From d67f67ff25a1bd84c2d4733adb2919e209dfbe8f Mon Sep 17 00:00:00 2001 From: "jhr2hi@bosch.com" Date: Tue, 19 May 2026 15:13:14 +0200 Subject: [PATCH 1/2] remove module folder template --- process/folder_templates/index.rst | 1 - process/folder_templates/modules/index.rst | 25 -- .../architecture/chklst_arc_inspection.rst | 215 ----------- .../docs/architecture/index.rst | 175 --------- .../docs/component_classification.rst | 208 ----------- .../chklst_impl_inspection.rst | 114 ------ .../docs/detailed_design/index.rst | 158 -------- .../module_name/component_name/docs/index.rst | 181 --------- .../requirements/chklst_req_inspection.rst | 189 ---------- .../docs/requirements/index.rst | 107 ------ .../docs/safety_analysis/dfa.rst | 207 ----------- .../docs/safety_analysis/fmea.rst | 135 ------- .../modules/module_name/docs/index.rst | 26 -- .../modules/module_name/docs/manual/index.rst | 22 -- .../module_name/docs/manual/safety_manual.rst | 109 ------ .../docs/manual/security_manual.rst | 101 ------ .../module_name/docs/release/release_note.rst | 120 ------ .../module_name/docs/safety_mgt/index.rst | 24 -- .../safety_mgt/module_safety_analysis_fdr.rst | 163 --------- .../safety_mgt/module_safety_package_fdr.rst | 88 ----- .../docs/safety_mgt/module_safety_plan.rst | 342 ------------------ .../safety_mgt/module_safety_plan_fdr.rst | 128 ------- .../module_name/docs/security_mgt/index.rst | 23 -- .../module_security_package_fdr.rst | 81 ----- .../security_mgt/module_security_plan.rst | 227 ------------ .../security_mgt/module_security_plan_fdr.rst | 124 ------- .../module_verification_report.rst | 96 ----- .../architecture_inspection_checklist.rst | 2 +- .../change_management_component_template.rst | 2 +- .../guidance/implementation_checklist.rst | 2 +- .../guidance/release_templates.rst | 2 +- .../requirements_inspection_checklist.rst | 2 +- .../guidance/requirements_templates.rst | 4 +- .../guidance/dfa_templates.rst | 2 +- .../guidance/fmea_templates.rst | 2 +- .../guidance/safety_analysis_guideline.rst | 4 +- .../guidance/checklist_safety_package.rst | 2 +- .../guidance/checklist_safety_plan.rst | 2 +- .../guideline_component_classification.rst | 2 +- .../template_component_classification.rst | 2 +- .../guidance/template_safety_manual.rst | 2 +- .../guidance/templates_safety_plan.rst | 2 +- ...ity_analysis_threat_scenario_templates.rst | 2 +- .../security_analysis_threat_templates.rst | 2 +- .../guidance/checklist_security_package.rst | 2 +- .../guidance/checklist_security_plan.rst | 2 +- .../security_management_guideline.rst | 2 +- .../guidance/security_manual_templates.rst | 2 +- .../guidance/security_plan_templates.rst | 2 +- .../security_management_workproducts.rst | 8 +- .../guidance/verification_report_template.rst | 2 +- .../verification/verification_concept.rst | 2 +- 52 files changed, 30 insertions(+), 3419 deletions(-) delete mode 100644 process/folder_templates/modules/index.rst delete mode 100644 process/folder_templates/modules/module_name/component_name/docs/architecture/chklst_arc_inspection.rst delete mode 100644 process/folder_templates/modules/module_name/component_name/docs/architecture/index.rst delete mode 100644 process/folder_templates/modules/module_name/component_name/docs/component_classification.rst delete mode 100644 process/folder_templates/modules/module_name/component_name/docs/detailed_design/chklst_impl_inspection.rst delete mode 100644 process/folder_templates/modules/module_name/component_name/docs/detailed_design/index.rst delete mode 100644 process/folder_templates/modules/module_name/component_name/docs/index.rst delete mode 100644 process/folder_templates/modules/module_name/component_name/docs/requirements/chklst_req_inspection.rst delete mode 100644 process/folder_templates/modules/module_name/component_name/docs/requirements/index.rst delete mode 100644 process/folder_templates/modules/module_name/component_name/docs/safety_analysis/dfa.rst delete mode 100644 process/folder_templates/modules/module_name/component_name/docs/safety_analysis/fmea.rst delete mode 100644 process/folder_templates/modules/module_name/docs/index.rst delete mode 100644 process/folder_templates/modules/module_name/docs/manual/index.rst delete mode 100644 process/folder_templates/modules/module_name/docs/manual/safety_manual.rst delete mode 100644 process/folder_templates/modules/module_name/docs/manual/security_manual.rst delete mode 100644 process/folder_templates/modules/module_name/docs/release/release_note.rst delete mode 100644 process/folder_templates/modules/module_name/docs/safety_mgt/index.rst delete mode 100644 process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_analysis_fdr.rst delete mode 100644 process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_package_fdr.rst delete mode 100644 process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_plan.rst delete mode 100644 process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_plan_fdr.rst delete mode 100644 process/folder_templates/modules/module_name/docs/security_mgt/index.rst delete mode 100644 process/folder_templates/modules/module_name/docs/security_mgt/module_security_package_fdr.rst delete mode 100644 process/folder_templates/modules/module_name/docs/security_mgt/module_security_plan.rst delete mode 100644 process/folder_templates/modules/module_name/docs/security_mgt/module_security_plan_fdr.rst delete mode 100644 process/folder_templates/modules/module_name/docs/verification/module_verification_report.rst diff --git a/process/folder_templates/index.rst b/process/folder_templates/index.rst index defbd94711..138a469c51 100644 --- a/process/folder_templates/index.rst +++ b/process/folder_templates/index.rst @@ -23,6 +23,5 @@ Folder Templates :titlesonly: features/index.rst - modules/index.rst tools/index.rst platform/index.rst diff --git a/process/folder_templates/modules/index.rst b/process/folder_templates/modules/index.rst deleted file mode 100644 index d6bf036d64..0000000000 --- a/process/folder_templates/modules/index.rst +++ /dev/null @@ -1,25 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2024 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -.. _modules_template: - -Modules -======= - -.. toctree:: - :maxdepth: 1 - :glob: - - */docs/index - */*/docs/index diff --git a/process/folder_templates/modules/module_name/component_name/docs/architecture/chklst_arc_inspection.rst b/process/folder_templates/modules/module_name/component_name/docs/architecture/chklst_arc_inspection.rst deleted file mode 100644 index bb39fa5444..0000000000 --- a/process/folder_templates/modules/module_name/component_name/docs/architecture/chklst_arc_inspection.rst +++ /dev/null @@ -1,215 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - - -.. document:: [Your Component Name] Architecture Inspection Checklist - :id: doc__component_name_arc_inspection - :status: draft - :safety: ASIL_B - :security: YES - :realizes: wp__sw_arch_verification - :tags: template - -.. attention:: - The above directive must be updated according to your component. - - - Modify ``Your Component Name`` to be your component Name - - Modify ``id`` to be your component Name in lower snake case preceded by ``doc__`` and followed by ``_arc_inspection`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety``, ``security`` and ``tags`` according to your needs - -Architecture Inspection Checklist -================================= - -Purpose -------- - -The purpose of the software architecture checklist is to ensure that the design meets the criteria and quality as -defined per project processes and guidelines for feature and component architectural design elements. -It helps to check the compliance with requirements, identify errors or inconsistencies, and ensure adherence to best -practices. -The checklist guides evaluation of the architecture design, identifies potential problems, and aids in -communication and documentation of architectural decisions to stakeholders. - -Conduct -------- - -As described in the concept :need:`doc_concept__wp_inspections` the following "inspection roles" are expected to be filled: - -- content responsible (author): -- reviewer: -- moderator: - -Checklist ---------- - -It is mandatory to fill in the "passed" column with "yes" or "no" for each checklist item and additionally to add in the remarks why it is passed or not passed. -In case of "no" an issue link to the issue tracking system has to be added in the last column (if not solved in the same issue). -See also :need:`doc_concept__wp_inspections` for further information about reviews in general and inspection in particular. - -.. list-table:: Architecture Design Review Checklist - :header-rows: 1 - - * - Review Id - - Acceptance criteria - - Guidance - - passed - - Remarks - - Issue link - * - ARC_01_01 - - Is the traceability from software architectural elements to requirements, and other level architectural elements (e.g. component to interface) established according to the "Relations between the architectural elements" as described in :need:`doc_concept__arch_process`? - - automated - - Trace should be checked automatically by tool support in the future. Will be removed from the checklist once the requirement (:need:`Correlations of the architectural building blocks `) is implemented. Refer to `Tool Requirements `_ for the current status. - - - - - * - ARC_01_02 - - Does the software architecture design consider all the requirements allocated or belonging to the architectural element, including functional, non-functional, safety, and security requirements and all related design decisions? - - manual - - Check if all requirements allocated or belonging to the architectural element are considered in the design. This includes functional requirements (e.g. functional safety requirements), non-functional requirements (e.g. performance, reliability), and security requirements (e.g. confidentiality, integrity). Additionally, ensure that all related design decisions are taken into account and documented in the architectural design. - - - - - * - ARC_01_03 - - If the architectural element is related to any supplier manuals (incl. safety and security) - are the relevant parts covered? - - If the architecture makes use of supplied elements, their manuals (like safety) have to be considered (i.e. its provided functionality matches the expectation and assumptions are fulfilled). Note that in case of safety component this means that assumed Technical Safety Requirements and AoUs of the safety manual are covered. - - - - - - - * - ARC_01_04 - - Is the architectural element traceable to the lower level artifacts as defined by the workproduct traceability? - - Will be removed from checklist once the requirement (:need:`Correlations of the architectural building blocks `) is implemented by automated tool check. See `Tool Requirements `_. - Details of possible linking can be depicted from :ref:`traceability concept `. - - - - - - - * - ARC_02_01 - - Is the software architecture design compliant with the (overall) feature architecture? - - On component level check against the feature architecture, on feature level check other features with common components used. - - - - - - - * - ARC_02_02 - - Is appropriate and comprehensible operation/interface naming present in the architectural design? - - Check :need:`gd_guidl__arch_design` - - - - - - - * - ARC_02_03 - - Are correctness of data flow and control flow within the architectural elements considered? - - E.g. examine definitions, transformations, integrity, and interaction of data; check error handling, data - exchange between elements, correct response to inputs and documented decision making. - Note: consistency is ensured by the process/tooling, by defining each interface only once. - - - - - - - * - ARC_02_04 - - Are the interfaces between the software architectural element and other architectural elements well-defined? - - Check if the interface reacts on non-defined behaviour or errors; can established protocols be used; are the - interfaces for inputs, outputs, error codes documented; is loose coupling considered and only limited exposure; - can unit or integration test be written against the interface; data amount transferred; no sensitive data - exposure; - - - - - - - * - ARC_02_05 - - Does the software architectural element consider the timing constraints (from the parent requirement)? - - If there are hard requirements on the timing a programming time estimation should be performed and also - deadline supervision considered. - - - - - - - * - ARC_02_06 - - Is the documentation of the software architectural element, including textual and graphical descriptions - (e.g., UML diagrams), comprehensible and complete? - - Use of semi-formal notation is expected for architectural elements with an allocated ASIL level. - Is the architecture template correctly filled? - - - - - - - * - ARC_03_01 - - Is the architectural element modular and encapsulated? - - Check e.g. that only minimal interfaces are used. Design should be object oriented. Interfaces and interactions are clearly defined. Usage of access types (private, protected) properly set. Limited global variables. - - - - - - - * - ARC_03_02 - - Is the suitability of the software architecture for future modifications and maintainability considered? - - Check for e.g. loose coupling, separation of concerns, high cohesion, versioning strategy for interfaces, - decision records, use of established design patterns. - - - - - - - * - ARC_03_03 - - Are simplicity and avoidance of unnecessary complexity present in the software architecture and the component? - - Indicators for complexity are: number of use cases (corresponding to dynamic diagrams) - allocated to single design element, number of interfaces and operations in an interface, - function parameters, global variables, complex types, limited comprehensibility. - The belonging code metrics (see :ref:`implementation requirements page`) should be checked. - - Notes: - - If the "number of use cases" or "number of interfaces" above exceeds "3" or "number of function parameters" exceeds "5" or the "number of operations" exceeds "20" or global variables are used, a design rationale is mandatory. - - See also if component classification :need:`gd_temp__component_classification` as measure is present. - - - - - - - - * - ARC_03_04 - - Is the software architecture design following best practices and design principles? - - Refer to architectural guidelines and recommendations within the project documentation. - - - - - - - * - ARC_04_03 - - If your software architectural design of the component includes processes and tasks, are their scheduling policies and priorities (at least the needed relation one to another) defined to ensure that timing requirements are met? Please note, that the particular priorities or priority ranges will be probably defined by the project handbook or the software development plan. - - Note: see :need:`std_req__iso26262__software_743` - - Give a reason for these scheduling policies and priorities or explain why not needed. - - - - - - - - -.. attention:: - The above checklist entries must be filled according to your component architecture in scope. - -Note: If a Review ID is not applicable for your architecture, then state ""n/a" in status and comment accordingly in remarks. - -The following static views in "valid" state and with "inspected" tag set are in the scope of this inspection: - -.. needtable:: - :filter: "component_name" in docname and "architecture" in docname and docname is not None and status == "valid" - :style: table - :types: comp_arc_sta - :tags: component_name - :columns: id;status;tags - :colwidths: 25,25,25 - :sort: title - -and the following dynamic views: - -.. needtable:: - :filter: "component_name" in docname and "architecture" in docname and docname is not None and status == "valid" - :style: table - :types: comp_arc_dyn - :tags: component_name - :columns: id;status;tags - :colwidths: 25,25,25 - :sort: title - -.. attention:: - The above tables filtering must be updated according to your Component. - - - Modify ``component_name`` to be your Component Name in lower snake case diff --git a/process/folder_templates/modules/module_name/component_name/docs/architecture/index.rst b/process/folder_templates/modules/module_name/component_name/docs/architecture/index.rst deleted file mode 100644 index 4a660a35d3..0000000000 --- a/process/folder_templates/modules/module_name/component_name/docs/architecture/index.rst +++ /dev/null @@ -1,175 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -.. _component_architecture_template: - -Component Architecture -====================== - -.. document:: [Your Component Name] Architecture - :id: doc__component_name_architecture - :status: draft - :safety: ASIL_B - :security: NO - :realizes: wp__component_arch - :tags: template - -.. attention:: - The above directive must be updated according to your needs. - - - Modify ``Your Component Name`` to be your Component Name - - Modify ``id`` to be your Component Name in upper snake case preceded by ``doc__`` and followed by ``_architecture`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - -Overview --------- - - -Requirements Linked to Component Architecture ---------------------------------------------- - -.. code-block:: none - - .. needtable:: Overview of Component Requirements - :style: table - :columns: title;id - :filter: search("comp_arch_sta__archdes$", "fulfils_back") - :colwidths: 70,30 - -Description ------------ - - - - - - - -Rationale Behind Architecture Decomposition -******************************************* - -Mandatory: A motivation for the decomposition or reason for not further splitting it into internal components. - -.. note:: Common decisions across components / cross cutting concepts is at the higher level. - -Static Architecture -------------------- - -The components are designed to cover the expectations from the feature architecture -(i.e. if already exists a definition it should be taken over and enriched). - -A component can optional also consist of subcomponents to further structure the architecture. The component and its static views can also optionally use interfaces provided by other components. - -The live component architecture template is maintained in the -`module template documentation `_. - -.. code-block:: rst - - .. comp:: Component Name - :id: comp__component_name_template - :security: YES - :safety: ASIL_B - :status: invalid - :implements: logic_arc_int__feature_name__interface_name1 - :consists_of: comp__component_name_internal_1, comp__component_name_internal_2, comp__component_name_internal_3 - :belongs_to: feat__feature_name - - .. comp_arc_sta:: Component Name (Static View) - :id: comp_arc_sta__component_name__static_view - :security: YES - :safety: ASIL_B - :status: invalid - :belongs_to: comp__component_name_template - :uses: logic_arc_int__feature_name__interface_name1 - :fulfils: comp_req__component_name__some_title - - .. needarch:: - :scale: 50 - :align: center - - {{ draw_component(need(), needs) }} - -Dynamic Architecture --------------------- - -.. code-block:: rst - - .. comp_arc_dyn:: Dynamic View - :id: comp_arc_dyn__component_name__dynamic_view - :security: YES - :safety: ASIL_B - :status: invalid - :belongs_to: comp__component_name_template - :fulfils: comp_req__component_name__some_title - - Put here a sequence diagram - - -Interfaces ----------- - -.. code-block:: rst - - .. real_arc_int:: - :id: real_arc_int__<component>__<Title> - :security: <YES|NO> - :safety: <QM|ASIL_B> - :fulfils: <link to component requirement id> - :language: cpp - -Internal Components -------------------- - -.. code-block:: rst - - .. comp_arc_sta:: Component Name Static View - :id: comp_arc_sta__component_name__2 - :status: invalid - :safety: ASIL_B - :security: YES - :fulfils: comp_req__component_name__some_title - :belongs_to: comp__component_name_template - - No architecture but detailed design - - .. comp:: Internal Component 1 - :id: comp__component_name_internal_1 - :status: invalid - :safety: ASIL_B - :security: YES - :belongs_to: feat__feature_name - - .. comp:: Internal Component 2 - :id: comp__component_name_internal_2 - :status: invalid - :safety: ASIL_B - :security: YES - :belongs_to: feat__feature_name - - .. comp:: Internal Component 3 - :id: comp__component_name_internal_3 - :status: invalid - :safety: ASIL_B - :security: YES - :belongs_to: feat__feature_name - -.. note:: - Architecture can be split into multiple files. At component level the public interfaces to be used by the user and tester to be shown. - -.. attention:: - The above directives must be updated according to your component architecture. - - - Replace the example content by the real content (according to :need:`gd_guidl__arch_design`) - - Set the status to valid and start the review/merge process diff --git a/process/folder_templates/modules/module_name/component_name/docs/component_classification.rst b/process/folder_templates/modules/module_name/component_name/docs/component_classification.rst deleted file mode 100644 index 9b97bb6ddf..0000000000 --- a/process/folder_templates/modules/module_name/component_name/docs/component_classification.rst +++ /dev/null @@ -1,208 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Component Classification -======================== - -.. note:: Document header - -.. document:: [Your Component Name] Component Classification - :id: doc__component_name_comp_class - :status: draft - :safety: ASIL_B - :security: NO - :realizes: wp__sw_component_class - :tags: template - -.. attention:: - The above directive must be updated according to your Component. - - - Modify ``Your Component Name`` to be your Component Name - - Modify ``id`` to be your Component Name in upper snake case preceded by ``doc__`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - -| Classification of <component> -| -| <Link to OSS component source (e.g. in github) including the selected version> -| -| Additional documentation considered: -| <list of documentation links> - - -Step 1: Determine (P): the uncertainty of the Processes applied ---------------------------------------------------------------- - -| Apply the process measures to determine (P). -| The result of a process measure shall have as outcome [HE, PE, NE] -| - HE: High Evidence -| - PE: Partly Evidence but Manageable -| - NE: No Evidence - -.. list-table:: Determine (P) - :header-rows: 1 - - * - Id - - Indicator for applying process - - Result - - Rationale for result - - * - 1 - - Are rules, state-of-the art processes applied for the design, implementation and verification? - - <HE|PE|NE> - - <Rationale for result> - - * - 2 - - Are requirements available? - - <HE|PE|NE> - - <Rationale for result> - - * - 3 - - Are specifications for functionalities and properties available (architecture)? - - <HE|PE|NE> - - <Rationale for result> - - * - 4 - - Are design specifications available? - - <HE|PE|NE> - - <Rationale for result> - - * - 5 - - Are configuration specification and data available, if applicable? - - <HE|PE|NE> - - <Rationale for result> - - * - 6 - - Are verification measures including tests and reports available? - - <HE|PE|NE> - - <Rationale for result> - - -| (P=1) shall be selected when none of the determined process measures indicate PE or NE. -| (P=2) shall be selected when at least one of the determined process measures indicate PE or NE, but the gaps evaluated are acceptable, means -| the risk of systematic faults due to these gaps is sufficiently low or manageable by mitigating the gaps. -| (P=3) in all other cases. - -<component name> is determined as P=<1|2|3> - - -Step 2: Determine (C): the uncertainty of finding systematic faults based on the Complexity -------------------------------------------------------------------------------------------- - -| Apply the complexity measures to determine (C). -| The result of a complexity measure shall have as outcome [NH, HM, NM] -| - NH: Not High -| - HM: High but Manageable -| - NM: high and Not Manageable -| -| **Complexity measure for programming language: <C++ or RUST>** - -<select the correct table below (table for C++ is TBD)> - -.. list-table:: Determine (C) for RUST - :header-rows: 1 - - * - Id - - Indicator for high Complexity - - Complexity measure Tool - - Result - - Number - - * - 1 - - High amount of Lines of Code - - Lines of Code (without comments) (generated code is excluded, e.g. ProtoCmpl) - - <NH|HM|NM> - - <Number> - - * - 2 - - Unsafe code used / total unsafe code - - Count: - * LoUC+N: lines of unsafe code with safety note - * LoUC : lines of unsafe code, no safety note - - <NH|HM|NM> - - <Number> - - * - 3 - - | Test exists / Coverage (Function, Line) - | (maybe better: testability, but how to measure?) - - Existing Tests Coverage - - <NH|HM|NM> - - <Number> - - * - 4 - - High amount of public function interfaces - - Number of public function interfaces - - <NH|HM|NM> - - <RNumber> - - * - 5 - - High amount of function parameters - - Number of parameters - - <NH|HM|NM> - - <Number> - - -| (C=1) shall be selected when none of the determined complexity measures indicate HM or NM. -| (C=2) shall be selected when at least one of the determined complexity measures indicate HM or NM, but the gaps evaluated are acceptable, means -| the risk of systematic faults due to these gaps is sufficiently low in the context of the project or manageable by mitigating the gaps. -| (C=3) in all other cases. -| - -<component name> is determined as C=<1|2|3> - - -Step 3: Determine (CLAS_OUT): the classification outcome --------------------------------------------------------- - -| Select CLAS_OUT depending on the determined values of (C) and (P) - -.. list-table:: - :header-rows: 1 - :widths: 20 20 20 20 - - * - - - P=1 - - P=2 - - P=3 - - * - C=1 - - Q - - Q - - QR - - * - C=2 - - QR - - QR - - QR - - * - C=3 - - QR - - QR - - NQ - -<component name> is classified as CLAS_OUT=<Q|QR|NQ> - - -Step 4: Document all results and rationale for choosing (P) and (C) and (CLAS_OUT) ----------------------------------------------------------------------------------- -This document - - -Step 5: Based on (CLAS_OUT) select the activities -------------------------------------------------- - -| As soon as the change request containing this is in status "Accepted", the module safety plan for the component development is adapted based on the following: (select according to above result) -| - Q: Follow the processes for qualification of software components in a safety context. -| - QR: Follow the process for pre-existing software architectural elements -| - NQ: Do not use this element in safety context diff --git a/process/folder_templates/modules/module_name/component_name/docs/detailed_design/chklst_impl_inspection.rst b/process/folder_templates/modules/module_name/component_name/docs/detailed_design/chklst_impl_inspection.rst deleted file mode 100644 index cf7ec52f87..0000000000 --- a/process/folder_templates/modules/module_name/component_name/docs/detailed_design/chklst_impl_inspection.rst +++ /dev/null @@ -1,114 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -.. document:: [Your Component Name] Implementation Inspection Checklist - :id: doc__component_name_impl_inspection - :status: draft - :safety: ASIL_B - :security: YES - :realizes: wp__sw_implementation_inspection - :tags: template - -.. attention:: - The above directive must be updated according to your Component. - - - Modify ``Your Component Name`` to be your Component Name - - Modify ``id`` to be your Component Name in lower snake case preceded by ``doc__`` and followed by ``_impl_inspection`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety``, ``security`` and ``tags`` according to your needs - -Implementation Inspection Checklist -=================================== - -Purpose -------- - -The purpose of this checklist is to collect the topics to be checked during implementation, -i.e. in the detailed design and the source code of the units. - -The checklist shall be agnostic to which programming language is used. Differences shall be treated -by linking to C++ or Rust specific documentation. - -Conduct -------- - -As described in the concept :need:`doc_concept__wp_inspections` the following "inspection roles" are expected to be filled: - -- content responsible (author): <contributor/committer explicitly named here, who is the main author, as can be seen in config mgt tooling> -- reviewer: <contributor/committer explicitly named here, who is the main content reviewer, must be different from content responsible> -- moderator: <committer explicitly named here, who is is the safety manager, security manager or quality manager initiating the inspection> - -Checklist ---------- - -It is mandatory to fill in the "passed" column with "yes" or "no" for each checklist item and additionally to add in the remarks why it is passed or not passed. -In case of "no" an issue link to the issue tracking system has to be added in the last column (if not solved in the same issue). -See also :need:`doc_concept__wp_inspections` for further information about reviews in general and inspection in particular. - -.. list-table:: Implementation Checklist - :header-rows: 1 - :widths: 10,30,50,6,6,8 - - * - Review ID - - Acceptance Criteria - - Guidance - - Passed - - Remarks - - Issue link - * - IMPL_01_01 - - Is the design according to guidelines? - - see :need:`gd_temp__detailed_design` and :need:`doc_concept__imp_concept` - (e.g. are the views done with the proposed UML diagrams) - - - - - - - * - IMPL_01_02 - - Is the implementation according to specification? - - Check if the linked component requirements are fulfilled - and detailed design also matches architecture description. - - - - - - - * - IMPL_01_03 - - Are the design decisions and constraints documented? - - Check also for plausibility of these. - - - - - - - * - IMPL_01_04 - - Are all external libraries used by the component specified in the detailed design? - - Check the automated dependency analysis. - Also make sure ASIL rated units also only use ASIL rated libraries. - - - - - - - * - IMPL_02_01 - - Are the static and dynamic code analysis reports verified for violations? - - All violations in ASIL related code must be justified. This includes the checks of coding guidelines. - - - - - - - * - IMPL_02_02 - - Do manual checks, that are derived from the coding guideline, find no safety critical error? - - Check this for the programming language used (e.g. C++ <link_to_checks_list>, Rust <link_to_checks_list>) - - - - - - - * - IMPL_02_03 - - Are detailed design and source code consistent? - - Check if the static and dynamic design descriptions match the code (e.g. naming of elements) - and that the respective traceability is established - - - - - - diff --git a/process/folder_templates/modules/module_name/component_name/docs/detailed_design/index.rst b/process/folder_templates/modules/module_name/component_name/docs/detailed_design/index.rst deleted file mode 100644 index 1ecafb1673..0000000000 --- a/process/folder_templates/modules/module_name/component_name/docs/detailed_design/index.rst +++ /dev/null @@ -1,158 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -.. _component_detailed_design_template: - -Detailed Design -############### - -.. document:: [Your Component Name] Detailed Design - :id: doc__component_name_detailed_design - :status: draft - :safety: ASIL_B - :security: NO - :realizes: wp__sw_implementation - :tags: template - -.. attention:: - The above directive must be updated according to your Component. - - - Modify ``Your Component Name`` to be your Component Name - - Modify ``id`` to be your Component Name in upper snake case preceded by ``doc__`` and followed by ``_detailed_design`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - -Detailed Design for Component: <Component Name> -=============================================== - -Description ------------ - -| Design Decisions - For the documentation of the decision the :need:`gd_temp__change_decision_record` can be used. -| Design Constraints - -Rationale Behind Decomposition into Units -****************************************** -| mandatory: a motivation for the decomposition into one or more units. - -.. note:: Reason for split into multiple units could be- - - Based on design principles like SOLID,DRY etc - - Based on design pattern's etc. - -Static Diagrams for Unit Interactions -------------------------------------- -.. code-block:: rst - - .. dd_sta:: <Title> - :id: dd_sta__<Component>__<Title> - :security: <YES|NO> - :safety: <QM|ASIL_B> - :status: <valid|invalid> - :implements: <link to component requirement id> - :satisfies: <link to component architecture id> - :belongs_to: <link to component id> - :includes: <link to sw_unit id>, <link to sw_unit interface id> - - .. needarch:: or .. image:: <link to drawio image> - -Dynamic Diagrams for Unit Interactions --------------------------------------- -.. code-block:: rst - - .. dd_dyn:: <Title> - :id: dd_dyn__<Component>__<Title> - :security: <YES|NO> - :safety: <QM|ASIL_B> - :status: <valid|invalid> - :implements: <link to component requirement id> - :satisfies: <link to component architecture id> - :belongs_to: <link to component id> - :includes: <link to sw_unit id>, <link to sw_unit interface id> - - .. needarch:: or .. image:: <link to drawio image> - -Units within the Component --------------------------- - -In your rst file: - -.. code-block:: rst - - .. sw_unit:: cpp unit - :id: sw_unit__<Component>__<title> - :belongs_to: <link to component id> - - This implements the .... - -In your source file, any programming language, here with C++: - -.. code-block:: cpp - - # need-Id: sw_unit__<Component>__<title> - class <class name> { - public: - - }; - -Interface View --------------- - -In your rst file: - -.. code-block:: rst - - .. sw_unit_int:: <here InterfaceDemo - change it> - :id: sw_unit_int__<Component>__<title> - :belongs_to: <link to sw_unit id> - :implements: <real_arc_int, real_arc_int_op> - - This implements the .... - -In your source file, any programming language, here with C++: - -.. code-block:: cpp - - # need-Id: sw_unit__<Component>__<title> - class InterfaceDemo - { - public: - virtual ~InterfaceDemo() {} - virtual void OverrideMe() = 0; - }; - -- For cpp using doxygen comments - -.. code-block:: cpp - - /** - * @rst - * .. sw_unit_int:: cpp unit - * :id: sw_unit_int__<Component>__<title> - * :belongs_to: <link to sw_unit id> - * :implements: <real_arc_int, real_arc_int_op> - * - * This implements the .... - * @endrst - */ - -- For rust - -.. code-block:: rust - - //! .. sw_unit_int:: rust unit - //! :id: sw_unit_int__<Component>__<title> - //! :belongs_to: <link to sw_unit id> - //! :implements: <real_arc_int, real_arc_int_op> - //! - //! This implements the .... diff --git a/process/folder_templates/modules/module_name/component_name/docs/index.rst b/process/folder_templates/modules/module_name/component_name/docs/index.rst deleted file mode 100644 index 0128aefb13..0000000000 --- a/process/folder_templates/modules/module_name/component_name/docs/index.rst +++ /dev/null @@ -1,181 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -.. _component_template: - -[Your Component Name] -##################### - -.. note:: Document header - -.. document:: [Your Component Name] - :id: doc__component_name - :status: draft - :safety: ASIL_B - :security: NO - :realizes: wp__cmpt_request - :tags: template - -.. attention:: - The above directive must be updated according to your Component. - - - Modify ``document`` to be your Component Name - - Modify ``id`` to be your Component Name in upper snake case preceded by ``doc__`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - -Abstract -======== - -[A short (~200 word) description of the contribution being addressed.] - - -Motivation -========== - -[Clearly explain why the existing platform/project solution is inadequate to address the topic that the CR solves.] - -.. note:: - The motivation is critical for CRs that want to change the existing components. - It should clearly explain why the existing solution is inadequate to address the topic that the CR solves. - Motivation may based on criteria as resource requirements, scheduling issues, risks, benefits, etc. - CRs submissions without sufficient motivation may be rejected. - - - -Rationale -========= - -[Describe why particular design decisions were made.] - -.. note:: - The rationale should provide evidence of consensus within the community and discuss important objections or concerns raised during discussion. - For the documentation of the decision the :need:`gd_temp__change_decision_record` can be used. - -Specification -============= - -[Describe the requirements, architecture of any new component.] or -[Describe the change to requirements, architecture, implementation, documentation of any change request.] - -.. note:: - A CR shall specify the component requirements as part of our platform/project. - Thereby the :need:`rl__project_lead` will approve these requirements as part of accepting the CR (e.g. merging the PR with the CR). - - -Backwards Compatibility -======================= - -[Describe potential impact (especially including safety and security impacts) and severity on pre-existing platform/project elements.] - - -Security Impact -=============== - -[How could a malicious user take advantage of this new/modified component?] - -.. note:: - If there are security concerns in relation to the CR, those concerns should be explicitly written out to make sure reviewers of the CR are aware of them. - -Which security requirements are affected or has to be changed? -Could the new/modified component enable new threat scenarios? -Could the new/modified component enable new attack paths? -Could the new/modified component impact functional safety? -If applicable, which additional security measures must be implemented to mitigate the risk? - -.. note:: - Use Security Software Critically Analysis, Vulnerability Analysis. - [Methods will be defined later in Process area Security Analysis] - - -Safety Impact -============= - -[How could the safety be impacted by the new/modified component?] - -.. note:: - If there are safety concerns in relation to the CR, those concerns should be explicitly written out to make sure reviewers of the CR are aware of them. - -Which safety requirements are affected or has to be changed? -Could the new/modified component be a potential common cause or cascading failure initiator? -If applicable, which additional safety measures must be implemented to mitigate the risk? - -.. note:: - Use Dependency Failure Analysis and/or Safety Software Critically Analysis. - [Methods will be defined later in Process area Safety Analysis] - -For new feature/component contributions: - -[What is the expected ASIL level?] -[What is the expected classification of the contribution?] - -.. note:: - Use the component classification method here to classify your component, if it shall to be used in a safety context: :need:`gd_temp__component_classification`. - -License Impact -============== - -[How could the copyright impacted by the license of the new contribution?] - - -How to Teach This -================= - -[How to teach users, new and experienced, how to apply the CR to their work.] - -.. note:: - For a CR that adds new functionality or changes behaviour, it is helpful to include a section on how to teach users, new and experienced, how to apply the CR to their work. - -Rejected Ideas -============== - -[Why certain ideas that were brought while discussing this CR were not ultimately pursued.] - -.. note:: - Throughout the discussion of a CR, various ideas will be proposed which are not accepted. - Those rejected ideas should be recorded along with the reasoning as to why they were rejected. - This both helps record the thought process behind the final version of the CR as well as preventing people from bringing up the same rejected idea again in subsequent discussions. - In a way this section can be thought of as a breakout section of the Rationale section that is focused specifically on why certain ideas were not ultimately pursued. - - - -Open Issues -=========== - -[Any points that are still being decided/discussed.] - -.. note:: - While a CR is in draft, ideas can come up which warrant further discussion. - Those ideas should be recorded so people know that they are being thought about but do not have a concrete resolution. - This helps make sure all issues required for the CR to be ready for consideration are complete and reduces people duplicating prior discussion. - - - -Footnotes -========= - -[A collection of footnotes cited in the CR, and a place to list non-inline hyperlink targets.] - -.. toctree:: - :hidden: - - architecture/index.rst - architecture/chklst_arc_inspection.rst - component_classification.rst - detailed_design/index.rst - detailed_design/chklst_impl_inspection.rst - requirements/index.rst - requirements/chklst_req_inspection.rst - safety_analysis/fmea.rst - safety_analysis/dfa.rst diff --git a/process/folder_templates/modules/module_name/component_name/docs/requirements/chklst_req_inspection.rst b/process/folder_templates/modules/module_name/component_name/docs/requirements/chklst_req_inspection.rst deleted file mode 100644 index c7d22cdf06..0000000000 --- a/process/folder_templates/modules/module_name/component_name/docs/requirements/chklst_req_inspection.rst +++ /dev/null @@ -1,189 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - - -.. document:: [Your Component Name] Requirements Inspection Checklist - :id: doc__component_name_req_inspection - :status: draft - :safety: ASIL_B - :security: YES - :realizes: wp__requirements_inspect - :tags: template - -.. attention:: - The above directive must be updated according to your Component. - - - Modify ``Your Component Name`` to be your Component Name - - Modify ``id`` to be your Component Name in lower snake case preceded by ``doc__`` and followed by ``_req_inspection`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety``, ``security`` and ``tags`` according to your needs - -Requirement Inspection Checklist -================================ - -Purpose -------- - -The purpose of this requirement inspection checklist is to collect the topics to be checked during requirements inspection. - -Conduct -------- - -As described in the concept :need:`doc_concept__wp_inspections` the following "inspection roles" are expected to be filled: - -- content responsible (author): <contributor/committer explicitly named here, who is the main author, as can be seen in config mgt tooling> -- reviewer: <contributor/committer explicitly named here, who is the main content reviewer, must be different from content responsible> -- moderator: <committer explicitly named here, who is is the safety manager, security manager or quality manager initiating the inspection> -- test expert: <one of the reviewers explicitly named here, to cover REQ_08_01 as described> - -Checklist ---------- - -It is mandatory to fill in the "passed" column with "yes" or "no" for each checklist item and additionally to add in the remarks why it is passed or not passed. -In case of "no" an issue link to the issue tracking system has to be added in the last column (if not solved in the same issue). -See also :need:`doc_concept__wp_inspections` for further information about reviews in general and inspection in particular. - -.. list-table:: Component Requirement Inspection Checklist - :header-rows: 1 - :widths: 10,30,50,6,6,8 - - * - Review ID - - Acceptance Criteria - - Guidance - - Passed - - Remarks - - Issue link - * - REQ_01_01 - - Is the requirement formulation template used? - - see :need:`gd_temp__req_formulation`, this includes the use of "shall". - - - - - - - * - REQ_02_01 - - Is the requirement description *comprehensible* ? - - If you think the requirement is hard to understand, comment here. - - - - - - - * - REQ_02_02 - - Is the requirement description *unambiguous* ? - - Especially search for "weak words" like "about", "etc.", "relevant" and others (see the internet documentation on this). This check shall be supported by tooling. - - - - - - - * - REQ_02_03 - - Is the requirement description *atomic* ? - - A good way to think about this is to consider if the requirement may be tested by one (positive) test case or needs more of these. The requirement formulation template should also avoid being non-atomic already. Note that there are cases where also non-atomic requirements are the better ones, for example if those are better understandable. - - - - - - - * - REQ_02_04 - - Is the requirement description *feasible* ? - - If at the time of the inspection the requirement has already some implementation, the answer is yes. This can be checked via traces, but also :need:`gd_req__req_attr_impl` shows this. In case the requirement has no implementation at the time of inspection (i.e. not implemented at least as "proof-of-concept"), a development expert should be invited to the Pull-Request review to explicitly check this item. - - - - - - - * - REQ_02_05 - - Is the requirement description *independent from implementation* ? - - This checkpoint should improve requirements definition in the sense that the "what" is described and not the "how" - the latter should be described in architecture/design derived from the requirement. But there can also be a good reason for this, for example we would require using a file format like JSON and even specify the formatting standard already on stakeholder requirement level because we want to be compatible. A finding in this checkpoint does not mean there is a safety problem in the requirement. - - - - - - - * - REQ_03_01 - - Is the *linkage to the parent requirement* correct? - - Linkage to correct levels and ASIL attributes is checked automatically, but it needs checking if the child requirement implements (at least) a part of the parent requirement. - - - - - - - * - REQ_04_01 - - Is the requirement *internally and externally consistent*? - - Does the requirement contradict other requirements within the same or higher levels? One may restrict the search to the feature for component requirements, for features to other features using same components. Is the description of the requirement consistent with all its attributes (if not already part of another check, e.g. does the title fit?). - - - - - - - * - REQ_05_01 - - Do the software requirements consider *timing constraints*? - - This checkpoint encourages to think about timing constraints even if those are not explicitly mentioned in the parent requirement. If the reviewer of a requirement already knows or suspects that the code execution will be consuming a lot of time, one should think of the expectation of a "user". - - - - - - - * - REQ_06_01 - - Does the requirement consider *external interfaces*? - - The SW platform's external interfaces (to the user) are defined in the Feature Architecture, so the Feature and Component Requirements should determine the input data use and setting of output data for these interfaces. Are all output values defined? - - - - - - - * - REQ_07_01 - - Is the *safety* attribute set correctly? - - Derived requirements are checked automatically, see :need:`gd_req__req_linkage_safety`. But for the top level requirements (and also all AoU) this needs to be checked manually for correctness. - - - - - - - * - REQ_07_02 - - Is the attribute *security* set correctly? - - For component requirements this checklist item is supported by automated check: "Every requirement which derives from a feature requirement with security attribute set to YES inherits this". But the component requirements/architecture may additionally also be subject to a :need:`wp__sw_component_security_analysis`. - - - - - - - * - REQ_08_01 - - Is the requirement *verifiable*? - - If at the time of the inspection already tests are created for the requirement, the answer is yes. This can be checked via traces, but also :need:`gd_req__req_attr_test_covered` shows this. In case the requirement is not sufficiently traced to test cases already, a test expert is invited to the inspection to give their opinion whether the requirement is formulated in a way that supports test development and the available test infrastructure is sufficient to perform the test. - - - - - - - * - REQ_08_02 - - Is the requirement verifiable by design or code review in case it is not feasibly testable? - - In very rare cases a requirement may not be verifiable by test cases, for example a specific non-functional requirement. In this case a requirement analysis verifies the requirement by design/code review. If such a requirement is in scope of this inspection, please check this here and link to the respective review record. A test expert is invited to the inspection to confirm their opinion that the requirement is not testable. - - - - - - - * - REQ_09_01 - - Do the requirements that define a safety mechanism specify the error reaction leading to a safe state? - - Alternatively to the safe state there could also be "repair" mechanisms. Also do not forget to consider REQ_05_01 for these. - - - - - - - - -.. attention:: - The above checklist entries must be filled according to your component requirements in scope. - -Note: If a Review ID is not applicable for your requirement, then state ""n/a" in status and comment accordingly in remarks. - -The following requirements in "valid" state and with "inspected" tag set are in the scope of this inspection: - -.. needtable:: - :filter: "component_name" in docname and "requirements" in docname and docname is not None and status == "valid" - :style: table - :types: comp_req - :tags: component_name - :columns: id;status;tags - :colwidths: 25,25,25 - :sort: title - -And also the following AoUs in "valid" state and with "inspected" tag set (for these please answer the questions above as if the AoUs are requirements, except question REQ_03_01): - -.. needtable:: - :filter: "component_name" in docname and "requirements" in docname and docname is not None and status == "valid" - :style: table - :types: aou_req - :tags: component_name - :columns: id;status;tags - :colwidths: 25,25,25 - :sort: title - -.. attention:: - The above tables filtering must be updated according to your Component. - - - Modify ``component_name`` to be your Component Name in lower snake case diff --git a/process/folder_templates/modules/module_name/component_name/docs/requirements/index.rst b/process/folder_templates/modules/module_name/component_name/docs/requirements/index.rst deleted file mode 100644 index 9dd038055e..0000000000 --- a/process/folder_templates/modules/module_name/component_name/docs/requirements/index.rst +++ /dev/null @@ -1,107 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Requirements -############ - -.. document:: [Your Component Name] Requirements - :id: doc__component_name_requirements - :status: draft - :safety: ASIL_B - :security: YES - :realizes: wp__requirements_comp - :tags: template - -.. attention:: - The above directive must be updated according to your Component. - - - Modify ``Your Component Name`` to be your Component Name - - Modify ``id`` to be your Component Name in upper snake case preceded by ``doc__`` and followed by ``_requirements`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety``, ``security`` and ``tags`` according to your needs - -<Headlines (for the list of requirements if structuring is needed)> -=================================================================== - -Component Requirements ----------------------- - -.. code-block:: rst - - .. comp_req:: Some Title - :id: comp_req__component_name__some_title - :reqtype: Process - :security: YES - :safety: ASIL_B - :derived_from: feat_req__feature_name__some_title - :status: invalid - :satisfied_by: comp__component_name_template - - The Component shall do xyz to another component to bring it to this condition at this time - - Note: (optional, not to be verified) - -.. attention:: - The above directive must be updated according to your component requirements. - - - Replace the example content by the real content for your first requirement - - Set ``derived_from`` with links to Feature requirements - - Set ``satisfied_by`` with a link to the right Component id - - Set ``safety`` and ``security`` to the right value - - Set the status to valid and start the review/merge process - - Add other needed requirements for your component - -Assumption of Use Requirements ------------------------------- - -.. code-block:: rst - - .. aou_req:: Next Title - :id: aou_req__component_name__next_title - :reqtype: Process - :security: YES - :safety: ASIL_B - :status: invalid - - The Component User shall do xyz to use the component safely/securely - -Environmental Requirements --------------------------- - -.. code-block:: rst - - .. aou_req:: Another Title - :id: aou_req__component_name__another_title - :reqtype: Process - :security: YES - :safety: ASIL_B - :status: invalid - :tags: environment - - The Component shall only be used in a xyz environment to ensure its proper functioning. - -Hints ------ - -.. attention:: - The above directives must be updated according to your feature requirements. - - - Replace the example content by the real content for your first requirement (according to :need:`gd_guidl__req_engineering`) - - Set ``safety`` and ``security`` to the right value (ASIL B/QM; YES/NO) - - Set ``reqtype`` with a link to the right value (<Functional|Interface|Process|Non-Functional>) - - Add other needed requirements for your feature - - Set ``status`` to ``valid`` and start the review/merge process - -.. needextend:: "component_name" in id - :+tags: component_name diff --git a/process/folder_templates/modules/module_name/component_name/docs/safety_analysis/dfa.rst b/process/folder_templates/modules/module_name/component_name/docs/safety_analysis/dfa.rst deleted file mode 100644 index 98a1b4e033..0000000000 --- a/process/folder_templates/modules/module_name/component_name/docs/safety_analysis/dfa.rst +++ /dev/null @@ -1,207 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - - -DFA (Dependent Failure Analysis) -================================ - -.. document:: [Your Component Name] DFA - :id: doc__component_name_dfa - :status: draft - :safety: ASIL_B - :security: NO - :realizes: wp__sw_component_dfa - :tags: template - -.. note:: Use the content of the document to describe e.g. why a fault model is not applicable for the diagram. - -.. attention:: - The above directive must be updated according to your Component. - - - Modify ``Your Component Name`` to be your Component Name - - Modify ``id`` to be your Component Name in upper snake case preceded by ``doc__`` and succeeded by ``_dfa`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety``, ``security`` and ``tags`` according to your needs - -The DFA for the component [Your Component Name] is performed. To show evidence that all failure initiators are considered, the applicability has to be filled out in the -following tables. For all applicable failure initiators, the DFA has to be performed. - -Dependent Failure Initiators ----------------------------- - -Shared resources -^^^^^^^^^^^^^^^^ - -The dependent failure initiators related to shared resources are not applicable for the component. The shared resources -will be considered in the platform DFA. - -Communication between the two elements -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -Receiving function is affected by information that is false, lost, sent multiple times, or in the wrong order etc. from the sender. - -.. list-table:: DFA communication between elements - :header-rows: 1 - :widths: 10,20,10,20 - - * - ID - - Violation cause communication between elements - - Applicability - - Rationale - * - CO_01_01 - - Information passed via argument through a function call, or via writing/reading a variable being global to the two software functions (data flow) - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - CO_01_02 - - Data or message corruption / repetition / loss / delay / masquerading or incorrect addressing of information - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - CO_01_03 - - Insertion / sequence of information - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - CO_01_04 - - Corruption of information, inconsistent data - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - CO_01_05 - - Asymmetric information sent from a sender to multiple receivers, so that not all defined receivers have the same information - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - CO_01_06 - - Information from a sender received by only a subset of the receivers - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - CO_01_07 - - Blocking access to a communication channel - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - -Shared information inputs -^^^^^^^^^^^^^^^^^^^^^^^^^ - -Same information input used by multiple functions. - -.. list-table:: DFA shared information inputs - :header-rows: 1 - :widths: 10,20,10,20 - - * - ID - - Violation cause shared information inputs - - Applicability - - Rationale - * - SI_01_02 - - Configuration data - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - SI_01_03 - - Constants, or variables, being global to the two software functions - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - SI_01_04 - - Basic software passes data (read from hardware register and converted into logical information) to two applications software functions - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - SI_01_05 - - Data / function parameter arguments / messages delivered by software function to more than one other function - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - -Unintended impact -^^^^^^^^^^^^^^^^^ - -Unintended impacts to function due to various failures. - -.. list-table:: DFA unintended impact - :header-rows: 1 - :widths: 10,20,10,20 - - * - ID - - Violation cause unintended impact - - Applicability - - Rationale - * - UI_01_01 - - Memory miss-allocation and leaks - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - UI_01_02 - - Read/Write access to memory allocated to another software element - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - UI_01_03 - - Stack/Buffer under-/overflow - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - UI_01_04 - - Deadlocks - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - UI_01_05 - - Livelocks - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - UI_01_06 - - Blocking of execution - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - UI_01_07 - - Incorrect allocation of execution time - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - UI_01_08 - - Incorrect execution flow - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - UI_01_09 - - Incorrect synchronization between software elements - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - UI_01_10 - - CPU time depletion - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - UI_01_11 - - Memory depletion - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - * - UI_01_12 - - Other HW unavailability - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out DFA> - - -DFA -=== - -For all identified applicable failure initiators, the DFA is performed in the following section. - -.. code-block:: rst - - .. comp_saf_dfa:: <Title> - :violates: <Component architecture> - :id: comp_saf_dfa__<Component>__<Element descriptor> - :failure_id: <ID from DFA failure initiators :need:`gd_guidl__dfa_failure_initiators`> - :failure_effect: "description of failure effect of the failure initiator on the element" - :mitigated_by: <ID from Component Requirement | ID from AoU Component Requirement> - :mitigation_issue: <ID from Issue Tracker> - :sufficient: <yes|no> - :status: <valid|invalid> - -.. note:: Argument is inside the 'content'. Therefore content is mandatory. - -.. attention:: - The above directive must be updated according to your component DFA. - - - The above "code-block" directive must be updated - - Fill in all the needed information in the <brackets> diff --git a/process/folder_templates/modules/module_name/component_name/docs/safety_analysis/fmea.rst b/process/folder_templates/modules/module_name/component_name/docs/safety_analysis/fmea.rst deleted file mode 100644 index 728d701951..0000000000 --- a/process/folder_templates/modules/module_name/component_name/docs/safety_analysis/fmea.rst +++ /dev/null @@ -1,135 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - - -FMEA (Failure Modes and Effects Analysis) -========================================= - -.. document:: [Your Component Name] FMEA - :id: doc__component_name_fmea - :status: draft - :safety: ASIL_B - :security: NO - :realizes: wp__sw_component_fmea - :tags: template - -.. note:: Use the content of the document to describe e.g. why a fault model is not applicable for the diagram. - -.. attention:: - The above directive must be updated according to your Component. - - - Modify ``Your Component Name`` to be your Component Name - - Modify ``id`` to be your Component Name in upper snake case preceded by ``doc__`` and succeeded by ``_fmea`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety``, ``security`` and ``tags`` according to your needs - -The FMEA for the component [Your Component Name] is performed. To show evidence that all failure initiators are considered, the applicability has to be filled out in the -following tables. For all applicable failure initiators, the FMEA has to be performed. - -Failure Mode List ------------------ - -Fault Models for sequence diagrams - .. list-table:: Fault Models for sequence diagrams - :header-rows: 1 - :widths: 10,20,10,20 - - * - ID - - Failure Mode - - Applicability - - Rationale - * - MF_01_01 - - message is not received (is a subset/more precise description of MF_01_05) - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - MF_01_02 - - message received too late (only relevant if delay is a realistic fault) - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - MF_01_03 - - message received too early (usually not a problem) - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - MF_01_04 - - message not received correctly by all recipients (different messages or messages partly lost). Only relevant if the same message goes to multiple recipients. - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - MF_01_05 - - message is corrupted - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - MF_01_06 - - message is not sent - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - MF_01_07 - - message is unintended sent - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - CO_01_01 - - minimum constraint boundary is violated - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - CO_01_02 - - maximum constraint boundary is violated - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - EX_01_01 - - Process calculates wrong result(s) (is a subset/more precise description of MF_01_05 or MF_01_04). This failure mode is related to the analysis if e.g. internal safety mechanisms are required (level 2 function, plausibility check of the output, …) because of the size / complexity of the feature. - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - EX_01_02 - - processing too slow (only relevant if timing is considered) - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - EX_01_03 - - processing too fast (only relevant if timing is considered) - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - EX_01_04 - - loss of execution - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - EX_01_05 - - processing changes to arbitrary process - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - * - EX_01_06 - - processing is not complete (infinite loop) - - <yes | no> - - <Rationale if not applicable, otherwise link to filled out FMEA> - -FMEA ----- -For all identified applicable failure initiators, the FMEA is performed in the following section. - -.. code-block:: rst - - .. comp_saf_fmea:: <Title> - :violates: <Component architecture> - :id: comp_saf_fmea__<Component>__<Element descriptor> - :fault_id: <ID from fault model :need:`gd_guidl__fault_models`> - :failure_effect: "description of failure effect of the fault model on the element" - :mitigated_by: <ID from Component Requirement | ID from AoU Component Requirement> - :mitigation_issue: <ID from Issue Tracker> - :sufficient: <yes|no> - :status: <valid|invalid> - -.. note:: argument is inside the 'content'. Therefore content is mandatory - -.. attention:: - The above directive must be updated according to your component FMEA. - - - The above "code-block" directive must be updated - - Fill in all the needed information in the <brackets> diff --git a/process/folder_templates/modules/module_name/docs/index.rst b/process/folder_templates/modules/module_name/docs/index.rst deleted file mode 100644 index 8e453d9bfb..0000000000 --- a/process/folder_templates/modules/module_name/docs/index.rst +++ /dev/null @@ -1,26 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Module Documents -################ - -.. toctree:: - :maxdepth: 1 - :glob: - - manual/index.rst - safety_mgt/index.rst - security_mgt/index.rst - verification/module_verification_report.rst - release/release_note.rst diff --git a/process/folder_templates/modules/module_name/docs/manual/index.rst b/process/folder_templates/modules/module_name/docs/manual/index.rst deleted file mode 100644 index df20dd55a3..0000000000 --- a/process/folder_templates/modules/module_name/docs/manual/index.rst +++ /dev/null @@ -1,22 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2024 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Manuals -####### - -.. toctree:: - :titlesonly: - - safety_manual - security_manual diff --git a/process/folder_templates/modules/module_name/docs/manual/safety_manual.rst b/process/folder_templates/modules/module_name/docs/manual/safety_manual.rst deleted file mode 100644 index 78fd91d17c..0000000000 --- a/process/folder_templates/modules/module_name/docs/manual/safety_manual.rst +++ /dev/null @@ -1,109 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Safety Manual -============= - -.. note:: Document header - -.. document:: [Your Module Name] Safety Manual - :id: doc__module_name_safety_manual - :status: draft - :safety: ASIL_B - :security: NO - :realizes: wp__module_safety_manual - :tags: template - -.. attention:: - The above directive must be updated according to your Module. - - - Modify ``Your Module Name`` to be your Module Name or put "Platform" - - Modify ``id`` to be your Module Name in upper snake case preceded by ``doc__`` and succeeded by ``safety_manual`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - -Introduction/Scope ------------------- -| <Describe here which module (or the platform) is covered by this manual.> - -Assumed Platform Safety Requirements ------------------------------------- -| For the <Project platform / module name> the following safety related stakeholder requirements are assumed to define the top level functionality (purpose) of the <Project platform / module name>. I.e. from these all the feature and component requirements implemented are derived. -| <List here all the stakeholder requirements, with safety not equal to QM, the module's components requirements are derived from. For the platform all are relevant.> - -Assumptions of Use ------------------- - -Assumptions on the Environment -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -| Generally the assumption of the project platform SEooC is that it is integrated in a safe system, i.e. the POSIX OS it runs on is qualified and also the HW related failures are taken into account by the system integrator, if not otherwise stated in the module's safety concept. -| <List here all the OS calls the project platform resp. module expects to be safe.> - -List of AoUs expected from the environment the platform / module runs on: - -.. needtable:: - :style: table - :columns: title;id;status - :colwidths: 25,25,25 - :sort: title - - results = [] - - for need in needs.filter_types(["aou_req"]): - if need and "environment" in need["tags"]: - results.append(need) - -.. attention:: - Make sure these AoU are here for a safety reason, i.e. every one "mitigates" a safety analysis entry. - -Assumptions on the User -^^^^^^^^^^^^^^^^^^^^^^^ -| As there is no assumption on which specific OS and HW is used, the integration testing of the stakeholder and feature requirements is expected to be performed by the user of the platform SEooC. Tests covering all stakeholder and feature requirements performed on a reference platform (tbd link to reference platform specification), reviewed and passed are included in the platform SEooC safety package. -| Additionally the components of the platform may have additional specific assumptions how they are used. These are part of every module documentation: <link to add>. Assumptions from components to their users can be fulfilled in two ways: -| 1. There are assumption which need to be fulfilled by all SW components, e.g. "every user of an IPC mechanism needs to make sure that he provides correct data (including appropriate ASIL level)" - in this case the AoU is marked as "platform". -| 2. There are assumption which can be fulfilled by a safety mechanism realized by some other project platform component and are therefore not relevant for an user who uses the whole platform. But those are relevant if you chose to use the module SEooC stand-alone - in this case the AoU is marked as "module". An example would be the "JSON read" which requires "The user shall provide a string as input which is not corrupted due to HW or QM SW errors." - which is covered when using together with safe project platform persistency feature. - -List of AoUs on the user of the platform or the module of this safety manual: - -Note: Platform safety manual collects all platform wide AoU (have to be fulfilled by the user for any feature). -Module safety manual collects all AoUs specific to a feature and its realizing components. -This means for every feature the user selects, the platform safety manual and the related module manual has to be considered. - -.. needtable:: - :style: table - :columns: title;id;status - :colwidths: 25,25,25 - :sort: title - - results = [] - - for need in needs.filter_types(["aou_req"]): - if need and "environment" not in need["tags"]: - results.append(need) - -.. attention:: - Make sure these AoU are here for a safety reason, i.e. every one "mitigates" a safety analysis entry. - -Safety concept of the SEooC ---------------------------- -| <Describe here the safety concept incl. which faults are taken care of, reactions of the implemented functions under anomalous operating conditions ... if this is not already documented sufficiently in the feature documentation "safety impact" section of all the features the module is used in.> - -Safety Anomalies ----------------- -| Anomalies (bugs in ASIL SW, detected by testing or by users, which could not be fixed) known before release are documented in the platform/module release notes <add link to release note>. - -References ----------- -| <link to the user manual> -| <other links> diff --git a/process/folder_templates/modules/module_name/docs/manual/security_manual.rst b/process/folder_templates/modules/module_name/docs/manual/security_manual.rst deleted file mode 100644 index 8c29601853..0000000000 --- a/process/folder_templates/modules/module_name/docs/manual/security_manual.rst +++ /dev/null @@ -1,101 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Security Manual -=============== - -.. note:: Document header - -.. document:: [Your Module Name] Security Manual - :id: doc__module_name_security_manual - :status: draft - :safety: ASIL_B - :security: YES - :realizes: wp__module_security_manual - :tags: template - -.. attention:: - The above directive must be updated according to your Module. - - - Modify ``Your Module Name`` to be your Module Name - - Modify ``id`` to be your Module Name in upper snake case preceded by ``doc__`` and succeeded by ``_security_manual`` - - Adjust ``status`` to be ``valid`` - - Adjust ``security`` and ``tags`` according to your needs - -Introduction/Scope ------------------- -| <Describe here which module (or the platform) is covered by this manual.> - -Assumed Platform Security Requirements --------------------------------------- -| For the <Project platform / module name> the following security related stakeholder requirements are assumed to define the top level functionality (purpose) of the <Project platform / module name>. I.e. from these all the feature and component requirements implemented are derived. -| <List here all the stakeholder requirements, with security relevance, the module's components requirements are derived from.> - -Assumptions of Use ------------------- - -Assumptions on the Environment -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -| The platform and its components are developed as Out of Context (OoC) with assumptions on the environment. - It is assumed that the platform/components are integrated in a secure system, i.e. qualified POSIX OS. - Also the HW related failures are taken into account by the system integrator, if not otherwise stated in the module's security concept. -| <List here all the OS calls the Project platform expects to be secure.> - -List of AoUs expected from the environment the platform / module runs on: - -.. needtable:: - :style: table - :columns: title;id;status - :colwidths: 25,25,25 - :sort: title - - results = [] - - for need in needs.filter_types(["aou_req"]): - if need and "environment" in need["tags"]: - results.append(need) - -Assumptions on the User -^^^^^^^^^^^^^^^^^^^^^^^ -| As there is no assumption on which specific OS and HW is used, the integration testing of the stakeholder and feature requirements is expected to be performed by the user of the platform OoC. Tests covering all stakeholder and feature requirements performed on a reference platform (tbd link to reference platform specification), reviewed and passed are included in the platform OoC security package. -| Additionally the components of the platform may have additional specific assumptions how they are used. These are part of every module documentation: <link to add>. Assumptions from components to their users can be fulfilled in two ways: -| 1. There are assumption which need to be fulfilled by all SW components, e.g. "every user of an IPC mechanism needs to make sure that he provides correct data (e.g. including appropriate security (access) control)" - in this case the AoU is marked as "platform". -| 2. There are assumption which can be fulfilled by a security control realized by some other Project platform component and are therefore not relevant for an user who uses the whole platform. But those are relevant if you chose to use the module OcC stand-alone - in this case the AoU is marked as "module". An example would be the "JSON read" which requires "The user shall provide a string as input which is not corrupted due to HW or QM SW errors." - which is covered when using together with safe <Project> platform persistency feature. - -List of AoUs on the user of the platform features or the module of this Security Manual: - -.. needtable:: - :style: table - :columns: title;id;status - :colwidths: 25,25,25 - :sort: title - - results = [] - - for need in needs.filter_types(["aou_req"]): - if need and "environment" not in need["tags"]: - results.append(need) - -Security concept of the OoC ----------------------------- -| <Describe here the security concept incl. which attack paths are taken care of, reactions of the implemented functions under threatened operating conditions ... if this is not already documented sufficiently in the feature documentation "security impact" section of all the features the module is used in.> - -Security Weaknesses, Vulnerabilities ------------------------------------- -| Weaknesses, vulnerabilities (bugs in security relevant SW, detected by testing or by users, which could not be fixed) known before release are documented in the platform/module release notes <add link to release note>. - -References ----------- -| <link to the user manual> -| <other links> diff --git a/process/folder_templates/modules/module_name/docs/release/release_note.rst b/process/folder_templates/modules/module_name/docs/release/release_note.rst deleted file mode 100644 index fb6c5d3944..0000000000 --- a/process/folder_templates/modules/module_name/docs/release/release_note.rst +++ /dev/null @@ -1,120 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Release Note -============ - -.. note:: Document header - -.. document:: [Your Module Name] Release Note - :id: doc__module_name_release_note - :status: draft - :safety: ASIL_B - :security: NO - :realizes: wp__module_sw_release_note - :tags: template - -.. attention:: - The above directive must be updated according to your Module. - - - Modify ``Your Module Name`` to be your Module Name - - Modify ``id`` to be your Module Name in upper snake case preceded by ``doc_`` and succeeded by ``release_note`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - - - -| **Module Name:** [Module Name] -| **Release Tag:** vX.Y.Z -| **Origin Release Tag:** vU.V.W -| **Release Date:** YYYY-MM-DD - - -Overview -^^^^^^^^ - -This document provides an overview of the changes, improvements, and bug fixes included in the software module release version vX.Y.Z -as compared to the module's origin release (which is usually the previous release). - -Disclaimer ----------- - -This release note does not "release for production", as it does not come with a safety argumentation and a performed safety assessment. -The work products compiled in the safety package are created with care according to a process satisfying standards, but the as the project, -being a non-profit and open source organization, can not take over any liability for its content. - -Changes to the Module -^^^^^^^^^^^^^^^^^^^^^ - -New Features ------------- - -- **Feature 1:** Brief description of the new feature. -- **Feature 2:** Brief description of the new feature. -- **Feature 3:** Brief description of the new feature. - -Improvements ------------- - -- **Improvement 1:** Brief description of the improvement. -- **Improvement 2:** Brief description of the improvement. -- **Improvement 3:** Brief description of the improvement. - -Bug Fixes ---------- - -- **Bug 1:** Brief description of the bug fix. -- **Bug 2:** Brief description of the bug fix. -- **Bug 3:** Brief description of the bug fix. - -Other changes by Label ----------------------- - -- **Label 1/Refactor 1:** Brief description of the change. -- **Label 2/Refactor 2:** Brief description of the change. -- **Label 3/Refactor 3:** Brief description of the change. - -Compatibility -^^^^^^^^^^^^^ - -- **Dependencies:** List any dependencies and their versions. - -Performed Verification -^^^^^^^^^^^^^^^^^^^^^^ - -This release note is based on the verification as documented in module verification report -:need:`doc__module_name_verification_report`. - -Known Issues ------------- - -- **Issue 1:** Brief description of the known issue. Justification regarding safety impact. -- **Issue 2:** Brief description of the known issue. Justification regarding safety impact. -- **Issue 3:** Brief description of the known issue. Justification regarding safety impact. - -Known Vulnerabilities ---------------------- - -- **CVE 1:** Brief description of the known CVE. Justification regarding security impact. -- **CVE 2:** Brief description of the known CVE. Justification regarding security impact. -- **CVE 3:** Brief description of the known CVE. Justification regarding security impact. - -Upgrade Instructions -^^^^^^^^^^^^^^^^^^^^ - -1. **Step 1:** Description of the first step. -2. **Step 2:** Description of the second step. -3. **Step 3:** Description of the third step. - -For any questions or support, please contact the *Project lead* or raise an issue/discussion. diff --git a/process/folder_templates/modules/module_name/docs/safety_mgt/index.rst b/process/folder_templates/modules/module_name/docs/safety_mgt/index.rst deleted file mode 100644 index 0ac3eb7076..0000000000 --- a/process/folder_templates/modules/module_name/docs/safety_mgt/index.rst +++ /dev/null @@ -1,24 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2024 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Safety Management -################# - -.. toctree:: - :titlesonly: - - module_safety_plan - module_safety_plan_fdr - module_safety_package_fdr - module_safety_analysis_fdr diff --git a/process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_analysis_fdr.rst b/process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_analysis_fdr.rst deleted file mode 100644 index 613356b943..0000000000 --- a/process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_analysis_fdr.rst +++ /dev/null @@ -1,163 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2026 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - - -Safety Analysis Formal Review Report -==================================== - -.. document:: Safety Analysis Formal Review Report - :id: doc__module_safety_analysis_fdr - :status: draft - :safety: ASIL_B - :security: YES - :realizes: wp__fdr_reports - :tags: template - - - -**Purpose** -The purpose of this Safety Analysis (DFA and FMEA) formal review report template is to collect the topics to be checked during verification of the Safety Analysis. - -**Conduct** -As described in :need:`wf__p_formal_rv`, the formal document review is performed by an "external" safety manager: - -- reviewer: **<committer with safety manager skills explicitly named here>** -- scope: **<describe the scope of the review here, e.g. "the safety analysis of the module and its results">** - -**Checklist** - -Please note that it is mandatory to fill in the "passed" column with "yes" or "no" for each checklist item and additional to add in the remarks why it is passed or not passed. In case of "no" an issue link to the issue tracking system has to be added in the last column. See also :ref:`review_concept` for further information about reviews in general and inspection in particular. - - -.. list-table:: General Checklist - :header-rows: 1 - :widths: 10,30,10,30,20 - - * - ID - - Safety analysis activity - - Compliant to ISO 26262? - - Reference - - Comment - - * - Gen 1 - - Are the safety analysis performed according to the defined process and templates? See :ref:`process_requirements_safety_analysis` and also :ref:`FMEA_templates` and :ref:`dfa_templates` - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_841>`, :need:`[[title]] <std_req__iso26262__analysis_849>`, :need:`[[title]] <std_req__iso26262__analysis_8410>`, :need:`[[title]] <std_req__iso26262__analysis_748>` - - <Rationale for result> - - * - Gen 2 - - Are the safety analysis performed in a systematic way to identify the potential dependent failures / failure modes and their effects? Are the failure effect and the mitigation described? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_849>`, :need:`[[title]] <std_req__iso26262__analysis_8410>` - - <Ensured and checked by application of the defined templates and processes> - - * - Gen 3 - - Is the result of the safety analysis indicate if the safety requirements are complied? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_842>` - - <Rationale for result> - - * - Gen 4 - - Are the mitigations effective and implemented? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_844>` - - <Rationale for result> - - * - Gen 5 - - Are all AoU's that are used as mitigation's created and covered in the safety manual? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_845>` - - <Rationale for result> - - * - Gen 6 - - Are additional safety-related test cases determined by potential results of the safety analyses? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_847>` - - <Rationale for result> - - -.. list-table:: DFA Checklist - :header-rows: 1 - :widths: 10,30,10,30,20 - - * - ID - - Safety analysis activity - - Compliant to ISO 26262? - - Reference - - Comment - - * - DFA 1 - - Are the potential dependent failures identified by performming a DFA? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_741>` - - <Rationale for result> - - * - DFA 2 - - Is it plausible that each potential identified dependent failure that has been identified, will lead to a dependent failure which cause a violation of FFI? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_742>` - - <Rationale for result> - - * - DFA 3 - - Are applicable operational situations and operating modes considered? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_743>` - - <Rationale for result> - - * - DFA 4 - - Are the failure initiators :need:`[[title]] <gd_guidl__dfa_failure_initiators>` suitable and applied? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_744>` - - <Rationale for result> - - * - DFA 5 - - Is a rationale provided for each identified potential dependent failure? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_745>` - - <Rationale for result> - - * - DFA 6 - - Are measures defined to resolve the identified potential dependent failures? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_746>`, :need:`[[title]] <std_req__iso26262__analysis_747>`, :need:`[[title]] <std_req__iso26262__analysis_843>` - - <Rationale for result> - - * - DFA 7 - - Can be the required level of independence shown for the identified potential dependent failures? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_748>` - - <Rationale for result> - - -.. list-table:: FMEA Checklist - :header-rows: 1 - :widths: 10,30,10,30,20 - - * - ID - - Safety analysis activity - - Compliant to ISO 26262? - - Reference - - Comment - - * - FMEA 1 - - Are the fault models suitable and applied for the FMEA? See :ref:`fault_models` and also :ref:`process_requirements_safety_analysis` - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_846>` - - <Rationale for result> - - * - FMEA 2 - - Are measures defined to resolve the identified faults? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__analysis_843>` - - <Rationale for result> diff --git a/process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_package_fdr.rst b/process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_package_fdr.rst deleted file mode 100644 index 744f45875f..0000000000 --- a/process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_package_fdr.rst +++ /dev/null @@ -1,88 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Safety Package Formal Review Report -=================================== - -.. note:: Document header - -.. document:: [Your Module Name] Safety Package Formal Review - :id: doc__module_name_safety_package_fdr - :status: draft - :safety: ASIL_B - :security: NO - :realizes: wp__fdr_reports - :tags: template - -.. attention:: - The above directive must be updated according to your Module. - - - Modify ``Your Module Name`` to be your Module Name - - Modify ``id`` to be your Module Name in upper snake case preceded by ``doc_`` and succeeded by ``safety_package_fdr`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - - -**Purpose** - -The purpose of this review checklist is to report status of the formal review for the safety package. - -**Conduct** -As described in :need:`wf__p_formal_rv`, the formal document review is performed by an "external" safety manager: - -- reviewer: <committer with safety manager skills explicitly named here> - -**Checklist** - -See also :ref:`review_concept` for further information about reviews in general and inspection in particular. - -.. list-table:: Safety Package Checklist - :header-rows: 1 - - * - Id - - Safety package activity - - Compliant to ISO 26262? - - Reference - - Comment - - * - 1 - - Is a safety package provided which matches the safety plan (i.e. all planned work products referenced)? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6481>` - - <Rationale for result> - - * - 2 - - Is the argument how functional safety is achieved, provided in the safety package, plausible and sufficient? - - NO - - :need:`[[title]] <std_req__iso26262__management_6481>` - - The argument is intentionally not provided by the project. - - * - 3 - - Are the referenced work products available? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6482>` - - <Rationale for result> - - * - 4 - - Are the referenced work products in released state, including the process safety audit? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6482>` - :need:`[[title]] <std_req__iso26262__management_6469>` - - <Rationale for result> - - * - 5 - - If safety related deviations from the process or safety concept are documented, are these argued understandably? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6481>` - - <Rationale for result> diff --git a/process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_plan.rst b/process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_plan.rst deleted file mode 100644 index ceb6a330ef..0000000000 --- a/process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_plan.rst +++ /dev/null @@ -1,342 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Safety Plan -*********** - -.. note:: Document header - -.. document:: [Your Module Name] Safety Plan - :id: doc__module_name_safety_plan - :status: draft - :safety: ASIL_B - :security: NO - :realizes: wp__module_safety_plan - :tags: template - -.. attention:: - The above directive must be updated according to your Module. - - - Modify ``Your Module Name`` to be your Module Name - - Modify ``id`` to be your Module Name in upper snake case preceded by ``doc_`` and succeeded by ``safety_plan`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - -:note: The module safety plan shall be continuously maintained during the project. - Deviations to the module safety plan should be documented :ref:`here <module_name_safety_package_deviations>` - -Functional Safety Management Context -==================================== - -This Safety Plan adds to the project's :need:`wp__platform_safety_plan` all the module development relevant work products needed for ISO 26262 conformity. - -Functional Safety Management Scope -================================== - -This Safety Plan's scope is a SW module of the SW platform <link to module documentation in platform/modules/<modulename>/index.rst>. -The module consists of one or more SW components and will be qualified as a SEooC. - -Functional Safety Management Roles -================================== - -.. list-table:: Module roles - :header-rows: 1 - - * - Role - - Assignee - - * - Safety Manager - - <link to Module's Safety Manager assignment or name> - - * - Module Project Manager - - <link to Module's Project Manager assignment or name> - -Tailoring -========= - -Additional to the tailoring in the SW platform project as defined in the project's :need:`wp__platform_safety_plan` we define here the additional tailoring on module level. - -- Excluded for this module are additionally the following work products (and their related requirements): - - - <work product/requirement> - <Argumentation why it is not needed or replaced by another work product or activity.> - -Functional Safety Module Work products -====================================== - -One set of work products for the module and one set for each component of the module: - -Module Work products List -------------------------- - -.. list-table:: Module Work products - :header-rows: 1 - - * - Work product Id - - Link to process - - Process status - - Link to WP - - * - :need:`wp__module_safety_plan` - - :need:`gd_guidl__saf_plan_definitions` - - :ndf:`copy('status', need_id='gd_guidl__saf_plan_definitions')` - - this document - - * - :need:`wp__module_safety_package` - - :need:`gd_guidl__saf_package` - - :ndf:`copy('status', need_id='gd_guidl__saf_package')` - - this document (including the linked documentation) - - * - :need:`wp__fdr_reports` (module Safety Plan) - - :need:`gd_chklst__safety_plan` - - :ndf:`copy('status', need_id='gd_chklst__safety_plan')` - - :need:`doc__module_name_safety_plan_fdr` - - * - :need:`wp__fdr_reports` (module Safety Package) - - :need:`gd_chklst__safety_package` - - :ndf:`copy('status', need_id='gd_chklst__safety_package')` - - :need:`doc__module_name_safety_package_fdr` - - * - :need:`wp__fdr_reports` (module's Safety Analyses & DFA) - - :need:`gd_chklst__safety_analysis` - - :ndf:`copy('status', need_id='gd_chklst__safety_analysis')` - - <Link to WP> - - * - :need:`wp__audit_report` - - performed by external experts - - n/a - - <Link to WP> - - * - :need:`wp__module_safety_manual` - - :need:`gd_temp__safety_manual` - - :ndf:`copy('status', need_id='gd_temp__safety_manual')` - - :need:`doc__module_name_safety_manual` - - * - :need:`wp__verification_module_ver_report` - - :need:`gd_temp__mod_ver_report` - - :ndf:`copy('status', need_id='gd_temp__mod_ver_report')` - - :need:`doc__module_name_verification_report` - - * - :need:`wp__module_sw_release_note` - - :need:`gd_temp__rel_mod_rel_note` - - :ndf:`copy('status', need_id='gd_temp__rel_mod_rel_note')` - - :need:`doc__module_name_release_note` - -Component <name> Work products List ------------------------------------ - -.. list-table:: Component <name> Work products - :header-rows: 1 - - * - Work product Id - - Link to process - - Process status - - Link to WP - - * - :need:`wp__requirements_comp` - - :need:`gd_temp__req_comp_req` - - :ndf:`copy('status', need_id='gd_temp__req_comp_req')` - - :need:`doc__component_name_requirements` - - * - :need:`wp__requirements_comp_aou` - - :need:`gd_temp__req_aou_req` - - :ndf:`copy('status', need_id='gd_temp__req_aou_req')` - - :need:`doc__component_name_requirements` - - * - :need:`wp__requirements_inspect` - - :need:`gd_chklst__req_inspection` - - :ndf:`copy('status', need_id='gd_chklst__req_inspection')` - - :need:`doc__component_name_req_inspection` - - * - :need:`wp__component_arch` - - :need:`gd_temp__arch_comp` - - :ndf:`copy('status', need_id='gd_temp__arch_comp')` - - :need:`doc__component_name_architecture` - - * - :need:`wp__sw_arch_verification` - - :need:`gd_chklst__arch_inspection_checklist` - - :ndf:`copy('status', need_id='gd_chklst__arch_inspection_checklist')` - - :need:`doc__component_name_arc_inspection` - - * - :need:`wp__sw_component_fmea` - - :need:`gd_temp__comp_saf_fmea` - - :ndf:`copy('status', need_id='gd_temp__comp_saf_fmea')` - - :need:`doc__component_name_fmea` - - * - :need:`wp__sw_component_dfa` - - :need:`gd_temp__comp_saf_dfa` - - :ndf:`copy('status', need_id='gd_temp__comp_saf_dfa')` - - :need:`doc__component_name_dfa` - - * - :need:`wp__sw_implementation` - - :need:`gd_guidl__implementation` - - :ndf:`copy('status', need_id='gd_guidl__implementation')` - - :need:`doc__component_name_detailed_design` & <Link to code> - - * - :need:`wp__verification_sw_unit_test` - - :need:`gd_guidl__verification_guide` - - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - <Link to WP> - - * - :need:`wp__sw_implementation_inspection` - - :need:`gd_chklst__impl_inspection_checklist` - - :ndf:`copy('status', need_id='gd_chklst__impl_inspection_checklist')` - - :need:`doc__component_name_impl_inspection` - - * - :need:`wp__verification_comp_int_test` - - :need:`gd_guidl__verification_guide` - - :ndf:`copy('status', need_id='gd_guidl__verification_guide')` - - <Link to WP> - - * - :need:`wp__sw_component_class` - - :need:`gd_guidl__component_classification` - - :ndf:`copy('status', need_id='gd_guidl__component_classification')` - - :need:`doc__component_name_comp_class` - -Note: In case the component is a new development, :need:`wp__sw_component_class` shall be removed from the above list (and also from the folders). -In case an OSS element is used in the module, part 6 has to be filled out. - -OSS (sub-)component qualification plan --------------------------------------- - -For the selected OSS component the following work products will be implemented (and why): - -If the OSS element is classified as - - component, then the below table shall match the above, adding the reasoning for tailoring of work products according to the OSS component classification. - - lower level component, then no work products additional to the component’s will be planned and activities below are part of the component’s issues. - -.. list-table:: OSS (sub-)component <name> Work products - :header-rows: 1 - - * - Work product Id - - Link to process - - Reasoning for tailoring - - * - :need:`wp__requirements_comp` - - :need:`gd_temp__req_comp_req` - - Always needed (for Q and QR classification) and also improves process Id 2 - - * - :need:`wp__requirements_comp_aou` - - :need:`gd_temp__req_aou_req` - - Always needed (for Q and QR classification) and also improves process Id 5 - - * - :need:`wp__requirements_inspect` - - :need:`gd_chklst__req_inspection` - - <Reasoning for tailoring> - - * - :need:`wf__cr_mt_comparch` - - :need:`gd_temp__arch_comp` - - <Reasoning for tailoring, needed for example in case of deficits in process Id 3&4 and complexity Ids 1&4> - - * - :need:`wp__sw_component_fmea` - - :need:`gd_temp__comp_saf_fmea` - - <Reasoning for tailoring, could help arguing too high cyclomatic complexity covered by safety mechanisms> - - * - :need:`wp__sw_arch_verification` - - :need:`gd_chklst__arch_inspection_checklist` - - <Reasoning for tailoring, needed if also wf__cr_mt_comparch is required> - - * - :need:`wp__sw_implementation` - - n/a - - Tailored - If source code is modified, this is not a OSS qualification any more. - - * - :need:`wp__verification_sw_unit_test` - - :need:`gd_guidl__verification_guide` - - <Reasoning for tailoring, can improve deficits in process Id 6 and complexity Id 3> - - * - :need:`wp__sw_implementation_inspection` - - :need:`gd_chklst__impl_inspection_checklist` - - <Reasoning for tailoring, can improve deficits in process Id 6 and complexity Id 2> - - * - :need:`wp__verification_comp_int_test` - - :need:`gd_guidl__verification_guide` - - Always needed (for Q and QR classification) - - * - :need:`wp__sw_component_class` - - :need:`gd_guidl__component_classification` - - Always needed as basis for tailoring. - -Link to project planning ------------------------- - -<add here a link to your module's planning for the above work products, e.g. a link to a ticket.> - -Module Safety Package -===================== - -To create the safety package (according to :need:`gd_guidl__saf_package`) the following -documents and work products status have to go to "valid" (after the relevant verification were performed). - -Module Documents Status ------------------------ - -For all the work product documents the status can be seen by following the "Link to WP". -A summary of the status is also documented in the project's documentation management plan. - -See <add here the section reference to the documentation management plan> - -Component Documents Status --------------------------- - -For all the work product documents the status can be seen by following the "Link to WP". -A summary of the status is also documented in the project's documentation management plan. - -See <add here the section reference to the documentation management plan> - -Component Requirements Status ------------------------------ - -.. needtable:: - :filter: "component_name" in docname and "requirements" in docname and docname is not None - :style: table - :types: comp_req - :tags: component_name - :columns: id;status;tags - :colwidths: 25,25,25 - :sort: title - -Component AoU Status --------------------- - -.. needtable:: - :filter: "component_name" in docname and "requirements" in docname and docname is not None - :style: table - :types: aou_req - :tags: component_name - :columns: id;status;tags - :colwidths: 25,25,25 - :sort: title - -Component Architecture Status ------------------------------ - -.. needtable:: - :filter: "component_name" in docname and "architecture" in docname and docname is not None - :style: table - :types: comp_arc_sta; comp_arc_dyn - :tags: component_name - :columns: id;status;tags - :colwidths: 25,25,25 - :sort: title - -.. _module_name_safety_package_deviations: - -Deviations from Module Safety Plan ----------------------------------- - -The following deviations from the module safety plan are present in the module safety package. -These are deviations from planned processes execution and/or work product results, -safety anomalies in the sense of known bugs in the software are reported in the release notes. - -<Describe here the deviations, whether they have an impact on module's safety functions, -how these can be mitigated or argued and if and when a resolution is planned.> diff --git a/process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_plan_fdr.rst b/process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_plan_fdr.rst deleted file mode 100644 index 5721604f55..0000000000 --- a/process/folder_templates/modules/module_name/docs/safety_mgt/module_safety_plan_fdr.rst +++ /dev/null @@ -1,128 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Safety Plan Formal Review Report -================================ - -.. note:: Document header - -.. document:: [Your Module Name] Safety Plan Formal Review - :id: doc__module_name_safety_plan_fdr - :status: draft - :safety: ASIL_B - :security: NO - :realizes: wp__fdr_reports - :tags: template - -.. attention:: - The above directive must be updated according to your Module. - - - Modify ``Your Module Name`` to be your Module Name - - Modify ``id`` to be your Module Name in upper snake case preceded by ``doc_`` and succeeded by ``safety_plan_fdr`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - -**Purpose** - -The purpose of this safety plan formal review checklist is to report status of the review for the safety plan. - -**Conduct** -As described in :need:`wf__p_formal_rv`, the formal document review is performed by an "external" safety manager: - -- reviewer: <committer with safety manager skills explicitly named here> - -**Checklist** - -See also :ref:`review_concept` for further information about reviews in general and inspection in particular. - -.. list-table:: Safety Plan Checklist - :header-rows: 1 - - * - Id - - Safety plan activity - - Compliant to ISO 26262? - - Reference - - Comment - - * - 1 - - Is the rationale for the safety work products tailoring included? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6451>` - :need:`[[title]] <std_req__iso26262__management_6455>` - :need:`[[title]] <std_req__iso26262__management_6457>` - :need:`[[title]] <std_req__iso26262__management_6467>` - - <Rationale for result> - - * - 2 - - Is impact analysis planned in case of re-use of SW (needed for every release following the first formal release)? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6452>` - - <Rationale for result> - - * - 3 - - Does the safety plan define all needed activities for safety management (incl. formal document review and Safety Audit)? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6465>` - :need:`[[title]] <std_req__iso26262__management_6491>` - :need:`[[title]] <std_req__iso26262__management_64111>` - - <Rationale for result> - - * - 4 - - Does the safety plan define all needed activities for System and SW development, integration and verification? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6465>` - - <Rationale for result> - - * - 5 - - Does the safety plan define all needed activities for safety analysis and DFA? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6465>` - - <Rationale for result> - - * - 6 - - Does the safety plan define all needed activities for supporting processes (incl. tool mgt)? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6465>` - - <Rationale for result> - - * - 7 - - Does the safety plan document a responsible for all activities? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6463>` - - <Rationale for result> - - * - 8 - - If OSS software components is used, is it planned to be qualified? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6455>` - - <Rationale for result> - - * - 9 - - Is a safety manager and a project manager appointed for the project? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6461>` - :need:`[[title]] <std_req__iso26262__management_6462>` - - <Rationale for result> - - * - 10 - - Is safety plan sufficiently linked to the project plan? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6464>` - - <Rationale for result> - - * - 11 - - Is safety plan updated iteratively to show the progress? - - [YES | NO ] - - :need:`[[title]] <std_req__iso26262__management_6468>` - - <Rationale for result> diff --git a/process/folder_templates/modules/module_name/docs/security_mgt/index.rst b/process/folder_templates/modules/module_name/docs/security_mgt/index.rst deleted file mode 100644 index 4d292cc5dc..0000000000 --- a/process/folder_templates/modules/module_name/docs/security_mgt/index.rst +++ /dev/null @@ -1,23 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2026 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Security Management -################### - -.. toctree:: - :titlesonly: - - module_security_plan - module_security_plan_fdr - module_security_package_fdr diff --git a/process/folder_templates/modules/module_name/docs/security_mgt/module_security_package_fdr.rst b/process/folder_templates/modules/module_name/docs/security_mgt/module_security_package_fdr.rst deleted file mode 100644 index b498b36ee4..0000000000 --- a/process/folder_templates/modules/module_name/docs/security_mgt/module_security_package_fdr.rst +++ /dev/null @@ -1,81 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Security Package Formal Review Report -===================================== - -.. note:: Document header - -.. document:: [Your Module Name] Security Package Formal Review - :id: doc__module_name_security_package_fdr - :status: draft - :safety: ASIL_B - :security: YES - :realizes: wp__fdr_reports - :tags: template - -.. attention:: - The above directive must be updated according to your Module. - - - Modify ``Your Module Name`` to be your Module Name - - Modify ``id`` to be your Module Name in upper snake case preceded by ``doc_`` and succeeded by ``safety_package_fdr`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - - -**1. Purpose** - -The purpose of this review checklist is to report status of the formal review for the Security Package. - -**2. Checklist** - -See also :ref:`review_concept` for further information about reviews in general and inspection in particular. - -.. list-table:: Security Package Checklist - :header-rows: 1 - - * - Id - - Security Package activity - - Compliant to ISO SAE 21434? - - Comment - - * - 1 - - Is a Security Package provided which matches the Security Plan (i.e. all planned work products referenced)? - - [YES | NO ] - - <Rationale for result> - - * - 2 - - Is the argument how security is achieved, provided in the Security Package, plausible and sufficient? - - NO - - The argument is intentionally not provided by the Project. - - * - 3 - - Are the referenced work products available? - - [YES | NO ] - - <Rationale for result> - - * - 4 - - Are the referenced work products in released state, including the Process Security Audit? - - NO - - Security Audit is currently not planned, tailored out. - - * - 5 - - If security related deviations from the process or security concept are documented, are these argued understandably? - - [YES | NO ] - - <Rationale for result> - - * - 6 - - Are the requirements for post-development available? - - [YES | NO ] - - <Rationale for result> diff --git a/process/folder_templates/modules/module_name/docs/security_mgt/module_security_plan.rst b/process/folder_templates/modules/module_name/docs/security_mgt/module_security_plan.rst deleted file mode 100644 index 7ec80ff1f7..0000000000 --- a/process/folder_templates/modules/module_name/docs/security_mgt/module_security_plan.rst +++ /dev/null @@ -1,227 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Security Plan -============= - -.. note:: Document header - -.. document:: [Your Module Name] Security Plan - :id: doc__module_name_security_plan - :status: draft - :safety: ASIL_B - :security: YES - :realizes: wp__module_security_plan - :tags: template - -.. attention:: - The above directive must be updated according to your Module. - - - Modify ``Your Module Name`` to be your Module Name - - Modify ``id`` to be your Module Name in upper snake case preceded by ``doc_`` and succeeded by ``security_plan`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - - - | **1. Security Management Context** - | This Security Plan adds to the :ref:`process_security_management` all the module development relevant work products needed for ISO SAE 21434 conformity. - | - | **2. Security Management Scope** - | This Security Plan's scope is a SW module of the SW platform <link to module documentation in platform/modules/<modulename>/index.rst>. - | The module consists of one or more SW components and will be qualified as a OoC. - | - | **3. Security Management Roles** - - +---------------------------+--------------------------------------------------------------+ - | Security Manager | <link to Module's Security Manager assignment or name> | - +---------------------------+--------------------------------------------------------------+ - | Project Manager | <link to Module's Project Lead assignment or name> | - +---------------------------+--------------------------------------------------------------+ - - | **4. Tailoring** - | Additional to the tailoring in the SW platform project as defined in the :ref:`process_security_management` we define here the additional tailoring on module level. - | - | - Excluded for this module are additionally the following work products (and their related requirements): - | - <ISO SAE 21434 reference>: <work product/requirement> - <Argumentation why it is not needed or replaced by another work product or activity.> - | - | **5. Security Module Work Products** - | One set of work products for the module and one set for each component of the module: - -.. list-table:: Module Work Products - :header-rows: 1 - - * - Work Product Id - - Link to process - - Process status - - Link to issue - - Link to WP - - WP status - - * - :need:`wp__module_security_plan` - - :ref:`guideline_security_management` - - <automated> - - <Link to issue> - - this document - - see above - - * - :need:`wp__module_security_package` - - :ref:`guideline_security_management` - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__fdr_reports` (Module Security Plan) - - :need:`gd_chklst__security_plan` - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__fdr_reports` (Module Security Package) - - :need:`Security Package Formal Review Checklist <gd_chklst__security_package>` - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__fdr_reports` (Module's Security Analyses) - - Security Analysis FDR tbd - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__audit_report_security` - - performed by external experts - - n/a - - <Link to issue> - - <Link to WP> - - <WP status (manual)> - - * - :need:`wp__module_sw_release_note` - - :need:`Software Development Plan Template <gd_temp__software_development_plan>` - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__module_security_manual` - - :need:`gd_temp__module_security_manual` - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__verification_module_ver_report` - - :ref:`process_verification` - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__module_sw_release_note` - - :ref:`release_management` - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__sw_module_sbom` - - :ref:`security_management` - - not started - - <Link to issue> - - <Link to WP> - - <automated> - - -.. list-table:: Component <name> Work Products - :header-rows: 1 - - * - Work Product Id - - Link to process - - Process status - - Link to issue - - Link to WP - - WP status - - * - :need:`wp__requirements_comp` - - <Link to process> - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__requirements_comp_aou` - - <Link to process> - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__requirements_inspect` - - <Link to process> - - <automated> - - n/a - - Checklist used in Pull Request Review - - n/a - - * - :need:`wp__component_arch` - - <Link to process> - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__sw_component_security_analysis` - - <Link to process> - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__sw_arch_verification` - - <Link to process> - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__sw_implementation` - - <Link to process> - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__verification_sw_unit_test` - - <Link to process> - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__sw_implementation_inspection` - - <Link to process> - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> - - * - :need:`wp__verification_comp_int_test` - - <Link to process> - - <automated> - - <Link to issue> - - <Link to WP> - - <automated> diff --git a/process/folder_templates/modules/module_name/docs/security_mgt/module_security_plan_fdr.rst b/process/folder_templates/modules/module_name/docs/security_mgt/module_security_plan_fdr.rst deleted file mode 100644 index acf5969dc0..0000000000 --- a/process/folder_templates/modules/module_name/docs/security_mgt/module_security_plan_fdr.rst +++ /dev/null @@ -1,124 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Security Plan Formal Review Report -================================== - -.. note:: Document header - -.. document:: [Your Module Name] Security Plan Formal Review - :id: doc__module_name_security_plan_fdr - :status: draft - :safety: ASIL_B - :security: YES - :realizes: wp__fdr_reports - :tags: template - -.. attention:: - The above directive must be updated according to your Module. - - - Modify ``Your Module Name`` to be your Module Name - - Modify ``id`` to be your Module Name in upper snake case preceded by ``doc_`` and succeeded by ``_security_plan_fdr`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - -**1. Purpose** - -The purpose of this review checklist is to provide a guidence for reviewing the Security Plans for each module. -Each Module Security Plan shall have one checklist filled. - -**2. Checklist** - -See also :ref:`review_concept` for further information about reviews in general and inspection in particular. - -.. list-table:: Security Plan Checklist - :header-rows: 1 - - * - Id - - Security Plan activity - - Compliant to ISO SAE 21434? - - Comment - - * - 1 - - Is the rationale for the Security Work Products tailoring included? - - [YES | NO ] - - <Rationale for result> - - * - 2 - - Is impact analysis planned in case of re-use of SW (needed for every release following the first formal release)? - - [YES | NO ] - - <Rationale for result> - - * - 3 - - Does the Security Plan define all needed activities for security management (including review and security audit)? - - [YES | NO ] - - <Rationale for result> - - * - 4 - - Does the Security Plan define all needed activities for SW development, integration and verification? - - [YES | NO ] - - <Rationale for result> - - * - 5 - - Does the Security Plan define all needed activities for security analysis? - - [YES | NO ] - - <Rationale for result> - - * - 6 - - Does the Security Plan define all needed activities for supporting processes (incl. tool mgt)? - - [YES | NO ] - - <Rationale for result> - - * - 7 - - Does the Security Plan document a responsible for all activities? - - [YES | NO ] - - <Rationale for result> - - * - 8 - - If OSS software components is used, is it planned to be qualified? - - [YES | NO ] - - <Rationale for result> - - * - 9 - - Is a Security Manager and a Project Lead appointed for the project? - - [YES | NO ] - - <Rationale for result> - - * - 10 - - Is Security Plan sufficiently linked to the Project Plan? - - [YES | NO ] - - <Rationale for result> - - * - 11 - - Is Security Plan updated iteratively to show the progress? - - [YES | NO ] - - <Rationale for result> - - * - 12 - - If Out-of-context software components is used, are the assumptions documented? - - [YES | NO ] - - <Rationale for result> - - * - 13 - - Does the Security Plan define all needed activities for SBOM generation? - - [YES | NO ] - - <Rationale for result> - - * - 14 - - Does the Security Plan define regular vulnerability scans for the generated SBOM? - - [YES | NO ] - - <Rationale for result> - -.. note:: - Off-the-shelf means existing software which may used without modification, e.g. existing OSS diff --git a/process/folder_templates/modules/module_name/docs/verification/module_verification_report.rst b/process/folder_templates/modules/module_name/docs/verification/module_verification_report.rst deleted file mode 100644 index 5d28ec3831..0000000000 --- a/process/folder_templates/modules/module_name/docs/verification/module_verification_report.rst +++ /dev/null @@ -1,96 +0,0 @@ -.. - # ******************************************************************************* - # Copyright (c) 2025 Contributors to the Eclipse Foundation - # - # See the NOTICE file(s) distributed with this work for additional - # information regarding copyright ownership. - # - # This program and the accompanying materials are made available under the - # terms of the Apache License Version 2.0 which is available at - # https://www.apache.org/licenses/LICENSE-2.0 - # - # SPDX-License-Identifier: Apache-2.0 - # ******************************************************************************* - -Verification Report -=================== - -.. note:: Document header - -.. document:: [Your Module Name] Verification Report - :id: doc__module_name_verification_report - :status: draft - :safety: ASIL_B - :security: NO - :realizes: wp__verification_module_ver_report - :tags: template - -.. attention:: - The above directive must be updated according to your Module. - - - Modify ``Your Module Name`` to be your Module Name - - Modify ``id`` to be your Module Name in upper snake case preceded by ``doc_`` and succeeded by ``verification_report`` - - Adjust ``status`` to be ``valid`` - - Adjust ``safety`` and ``tags`` according to your needs - -This verification report is based on the :need:`gd_temp__verification_plan`. -It covers all the components of the above stated module. - -Verification Report contains: - -**1. Verification Coverage** - -**1.1. on Requirements** - - Lists of component requirements (incl. AoU satisfied by the component) tested by which test case, passed/failed and completeness verdict - (this shall be generated by tools and accompanied by progress charts to be usable also for project steering) - - For external component Assumptions of Use: coverage by platform safety manual or feature/components incl. test case, passed/failed and completeness verdict - - This is split in a list of QM requirements tested and a separate list of tests for ASIL rated requirements. - - List of component requirements (ASIL rated) linked to inspection checklist and verdict (derived from PR export) - -**1.2. on Architecture** - - List of component architecture tags tested by which test case, passed/failed and completeness verdict - (this shall be generated by tools and accompanied by progress charts to be usable also for project steering) - - This is split in a list of QM components tested and a separate list of tests for ASIL rated components. - - List of component architecture tags (ASIL rated) linked to inspection checklist and verdict (derived from PR export) - -**1.3. on Detailed Design** - - List of detailed design tags tested by which test case, passed/failed and completeness verdict - (this shall be generated by tools and accompanied by progress charts to be usable also for project steering) - - This is split in a list of QM components tested and a separate list of tests for ASIL rated components. - - List of detailed design tags (ASIL rated) linked to inspection checklist and verdict (derived from PR export) - - - The lists may also contain other verification methods like "Analysis" - process tbd - -**2. DFA Report** - - List of the performed component DFA, pass/fail with open mitigations - -**3. Safety Analysis Report** - - List of the performed component Safety Analysis, pass/fail with open mitigations - -**4. Unit Verification Coverage** - -**4.1. Structural Coverage** - - List of the units with C0(line) and C1(branch) coverage absolute and percentage - (this shall be generated by tools and accompanied by progress charts to be usable also for project steering) - - List includes a column for the safety rating of each unit. - -**4.2. Static Code Analysis** - - List of the units with compiler warning numbers and coding rule violation numbers - (this shall be generated by tools and accompanied by progress charts to be usable also for project steering) - - List includes a column for the safety rating of each unit. - -**4.3. Manual Code Inspection** - - List of components (ASIL rated) linked to inspection checklist and verdict (derived from PR export) - -**5. Software component qualification verification report** - - Contains the needed verification results if for some components a qualification of pre-developed SW is performed. - -**6. Test results** - - Test result per test case with status passed/failed/not_run - -**7. Test logs** - - Test log per test case with status passed/failed/not_run - -**Note1:** The verification report is valid for the module version tagged together with the report - -**Note2:** All the above lists are generated automatically diff --git a/process/process_areas/architecture_design/guidance/architecture_inspection_checklist.rst b/process/process_areas/architecture_design/guidance/architecture_inspection_checklist.rst index e6b5938458..b0487dc666 100644 --- a/process/process_areas/architecture_design/guidance/architecture_inspection_checklist.rst +++ b/process/process_areas/architecture_design/guidance/architecture_inspection_checklist.rst @@ -25,7 +25,7 @@ Architecture Inspection Checklist Template For the content see here: - - :need:`doc__component_name_arc_inspection` + - `Component Architecture Inspection Checklist <https://eclipse-score.github.io/module_template/main/score/component_example/docs/architecture/chklst_arc_inspection.html>`__ - :need:`doc__feature_name_arc_inspection` These two documents have the same questions, but different scope and document naming. diff --git a/process/process_areas/change_management/guidance/change_management_component_template.rst b/process/process_areas/change_management/guidance/change_management_component_template.rst index da31408b89..20bdbdb8d2 100644 --- a/process/process_areas/change_management/guidance/change_management_component_template.rst +++ b/process/process_areas/change_management/guidance/change_management_component_template.rst @@ -22,4 +22,4 @@ Component Template :status: valid :complies: std_req__aspice_40__SUP-10-BP1, std_req__aspice_40__SUP-10-BP2, std_req__aspice_40__SUP-10-BP3, std_req__aspice_40__SUP-10-BP5, std_req__aspice_40__iic-18-57, std_req__iso26262__support_8422, std_req__iso26262__support_8431, std_req__iso26262__support_8432, std_req__aspice_40__iic-13-16, std_req__aspice_40__iic-14-02 - for the content see :need:`doc__component_name` + for the content see `Component Request Template <https://eclipse-score.github.io/module_template/main/score/component_example/docs/index.html>`__ diff --git a/process/process_areas/implementation/guidance/implementation_checklist.rst b/process/process_areas/implementation/guidance/implementation_checklist.rst index 755d6dc170..ea14aadea1 100644 --- a/process/process_areas/implementation/guidance/implementation_checklist.rst +++ b/process/process_areas/implementation/guidance/implementation_checklist.rst @@ -24,4 +24,4 @@ Implementation Inspection Checklist For the content see here: - - :need:`doc__component_name_impl_inspection` + - `Component Implementation Inspection Checklist <https://eclipse-score.github.io/module_template/main/score/component_example/docs/detailed_design/chklst_impl_inspection.html>`__ diff --git a/process/process_areas/release_management/guidance/release_templates.rst b/process/process_areas/release_management/guidance/release_templates.rst index 70eb746238..276c4439f9 100644 --- a/process/process_areas/release_management/guidance/release_templates.rst +++ b/process/process_areas/release_management/guidance/release_templates.rst @@ -28,7 +28,7 @@ Templates :status: valid :complies: std_req__iso26262__management_64134, std_req__iso26262__management_64135, std_req__iso26262__support_12425, std_req__aspice_40__SPL-2-BP1, std_req__aspice_40__iic-11-03, std_req__aspice_40__iic-18-06, std_req__aspice_40__SPL-2-BP2, std_req__aspice_40__SPL-2-BP3, std_req__aspice_40__iic-11-04, std_req__aspice_40__SPL-2-BP4, std_req__aspice_40__SPL-2-BP6, std_req__aspice_40__REU-2-BP6 - For the content see here: :need:`doc__module_name_release_note` + For the content see here: `Module Release Note Template <https://eclipse-score.github.io/module_template/main/docs/release/release_note.html>`__ .. gd_temp:: Release Issue Template diff --git a/process/process_areas/requirements_engineering/guidance/requirements_inspection_checklist.rst b/process/process_areas/requirements_engineering/guidance/requirements_inspection_checklist.rst index f182c39b86..7870ccedf4 100644 --- a/process/process_areas/requirements_engineering/guidance/requirements_inspection_checklist.rst +++ b/process/process_areas/requirements_engineering/guidance/requirements_inspection_checklist.rst @@ -27,7 +27,7 @@ Requirement Inspection Checklist For the content see here: - - :need:`doc__component_name_req_inspection` + - `Component Requirements Inspection Checklist <https://eclipse-score.github.io/module_template/main/score/component_example/docs/requirements/chklst_req_inspection.html>`__ - :need:`doc__feature_name_req_inspection` - :need:`doc__stakeholder_req_inspection` diff --git a/process/process_areas/requirements_engineering/guidance/requirements_templates.rst b/process/process_areas/requirements_engineering/guidance/requirements_templates.rst index 54b95bc70e..cf5a8076f0 100644 --- a/process/process_areas/requirements_engineering/guidance/requirements_templates.rst +++ b/process/process_areas/requirements_engineering/guidance/requirements_templates.rst @@ -38,8 +38,8 @@ Templates :status: valid :complies: std_req__iso26262__support_641, std_req__iso26262__support_6421, std_req__iso26262__support_6425, std_req__iso26262__support_12425, std_req__aspice_40__SWE-1-BP1 - See the component requirements template in - :doc:`../../../folder_templates/modules/module_name/component_name/docs/requirements/index` + See the component requirements template in the + `module template documentation <https://eclipse-score.github.io/module_template/main/score/component_example/docs/requirements/index.html>`__. .. gd_temp:: AoU Requirement Template :id: gd_temp__req_aou_req diff --git a/process/process_areas/safety_analysis/guidance/dfa_templates.rst b/process/process_areas/safety_analysis/guidance/dfa_templates.rst index d16aaf20cb..e5fc150493 100644 --- a/process/process_areas/safety_analysis/guidance/dfa_templates.rst +++ b/process/process_areas/safety_analysis/guidance/dfa_templates.rst @@ -38,4 +38,4 @@ DFA Templates :status: valid :complies: std_req__iso26262__software_7411, std_req__iso26262__analysis_741, std_req__iso26262__analysis_742, std_req__iso26262__analysis_743, std_req__iso26262__analysis_745, std_req__iso26262__analysis_746, std_req__iso26262__analysis_747, std_req__iso26262__analysis_748, std_req__iso26262__analysis_749, std_req__isopas8926__44432 - For the content see here: :need:`doc__component_name_dfa` + For the content see here: `Component DFA Template <https://eclipse-score.github.io/module_template/main/score/component_example/docs/safety_analysis/dfa.html>`__ diff --git a/process/process_areas/safety_analysis/guidance/fmea_templates.rst b/process/process_areas/safety_analysis/guidance/fmea_templates.rst index 19cc5f36d6..085c5243a3 100644 --- a/process/process_areas/safety_analysis/guidance/fmea_templates.rst +++ b/process/process_areas/safety_analysis/guidance/fmea_templates.rst @@ -30,4 +30,4 @@ FMEA Templates :status: valid :complies: std_req__iso26262__software_7410, std_req__iso26262__software_7412, std_req__iso26262__analysis_841, std_req__iso26262__analysis_842, std_req__iso26262__analysis_843, std_req__iso26262__analysis_844, std_req__iso26262__analysis_845, std_req__iso26262__analysis_846, std_req__iso26262__analysis_847, std_req__iso26262__analysis_848, std_req__iso26262__analysis_849, std_req__iso26262__analysis_8410, std_req__isopas8926__44431 - For the content see here: :need:`doc__component_name_fmea` + For the content see here: `Component FMEA Template <https://eclipse-score.github.io/module_template/main/score/component_example/docs/safety_analysis/fmea.html>`__ diff --git a/process/process_areas/safety_analysis/guidance/safety_analysis_guideline.rst b/process/process_areas/safety_analysis/guidance/safety_analysis_guideline.rst index 6b8280d17c..5112618021 100644 --- a/process/process_areas/safety_analysis/guidance/safety_analysis_guideline.rst +++ b/process/process_areas/safety_analysis/guidance/safety_analysis_guideline.rst @@ -35,7 +35,7 @@ Step-by-Step-approach FMEA: The analysis is done by using the template :ref:`FMEA_templates` on the feature or component architectural diagrams. By using the fault models <:need:`gd_guidl__fault_models`> it can be ensured that the analysis is done in a structured way. -Apply the fault model to the diagram and document the results in the template. Use the content of the document :need:`doc__feature_name_fmea`, :need:`doc__component_name_fmea` +Apply the fault model to the diagram and document the results in the template. Use the content of the document :need:`doc__feature_name_fmea`, `Component FMEA Template <https://eclipse-score.github.io/module_template/main/score/component_example/docs/safety_analysis/fmea.html>`__ to describe e.g. why a fault model is not applicable for the diagram. If a FMEA can't be applied, the reason has to be documented in the content of the document, so it can be recognized. @@ -64,7 +64,7 @@ Step-by-Step-approach DFA: ^^^^^^^^^^^^^^^^^^^^^^^^^^ The analysis is done by using the template :ref:`dfa_templates` on the feature or component architectural diagrams using a list of DFA failure initiators <:need:`gd_guidl__dfa_failure_initiators`>. -Use the content of the document :need:`doc__feature_name_dfa`, :need:`doc__component_name_dfa` to describe e.g. why +Use the content of the document :need:`doc__feature_name_dfa`, `Component DFA Template <https://eclipse-score.github.io/module_template/main/score/component_example/docs/safety_analysis/dfa.html>`__ to describe e.g. why a failure initiator is not applicable for the diagram. If a DFA can't be applied, the reason has to be documented in the content of the document, so it can be recognized. diff --git a/process/process_areas/safety_management/guidance/checklist_safety_package.rst b/process/process_areas/safety_management/guidance/checklist_safety_package.rst index 68a9df65f1..96c99edcdb 100644 --- a/process/process_areas/safety_management/guidance/checklist_safety_package.rst +++ b/process/process_areas/safety_management/guidance/checklist_safety_package.rst @@ -20,4 +20,4 @@ Safety Package Formal Review Checklist :status: valid :complies: std_req__iso26262__management_5425, std_req__iso26262__management_6469, std_req__iso26262__management_6481, std_req__iso26262__management_6482, std_req__iso26262__management_6491, std_req__iso26262__management_6492, std_req__iso26262__management_6493, std_req__iso26262__management_64101, std_req__iso26262__management_64102, std_req__iso26262__management_64103, std_req__iso26262__management_64104, std_req__iso26262__management_64105 - For the content see here: :need:`doc__module_name_safety_package_fdr` + For the content see here: `Safety Package Formal Review Checklist <https://eclipse-score.github.io/module_template/main/docs/safety_mgt/module_safety_package_fdr.html>`__ diff --git a/process/process_areas/safety_management/guidance/checklist_safety_plan.rst b/process/process_areas/safety_management/guidance/checklist_safety_plan.rst index 39b8b7f35e..b8c692aada 100644 --- a/process/process_areas/safety_management/guidance/checklist_safety_plan.rst +++ b/process/process_areas/safety_management/guidance/checklist_safety_plan.rst @@ -20,4 +20,4 @@ Safety Plan Formal Review Checklist :status: valid :complies: std_req__iso26262__management_6451, std_req__iso26262__management_6452, std_req__iso26262__management_6455, std_req__iso26262__management_6457, std_req__iso26262__management_6461, std_req__iso26262__management_6462, std_req__iso26262__management_6463, std_req__iso26262__management_6464, std_req__iso26262__management_6465, std_req__iso26262__management_6467, std_req__iso26262__management_6468, std_req__iso26262__management_6491, std_req__iso26262__management_64101, std_req__iso26262__management_64102, std_req__iso26262__management_64103, std_req__iso26262__management_64104, std_req__iso26262__management_64105, std_req__iso26262__management_64111 - For the content see here: :need:`doc__module_name_safety_plan_fdr` + For the content see here: `Safety Plan Formal Review Checklist <https://eclipse-score.github.io/module_template/main/docs/safety_mgt/module_safety_plan_fdr.html>`__ diff --git a/process/process_areas/safety_management/guidance/guideline_component_classification.rst b/process/process_areas/safety_management/guidance/guideline_component_classification.rst index e8097435f4..98c18b4965 100644 --- a/process/process_areas/safety_management/guidance/guideline_component_classification.rst +++ b/process/process_areas/safety_management/guidance/guideline_component_classification.rst @@ -21,4 +21,4 @@ Component Classification Guideline :complies: std_req__isopas8926__441, std_req__isopas8926__4421, std_req__isopas8926__4422, std_req__isopas8926__4423, std_req__isopas8926__4424, std_req__isopas8926__4425, std_req__isopas8926__4426, std_req__isopas8926__4427, std_req__isopas8926__4428, std_req__isopas8926__4429, std_req__isopas8926__44210, std_req__isopas8926__44321, std_req__isopas8926__44322, std_req__isopas8926__4433, std_req__aspice_40__REU-2-BP1, std_req__aspice_40__REU-2-BP2, std_req__aspice_40__REU-2-BP3 - For the content see here: :need:`doc__component_name_comp_class` + For the content see here: `Component Classification Template <https://eclipse-score.github.io/module_template/main/score/component_example/docs/component_classification.html>`__ diff --git a/process/process_areas/safety_management/guidance/template_component_classification.rst b/process/process_areas/safety_management/guidance/template_component_classification.rst index ee880bb984..dd4dc75a0d 100644 --- a/process/process_areas/safety_management/guidance/template_component_classification.rst +++ b/process/process_areas/safety_management/guidance/template_component_classification.rst @@ -20,4 +20,4 @@ Component Classification Template :status: valid :complies: std_req__isopas8926__441, std_req__isopas8926__4421, std_req__isopas8926__4422, std_req__isopas8926__4423, std_req__isopas8926__4424, std_req__isopas8926__4425, std_req__isopas8926__4426, std_req__isopas8926__4427, std_req__isopas8926__4428, std_req__isopas8926__4429, std_req__isopas8926__44210, std_req__iso26262__software_743, std_req__aspice_40__iic-12-03, std_req__aspice_40__iic-15-07 - For the content see here: :need:`doc__component_name_comp_class` + For the content see here: `Component Classification Template <https://eclipse-score.github.io/module_template/main/score/component_example/docs/component_classification.html>`__ diff --git a/process/process_areas/safety_management/guidance/template_safety_manual.rst b/process/process_areas/safety_management/guidance/template_safety_manual.rst index 1744d8fde1..04a966ca20 100644 --- a/process/process_areas/safety_management/guidance/template_safety_manual.rst +++ b/process/process_areas/safety_management/guidance/template_safety_manual.rst @@ -20,4 +20,4 @@ Safety Manual Template :status: valid :complies: std_req__iso26262__management_5425, std_req__iso26262__system_6411, std_req__iso26262__system_6412, std_req__iso26262__system_6413, std_req__iso26262__system_6414, std_req__iso26262__system_6421, std_req__iso26262__system_6422, std_req__iso26262__software_641, std_req__iso26262__software_642, std_req__iso26262__software_645, std_req__iso26262__support_12421, std_req__aspice_40__iic-13-53 - For the content see here: :need:`doc__module_name_safety_manual` + For the content see here: `Safety Manual Template <https://eclipse-score.github.io/module_template/main/docs/manuals/safety_manual.html>`__ diff --git a/process/process_areas/safety_management/guidance/templates_safety_plan.rst b/process/process_areas/safety_management/guidance/templates_safety_plan.rst index 7b325a4bd0..7fd73a0639 100644 --- a/process/process_areas/safety_management/guidance/templates_safety_plan.rst +++ b/process/process_areas/safety_management/guidance/templates_safety_plan.rst @@ -29,7 +29,7 @@ Safety Planning Templates :complies: std_req__iso26262__management_5425, std_req__iso26262__management_5424, std_req__iso26262__management_6465, std_req__iso26262__management_6466, std_req__iso26262__management_6467, std_req__iso26262__management_6468, std_req__iso26262__management_6469, std_req__iso26262__support_12424, std_req__iso26262__support_12425, std_req__iso26262__support_1243, std_req__isopas8926__44341, std_req__isopas8926__44342, std_req__isopas8926__44611, std_req__isopas8926__4463, std_req__iso26262__management_5427, std_req__iso26262__management_6421, std_req__aspice_40__REU-2-BP4, std_req__aspice_40__REU-2-BP5 - For the content see here: :need:`doc__module_name_safety_plan` + For the content see here: `Module Safety Plan Template <https://eclipse-score.github.io/module_template/main/docs/safety_mgt/module_safety_plan.html>`__ .. gd_temp:: Platform Safety Plan Template diff --git a/process/process_areas/security_analysis/guidance/security_analysis_threat_scenario_templates.rst b/process/process_areas/security_analysis/guidance/security_analysis_threat_scenario_templates.rst index de568644f7..f790836463 100644 --- a/process/process_areas/security_analysis/guidance/security_analysis_threat_scenario_templates.rst +++ b/process/process_areas/security_analysis/guidance/security_analysis_threat_scenario_templates.rst @@ -43,6 +43,6 @@ Security Analysis Threat Scenario Templates :status: draft :complies: - For the content see here: (tbd)need:`doc__component_name_security_analysis` + For the content see here: (tbd) `Component Security Analysis Template <https://eclipse-score.github.io/module_template/main/score/component_example/docs/index.html>`__ Future PR (https://github.com/eclipse-score/process_description/issues/409). diff --git a/process/process_areas/security_analysis/guidance/security_analysis_threat_templates.rst b/process/process_areas/security_analysis/guidance/security_analysis_threat_templates.rst index e638a383c1..5e6e2aa585 100644 --- a/process/process_areas/security_analysis/guidance/security_analysis_threat_templates.rst +++ b/process/process_areas/security_analysis/guidance/security_analysis_threat_templates.rst @@ -33,6 +33,6 @@ Security Analysis Threat Templates :status: draft :complies: - For the content see here: (tbd)need:`doc__component_name_threat` + For the content see here: (tbd) `Component Threat Template <https://eclipse-score.github.io/module_template/main/score/component_example/docs/index.html>`__ Future PR (https://github.com/eclipse-score/process_description/issues/409). diff --git a/process/process_areas/security_management/guidance/checklist_security_package.rst b/process/process_areas/security_management/guidance/checklist_security_package.rst index 49200a831d..01229edb3d 100644 --- a/process/process_areas/security_management/guidance/checklist_security_package.rst +++ b/process/process_areas/security_management/guidance/checklist_security_package.rst @@ -20,4 +20,4 @@ Security Package Formal Review Checklist :status: valid :complies: std_req__isosae21434__prj_management_6471, std_req__isosae21434__prj_management_6491, std_req__isosae21434__prj_management_6492 - For the content see here: :need:`doc__module_name_security_package_fdr` + For the content see here: `Security Package Formal Review Checklist <https://eclipse-score.github.io/module_template/main/docs/security_mgt/module_security_package_fdr.html>`__ diff --git a/process/process_areas/security_management/guidance/checklist_security_plan.rst b/process/process_areas/security_management/guidance/checklist_security_plan.rst index 68a8698075..1d30ef5810 100644 --- a/process/process_areas/security_management/guidance/checklist_security_plan.rst +++ b/process/process_areas/security_management/guidance/checklist_security_plan.rst @@ -27,4 +27,4 @@ Security Plan Formal Review Checklist :status: valid :complies: std_req__isosae21434__prj_management_6411, std_req__isosae21434__prj_management_6421, std_req__isosae21434__prj_management_6422, std_req__isosae21434__prj_management_6423, std_req__isosae21434__prj_management_6424, std_req__isosae21434__prj_management_6425, std_req__isosae21434__prj_management_6426, std_req__isosae21434__prj_management_6427, std_req__isosae21434__prj_management_6428, std_req__isosae21434__prj_management_6429, std_req__isosae21434__prj_management_64210, std_req__isosae21434__prj_management_64211, std_req__isosae21434__prj_management_6431, std_req__isosae21434__prj_management_6432, std_req__isosae21434__prj_management_6441, std_req__isosae21434__prj_management_6442, std_req__isosae21434__prj_management_6443, std_req__isosae21434__prj_management_6451, std_req__isosae21434__prj_management_6452, std_req__isosae21434__prj_management_6453, std_req__isosae21434__prj_management_6461, std_req__isosae21434__prj_management_6462 - For the content see here: :need:`doc__module_name_security_plan_fdr` + For the content see here: `Security Plan Formal Review Checklist <https://eclipse-score.github.io/module_template/main/docs/security_mgt/module_security_plan_fdr.html>`__ diff --git a/process/process_areas/security_management/guidance/security_management_guideline.rst b/process/process_areas/security_management/guidance/security_management_guideline.rst index cf25d93764..01f2aae305 100644 --- a/process/process_areas/security_management/guidance/security_management_guideline.rst +++ b/process/process_areas/security_management/guidance/security_management_guideline.rst @@ -178,7 +178,7 @@ Security Management Guideline instruct the user of a OoC (in this project on platform and module level) to securely use it in the context of the user's OoC and requirements for post-development. Its main content is described in :need:`wp__platform_security_manual` and :need:`wp__module_security_manual`. - A template exists to guide the definition of the security manual on platform and module level (:need:`doc__module_name_security_manual`). + A template exists to guide the definition of the security manual on platform and module level (`Module Security Manual Template <https://eclipse-score.github.io/module_template/main/docs/manuals/security_manual.html>`__). .. gd_guidl:: Security Package Automated Generation :id: gd_guidl__security_package diff --git a/process/process_areas/security_management/guidance/security_manual_templates.rst b/process/process_areas/security_management/guidance/security_manual_templates.rst index ee2ddc8264..4549b8dbea 100644 --- a/process/process_areas/security_management/guidance/security_manual_templates.rst +++ b/process/process_areas/security_management/guidance/security_manual_templates.rst @@ -26,4 +26,4 @@ Security Manual Templates :status: valid :complies: std_req__isosae21434__development_10421, std_req__isosae21434__development_10422 - For the content see here: :need:`doc__module_name_security_manual` + For the content see here: `Module Security Manual Template <https://eclipse-score.github.io/module_template/main/docs/manuals/security_manual.html>`__ diff --git a/process/process_areas/security_management/guidance/security_plan_templates.rst b/process/process_areas/security_management/guidance/security_plan_templates.rst index 9a832a0ea6..a20cdf93f5 100644 --- a/process/process_areas/security_management/guidance/security_plan_templates.rst +++ b/process/process_areas/security_management/guidance/security_plan_templates.rst @@ -34,4 +34,4 @@ Security Planning Templates :status: valid :complies: std_req__isosae21434__prj_management_6411, std_req__isosae21434__prj_management_6421, std_req__isosae21434__prj_management_6422, std_req__isosae21434__prj_management_6423, std_req__isosae21434__prj_management_6424, std_req__isosae21434__prj_management_6425, std_req__isosae21434__prj_management_6426, std_req__isosae21434__prj_management_6427, std_req__isosae21434__prj_management_6428, std_req__isosae21434__prj_management_6429, std_req__isosae21434__prj_management_64210, std_req__isosae21434__prj_management_64211, std_req__isosae21434__prj_management_6431, std_req__isosae21434__prj_management_6432, std_req__isosae21434__prj_management_6441, std_req__isosae21434__prj_management_6442, std_req__isosae21434__prj_management_6443, std_req__isosae21434__prj_management_6451, std_req__isosae21434__prj_management_6452, std_req__isosae21434__prj_management_6453, std_req__isosae21434__prj_management_6461, std_req__isosae21434__prj_management_6462 - For the content see here: :need:`doc__module_name_security_plan` + For the content see here: `Module Security Plan Template <https://eclipse-score.github.io/module_template/main/docs/security_mgt/module_security_plan.html>`__ diff --git a/process/process_areas/security_management/security_management_workproducts.rst b/process/process_areas/security_management/security_management_workproducts.rst index 7068e7f75a..03f14815fc 100644 --- a/process/process_areas/security_management/security_management_workproducts.rst +++ b/process/process_areas/security_management/security_management_workproducts.rst @@ -42,7 +42,7 @@ Security Management Work Products Guidelines on how an impact analysis shall be concluded on each item or element involved together with it's connected items or elements. - For the template see here: :need:`doc__module_name_security_manual` + For the template see here: `Module Security Manual Template <https://eclipse-score.github.io/module_template/main/docs/manuals/security_manual.html>`__ This is on following level: @@ -79,8 +79,8 @@ Security Management Work Products Will contain formal review report for Security Plan, Security Package and Security Analyses. For the different review checklist see here: - - Review checklist for Security Plans: :need:`doc__platform_name_security_plan_fdr` and :need:`doc__module_name_security_plan_fdr` - - Review checklist for Security Packages: :need:`doc__platform_name_security_package_fdr` and :need:`doc__module_name_security_package_fdr` + - Review checklist for Security Plans: :need:`doc__platform_name_security_plan_fdr` and `Module Security Plan Formal Review Checklist <https://eclipse-score.github.io/module_template/main/docs/security_mgt/module_security_plan_fdr.html>`__ + - Review checklist for Security Packages: :need:`doc__platform_name_security_package_fdr` and `Module Security Package Formal Review Checklist <https://eclipse-score.github.io/module_template/main/docs/security_mgt/module_security_package_fdr.html>`__ .. workproduct:: Process Security Audit Report :id: wp__audit_report_security @@ -127,7 +127,7 @@ Security Management Work Products This is on module level. One manual per each module. - For template see here: :need:`doc__module_name_security_manual` + For template see here: `Module Security Manual Template <https://eclipse-score.github.io/module_template/main/docs/manuals/security_manual.html>`__ .. workproduct:: Platform Software Bill of Material (SBOM) :id: wp__sw_platform_sbom diff --git a/process/process_areas/verification/guidance/verification_report_template.rst b/process/process_areas/verification/guidance/verification_report_template.rst index dfec446e78..4b7d4cb844 100644 --- a/process/process_areas/verification/guidance/verification_report_template.rst +++ b/process/process_areas/verification/guidance/verification_report_template.rst @@ -30,7 +30,7 @@ Verification Report Templates This document implements :need:`wp__verification_module_ver_report`. - | For the content, see :need:`doc__module_name_verification_report`. + | For the content, see `Module Verification Report Template <https://eclipse-score.github.io/module_template/main/docs/verification_report/module_verification_report.html>`__. .. gd_temp:: Platform Verification Report Template :id: gd_temp__platform_ver_report diff --git a/process/process_areas/verification/verification_concept.rst b/process/process_areas/verification/verification_concept.rst index 57339d2ead..a48a413988 100644 --- a/process/process_areas/verification/verification_concept.rst +++ b/process/process_areas/verification/verification_concept.rst @@ -167,7 +167,7 @@ stakeholder requirements as stakeholder requirements describe the platform behav Note that all the above tests shall only link to requirements of type "Functional" and "Interface". The verification of requirements of types "Process" and "Non-Functional" will be done via Analysis, -which is part of the requirement inspection :need:`doc__feature_name_req_inspection` and :need:`doc__component_name_req_inspection`. +which is part of the requirement inspection :need:`doc__feature_name_req_inspection` and `Component Requirements Inspection Checklist <https://eclipse-score.github.io/module_template/main/score/component_example/docs/requirements/chklst_req_inspection.html>`__. Requirements always include Assumptions Of Use. A more detailed description of how to link code to requirements is available here: :need:`gd_req__verification_link_tests` From cde337b0b5243c923802c83991eee8c1a442c483 Mon Sep 17 00:00:00 2001 From: "jhr2hi@bosch.com" <roland.jentsch@etas.com> Date: Tue, 19 May 2026 15:39:02 +0200 Subject: [PATCH 2/2] fix another two labels --- .../implementation/guidance/detailed_design_template.rst | 2 +- .../safety_analysis/guidance/safety_analysis_checklist.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/process/process_areas/implementation/guidance/detailed_design_template.rst b/process/process_areas/implementation/guidance/detailed_design_template.rst index 836bbfd48e..25b38d2995 100644 --- a/process/process_areas/implementation/guidance/detailed_design_template.rst +++ b/process/process_areas/implementation/guidance/detailed_design_template.rst @@ -21,4 +21,4 @@ Detailed Design Template :status: valid :complies: std_req__iso26262__software_542, std_req__iso26262__support_641, std_req__iso26262__support_6421, std_req__iso26262__support_6425, std_req__iso26262__software_744, std_req__aspice_40__iic-04-05 - For the content see here: :ref:`component_detailed_design_template` + For the content see here: `Detailed Design Template <https://eclipse-score.github.io/module_template/main/score/component_example/docs/detailed_design/index.html>`__ diff --git a/process/process_areas/safety_analysis/guidance/safety_analysis_checklist.rst b/process/process_areas/safety_analysis/guidance/safety_analysis_checklist.rst index 882673825f..8bd0413b59 100644 --- a/process/process_areas/safety_analysis/guidance/safety_analysis_checklist.rst +++ b/process/process_areas/safety_analysis/guidance/safety_analysis_checklist.rst @@ -26,4 +26,4 @@ Safety Analysis Checklist For the content see here: - :need:`doc__platform_safety_analysis_fdr` (platform) - - :need:`doc__module_safety_analysis_fdr` (module) + - `Safety Analysis Formal Review Checklist <https://eclipse-score.github.io/module_template/main/docs/safety_mgt/module_safety_analysis_fdr.html>`__ (module)