Enhancing Coordination, Traceability and Compliance Checking in Systems Development

Abstract

Context : Delivering safety critical software solutions that are dependable, and of high quality has been shown to depend heavily on ensuring standards compliance in system development. Ensuring adherence to safety standards such as ISO 26262 demands precise documentation and traceability of all work products and roles responsible throughout the entire design and development phase. The manual verification of compliance against numerous requirements, including the scrutiny of work products within process entities, presents significant challenges, such as labor intensity and susceptibility to errors. This context emphasizes the critical need for tools that can maintain detailed documentation of design choices, safety analyses, verification and validation results, and changes over the product life cycle, ensuring that all work products are traceable to requirements and justified as part of a safety case. Objective : This study aims to address these challenges by introducing an approach that integrates the coordination capabilities of the BOMI Model with the traceability and compliance checking functionalities of TReqs, focusing on the identification and exploitation of the appropriate boundary objects(work products), roles(responsible parties) required by a particular standard to achieve compliance. The objective is to automate the compliance checking process, thereby reducing the burden on process engineers and improving the accuracy of compliance verification. Method : To tackle the inefficiencies of manual compliance checking, we introduce an enhanced version of TReqs, a traceability tool, and Boundary Objects between Methodological Islands(BOMI), a modeling approach designed to enhance coordination in large scale agile system development. These tools are pivotal in addressing the requirement for traceability as stipulated by ISO 26262, ensuring that all work products are accounted for and verifiable throughout the development lifecycle. The study employs a design science research approach, iterating through the development and evaluation of tool enhancements through workshops, surveys, focus groups, interviews, and literature reviews. Results : This study successfully developed an enhanced version of the TReqs tool, incorporating automated compliance check capabilities. This enhancement significantly reduces the manual effort required for compliance verification, thus addressing one of the primary challenges identified in the initial problem statement. The automated compliance check functionality was designed to interpret and evaluate the compliance of work products against the requirements of ISO 26262, ensuring that all aspects of the system under development adhere to the standard’s specifications. This study also implemented the BOMI model within T-Reqs to improve coordination within the system development process. By defining clear boundary objects, roles, and methodological islands (teams), the BOMI model facilitated a more struciv tured and efficient approach to managing the complex relationships between different stakeholders and shared artifacts involved in the development process. This dual focus on compliance check automation and coordination addresses key challenges faced by large scale agile system development teams, enabling them to deliver highquality, compliant systems more efficiently and effectively. Conclusion : The findings of this study highlight the critical role of automation and improved coordination in addressing the challenges associated with ensuring compliance to safety standards like ISO 26262 in system development. The introduction of automated compliance check capabilities in the TReqs tool, along with the implementation of the BOMI model for enhanced coordination, represents significant advancements in the field of safety-critical software development. These developments not only reduce the labor-intensive and error-prone aspects of manual compliance verification but also improve the overall efficiency and reliability of the development process. By automating compliance checks and streamlining coordination efforts, the study demonstrates the potential for substantial improvements in the delivery of dependable, high-quality safety-critical software solutions. Looking forward, the next steps in this research direction could involve further refining the automated compliance check algorithms to accommodate more nuanced interpretations of ISO 26262 requirements. Additionally, exploring the integration of these tools and processes with other safety standards could broaden their applicability and impact across different industries and domains. As the demand for safety-critical software continues to grow, the lessons learned from this study will undoubtedly play a crucial role in shaping the future of system development practices.