GB 2025-01-29

Many thanks to @AD for this "Primer"

Introduction

Software-defined products are transforming industries by enabling the development of agile, programmable systems that address dynamic operational needs and evolving mission demands over time.

As an example in the automotive industry , in the near future 60% of the car value will be provided by the software. This industry is facing major changes in the way they are making B to C business; The car is turning into a 'smartphone on wheels'.

As software becomes the primary value driver, the focus shifts toward optimizing governance strategies that harmonize the different development cycles of software and hardware.

Cyber-System Referential

In all the industries, a software defined product development needs to be supported by solution that enables a digital continuity accross the full development lifecycle process.

The following picture describe the multi-level / multi-discipline referential of CATIA cyber systems from requirements to physical design.

It describes the needs for virtual twin definition from the highest level of abstraction (Requirements Elicitation) to the more concrete detailed view (Physical Design).

Requirements elicitation is the virtual twin of the system describing the expected results using natural language.
Systems of Systems Functional architecture is the virtual twin of the behavior of the system. This enables to describes the expected behavior of the system and to organize it into an holistic logical structure.
Systems Logical Architecture : Systems Logical architecture is the description of the virtual twin using specific discipline vocabulary and representation (Electronic, Software, Electrical, Fluids, 3D Logical for the zone management).
Physical design : this is the closest virtual twin to the real word. for hardware part this is represented by the 3D design and for the Software part, the physical design is the software itself.

The definition of the virtual twin is done using a large number of stakeholder on a project and so it needs to be supported by management process and tools which is represented by the top part of this referential : Portfolio, Lifecycle, Configuration,change Management, Program

The quality of deliveries needs to be assessed by some advanced engineering practices :

Multi-Physics Multi-Scale Simulation : this enable to experience the virtual twin in order to assess in a virtual world the product under development at each step of the development.
Safety & cybersecurity : Conduct safety and security assessment to prevent hazards and threats from occurring. It ensures the design, the implementation and the operation of safe and secure systems
Traceability : this is expected to record the development decision and validation in order to ensure the compliancy of the product under development with the needs.

In order to support our customer we propose a portfolio associated to each part of our referential in two main stream : Modeling and Simulation.

System and Software Process

In the automotive industry, the increasing complexity of systems and the demand for safe, high-quality, and reliable products require standardized processes and best practices. ASPICE (Automotive SPICE) addresses these challenges by providing a standardized framework to assess and improve software and systems development processes. It ensures compliance with industry safety requirements like ISO 26262 , enhances traceability, and fosters collaboration between manufacturers and suppliers.

Major OEMs such as Audi, BMW, Daimler, and Ford or Suppliers like Bosch, Continental, Windriver, NVIDIA are assessing their electronic and software suppliers based on the ASPICE assessment rating [Ref1]

Here is some examples of job profiles (from Linkedin and Corporate Job Offers websites, on January 2025) mentioning ASPICE in their description.

To illustrate the process and position 3DS solutions we will rely on ASPICE framework [ref2] presented as a V-cycle from System to Software development process.

The following figure represents a dynamic view of the process for the left side of the V-cycle from system to software design.

In this v-cycle, we can split the processes into sub activities :

System Engineering

Requirements Based Engineering (RBE)

From 1998 to 2020, requirements engineering and management is a new descipline that started to be developped to improve project quality by sharing requirements among project stakeholders.
Requirements are authored with natural language and so it is easy to deploy and understand for everyone.
However, for large complex project, the number of requirements is high and some difficulties appears :
Correctness : Natural language can bring misunderstanding
Consistency : it is difficult to check manually the consistency between requirements
Completness : Checking the completness of requirement is manual.
With natural language requirements for large and complex project, there could be a large number of requirements ( 1 million for an automotive project). Some of our customer estimates that 30% of their project requirements are useless. That lead to new methodology in defining and writing requirements.

Model Based Systems Engineering (MBSE) :

From 2015 to 2023, requirements are identified and authored in context of a model. The goal is to reduce development cost by reducing the total number of requirements.
It improves the Completness and Consistency of the requirements :
Consistency : Requirements in context of models enable to avoid unconsistency between requirements.
Completness : The model enables to identify with graphical analysis and simulations forgotten requirements.
At Dassault Systèmes we propose a methodology that is aligned with ASPICE SYS.2 and SYS.3 for Model Based Systems Engineering. This methodology is called MagicGrid and is based on a standard language System Modeling Language (SysML )[Ref3]
Note : From 2025 and beyond, for some part of the system specification, requirements could be the model and there will no more be requirements authoring in natural language.
The goal is to improve productivity and decrease errors with a ModSIM approach & enablement of generative design.

Software Engineering

Model Based Software Engineering (MBSW)

Model-Based Software Engineering (MBSW) uses the Unified Modeling Language (UML) [Ref4] to design and analyze software systems. UML provides standardized diagrams, such as class, sequence, and state machine diagrams, to model a system's structure and behavior. These visual representations enhance communication, clarify requirements, and enable early issue detection. UML also supports automation, like code and test generation, making it a key tool in MBSE.

Management and Specialty Engineering

Cybersecurity

ASPICE 4.0 does not explicitly cover cybersecurity in detail but Automotive SPICE® for Cybersecurity Process Reference and Assessment Model [Ref 5] extends the standard Automotive SPICE framework to incorporate cybersecurity aspects into automotive system development processes. This document is aligned with ISO/SAE 21434 the international standard for automotive cybersecurity engineering with new Processes Introduced:
ACQ.2 Supplier Request and Selection: Ensures cybersecurity considerations are integrated during supplier selection and procurement. Award a supplier for a contract/agreement based on relevant criteria.
MAN.7 Cybersecurity Risk Management: Focuses on identifying, assessing, and mitigating cybersecurity risks within projects. Identify, prioritize, and analyze risks of damage to relevant stakeholders as well as monitor and control respective risk treatment options continuously.
SEC.1 Cybersecurity Requirements Elicitation: Involves gathering and defining cybersecurity requirements based on threat analysis and risk assessment. Derive cybersecurity goals and requirements from the outcomes of risk management, and ensure consistency between the risk assessment, cybersecurity goals and cybersecurity requirements
SEC.2 Cybersecurity Implementation: Addresses the realization of cybersecurity measures in system and software development. Allocate the cybersecurity requirements to the elements of the system and software and ensure they are implemented.
SEC.3 Risk Treatment Verification: Ensures implemented cybersecurity measures are verified against specified requirements. Confirm that the implementation of the design and integration of the components comply with the cybersecurity requirements, the refined architectural design and detailed design.
SEC.4 Risk Treatment Validation: Validates that the integrated cybersecurity measures effectively mitigate identified risks in the operational environment. Confirm that the integrated system achieves the associated cybersecurity goals.

Governance

To support the development, in addition of those engineering activities, ASPICE 4.0 rely on management and support process which play a critical role in ensuring the successful execution of engineering activities. The one that could be highlighted in this document are the following :
MAN.3 Project Management : The purpose is to identify and control the activities, and establish resources necessary for a project to develop a product, in the context of the project’s requirements and constraints.
SUP8. Configuration Management : The purpose of the Configuration Management Process is to establish and maintain the integrity of relevant configuration items and baselines, and make them available to affected parties.
SUP.10 Change request Management : The purpose of the Change Request Management Process is to ensure that change requests are recorded, analyzed, tracked, approved, and implemented

3DEXPERIENCE Platform Value proposal for system and software process

The following figures present how our portfolio that can be mapped in front of the ASPICE 4.0 processes.

Systems and software design with CATIA Magic as a central solution for architecture design and analysis

CATIA Magic is a powerful portfolio of modeling tools that supports Model-Based Systems Engineering (MBSE). It provides comprehensive UML (Unified Modeling Language) and SysML (Systems Modeling Language) capabilities, enabling clear visualization, analysis, and communication of complex system designs. Cameo integrates seamlessly with frameworks like UPDM and UAF , ensuring compliance with industry standards for enterprise architecture.

The portfolio is evolving from generic systems analysis and architecture capacities (Magic Cyber Systems engineer Magic Software Architect ) to an extension with specific disciplines for architecture analisys and design (Magic Systems Cybersecurity Engineer , Magic Systems EE&S Architect

Magic Systems EE&S Architect	Magic Systems Cybersecurity Engineer

A governance framework

The 3DEXPERIENCE Platform value lies in the Governance of those data (management and support activities as described in ASPICE 4.0).

At Dassault Systèmes, we defined a governance framework. structured in 4 pillars :

Multidisciplinary Model Lifecycle Management

This is the first pillar of the governance; managing the lifecycle and the status of the dataset.
Effective lifecycle management ensures consistent configurations, version control, and integration across domains. It helps avoid silos and promotes collaboration among teams working on different parts of a system.
One of the main challenge for this pillar is to consider the various way of managing the data depending on disciplines (Hardware design, Software Design, System Design) that needs to be shared and aligned.
Note : This is the purpose of the SUP.8 Configuration Management process of ASPICE which is to establish and maintain the integrity of relevant configuration items and baselines, and make them available to affected parties.

Cross Models Traceability and Data Analytics

Traceability ensures transparency and accountability in system development. It connects requirements to implementations and tests, enabling teams to perform impact analyses efficiently. Integrating data analytics boosts decision-making by identifying trends and gaps.
Note : traceability is an important topic that appears as a BP in many Process Groups

Continuous Integration and Simulation

Establishes continuous integration solution within system architecture, manages executable models, and utilizes cloud-based simulation for real-time validation. Continuous integration and simulation are critical for agile development. This pillar ensures that system behavior is validated iteratively, reducing errors early in the lifecycle and enhancing adaptability to changes.
This pillar is directly link to the validation and verification processes of ASPICE.

Program and Project Planning

Addresses essential project management elements, including task planning, risk management, issue management, and aligning project elements with disciplinary models. This pillar is drectly linked to Management and support process group. with configuration, risk and change management in addition of our proposal for project management.