Reduce Time Performing an Assessment - Considering Work Products

Christian Schlager, Georg Macher*, Richard Messnarz, Damjan Ekert, Eugen Brenner

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


ASPICE has been introduced to develop embedded systems at automotive suppliers to assess the capability of processes. ASPICE covers processes for software, system, quality assurance, configuration management, problem resolution, change management, project management and supplier monitoring in VDA (Verband der Automobilindustrie) scope. It defines a scheme for determining the capability of the process based on the underlying PAM. HW Spice is also taken into consideration because it is also necessary for Cybersecurity but not mechanical Spice. Based on ASPICE, VDA defines processes for Cybersecurity Engineering, Cybersecurity Risk Management and Supplier Request and Selection. This means additional effort for the assessors and also the engineering team when the ASPICE assessment is extended by processes of Cybersecurity to satisfy the requirements of standard ISO/SAE 21434. VDA also defines Rules and Recommendations for rating practices according the NPLF scheme of ASPICE for processes defined in VDA Scope and for Cybersecurity. This paper investigates how to implement the proposals for reducing time performing an assessment in a well-established tool.

Original languageEnglish
Title of host publicationSystems, Software and Services Process Improvement
Subtitle of host publication29th European Conference, EuroSPI 2022, Proceedings
EditorsMurat Yilmaz, Paul Clarke, Richard Messnarz, Bruno Wöran
Place of PublicationCham
PublisherSpringer Science and Business Media Deutschland GmbH
Number of pages13
ISBN (Print)9783031155581
Publication statusPublished - 2022
Event29th European Systems, Software and Services Process Improvement: EuroSPI 202 - Salzburg, Austria
Duration: 31 Aug 20222 Sep 2022

Publication series

NameCommunications in Computer and Information Science
Volume1646 CCIS
ISSN (Print)1865-0929
ISSN (Electronic)1865-0937


Conference29th European Systems, Software and Services Process Improvement
Abbreviated titleEuroSPI 202


  • Assessment
  • Cybersecurity
  • Dependency
  • Rating

ASJC Scopus subject areas

  • Computer Science(all)
  • Mathematics(all)


Dive into the research topics of 'Reduce Time Performing an Assessment - Considering Work Products'. Together they form a unique fingerprint.

Cite this