the development of combination products while maintaining the highest standards of quality and regulatory compliance.


Image showing a driver who is monitoring their vehicle stats with software on their smartphone.

In part 1 of this three-part blog series, we will overview our whitepaper, “Software Defined Vehicles: Revolutionizing the Future of Transportation” Download the entire thing HERE and visit part 2 HERE and part 3 HERE.

Software Defined Vehicles Part 1: Revolutionizing the Future of Transportation

Introduction

Software Defined Vehicles (SDVs) are a revolutionary approach to transportation that leverages software integration and virtualization technologies to enhance vehicle functionality, connectivity, and autonomy. SDVs are designed to adapt and evolve through the use of software updates, enabling new features, capabilities, and improvements without requiring extensive hardware modifications.

The concept of SDVs emerged from the increasing complexity and reliance on software in modern vehicles. Traditionally, vehicles relied on dedicated, hardware-based components for specific functions such as engine control, braking systems, and infotainment. However, with the rapid advancements in computing power and connectivity, the integration of software has become pivotal in transforming vehicles into intelligent, connected machines.

Advantages and Benefits

The adoption of SDVs brings forth a wide range of advantages and benefits for both manufacturers and consumers.

1. Flexibility and Adaptability: SDVs allow manufacturers to introduce new features and functionalities through software updates, eliminating the need for extensive hardware modifications. This flexibility enables vehicles to keep up with emerging trends and technological advancements.

2. Enhanced Connectivity: SDVs facilitate seamless connectivity with other vehicles, infrastructure, and external systems, enabling Vehicle-to-Vehicle (V2V), Vehicle-to-Infrastructure (V2I), and Vehicle-to-Everything (V2X) communication. This connectivity opens up opportunities for improved safety, traffic management, and optimized driving experiences.

3. Autonomous Driving Capabilities: SDVs play a crucial role in the development of autonomous vehicles. By integrating Advanced Driver Assistance Systems (ADAS), machine learning algorithms, and sensor data, SDVs can achieve various levels of autonomy, ranging from partial to fully autonomous.

4. Improved User Experience: SDVs provide enhanced user experiences through interactive cockpits, personalized infotainment systems, and seamless integration with mobile devices. Users can access a wide range of services, entertainment options, and customized settings to make their driving experience more enjoyable and convenient.

RELATED: Traceable Agile – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Historical Background and Evolution

Early in the 21st century, when the automotive industry first began adding software for numerous vehicle operations, SDVs began to take shape. Electronic Control Units (ECUs) were invented, opening the door for the use of software in crucial systems including brakes, transmission control, and engine management.

The industry observed a shift towards centralized software architectures as computing power increased and networks advanced. This change made it possible to combine several ECUs into a single central processing unit, which decreased complexity and enhanced communication between various systems.

The development of SDVs was also expedited by improvements in virtualization technology and software-defined networking (SDN). By allowing many functions to execute on shared hardware resources, virtualization made it possible to create virtual instances inside of cars, improving efficiency, and ultimately cutting costs.

The day of completely autonomous vehicles is approaching as software, connectivity, and artificial intelligence come together. SDVs will continue to be essential in determining how transportation develops in the future, ushering in a new era of mobility and connection.

The Role of Software in Modern Vehicles

Traditional Vehicle Architecture

As mentioned above, traditional vehicle architecture relied heavily on dedicated, hardware-based components for various functions. Each function, such as engine control, braking systems, and infotainment, had its own dedicated hardware module or Electronic Control Unit (ECU). These ECUs operated independently, with limited communication between them.

While this architecture served its purpose, it posed challenges in terms of scalability, flexibility, and adaptability. Adding new features or making significant changes required physical modifications to the hardware, resulting in longer development cycles and increased costs.

Rise of Software Integration

The development of processing power, the shrinking of electrical components, and greater communication choices have all made it easier to integrate software into automobiles. In order to reduce the number of ECUs and simplify the overall architecture, vehicle makers are now able to conduct several operations on a single central processing unit.

Key Software Components in Vehicles

Modern vehicles incorporate many key software components that enable advanced functionalities and connectivity, including:

1: Operating Systems: Cars now feature sophisticated operating systems that manage and coordinate various functions within the car. These operating systems provide a platform for running applications and managing hardware resources.

2: Middleware: Middleware acts as a bridge between the operating system and the applications, facilitating communication and data exchange. Middleware enables the smooth integration between different software components and ensures interoperability throughout the vehicle.

3: Application Software: Application software in vehicles includes a wide range of features, such as connectivity services, ADAS, entertainment systems, and engine management. These programs make use of user inputs, communication protocols, and sensor data to offer a positive and rich user experience.

4: Connectivity Modules: Many vehicles now come equipped with connectivity modules, such as Bluetooth, Wi-Fi, and cellular networks. These modules enable communication with external systems, including smart phones, cloud services, and other vehicles, facilitating data exchange and access to various services.

5: Sensor Integration: Sensors play a critical role in modern vehicles, collecting data related to things like the vehicle dynamics, environment, and driver inputs. Software algorithms process this gathered data to enable advanced features like adaptive cruise control, lane-keeping assistance, and collision avoidance. This is all setting the foundation for autonomous driving capabilities.

RELATED: The Impact of ISO 26262 on Automotive Development,

Fundamentals of Software Defined Vehicles

Overview of Software Defined Networking (SDN)

Software Defined Networking (SDN) is a key technology that underpins the concept of Software Defined Vehicles (SDVs). SDN decouples the control plane from the data plane in networking infrastructure, enabling centralized control, and programmability of network functions.

In the context of SDVs, SDN allows for the centralized management and control of vehicle networks, facilitating efficient communication and coordination between various software components. SDN provides a flexible and scalable framework for routing and managing data flows within the vehicle architecture.

By leveraging SDN principles, SDVs can dynamically allocate network resources, prioritize data traffic, and adapt to changing network conditions. This flexibility is crucial for enabling real-time communication and coordination between vehicle subsystems, external systems, and the cloud.

Virtualization and Containerization Technologies

Virtualization technologies play a vital role in the implementation of SDVs. They enable the creation of virtual instances or virtual machines (VMs) within vehicles, allowing multiple functions to run on shared hardware resources.

Virtualization provides several benefits like resource optimization, improved scalability, and simplified management. By utilizing virtualization, manufacturers can consolidate functions onto a single hardware platform, reducing hardware cost and complexity.

Containerization technologies like Docker and Kubernetes are also gaining popularity in the automotive industry. Containers provide a lightweight and portable method for packaging applications and their dependencies. They also enable the isolation of applications, allowing for efficient resource utilization and simplified deployment across different vehicle platforms.

Containerization further enhances the flexibility and agility of SDVs, enabling the seamless deployment and management of software components within the vehicle ecosystem.

Centralized and Distributed Architectures

SDVs can be implemented using either centralized or distributed architectures, depending on the specific requirements and design considerations.

Centralized Architecture: In a centralized architecture, a central processing unit (CPU) or a powerful computing platform acts as the brain of the vehicle. It hosts the control logic, manages software components, and coordinates communication between different subsystems. The centralized approach simplifies hardware complexity and facilitates efficient resource utilization. However, it also poses challenges related to single points of failure and potential performance bottlenecks.

Distributed Architecture: In a distributed architecture, software functions are distributed across multiple computing platforms or ECUs within the vehicle. Each ECU handles specific functions or subsystems, such as powertrain, chassis, or infotainment. Distributed architectures offer improved fault tolerance and performance optimization. However, they require robust communication protocols and coordination mechanisms to ensure seamless operation.

The choice between centralized and distributed architectures depends on factors such as the complexity of the vehicle’s functions, performance requirements, scalability, and safety considerations.

This has been part 1 of a three-part blog series, stay tuned for parts 2 and 3 of this series. Click HERE to download the “Software Defined Vehicles: Revolutionizing the Future of Transportation” whitepaper.


Image showing pilot operating a plane to symbolize the importance of DO-326A in cybersecurity.

In this blog, we’ll recap our whitepaper, “Cybersecurity in the Air: Addressing Modern Threats with DO-326A” Click HERE to read the entire paper.

Cybersecurity in the Air: Addressing Modern Threats with DO-326A

Introduction

Not long ago, getting on an airplane meant being largely out of touch with everyone on the ground for the duration of one’s flight. Of course, there were in-flight telephones for those who could afford them, and pilots could connect with personnel on the ground in case of emergency, but the rank-and-file passenger had limited options for connecting with the world outside the aircraft.

The 21st century has changed flying from a largely isolated endeavor that exists in a closed loop to one that integrates with ground systems through the miracle of the Internet. For travelers who want to enjoy their own personal entertainment options, conduct business, or take advantage of downtime to do online shopping, accessing the Internet during a flight is a tremendous boon. For air freight carriers and their customers, Internet connectivity improves visibility and streamlines supply chains with better real-time information.

Of course, the advantages of connectivity come with disadvantages as well. The more airborne systems are interconnected with the broader Internet, the more vulnerable systems are to hacking. In 2015, a researcher was kicked off a United Airlines flight after tweeting about security vulnerabilities; the researcher claimed to have accessed in-flight networks multiple times between 2011 and 2014, including one time when he allegedly commandeered the plane. In 2016, the US Department of Homeland Security hacked the system of a Boeing 757 using “typical stuff that could get through security.” And in 2022, Boeing announced a software update to repair a vulnerability that could allow hackers to modify data and cause pilots to miscalculate landing and take-off speeds.

Aviation cybersecurity has become a critical issue across the globe. Not only do millions of passengers depend on airlines to get them safely from point A to point B every day, but manufacturers, shipping services, and militaries rely on aircraft systems to support supply chains and execute missions. Cyberattacks have skyrocketed since the onset of the COVID-19 pandemic; a 2022 report found a 140% increase in cyberattacks against industrial operations — including four attacks that caused flight delays for tens of thousands of passengers.

Clearly, aviation systems can be vulnerable to malicious actors. For developers and manufacturers in the aviation industry, DO-326A provides compliance guidelines to address the vulnerabilities of avionics systems.

To create the safest, highest quality vehicle, REGENT knew that they must implement a world-class development process.
See how Jama Connect® plays a key role in that process

What is DO-326A?

Known as the “Airworthiness Security Process Specification,” DO-326A (and its European counterpart, ED-202) is the aviation cybersecurity standard developed jointly by the Radio Technical Commission for Aeronautics (RTCA) and the European Organisation for Civil Aviation Equipment.

The original edition, DO-326, was issued in 2010; its revised version, DO-326A, was issued in 2014. The standard became mandatory in 2019.

The DO-326A/ED-202A set focuses primarily on how to prevent malware that can infect avionics systems during both development and flight operations. A cyberattack on these critical systems can impact how the aircraft works and potentially endanger operators and passengers. DO-326A/ED- 202A describes the Airworthiness Security Process that one should follow.

Related webinar: Verifying Security in a Safety Context: Airworthiness and DO-326A/356A

What is Airworthiness/Airworthiness Security Process?

“Airworthiness security” involves protecting an aircraft from intentional unauthorized electronic interaction, including malware, ransomware, and other cyber threats.

The Airworthiness Security Process (AWSP) is intended to establish that aircraft will remain safely operable if it is subjected to unauthorized interaction.

DO-326A outlines the Airworthiness Security Process in seven steps:

1. Plan for Security Aspects of Certification (Aircraft Level Planning/System Level Planning)
2. Security Scope Definition (Threat Assessment Process)
3. Security Risk Assessment (Threat Assessment Process)
4. Decision Gate (Threat Assessment Process)
5. Security Development (Definition of Security Measures and Requirements)
6. Security Effectiveness Assurance (Verification and Validation of Security Measures and Requirements)
7. Communication of Evidence (PSecAC Summary Reporting)

To read this entire whitepaper, visit: Cybersecurity in the Air: Addressing Modern Threats with DO-326A


Image showing a graduation cap and clock, symbolizing that this content will teach someone about reuse & sync in a quick session.

In this video, we’ll discuss the reuse & sync capabilities in Jama Connect.

Jama Connect® Features in Five: Reuse & Sync

Learn how you can supercharge your systems development process! In this blog series, we’re pulling back the curtains to give you a look at a few of the powerful features in Jama Connect®… in about five minutes.

In this Features in Five video, Zeb Geary – Principal Professional Services Consultant at Jama Software® – will go over the reuse & sync capabilities for requirements management in Jama Connect.

VIDEO TRANSCRIPT

Zeb Geary: Welcome to this segment of Features in Five. I’m Zeb Geary, a Principal Consultant at Jama Software. In this video, I’ll explain how your team can reduce time to market and improve quality by reusing and synchronizing requirements and other content in Jama Connect.

Teams often struggle to build on existing work when requirements and tests are spread across documents and systems. Lacking a live trace, they must manually identify and copy related content, increasing the risk of rework and gaps. Additionally, teams tend to lack visibility across efforts, causing necessary changes to not propagate across reuse content, potentially impacting quality and disconnected product design efforts.

Jama Connect simplifies and enhances the process of reusing requirements and verifications by allowing you to copy selected content with its containers and its traced items. Synchronization ensures visibility and enables key use cases such as parallel product definition, common content libraries, and product variance. Let’s look at reuse and synchronization in Jama Connect.

RELATED: Traceable Agile – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

Geary: Here in Jama Connect, I’m looking at a project that we would consider a library or potentially a platform of 150% of our requirements. For this example, I’ve started building out the requirements and verifications for a new Jama Connect project, but I’ll be incorporating some standard or common requirements from this project. And through reuse, I’ll save time and ensure consistency with the platform.

I want to bring these common display requirements into my project from the platform. I see that these requirements have related verifications, and I want to bring these into my project as well. I’ll go ahead and select to reuse this folder. The reuse window shows me what I’ve selected for reuse and provides me with important options that reveal the significance of this capability. The first option determines if I will enable synchronization. If enabled, Jama Connect will establish a connection between the result of my reuse and its source so that I can monitor them for differences. I have options to include or exclude tags, attachments, and links, and to form a relationship to my source item from the resulting copy.

The final section of options determines how I will handle related content outside of my selection. Recall that the selective requirements have downstream verifications that I want to make sure I bring into my project. I will select the option to include related content and to mirror the relationships in my project. This saves me a lot of time since I will not have to recreate these relationships in the new project and removes the risk of missing verifications related to my selected requirements.

Finally, I indicate where I want to reuse the content to. I’ll select my project and I can have Jama Connect copy the project hierarchy as well into my target project, or I can select an existing location in my project. I selected my location and I will reuse with Sync.

RELATED: Buyer’s Guide: Selecting a Requirements Management and Traceability Solution for Software Development

Geary: In my project, the common display requirements have been reused with their related verifications. Here in my project, I can use Sync View to see how my reused items may differ from the library or any other project using these common requirements. Let’s check out this folder called “Scheduling.”

I can see from our sync items view that I’m in sync with the platform, meaning there’s no difference there, but we have a parallel effort that I am out of sync with. In Compare View, I can see exactly how we differ and bring those differences, if necessary, into my project. Sync View provides me with the visibility I need to make sure I’m working with the latest applicable requirements in my project. Here I will update the requirement text and I’ll create the missing requirement in my project. Now my project and this parallel effort are in sync.

As we have seen, reuse and synchronization is a key feature supporting critical requirements and verification activities. A Jama Software consultant can help you properly support your process with reuse and sync. If you have a Success Program with Jama Software, see our offerings under Improving Your Process to request assistance from a consultant. Your customer success manager can help you learn more about Jama Software Success Programs. If you would like to learn more about how Jama Connect can optimize your product development process, please visit our website at www.jamasoftware.com.


This image shows a lightbulb lit with a money sign, symbolizing saving money on requirements management software.

Economic Climate Have You Rethinking Your Software Spend? Five Reasons to KEEP Your Requirements Management Software

It’s a conversation in every news cycle, boardroom conversation, and dinner table right now – the economy. And while the economy is a dynamic force that ebbs and flows, much like the tide, the state of our current economy has most of us on edge.

In the world of product, software, and systems development, cost-cutting measures are often at the forefront of organizational decision-making. When times get tough, the temptation to trim budgets and eliminate seemingly non-essential tools and processes becomes more pronounced.

For organizations developing complex products, one such area that might be under the cost-cutting axe is requirements management solutions. While it may seem like an easy way to save money, ditching your requirements management solution could have unintended and detrimental consequences on your bottom line.

In this post, we will explore five compelling reasons why eliminating your requirements management solution may not be in the short- or long-term best interest of your organization — or your bottom line. Without a formal requirements management solution, you open your organization up to:

RELATED: Traceable Agile – Speed AND Quality Are Possible for Software Factories in Safety-critical Industries

1. Increased Revisions and Rework

Requirements management solutions are designed to streamline the process of capturing, analyzing, and managing project requirements. Without a dedicated tool for this crucial task, the likelihood of misunderstandings and miscommunications regarding project requirements increases. This can lead to more frequent revisions and rework, consuming valuable time and resources that could be better utilized elsewhere. The iterative nature of resolving requirements without a structured system often results in delayed project timelines and increased costs, offsetting any initial savings resulting from cutting your purpose-built requirements management solution.

2. Communication Breakdowns

Clear and effective communication is the backbone of any successful project. A requirements management solution provides a centralized platform for stakeholders to collaborate, document, and discuss project requirements. When this system is removed, communication can become fragmented and disorganized. Critical details may be lost or misinterpreted, leading to confusion among team members. Efficient collaboration is compromised increasing the risk of errors, hindering productivity, and negatively affecting overall project success.

3. Difficulty in Requirement Traceability

Traceability is a fundamental aspect of requirements management, ensuring that each requirement is linked to its source and can be traced throughout the product or software lifecycle. Without a dedicated solution, maintaining this traceability becomes a laborious and error-prone manual task. This lack of traceability can result in gaps, inconsistencies, and the inability to ensure that all requirements are met, potentially leading to very costly project failures, recalls, or compliance issues.

4. Compliance and Audit Risks

For organizations operating in regulated industries, compliance with industry standards and regulations is essential. A requirements management solution often offers features that help in maintaining compliance by documenting and tracking adherence to specific guidelines. Eliminating this tool may expose your organization to increased compliance and audit risks, potentially resulting in fines, legal complications, and damage to your reputation.

5. Impaired Decision-Making

The right requirements management solution will provide valuable insights and analytics that aid in informed decision-making. These tools can offer data-driven metrics, progress tracking, and performance indicators. Without this data-driven approach, decision-making becomes subjective and less efficient, potentially leading to costly errors and suboptimal project outcomes.

One of the main causes of rework, delays, and cost overruns in product development is the creation of new requirements late in the process. This is a well-known risk in product development, but what management practices can empirically be shown to reduce this known risk?

Using our proprietary database of metadata from over 50,000 complex product development projects, we were able to determine that the Traceability Score™ is an empirical method to reduce late requirements. In fact, teams that maintain a high Traceability Score reduce the burden late requirements have on their project by 67% compared to teams with low traceability scores.

With this knowledge, our recommendation is that practitioners measure and monitor the Traceability Score™ of their projects to resolve issues early and ensure that the risk of late requirements is kept to a minimum.

RELATED: The Strategic Transition: From Word and Excel to Modern Requirements Management

 

While the prospect of cutting costs by eliminating a requirements management solution may seem appealing initially, it’s clear that the long-term consequences outweigh the short-term benefits.

It’s important to carefully consider the potential risks associated with such a decision and evaluate the true cost savings against the potential detrimental impact on project success, compliance, and overall organizational efficiency. Balancing cost-saving initiatives with maintaining essential project management tools is crucial for achieving sustained success in today’s competitive business landscape.

Download our eBook to access easy-to-use, interactive ROI calculators and to learn more about the value of requirements management. These calculators will help you argue for the financial advantages of continuing to invest in a requirements management solution even in uncertain economic times. >> Why Investing in Requirements Management During an Economic Downturn Makes Good Business Sense.


Image showing why documents are difficult for requirements management

In this blog, we’ll overview our recent eBook, “The Strategic Transition: From Word and Excel to Modern Requirements Management” – To read the entire thing, download it HERE

Why Relying Solely on Documents Won’t Cut It in the World of Complex Product, Systems, and Software

Unless your organization’s business model is built on a foundation of inefficiency, you should not be using disparate documents for managing requirements. Whether it’s Microsoft Word, Excel, or a combination of both, trying to wrangle your product’s requirements solely in documents carries a lot of risk and will gradually eat away at your company’s bottom line.

There was a time when using disparate documents wasn’t such a problem for managing requirements, but as products grow in complexity, those days are fading. Many companies no longer produce products that contain just hardware or software; today it’s likely a combination of both, increasing development complexity exponentially.

Integrating hardware and software means teams spanning various engineering disciplines all need to stay aligned throughout development, especially when things like safety standards and regulations are involved.

Using documents alone, will simply not be up to the task of meeting today’s complex products, systems, and software development. When you need precision, context, and accountability for your requirements, a modern requirements management solution is really the only answer.

In the blog post below, we recap our  “The Strategic Transition: From Word and Excel to Modern Requirements Management” eBook in which we detail some of the reasons why you’ll want to leave disparate documents for managing requirements in your rearview. You’ll also get an overview of the benefits you’ll gain by moving to a purpose-built software solution for requirements management.

Five Drawbacks of Documents

Microsoft Word and Excel serve many purposes, and have done so for decades. And, in terms of requirements, for early-phase documentation and coordinating simple projects, they still remain effective tools.

As the complexity of product and systems development grows, so does your list of requirements. And teams need solutions that provide simple and streamlined collaboration, not jumbled — often quickly outdated — comments and suggested edits.

Teams need to be able to instantly connect to globally distributed colleagues to facilitate real-time feedback and make smarter decisions with full context around requirements. Documents simply aren’t up to the challenge.

RELATED: Buyer’s Guide: Selecting a Requirements Management and Traceability Solution

Here are some of the key limitations for a document-based approach for storing requirements:

1. Documents are tedious to maintain

Anyone who has ever managed requirements with documents and several collaborators is familiar with the unique pains of this approach. Whether it’s Word documents that are hundreds of pages long or Excel spreadsheets with thousands of lines, keeping them fresh with updates and free of errors is extremely cumbersome and time-consuming.

2. Versioning difficulties

Collaborating on any kind of important documentation can be painstaking, especially when there’s an enormous amount of requirements involved. For instance, when reviewing requirements, it’s incredibly easy for two people to be looking at different versions of the same set of requirements, and not even know it. And even if it’s a cloud-based version of requirements, there are still plenty of opportunities for someone to unintentionally change something without getting prior approval, and that adjustment not being accounted for in future versions. Plus, online/cloud-based documents do not automatically create different IDs and versions for each requirement or highlight the changes between versions.

3. No traceability

There’s so much room for error through email chains and undisclosed updates. It’s incredibly simple, for example, to miss a tiny change that could have critical ramifications upstream or downstream.

4. Reviews are time consuming

Without traceability, review cycles with an enormous document of requirements are extremely long. You’re likely looking at scheduling lengthy meetings or passing around version after version, pulling team members away from other priorities, which is not ideal when you’re focused on getting to market quickly. And if you’re trying to manage reviews asynchronously, collaboration becomes tricky and timelines are likely to get pushed as people’s schedules shift.

5. Exhausting collaboration between teams

Sharing constantly evolving requirements files among multiple stakeholders and different teams throughout the development and testing process is risky, frustrating, and time-consuming. And with your customer demanding a perfect product, system, or software delivered ASAP, you can no longer afford that kind of inefficiency.

Seven Benefits of Using a Requirements Management Solution

Despite rising product complexity and regulation, most development teams do not have a sophisticated requirement management system in place. In fact, according to a recent survey, almost one-third of teams have no system in place and rely on formal processes with email, documents, and shared spreadsheets.

Another 52% manage their requirements with a system which is not meant for managing requirements, like Application Lifecycle Management (ALM) or Product Lifecycle Management (PLM) systems. And only 15% have chosen to invest in a formal dedicated requirement management solution.

Using a dedicated requirements management solution allows teams to stop getting bogged down on processes and start innovating. For example, MediSync, reports that investing in Jama Connect® has saved 80% of the time that would have otherwise been spent on meetings, sorting through versions of Word documents and emails, and consolidating feedback in review cycles.

Grifols saved around 80 hours per project in medical device development when using the Jama Connect Review Center. And RBC Medical saved around $150,000 per project by improving team collaboration and workflow efficiencies using Jama Connect.

RELATED: The Jama Software® Guide to Requirements Traceability

Here are some of the benefits you’ll get from investing in a solid requirements management solution:

1. Version and change management

A solid requirements management solution will maintain a history of each change made to every requirement. You’ll also be able to record the rationale behind each change, and refer back to a previous version of a requirement if necessary. Some solutions contain a change proposal system that links change requests directly to requirements. And, with a formal requirements management solution, you’ll always know you’re looking at the most recent version of the requirements.

2. Requirements attributes

With a strong requirements management solution, you should be able to record several descriptive attributes for each requirement. The right requirements management software should generate several system-defined attributes such as the date the requirement was created, its current version number, and the person on the requirements should be able to view these attributes, even if only a couple of individuals are allowed to update the attributes’ values.

3. Facilitate impact analysis

A requirements management solution enables requirements tracing by letting you define links between different types of requirements, requirements and different subsystems, and individual requirements and related system components (designs, modules, tests, and user documentation). These links help you analyze the impact that the proposed change will have on a specific requirement. It’s also very helpful to have the ability to trace each functional requirement back to its origin or parent so that you know exactly where every requirement came from. And some solutions use a traceability link to raise suspect flags to a linked item whenever a change is made, so you know exactly what needs to be reviewed after a change.

4. Track requirements status

Collecting requirements in a database lets you know how many discrete requirements you’ve specified for the product. And tracking the status of each requirement during development helps communicate how things are coming along to those across the organization. So, a project manager has good insights into prior states if he or she knows that, for example, 55% of the requirements committed to the next release have been verified, 28% have been implemented but not verified, and 70% have not yet been fully implemented. This type of information gives the project manager information to anticipate the project’s progress, and relay the message to stakeholders accordingly.

5. Control access

A requirements management solution should let you bring as many people into the system as possible, and grant them permission to access the specific parts they’re working on. This helps teams across the organization feel more invested in the product being developed and its progress.

6. Facilitating communication with stakeholders

A requirements management solution should allow team members to discuss requirements issues electronically through a threaded conversation, in one central location, as opposed to having communication spread out across various platforms. It will automatically trigger email messages and notify effective individuals when a new discussion entry is made or when a specific requirement is modified. And it should allow team members to reach out to each other, but also contact non-project members and external users.

7. Recycling/reusing requirements

Storing requirements in a central database facilitates the reuse of them in multiple projects or sub-projects. And requirements that logically fit into multiple parts of the same product can be stored once and referenced whenever necessary to avoid duplicates. This saves a lot of time and reduces the chance of making errors.

TO READ THE ENTIRE EBOOK, CLICK HERE:
 The Strategic Transition: From Word and Excel to Modern Requirements Management