Abstract
Keywords: Maturity Model, Automotive SPICE, Safety, ISO CD 26262, Process Model
The amount of software in an automobile is increasing rapidly. Software can be found in infotainment systems, navigation systems, but also in safety critical systems, like breaking or powertrain systems. The complexity of such combined software/hardware systems is very high. It poses a great challenge to maintain a high product quality especially if a chain of different suppliers is involved.
In order to achieve a high quality during the development of these systems the OEMs expect that their suppliers or to be more precise their development processes have reached a certain requested level of maturity and can prove it through appropriate assessments or appraisals. Currently there are two assessment models which are being used in the automotive industry for this purpose: CMMI® V1.2 (Capability Maturity Model Integration) and Automotive SPICE(TM) V. 2.3 (Software Process Improvement and Capability Determination). Both models examine the engineering processes, as well as appropriate organizational and supporting processes like project management or quality assurance. However, both models neglect the safety aspects while assessing the maturity of the development processes. So far safety is not within the focus of these maturity models.
In this paper we present work done to combine the safety aspect with the Automotive SPICE maturity model. We show a mapping between Automotive SPICE V2.3 and the ISO CD 26262 working draft for functional safety. This mapping allows the OEM to appraise the quality of the supplier's development processes, as well as the safety measures anchored in the processes and conducted during the project. The mapping differentiates between the different safety integrity levels (SIL). Depending on the required SIL the necessary actions and methods are highlighted and taken into account during the assessment. The base practices of Automotive SPICE are augmented by these safety measures. Thus, using this mapping an assessment will yield results with respect to the process maturity and safety. Instead of two assessments, one for the process maturity, one for the safety, now one assessment will suffice. Based on the mapping an augmented process model and an integrated assessment tool set were developed to support the combined assessment. In this presentation we concentrate on the mapping.
This work was elaborated by the working group Safety of the SOQRATES initiative (www.soqrates.de) in a more than two years effort. The results of all the work (except the proprietary assessment tools) will be made public to all automotive suppliers by the end of 2008. SOQRATES is an initiative where more than 20 leading firms collaborate in cross company task forces. I have to thank all SOQRATES members for their contributions.