What Does ASPICE 4.0 Mean?

What Does ASPICE 4.0 Mean?

LHP is a technology integrator and turnkey systems and software developer for applications in many industries, including aerospace, medical, and of course, automotive. We have always been a proponent of the Automotive Software Process Capability dEtermination (ASPICE) framework. ASPICE compliance has been a mainstay of the LHP Functional Safety Ecosystem for the better part of a decade. The ASPICE standard and framework have recently undergone a revision change – the first in six years – in response to evolutionary developments in automotive systems and software. What does the ASPICE 4.0 update mean to you?

LHP has always viewed ASPICE as an invaluable tool to improve the quality of workflows when developing systems for automotive applications. The standard uses process modeling to establish goals for every aspect of the system development workflow. Based on this process model, the entire system development lifecycle is expressed as multiple groupings of processes, with requirements for each aspect of the lifecycle. These process groups are then assessed against capability levels and process dimensions established in the standard and set forth in the framework. Assessing an organization’s processes in relation to the standard can reveal opportunities for process and quality improvements, risk mitigation, and increased competitiveness in the market.

The ASPICE 4.0 release, with its new rules and structure, increases the power of the standard by addressing hardware aspects and attempting to guide the development of the future: machine learning. This expansion aligns ASPICE with other standards being used in the industry for functional safety and cybersecurity. Let's examine what the ASPICE 4.0 update means, and why your organization should explore certification to this new standard.

Contents

• The biggest changes in the update from ASPICE 3.1 to 4.0
• How important is the ASPICE 4.0 update for automotive OEMs and suppliers?
• The intersection of process efficiency and industry standards in ASPICE 4.0
• Summary

The biggest changes in the update from ASPICE 3.1 to 4.0

ASPICE was created, much like other software quality systems, to aid engineers and developers in managing the increasingly complex world of embedded controls and software. ASPICE 4.0 represents a continuation of that effort, with clarification of requirements and streamlining among its goals.

The change between ASPICE 3.1 and 4.0 that would impact organizations the most is the addition of hardware engineering and machine learning process groups. This expands the applicability of the standard to address the entire system lifecycle, by including hardware, and provides regulation for the new aspects of machine learning.

ASPICE 4.0’s process reference model has been updated to the following:

One thing to note is the addition of three process groups: the Validation Process Group (VAL), the Hardware Engineering Process Group (HWE), and the Machine Learning Engineering Process Group (MLE). As can be seen in the figure above, the color coding groups the processes under three categories: “Primary Lifecycle,” “Organizational Lifecycle,” and “Supporting Lifecycle,” as ASPICE 4.0 has updated the VDA scope to provide an increasingly flexible plugin feature to facilitate the assessment of an organization’s lifecycle processes.

Machine Learning processes

The new and extensive machine learning process group is located within the ASPICE framework’s primary lifecycle processes group. This group of processes was added in response to the proliferation of artificial intelligence (AI) in automotive feature design, as well as the increases in automation of both features within the finished vehicle, and the processes to design and develop them. The ongoing work to make autonomous vehicles (AVs) a more concrete reality, as well as improve and increase the operation and integration of Level 2 and 3 advanced driver assistance (ADAS) features, have been major driving forces behind these increases in automation. The addition of the machine learning engineering (MLE) process group to the ASPICE 4.0 process model projects continued support for this development and engineering work into the future.

Hardware processes

The hardware process group was added to the standard as one of the primary lifecycle process groups. This change reflects the extensive use of hardware in modern automotive mechatronic control systems and responds to the absence of dedicated specific processes for hardware engineering in previous versions of ASPICE.

Adding hardware engineering processes to the model allows developers to achieve full coverage of systems and aligns ASPICE 4.0 more closely with other main standards in the industry, such as ISO 26262: 2011, Road Vehicles – Functional Safety, and ISO/SAE 21434:2021, Road Vehicles – Cybersecurity.

VDA scope clarification

Another major change that affects automotive suppliers and OEMs is the fact that the German Association of the Automobile Industry (VDA), has rescoped its guidelines and requirements for the ASPICE framework. This scope change is meant as a clarification and can be represented by the following graphic:

These changes were necessary since the system and software landscape within the automotive industry is rather different from what it was six years ago. In this way, the updates to the assessment modeling help the standard to keep pace with the latest practices and technologies.

How important is the ASPICE 4.0 update for automotive OEMs and suppliers?

A resource for managing proliferation

From its first release in 2005 by the VDA, the ASPICE standard has been a resource for automotive manufacturers and suppliers to help manage the surging proliferation of code, especially in embedded controls. The software and systems that are defined by embedded controls (and are also reliant upon them), began almost immediately to not only find use in more applications but also became able to do more in the applications where they were in use. In other words, they have been doing more in two senses of the word.

Our current usage of these controls, while evolving, is still expanding, as the market demands features that are typically possible only with the use of embedded control or mechatronic systems. These include features related to connectivity and mobility, “infotainment,” and advanced driver assistance systems (ADAS), among others.

A resource for managing chaos

ASPICE is valuable to OEMs and suppliers alike, because, like certain other manufacturing quality standards, it can act to tame some of the chaos stemming from the massive proliferation of the quantity of code within these essential systems. For the developers who choose to adhere to the ASPICE process guidelines, the rewards are enhanced quality due to the tighter control and precise monitoring of the individual processes, as well as standards of assessment that, if not universal (because not everyone follows ASPICE), are at least standardized. Like many manufacturing standards, the ASPICE standard works toward identifying, defining, and codifying the best practices for developing embedded control systems and software.

Aids collaboration and consistency in quality

ASPICE has seen widespread adoption as a software development quality standard. As it proliferates further, and acceptance or adoption of the standard and its assessment framework penetrates the automotive industry, the additional control that ASPICE gives over multiple processes will further aid systems and software developers.

Demonstrating ASPICE compliance has long been a major aid to OEMs in ensuring the quality of software and systems shipped in from suppliers, and by suppliers as a differentiator to stand out among their peers and compete for business more aggressively. The new revision 4.0 will likely continue that trend, as OEMs and suppliers recommit to training their personnel to take full advantage of the new process models, and the thousands of trained ASPICE assessors worldwide bring their certification into compliance with the new standard.

The intersection of process efficiency and industry standards in ASPICE 4.0

There has been some discussion of whether ASPICE 4.0 is evolutionary or revolutionary. Most likely, the original 2005 release of the standard is still the best candidate for the label “revolutionary.” And, similarly, this new iteration of the standard is simply an evolution of the original groundbreaking idea. ASPICE 4.0 certainly seems to have an emphasis on streamlining and efficiency and reflects earnest consideration of how we design, develop, and apply the systems and software for embedded controls in modern automaking.

The VDA says of the new ASPICE revision:

“… the current version 4.0 of this standard has been established worldwide and is used by leading OEMs and suppliers to evaluate the development processes of software-based systems in and around the vehicle…. The demands of the market for environmental friendliness, safety, economic efficiency and user-friendliness force innovations with increasing complexity at ever shorter intervals. The associated shorter development times, in conjunction with increasing demands on reliability, make it essential to monitor and improve the development processes in software-based system development¹.”

ASPICE 4.0, like the previous iterations of the standard, provides both process reference and process assessment models. There are indicators and markers for performance; the expected correlation is that compliance with the ASPICE standard is much the same as adherence to the industry’s best practices.

One slightly less-pronounced change in the new ASPICE standard is the re-assignment of the importance of strategies, or plan documents, in the assessment of processes to Capability Level 2. This change may simplify assessments and the developers’ planning in some instances, streamlining at least one segment of the process that may sometimes have been confusing for users of the standard.

While this requirement has been altered, it is also worth noting that, even at the lowest capability levels, the developer organization must at least have a vision of how to demonstrate compliance and verification, even if this is not strictly a fully defined “strategy.” The standard still demonstrates rigor and adherence to best practices, while streamlining and building a slightly more forgiving quality into the assessment model.

Summary

ASPICE 4.0 is the first new ASPICE revision in six years. This new standard demonstrates significant process assessment support for mechatronic development and machine learning, as well as providing new assessor training guidelines. The revision provides an updated tool for developers, programmers, and technology integrators within the automotive industry, and delivers a fresh new way to use the ASPICE toolset. These innovations help ASPICE to keep pace with the evolution of embedded control systems, their software, and the innovative new ways they are used in automotive development.

^[1] Arbeitskreis 13, Verband der Automobilindustrie Qualitäts-Management-Center. 2024. https://vda-qmc.de/automotive-spice/