Hands-On: Integrated Process Framework - Standards & Compliance

Integrated Process Framework Architecture

Integrated Process Framework

  Outer shell: IATF 16949 Quality Management System
  ├── Quality Manual, procedures, CSR matrix, internal audit schedule
  │
  Middle layer: ASPICE Software Engineering Processes
  ├── SWE.1–SWE.6 (requirements → qualification test)
  ├── SUP.1 (QA), SUP.8 (CM), SUP.10 (CR management)
  └── MAN.3 (project management)
  │
  Safety overlay: ISO 26262 Functional Safety Lifecycle
  ├── HARA → Safety Goals → Safety Requirements → FMEA → Test → FSA
  └── Safety Plan runs as a parallel channel alongside SWE
  │
  Security overlay: ISO/SAE 21434 Cybersecurity Lifecycle
  ├── TARA → Security Goals → Security Requirements → Security Testing
  └── Co-engineering record bridges 21434 and 26262
  │
  Process Reference Model (PRM): single document mapping all processes
  to responsible roles, tools, and work products across all frameworks

Tool Integration Chain

Pythonci_compliance_pipeline.py

#!/usr/bin/env python3
# CI pipeline: enforce compliance gates on every code merge
# Jenkins / GitHub Actions equivalent

import subprocess, json, sys

def run_gate(name, command, fail_msg):
    result = subprocess.run(command, capture_output=True, text=True)
    if result.returncode != 0:
        print(f"GATE FAIL [{name}]: {fail_msg}")
        print(result.stdout[-500:])  # last 500 chars of output
        return False
    print(f"GATE PASS [{name}]")
    return True

gates = [
    # 1. Static analysis (MISRA C)
    ("MISRA-C", ["polyspace-bug-finder", "--misrac", "2012", "--src", "src/"],
     "MISRA C violations found — fix before merge"),

    # 2. Unit tests (TESSY)
    ("Unit-Tests", ["tessy", "--run", "--project", "EPS_UnitTests.tpj"],
     "Unit test failures — all tests must pass"),

    # 3. MC/DC coverage check (ASIL C requires 100%)
    ("MCDC-Coverage", ["tessy", "--check-coverage", "--mcdc-threshold", "100",
                        "--modules", "Torque_Limiter,Loop_Control"],
     "MC/DC coverage below 100% for ASIL C modules"),

    # 4. Traceability check (every requirement has test)
    ("Traceability", ["polarion_cli", "--check-traceability", "--report", "trace_report.html"],
     "Untested requirements found — add test cases in Polarion"),

    # 5. CR impact analysis required for safety-impacting changes
    ("CR-Safety-Approval", ["jira_check_cr_approval.py", "--branch", "${BRANCH}"],
     "Safety-impacting CR missing Safety Manager approval in JIRA"),
]

all_passed = all(run_gate(*g) for g in gates)
sys.exit(0 if all_passed else 1)

PDR Gate Review Checklist

Gate Item	Owner	Evidence Required	Status Check
HARA complete with ASIL assignments	Safety Manager	HARA Report with all hazards rated	No 'TBD' ASIL values remaining
SW Architecture reviewed by Safety Analyst	Safety Analyst	Architecture Review Minutes with issue list	All review issues closed or tracked
Compliance matrix created	Compliance Engineer	Matrix with all applicable clauses populated	Zero 'Unknown' status rows
ASPICE SUP.8 baseline established	CM Engineer	Baseline manifest with commit hashes for all repos	Baseline tagged in all repositories
TARA initiated	Cybersecurity Engineer	TARA kickoff record; threat catalogue version	At least Clause 15.3 scope statement complete
Gate owner signature	Project Manager	Compliance Record with gate holder sign-off	All items above complete or have approved exception

Continuous Compliance Monitoring Dashboard

KPI	Data Source	Update Frequency	Red Threshold
Compliance matrix completion %	Polarion work products	Weekly	< 90% with < 4 weeks to gate
Safety issue burn-down	JIRA safety issue filter	Daily	Open Major findings > 0 at gate
ASPICE practice coverage heatmap	Assessment tool or manual	Per sprint	Any SWE process < L2
Static analysis violation trend	CI pipeline metrics	Per build	New violations introduced in last 2 builds
Test coverage MC/DC	TESSY coverage report	Per build	< 100% for any ASIL C/D module
Evidence link health	Compliance matrix URL checker	Weekly	Any broken links

Summary

An integrated process framework succeeds when all four layers (IATF 16949, ASPICE, ISO 26262, ISO/SAE 21434) are connected in a single Process Reference Model that engineers actually use. The CI pipeline is the enforcement mechanism — automated gates on every merge prevent quality debt accumulation. The compliance dashboard makes the project's compliance posture visible to all stakeholders weekly, enabling early escalation of red KPIs rather than discovering gaps in pre-assessment review.

🔬 Deep Dive — Core Concepts Expanded

This section builds on the foundational concepts covered above with additional technical depth, edge cases, and configuration nuances that separate competent engineers from experts. When working on production ECU projects, the details covered here are the ones most commonly responsible for integration delays and late-phase defects.

Key principles to reinforce:

Configuration over coding: In AUTOSAR and automotive middleware environments, correctness is largely determined by ARXML configuration, not application code. A correctly implemented algorithm can produce wrong results due to a single misconfigured parameter.
Traceability as a first-class concern: Every configuration decision should be traceable to a requirement, safety goal, or architecture decision. Undocumented configuration choices are a common source of regression defects when ECUs are updated.
Cross-module dependencies: In tightly integrated automotive software stacks, changing one module's configuration often requires corresponding updates in dependent modules. Always perform a dependency impact analysis before submitting configuration changes.

🏭 How This Topic Appears in Production Projects

Project integration phase: The concepts covered in this lesson are most commonly encountered during ECU integration testing — when multiple software components from different teams are combined for the first time. Issues that were invisible in unit tests frequently surface at this stage.
Supplier/OEM interface: This is a topic that frequently appears in technical discussions between Tier-1 ECU suppliers and OEM system integrators. Engineers who can speak fluently about these details earn credibility and are often brought into critical design review meetings.
Automotive tool ecosystem: Vector CANoe/CANalyzer, dSPACE tools, and ETAS INCA are the standard tools used to validate and measure the correct behaviour of the systems described in this lesson. Familiarity with these tools alongside the conceptual knowledge dramatically accelerates debugging in real projects.

⚠️ Common Mistakes and How to Avoid Them

Assuming default configuration is correct: Automotive software tools ship with default configurations that are designed to compile and link, not to meet project-specific requirements. Every configuration parameter needs to be consciously set. 'It compiled' is not the same as 'it is correctly configured'.
Skipping documentation of configuration rationale: In a 3-year ECU project with team turnover, undocumented configuration choices become tribal knowledge that disappears when engineers leave. Document why a parameter is set to a specific value, not just what it is set to.
Testing only the happy path: Automotive ECUs must behave correctly under fault conditions, voltage variations, and communication errors. Always test the error handling paths as rigorously as the nominal operation. Many production escapes originate in untested error branches.
Version mismatches between teams: In a multi-team project, the BSW team, SWC team, and system integration team may use different versions of the same ARXML file. Version management of all ARXML files in a shared repository is mandatory, not optional.

📊 Industry Note

Engineers who master both the theoretical concepts and the practical toolchain skills covered in this course are among the most sought-after professionals in the automotive software industry. The combination of AUTOSAR standards knowledge, safety engineering understanding, and hands-on configuration experience commands premium salaries at OEMs and Tier-1 suppliers globally.