Risto Nevalainen - Academia.edu (original) (raw)

Papers by Risto Nevalainen

Communications in Computer and Information Science, 2012

Communications in Computer and Information Science, 2013

In the EU project SafEUr (518632-LLP-1-2011-1-AT-LEONARDO-LMP) the partnership developed a skill ... more In the EU project SafEUr (518632-LLP-1-2011-1-AT-LEONARDO-LMP) the partnership developed a skill set with learning objectives, training materials, and tools to teach and coach the implementation of IEC 61508 and ISO 26262. Automotive, Medical, and Nuclear industry gave inputs to the project. A group of above 20 multinational companies (SOQRATES www.soqrates.de) which also are active in automotive industry (some of them represent the largest suppliers in Automotive industry) organised reviews and trial courses with safety managers. This led to a defined set of skills and tools we expect from functional safety managers and functional safety engineers. In this paper we describe the results of SafEUr, the feedback we received from the collaboration with leading automotive industry and the next steps in 2013 to launch this schema with official certificates from end of 2013 onwards.

Software Process: Improvement and Practice, 2007

Teollisuuden Voima Oy (TVO) operates two nuclear power plant units in Finland and has started to ... more Teollisuuden Voima Oy (TVO) operates two nuclear power plant units in Finland and has started to build a third one. The current nuclear power units have to continuously maintain and update existing instrumentation and control systems (I&C). Each new device will have to be classified and qualified according to its safety requirements. Using modern technology means in practice that more and more components have programmable features. The reliability of such components has proved to be difficult to demonstrate because of the nature of flaws in the software. Standards and rules given by authorities set the acceptance criteria for the components used in the safety systems of nuclear power plants. As a result of this trend, there is a clear need for an integrated and effective method to qualify software-intensive I&C systems in nuclear power plant units. The integration has three major areas: (i) definition and harmonization of requirements for software-intensive systems at different safety classes, (ii) integration of several approaches such as Software Process Improvement and Capability dEtermination (SPICE) and Failure Mode, Effects and Criticality Analysis method (FMECA) to improve confidence in qualification and (iii) integration of the system acquisition and qualification processes to improve the total effectiveness of the acquisition, delivery and deployment processes. The integrated qualification method is called the TVO SoftWare Evaluation Procedure (SWEP). It consists of a detailed qualification process and related methods for safety category B and C (IEC 61226) and Finnish safety class 3 qualifications. TVO will use the TVO SWEP method to evaluate suppliers and the conformance of their products/systems against requirements. It has been used in several cases, and it seems to save a lot of qualification resources compared to traditional methods.

Communications in Computer and Information Science, 2014

ABSTRACT

Communications in Computer and Information Science, 2013

Most formal assessment and evaluation techniques and standards assume that software can be analys... more Most formal assessment and evaluation techniques and standards assume that software can be analysed like any physical item. In safety-critical systems, software is an important component providing functionality. Often it is also the most difficult component to assess. Balanced use of process assessment and product evaluation methods is needed, because lack of transparency in software must be compensated with a more formal development process. Safety case is an effective approach to demonstrate safety, and then both process and product are necessary evidence types. Safety is also a likely candidate to be approached as a process quality characteristic. Here we present a tentative set of process quality attributes that support achievement of safety requirements of a software product.

Journal of Software: Evolution and Process, 2013

ABSTRACT International Organization for Standardization/International Electrotechnical Commission... more ABSTRACT International Organization for Standardization/International Electrotechnical Commission 15504 has been applied to several domains, where safety is one main characteristic for software and systems. Nuclear power industry is one of the most challenging domains, because of its extreme safety requirements. Nuclear power domain has also a long tradition in using its own standards, classifications and certification schemes. This article discusses the Nuclear SPICE model and how it combines both SPICE related generic requirements with functional safety and nuclear specific elements. Conformance with standards is not any absolute guarantee for safety. Safety can be achieved only by using several different approaches, which all provide their own evidences and support for qualification and licensing. Copyright © 2013 John Wiley & Sons, Ltd.

Journal of Software Maintenance and Evolution: Research and Practice, 2000

The Appraisal Assistant process assessment tool has been developed to support the assessment or a... more The Appraisal Assistant process assessment tool has been developed to support the assessment or appraisal of process capability and/or organizational maturity, following approaches consistent with the requirements of ISO/IEC 15504 and the Appraisal Requirements for the Capability Maturity Model ® Integration (CMMI ® ). In the course of an assessment a workload data file is captured containing information on the volume and usage of collected evidence in the assessment. This paper presents an analysis of evidence usage data from a total of 20 assessments employing a range of Process Assessment Models and Assessment Methods. Key differences between ISO/IEC 15504-based and CMMI-based assessments are identified, and some explanations of the differences are offered.

Proceedings of the …

... Download, http://hdl.handle.net/10072/31187\. Herausgeber, Turku Centre for Computer Science, ... more ... Download, http://hdl.handle.net/10072/31187. Herausgeber, Turku Centre for Computer Science, Turku, http://www.spiceconference.com/. Mitarbeiter, Terry Rout, Ivan Porres, Risto Nevalainen, Beatrix Barafort, SPICE Users Group. Archiv, ARROW Discovery Service (Australia). ...

Journal of Software: Evolution and Process, 2010

... ADDITIONAL REQUIREMENTS FOR PROCESS ASSESSMENT ... Power Guide requires certified software in... more ... ADDITIONAL REQUIREMENTS FOR PROCESS ASSESSMENT ... Power Guide requires certified software in the highest safety class, hence there is a need to develop a national ... Still, the process assessment is only a complementary method when the final validity of the product is ...

Several real-life qualifications are already done by using TVO SWEP method. The goals of the meth... more Several real-life qualifications are already done by using TVO SWEP method. The goals of the method are achieved well, and the pre-qualification is effective. It is evident that TVO

SAFIR2010. The Finnish Research Programme on Safety 2007-2010. Final Report. Puska, Eija Karita &... more SAFIR2010. The Finnish Research Programme on Safety 2007-2010. Final Report. Puska, Eija Karita & Suolanen, Vesa. VTT Research Notes 2571, 66 - 76 As a part of the Finnish nuclear research program SAFIR2010 a project called CERFAS aimed to define necessary software certification services for nuclear industry needs. Main areas of the service development activities are process assessment and product evaluation. As a part of the Finnish nuclear research program SAFIR2010 a project called CERFAS aimed to define necessary software certification services for nuclear industry needs. Main areas of the service development activities are process assessment and product evaluation.

Lecture Notes in Computer Science, 2010

In the nuclear domain, regulators have strict requirements for safetycritical software. In this p... more In the nuclear domain, regulators have strict requirements for safetycritical software. In this paper requirements in three documents (two software standards and the Common Position of nuclear domain regulators) were compared. The aim of the work was to find out how ...

2010 Seventh International Conference on the Quality of Information and Communications Technology, 2010

Abstract In the nuclear domain, regulators have strict requirements for safety-critical software.... more Abstract In the nuclear domain, regulators have strict requirements for safety-critical software. As a part of Finnish nuclear research program SAFIR2010 an on-going project called CERFAS aims to define necessary software certification services for nuclear ...

ABSTRACT From the agile camp you can hear someone to say that CMMI is the big American waterfall ... more ABSTRACT From the agile camp you can hear someone to say that CMMI is the big American waterfall model monster, and is outright contra productive to agile methods. From the CMMI camp you can hear someone to say that agile methods is hackers from hell that uses the agile paradigm to enjoy anarchy with no rules. You can also hear some say that agile works the best in CMMI level 5 companies. The context of the dilemma however is slightly awkward. CMMI describes characteristics of good development practices, and agile is a lifecycle concept. So from a meta point of view they can easily co-exist. We would like to state that they do, and that you need both to support the best development performance. Starting in December 2011 three surveys were launched to get an idea about what could an agile maturity model deliver and what might be its added value. 67 Participants from several agile or/and CMMI® related LinkedIn Groups contributed to the survey. This article explains the survey results and proposes further research topics and harmonization actions.

ABSTRACT The paper describes the current status of agile maturity models. It shows where such mod... more ABSTRACT The paper describes the current status of agile maturity models. It shows where such models can be found and it contains a structured top level compilation of the currently available agile maturity models. In the second section, the paper describes an approach to analyse these agile maturity models, extracts their content, maps it to a reference model and then synthesizes the real agile maturity issues. The paper also describes the needs for scientific research in this topic. The paper will not present its own Agile Maturity Model. This will be the task for further research. It intends however to compile current agile maturity model thinking linking it to philosophical issues partly also raised in recent initiatives like the SPI Manifesto, the ECQA PI Manager Certification Scheme and SEMAT.

J. Softw. Evol. and Proc., 2014

ABSTRACT The paper discusses structure, quality and content of the currently available agile matu... more ABSTRACT The paper discusses structure, quality and content of the currently available agile maturity models. It presents two approaches on how to deal with such models. As a first step of the analysis, the paper contains a compilation of maturity level naming used by these agile maturity models because the variety of level naming is a sign of the variety of understanding and of definition of agile maturity. While many papers deal with agile from an inside perspective, this paper is written from the perspective of Software Process Improvement (SPI) and Capability Determination, the European Certification and Qualification Association PI Manager Certification Scheme and also the SPI Manifesto. The paper does not explicitly present its own agile maturity model. The analysis approaches presented in the paper show that the currently available agile maturity models are not fit for industrial use. The synthesis of an acceptable model seems to be feasible as the analysed models address typical organisational processes including life cycle management. Copyright © 2013 John Wiley & Sons, Ltd.

Journal of Software Maintenance and Evolution: Research and Practice, 2000

... E-mail: risto.nevalainen@fisma.fi Copyright q 2009 John Wiley & Sons, Ltd. Page 2. 270 R.... more ... E-mail: risto.nevalainen@fisma.fi Copyright q 2009 John Wiley & Sons, Ltd. Page 2. 270 R. NEVALAINEN AND T. SCHWEIGERT expectations. One reason behind this is poor understanding of competences, roles and responsi-bilities of PI activities and tasks. ...

Software Process Improvement and Capability Determination, 2012

ABSTRACT From the agile camp you can hear someone to say that CMMI is the big American waterfall ... more ABSTRACT From the agile camp you can hear someone to say that CMMI is the big American waterfall model monster, and is outright contra productive to agile methods. From the CMMI camp you can hear someone to say that agile methods is hackers from hell that uses the agile paradigm to enjoy anarchy with no rules. You can also hear some say that agile works the best in CMMI level 5 companies. The context of the dilemma however is slightly awkward. CMMI describes characteristics of good development practices, and agile is a lifecycle concept. So from a meta point of view they can easily co-exist. We would like to state that they do, and that you need both to support the best development performance. Starting in December 2011 three surveys were launched to get an idea about what could an agile maturity model deliver and what might be its added value. 67 Participants from several agile or/and CMMI® related LinkedIn Groups contributed to the survey. This article explains the survey results and proposes further research topics and harmonization actions.

Systems, Software and Services Process Improvement, 2013

ABSTRACT The paper describes the current status of agile maturity models. It shows where such mod... more ABSTRACT The paper describes the current status of agile maturity models. It shows where such models can be found and it contains a structured top level compilation of the currently available agile maturity models. In the second section, the paper describes an approach to analyse these agile maturity models, extracts their content, maps it to a reference model and then synthesizes the real agile maturity issues. The paper also describes the needs for scientific research in this topic. The paper will not present its own Agile Maturity Model. This will be the task for further research. It intends however to compile current agile maturity model thinking linking it to philosophical issues partly also raised in recent initiatives like the SPI Manifesto, the ECQA PI Manager Certification Scheme and SEMAT.

Communications in Computer and Information Science, 2012

Communications in Computer and Information Science, 2013

In the EU project SafEUr (518632-LLP-1-2011-1-AT-LEONARDO-LMP) the partnership developed a skill ... more In the EU project SafEUr (518632-LLP-1-2011-1-AT-LEONARDO-LMP) the partnership developed a skill set with learning objectives, training materials, and tools to teach and coach the implementation of IEC 61508 and ISO 26262. Automotive, Medical, and Nuclear industry gave inputs to the project. A group of above 20 multinational companies (SOQRATES www.soqrates.de) which also are active in automotive industry (some of them represent the largest suppliers in Automotive industry) organised reviews and trial courses with safety managers. This led to a defined set of skills and tools we expect from functional safety managers and functional safety engineers. In this paper we describe the results of SafEUr, the feedback we received from the collaboration with leading automotive industry and the next steps in 2013 to launch this schema with official certificates from end of 2013 onwards.

Software Process: Improvement and Practice, 2007

Teollisuuden Voima Oy (TVO) operates two nuclear power plant units in Finland and has started to ... more Teollisuuden Voima Oy (TVO) operates two nuclear power plant units in Finland and has started to build a third one. The current nuclear power units have to continuously maintain and update existing instrumentation and control systems (I&C). Each new device will have to be classified and qualified according to its safety requirements. Using modern technology means in practice that more and more components have programmable features. The reliability of such components has proved to be difficult to demonstrate because of the nature of flaws in the software. Standards and rules given by authorities set the acceptance criteria for the components used in the safety systems of nuclear power plants. As a result of this trend, there is a clear need for an integrated and effective method to qualify software-intensive I&C systems in nuclear power plant units. The integration has three major areas: (i) definition and harmonization of requirements for software-intensive systems at different safety classes, (ii) integration of several approaches such as Software Process Improvement and Capability dEtermination (SPICE) and Failure Mode, Effects and Criticality Analysis method (FMECA) to improve confidence in qualification and (iii) integration of the system acquisition and qualification processes to improve the total effectiveness of the acquisition, delivery and deployment processes. The integrated qualification method is called the TVO SoftWare Evaluation Procedure (SWEP). It consists of a detailed qualification process and related methods for safety category B and C (IEC 61226) and Finnish safety class 3 qualifications. TVO will use the TVO SWEP method to evaluate suppliers and the conformance of their products/systems against requirements. It has been used in several cases, and it seems to save a lot of qualification resources compared to traditional methods.

Communications in Computer and Information Science, 2014

ABSTRACT

Communications in Computer and Information Science, 2013

Most formal assessment and evaluation techniques and standards assume that software can be analys... more Most formal assessment and evaluation techniques and standards assume that software can be analysed like any physical item. In safety-critical systems, software is an important component providing functionality. Often it is also the most difficult component to assess. Balanced use of process assessment and product evaluation methods is needed, because lack of transparency in software must be compensated with a more formal development process. Safety case is an effective approach to demonstrate safety, and then both process and product are necessary evidence types. Safety is also a likely candidate to be approached as a process quality characteristic. Here we present a tentative set of process quality attributes that support achievement of safety requirements of a software product.

Journal of Software: Evolution and Process, 2013

ABSTRACT International Organization for Standardization/International Electrotechnical Commission... more ABSTRACT International Organization for Standardization/International Electrotechnical Commission 15504 has been applied to several domains, where safety is one main characteristic for software and systems. Nuclear power industry is one of the most challenging domains, because of its extreme safety requirements. Nuclear power domain has also a long tradition in using its own standards, classifications and certification schemes. This article discusses the Nuclear SPICE model and how it combines both SPICE related generic requirements with functional safety and nuclear specific elements. Conformance with standards is not any absolute guarantee for safety. Safety can be achieved only by using several different approaches, which all provide their own evidences and support for qualification and licensing. Copyright © 2013 John Wiley & Sons, Ltd.

Journal of Software Maintenance and Evolution: Research and Practice, 2000

The Appraisal Assistant process assessment tool has been developed to support the assessment or a... more The Appraisal Assistant process assessment tool has been developed to support the assessment or appraisal of process capability and/or organizational maturity, following approaches consistent with the requirements of ISO/IEC 15504 and the Appraisal Requirements for the Capability Maturity Model ® Integration (CMMI ® ). In the course of an assessment a workload data file is captured containing information on the volume and usage of collected evidence in the assessment. This paper presents an analysis of evidence usage data from a total of 20 assessments employing a range of Process Assessment Models and Assessment Methods. Key differences between ISO/IEC 15504-based and CMMI-based assessments are identified, and some explanations of the differences are offered.

Proceedings of the …

... Download, http://hdl.handle.net/10072/31187\. Herausgeber, Turku Centre for Computer Science, ... more ... Download, http://hdl.handle.net/10072/31187. Herausgeber, Turku Centre for Computer Science, Turku, http://www.spiceconference.com/. Mitarbeiter, Terry Rout, Ivan Porres, Risto Nevalainen, Beatrix Barafort, SPICE Users Group. Archiv, ARROW Discovery Service (Australia). ...

Journal of Software: Evolution and Process, 2010

... ADDITIONAL REQUIREMENTS FOR PROCESS ASSESSMENT ... Power Guide requires certified software in... more ... ADDITIONAL REQUIREMENTS FOR PROCESS ASSESSMENT ... Power Guide requires certified software in the highest safety class, hence there is a need to develop a national ... Still, the process assessment is only a complementary method when the final validity of the product is ...

Several real-life qualifications are already done by using TVO SWEP method. The goals of the meth... more Several real-life qualifications are already done by using TVO SWEP method. The goals of the method are achieved well, and the pre-qualification is effective. It is evident that TVO

SAFIR2010. The Finnish Research Programme on Safety 2007-2010. Final Report. Puska, Eija Karita &... more SAFIR2010. The Finnish Research Programme on Safety 2007-2010. Final Report. Puska, Eija Karita & Suolanen, Vesa. VTT Research Notes 2571, 66 - 76 As a part of the Finnish nuclear research program SAFIR2010 a project called CERFAS aimed to define necessary software certification services for nuclear industry needs. Main areas of the service development activities are process assessment and product evaluation. As a part of the Finnish nuclear research program SAFIR2010 a project called CERFAS aimed to define necessary software certification services for nuclear industry needs. Main areas of the service development activities are process assessment and product evaluation.

Lecture Notes in Computer Science, 2010

In the nuclear domain, regulators have strict requirements for safetycritical software. In this p... more In the nuclear domain, regulators have strict requirements for safetycritical software. In this paper requirements in three documents (two software standards and the Common Position of nuclear domain regulators) were compared. The aim of the work was to find out how ...

2010 Seventh International Conference on the Quality of Information and Communications Technology, 2010

Abstract In the nuclear domain, regulators have strict requirements for safety-critical software.... more Abstract In the nuclear domain, regulators have strict requirements for safety-critical software. As a part of Finnish nuclear research program SAFIR2010 an on-going project called CERFAS aims to define necessary software certification services for nuclear ...

ABSTRACT From the agile camp you can hear someone to say that CMMI is the big American waterfall ... more ABSTRACT From the agile camp you can hear someone to say that CMMI is the big American waterfall model monster, and is outright contra productive to agile methods. From the CMMI camp you can hear someone to say that agile methods is hackers from hell that uses the agile paradigm to enjoy anarchy with no rules. You can also hear some say that agile works the best in CMMI level 5 companies. The context of the dilemma however is slightly awkward. CMMI describes characteristics of good development practices, and agile is a lifecycle concept. So from a meta point of view they can easily co-exist. We would like to state that they do, and that you need both to support the best development performance. Starting in December 2011 three surveys were launched to get an idea about what could an agile maturity model deliver and what might be its added value. 67 Participants from several agile or/and CMMI® related LinkedIn Groups contributed to the survey. This article explains the survey results and proposes further research topics and harmonization actions.

ABSTRACT The paper describes the current status of agile maturity models. It shows where such mod... more ABSTRACT The paper describes the current status of agile maturity models. It shows where such models can be found and it contains a structured top level compilation of the currently available agile maturity models. In the second section, the paper describes an approach to analyse these agile maturity models, extracts their content, maps it to a reference model and then synthesizes the real agile maturity issues. The paper also describes the needs for scientific research in this topic. The paper will not present its own Agile Maturity Model. This will be the task for further research. It intends however to compile current agile maturity model thinking linking it to philosophical issues partly also raised in recent initiatives like the SPI Manifesto, the ECQA PI Manager Certification Scheme and SEMAT.

J. Softw. Evol. and Proc., 2014

ABSTRACT The paper discusses structure, quality and content of the currently available agile matu... more ABSTRACT The paper discusses structure, quality and content of the currently available agile maturity models. It presents two approaches on how to deal with such models. As a first step of the analysis, the paper contains a compilation of maturity level naming used by these agile maturity models because the variety of level naming is a sign of the variety of understanding and of definition of agile maturity. While many papers deal with agile from an inside perspective, this paper is written from the perspective of Software Process Improvement (SPI) and Capability Determination, the European Certification and Qualification Association PI Manager Certification Scheme and also the SPI Manifesto. The paper does not explicitly present its own agile maturity model. The analysis approaches presented in the paper show that the currently available agile maturity models are not fit for industrial use. The synthesis of an acceptable model seems to be feasible as the analysed models address typical organisational processes including life cycle management. Copyright © 2013 John Wiley & Sons, Ltd.

Journal of Software Maintenance and Evolution: Research and Practice, 2000

... E-mail: risto.nevalainen@fisma.fi Copyright q 2009 John Wiley & Sons, Ltd. Page 2. 270 R.... more ... E-mail: risto.nevalainen@fisma.fi Copyright q 2009 John Wiley & Sons, Ltd. Page 2. 270 R. NEVALAINEN AND T. SCHWEIGERT expectations. One reason behind this is poor understanding of competences, roles and responsi-bilities of PI activities and tasks. ...

Software Process Improvement and Capability Determination, 2012

ABSTRACT From the agile camp you can hear someone to say that CMMI is the big American waterfall ... more ABSTRACT From the agile camp you can hear someone to say that CMMI is the big American waterfall model monster, and is outright contra productive to agile methods. From the CMMI camp you can hear someone to say that agile methods is hackers from hell that uses the agile paradigm to enjoy anarchy with no rules. You can also hear some say that agile works the best in CMMI level 5 companies. The context of the dilemma however is slightly awkward. CMMI describes characteristics of good development practices, and agile is a lifecycle concept. So from a meta point of view they can easily co-exist. We would like to state that they do, and that you need both to support the best development performance. Starting in December 2011 three surveys were launched to get an idea about what could an agile maturity model deliver and what might be its added value. 67 Participants from several agile or/and CMMI® related LinkedIn Groups contributed to the survey. This article explains the survey results and proposes further research topics and harmonization actions.

Systems, Software and Services Process Improvement, 2013

ABSTRACT The paper describes the current status of agile maturity models. It shows where such mod... more ABSTRACT The paper describes the current status of agile maturity models. It shows where such models can be found and it contains a structured top level compilation of the currently available agile maturity models. In the second section, the paper describes an approach to analyse these agile maturity models, extracts their content, maps it to a reference model and then synthesizes the real agile maturity issues. The paper also describes the needs for scientific research in this topic. The paper will not present its own Agile Maturity Model. This will be the task for further research. It intends however to compile current agile maturity model thinking linking it to philosophical issues partly also raised in recent initiatives like the SPI Manifesto, the ECQA PI Manager Certification Scheme and SEMAT.