Watching Industries Grow Up in a Hurry: Q&A with LDRA
Following the examples of aerospace and defense, the industrial, automotive and medical markets are strengthening safety- and security-critical software development for embedded systems.
Editor’s Note: LDRA, already working closely with Richland Technologies to meet the needs of customers developing safety- and security-critical embedded systems in the avionics sector, announced last month that the two companies will continue collaborating. However, as the partnership continues it will now encompass markets in addition to avionics. LDRA and Richland will develop solutions for industrial, medical, and automotive sectors, building on success with safety- and security-critical systems for avionics. Jim McElroy, Vice President of Marketing at LDRA, spoke with EECatalog not long after the partnership’s expanded role was revealed. McElroy has kept a particularly close eye on how companies in the medical and automotive sectors are now demonstrating their willingness to mature quickly when it comes to software development safety and security. Edited excerpts from our interview follow:
EECatalog: What factors were key to successfully extending the Richland partnership?
Jim McElroy, LDRA: One, Richland has proven its success using our products for some time. Richland’s experience is important to us and our customers, and the relationship makes perfect sense from that perspective. And Richland has demonstrated it has the knowledge necessary to develop safe and secure software for the industrial, medical, and automotive markets as well as for the defense and aerospace markets.
Secondly, the scalability of the Richland organization is key, as the company has shown it can scale with the needs of customers.
EECatalog: What triggers a need to scale up or down?
McElroy, LDRA: The software development life cycle, whereby at certain points in time our customers add developers and may need to perform increased levels of software analysis and verification.
EECatalog: How does the close relationship with Richland leverage LDRA’s software verification tool suite?
McElroy, LDRA: Richland helps our mutual customers throughout the software development life cycle, starting early in the process. Richland can help customers set up and define their requirements—whether functional-, safety- or security-related very early in the development process.
Many of our customers also need to perform a risk analysis up front. On the security side, Richland can help customers understand where the application is potentially more vulnerable to attack. Or if it’s a safety-focused initiative, Richland brings its expertise to bear in analyzing problems and helping our customers determine the risks associated with a particular program or project. And that carries into the functional safety and security requirements as they are developed. For example, a customer would utilize our tool suite to define and trace those requirements into and throughout the software development life cycle. Traceability is important for all those projects that require either software qualification or certification.
Then, after the requirements are elicited, Richland helps our mutual customers apply both static and dynamic analysis to help them produce high assurance software. For example, during the static analysis phases, they analyze software code prior to compilation, examining the code for certain characteristics, mostly focused on quality. The LDRA tool suite is helping Richland and the customer elicit any potential problems with respect to code clarity, consistency, and maintainability—even before it’s been compiled.
From a software quality perspective, the lion’s share of our customers leverage coding standards, such as MISRA, or an in-house defined standard, or a combination of a commercial and in-house defined standard. Richland can help our customers apply static analysis to make sure their code is clean, consistent, and maintainable as it is being developed. As the code moves into compilation and testing, Richland employs our tools to automate the testing process, adding efficiency and quality.
Furthermore, by using the tool suite they can measure the effectiveness of the overall testing process. They can understand what pieces of code have and have not been executed during their testing phases of development. This makes it possible to fully understand what needs additional testing and what does not, freeing resources and energy.
With regard to requirements traceability, static analysis, dynamic structural coverage analysis, and automated testing capabilities, Richland is helping our customers in all phases of the software development and verification life cycle.
EECatalog: Just with a ballpark figure, what savings are possible when your customers are able to analyze software before compilation?
McElroy, LDRA: Customer feedback tells us that you could be saving 80 percent of your time and money by catching and fixing a bug earlier in the software development life cycle, and really that is what static analysis and unit testing is all about—making sure that as you write code, vulnerabilities aren’t creeping in. Static analysis highlights any potential weaknesses or vulnerabilities in your code, and unit testing highlights behavioral problems in smaller units where they are less costly to fix.
Static analysis in particular would also identify any potential safety constructs in your code that may not be addressed, or safety weaknesses, enabling you to fix those prior to compilation. While the specific amount of money, time, and energy saved would depend on your whole project, various studies, not just LDRA’s, cite schedule and cost savings in the 60 to 80 percent range.
EECatalog: Is the IoT one of the factors causing medical to be an up-and-coming safety- and security-critical market?
McElroy, LDRA: Yes, the IoT is a factor, particularly from a security perspective. The HIPAA laws have been in place for a while but are more focused on the information side. As medical devices become more connected, information will flow to and from these devices and enable truly innovative healthcare solutions. Originally these devices were standalone and limited in their capabilities. Now, in the IoT, these devices can provide remote healthcare solutions. That all said, these systems must be kept secure or they will not be safe. So, while increased connectivity makes innovative healthcare solutions possible, software quality and security is critical for the safety and effectiveness of these medical devices.
EECatalog: Does it make sense for some companies to develop their own in-house resources to the point where they are self-reliant in these matters?
McElroy, LDRA: Do they need to be completely self-reliant? I would say, no. Is there benefit? Yes. However, maintaining a large number of people with that level of experience and expertise is potentially very costly. I do recommend, though, that companies have some expertise internally. Maybe there is a small oversight group, or in a smaller company, maybe it’s just an individual.
There is always this tradeoff between the cost of bringing in or developing those skill sets internally versus leveraging proven experience and success from an external resource. A company like Richland can achieve near zero ramp time to begin producing results. So the likelihood of success—meaning the project is within budget and within schedule—goes up significantly.
I believe it’s best to pair an internal expert or experts with an outside team for balance. When we are talking about software quality it is always beneficial to have an independent viewpoint and independent observer not only concerning the quality of the process, but also concerning the software analysis. An independent set of eyes is increasingly valuable.
EECatalog: Why is this extra set of eyes increasingly valuable and what kinds of problems can be avoided?
Jim McElroy, LDRA: Systems are becoming more and more complex, and connectivity is one of the reasons for that complexity. As the footprint for many systems decreases, people are looking at new technologies and multicore processors to accomplish more in a smaller area.
We see a lot of our customers leveraging the value of an outside viewpoint. Sometimes we are too close to something to see the actual big picture. There is tremendous value from a quality perspective in either relying on an independent outsider viewpoint or on having your internal software quality organization focused, as an independent group, on your software development life cycle.
The biggest problem our customers are trying to avoid is the cost of a recall. Cost of poor software quality can be in terms of money, reputation, and even greater impact to the business itself. We have seen the cost of a recall have tremendous effect on the business in a number of markets. We have seen this in the automotive industry. And we have seen it in the medical device sector. Recalls are hugely expensive. So companies need to do everything possible to release their products on time and with the highest possible quality to realize the value of hitting the market window. Looking at the best method for software tools and technology is no longer a luxury; it’s becoming imperative to be able to compete in today’s real-time embedded software markets.
In reality, some companies are more mature than others in their software quality assurance process. If you look at the aerospace and defense industries, quality assurance has been around for a long time, and there has always been an independent set of eyes on the software development life cycle. Development organizations must follow a rigorous software development process to achieve the necessary levels of assurance.
The medical industry, while it is not on the complete opposite end of the spectrum from aerospace and defense, is maturing at an accelerated pace, and doing so for many business reasons, with recall issues being one of them.
The medical device market is recognizing that collectively this sector must do a better job of developing high quality software—they can’t afford recalls. Device manufacturers are becoming increasingly familiar with IEC 62304 as a software development standard to help guide them in the production of safe and effective medical device software. It’s interesting how we are seeing the different industries, in their maturation stages, ask, “How can we look at being more efficient, yet produce the highest quality software with regard to safety and security?”
EECatalog: And customers as well need an understanding of the standards.
McElroy, LDRA: Yes, our customers should have a fundamental understanding of the standards to realize the most benefit. Device manufacturers who rely on our tools and outside quality resources like Richland should become familiar with and understand the standards, so they can understand what is required of them—that’s an important point. Otherwise, they are just relying on their third-party resource and our technologies to guide them without realizing the true understanding of what it takes to deliver software under these standards. Although Richland can certainly supply that confidence to the manufacturer, my personal recommendation is that our customers need to become familiar with the standard as well, at least at the base level.
EECatalog: It must be interesting to see the addressing of safety- and security-critical concerns play out in the medical or any other sector that you might describe as less mature from a safety- and security critical perspective.
McElroy, LDRA: I would go further and say it is fascinating. I have been an embedded software developer for many years working on safety-critical applications, and I took it as common sense (coming from the aerospace and defense sector) to do things in a more rigorous way.
Just over the past three, four, five years—depending on the companies we are working with—we are seeing the medical industry and some of the automotive industry starting to follow a more rigorous software development life cycle because business is demanding it. The complexity of the applications; the cost of a potential recall or system failure—it’s just too high, so they need to be more mature. It’s captivating to me to see how these other industries are going about catching up by leveraging companies like Richland to help expedite their software maturity process.
The good news is: they are doing it. And so companies that were less willing to invest in tools and technology are now recognizing that they can no longer afford not to. Of course, that puts us in a very good position because of our over 40 years of experience with helping customers in safety- and security-critical software development sectors.