jama-logo-primary
  • Product
    • JAMA CONNECT®
      • Product Overview
      • Features
      • Integrations
      • Pricing and Licensing
      • Why Jama?
      • Trial
    • Customer Success
      • Success Programs
      • Support
      • Community
  • Solutions
    • Solution by Industry
      • Aerospace and Defense
      • Automotive
      • Software Development
      • Financial Services and Insurance
      • Government
      • Industrial Manufacturing
      • Medical Device Development
      • Semiconductor
    • Solution by Function
      • Requirements Management
      • Requirements Traceability
      • Risk Management
      • Test Management
      • MBSE
    • Compare
      • IBM® DOORS®
      • Jira® Software
  • Company
    • Company Information
      • About Us
      • Leadership
      • Careers
      • Requirements Traceability Alliance
      • Partners
      • Customers
      • Contact Us
    • News and Events
      • Events
      • Press Room
  • Resources
    • Content Library
    • Guide to Requirements Management and Traceability
    • Discovery Center
    • Customer Stories
    • Webinars
    • Product Demos
    • Support
    • Community
  • Blog
  • Get Started
  • Search
  • Menu Menu

Tag Archive for: Regulatory Compliance


2022 Airborne Predictions

In many ways, 2021 was a continuation of the changes brought about in 2020, a year that’s been described as “unprecedented” and “unparalleled.” In a unique way, 2021 has offered us an idea of evolving innovations and technology on the horizon for teams across industries. These changing conditions will present a variety of new landscapes and will offer unique challenges, opportunities, and more than likely, many surprises.   

As we enter a new year of further changes, Jama Software asked select thought leaders – both internal and external – across various industries for the trends and events they foresee unfolding over the next year and beyond.  

This is the fourth part of our five-part series. In this blog, we asked for feedback on product and systems development trends anticipated for the airborne product and systems development industry in 2022 and beyond.  

First, we’ll hear from Cary Bryczek – Principal Solutions Architect at Jama Software, Michael Soden – Lead Product Manager for Safety Analysis at Ansys, and Mazen El Hout – Product Manager for Embedded Software for A & D at Ansys. Then, we hear from Vance Hilderman – Chief Technical Officer at AFuzion Inc.

Read our other 2022 Industry Predictions here: Part One – Engineering Predictions, Part Two – Medical Device Predictions, Part Three – Automotive Predictions, and Part Five – Insurance Development Market Predictions.


Airborne Predictions 2022 Part I:  

Design Trends

Q: What product, systems, and software development trends are you expecting to take shape in 2022?

Cary Bryczek, Jama Software: In 2022 we will see even more new space launch companies and unmanned aircraft systems (UAS) both enter the market as new companies and those that are already in the market will receive more funding. The commercial demand and competition among companies is driving some very exciting technologies to mature at a rapid pace.  

Q: What are the biggest trends you’re seeing in your industry right now? How will they impact A&D product, systems, and software development? 

Ansys: Regarding commercial aviation, major trends include the rise of the new air mobility to transport passengers in jammed cities. Those air-taxi services would require air vehicles capable of taking off and landing vertically. Some of them are piloted and others fully autonomous. Most of them rely on fuel-alternative propulsion systems, such as full electric or hybrid propulsion, which means completely new energy and system architectures that should be safe and performant.

Also, fixed-wing transport aircraft are moving in the autonomous direction with single pilot aircraft initiatives at some aircraft manufacturers with high impacts on cockpit display systems. In the defense industry, autonomous systems are also gaining attention with the use case of manned fighter jet supported by unmanned loyal wingman, or a swarm of drones doing formation, involving the use of artificial intelligence and machine learning techniques to extend capabilities of traditional methods of developing control systems and software. 

Tool Innovation

Q: From an A&D engineering toolset perspective, what are some of the processes you think forward-thinking firms will be working to leverage or incorporate into their process and why? 

Ansys: Key development processes include Model-Based System Engineering, Model-Based Safety Analysis, and Code Generation, to cope with the increasing complexity of next generation systems and reduce their time to market and cost of development. Model-based Design leads to harmonized safety analysis with system and software designs. In addition, cloud-based computing is becoming essential to benefit from high performance computing services and effective storage, easier maintenance, and better collaboration.  

Q: In terms of product and systems development, what do you think will remain the same over the next decade? What will change? 

Cary Bryczek, Jama Software: It is such an exciting time for technology right now and a lot of what consumer, aerospace systems and defense systems will see in the next decade is already here. We will just see that technology is being incorporated into more and more systems. AI capabilities will do more and more of the heavy lifting such as data parsing so that systems such as the Mars Reconnaissance Rover (MRO) can provide selective data back to engineers faster. The explosion of data is at the heart of everything. It is both a boon and a burden. Those companies that learn to exploit the sheer amount of data being captured from every device and system will be faster to bring their technology to market. Data privacy challenges will likely remain the same as they are now with political climates and some now talking about de-globalization.  


RELATED POST: Webinar Recap – Transformative Airborne Systems Development


Regulations

Q: What changing regulatory guidelines do you anticipate having an impact on companies in 2022? 

Ansys: Several regulations are impacting new systems design. First, the regulations related to the usage of AI and machine learning inside autonomous air vehicles are driven by standardization such as European Organization for Civil Aviation Equipment (EUROCAE) where Ansys contributes with major industrial players. Regulations related to VTOL aircraft with advanced controls, controls are published as special conditions and mean of compliance by certification authorities (eg EASA). Additionally, many other regulations and special conditions are related to Hybrid Electric and Hydrogen propulsion.

In terms of safety standards, there is a new revision of safety standard: SAE ARP4761 A (including Model-Based Safety Analysis), expected to be published in 2022 extending safety analysis methods and the DO-356, describing cybersecurity methods and consideration for airborne systems. As for engineering standards, the Object Management Group is releasing a new version 2 of SySML on system modeling language, which will transform the way engineers create their systems design. 

Q: How do you foresee regulations shifting in Air and Space Product and Systems Development over the next decade?  

Cary Bryczek, Jama Software: Regulators in the EU, US, and China will all be trying to find ways to accelerate changes to their existing regulations in order to keep pace with the rate of aircraft (manned and unmanned) technology change and new development. The most challenging of regulations center around the safe operation of unmanned aircraft systems (UAS) as well as classification of new types of aircraft that use existing airframes but now use different propulsion and avionics systems. Aircraft of today and tomorrow just don’t fit neatly into the regulatory bodies existing definitions. For space systems and operations, there are no less than 42 ISO standards alone under development. Many of these center around space debris, interference, and quality measures. 

Biggest Challenges

Q: What are some of the biggest challenges you think A&D engineering firms will be working to overcome in 2022? 

Ansys: Building sustainable and performant system architectures without safety compromises is a big challenge we see at the product design level.  More and more autonomous and connected systems imply more vulnerability in the systems, therefore cybersecurity is mandatory to prevent cyberattacks.  Electronics reliability for autonomous vehicles is another important element to consider when dealing with the physics of failure. Finally, a key element to boost productivity and innovation is to provide scalable and cloud accessible engineering tools, for a more collaborative and distributed way of working. 

Q: Any major disruptions to Air and Space Product and Systems Development industry you’re anticipating in 2022? 

Cary Bryczek, Jama Software: The COVID Pandemic will remain a major disruptor across the board. Supply chains are highly complex with manufacturers juggling multiple suppliers and subcontractors to design and integrate the products. Just in time materials processes which prior to covid were a best practice is now one cause of delays. Larger companies will seek to produce components themselves or acquire the companies that can do this for them. 

Predictions

Q: What sorts of process adjustments do you think development teams will need to make to be successful in 2022? 

Cary Bryczek, Jama Software: Regulatory training at all levels of both engineering and business staff will be important. Digital engineering tools and approaches are being pushed into both engineers and project managers’ hands at an increasing pace. Understanding not only how to use them but how to use them within the highly complex regulatory landscape in an efficient manner will be key. 

Q: What do you think will remain the same in your industry throughout 2022? 

Ansys: The full electric air mobility, even though it seems very promising, will most likely not be fully mature in 2022, in terms of technology, regulations, and infrastructure. 

Q: What do you predict for regulation in the A&D industry in 2022? Will those trends still be prevalent 5 years from now? 10 years? 

Ansys: Many regulations for the use of AI in embedded software related to the certified context will emerge leading to fully autonomous flight for small/medium aircraft. 

Evolving Landscape

Q: What do you think will be some of the differentiators between a company surviving to see 2030, and those that do not? 

Cary Bryczek, Jama Software: The companies that will successfully survive to 2030 are those who are able to A) continuously perform rapid impact analyses during any phase their product’s lifecycles as requirements change and disruptions to supply chains take place. Companies that do not have robustly integrated design and lifecycle data or only utilize manual processes are at a higher risk of failure when the product they bring to market is late or are at the mercy of delays to their supply chains. B) Companies will need to walk a careful tightrope of exposing enough of their project to the outside world to attract much needed investment funding and yet still keep their intellectual property secret. C) Companies will need to invent new ways to retain their talent to prevent evaporation of knowledge and their specific expertise.  

Q: Where do you see Jama Software fitting in as the product development landscape evolves, and what can our customers expect as 2022 approaches? 

Cary Bryczek, Jama Software: The gap between the customer and business stakeholders and engineering groups historically has been where the engineering side is a black box. The proliferation of digital engineering strategies is now making the box more transparent. The practice of requirements management as a now collaborative effort across teams enables faster communication between teams and faster validation of requirements – Validation of the RIGHT requirements not to be confused with product validation. Requirements today must traverse many tools in the digital ecosystem. In 2022 more Jama Software customers will integrate requirements with tools in their digital ecosystem enabling higher degrees of collaboration and efficient analysis. 


RELATED POST: Aerospace Compliance – When Failure Is Not An Option


Airborne Predictions 2022 Part 2:  

Vance Hilderman, CTO, AFuzion Inc:  

“It was the best of times; it was the worst of times.”   

Surely, Charles Dickens was the earliest aerospace forecaster when he wrote those famous words decades before the Wright brother’s first flight.  But was Dickens really channeling the Covid pandemic and today’s aerospace unprecedented changes?  Likely not, but the “more things change, the more they remain the same” holds true.  

Every two or three years I’m asked to predict next year’s aerospace news. I always chuckle, then provide a disclaimer, “In one baseball season, Ted Williams failed to get on base almost 60% of the time; that made his season the world’s best.” That’s right: 40% success in baseball, and entrepreneurship, is a winning season. With that disclaimer at heart, here’s my “winning season for 2022” predictions: 

  1. Supply chain issues are not going away soon. The aviation In-sourcing trend occurring BEFORE Covid is now going to accelerate due to added long-distance supplier (read “offshore”) disruptions. Aero companies will bring back development and manufacturing even faster – expect a record pace giving advantage to those with automated processes and tools already under their control.  
  2. Autonomous passenger flight is still a decade away. Sorry – I know that’s not the news you want to hear. Truly great strides have been made and we’re now “40%” of the way there. Safety, airspace management, and certification authority acceptance are all still “in work.” But fear not: if you’re healthy with a 20-year life expectancy remaining, you will see autonomous passenger flights. Absolutely your children will. 
  3. eVTOL (electric Vertical Takeoff & Landing) aircraft REALLY are coming. If you can’t spell “eVTOL” or “UAM” you’re taking that Covid isolation too far. But 90% of today’s eVTOL players won’t succeed.  Watch for 20-25 of last year’s players to not be in the game at the end of 2022.  Who will succeed? Easy: two groups of eVTOL players will succeed:  1) Those early companies with solid funding already received and actually flying aircraft (even if near-final-prototypes), and 2) Longstanding manufacturers with prior success mass-manufacturing either cars or regular aircraft.    

If you’re not in group #1 or #2, we simply wish you the best and celebrate your optimism. 

  1. Covid forced remote work to be a reality, with great harm to those lacking defined processes and management structures supportive of remote work. In 2022, those aerospace companies with strong planning and remote development capabilities will further distance themselves from competitors. Companies embracing automated (and even semi-automated, but substantially less continuous manual intervention) will see profits and market share increase. Aviation automation tool vendors and aircraft/avionics developers with strong automation culture will be powering the decade ahead, starting in 2022.  
  2.   After a decade of struggles, experts now say Lockheed is in the driver’s seat, passenger seat, and all the other seats when it comes to fighter jets. And for buyers with ample (read “huge”) budgets, the F-35 is an easy choice. But add improved radar, improved stealth, and improved missiles, and the fighter jet itself is a platform, not the end-all. Ask yourself: what kind of computer or device are you using to read this article right now? Does it really matter or is the software and content more relevant?  Exactly.  
  3.   Yesterday’s shortening time-to-market will seem like a joke compared to 2022’s massively intensifying pressures.  New companies, new industries, and even countries new to aviation are all forcing greatly decreased product launch times.  Companies providing tools to assist with efficiency (such as AFuzion’s and Jama Software’s  DO-178C software development frameworks will see greatly increased sales but also even greater competition (details here: https://afuzion.com/plans-checklists/). 
  4. And my final forecast: all the smart people who predicted an end to Covid in 2021 and 2022 (Bill G, are you reading? 😉) will see their predictions to have been as correct as the majority of their prior predictions (really now, “email spam will be eliminated by 2006” –  go Google that one – too much time on private jets with other interests).  Folks, I predict Covid and its variants will be with us for years.  We’ll manage -humans are often frail but adaptable.  We’ll get our collective international acts together and form a more cohesive international Covid travel management policy and most of us will be flying as we were before. Except much less business travel (and more pleasure!)  because all the predictions above (Read #1 through #6) will REDUCE the need for business travel.  

There you have it:  hoping I beat Ted Williams record-breaking 40%+ success rate.  And that means I hope to see you wherever you are someday, but hopefully for pleasure, not just business! 


Thanks for tuning into our 2022 Predictions Series! To see some of the incredible products, software, and systems our customers are building with Jama Connect, visit our CUSTOMER STORIES PAGE.  

READ MORE



https://www.jamasoftware.com/media/2022/01/2021-12-28_2022-Predictions_Airborne_1024x512.jpg 512 1024 Decoteau Wilkerson /media/jama-logo-primary.svg Decoteau Wilkerson2022-01-25 03:00:022022-02-02 09:19:522022 Predictions for Airborne Product and Systems Development

MDR - Medical Device RegulationsIn this post, we pull out key takeaways from a recent whitepaper written in conjunction with Beanstock Ventures on the new EU medical device regulations (EU MDR) and how they might impact medical device development. 

As medical device technologies have rapidly advanced in recent years, regulations governing definitions, testing, and post-market activities have struggled to keep up. The pace of change and adoption of these technologies has made it difficult for governments and agencies to create the kind of inclusive and expansive rules that will ensure safety.

In response to this expanding market, the European Union released new guidance governing medical devices. With the release of Medical Device Regulation (MDR) 2017/745/EU, in 2017, the EU has issued the first updated regulations in more than 20 years. The new Medical Device Regulation (MDR) 2017/745/EU addresses software as a medical device [SaMD], as well as other products. It also places stringent requirements for compliance with post-market activities and post-market surveillance. While enforcement of these new regulations was scheduled to begin in May 2020, it was postponed until May 2021 due to the COVID-19 pandemic. What do these new regulations mean for the medical device industry? Experts from Beanstock Ventures explain what you need to know for EU MDR compliance.


RELATED POST: Ensuring FDA Compliance for Your Digital Health Solution


Key Takeaways:

  • The EU Medical Devices Regulation (MDR) has replaced the EU Medical Device Directive effective 26 May 2021.
  • The EU MDR is greatly expanded to cover more devices, including Software as Medical Device, implantable devices, contact lenses, and many digital health technologies. It also promotes a lifecycle approach to regulation.
  • EU MDR requires improved device traceability by introduction of a unique identification system, or UDI (see section 05), for medical devices approved for use in the EU. To keep track of devices through every lifecycle stage, a device identifier (UDI) will be assigned, and all production series will be marked with a production identifier.

EU Medical Devices Regulation (MDR), adopted by the European Parliament and Council as REGULATION (EU) 2017/745 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 5 April 2017, has replaced the former EU Medical Device Directive (MDD) and went into effect 26 May 2021. After this date, the MDR is applicable for all medical devices sold (developed or imported) in the European Union.

The most important changes in the EU MDR include:

  • Increased scope of medical device definition;
  • New classification rules (including Rule 11 that specifically addresses software);
  • Increased scope of general safety and performance requirements, technical documentation, and clinical data and evaluation requirements;
  • Introduction of traceability and identification system and database; and
  • Increased post-market product surveillance.

To learn more about EU MDR, download the full whitepaper. 



https://www.jamasoftware.com/media/2021/12/2021-12-28-new-eumdr-regulations-1024x512-1.jpg 512 1024 Jama Software /media/jama-logo-primary.svg Jama Software2021-12-28 03:00:462021-12-20 12:41:38Key Takeaways: What the New Medical Device Regulations (EU MDR) Mean for You

Design Control

Design Controls have been an FDA Quality System Regulation since 1997. Having worked on developing products in the regulated medical device industry for over 35 years, I have compiled a list of the five key takeaways for implementing design controls and achieving success in commercializing medical devices:

  1. Design Controls not only help achieve regulatory compliance, they help develop better products
  2. Design Inputs lay the foundation for product development, building a good foundation
  3. Don’t underestimate the power of Bidirectional Traceability
  4. Know the difference between Verification and Validation
  5. Risk Management is a vital part of Design Controls

#1 – Design Controls not only help achieve regulatory compliance, they help develop better products

Many companies think that design controls are a burden to development organizations imposed by the FDA, and it’s the price to pay for playing in the medical device field. However, what is often overlooked is that design controls only define the basic minimum requirements necessary to develop a product that can…

  • …meet the needs of the user.
  • …be designed to be safe and effective.
  • …be reliably manufactured.
  • …be verified and validated.
  • …maintained and updated throughout the product lifecycle.

These are all things that any development organization should do to successfully deliver products to market. I like to say that if you are doing the right things in product development, compliance comes for free!

#2 Design Inputs lay the foundation for product development, building a good foundation

The FDA defines design inputs as the physical and performance requirements of a device

that are used as a basis for device design. To generate adequate design inputs, the foundation upon which product development is built, the user needs must first be well understood. These needs, ideally written with the voice of the user, must then be translated into design requirements. In contrast to the user needs, these design requirements should be written using the voice of the engineer, and as such should be measurable and testable. Furthermore, design requirements should be traceable to a specific user need, risk control, or standard that necessitates the existence of said design requirement.

Research has shown that, on average, companies that are successful at developing products spend about 25% of the product development time on the generation of user needs and the subsequent design requirements. The return on this investment of time and resources reduces the need for rework and redesign, and ultimately leads to higher customer satisfaction. Failing to make the investment ensures that design inputs are complete and correct is analogous to building a house on quicksand, where the flaws in the foundation can cause issues throughout the construction and subsequent (likely short) lifetime of the house. Issues with requirements will impact development, verification, validation, and user acceptance of the product, so spending the time to get requirements right will be well worth the effort.


RELATED: Three Ways to Proactively (vs Reactively) Incorporate Design Controls in Medical Device Product Development


#3 Don’t underestimate the power of Bidirectional Traceability

In an audit, the trace matrix should be valued as a friend! Having and maintaining bi-directional traceability throughout the product lifecycle provides a number of benefits:

  • Effecting project tracking
  • Thorough change impact analysis
  • Ease of making future changes
  • Re-use of elements of the design
  • More effective issue resolution

To derive these benefits, the relationship between the following entities should be established:

  1. User Needs and Design Requirements
  2. User Needs and Validation
  3. Design Requirements and lower-level requirements
  4. Design Requirements and Verification
  5. Lower-level requirements and verification
  6. Lower-level requirements and Design Outputs
  7. Risk Controls and Design Requirements

In creating a trace matrix that has views to show all the bi-directional relationships of each of the elements described above can help answer most questions from an auditor.  With this level of traceability, I can trace from a user need all the way through implementation and test.

#4 Know the difference between Verification and Validation

The terms “Verification” and “Validation” often get combined and abbreviated to V&V; however, these activities are vastly different.

Verification is confirmation by examination and provision of objective evidence that specified requirements have been fulfilled. It is design-centric and answers the question “Did I build the product right?” Verification also entails gathering objective evidence that the design behaves as intended through the use of observation (visual inspection), measurement (values and tolerances), testing (function) or analysis (reviews).

Validation is confirmation by examination and provision of objective evidence that the particular requirements for a specific intended use can be consistently fulfilled. Unlike Verification, this is a user-centric term, and answers the questions “Did I build the right product?” and “For whom is this the right product?” Validation entails gathering objective evidence that the design satisfies the user needs through the use of Usability Studies/Human Factors Studies, Clinical Evaluation/Clinical Studies, Customer Surveys, and through Analysis of Verification Data.

Knowing the difference between Verification and Validation is of quintessential importance for ensuring customer satisfaction and regulatory acceptance of the product.

#5 Risk Management is a vital part of Design Controls

The elements of design controls are Planning, Design Inputs, Design Outputs, Design Reviews, Design Verification, Design Validation, Design Changes and the Design History File. So, what happened to Risk Management? Risk is mentioned in Design Control Regulation (QSR 820.30) all of one time, under Design Validation. The statement simply reads “Design validation shall include software validation and risk analysis, where appropriate.”

Fortunately, the FDA Design Control Guidance elaborates on requirements for risk management. The guidance includes this paragraph:

Risk management begins with the development of the design input requirements. As the design evolves, new risks may become evident. To systematically identify and, when necessary, reduce these risks, the risk management process is integrated into the design

process. In this way, unacceptable risks can be identified and managed earlier in the

design process when changes are easier to make and less costly.

The takeaway from this is that although risk management is just cursively mentioned in the QSR Design Control regulation, the intent of the regulation is that Risk Management be practiced starting from the point where design inputs are known and practiced throughout the product life cycle.  You cannot be compliant to the design control regulation without having an adequate risk management file.

Conclusion:

Design Control regulations have been around since 1997, but many manufacturers still have problems complying with design controls. Focusing on the best practices outlined above will derive the most benefit from implementing Design Controls, will lead to a more predictable development cycle, and ultimately result in higher-quality products that can be enhanced and maintained throughout their lifecycle.



https://www.jamasoftware.com/media/2021/09/2021-10-07-five-key-design-control-pracitces_1024x512.jpg 512 1024 Mercedes Massana /media/jama-logo-primary.svg Mercedes Massana2021-10-07 03:00:322021-09-30 11:27:59Five Key Design Control Practices that Improve Compliance and Help Develop Better Products

Compliance Management

Behind every successful product and product launch lies a complicated process that can involve multiple oversight agencies, cross-functional teams, and stakeholders. Within an organization’s governance, risk management, and compliance (GRC) framework, product teams must pursue market innovation while remaining in compliance. Staying in compliance with the vast array of rules, procedures, and contract clauses that govern product development can be a full-time job, and lack of management can lead to delays and failures that result in lost revenue, damaged reputation, or even legal action.

With so much on the line, every development project should have a process within the GRC framework to monitor compliance risk and compliance activities along the way. Unfortunately, compliance management can be difficult to integrate into the full design process, and compliance delays can hold up a product launch. Product teams often need a better way to integrate compliance management into the development process. Those teams that include compliance management in their processes can reduce the risk of failure—and potentially improve their speed to market.

What is compliance management, and how does it help product teams ship on time?

Compliance can refer to a variety of different laws, guidelines, standards, processes, procedures, or other controlling documents, including contracts. Compliance management refers to the intentional process by which designated team members or compliance officers monitor and control design, development, launch, and fulfillment to ensure that all legal, contractual, and procedural requirements are met.

Ideally, compliance management involves both people and a system that is fully integrated across functions of the organization. The more integrated the compliance management in the development lifecycle, the more likely it is to detect potential compliance issues before they cause long-term harm to companies or consumers.

A fully integrated compliance management system can help your product team ship on time or early by keeping all compliance factors top of mind during the design, development, and fulfillment process. When teams are ensuring compliance throughout the entire development lifecycle, unforeseen delays and consumer issues are less likely to derail product success.

To fully integrate compliance management, teams need a development process that includes touchpoints for assessing compliance. The process should include activities such as:

  • Standard operating procedures
  • Safety and security procedures
  • Reporting and documentation
  • Internal and external audits

Integrating all of these activities will help ensure that teams are fully prepared to establish compliance with applicable standards, regulations, and laws before launch, reducing the possibility of costly delays or failures.


RELATED: A Guide to Understanding ISO Standards

What is compliance control?

Compliance control is a set of guidelines and policies designed to provide a framework for compliance to product teams and stakeholders. These guidelines and policies apply to everyone involved in compliance management—from board of directors to compliance officers or compliance managers to team members.

Common internal compliance controls can include the following:

  • Published standards, policies, and operating procedures
  • Training and documented completion of training
  • Internal audits
  • Contracts

External compliance controls are those that originate anywhere outside the company:

  • Laws and regulations
  • Industry standards
  • External audits
  • External risk assessments

What is a compliance management system?

A compliance management system is a program that integrates written documents, processes, functions, controls, tools, and anything else that helps organizations comply with regulations and reduce risks to consumers that arise due to violation of applicable law. While a comprehensive compliance management system will include appropriate tools such as software, it will also clearly define the roles of various stakeholders, including:

  • Team members
  • Compliance officers or compliance managers
  • Board of directors
  • Internal auditors

The compliance management system will also define processes for:

  • Assessing and responding to consumer complaints
  • Addressing results of a compliance audit
  • Providing relevant compliance training as appropriate
  • Keeping informed of regulatory change
  • Taking corrective action when products are found in violation

RELATED POST: How to Perform Better Impact Analysis on Upstream and Downstream Relationships

Why is maintaining compliance so important for product teams working in regulated industries?

Former US Deputy Attorney General Paul McNulty has stated, “If you think compliance is expensive, try non-compliance.” In any industry, non-compliance can lead to fines, product failures, and lawsuits—not to mention the cost of lost reputation, customers, and business.

For teams working in regulated industries, maintaining compliance is especially important as there are often unique safety and regulatory issues at hand. In industries such as automotive, aerospace, and medical devices, one product that fails to meet regulatory or legal standards could potentially lead to the kind of product failure that results in loss of property or human life.

Studies by the Ponemon Institute reveal that non-compliance can cost as much as 2.65 times what compliance costs. What’s more, the institute found that non-compliance costs increased by 45% between 2011 and 2017.

What are best practices for compliance management?

While the specific practices for compliance management will vary according to industry, there are some best practices for compliance management that any product team can use to ensure a successful product launch.

  • Identify compliance officers: If your company doesn’t have a dedicated compliance officer, identify someone on your team who can at least serve as an ad hoc compliance officer. Identifying the right person (or people) early in the development process will give a central point of contact so that no one is wondering who is in charge of compliance.
  • Learn relevant requirements: All members of the team should at least have a familiarity with the regulatory and legal environment around product development. In addition, everyone should subscribe to government and industry mailing lists or websites to stay up-to-date on changes to regulations. One study found that regulatory monitoring saved companies an average of $1.03 million.
  • Create a central repository of requirements: Rather than simply documenting requirements that are relevant only to one team or project, companies should create a central source of information for all compliance requirements, including internal procedures and standards. With one central source for all teams to access and contribute to, teams are less likely to miss requirements in the development process.
  • Establish traceability between requirements and standards, regulations, and other relevant compliance documents: By documenting traceability between the compliance requirements and project artifacts, product teams create a robust analysis tool that can provide invaluable detail and information for audits and reviews.
  • Implement tools that support compliance management: While there’s no substitute for having human input and control over compliance management, there’s no question that having the right tools can make compliance a more manageable task. The right tool will support product teams by providing a central source for traceability, requirements management, analysis, documentation, and all related activities.

What makes a compliance program effective?

A comprehensive and effective compliance program will:

  • Reduce costs: When teams have a program in place for comprehensive compliance management, it’s almost inevitable that the team or company will save money overall.
  • Improve risk management: Evaluating and assessing risks throughout the lifecycle will improve risk management across the development lifecycle. Good compliance management will help teams identify and assess risks early in the development process.
  • Keep product development well within organizational GRC framework: An effective compliance program will keep development in compliance with internal controls and the overall organizational GRC framework.
  • Improve speed to market: When compliance is fully integrated into product design and development, the risk of delays drops, and chances of shipping on time or early increase.

RELATED POST: Checklist: Selecting a Requirements Management Tool

What tools and software can help product teams maintain compliance during the application lifecycle?

A compliance management solution is an important piece of any compliance management system. Within the overall framework of a compliance management system, a compliance management solution will support workflows, self-assessments, surveys, and issue remediation. In addition, intuitive dashboards and charts can provide real-time insights into compliance processes. 

How can Jama help teams working in highly regulated industries, like medical and aerospace, maintain compliance during the application lifecycle?

Jama Connect gives product teams the tools they need to integrate compliance management into the design lifecycle. By tracking requirements and giving teams the traceability they need, Jama Connect simplifies compliance management by integrating it fully into the application lifecycle. To learn more about Jama Connect, contact us for a demo.



https://www.jamasoftware.com/media/2021/08/2021-08-11-what-is-compliance-management_1024x512.jpg 512 1024 Jama Software /media/jama-logo-primary.svg Jama Software2021-08-11 03:00:432021-11-01 15:59:27What is Compliance Management, and How Can it Help Product Teams Ship on Time?

ASPICE

If you haven’t already, check out Part I of our ASPICE 101 blog series to learn about what the standard is and why it’s important to automotive development, and Part II, where we examine the similarities and differences between ISO 26262 and ASPICE. In this post, we take a look at the goals of ASPICE and the different compliance levels.


Fundamentally, the goal of ASPICE is to define best practices for development of embedded software for vehicles.

Given that a modern vehicle can involve hundreds of millions of lines of code, creating some objective “best practices” can only benefit the teams working on this code. And it’s not just how much code is required that adds complexity — it’s also the fact that companies increasingly work across geographic and industry boundaries. When looking for suppliers, having some objective standards of assessment can be useful.

ASPICE is based on the V-Model — a model that requires logical decomposition of requirements and rigorous evaluation through testing at each stage of development. This model benefits both suppliers and system integrators by giving opportunity to eliminate problems in early development stages and providing a framework for ideation and development.

ASPICE V-ModelIt also ensures continuous innovation and product development. On the left side of the V-Model are initial phases of product development.

  • Requirement Analysis: Discovering, listing, and prioritizing client requirements
  • System Design: Mapping client needs and putting them into a viable work model
  • Architecture Design: Organizing requirements into logical operations
  • Module Design: Creating software requirements that match system requirements and developing service units
  • Coding: Designing and implementing units; this is the point of the V

On the right side of the V-Model are the secondary phases of product development:

  • Unit Testing: Determining if code and design match and standards and requirements are met
  • Integration Testing: Evaluating software architecture and service units
  • System Testing: Integrating everything into the full system and testing
  • Acceptance Testing: Performing final tests

The advantage of the V-model is that it promotes testing and improvement throughout the development cycle. For each point along the V, there is a corresponding testing phase and additional traceability and management processes. Suppliers who follow this ASPICE model can earn certifications according to standardized achievement phases; the ASPICE standard is scored in levels from zero to five, which clients can use to evaluate the proficiency of the development team.

ASPICE levels are as follows:

LEVEL 0 | Basic

Teams at Level 0 are still developing processes or systems. They can, at most, “partially” achieve ASPICE requirements. These teams should focus most of their efforts on managing basic tasks.

LEVEL 1 | Performed

Teams achieving Level 1 either nearly or completely deliver standard ASPICE requirements, but likely have gaps in their processes.

LEVEL 2 | Managed

Level 2 teams can reliably deliver work products and almost or completely achieve ASPICE standards.

LEVEL 3 | Established

At Level 3, teams have established and set performance standards and are engaged in continuous improvement to constantly evaluate and learn.

LEVEL 4 | Predictable

Level 4 teams measure, record, and analyze outcomes; evaluate outcomes and processes objectively; and consistently meet performance standards.

LEVEL 5 | Innovating

Level 5 teams have reached a stage where they are not only consistently delivering high performance and quality products, but also engaging and investing in continuous improvement. These teams also analyze performance standards for quantitative feedback and causal analysis resolution.

ASPICE does not prescribe tools or techniques for teams, but rather gives a framework for examining the approach to internal development methods. The ASPICE standard is mostly generic and largely tool and process “agnostic” — that is, it gives a framework for evaluating the process and outcomes, but does not dictate the best processes or methods for every team. Because every team is different, this generic approach can help bring order and improvement to any team operating in any automotive system or space.

ASPICE levels look daunting, and for a start-up or young team, the idea of achieving Level 5 might seem out of the question. However, it’s important to note that Levels 4 and 5 are aspirational; most teams that achieve these levels are part of very large corporations. Level 2 is a more realistic initial target, and by the time teams are at Level 3, they are functioning at a standard broadly considered “excellent.”

How ASPICE Affects Automotive Development

The world of automotive development is only becoming more complex.

Some factors that are increasing complexity:

Consumer demand: A connected world means that consumers want seamless connectivity across their entire lives. The lines between work, home, and leisure are increasingly blurry, and consumers who still need vehicles to get from point A to point B will want all of those pieces of their lives to be integrated — even behind the wheel.

Increasing regulation: With the increasing complexity of auto systems and a focus on reducing climate impact, auto manufacturers will have to comply with new and possibly shifting regulations across different entities.

Rapid innovation: Technology continues to change and innovate at a breakneck pace. With systems increasingly integrated into automobiles, manufacturers will have no choice but to keep up with innovation. In fact, as of 2019, 80% of product innovation in automotive comes through software development

Fortunately, ASPICE can help auto suppliers and original equipment manufacturers (OEMs) respond to this increasing complexity in multiple ways:

Control the process: ASPICE gives teams clear guidance for evaluating and controlling their development processes, which can help ensure product quality, shorten time to market, and reduce costs.

Streamline supplier selection: By clearly defining levels of achievement, ASPICE can help OEMs assess and evaluate suppliers. If suppliers achieve Level 2 or 3 in ASPICE, OEMs can be fairly certain they are getting quality products.

Reduce costs and improve time to market: Because ASPICE is more concerned with process than with specific regulations or safety guidelines, using the standard can help teams reduce costs and improve efficiency, thereby improving overall market competitiveness.

How to Ensure Compliance with ASPICE

Most automotive developers are rigorously working towards ASPICE compliance and there are many advantages to aiming for it.

1.) It’s possible that compliance will be required some time in the future, so working toward it now is a positive step in preparation.

2.) Automotive development is only getting more complicated, not less, and development will continue to require teamwork across industries, companies, and geographies. Working within the ASPICE standard will help ensure consistency.

3.) Working within ASPICE will give teams a competitive edge over other suppliers and OEMs who are not yet using the standard.

But knowing that compliance is desired and actually achieving it are two different things. How can teams ensure compliance with the ASPICE standard?

Start with an honest assessment.

Teams can’t know where to go until they know where they are. A good place to start is to draft current processes and compare them to the ASPICE V-model. This effort can provide good insights into current levels compliance and where improvements can be made.

Confront the gaps and missing pieces.

Most teams will have some gaps in their processes or procedures. Likewise, some teams will have unclear separation between steps in the V-Model. Look at the gaps and assess how to close them, and identify where additional steps should be introduced.

Include stakeholders.

Be sure that all stakeholders have complete visibility into the ASPICE compliance efforts, and clearly define the resources those stakeholders can provide where necessary.

Test every phase.

Testing is vital to ASPICE compliance. Be sure to include rigorous testing at every phase in the process.

Operate under the new guidelines.

Once the plan is in place, implement it immediately.

Reassess and improve.

After completing a new product under the new ASPICE compliant processes, reassess, evaluate, and look for ways to improve. This constant focus on improvement is what allows teams to achieve higher levels of ASPICE compliance.



https://www.jamasoftware.com/media/2021/07/2021-07-27_aspice-101-goals-requirements-levels_1024x512.jpg 512 1024 Jama Software /media/jama-logo-primary.svg Jama Software2021-07-27 03:00:122021-07-22 12:58:24ASPICE 101: Goals, Requirements, and Levels

ISO 26262 vs. ASPICEIf you haven’t already, check out Part I of our ASPICE 101 blog series to learn about what the standard is and why it’s important to automotive development. In this post, we take a look at ISO 26262 vs. ASPICE and examine the similarities and differences between these two important automotive standards.

ISO 26262 vs. ASPICE for Automotive Compliance

Of course, automotive companies already use ISO 26262, and introducing yet another automotive compliance piece into a very full process may feel overwhelming. It’s understandable why companies would be asking if they need to adhere to both ASPICE and ISO 26262 when they are already focused on ISO 26262 compliance.

The answer, in short, is that while there is no regulatory requirement to use ASPICE, using the model can greatly benefit companies that want to stay competitive in the automotive industry. According to the Project Management Institute, 47% of project failures can be traced back to poor requirements; any guidance or set of standards that can help mitigate that risk is worth the implementation effort.

While ASPICE and ISO 26262 are complementary and do overlap in places, they ultimately serve different purposes. ISO 26262 covers functional safety standards for vehicles. It incorporates safety analysis methods that account for random and systematic errors in electrical and electronic systems and is broadly adopted worldwide. ASPICE is the current standard for software best practices in the automotive industry. It covers how to conduct software and systems design whether or not safety is a concern.

The best approach for automotive development teams is to consider both ASPICE and ISO 26262 guidelines.

ISO 26262 vs. ASPICE: Similarities and Differences

There are several key distinctions between ASPICE and ISO 26262:

ISO 26262 vs. ASPICE

Stay tuned for our next post in the ASPICE 101 blog series where we discuss goals, requirements, and levels of ASPICE compliance. 



https://www.jamasoftware.com/media/2021/07/2021-07-20-aspice-vs-iso26262_1024x512.jpg 512 1024 Jama Software /media/jama-logo-primary.svg Jama Software2021-07-20 03:00:212021-07-20 15:01:29ASPICE 101: ISO 26262 vs. ASPICE

ISO StandardsIf you’ve worked in product development for any time at all, you’ve probably heard the term “ISO” used in conjunction with the terms “standards” and “compliance” (along with a variety of four- and five-digit numbers).

But what does that all mean, and how does it affect you? In this article, we will provide you with a basic guide to understanding ISO standards.

What is ISO and What are ISO Standards?

The International Organization for Standardization is a nongovernmental organization. It consists of a network of standards bodies from 165 member countries (currently), with one body representing each member country. The American National Standards Institute (ANSI), for example, represents the United States. The organization maintains a central office in Geneva, Switzerland, to oversee this network.

Because “International Organization for Standardization” is a mouthful and would have different acronyms in different languages, the organization’s founders chose ISO—derived from the Greek ‘isos’, meaning equal—as its official abbreviation. As the group’s website proclaims: “Whatever the country, whatever the language, we are always ISO.”

ISO’s purpose is to help unify standards on an international basis. ISO standards are designated by the term ISO followed by a number, like ISO 9001. In some cases, ISO standards share a numeric code with an industry association, as in the case of ISO/IEC 12207. IEC stands for the International Electrotechnical Commission, which prepares and publishes international standards for electrical, electronic, and related technologies.

Nearly 800 ISO technical committees and subcommittees are tasked with standards development. As of June 2021, ISO has published some 23,886 international standards covering almost all aspects of technology and manufacturing.

What Are the Benefits of ISO Standards?

ISO forms a bridge that links the public and private sectors. Many of its member institutes are either departments of their national governments or mandated by them. Other member organizations are rooted solely in the private sector, having been set up by industry association partnerships within their country. ISO helps these diverse bodies reach consensus on solutions that meet both the requirements of business and the broader needs of society.

ISO standards help make the world a safer place and give consumers confidence that the products they buy are safe, reliable, and of high quality. Regulators and governments count on ISO standards to help develop better regulation, knowing they have a sound basis thanks to the involvement of globally recognized experts.

Finally, compliance with ISO standards gives companies an advantage in the marketplace. ISO certification provides assurance to potential customers that the company adheres to industry best practices. In many industries, companies require that their suppliers are certified to certain relevant ISO standards.


RELATED POST: How to Perform Better Impact Analysis on Upstream and Downstream Relationships

How Does ISO Design New Standards?

The ISO process for creating a new standard begins when an alliance of industry associations or consumer groups submits a request. ISO then recruits subject matter experts and industry stakeholders to form a technical committee or subcommittee. This committee executes a two-round drafting process and then takes a formal vote on the second draft. This second draft is called the Final Draft International Standard (FDIS). If the FDIS is approved, it is certified by the central secretariat, and ISO publishes it as an official international standard.

As technologies and best practices evolve, industry associations may request an update of an ISO standard. Different versions of the standard are distinguished by the year the revision was published appended to the standard designation. For example, the latest version of ISO 9001 is ISO 9001:2015.

What ISO Standards Are Related to Product Development?

ISO 9001

The ISO 9000 family of quality management standards is easily the most popular set of industry standards in the world. Of these, ISO 9001 is the only one to which companies can be certified.

ISO 9001 describes how to put a Quality Management System (QMS) in place to better prepare your organization to produce quality products and services. Today, over one million companies in more than 170 countries are certified to ISO 9001:2015.

ISO/IEC 12207

ISO/IEC 12207, Systems and software engineering – Software lifecycle processes aims to define all the processes required for developing and maintaining software systems, including the outcomes and/or activities of each process.

First introduced in 1995, ISO/IEC 12207 establishes a common framework for software life cycle processes with well-defined terminology that can be referenced by the software industry. It defines the processes, activities, and tasks to be applied during the acquisition of software products or services, as well as during the supply, development, operation, maintenance, and disposal of software products and to the software portion of firmware, as well.

ISO/IEC 12207 also provides a process that can be employed for defining, controlling, and improving software life cycle processes.

ISO 8887

ISO 8887 specifies the requirements for the preparation, content, and structure of technical product documentation (TPD) of the design output for the cycles of manufacturing, assembling, disassembling, and end-of-life processing of products. It describes the TPD needed at the critical stages of the design process.

Beyond those requirements, the standard also identifies and describes methods and conventions appropriate to the preparation of documentation necessary to realize a design, including the application to multiple life cycles. ISO 8887 also incorporates guidance on the ultimate reusing, recovering, recycling, and disposing of the components and materials used.

ISO/TS 16949

Based on ISO 9001, ISO/TS 16949 is a technical specification (TS) aimed at the development of a quality management system that provides for continual improvement within the automotive industry. First published in 1999, it emphasizes defect prevention and the reduction of variation and waste in the automotive industry supply chain and the assembly process.

According to the British Standards Institution (BSI), the ISO/TS 16949 standard was created by the International Automotive Task Force (IATF) to help streamline this process. It focuses on the avoidance of errors and defines the requirements for the development, production, and installation of automotive-related products. Today, certification is required by almost all Tier 1 companies, many of whom require their Tier 2 and Tier 3 suppliers to certify. As a result, over 50,000 certifications have been issued to date against this standard.

ISO 26262

ISO 26262, Road vehicles – Functional safety applies to safety-related systems that include one or more electrical and/or electronic (E/E) systems and that are installed in series production passenger cars. Introduced in 2011, this standard addresses possible hazards caused by malfunctioning behavior of E/E safety-related systems, including the interaction of these systems.

With the increased number and interaction of electronic systems within passenger vehicles, this standard is being adopted rapidly within the automotive industry.

ISO 13485

Unlike many ISO standards, ISO 13485, Medical Device Quality Standards, is a single document and does not belong to a family. It was originally published in 2003 and revised in 2016.

ISO 13485 puts a quality management system in place for the production of medical devices and equipment and is very specific to the health industry. It is often implemented with ISO 9001 to show that an organization is qualified to do business in the medical device field.

ISO 13485  is a regulated standard against which over 25,000 certifications have already been issued.


RELATED POST: Checklist: Selecting a Requirements Management Tool

How ISO Affects the Product Development Process

Product developers sometimes ask, “What are the differences between standards and requirements?”

According to Merriam-Webster, a requirement is “something wanted or needed; a necessity” or “something essential to the existence or occurrence of something else.” Other definitions include “a necessity or prerequisite” and “something required or obligatory.”

Webster’s defines a standard as “something set up and established by authority as a rule for the measure of quantity, weight, extent, value, or quality” or “something established by authority, custom, or general consent as a model or example.” In other words, a standard is a principle, example, or measure used for comparison—a benchmark used to evaluate suitability for a purpose.

To meet a requirement, a thing, person or organization must do exactly what the requirement says. To meet a standard, a thing, person or organization must meet the minimum requirements of the standard and align with its intent. Standards typically allow some leeway for tailoring to individual organizational practices and obligations.

As mentioned earlier, many corporate and governmental customers want their suppliers to adhere to certain ISO standards, especially in industries that are multi-tiered or highly regulated. Certification to applicable standards is often a contractual requirement within those industries.

Is ISO Compliance Required by Law?

The ISO standards themselves are not legally binding. There are no laws that compel companies to meet or be certified to any ISO standards.

However, national regulators may refer to ISO standards as examples of good practice. For example, a building regulation might say you must comply with certain local regulations and that one way of complying with those is to comply with a given ISO standard.

Also, while not legally bound, many companies find certification to certain ISO standards is a necessity if they wish to compete for contracts within their industry or with specific customers.


Want the inside scoop? See what users are saying about Jama Connect

What is ISO Certification?

In this guide, we’ve talked frequently about ISO compliance and ISO certification. So, what’s the difference?

Compliance simply means that your product or process conforms to the requirements of the ISO standard. ISO certification, on the other hand, is the result of a formal procedure and thus a bit more complicated.

ISO itself does certify companies directly. Instead, specific certification bodies perform the task of auditing and then certifying an organization’s compliance with a given ISO standard. These bodies, often known as registrars, must themselves be certified under a separate standard, ISO/IEC TS 17021.

During the certification process, the registrar audits the organization to ensure that its operations are in compliance with processes outlined in the current ISO standard. Where inconsistencies or “non-conformities” are found, the organization must typically create a program for correcting these problems before the registrar will issue a certificate.

Once an organization is granted certification, it receives a certification mark that can be used on its company stationery, websites, etc.

When it comes to ISO standards governing ongoing business practices, like ISO 9001 for example, approval is typically valid for a period of three years. After that, the company must recertify to the current form of the standard.

Applying ISO Standards in Lifecycle and Requirements Management

What tools can help meet ISO standards in the realm of product lifecycle management? Jama Software provides several.

First and foremost of these is our flagship product, Jama Connect. For example, let’s say your organization is seeking certification to ISO 9001. To achieve that certification, you need to demonstrate you have put in place a defined, repeatable process for assuring quality. Jama Connect is a tool built specifically for requirements management and requirements traceability. Not only does Jama Connect simplify the tracking and tracing of requirements, it also makes it simpler and easier to maintain and demonstrate a robust quality process. That’s because Jama Connect automates so much of your requirements management process.

We’ve also built guides that will help you build compliance with specific ISO standards. If you work in the automotive sector, you may want to check out our guide for ISO 26262 compliance. Likewise, if you work in the medical device field, be sure to get a copy of our Guide to ISO 13485 for Medical Device Development.

Finally, to learn more about choosing the right requirements management tools to help your company attain or maintain ISO certification, download our Requirements Management Buyer’s Guide.



https://www.jamasoftware.com/media/2021/07/2021-07-15_guide-to-iso-standards_1024x512.jpg 512 1024 Jama Software /media/jama-logo-primary.svg Jama Software2021-07-15 03:00:152021-11-01 15:11:05A Guide to Understanding ISO Standards

IATF 16949

Throughout this automotive blog series, our experts have described numerous ways that Jama Connect can support and accelerate product development for automotive suppliers and OEMs and drive compliance to key safety standards like ISO 26262. Now let’s look at how requirements management and this focus around functional safety fit into the larger view of organizational quality management systems (QMS) aligned with IATF 16949:2016.

International Automotive Task Force (IATF) 16949

The IATF 16949 standard defines the components of an automotive industry aligned quality management system to provide a harmonized structure for companies to implement and meet their customers and the broader markets expectations for quality and consistency of organizational processes.  IATF 16949 also fully aligns with the structure and application of ISO 9001:2015 and is focused on seven Quality Management Principles:

  1. Customer Focus
  2. Leadership
  3. Engagement of People
  4. Process Approach
  5. Improvement
  6. Evidence-based Decision Making
  7. Relationship Management

While ISO 26262 defines functional safety and focuses at the project or product level, IATF 16949 is a broad-based organizational standard that defines a way of working for various functions throughout the business.  A good example of the contrast in scope is the text of section 8.3.2.1 of IATF 16949:  “The organization shall ensure that design and development planning includes all affected stakeholders within the organization and, as appropriate, its supply chain.”

Jama Connect for Automotive

While different in scope and scale, there are certainly several key tenants in both standards that mean a requirements management tool like Jama Connect® for Automotive is critical not only for compliance – but for efficient execution that drives value for customers. Here are three topics to consider:


RELATED: Watch a demonstration of the Jama Connect for Automotive Solution


Requirements Matter

To assure the first principle of Customer Focus, requirements must be central to any quality management system implementation. The standard explicitly accounts for items like review of requirements and feasibility assessment, evidence of customer-waived requirements, and communication of changes to ensure impacts are accounted for in downstream operations. Maintaining tight control of requirements, including reviews and versioning, creates the foundation that a robust quality management system can build upon.

Safety and Quality Go Hand in Hand

Product safety is specifically outlined in Section 4.4.1.2 of the IATF 16494 standard – and although it’s not prescriptive, it does align implicitly with ISO 26262 and acknowledges that safety is a key measure of quality and conformance of products and processes. Key areas of alignment between safety and quality standards, and supported by Jama Connect for Automotive, which will accelerate or strengthen a quality management system include:

  • Technical safety requirements
  • System architectural designs
  • Hardware design and verification
  • Software design and verification
  • Hazard Analysis and Risk Assessment (HARA)
  • Project management
  • Change control
  • Confidence in the use of software tools

RELATED: Learn more about the Jama Connect Functional Safety Kit for Automotive Teams 


Stakeholder Engagement is Critical

To meet the requirements of a strong quality management system, particularly in the automotive sector, requires both internal and external stakeholder engagement – and puts a particular focus on the role of top management.  With this focus, maintaining strong alignment and communication within the organization and with the supply chain is crucially important. Organizations may bring stakeholders into a formal review process or may exchange information through industry standard protocols such as ReqIF [link to Part III blog], in order to ensure optimal QMS performance. Regardless of method or specific process – maintaining clear documentation, managing change, capturing approvals and/or electronic signatures at appropriate milestones, and maintaining overall traceability of quality and safety data are all key to success in this complex web of internal and external stakeholders.

Jama Connect for Automotive includes a fully functional framework that teams can use to start getting value immediately as a component of a quality management system aligned to IATF 16949:2016. This includes complete documentation for how to complete each process most efficiently in Jama Connect for Automotive. Industry-specific Professional Services are also included to guide customers through the inevitable customizations needed by each organization.


To learn more about how Jama Connect for Automotive can help your team simplify compliance, streamline development, and speed time to market, download our solution overview.

DOWNLOAD NOW

https://www.jamasoftware.com/media/2020/11/2020-11-05_PartIV-AligningQMSwithIATF16949_1024x512.jpg 512 1024 Jama Software /media/jama-logo-primary.svg Jama Software2020-11-05 03:00:572020-11-05 03:00:57Part IV: Aligning Your Organizational Quality Management System (QMS) with IATF 16949

Functional Safety Compliance

In Part II of our six-part automotive series, our experts discuss how to ensure functional safety compliance using Jama Connect for Automotive. If you’re new to our Automotive Development blog series, you may want to go back and read Part I and the Series Intro. 

While safety has long been an important aspect of developing automotive systems, traditional safety considerations have largely involved mechanical systems. The modern automobiles, however, are increasingly relying on electronic systems and significant amounts of software.  This increase in electronics in vehicles brings in new considerations when it comes to functional safety compliance.

Note: Now that our automotive development blog series has concluded, you can go back and read series intro and Part I.

Functional Safety Compliance: ISO 26262

The standard that is concerned with the functional safety of electronic systems is ISO 26262. ISO 26262 is actually a series of standards that provides a framework for developing both electronic hardware and software systems where functional safety must be achieved. The standard describes a process for identifying risks in a system and provides guidance for mitigating those risk. The guidance is provided in the form of requirements and processes that are understood by the industry as the current state of the art for achieving functional safety.


RELATED: Watch a demonstration of the Jama Connect for Automotive Solution


A major component of ISO 26262 is a robust series of processes for requirements management and traceability. The processes require that organizations develop safety goals, translate those into functional requirements, technical requirements, and eventually both hardware and software requirements as appropriate for the system. The system must then be fully verified against all requirements and specifications. Critically, the processes require that traceability between the requirements, specifications, and verification activities be maintained and all documentation carefully reviewed.

Jama Connect for Automotive

A requirements management tool like Jama Connect for Automotive reduces the manual effort required in adhering to ISO 26262. Jama Connect for Automotive’s traceability features are ideally suited to maintaining and analyzing the required traceability. The review features are the ideal way to ensure documentation is fully reviewed and approved by a cross-functional team. The export features generate well-formatted documents for many of the work products required by ISO 26262.

The flow diagram below summarizes the ISO 26262 processes that can be managed in Jama Connect for Automotive. The boxes with an orange border represent the recommended work products to be captured in Jama Connect for Automotive. The boxes with a gray border represent the work products that benefit from being captured in Jama Connect for Automotive, but some organizations might choose to capture elsewhere.


RELATED: Learn more about the Jama Connect Functional Safety Kit for Automotive Teams 


High-Level ISO 26262 Process in Jama Connect for Automotive

Jama Connect for Automotive includes a fully functional framework that software teams can use to start getting value immediately. This includes complete documentation for how to complete each process most efficiently in Jama Connect for Automotive. Industry-specific Professional Services are also included to guide customers through the inevitable customizations needed by each organization. A complete list of the processes for working in Jama Connect for Automotive that align with ISO 26262 are listed in the table below.

ISO 26262 Alignment to Jama Connect Processes


To learn more about how Jama Connect for Automotive can help your team simplify compliance, streamline development, and speed time to market, download our solution overview.

Learn more about the Jama Connect Functional Safety Kit for Automotive Teams 

https://www.jamasoftware.com/media/2020/08/2020-09-17_PartII-HowToEnsureFunctionalSafety_1024x512.jpg 512 1024 Adrian Rolufs /media/jama-logo-primary.svg Adrian Rolufs2020-09-17 03:00:082021-11-02 15:28:22Part II: How to Ensure Functional Safety Compliance with Jama Connect for Automotive

Product Development Challenges

Do you know the most common product development challenges engineers face? In this post, we have identified them and provided solutions that enable a more modern and efficient product development process.

An ideal product development process requires close collaboration between teams, up-to-date knowledge of applicable regulations, and efficient requirements management platforms for defining, verifying, and validating requirements. However, not every manager is convinced that his or her team needs to do a better job on requirements development and management, or that such an investment will pay off—despite numerous industry studies which indicate that requirements issues are a pervasive cause of project distress.

With the growing complexity of products and software, the more complicated the process required to build it becomes—and the accompanying increased risk of flaws which can lead to expensive, and potentially reputation-harming recalls.

These new complexities have raised the stakes—and made the case—for the need to optimize the product development process from end to end. Engineering and design teams need solutions to the most common product development challenges that provide purposeful, structured collaboration; connect globally distributed team members; and accurately capture and facilitate feedback, decision making, and context for requirements under review.

Doing so requires first overcoming some significant obstacles. To help navigate the journey toward better product development, let’s examine ten of the most prominent product development challenges engineers face and their corresponding solutions.

1. Move on from outdated legacy or document-based solutions

The Product Development Challenge: The traditional approach to managing risks and requirements is highly manual. Teams that operate with a documents-based approach, exchange numerous spreadsheets, and versioned documents via email. This method has real drawbacks:

  • No single source of truth: A spreadsheet with a project’s traceability matrices could have many cells, but no guarantee its data was authoritative or even up to date. Different versions might be floating around, requiring any changes to be painstakingly manually coordinated to achieve team-wide alignment.
  • Limited collaboration: Sending complex requirements documents over email leads to important updates getting lost in people’s inboxes and projects being delayed. As remote teams become more common, such issues are even trickier to manage.
  • Excessive rework: Without effective change management—which is very hard for teams who rely on static, emailed requirements documents—teams often end up developing (or testing) off of older versions of requirements which inevitably leads to misalignment and costly rework.

The Solution: Jama Connect™ provides the single source of truth absent from document-based solutions. Teams from anywhere can collaborate in real-time on a unified platform and capture accurate feedback, review progress, and conduct approvals. That leads to earlier identification and control of risks, which helps reduce rework and keep projects on schedule and under budget.

2. Simplify compliance and meet regulations or standards

The Product Development Challenge: Product development has become much more complicated over time. As a result, so has product risk—and the accompanying regulatory compliance required.

A Jama Software-sponsored survey on Engineering.com found that 62% of respondents reported being reprimanded by regulatory agencies for product development issues. More broadly, recalls have been increasing in certain industries, with medical device recalls more than doubling year-over-year in Q1 2018, due primarily to software-related defects.

The Solution: To address these product development challenges, Jama Connect is engineered to ensure quality with frameworks aligned to key industry standards that streamline design, development, and risk management while maintaining compliance.

Jama Connect helps customers in industries like medical device, aerospace, and automotive solve this product development challenge by streamlining their quality and risk management processes with defined processes for development and production and detailed traceability—from the high-level user needs and systems requirements through to validation and verification. Teams can streamline their product development with templates aligned with industry standards, compliant reviews and approvals, and end-to-end traceability making audit preparation and record-keeping a straightforward process.

3. Establish and implement effective review cycles

The Product Development Challenge: Without the right platform and processes in place, review cycles can be time-consuming and fragmented. For example, under the manual approach to requirements management described earlier, a review cycle can be repeatedly delayed due to versioning issues with documents and lack of visibility throughout the review process. Teams can also spend hours per week in review meetings, just to ensure everyone is on the same page.

Streamlined review cycles require:

  • One source of truth for requirements and tests
  • A straightforward way to send items like requirements, user stories, or test cases for review
  • Best practices for each of the major roles involved (i.e., reviewer, approver, moderator)
  • Real-time collaboration within a shared, dynamic requirements management platform
  • A formal approval process to capture and record sign-off

RELATED: Streamlining Requirements Reviews: Best Practices for Moderators, Reviewers, and Approvers


The Solution: Jama Connect Review Center can solve this product development challenge by serving as the single place for reviewers, approvers, and moderators to collect and manage all requirements and feedback for a project in real-time.

Inviting internal and external collaborators into a review cycle is easy, plus roles can be assigned and all agreed-upon requirements approved much more quickly than with manual processes. Pharmaceutical manufacturer Grifols reduced its planning time by 80% by using Jama Connect to accelerate review cycles.

4. Enable secure, cross-functional collaboration across teams, customers, and complex supply chains

The Product Development Challenge: People working together is at the very core of all product development work. The ability to effectively collaborate is critical for innovation. In this era of rapidly accelerating change, structured and strategic team collaboration is the key to improving the product development process for all team members. And in this era, the “team” includes everyone across the supply chain.

Today’s market demands require companies to build partnerships and seek solutions with more specialized materials. These partnerships mean greater sharing of data across distributed teams, partner organizations, and business units, sending a ripple effect through the supply chain as subsystem suppliers must anticipate features on the finished products and get ahead of release schedules and component costs.

But for engineers who are used to working on internal, siloed teams, these new partnerships present previously unforeseen challenges. What worked before doesn’t work today.

Aligned requirements management is necessary for developing products that meet all customer and market requirements while adhering to industry regulations and standards. More specifically, optimized gathering and authoring of requirements are needed to ensure product quality and meet specific requirements, minimize risks, accurately scope projects, enable collaboration, and align teams.

The Solution: Requirements gathering should follow a systematic process, focused on what eventual end users will do and the requirements that must be met to support those behaviors. This approach ensures that both high- and low-level requirements and their dependencies are covered and that corresponding tests can be set up and run.

As teams seek input and feedback on product and systems requirements, tools like Jama Connect are critical in capturing these insights in real-time. With everyone having access to the most up-to-date information, stakeholders can stay informed and aligned, reviews can be streamlined, and teams have better visibility into the progress of their work. This helps reduce the complexities of communication and saves time by having a single source of information regardless of geographic or institutional location, which enables collaboration across a variety of relationships. Having a single platform where these teams can come together to review and connect will keep programs on track, keep teams collaborating, not let insights slip through cracks, and allow for innovation.

Engineers typically collaborate with outside companies by exchanging requirements. Data Exchange for Jama Connect enables the transfer of requirements and associated metadata between customers and suppliers. The solution allows for the import, export, and update of requirements data to create an ongoing exchange throughout the product development lifecycle, allowing for collaboration to extend to remote engineering teams and companies.

RBC Medical saved an average of $150,000 per project by upgrading to Jama Connect eliminating the back-and-forth email tag that characterized its previously manual processes.


RELATED: How to Avoid Ambiguity and Save Your Requirements


5. Ensure product quality and improve change management with complete traceability

The Product Development Challenge: Maintaining cross-team visibility and staying on top of disparate documentation and processes along the way is a central challenge of working with manual, document-based workflows. It becomes difficult to accurately assess the impact of a proposed change (i.e., perform impact analysis) and to ultimately ensure requirements are properly tracked across the entire product development lifecycle.

The Solution: To make impact analysis more scalable, teams need end-to-end traceability. In Jama Connect, links that are downstream from modified items get automatically flagged as “suspect,” and relevant contributors can be notified right away to take corrective action. Modern traceability software maps out the relationships and interdependencies in product development, allowing for assiduous tracking of risks and requirements in their full historical context.

Important data, such as the percent of downstream test cases that have passed and where coverage may be missing, is also easy to view, while the system’s requirements can be updated in a centralized place as the project progresses.

The right requirements management technology can provide clear traceability that allows teams to maintain a rigorous formal change management process; reveals interdependencies with the process; and enables alignment, making it easier to bring in the right decision-makers at the right time. This level of traceability, with visibility into who made each change and for what reasons, has become especially important as products and systems become more complex and software-driven.

The result is improved confidence that teams are working with the right requirements, have the information they need to conduct useful impact analysis and are generally able to trace forward from, and back to, requirements as needed.


RELATED: Five Tips for Requirements Traceability


6. Manage development complexities across hardware and software teams

The Product Development Challenge: Software is an ingrained part of modern product development and one that can greatly increase risk if not properly managed. Moreover, complex software requirements have to be managed in tandem with those for hardware. The growing connectivity embedded into today’s ever more complex and often safety-critical products, puts pressure on both software and hardware teams to manage their development processes with more efficiency and effectivity. In fact, in a recent study from Engineering.com, over the last five years, 76% of respondents reported dealing with three or more increased measures of complexity and 25% saw their products become more complex in five or more ways.

The Solution: In a platform like Jama Connect, risks and requirements related to software and hardware can be managed proactively, not reactively. Teams can quickly see the full historical context around a requirement when they receive invitations to contribute to a project. Out-of-the-box frameworks that include industry-specific, software development methodology and risk management also minimize setup time, so that important risks in software and hardware can be identified, assessed, and acted upon as early as possible.

Configurable workflows accommodate various process styles, development methods, and tools to ensure adoption, with flexibility to support your Agile, Scaled Agile or Hybrid development process. Requirements data can be integrated with other tools across the development process to ensure everyone stays aligned.

One of the most common scenarios is integration of requirements to Atlassian Jira. With the Jama Connect for Jira integration, product teams can maintain critical information about their product requirements and test cases and directly connect them to development activities in Atlassian Jira, including sprint planning, task management, estimations, and defect and issue tracking.


RELATED: 3 Ways Products Became More Complex in the Last Five Years


7. Increase quality and efficiency by testing earlier in the lifecycle

The Product Development Challenge: It’s well understood that identifying potential defects earlier in the lifecycle prevents costly rework. But how can organizations proactively involve QA at the front end of the process?

The Solution: Early testing prevents defects from surviving until the late stages of the lifecycle, when they become especially costly to fix. In addition, early and frequent testing allows for innovation.

The National Institute of Standards and Technology has estimated that the relative cost of fixing a software bug is 30 times higher in production than in the requirements and architecture stage of development.

Conducting some form of testing, at every stage of the product development lifecycle, is highly recommended. Getting the right feedback at the right time ensures that you can deliver a high-quality product on time.

In the early stages of development, performing customer exploratory testing is the most cost-effective way to make sure your product strategy is on the mark. And, at the end of the development lifecycle, conduct system integration tests to ensure components are working harmoniously.

Jama Connects helps engineering and quality assurance teams define, organize, and execute requirements-based test plans and test cases to ensure quality and compliance. Teams can streamline reviews and approvals, perform manual testing, and integrate with trusted test execution and automation solutions.


RELATED: Characteristics of a Good Test Management System


8. Implement effective requirements versioning, baselining, and change management

The Product Development Challenge: Legacy requirements management systems frequently complicate version control, due to the prevalence of conflicting requirements documents that are manually managed, often owned by varied teams and then distributed cross-functionally. Likewise, they don’t provide the right infrastructure for effective change management, because of the difficulty involved in identifying the latest versions and applying any needed changes amid all of the different documentation in question. Changes might ultimately be made only at a late stage, and at great cost.

The Solution: A requirements management platform like Jama Connect can solve this product development challenge by allowing teams to align their releases to ensure they deliver a cohesive solution/product to their customers. With versioning, baselining, and change management of the requirements in place, teams are able to manage and reuse requirements throughout the development lifecycle. This allows development teams to improve reuse, reduce design inconsistencies, and reduce the discrepancies found during testing, verification, and validation.

Jama Connect offers full control over the requirements you are choosing to reuse. You can not only choose the set of requirements you want to reuse but also the version of those requirements as well. This allows you to take the best and most applicable version of your requirements forward to your next project.

Studies reveal that 60 to 80 percent of requirements, code, and tests are shared between projects. With Jama Connect, you can reuse your data for effective sequential or parallel product development which saves your development teams time and improves time-to-market.


RELATED: Defining and Implementing Requirements Baselines


9. Make it easier to coordinate remote engineering teams

The Product Development Challenge: Remote work is on the rise. Although it has many benefits in team flexibility and cost savings for the organization as a whole, it can complicate collaboration and result in additional operational silos as each remote engineer settles into their own workflow and preferred set of tools.

The Solution: Modern platforms that enable real-time, structured collaboration simulate the efficiency of engineering teams working together in a shared physical workspace. For example, engineers can be easily invited into Jama Connect conversations and reviews, notify each other with custom messages and supporting context, and be assured that they’re always working with the latest information.

Such a setup solves this product development challenge by reducing silos and keeping everyone aligned. Buffer’s State of Remote Work survey for 2020 found that communication and collaboration were among the most cited challenges with telecommuting. Teams that still operate in silos with legacy systems will not be equipped to meet the demands of the market going forward. In this era of rapidly accelerating change, structured and strategic team collaboration is one of the best ways to address the product development challenges and obstacles of the modern product development landscape.


RELATED: Strategies for Remote Engineering Teams


10. Build a more effective and efficient product development process

The Product Development Challenge: Product development is complex and, in most cases, will span multiple teams, solutions, and methodologies. Outdated legacy tools and a documents-based approach aren’t enough for this reality, as they aren’t purpose-built for complicated requirements management.

The often-quoted CHAOS Reports from The Standish Group indicate that three of the biggest contributors to projects that fail or are “challenged” are:

  • Lack of user input
  • Incomplete requirements and specifications
  • Changing requirements and specifications

The Solution: An evolutionary leap forward comes from modernizing requirements definitions as well as engineering and management processes—including minimizing the time your team members spend eliciting, analyzing, documenting, validating, and managing the requirements for their products.

Do you have product development challenges you need to solve?

Jama Connect is a solution for managing complex product requirements from idea through development, launch, and iteration. It brings people and data together in one place, providing visibility and actionable insights into the product development lifecycle. Our platform equips teams to track decisions and ensure the quality of the product they set out to build.

We’d love to speak with you and share how Jama Connect can help your teams find solutions to your unique product development challenges and overcome these 10 common ones. Connect with us today and get started with a better approach to managing requirements in product development.

To learn more about optimizing engineer team collaboration to streamline product development, download our eBook now!

DOWNLOAD NOW

 

https://www.jamasoftware.com/media/2020/07/2020-08-23_Top10ChallengesBlogPost_1024x512.jpg 512 1024 Jama Software /media/jama-logo-primary.svg Jama Software2020-07-23 03:00:432020-07-23 03:00:4310 Biggest Product Development Challenges Engineers Face… And How to Solve Them
Page 1 of 212

Subscribe

Get the Jama Software blog delivered to you!

Sign up

Follow Us

  • Facebook
  • LinkedIn
  • Twitter
  • Youtube

Category

  • Uncategorized
  • Jama Company and Community News
  • Innovation Trends
  • Best Practices
  • Breakthrough Insights
  • Collaboration & Alignment
  • Requirements Management
  • Product Development
  • Ecosystem
  • Test Management
  • Predictive Product Development
  • Risk Management
  • Traceability
  • Living Requirements

Industry

  • Telecom
  • Semiconductors
  • Medical Devices
  • Industrial Technologies
  • Financial Services and Insurance
  • Enterprise Software and Services
  • Enterprise IT
  • Critical Systems / Government
  • Consumer Electronics
  • Automotive
  • Aerospace and Defense
  • Enterprise Software and Services

LATEST POSTS

IEC 61508 Overview: The Complete Guide for Functional Safety in Industrial Manufacturing
IEC 61508 Overview: The Complete Guide for Functional Safety in Industrial Manufacturing
May 19, 2022
Property & Casualty Insurance Industry Future Hinges On People & Technology
Property & Casualty Insurance Industry Future Hinges On People & Technology
May 17, 2022
What Is “In Silico” and How Does it Benefit Medical Device Engineering?
What Is “In Silico” and How Does it Benefit Medical Device Engineering?
May 12, 2022

CONNECT WITH US

  • Facebook
  • LinkedIn
  • Twitter
  • Youtube

USA
135 SW Taylor Suite 200
Portland, Oregon, 97204

EUROPE
Kennemerplein 6-14; 2011
MJ Haarlem, Netherlands

© 2022 Jama Software

  • JAMA CONNECT
  • Product Overview
  • Pricing and Licensing
  • Success Programs
  • Trial
  • COMPANY
  • About Us
  • Careers
  • Customers
  • Press Room
  • Contact Us
  • RESOURCES
  • Resource Library
  • Events
  • Press Room
  • Blog
  • Success Programs
  • User Community
  • Support
  • Privacy Policy
  • Cookies
  • Privacy and Security
  • Legal
  • Preferences
Scroll to top