update tool management according audit findings

process/process_areas/platform_management/platform_management_workflow.rst

@@ -25,7 +25,7 @@ Workflow Platform Management
    :approved_by: rl__process_community
    :supported_by: rl__safety_manager, rl__security_manager, rl__quality_manager
    :input: wp__policies, wp__issue_track_system
-   :output: wp__platform_mgmt, wp__project_mgt, wp__document_mgt_plan, wp__config_mgt_plan, wp__prm_plan
+   :output: wp__platform_mgmt, wp__project_mgt, wp__document_mgt_plan, wp__config_mgt_plan, wp__prm_plan, wp__tlm_plan
    :contains: gd_temp__platform__mgmt_plan, gd_guidl__platform__mgmt_plan, gd_guidl__documentation, gd_chklst__documentation__review, gd_temp__documentation
    :has: doc_concept__platform__process, doc_getstrt__platform__process
 

process/process_areas/tool_management/guidance/tool_management_reqs.rst

@@ -46,6 +46,29 @@ Tool Verification Report Attributes
       * released
       * rejected
 
+.. gd_req:: Tool attribute:: version
+   :id: gd_req__tool__attr_version
+   :status: valid
+   :tags: manual, tool_management, attribute, mandatory
+   :satisfies: wf__tool__create_tool_verification_report
+   :complies: std_req__iso26262__support_1141, std_req__aspice_40__SUP-8-BP1
+
+   Each Tool Verification Report shall have a version:
+
+      * v.X.Y.Z (major, minor, patch)
+
+.. gd_req:: Tool attribute:: tcl
+   :id: gd_req__tool__attr_tcl
+   :status: valid
+   :tags: manual, tool_management, attribute, mandatory
+   :satisfies: wf__tool__create_tool_verification_report
+   :complies: std_req__iso26262__support_1141, std_req__aspice_40__SUP-8-BP1
+
+   Each Tool Verification Report shall have a tool confidence level:
+
+      * LOW
+      * HIGH
+
 .. gd_req:: Tool attribute:: safety affected
    :id: gd_req__tool__attr_safety_affected
    :status: valid
@@ -55,8 +78,8 @@ Tool Verification Report Attributes
 
    Each Tool Verification Report shall have a safety relevance identifier:
 
-      * Yes
-      * No
+      * YES
+      * NO
 
 .. gd_req:: Tool attribute:: security affected
    :id: gd_req__tool__attr_security_affected
@@ -67,8 +90,8 @@ Tool Verification Report Attributes
 
    Each Tool Verification Report shall have a security relevance identifier:
 
-      * Yes
-      * No
+      * YES
+      * NO
 
 
 Tool Verification Report Checks

process/process_areas/tool_management/guidance/tool_management_template.rst

@@ -23,21 +23,28 @@ Tool Verification Report Template
    :complies: std_req__iso26262__support_1141, std_req__iso26262__support_1142, std_req__iso26262__support_1143, std_req__iso26262__support_11441, std_req__iso26262__support_11442, std_req__iso26262__support_11451, std_req__iso26262__support_11452, std_req__iso26262__support_11453, std_req__iso26262__support_11454, std_req__iso26262__support_11461, std_req__iso26262__support_11462, std_req__isosae21434__org_management_5451, std_req__aspice_40__SUP-8-BP1, std_req__aspice_40__SUP-8-BP2
 
 
-[Your Tool Name]
-----------------
+.. note:: Tool Verification Report header
 
-.. note:: Document header
-
-      | .. document:: [Your Tool Name]
+      | .. doc_tool:: [Your Tool Name]
       |  :id: doc__tool__tool_name_version
-      |  :status: draft
-      |  :safety_affected: YES
-      |  :scurity_affected: YES
+      |  :status: [draft | evaluated | qualified | released | rejected]
+      |  :version: vX.Y.Z
+      |  :tcl: [LOW | HIGH]
+      |  :safety_affected: [YES | NO]
+      |  :security_affected: [YES | NO]
+      |  :realizes: PROCESS_wp__tool_verification_report
       |  :tags: tool_management
 
 .. attention::
     The above directive must be updated according to your tool.
 
+An example of a Tool Verification Report can be find here:
+`Example Tool Verification Report <https://eclipse-score.github.io/score/main/score_tools/doc_as_code.html#doc_tool__doc_as_code>`_
+
+
+[Your Tool Name] Verification Report
+------------------------------------
+
 Identification
 --------------
 [Identify the tool]

process/process_areas/tool_management/tool_management_concept.rst

@@ -21,15 +21,15 @@ Concept Description
    :tags: tool_management
 
 In this section a concept for the Tool Management will be discussed. Inputs for this concepts
-are the requirements of ISO2 6262 Part-8, Clause 11, ASPICE PAM 4.0, SUP.8 and
-ISO SAE 21434 Clause 5, 5.4.5 additionally including the requirements of the different stakeholders
-for the Tool Management process.
+are the requirements of ISO 26262 Part-8, Clause 11, ASPICE PAM 4.0, SUP.8 and
+ISO/SAE 21434 Clause 5, 5.4.5 additionally including the requirements of the different stakeholders
+for the Tool Management Process.
 
 Key concept
 ***********
-In general all Tools to generate the S-CORE product must be identified. As it is a S-CORE objective
-to use Tools wherever applicable to generate any kind of work products, the selection criteria for
-any Tool including OSS Tools must include therefore the determination of the Tool Confidence Level
+In general all tools to generate the project product must be identified. As it is a project objective
+to use tools wherever applicable to generate any kind of work product, the selection criteria for
+any tool including OSS tools must include therefore the determination of the Tool Confidence Level
 `(TCL) <https://www.validas.de/publications/automotive2012.pdf>`_ for the tool under consideration.
 
 Based on the resulting TCL additional Tool Qualification activities may required.
@@ -48,7 +48,7 @@ Stakeholders for the Tool Management
 #. :need:`Contributor <rl__contributor>`
    :need:`Infrastructure, Tooling Community <rl__infrastructure_tooling_community>`
 
-   * Contributes tooling, infrastructure elements to grow and mature the **S-CORE** development environment
+   * Contributes tooling, infrastructure elements to grow and mature the project development environment
 
 #. :need:`Safety Manager<rl__safety_manager>`, :need:`Security Manager <rl__security_manager>`,
    :need:`Committer <rl__committer>`
@@ -62,7 +62,7 @@ Also requirements of standards need to be taken into consideration:
 
 * ISO 26262
 * ASPICE
-* ISO SAE 21434
+* ISO/SAE 21434
 
 Required documentation
 **********************
@@ -74,8 +74,9 @@ Activities for Tool Management
 ******************************
 
 The main work product is the :need:`Tool Verification Report <wp__tool_verification_report>`.
-Thus the workflow :need:`Create Tool Verification Report <wf__tool__create_tool_verification_report>`
-applies.
+This work product is created and maintained until it is released. It contains the tool
+evaluation results as well as the qualification results, if applicable.
+For each tool the :ref:`Workflows <tlm_workflows>` applies.
 
 
 Attributes for Tool Management

process/process_areas/tool_management/tool_management_getstrt.rst

@@ -20,10 +20,23 @@ Getting Started
    :status: valid
    :tags: tool_management
 
-In case you want to use a tool within **S-CORE** consider to:
+This document describes the steps to evaluate tools and qualify them according to
+ISO 26262 and ISO/SAE 21434 as used standards in the project.
 
-* Check the tool list first: :need:`platform_tool_list <wp__tlm_plan>`. If the tool is already there and covers the intended use case, no further activity is needed
-* Make yourself familiar with the development and supporting process descriptions in :ref:`process_description`
-* Make yourself familiar with the relevant sections of the `Platform Management Plan <REPLACE_doc__platform_mgt_plan>`, here especially with `Tool Management Plan <REPLACE_doc__platform_tool_management_plan>`
-* If the tool is not on the list or does not cover the intended uses cases, continue with creation of a Tool Verification Report according to :need:`wf__tool__create_tool_verification_report`
-* In case of any questions, contact the :need:`Technical Lead <rl__technical_lead>`
+Therefore guidelines :need:`gd_temp__tool_management__verif_rpt_template` and a
+ :need:`doc_concept__tool__process` are available.
+
+
+General Workflow
+****************
+
+The workflows are defined in the :ref:`tlm_workflows` section.
+
+For every tool identified, the following workflows are executed:
+
+* Create tool verification report according to :need:`wf__tool__create_tool_verification_report`
+* Evaluate tool and update tool verification report according to :need:`wf__tool__evaluate_tool`
+* Qualify tool and update tool verification report according to :need:`wf__tool__qualify_tool`
+* Approve tool verification report according to :need:`wf__tool__approve_tool_verification_report`
+
+In addition create a tool management plan as part of the platform management plan according to :need:`wf__platform__cr_mt_platform_mgmt_plan`.

process/process_areas/tool_management/tool_management_workflow.rst

@@ -21,23 +21,73 @@ Workflow Tool Management
    :id: wf__tool__create_tool_verification_report
    :status: valid
    :responsible: rl__contributor
-   :approved_by: rl__committer, rl__safety_manager, rl__security_manager,
-   :supported_by: rl__technical_lead, rl__module_lead, rl__infrastructure_tooling_community
+   :approved_by: rl__committer
+   :supported_by: rl__safety_manager, rl__security_manager, rl__infrastructure_tooling_community
    :input: wp__issue_track_system, wp__tlm_plan
    :output: wp__tool_verification_report
    :contains: gd_temp__tool_management__verif_rpt_template, gd_chklst__tool__cr_review
    :has: doc_concept__tool__process, doc_getstrt__tool__process
 
-   The Tool Verification Report is created during identification of a tool in status draft.
+   The Tool Verification Report is created during identification of a tool in status
+   draft.
 
-   Each identified tool is evaluated and if applicable, qualified. During evaluation and
-   qualification the Tool Verification Report is updated and the status is set accordingly to
-   evaluated or qualified.
+   For creating the Tool Verification Report the content of the linked template shall
+   be used.
 
-   Finally the Tool Verification Report is verified and approved, and thus set to status released.
+.. workflow:: Evaluate Tool and Update Tool Verification Report
+   :id: wf__tool__evaluate_tool
+   :status: valid
+   :responsible: rl__contributor
+   :approved_by: rl__committer, rl__safety_manager, rl__security_manager
+   :supported_by: rl__infrastructure_tooling_community
+   :input: wp__tool_verification_report
+   :output: wp__tool_verification_report
+   :contains: gd_temp__tool_management__verif_rpt_template, gd_chklst__tool__cr_review
+   :has: doc_concept__tool__process, doc_getstrt__tool__process
+
+   Each identified tool is evaluated. During evaluation the Tool Verification Report
+   is updated accordingly.
+   After successful evaluation the status of the Tool Verification Report
+   is set to evaluated.
+
+   The successful evaluation shall contain a statement, if the tool shall be qualified
+   or not.
+
+   If tool qualification is not needed, the next step is :need:`wf__tool__approve_tool_verification_report`
+   otherwise continue with :need:`wf__tool__qualify_tool`.
+
+.. workflow:: Qualify Tool and Update Tool Verification Report
+   :id: wf__tool__qualify_tool
+   :status: valid
+   :responsible: rl__contributor
+   :approved_by: rl__committer, rl__safety_manager, rl__security_manager
+   :supported_by: rl__infrastructure_tooling_community
+   :input: wp__tool_verification_report
+   :output: wp__tool_verification_report
+   :contains: gd_temp__tool_management__verif_rpt_template, gd_chklst__tool__cr_review
+   :has: doc_concept__tool__process, doc_getstrt__tool__process
+
+   The identified tool is qualified, if applicable. During qualification the Tool
+   Verification Report is updated accordingly.
+   After successful qualification the status of the Tool Verification Report
+   is set to qualified.
+
+.. workflow:: Approve Tool Verification Report
+   :id: wf__tool__approve_tool_verification_report
+   :status: valid
+   :responsible: rl__safety_manager, rl__security_manager
+   :approved_by: rl__technical_lead, rl__module_lead
+   :supported_by: rl__infrastructure_tooling_community
+   :input: wp__tool_verification_report
+   :output: wp__tool_verification_report
+   :contains: gd_temp__tool_management__verif_rpt_template, gd_chklst__tool__cr_review
+   :has: doc_concept__tool__process, doc_getstrt__tool__process
 
-   For creating the Tool Verification Report the content of the linked template be used.
+   Finally the Tool Verification Report is verified and approved, and thus the status
+   is set to released.
 
+   If the verification is not successful or due to any other reason, e.g. the tool is
+   not needed any more as planned, the tool verification may also rejected at this point.
 
 .. needextend:: docname is not None and "process_areas/tool_management" in docname
    :+tags: tool_management

process/process_areas/tool_management/tool_management_workproducts.rst

@@ -31,7 +31,7 @@ Work Products Tool Management
    In addition security topics must be considered, as tool user manuals, access control for tools,
    proper tool documentation, guidelines, protection against malware introduction, etc.
 
-   Based on TCL the appropriate qualification methods shall be applied. For S-CORE
+   Based on TCL the appropriate qualification methods shall be applied. For the project
    the method **validation of software tool** must be used.