Reduce Time Performing an Assessment - Considering Work Products

Christian Schlager; Georg Macher; Richard Messnarz; Damjan Ekert; Eugen Brenner

doi:10.1007/978-3-031-15559-8_39

Reduce Time Performing an Assessment - Considering Work Products

Christian Schlager, Georg Macher^*, Richard Messnarz, Damjan Ekert, Eugen Brenner

^*Corresponding author for this work

Institute of Technical Informatics (4480)

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Abstract

ASPICE has been introduced to develop embedded systems at automotive suppliers to assess the capability of processes. ASPICE covers processes for software, system, quality assurance, configuration management, problem resolution, change management, project management and supplier monitoring in VDA (Verband der Automobilindustrie) scope. It defines a scheme for determining the capability of the process based on the underlying PAM. HW Spice is also taken into consideration because it is also necessary for Cybersecurity but not mechanical Spice. Based on ASPICE, VDA defines processes for Cybersecurity Engineering, Cybersecurity Risk Management and Supplier Request and Selection. This means additional effort for the assessors and also the engineering team when the ASPICE assessment is extended by processes of Cybersecurity to satisfy the requirements of standard ISO/SAE 21434. VDA also defines Rules and Recommendations for rating practices according the NPLF scheme of ASPICE for processes defined in VDA Scope and for Cybersecurity. This paper investigates how to implement the proposals for reducing time performing an assessment in a well-established tool.

Original language	English
Title of host publication	Systems, Software and Services Process Improvement
Subtitle of host publication	29th European Conference, EuroSPI 2022, Proceedings
Editors	Murat Yilmaz, Paul Clarke, Richard Messnarz, Bruno Wöran
Place of Publication	Cham
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	540-552
Number of pages	13
ISBN (Print)	9783031155581
DOIs	https://doi.org/10.1007/978-3-031-15559-8_39
Publication status	Published - 2022
Event	29th European Systems, Software and Services Process Improvement: EuroSPI 202 - Salzburg, Austria Duration: 31 Aug 2022 → 2 Sep 2022

Publication series

Name	Communications in Computer and Information Science
Volume	1646 CCIS
ISSN (Print)	1865-0929
ISSN (Electronic)	1865-0937

Conference

Conference	29th European Systems, Software and Services Process Improvement
Abbreviated title	EuroSPI 202
Country/Territory	Austria
City	Salzburg
Period	31/08/22 → 2/09/22

Keywords

ASPICE
Assessment
Cybersecurity
Dependency
Rating

ASJC Scopus subject areas

Computer Science(all)
Mathematics(all)

Access to Document

10.1007/978-3-031-15559-8_39

Cite this

Schlager, C., Macher, G., Messnarz, R., Ekert, D., & Brenner, E. (2022). Reduce Time Performing an Assessment - Considering Work Products. In M. Yilmaz, P. Clarke, R. Messnarz, & B. Wöran (Eds.), Systems, Software and Services Process Improvement : 29th European Conference, EuroSPI 2022, Proceedings (pp. 540-552). (Communications in Computer and Information Science; Vol. 1646 CCIS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-15559-8_39

Reduce Time Performing an Assessment - Considering Work Products. / Schlager, Christian; Macher, Georg; Messnarz, Richard et al.

Systems, Software and Services Process Improvement : 29th European Conference, EuroSPI 2022, Proceedings. ed. / Murat Yilmaz; Paul Clarke; Richard Messnarz; Bruno Wöran. Cham : Springer Science and Business Media Deutschland GmbH, 2022. p. 540-552 (Communications in Computer and Information Science; Vol. 1646 CCIS).

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Schlager, C, Macher, G, Messnarz, R, Ekert, D & Brenner, E 2022, Reduce Time Performing an Assessment - Considering Work Products. in M Yilmaz, P Clarke, R Messnarz & B Wöran (eds), Systems, Software and Services Process Improvement : 29th European Conference, EuroSPI 2022, Proceedings. Communications in Computer and Information Science, vol. 1646 CCIS, Springer Science and Business Media Deutschland GmbH, Cham, pp. 540-552, 29th European Systems, Software and Services Process Improvement, Salzburg, Austria, 31/08/22. https://doi.org/10.1007/978-3-031-15559-8_39

Schlager C, Macher G, Messnarz R, Ekert D, Brenner E. Reduce Time Performing an Assessment - Considering Work Products. In Yilmaz M, Clarke P, Messnarz R, Wöran B, editors, Systems, Software and Services Process Improvement : 29th European Conference, EuroSPI 2022, Proceedings. Cham: Springer Science and Business Media Deutschland GmbH. 2022. p. 540-552. (Communications in Computer and Information Science). doi: 10.1007/978-3-031-15559-8_39

Schlager, Christian ; Macher, Georg ; Messnarz, Richard et al. / Reduce Time Performing an Assessment - Considering Work Products. Systems, Software and Services Process Improvement : 29th European Conference, EuroSPI 2022, Proceedings. editor / Murat Yilmaz ; Paul Clarke ; Richard Messnarz ; Bruno Wöran. Cham : Springer Science and Business Media Deutschland GmbH, 2022. pp. 540-552 (Communications in Computer and Information Science).

@inproceedings{09c616276ce34285968ff80524283da7,

title = "Reduce Time Performing an Assessment - Considering Work Products",

abstract = "ASPICE has been introduced to develop embedded systems at automotive suppliers to assess the capability of processes. ASPICE covers processes for software, system, quality assurance, configuration management, problem resolution, change management, project management and supplier monitoring in VDA (Verband der Automobilindustrie) scope. It defines a scheme for determining the capability of the process based on the underlying PAM. HW Spice is also taken into consideration because it is also necessary for Cybersecurity but not mechanical Spice. Based on ASPICE, VDA defines processes for Cybersecurity Engineering, Cybersecurity Risk Management and Supplier Request and Selection. This means additional effort for the assessors and also the engineering team when the ASPICE assessment is extended by processes of Cybersecurity to satisfy the requirements of standard ISO/SAE 21434. VDA also defines Rules and Recommendations for rating practices according the NPLF scheme of ASPICE for processes defined in VDA Scope and for Cybersecurity. This paper investigates how to implement the proposals for reducing time performing an assessment in a well-established tool.",

keywords = "ASPICE, Assessment, Cybersecurity, Dependency, Rating",

author = "Christian Schlager and Georg Macher and Richard Messnarz and Damjan Ekert and Eugen Brenner",

note = "Publisher Copyright: {\textcopyright} 2022, Springer Nature Switzerland AG.; 29th European Systems, Software and Services Process Improvement : EuroSPI 202, EuroSPI 202 ; Conference date: 31-08-2022 Through 02-09-2022",

year = "2022",

doi = "10.1007/978-3-031-15559-8_39",

language = "English",

isbn = "9783031155581",

series = "Communications in Computer and Information Science",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "540--552",

editor = "Murat Yilmaz and Paul Clarke and Richard Messnarz and Bruno W{\"o}ran",

booktitle = "Systems, Software and Services Process Improvement",

address = "Germany",

}

TY - GEN

T1 - Reduce Time Performing an Assessment - Considering Work Products

AU - Schlager, Christian

AU - Macher, Georg

AU - Messnarz, Richard

AU - Ekert, Damjan

AU - Brenner, Eugen

PY - 2022

Y1 - 2022

N2 - ASPICE has been introduced to develop embedded systems at automotive suppliers to assess the capability of processes. ASPICE covers processes for software, system, quality assurance, configuration management, problem resolution, change management, project management and supplier monitoring in VDA (Verband der Automobilindustrie) scope. It defines a scheme for determining the capability of the process based on the underlying PAM. HW Spice is also taken into consideration because it is also necessary for Cybersecurity but not mechanical Spice. Based on ASPICE, VDA defines processes for Cybersecurity Engineering, Cybersecurity Risk Management and Supplier Request and Selection. This means additional effort for the assessors and also the engineering team when the ASPICE assessment is extended by processes of Cybersecurity to satisfy the requirements of standard ISO/SAE 21434. VDA also defines Rules and Recommendations for rating practices according the NPLF scheme of ASPICE for processes defined in VDA Scope and for Cybersecurity. This paper investigates how to implement the proposals for reducing time performing an assessment in a well-established tool.

AB - ASPICE has been introduced to develop embedded systems at automotive suppliers to assess the capability of processes. ASPICE covers processes for software, system, quality assurance, configuration management, problem resolution, change management, project management and supplier monitoring in VDA (Verband der Automobilindustrie) scope. It defines a scheme for determining the capability of the process based on the underlying PAM. HW Spice is also taken into consideration because it is also necessary for Cybersecurity but not mechanical Spice. Based on ASPICE, VDA defines processes for Cybersecurity Engineering, Cybersecurity Risk Management and Supplier Request and Selection. This means additional effort for the assessors and also the engineering team when the ASPICE assessment is extended by processes of Cybersecurity to satisfy the requirements of standard ISO/SAE 21434. VDA also defines Rules and Recommendations for rating practices according the NPLF scheme of ASPICE for processes defined in VDA Scope and for Cybersecurity. This paper investigates how to implement the proposals for reducing time performing an assessment in a well-established tool.

KW - ASPICE

KW - Assessment

KW - Cybersecurity

KW - Dependency

KW - Rating

UR - http://www.scopus.com/inward/record.url?scp=85138007179&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-15559-8_39

DO - 10.1007/978-3-031-15559-8_39

M3 - Conference paper

AN - SCOPUS:85138007179

SN - 9783031155581

T3 - Communications in Computer and Information Science

SP - 540

EP - 552

BT - Systems, Software and Services Process Improvement

A2 - Yilmaz, Murat

A2 - Clarke, Paul

A2 - Messnarz, Richard

A2 - Wöran, Bruno

PB - Springer Science and Business Media Deutschland GmbH

CY - Cham

T2 - 29th European Systems, Software and Services Process Improvement

Y2 - 31 August 2022 through 2 September 2022

ER -

Reduce Time Performing an Assessment - Considering Work Products

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this