Quality

Expert Synthesis Manifest

Generated: 2026-06-20T16:56:36+00:00

• Source rule: no direct PDF analysis; generated from extracted requirements and downstream mappings.
• Feature domains generated: 8
• Features with full descriptions: 18
• Interfaces identified: 10
• Security capabilities identified: 13
• Renderable Mermaid diagrams generated: 16

Clarification Count Source Of Truth

Generated: 2026-06-20T17:07:32+00:00

Authoritative source for current pack: customer_review/customer_clarification_questions.md

Reconciliation

• Current clarification questions: 64
• Current P1 count: 10
• Closure rows evaluated: 64
• Questions introduced by additional PDFs: 64
• Questions answered by additional PDFs: 0
• Result: PASS

No count inconsistency found among authoritative generated Markdown reports.

Converter Availability

Converter Availability Report

Generated: 2026-06-17T15:24:55+00:00

First available converter: pypdf_builtin

OCR default: false

Conversion Quality

Conversion Quality Report

Generated: 2026-06-17T15:25:03+00:00

OCR used by this run: false

Successfully Converted PDFs

• customer-input/pdf/1001379436_P10_000_01_RDDM-1140152501-1744.pdf -> converted/markdown/1001379436_P10_000_01_RDDM-1140152501-1744.md
• converter: pypdf_builtin
• pages: 16
• missing text pages: none
• low confidence: none
• errors: none
• customer-input/pdf/3299216_1.pdf -> converted/markdown/3299216_1.md
• converter: pypdf_builtin
• pages: 61
• missing text pages: none
• low confidence: none
• errors: none
• customer-input/pdf/CVS123-2.pdf -> converted/markdown/CVS123-2.md
• converter: pypdf_builtin
• pages: 53
• missing text pages: none
• low confidence: none
• errors: none
• customer-input/pdf/CVS124.pdf -> converted/markdown/CVS124.md
• converter: pypdf_builtin
• pages: 90
• missing text pages: none
• low confidence: none
• errors: none
• customer-input/pdf/CVS151.pdf -> converted/markdown/CVS151.md
• converter: pypdf_builtin
• pages: 27
• missing text pages: none
• low confidence: none
• errors: none
• customer-input/pdf/CVS154.pdf -> converted/markdown/CVS154.md
• converter: pypdf_builtin
• pages: 15
• missing text pages: none
• low confidence: none
• errors: none
• customer-input/pdf/CVS31.pdf -> converted/markdown/CVS31.md
• converter: pypdf_builtin
• pages: 31
• missing text pages: none
• low confidence: none
• errors: none
• customer-input/pdf/CVS32.pdf -> converted/markdown/CVS32.md
• converter: pypdf_builtin
• pages: 29
• missing text pages: none
• low confidence: none
• errors: none

Partially Converted PDFs

None.

Failed PDFs

None.

Manual Review Flags

customer-input/pdf/CVS151.pdf

• table-like text detected; review table reconstruction

customer-input/pdf/CVS31.pdf

• table-like text detected; review table reconstruction

Recommendation

Review all partial or failed conversions before relying on downstream requirement extraction. OCR is disabled by default; image-only pages need manual Markdown or an explicit OCR-enabled run.

Markdown Quality

Markdown Quality Report

Generated: 2026-06-17T15:25:03+00:00

converted/markdown/1001379436_P10_000_01_RDDM-1140152501-1744.md

• characters: 21391
• headings: 17
• page markers: 32
• requirement IDs: 46
• status: review
• issue: suspicious repeated headers/footers: Document type Title Issue; SPECIFICATION General cybersecurity requirements 2.0; Approver File name Approval date
• issue: noise candidates detected: Approver File name Approval date; Document type Title Issue; Issued by/Issued by department Status Page/Sida

converted/markdown/3299216_1.md

• characters: 99286
• headings: 62
• page markers: 122
• requirement IDs: 12
• status: review
• issue: suspicious repeated headers/footers: TECHNICAL PRODUCT DATA 3299216; Requirements Specification; Requirement specification for ECA
• issue: noise candidates detected: (Ref: Supplier portal,; 1 (61); 10 (61)
• issue: inconsistent numbering

converted/markdown/AutomotiveSpice_CS.md

• characters: 85210
• headings: 73
• page markers: 144
• requirement IDs: 38
• status: review
• issue: noise candidates detected: Annex A Process Assessment and Reference Model ConformityA.1 IntroductionThe Automotive SPICE process assessment and reference model meet the requirements for conformity defined in ISO/IEC 33004:2015. The process assessment model can be used in the performance of assessments that meet the requirements of ISO/IEC 33002:2015.This clause serves as the statement of conformity of the process assessment and reference models to the requirements defined in ISO/IEC 33004:2015.[ISO/IEC 33004:2015, 5.5 and 6.4]Due to copyright reasons each requirement is only referred to by its number. The full text of the requirements can be drawn from ISO/IEC 33004:2015.A.2 Conformity to the requirements for process refer-ence modelsClause 5.3, "Requirements for process reference models"The following information is provided in Chapter 1 of this document:the declaration of the domain of this process reference model,the description of the relationship between this process reference model and its intended use, andthe description of the relationship between the processes defined within this process reference model.The descriptions of the processes within the scope of this process reference model that meet the requirements of ISO/IEC 33004:2015 clause 5.4 are provided in Chapter 2 of this document.[ISO/IEC 33004:2015, 5.3.1]; Copyright NoticeThis document is a supplement to the Automotive SPICE Process As-sessment Model 3.1. It has been developed by the Project Group 13 of the Quality Management Center (QMC) in the German Association of the Automotive Industry. This document reproduces relevant material from:ISO/IEC 33020:2015Information technology Process assessment Process meas-urement framework for assessment of process capabilityISO/IEC 33020:2015provides the following copyright release statement:5.4 and 5.6 as part of any process assessment model or maturity model so Relevant material from this standard is incorporated under the copyright release notice.The Automotive SPICE®for cybersecurity Process Assessment Model may be obtained free of charge via download from thewww.automo-tivespice.comwebsite.TrademarkAutomotive SPICE®is a registered trademark of the Verband der Automobilindustrie e.V.(VDA).For further information about Automotive SPICE®visit www.vda-qmc.de.; The relevant communities of interest and their mode of use and the consensus achieved for this process reference model are documented in the copyright notice and scope of this document. [ISO/IEC 33004:2015, 5.3.2]The process descriptions are unique. The identification is provided by unique names and by the identifier of each process of this document.[ISO/IEC 33004:2015, 5.3.3]Clause 5.4: Process descriptionsThese requirements are met by the process descriptions in Chapter 2 ofthis document.[ISO/IEC 33004:2015, 5.4]A.3 Conformity to the requirements for process assess-ment modelsClause 6.1: "Introduction"The purpose of this process assessment model is to support assessment of process capability within the automotive domain using the process measurement framework defined in ISO/IEC 33020:2015.[ISO/IEC 33004:2015, 6.1]Clause 6.2: "Process assessment model scope"The process scope of this process assessment model is defined in the process reference model included in subchapter 3.1 of this document. The Automotive SPICE Process Reference Model satisfies the requirements of ISO/IEC 33004:2015, clause 5 as described in Annex A.2.The process capability scope of this process assessment model is defined in the process measurement framework specified in ISO/IEC 33020:2015,
• issue: possible unreadable table text

converted/markdown/CVS123-2.md

• characters: 112492
• headings: 54
• page markers: 106
• requirement IDs: 2
• status: review
• issue: suspicious repeated headers/footers: COMMERCIAL VEHICLE STANDARD; MAN Truck & Bus SE / Scania CV AB / International Motors, LLC / Volkswagen Truck & Bus Indústria e Comércio de Veículos Ltda; CVS123-2:2025-08
• issue: noise candidates detected: #1 RoutineControl Request SID M 0x31; #2 routineControlType (StartRoutine) M 0x01; 0 = sha512
• issue: inconsistent numbering

converted/markdown/CVS124.md

• characters: 134151
• headings: 91
• page markers: 180
• requirement IDs: 370
• status: review
• issue: suspicious repeated headers/footers: COMMERCIAL VEHICLE STANDARD; CVS124:2025-12; terminated
• issue: noise candidates detected: #2 routineControlType (StartRoutine) 0x01; #2 routineControlType (StartRoutine) M 0x01; #3 routineIdentifier (MSB) 0xFF

converted/markdown/CVS151.md

• characters: 48726
• headings: 28
• page markers: 54
• requirement IDs: 0
• status: review
• issue: missing requirement IDs
• issue: suspicious repeated headers/footers: COMMERCIAL VEHICLE STANDARD; MAN Truck & Bus SE / Scania CV AB / International Motors, LLC / Volkswagen Truck & Bus Indústria e Comércio de Veículos Ltda; CVS151:2025-08
• issue: noise candidates detected: All rights reserved according to ISO 16016. The reproduction, distribution and utilisation of this; COMMERCIAL VEHICLE STANDARD; COMPLIES_WITH

converted/markdown/CVS154.md

• characters: 27677
• headings: 16
• page markers: 30
• requirement IDs: 0
• status: review
• issue: missing requirement IDs
• issue: suspicious repeated headers/footers: COMMERCIAL VEHICLE STANDARD; MAN Truck & Bus SE / Scania CV AB / International Motors, LLC / Volkswagen Truck & Bus Indústria e Comércio de Veículos Ltda; CVS154:2025-08
• issue: noise candidates detected: All rights reserved according to ISO 16016. The reproduction, distribution and utilisation of this; COMMERCIAL VEHICLE STANDARD; CVS154:2025-08

converted/markdown/CVS30.md

• characters: 13236
• headings: 9
• page markers: 16
• requirement IDs: 0
• status: review
• issue: missing requirement IDs
• issue: suspicious repeated headers/footers: COMMERCIAL VEHICLE STANDARD; MAN Truck & Bus SE / Scania CV AB / International Motors, LLC / Volkswagen Truck & Bus Indústria e Comércio de Veículos Ltda; CVS30:2025-08
• issue: noise candidates detected: All rights reserved according to ISO 16016. The reproduction, distribution and utilisation of this; COMMERCIAL VEHICLE STANDARD; CVS30:2025-08

converted/markdown/CVS31.md

• characters: 53612
• headings: 32
• page markers: 62
• requirement IDs: 0
• status: review
• issue: missing requirement IDs
• issue: suspicious repeated headers/footers: COMMERCIAL VEHICLE STANDARD; CVS31:2025-12; SubFunction =
• issue: noise candidates detected: 2025-12; All rights reserved according to ISO 16016. The reproduction, distribution and utilisation of this; Authentication service

converted/markdown/CVS32.md

• characters: 51204
• headings: 30
• page markers: 58
• requirement IDs: 0
• status: review
• issue: missing requirement IDs
• issue: suspicious repeated headers/footers: COMMERCIAL VEHICLE STANDARD; CVS32:2026-03; response.
• issue: noise candidates detected: 0x0010; 0x0030; 0x0071

converted/markdown/SCANIAVehicleSecSpecs.md

• characters: 8010
• headings: 6
• page markers: 10
• requirement IDs: 0
• status: review
• issue: missing requirement IDs
• issue: suspicious repeated headers/footers: MAN Truck & Bus SE COMMERCIAL VEHICLE STANDARD Scania CV ABCVS30 16.12.2021
• issue: noise candidates detected: MAN Truck & Bus SE COMMERCIAL VEHICLE STANDARD Scania CV ABCVS30 16.12.2021; Vehicle Security SpecificationsShort Overview for understandingForewordThis Commercial Vehicle Standard (CVS) contains fully harmonised requirement specifications of the brands (legal entities) MAN Truck & Bus SE (hereafter MAN) and Scania CV AB (hereafter Scania), which are congruent to fulfil technical requirements of both brands. Any review of this standard shall only be done in agreement with both brands.In this CVS, all non-company standards are referred as international standards (e.g.: ISO, EN).These international standards are available as national edition at the respective national standardisation organisation (e.g.: DIN ISO, SS-ISO, DIN EN, SS-EN).Legal NoticeAll rights reserved according to ISO 16016. The reproduction, distribution and utilisation of this document as well as the communication of its contents to others without express authorisation is prohibited. Offenders will be held liable for the payment of damages. All rights reserved in the event of the grant of a patent, utility model or design.Make sure that you have the latest version of this standard. Latest version is the electronic issuedistributed by the respective standardisation organisations and if applicable the respective supplier portal.; source) or a communication partner over a wireless interface. If data integrity is no longer a valid source. Therefore, data integrity is not considered separately and is subsumed under data authenticityinstead, as data authenticity implies data integrity. Likewise, as authentic data is defined as originating from a valid source, data authenticity also implies that the source is authorized to produce the data, so authorization to produce data is also subsumed under data authenticity.3.1.2Data Confidentiality Data confidentiality refers to the property of data being able to be known only to authorized entities. Similar to how authorization to produce data is subsumed under data authenticity, authorization to receive data is subsumed under data confidentiality. Data authenticity can be a requirement for data confidentiality: If the authenticity of confidential data is lost then its source may no longer be valid and thus not confidential to the same level as the original data.3.1.3Data Availability Data availability refers to the property of data being ready to be used at every point in time when usage is necessary.3.1.4ECU Authenticity ECU authenticity refers authorized by TRATON to be executed on this ECU. This property is derived as a necessary precondition for data security goals for this ECU: If the program code is not authentic then all data security goals in-volving this ECU are potentially broken because the ECU is not a valid and authorized entity.3.1.5ECU Integrity by TRATON. It is derived as a necessary precondition for data security goals for this outside of its intendedspecification then the ECU cannot be assured to maintain the security goals of the data it is handling.3.1.6ECU Availability ECU availability refers to the property of the ECU performing its expected operations at the expected time.3.1.7Dependencies of Security Goals The following graphic depicts the dependency between security goals. Data security goals depend on the ECU security goals of the ECUs which handle that data.

converted/markdown/VehSec_IVD_ECU.md

• characters: 879
• headings: 25
• page markers: 48
• requirement IDs: 0
• status: review
• issue: missing requirement IDs

Requirement Extraction Quality

Requirement Extraction Quality Report

Generated: 2026-06-20T16:56:35+00:00

• extracted requirements: 1076
• active baseline requirements: 966
• low extraction confidence before RFQX-06 review: 113
• active low-confidence requirements after RFQX-06 review: 0
• human review / clarification items remaining: 120
• source rule: reviewed from Markdown-derived requirements only; PDFs were not read downstream.

Active Baseline By Category

• Cybersecurity: 101
• Hardware: 45
• IT / backend: 209
• Interface: 44
• Process / compliance: 48
• Software: 178
• System: 338
• Tooling: 3

RFQX-06 Review Rule

Low-confidence items were not deleted. They were assigned a final review status and either kept active, reclassified, deactivated from mandatory baseline treatment, or escalated for customer/manual clarification.

Architecture Confidence

Architecture Confidence Report

Generated: 2026-06-20T16:56:36+00:00

Directly Backed Elements

• Application Software: REQ-AUTO-00006; REQ_SEC_0007; REQ-AUTO-00129; REQ-AUTO-00178; REQ-AUTO-00180; REQ-AUTO-00238; REQ-AUTO-00244; REQ-AUTO-00266; REQ-AUTO-00277; REQ-AUTO-00286; REQ-AUTO-00287; REQ-AUTO-00288; REQ-AUTO-00289; REQ-AUTO-00291 (showing 14 of 178)
• Backend and IT Systems: REQ-AUTO-00081; REQ-AUTO-00090; REQ-AUTO-00091; req.10.5; REQ-AUTO-00101; REQ-AUTO-00104; req-5.10; req-6.4; REQ-AUTO-00112; REQ-AUTO-00114; REQ-AUTO-00132; REQ-AUTO-00140; REQ-AUTO-00192; REQ-AUTO-00219 (showing 14 of 209)
• Compliance Process: REQ_SEC_0044; REQ_SEC_0046; REQ_SEC_0032; req-5.1; REQ-AUTO-00210; REQ-AUTO-00214; REQ-AUTO-00252; REQ-AUTO-00253; REQ-AUTO-00255; REQ-AUTO-00280; REQ-AUTO-00460; REQ-AUTO-00486; REQ_UDS-0052; REQ_UDS-0056 (showing 14 of 48)
• Engineering Toolchain: REQ-AUTO-00093; REQ-AUTO-00094; REQ-AUTO-00098
• External Interfaces: REQ_SEC_0036; REQ-AUTO-00066; REQ-AUTO-00078; REQ-AUTO-00138; REQ-AUTO-00139; REQ-AUTO-00141; REQ-AUTO-00143; REQ-AUTO-00145; REQ-AUTO-00146; REQ-AUTO-00177; REQ-AUTO-00193; REQ-AUTO-00195; REQ-AUTO-00196; REQ-AUTO-00199 (showing 14 of 44)
• Hardware Platform: REQ_SEC_0025; REQ_SEC_0010; REQ_SEC_0011; REQ_SEC_0026; REQ_SEC_0047; REQ_SEC_0049; REQ_SEC_0050; REQ-AUTO-00060; REQ-AUTO-00061; REQ-AUTO-00065; REQ-AUTO-00077; REQ-AUTO-00099; REQ-AUTO-00113; REQ-AUTO-00182 (showing 14 of 45)
• Security Services: REQ-AUTO-00001; REQ_SEC_0001; REQ_SEC_0002; REQ_SEC_0003; REQ_SEC_0022; REQ-AUTO-00009; REQ_SEC_0023; REQ-AUTO-00011; REQ_SEC_0024; REQ_SEC_0004; REQ_SEC_0005; REQ_SEC_0042; REQ_SEC_0008; REQ_SEC_0009 (showing 14 of 101)
• System Core: REQ-AUTO-00004; REQ-AUTO-00005; REQ-AUTO-00021; REQ_SEC_0020; REQ_SEC_0012; REQ_SEC_0013; REQ-AUTO-00028; REQ_SEC_0014; REQ-AUTO-00030; REQ_SEC_0028; REQ_SEC_0029; REQ_SEC_0006; REQ_SEC_0021; REQ_SEC_0033 (showing 14 of 338)

Inferred From Multiple Requirements

• OEM/Customer Review Interface: REQ-AUTO-00001; REQ_SEC_0001; REQ_SEC_0002; REQ-AUTO-00004; REQ-AUTO-00005; REQ-AUTO-00006; REQ_SEC_0003; REQ_SEC_0024; REQ_SEC_0004; REQ_SEC_0005; REQ_SEC_0007; REQ_SEC_0025; REQ_SEC_0042; REQ_SEC_0008 (showing 14 of 143)

Assumptions Requiring Confirmation

• Electric Clutch Actuator ECU item boundary, network topology, diagnostic role model, update/IVD workflow, PKI/key ownership, HSM/platform capability, backend/SecOps ownership, and final TARA/residual-risk approval remain customer-clarification topics.

Unsupported Architecture Elements

No unresolved unsupported architecture placeholders remain. The former Customer / external systems placeholder was resolved as the requirement-backed OEM/Customer Review Interface and remains flagged for customer clarification.

Open Customer Clarification Questions

• See customer_review/customer_clarification_questions.md.

Traceability Quality Gate

Generated: 2026-06-20T16:56:36+00:00

Status: WARN - Customer Clarification Needed

• total extracted requirements: 1076
• active baseline requirements: 966
• requirements mapped to features: 965
• requirements mapped to architecture: 965
• cybersecurity requirements mapped to controls: 101
• orphan active requirements: 0
• unresolved unsupported architecture elements: 0
• requirements without source Markdown: 0
• original low-confidence requirements: 113
• active low-confidence requirements after review: 0
• customer clarification items: 64
• OCR used: false
• downstream direct PDF analysis: false

Gate Reasons

• Customer clarification is still required for product boundary, interfaces, and security ownership.