process remarks

docs/process/process_areas/requirements_engineering/guidance/requirements_guideline.rst

@@ -53,6 +53,8 @@ Templates
      - :need:`[[title]] <gd_temp__req__process_req>`
      - gd_req_t
 
+.. warning:: the templates have slightly different names, e.g. `stkh_req__`
+
 Additionally for the formulation of requirements following template is available: :need:`[[title]]<gd_temp__req__formulation>`
 
 Attributes
@@ -67,6 +69,7 @@ For all requirements following mandatory attributes need to be defined:
    :columns: title
    :colwidths: 30
 
+.. warning:: On first glance that's not the case for std_req and gd_req. Security is missing. Overall this is enforcable via metamodel.
 
 * Title and description: For the formulation of requirements following template shall be used :need:`[[title]]<gd_temp__req__formulation>`
 * ID: The naming convention for the ID is defined :ref:`here <naming_convention_needs>`.
@@ -152,6 +155,8 @@ Following roles should be included in the review:
 
 .. _derive_child_requirement:
 
+.. warning:: It's a "should", but let's ensure we understand correctly. No automatic enforcement.
+
 Derive child requirement and establish traceability
 ---------------------------------------------------
 

docs/process/process_areas/requirements_engineering/guidance/requirements_inspection_checklist.rst

@@ -28,97 +28,114 @@ Requirement Inspection Checklist
 
    **Checklist**
 
+   .. warning:: Added Automatable column. Overall the answer is "Not automatable".
+
    .. list-table:: Requirement Inspection Checklist
       :header-rows: 1
-      :widths: 10,30,50,6,6,8
+      :widths: 10,30,50,6,6,8,10
 
       * - Review ID
         - Acceptance Criteria
         - Guidance
         - Passed
         - Remarks
         - Issue link
+        - Automatable
       * - REQ_01_01
         - Is the requirement sentence template used?
         - see :need:`gd_temp__req__formulation`, this includes the use of "shall".
         -
         -
         -
+        - No (review support by AI possible...)
       * - REQ_02_01
         - Is the requirement description *comprehensible* ?
         - If you think the requirement is hard to understand, comment here.
         -
         -
         -
+        - No (review support by AI possible...)
       * - REQ_02_02
         - Is the requirement description *unambiguous* ?
         - Especially search for "weak words" like "about", "etc.", "relevant" and others (see the internet documentation on this). This check shall be supported by tooling.
         -
         -
         -
+        - No (review support by AI possible...)
       * - REQ_02_03
         - Is the requirement description *atomic* ?
         - A good way to think about this is to consider if the requirement may be tested by one (positive) test case or needs more of these. The sentence template should also avoid being non-atomic already. Note that there are cases where also non-atomic requirements are the better ones, for example if those are better understandable.
         -
         -
         -
+        - No (review support by AI possible...)
       * - REQ_02_04
         - Is the requirement description *feasible* ?
         - Expectation is that at the time of the inspection the requirement has already some implementation. This can be checked via traces, but also :need:`gd_req__req__attr_impl` shows this. In case the requirement is not mature enough at the time of inspection (i.e. not implemented at least as "proof-of-concept"), a development expert should be invited to the Pull-Request review to explicitly check this item.
         -
         -
         -
+        - No
       * - REQ_02_05
         - Is the requirement description *independent from implementation* ?
         - This checkpoint should improve requirements definition in the sense that the "what" is described and not the "how" - the latter should be described in architecture/design derived from the requirement. But there can also be a good reason for this, for example we would require using a file format like JSON and even specify the formatting standard already on stakeholder requirement level because we want to be compatible. A finding in this checkpoint does not mean there is a safety problem in the requirement.
         -
         -
         -
+        - No (review support by AI possible...)
       * - REQ_03_01
         - For stakeholder requirements: Is the *rationale* correct?
         - Rationales explain why the top level requirements were invented. Do those cover the requirement?
         -
         -
         -
+        - No
       * - REQ_03_02
         - For other requirements: Is the *linkage to the parent requirement* correct?
         - Linkage to correct levels and ASIL attributes is checked automatically, but it needs checking if the child requirement implements (at least) a part of the parent requirement.
         -
         -
         -
+        - No (review support by AI possible...)
       * - REQ_04_01
         - Is the requirement *internally and externally consistent*?
         - Does the requirement contradict other requirements within the same or higher levels? One may restrict the search to the feature for component requirements, for features to other features using same components.
         -
         -
         -
+        - No (review support by AI possible...)
       * - REQ_05_01
         - Do the software requirements consider *timing constraints of the parent requirement*?
         - This bullet point encourages to think about timing constraints even if those are not explicitly mentioned in the parent requirement. If the reviewer of a requirement already knows or suspects that the implementation will be time consuming, one should think of the expectation of a "user".
         -
         -
         -
+        - No (review support by AI possible...)
       * - REQ_06_01
         - Does the Requirement consider *external interfaces*?
         - The SW platform's external interfaces (to the user) are defined in the Feature Architecture, so the Feature and Component Requirements should determine the data consumed and set on these interfaces. Are output values completely defined?
         -
         -
         -
+        - No (review support by AI possible...)
       * - REQ_07_01
         - Is the *ASIL Attribute* set correctly?
         - Derived requirements are checked automatically, see :need:`gd_req__req__linkage_safety`. But for the top level requirements this needs to be checked for correctness. Also AoU from external components need check for correct ASIL as those are the "origin" of safety requirements towards the SW platform.
         -
         -
         -
+        - No (review support by AI possible...)
       * - REQ_07_02
         - Is the attribute *security* set correctly?
         - Stakeholder requirements security attribute should be set based on Threat Analysis and Risk Assessment (TARA) (process is TBD). Checklist item is supported by automated check: "Every requirement which satisfies a requirement with security attribute set to YES inherits this". Expectation is that the feature/component requirements/architecture may also be subject to a Software Security Criticality Analysis (process is TBD).
         -
         -
         -
+        - No (review support by AI possible...)
       * - REQ_08_01
         - Is the requirement *verifiable*?
         - Expectation is that at the time of the inspection already tests are created for the requirement. This can be checked via traces, but also :need:`gd_req__req__attr_test_covered` shows this. In case the requirement is not mature enough at the time of inspection (i.e. missing test cases), a test expert should be invited to the Pull-Request review to explicitly check this item.
         -
         -
         -
+        - No (review support by AI possible...)

docs/process/process_areas/requirements_engineering/guidance/requirements_process_reqs.rst

@@ -34,6 +34,10 @@ Process Requirements
       * Assumption of use requirement
       * Process requirement
 
+   .. warning::
+
+      Automatable, but unclear.
+
 .. _process_requirement_attributes:
 
 Process Requirement Attributes
@@ -54,6 +58,12 @@ Process Requirement Attributes
 
    The naming convention is defined here: :ref:`naming_convention_needs`
 
+   .. warning::
+
+      We cannot automate "human readable" and "keyword describing the content of the requirement".
+      We can enforce a unique ID. And probably whether it contains the last part of the feature tree, as long
+      as the feature tree is defined.
+
 .. gd_req:: Requirement attribute: title
    :id: gd_req__requirements_attr_title
    :status: valid
@@ -67,6 +77,10 @@ Process Requirement Attributes
    * Feature Requirements
    * Component Requirements
 
+   .. warning::
+
+      We cannot automate "a short summary of the description". But we can enforce that "shall" is not used in the title.
+
 .. gd_req:: Requirement attribute: description
    :id: gd_req__requirements_attr_description
    :status: valid
@@ -82,6 +96,10 @@ Process Requirement Attributes
 
       The concepts shall apply.
 
+   .. warning::
+
+      Enforceable!
+
 .. gd_req:: Requirement attribute: type
    :id: gd_req__req__attr_type
    :status: valid
@@ -96,6 +114,10 @@ Process Requirement Attributes
       * Legal
       * Non-Functional
 
+   .. warning::
+
+      Enforceable!
+
 .. gd_req:: Requirements attribute: security
    :id: gd_req__requirements_attr_security
    :status: valid
@@ -107,6 +129,10 @@ Process Requirement Attributes
       * Yes
       * No
 
+   .. warning::
+
+      Enforceable! But we should really clarify "Each".
+
 .. gd_req:: Requirement attribute: safety
    :id: gd_req__req__attr_safety
    :status: valid
@@ -120,6 +146,10 @@ Process Requirement Attributes
       * ASIL_B
       * ASIL_D
 
+   .. warning::
+
+      Enforceable! We don't need B(D) etc?
+
 .. gd_req:: Requirement attribute: status
    :id: gd_req__req__attr_status
    :status: valid
@@ -132,6 +162,10 @@ Process Requirement Attributes
       * valid
       * invalid
 
+   .. warning::
+
+      Enforceable!
+
 .. gd_req:: Requirement attribute: rationale
    :id: gd_req__req__attr_rationale
    :status: valid
@@ -140,6 +174,10 @@ Process Requirement Attributes
 
    Each stakeholder requirement shall provide a in the attribute rationale the reason why that the requirement is needed.
 
+   .. warning::
+
+      NOT Enforceable!
+
 .. _process_requirement_linkage:
 
 Process Requirement Linkage
@@ -158,6 +196,12 @@ Process Requirement Linkage
       * feature requirements <-> component requirements
       * workflow <-> process requirements
 
+   .. warning::
+
+      Doesn't this replace gd_req__req__structure?
+      Anyway, it's enforcable. But the direction is confusing.
+      stakeholder requirements satisfy feature requirements??
+
 .. gd_req:: Requirement attribute: requirement covered
    :id: gd_req__req__attr_req_cov
    :status: valid
@@ -170,6 +214,9 @@ Process Requirement Linkage
       * Yes
       * No
 
+   .. warning::
+      Is this a manual attribute or an automated one? Is it intentionally under linkage?
+
 .. gd_req:: Requirement attribute: link to implementation
    :id: gd_req__req__attr_impl
    :status: valid
@@ -178,6 +225,9 @@ Process Requirement Linkage
 
    It shall be possible to link requirements to code and include a link to github to the respective line of code in an attribute of the requirement.
 
+   .. warning::
+      We can do that... but isn't it wrong? It shall be possible to link requirements FROM code. In such cases the rendered requirement shall link to GitHub to the respective line of code...
+
 .. gd_req:: Requirement attribute: link to test
    :id: gd_req__req__attr_testlink
    :status: valid
@@ -187,6 +237,9 @@ Process Requirement Linkage
 
    It shall be possible to link requirements to tests and automatically include a link to the test case in the attribute testlink.
 
+   .. warning::
+      Unclear! What exactly is a "test case"?
+
 .. gd_req:: Requirement attribute: test covered
    :id: gd_req__req__attr_test_covered
    :status: valid
@@ -199,6 +252,9 @@ Process Requirement Linkage
       * Yes
       * No
 
+   .. warning::
+      = Optional attribute "testcovered". Why is this under linkage?
+
 .. gd_req:: Requirement attribute: versioning
    :id: gd_req__req__attr_hash
    :status: valid
@@ -210,6 +266,10 @@ Process Requirement Linkage
 
    A more detailed description of the concept can be found here: :need:`gd_req__req__attr_hash`
 
+   .. warning::
+      Hash is a solution, which we may not need anymore since we have versioned releases.
+      We could just as well introdocude versioning like `stkh_req_1@v0.1`.
+
 .. _process_requirement_checks:
 
 Process Requirements Checks
@@ -229,6 +289,11 @@ Process Requirements Checks
       :columns: title
       :colwidths: 30
 
+   .. warning::
+
+      Isn't this redundant to all the requirements above?
+      As they are finer grained, it would make more sense to implement the ones above?!
+
 .. gd_req:: Requirements no weak words
    :id: gd_req__req__attr_desc_weak
    :status: valid
@@ -241,6 +306,11 @@ Process Requirements Checks
    * Feature Requirements
    * Component Requirements
 
+   .. warning::
+
+      Definition of "weak words" is not clear.
+
+      Note: implementation is wrong, as it checks all needs, not just those 3.
 
 .. gd_req:: Requirements linkage level
    :id: gd_req__req__linkage_fulfill
@@ -253,6 +323,11 @@ Process Requirements Checks
 
    :ref:`traceability concept for requirements`
 
+   .. warning::
+
+      Even invalid ones etc? Seems it's not easily possible to create a draft requirement.
+      But it's enforcable!
+
 .. gd_req:: Requirements linkage architecture
    :id: gd_req__req__linkage_architecture
    :status: valid
@@ -262,6 +337,10 @@ Process Requirements Checks
 
    It shall be checked if every feature- and component requirement is linked at least to one architectural element.
 
+   .. warning::
+
+      Shouldn't there be some logic like feature requirements to feature architectural elements?
+
 .. gd_req:: Requirements linkage safety
    :id: gd_req__req__linkage_safety
    :status: valid
@@ -271,5 +350,14 @@ Process Requirements Checks
 
    It shall be checked that safety requirements (Safety != QM) can only be linked against safety requirements.
 
+   .. warning::
+
+      Does this include all links in all directions?
+
 .. needextend:: "process_areas/requirements_engineering" in docname
    :+tags: requirements_engineering
+
+.. warning::
+
+   Observation overall: this entire page is a weak (unprecise!) description of our metamodel.yml file.
+   Not sure what to do with that. But it does seem like duplicated effort/information.

docs/process/process_areas/requirements_engineering/guidance/requirements_templates.rst

@@ -17,6 +17,8 @@
 Templates
 =========
 
+.. warning:: These are not synced? e.g. security is missing.
+
 .. gd_temp:: Stakeholder Requirements Templates
    :id: gd_temp__req__stkh_req
    :status: valid