How to achieve FuSa and Cybersec process and product compliance in a systematic and simple way?

1. Introduction

Safety-related and safety-critical electronic products have to be developed according to industry specific functional safety and cybersecurity standards. For the automotive industry, these standards are ISO 26262 and ISO 21434.

All functional safety and cybersecurity standards set requirements for

• the product development process and
• work products which prove that the product is reliable and no safety or cybersecurity goals can be violated during intended product use or foreseeable product misuse.

The number of requirements set by these standards is quite substantial. Not only is it difficult to keep them all in mind, it is also possible to interpret them in different ways. It is even more difficult to execute a product development project in a manner that is both fully standards-compliant AND efficient.

That is why

• AutoFusa Consultancy Services Pvt Limited from Bengaluru, India, and
• automated conformance GmbH from Nuremberg, Germany,

have agreed to collaborate so as to provide their customers with a comprehensive offering of training, consultancy and hands-on engineering services which help achieve process and product compliance to the relevant functional safety and cybersecurity standards. The two companies have each developed a particular software tool:

• the AutoPro tool, by AutoFuSa, for process compliance, and
• the autoConform® Software by automated conformance, for product compliance.

Section 2 describes how the AutoPro tool enables efficient process compliance. Analogously, Section 3 describes how the autoConform® Software enables efficient product compliance. Finally, Section 4 summarizes the advantages and customer benefits of the way product development is done with the help of these two software tools.

2. Process Compliance with the help of the AutoPro Tool

AutoPro represent the V-model-based process flow of product development according to ISO 26262. Fig. 1 shows this process flow for the „Concept Phase“ of ISO2626-3. Once the output documents (FSC and FSC verification report) are baselined, they are uploaded into the AutoPro tool‘s output section. In the tool, these output documents automatically appear wherever they are used as inputs. The status of each document is indicated by the respective color representation.

Fig. 1: ISO 26262 Concept Phase process and work products in the AutoPro tool.
© AutoFusa Consulting Services Pvt Limited

The AutoPro tool is server-based and installed at the customer’s site. The tool provides the possibility to connect external stakeholders through web interfaces with fully configurable access rights, compliant with ISO 27001:2022. This helps the product owner to manage other stakeholders effectively, as shown in Fig. 2.

Fig. 2: Connecting various stakeholders to the AutoPro tool.
© AutoFusa Consulting Services Pvt Limited

3. Work product Content Creation with the help of the autoConform® Software

The autoConform® Software enables the semi-automated creation of the content of all work products on the left side of the V-model plus the test case specifications on the right side of the V. The number of work products needed depends on the number of architectural levels of the product to be developed. Fig. 3 shows the V-model for a product with two system levels (referred to in the figure as „Product or System Level“ and „Subsystem Level“), one hardware level, and one software level.

Fig. 3: V-model for a product with 4 architectural levels, plus the product’s parent level.
© automated conformance GmbH

On the left side of the V,

• an architectural design specification (in the form of a Specification Document and an Interface Document),
• an architectural model,
• safety analyses (i.e., HARA at the top level; FTA, DFMEA and DFA at all other levels; FMEDA at E/E hardware level) and
• technical requirements

are needed at every architectural level. Fig. 4 lists all of these work products for a product with 4 architectural levels. As can be seen in the figure, the full set of work products comprises 48 documents. However, Fig. 4 also states that just 10 different document types suffice as templates for all of these work products. With the help of the autoConform® Software, the content of the work products is created „top-down“ semi-automatically, which is several times faster than doing it manually.

Fig. 4: Work products on the left side of the V-model for a product with 4 architectural levels.
© automated conformance GmbH

4. Advantages and Benefits

How do the AutoPro tool and the autoConform® Software allow their customers to achieve FuSa and Cybersec process and product compliance in a systematic and simple way?

The AutoPro tool provides an integrated process and documentation environment. The main benefits of the tool are that

• it guides the team through the workflow defined by the product architecture and the FuSa standard,
• it provides an up-to-date status of process compliance during project execution, and
• it reduces assessment and audit effort and duration.

The autoConform® Software allows for a semi-automated creation of the content all technical work products of the V-model, including bi-directional traceability between the work products. Detailed design specifications and test reports are not covered by the autoConform® Software. These work products are typically created with the help of CAD and testing tools.

Creating work products with the help of the autoConform® Software serves two purposes:

• quality: making the work products and the process of creating them compliant with the industry-specifc standard on functional safety (e.g. ISO 26262), and
• time: minimizing the time and effort it takes to create, review and finalize all work products.

Feature (i) minimizes product-related risks, whilst feature (ii) minimizes product development costs and time-to-market.