Requirements Register

Full requirement statement: The cybersecurity concept shall describe the scope of the risk analysis, risks that were identified during the risk analysis, cybe rsecurity goals, cybersecurity requirements, mitigation strategies, validation, and verification strategies, etc.

Engineering expectation: Supplier is expected to provide cybersecurity work products and evidence showing how embedded cybersecurity is managed across the lifecycle.

Engineering interpretation: Security view: Data Authenticity and Integrity Verification; Cybersecurity Evidence and DIA; Cybersecurity requirement handling. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling; Security evidence and traceability

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 3

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Cybersecurity methods and strategies REQ_SEC_0001 The supplier shall provide documentation describing their strategies and methods for working with embedded systems cybersecurity.

Engineering expectation: Supplier is expected to provide cybersecurity work products and evidence showing how embedded cybersecurity is managed across the lifecycle.

Engineering interpretation: Security view: Cybersecurity Evidence and DIA; Supplier Development and Production Hardening; Cybersecurity requirement handling. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling; Security evidence and traceability

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 5

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Risk assessment REQ_SEC_0002 The supplier shall perform risk assessment based on a threat and vulnerability analysis for each release, including any vehicle manufacturer-specific adaptations.

Engineering expectation: Lifecycle security is expected to define ownership for monitoring, vulnerability handling, incident response, and mitigation evidence.

Engineering interpretation: Security view: Vulnerability and Incident Handling; Supplier Development and Production Hardening; Vulnerability management. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Vulnerability management

Mapped feature: Vulnerability management

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 5

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Method and scope shall be proposed to and approved by the vehicle manufacturer.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 5

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Documentation on the method and results shall be provided to the vehicle manufacturer.

Engineering expectation: Supplier is expected to provide cybersecurity work products and evidence showing how embedded cybersecurity is managed across the lifecycle.

Engineering interpretation: Security view: Cybersecurity Evidence and DIA. Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior; Security evidence and traceability

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 5

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Note: The vehicle manufacturer and supplier shall collaboratively define the context of the system or function to enable the supplier performing the risk assessment.

Engineering expectation: Engineering expectation is unclear from the current evidence and needs customer clarification before baseline closure.

Engineering interpretation: Security view: Supplier Development and Production Hardening. Interface view: OEM/Customer Review Interface. Architecture view: Application Software; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: Application software behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Application Software; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 5

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Needed

Human review status: Needed

Recommended action: Resolve customer clarification and update mappings before claiming closure.

Full requirement statement: Cybersecurity concept REQ_SEC_0003 The supplier shall describe the cybersecurity concept and how it is implemented in hardware and software respectively.

Engineering expectation: Supplier is expected to provide cybersecurity work products and evidence showing how embedded cybersecurity is managed across the lifecycle.

Engineering interpretation: Security view: Cybersecurity Evidence and DIA; Supplier Development and Production Hardening; Cybersecurity requirement handling. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 5

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Marcus Lindner EPXC Published 6(16) REQ_SEC_0022 All risks identified in cybersecurity risk analyses shall be evaluated.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Cybersecurity requirement handling. Architecture view: Security Services.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling

Mapped interface: None

Mapped architecture element: Security Services

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 6

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: For each risk identified in the cybersecurity risk analyses, a risk treatment decision shall be made to avoid, reduce, share, or retain the risk.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Vulnerability and Incident Handling; Cybersecurity requirement handling. Architecture view: Security Services.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling

Mapped interface: None

Mapped architecture element: Security Services

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 6

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0023 Cybersecurity controls shall sufficiently reduce the risk.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Cybersecurity requirement handling. Architecture view: Security Services.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling

Mapped interface: None

Mapped architecture element: Security Services

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 6

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: It shall be possible to verify which cybersecurity controls were derived from which requirements.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Data Authenticity and Integrity Verification; Cybersecurity requirement handling. Architecture view: Security Services.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling

Mapped interface: None

Mapped architecture element: Security Services

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 6

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0024 The cybersecurity concept of the supplier shall contain a documentation of the accepted residual risk and be agreed with the vehicle manufacturer.

Engineering expectation: Supplier is expected to provide cybersecurity work products and evidence showing how embedded cybersecurity is managed across the lifecycle.

Engineering interpretation: Security view: Cybersecurity Evidence and DIA; Supplier Development and Production Hardening; Cybersecurity requirement handling. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling; Security evidence and traceability

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 6

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Verification and validation REQ_SEC_0004 The supplier shall provide documentation of the verification and validation methods of cybersecurity features.

Engineering expectation: Supplier is expected to provide cybersecurity work products and evidence showing how embedded cybersecurity is managed across the lifecycle.

Engineering interpretation: Security view: Data Authenticity and Integrity Verification; Cybersecurity Evidence and DIA; Supplier Development and Production Hardening; Cybersecurity requirement handling. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling; Security evidence and traceability

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 6

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: REQ_SEC_0005 The supplier shall provide test reports detailing the results from the verification and validation of cybersecurity features.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Data Authenticity and Integrity Verification; Cybersecurity Evidence and DIA; Supplier Development and Production Hardening; Cybersecurity requirement handling. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling; Security evidence and traceability

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 6

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: REQ_SEC_0040 The vehicle manufacturer reserves the right to perform penetration testing on the ECU to identify potential vulnerabilities.

Engineering expectation: Engineering expectation is unclear from the current evidence and needs customer clarification before baseline closure.

Engineering interpretation: Traceability needs review before this requirement can be used as design evidence.

Mapped security capability: None

Mapped feature: None

Mapped interface: None

Mapped architecture element: None

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 6

Classification: Reclassified as Informational

Mandatory level: Informational

Customer clarification status: Needed

Human review status: Needed

Recommended action: Resolve customer clarification and update mappings before claiming closure.

Full requirement statement: Documentation REQ_SEC_0007 An inventory of software and protocols, including their versions, shall be provided by the supplier.

Engineering expectation: Supplier is expected to provide cybersecurity work products and evidence showing how embedded cybersecurity is managed across the lifecycle.

Engineering interpretation: Security view: Cybersecurity Evidence and DIA; Supplier Development and Production Hardening. Interface view: OEM/Customer Review Interface. Architecture view: Application Software; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: Application software behavior; Security evidence and traceability

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Application Software; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 6

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Marcus Lindner EPXC Published 7(16) REQ_SEC_0025 A BOM containing part numbers and versions of hardware components used in the product shall be provided by the supplier.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Supplier Development and Production Hardening. Interface view: OEM/Customer Review Interface. Architecture view: Hardware Platform; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Hardware Platform; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 7

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: REQ_SEC_0041 The vehicle manufacturer reserves the right to request documentation and evidence as well as to perform or order a compliance audit to determine whether the listed requirements are fulfilled.

Engineering expectation: Security-relevant events are expected to be recorded with enough integrity and context to support evidence, diagnostics, and incident handling.

Engineering interpretation: Security view: Security Logging and Event Handling; Cybersecurity Evidence and DIA.

Mapped security capability: None

Mapped feature: Security evidence and traceability

Mapped interface: None

Mapped architecture element: None

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 7

Classification: Reclassified as Informational

Mandatory level: Informational

Customer clarification status: Needed

Human review status: Needed

Recommended action: Resolve customer clarification and update mappings before claiming closure.

Full requirement statement: REQ_SEC_0042 The vehicle manufacturer and the supplier shall set up a cybersecurity DIA to agree on the responsibilities for the distributed cybersecurity activities.

Engineering expectation: Supplier is expected to provide cybersecurity work products and evidence showing how embedded cybersecurity is managed across the lifecycle.

Engineering interpretation: Security view: Cybersecurity Evidence and DIA; Supplier Development and Production Hardening; Cybersecurity requirement handling. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 7

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Software security REQ_SEC_0008 The ECU shall be able to verify integrity and authenticity of a vehicle manufacturer-specified set of data stored within the ECU.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Data Authenticity and Integrity Verification; Authentication. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Authentication

Mapped feature: Authentication

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 7

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Methods shall be proposed to and approved by the vehicle manufacturer.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 7

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Security architecture REQ_SEC_0009 The supplier shall apply methods for isolation of software/hardware components and data to reduce the effect in case of a cybersecurity breach.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Supplier Development and Production Hardening; Cybersecurity requirement handling. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 7

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Cryptographic libraries REQ_SEC_0020 Selection of cryptographic methods and their use shall be agreed upon between the vehicle manufacturer and the supplier.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Supplier Development and Production Hardening. Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 7

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Services REQ_SEC_0010 All network services implemented in the ECU shall undergo hardening.

Engineering expectation: ECU communication interfaces are expected to apply agreed boundary controls, authenticity/integrity checks, and freshness handling where allocated.

Engineering interpretation: Security view: Secure Communication and Boundary Control; Supplier Development and Production Hardening. Architecture view: Hardware Platform.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: None

Mapped architecture element: Hardware Platform

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 8

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0011 The ECU shall only expose network and communication services that have been agreed upon with the vehicle manufacturer.

Engineering expectation: ECU communication interfaces are expected to apply agreed boundary controls, authenticity/integrity checks, and freshness handling where allocated.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Interface view: OEM/Customer Review Interface. Architecture view: Hardware Platform; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Hardware Platform; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 8

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Interfaces REQ_SEC_0012 Communication interfaces shall use boundary controls such as ingress/egress filtering.

Engineering expectation: ECU communication interfaces are expected to apply agreed boundary controls, authenticity/integrity checks, and freshness handling where allocated.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 8

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0013 Communication boundary controls shall be configurable by the vehicle manufacturer.

Engineering expectation: ECU communication interfaces are expected to apply agreed boundary controls, authenticity/integrity checks, and freshness handling where allocated.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 8

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Methods shall be proposed and approved by the vehicle manufacturer.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 8

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0014 Any interfaces used for development purposes shall be removed or disabled in series production.

Engineering expectation: ECU communication interfaces are expected to apply agreed boundary controls, authenticity/integrity checks, and freshness handling where allocated.

Engineering interpretation: Security view: Secure Communication and Boundary Control; Supplier Development and Production Hardening. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 8

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: The details shall be agreed upon between the vehicle manufacturer and the supplier.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Supplier Development and Production Hardening. Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 8

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: REQ_SEC_0026 Only hardware interfaces and protocols specified by the vehicle manufacturer shall be available in series production.

Engineering expectation: ECU communication interfaces are expected to apply agreed boundary controls, authenticity/integrity checks, and freshness handling where allocated.

Engineering interpretation: Security view: Secure Communication and Boundary Control; Supplier Development and Production Hardening. Interface view: OEM/Customer Review Interface. Architecture view: Hardware Platform; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Hardware Platform; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 8

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Information security REQ_SEC_0027 It shall be possible for the vehicle manufacturer to securely inject data into the product in accordance with the specification provided by the vehicle manufacturer.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Cybersecurity requirement handling. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 8

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Marcus Lindner EPXC Published 9(16) REQ_SEC_0028 Data specified by the vehicle manufacturer shall be protected from manipulations.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0029 Data specified by the vehicle manufacturer shall be protected from disclosure.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0006 Intellectual property of the vehicle manufacturer shall be protected from disclosure.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Key management REQ_SEC_0016 It shall be possible for the vehicle manufacturer to securely inject key material and other data used for cybersecurity controls into the ECU according to the specification of the vehicle manufacturer.

Engineering expectation: Trust material is expected to be provisioned, stored, validated, renewed, and revoked through an agreed key and certificate lifecycle.

Engineering interpretation: Security view: Key and Certificate Handling; Key management. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Key management

Mapped feature: Key management

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: REQ_SEC_0019 Secrets, public keys and other data used for cybersecurity controls in production vehicle systems shall be different from those used in pre-production phases.

Engineering expectation: Trust material is expected to be provisioned, stored, validated, renewed, and revoked through an agreed key and certificate lifecycle.

Engineering interpretation: Security view: Key and Certificate Handling; Supplier Development and Production Hardening; Key management. Architecture view: Security Services.

Mapped security capability: Key management

Mapped feature: Key management

Mapped interface: None

Mapped architecture element: Security Services

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0021 ECUs shall only contain the secrets agreed between the vehicle manufacturer and the supplier.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Key and Certificate Handling; Supplier Development and Production Hardening. Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: REQ_SEC_0015 ECUs shall conform to the harmonized Security Access specification [1] provided by the vehicle manufacturer.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Diagnostics and RBAC; Cybersecurity requirement handling. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Security updates REQ_SEC_0043 It shall be possible to update the software of the ECU.

Engineering expectation: Software update handling is expected to preserve authenticity, integrity, and controlled boot/application state transitions.

Engineering interpretation: Security view: Secure Software Update; Cybersecurity requirement handling. Architecture view: Security Services.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling

Mapped interface: None

Mapped architecture element: Security Services

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Marcus Lindner EPXC Published 10(16) REQ_SEC_0030 The supplier shall inform the vehicle manufacturer if any cybersecurity patches are available.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Vulnerability and Incident Handling; Supplier Development and Production Hardening; Cybersecurity requirement handling. Interface view: OEM/Customer Review Interface. Architecture view: Security Services; OEM/Customer Review Interface.

Mapped security capability: Cybersecurity requirement handling

Mapped feature: Cybersecurity requirement handling

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Security Services; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Incident management REQ_SEC_0044 An incident response process shall be proposed to and approved by the vehicle manufacturer.

Engineering expectation: Lifecycle security is expected to define ownership for monitoring, vulnerability handling, incident response, and mitigation evidence.

Engineering interpretation: Security view: Vulnerability and Incident Handling. Interface view: OEM/Customer Review Interface. Architecture view: Compliance Process; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Compliance Process; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: REQ_SEC_0045 In case of cybersecurity incidents, the incident response process shall be used.

Engineering expectation: Lifecycle security is expected to define ownership for monitoring, vulnerability handling, incident response, and mitigation evidence.

Engineering interpretation: Security view: Vulnerability and Incident Handling; Incident response. Architecture view: Security Services.

Mapped security capability: Incident response

Mapped feature: Incident response

Mapped interface: None

Mapped architecture element: Security Services

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0046 The incident response process shall be maintained for the entire product lifetime.

Engineering expectation: Lifecycle security is expected to define ownership for monitoring, vulnerability handling, incident response, and mitigation evidence.

Engineering interpretation: Security view: Vulnerability and Incident Handling. Architecture view: Compliance Process.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: Compliance Process

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0032 The incident response process shall ensure that risk is managed in coordination with the vehicle manufacturer.

Engineering expectation: Lifecycle security is expected to define ownership for monitoring, vulnerability handling, incident response, and mitigation evidence.

Engineering interpretation: Security view: Vulnerability and Incident Handling. Interface view: OEM/Customer Review Interface. Architecture view: Compliance Process; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Compliance Process; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Vulnerability management REQ_SEC_0033 Any vulnerabilities that are identified during product lifecycle shall be promptly communicated to the vehicle manufacturer.

Engineering expectation: Lifecycle security is expected to define ownership for monitoring, vulnerability handling, incident response, and mitigation evidence.

Engineering interpretation: Security view: Vulnerability and Incident Handling. Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: The report shall include information needed to identify the affected vehicles/products.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Methods including the stipulation of a reasonable notification time shall be proposed to and approved by the vehicle manufacturer.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0034 Following each identified and reported vulnerability, the supplier and vehicle manufacturer shall agree on an initial response to the vulnerability.

Engineering expectation: Lifecycle security is expected to define ownership for monitoring, vulnerability handling, incident response, and mitigation evidence.

Engineering interpretation: Security view: Vulnerability and Incident Handling; Supplier Development and Production Hardening. Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Marcus Lindner EPXC Published 11(16) REQ_SEC_0035 Within adequate time after the initial vulnerability report, the supplier shall provide more information about the identified vulnerability.

Engineering expectation: Lifecycle security is expected to define ownership for monitoring, vulnerability handling, incident response, and mitigation evidence.

Engineering interpretation: Security view: Vulnerability and Incident Handling; Supplier Development and Production Hardening. Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: The information shall contain • the version(s) of affected hardware or software components, • nature of the vulnerability, • description of the affected cybersecurity goal, • technical conditions to exploit the vulnerability, • impact of the exploitation and • possibilities to remove the vulnerability.

Engineering expectation: Lifecycle security is expected to define ownership for monitoring, vulnerability handling, incident response, and mitigation evidence.

Engineering interpretation: Security view: Vulnerability and Incident Handling; Vulnerability management. Architecture view: Security Services.

Mapped security capability: Vulnerability management

Mapped feature: Vulnerability management

Mapped interface: None

Mapped architecture element: Security Services

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Methods including the stipulation of a reasonable reporting time shall be proposed to and approved by the vehicle manufacturer.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0036 The supplier shall have a method for monitoring available vulnerability databases for vulnerabilities that can affect the delivered product.

Engineering expectation: Lifecycle security is expected to define ownership for monitoring, vulnerability handling, incident response, and mitigation evidence.

Engineering interpretation: Security view: Secure Communication and Boundary Control; Vulnerability and Incident Handling; Supplier Development and Production Hardening. Interface view: External Interfaces; OEM/Customer Review Interface. Architecture view: External Interfaces; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: External interfaces

Mapped interface: External Interfaces; OEM/Customer Review Interface

Mapped architecture element: External Interfaces; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: REQ_SEC_0037 Identified vulnerabilities shall be considered in all current development projects or projects under field monitoring.

Engineering expectation: Lifecycle security is expected to define ownership for monitoring, vulnerability handling, incident response, and mitigation evidence.

Engineering interpretation: Security view: Vulnerability and Incident Handling; Supplier Development and Production Hardening. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Product lifecycle REQ_SEC_0047 An ECU returned from field shall allow for field-return analysis.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Hardware Platform.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: None

Mapped architecture element: Hardware Platform

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0048 Field-return analysis secrets shall not be operational in the field.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Key and Certificate Handling. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: REQ_SEC_0049 An ECU enabled for field-return analysis shall not be possible to use as a spare part.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Hardware Platform.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: None

Mapped architecture element: Hardware Platform

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Marcus Lindner EPXC Published 12(16) REQ_SEC_0050 All secrets specified by the vehicle manufacturer shall be protected throughout the lifecycle of the ECU.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Key and Certificate Handling. Interface view: OEM/Customer Review Interface. Architecture view: Hardware Platform; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Hardware Platform; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 12

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: End-of-life and decommissioning shall be specifically considered.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 12

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Notes: a) It shall not be possible for a third party to reuse an ECU without system support from the vehicle manufacturer.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Interface view: OEM/Customer Review Interface. Architecture view: Hardware Platform; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Hardware Platform; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 12

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: b) Decommissioning of an ECU shall not have the potential of causing unacceptable risk to the road user or the vehicle manufacturer.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Interface view: OEM/Customer Review Interface. Architecture view: Hardware Platform; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: Hardware Platform; OEM/Customer Review Interface

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 12

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Logging REQ_SEC_0051 Security related events shall be identified and logged.

Engineering expectation: Security-relevant events are expected to be recorded with enough integrity and context to support evidence, diagnostics, and incident handling.

Engineering interpretation: Security view: Security Logging and Event Handling; Logging and audit trail. Architecture view: Security Services.

Mapped security capability: Logging and audit trail

Mapped feature: Logging and audit trail

Mapped interface: None

Mapped architecture element: Security Services

Source PDF: 1001379436_P10_000_01_RDDM-1140152501-1744.pdf

Source Markdown: converted/markdown-cleaned/1001379436_P10_000_01_RDDM-1140152501-1744.md

Page reference: page 12

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: The gearbox itself shall be used in all drivetrains and the ECA shall be common and must be complaint to be put on any driveline setup.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 3

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: P 1 Page 2 General 2.1 The clutch actuator shall be electrically driven.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 4

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 2.2 The actuator is placed outside of the gearbox 2.3 The ECA (Electric Clutch Actuator) must have its own internal ECU for manoeuvring and error handling.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Hardware Platform.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: None

Mapped architecture element: Hardware Platform

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 4

Classification: Not Applicable

Mandatory level: Must

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 2.4 The actuator will be controlled by a position and speed demand by CAN-bus 2.5 The actuator will be controlled by a position and speed demand by a 1kHz PWM signal on wake up connection 2.6 The ECA units shall be manufactured with marking variants according to the requirements in Scania STD19 (Ref 14.17).

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Interface view: External Interfaces. Architecture view: External Interfaces.

Mapped security capability: None

Mapped feature: External interfaces

Mapped interface: External Interfaces

Mapped architecture element: External Interfaces

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 4

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: The variant type shall be based on delivery agreement and Brand involved.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 4

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Common marking requirements that must be fulfilled for each marking variant are: Marking method: MA1 Marking height: 3 mm Date format: YYMMDD A unique serial number A DMC according to Scania STD 4562 (Ref 14.18) that contains the part number and serial number information.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 4

Classification: Not Applicable

Mandatory level: Must

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: The marking shall not be visible when the ECA is mounted on a gearbox.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 4

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: The ECA units shall be delivered to the required Traton brand’s production in a position in the pallet where the marking is visible.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Supplier Development and Production Hardening. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 4

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.16) shall be marked according to the requirements in Scania STD19 (Ref 14.17) Tentik, wordmark variant W Part number (9 digits, two spaces in format 12 345 6789) Marking method: CAS Marking height: 2-6 mm.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 5

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Alternative design: CXM or equivalent combination of date dial and date field The rubber cover marking shall not be visible when the ECA is mounted on a gearbox 2.8 The ECA shall be designed with Remanufacturing and/or Refurbishment in mind with possibility of swapping out larger electronic assemblies/components.

Engineering expectation: Supplier is expected to provide cybersecurity work products and evidence showing how embedded cybersecurity is managed across the lifecycle.

Engineering interpretation: Security view: Cybersecurity Evidence and DIA. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 5

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Details to be agreed with Traton 2.9 Traton shall be invited to participate in electrical and mechanical design reviews.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 5

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 2.10 Traton requires extensive testing to be performed by the supplier to verify all demands stated in the requirement specification.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Data Authenticity and Integrity Verification; Supplier Development and Production Hardening. Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 5

Classification: Not Applicable

Mandatory level: Must

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: 2.11 The mechanics shall also be tested and verified, in an overall durability test as stated in Appendix B etc.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 5

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 2.12 Traton requires: - Documentation of the product, i.e.

Engineering expectation: Supplier is expected to provide cybersecurity work products and evidence showing how embedded cybersecurity is managed across the lifecycle.

Engineering interpretation: Security view: Cybersecurity Evidence and DIA. Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior; Security evidence and traceability

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 5

Classification: Not Applicable

Mandatory level: Must

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Should the PP be fully calculated from the AP-sensor, then this offset should not exist.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Hardware Platform.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: None

Mapped architecture element: Hardware Platform

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 7

Classification: Not Applicable

Mandatory level: Should

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: P 1 Page 4 Mechanical interface 4.1 The maximum release stroke is 22,4 mm from FCCP 4.2 The total stroke of the actuator shall be 85 mm.

Engineering expectation: ECU communication interfaces are expected to apply agreed boundary controls, authenticity/integrity checks, and freshness handling where allocated.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Interface view: External Interfaces. Architecture view: External Interfaces.

Mapped security capability: None

Mapped feature: External interfaces

Mapped interface: External Interfaces

Mapped architecture element: External Interfaces

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 8

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: 4.3 The clutch actuator shall be able to reach the extreme positions A and B in with the center of the pushrod end.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 8

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: P 1 Page 4.4 ECA shall not interfere with any geometry in the 3D envelope 53612101-1 1_RFQ2030.stp except where interference fits or other types of functional contacts are required.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.6 When the ECA is assembled, it shall not be possible to insert an object larger than Ø0,2 mm (A wire could be used as test object) between the ECA and gearbox flange, so that the object enters the space behind the ECA.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Backend and IT Systems.

Mapped security capability: None

Mapped feature: Backend and IT integration

Mapped interface: None

Mapped architecture element: Backend and IT Systems

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.7 When the ECA is assembled, a gap of 3,5 mm towards surface B with a profile tolerance of ±1 mm to the nominal dimensions shall be provided.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: The surface roughness of the ECA opposite to surface B shall be equal or finer than Ra 3,2 µm.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.8 The ECA shall be adapted for 6 pcs M8 flange screws described by Scania STD4435

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 9

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: P 1 Page 4.9 The ECA shall be adapted for 2 pcs 10 mm guide pins.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Figure 5 - Gearbox flange 4.10 The guide pin holes in the ECA shall be Ø 10,1±0.05 mm and at least 12 mm deep.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: The holes shall also block the guide pin from protruding more than 14 mm from the gearbox housing.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.11 The ECA shall be able to be held by the guide pins only while being exposed to the max clutch load, (req.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Surface indents in the contacts are allowed as long as the structural integrity is unaffected 4.12 The pushrod end that makes contact with the clutch lever shall be a Ø15,93±0,07 mm steel sphere.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Data Authenticity and Integrity Verification. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.13 It shall be possible to pull the pushrod 50 times with a force of 300 N without risk for it to come loose from the ECA.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Backend and IT Systems.

Mapped security capability: None

Mapped feature: Backend and IT integration

Mapped interface: None

Mapped architecture element: Backend and IT Systems

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Alternatively it can have a loose fit in the ECA, but it shall be possible to reconnect it by pushing it back by hand.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Architecture view: Backend and IT Systems.

Mapped security capability: None

Mapped feature: Backend and IT integration

Mapped interface: None

Mapped architecture element: Backend and IT Systems

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.14 The ECA shall allow space for external tools according to the cylinders in the 3D envelope attached.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Supplier Development and Production Hardening. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.15 The ECA shall have a window where the volume shown in Figure 6 – Snap in tool space, could pass through(See req.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Supplier Development and Production Hardening. Architecture view: Engineering Toolchain.

Mapped security capability: None

Mapped feature: Engineering tooling

Mapped interface: None

Mapped architecture element: Engineering Toolchain

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.16 The ECA shall provide a support for a clutch snap in tool on the marked surface in Figure 4 - ISO view of 3D envelope.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Supplier Development and Production Hardening. Architecture view: Engineering Toolchain.

Mapped security capability: None

Mapped feature: Engineering tooling

Mapped interface: None

Mapped architecture element: Engineering Toolchain

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 10

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: P 1 Page 4.17 The hole shall be equipped with a cover possible to assemble and disassemble at least 50 times without tools.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Supplier Development and Production Hardening. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: If an interference fit is chosen, the maximum force to assemble/disassemble shall be 50 N in room temperature.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: It shall still remain intac t and keep tightness after vibration testing (See req.10.5) 4.18 When the cover is assembled it shall not be possible to insert an object larger than Ø0,2 mm into the gearbox housing between the cover and ECA.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Backend and IT Systems.

Mapped security capability: None

Mapped feature: Backend and IT integration

Mapped interface: None

Mapped architecture element: Backend and IT Systems

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Figure 6 - Snap in tool space 4.19 The ECA shall have a loop or similar feature where the cable can be fixated with a cable tie.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Communication and Boundary Control; Supplier Development and Production Hardening. Architecture view: Engineering Toolchain.

Mapped security capability: None

Mapped feature: Engineering tooling

Mapped interface: None

Mapped architecture element: Engineering Toolchain

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: The loop or Scania assembled bracket shall be located close to the centre ( ± 20 mm) of the cable section between the connector and last cable fixation point on the gearbox 4.20 The connector for communication and power shall be positioned as indicated in Figure 4 - ISO view of 3D envelope, when connected.

Engineering expectation: ECU communication interfaces are expected to apply agreed boundary controls, authenticity/integrity checks, and freshness handling where allocated.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Architecture view: Hardware Platform.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: None

Mapped architecture element: Hardware Platform

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Details regarding actual length and positioning tolerances shall be agreed in design phase.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.21 If the ECA is powered up with the PP in the utmost forward position (for example when not connected to the clutch lever) it shall move AP to its utmost reversed position.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Backend and IT Systems.

Mapped security capability: None

Mapped feature: Backend and IT integration

Mapped interface: None

Mapped architecture element: Backend and IT Systems

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 11

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.23 The actuator shall apply a preload force for the release bearing.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 12

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: The preload force measured on the push rod shall be 150N to 250N independent of the clutch position 4.24 The pushrod position when clutch is at rest and only preload force is applied, will vary randomly within 2 mm (± 1mm from FCCP).

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 12

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.25 It must be possible to assemble the actuator independent of the lever position without any power connection.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Backend and IT Systems.

Mapped security capability: None

Mapped feature: Backend and IT integration

Mapped interface: None

Mapped architecture element: Backend and IT Systems

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 12

Classification: Not Applicable

Mandatory level: Must

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: This means that the push rod shall be possible to move by hand.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 12

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 4.26 When the clutch is fully engaged, the active control mode is position or torque control mode and there is no active request to extract the pushrod (clutch opening motion), the ECA shall not apply a force outside of limits in preload force defined in req.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 12

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: P 1 Page 5 Clutch engage and disengage 5.1 It shall be possible to disengage the clutch in 180ms (= Ts) with accuracy according to req 5.10,and max speed set to 125mm/s (see req 6.4) Time is measured according to Figure 7 – Max disengage time, where the dashed line is the position request as it becomes available on the CAN bus, and the full line is the actual PP.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Architecture view: Backend and IT Systems.

Mapped security capability: None

Mapped feature: Backend and IT integration

Mapped interface: None

Mapped architecture element: Backend and IT Systems

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 13

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: This shall be measured against the maximum disengage force (See Appendix A) Figure 7 – Maximum disengage time

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 13

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: P 1 Page 5.2 It shall be possible to engage the clutch in 180ms (=Ts) with accuracy according to re q.5.10, and the max speed set to 125mm/s (see req 6.4).

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Backend and IT Systems.

Mapped security capability: None

Mapped feature: Backend and IT integration

Mapped interface: None

Mapped architecture element: Backend and IT Systems

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 14

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: This shall be measured against the minimum engage force (See Appendix A) Figure 8 - Maximum engage time

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 14

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: P 1 Page 5.3 The clutch actuator shall report the absolute position of the current actuator stroke (AP) (Ref 14.14).

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 15

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 5.4 It shall also report the position that corresponds to a fully closed clutch position (FCCP), expressed in absolute position of the actuator stroke and relative to the absolute zero position (See req.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Backend and IT Systems.

Mapped security capability: None

Mapped feature: Backend and IT integration

Mapped interface: None

Mapped architecture element: Backend and IT Systems

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 15

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 5.5 The clutch actuator shall be equipped with a displacement sensor measuring the movement of the push rod, (Ref 14.14) 5.6 The actuator must be able to determine the pushrod position according to the following: Accuracy (maximum difference between measured pushrod position and actual pushrod position): +/- 1.6mm.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Hardware Platform.

Mapped security capability: None

Mapped feature: Hardware platform support

Mapped interface: None

Mapped architecture element: Hardware Platform

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 15

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Range: 85mm (AP) 5.7 For each stroke that the actuator performs it shall adjust to the current wear of the clutch.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Backend and IT Systems.

Mapped security capability: None

Mapped feature: Backend and IT integration

Mapped interface: None

Mapped architecture element: Backend and IT Systems

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 15

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: This means that is shall be possible to request a relative stroke from the fully closed clutch position and achieve the step accuracy as defined in req.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 15

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: The FCCP after a clutch engage shall be updated to 90% of the step within 0,2 s per mm that the FCCP have changed during the stroke.

Engineering expectation: Software update handling is expected to preserve authenticity, integrity, and controlled boot/application state transitions.

Engineering interpretation: Security view: Secure Software Update. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 15

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 5.9 The maximum stationary position error relative to real FCCP (i e self-adjustment error + step response error) shall be ±0.15mm.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 15

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: P 1 Page 5.10 The actuator shall move the pushrod according to the following points: Actuator maximum speed: The maximum achievable speed of the pushrod shall be at least 125 mm/s.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 16

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: The actuator shall move the pushrod at the highest possible speed, limited only by its maximum achievable speed and the maximum speed request.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 16

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 6.4) Dynamics start of movement: The requested speed (or 125mm/s, if requested speed > 125mm/s) shall be achieved within 50ms from when a new value for requested position is sent.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 16

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Dynamics end of movement: The requested speed shall be kept until 2 mm from the target position.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 16

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 100ms after reaching 2 mm from target, the maximum position error should be ±0.1mm.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 16

Classification: Not Applicable

Mandatory level: Should

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Maximum overshoot is 0.2 mm When a new position is requested, but the stroke is too short to reach requested speed, the ECA shall complete the stroke in minimum time with dynamic in compliance with the req 5.1, 5.2 and this section.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Compliance Process; System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: Compliance Process; System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 16

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 5.10 shall be tested with a step response test cycle, according to description and Figure 10 - Step response test cycle.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 17

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: P 1 Page 5.12 The ECA shall be able to run the 4 second test cycle in Figure 11 - Release frequency test continuously for 5 hours without any degradation or failure.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 18

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: The test shall be done with the highest operating temperature (see req 8.1) and maximum clutch force (See Appendix A) Figure 11 - Release frequency test

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 18

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Between 16V and loss of power the ECA shall hold its current position or move towards requested position without any time requirement.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 19

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: The strategy shall be disc ussed and approved with Traton.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 19

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 5.1 and 5.2) Figure 12 - Class B exceptions 5.14 It shall be possible to keep the clutch disengaged continuously without risk of loss of function for 120 min.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Application Software.

Mapped security capability: None

Mapped feature: Application software behavior

Mapped interface: None

Mapped architecture element: Application Software

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 19

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: This shall be measured against the maximum disengage force (Appendix A) and an highest operating temperature (see req.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 19

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: P 1 Page 6 SW functionality 6.1 TB4684 shall be applied.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 20

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: It shall be followed to its full extent.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: Backend and IT Systems.

Mapped security capability: None

Mapped feature: Backend and IT integration

Mapped interface: None

Mapped architecture element: Backend and IT Systems

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 20

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: When requesting Absolute Position Control the actuator shall move to the actuator position defined by the Requested Position (RP).

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 21

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Specific cases shall be approved with Traton.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 21

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Control mode Absolute position 0x01 6.3.2 When requesting Relative Position Control (RPC) the actuator shall move to an offset that corresponds to the Requested Position from the Fully Closed Clutch Position (FCCP).

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 21

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: Control mode Relative position 0x02 6.3.3 When requesting Torque Control (TC) the actuator shall actuate the requested motor torque.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 21

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 6.3.4 When requesting Test Mode, the actuator shall perform tests to detect latent faults.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 22

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: ECA behavior and additional requirements for this mode can be found in (Ref 14.16) Control mode Test mode 0x04 6.3.5 When this Control Mode is sent the actuator shall behave as if the power supply was cut with aspect to control of the actuator.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Interface view: External Interfaces. Architecture view: External Interfaces.

Mapped security capability: None

Mapped feature: External interfaces

Mapped interface: External Interfaces

Mapped architecture element: External Interfaces

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 22

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: CAN communication shall still be active.

Engineering expectation: ECU communication interfaces are expected to apply agreed boundary controls, authenticity/integrity checks, and freshness handling where allocated.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Interface view: External Interfaces. Architecture view: External Interfaces.

Mapped security capability: None

Mapped feature: External interfaces

Mapped interface: External Interfaces

Mapped architecture element: External Interfaces

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 22

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: If the actuator can move faster than this value it shall be controlled in a such way that it does not exceed this limit.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Architecture view: Backend and IT Systems.

Mapped security capability: None

Mapped feature: Backend and IT integration

Mapped interface: None

Mapped architecture element: Backend and IT Systems

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 22

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 6.5 Self-adjustment The self-adjustment signal defines the restrictions of how the FCCP shall be identified.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Interface view: External Interfaces. Architecture view: External Interfaces.

Mapped security capability: None

Mapped feature: External interfaces

Mapped interface: External Interfaces

Mapped architecture element: External Interfaces

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 22

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: The signal is valid during Control Modes RPC and TC(see req 6.3).

Engineering expectation: Engineering expectation is unclear from the current evidence and needs customer clarification before baseline closure.

Engineering interpretation: Security view: Secure Communication and Boundary Control.

Mapped security capability: None

Mapped feature: None

Mapped interface: None

Mapped architecture element: None

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 22

Classification: Reclassified as Informational

Mandatory level: Informational

Customer clarification status: Needed

Human review status: Needed

Recommended action: Resolve customer clarification and update mappings before claiming closure.

Full requirement statement: The value of the FCCP shall be reported via CAN(Ref 14.14) Req.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Interface view: External Interfaces. Architecture view: External Interfaces.

Mapped security capability: None

Mapped feature: External interfaces

Mapped interface: External Interfaces

Mapped architecture element: External Interfaces

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 22

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: The value shall be frozen at the last identified position and used for RPC.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 22

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 6.6.1 When low accuracy mode is requested, the maximum push rod position(PP) error can be ±0.5mm Accuracy mode Low accuracy 0x0 6.6.2 Accuracy according to 5.10 shall be fulfilled.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Communication and Boundary Control. Interface view: External Interfaces. Architecture view: External Interfaces.

Mapped security capability: None

Mapped feature: External interfaces

Mapped interface: External Interfaces

Mapped architecture element: External Interfaces

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 23

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: Message contents to be agreed with Traton 6.9 ECA identification number: The ECA shall report a unique ECA individual identification number 6.10 Supplier code: The ECA shall report supplier code 5 via CAN.

Engineering expectation: Engineering expectation is unclear from the current evidence and needs customer clarification before baseline closure.

Engineering interpretation: Security view: Secure Communication and Boundary Control; Supplier Development and Production Hardening. Interface view: External Interfaces; OEM/Customer Review Interface. Architecture view: External Interfaces; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: External interfaces

Mapped interface: External Interfaces; OEM/Customer Review Interface

Mapped architecture element: External Interfaces; OEM/Customer Review Interface

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 23

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Needed

Human review status: Needed

Recommended action: Resolve customer clarification and update mappings before claiming closure.

Full requirement statement: 6.11 SW number: The ECA shall report a complete SW version number.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 23

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 6.12 HW number: The ECA shall report a complete HW version number.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 23

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 6.13 Error State Diagnostic - ESD and Error State Action - ESA The ECA shall send a bit field via CAN containing errors present Additionally, see req 6.20, req 6.22 ,req.

Engineering expectation: Diagnostic access is expected to be authenticated, role-authorized, logged, and finalized through customer-confirmed service allocation.

Engineering interpretation: Security view: Secure Diagnostics and RBAC; Secure Communication and Boundary Control; Cybersecurity Evidence and DIA; Diagnostic security. Architecture view: Security Services.

Mapped security capability: Diagnostic security

Mapped feature: Diagnostic security

Mapped interface: None

Mapped architecture element: Security Services

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 23

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: ESA definition( Ref 14.16) The supplier shall provide documentation for the ESD bits and related faults .

Engineering expectation: Supplier is expected to provide cybersecurity work products and evidence showing how embedded cybersecurity is managed across the lifecycle.

Engineering interpretation: Security view: Cybersecurity Evidence and DIA; Supplier Development and Production Hardening. Interface view: OEM/Customer Review Interface. Architecture view: System Core; OEM/Customer Review Interface.

Mapped security capability: None

Mapped feature: System behavior; Security evidence and traceability

Mapped interface: OEM/Customer Review Interface

Mapped architecture element: System Core; OEM/Customer Review Interface

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 23

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Use as mapped evidence in the architecture/security baseline.

Full requirement statement: 6.14 System state The ECA shall report its current System State.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 23

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 6.14.1 Boot Mode If the actuator is in boot mode, 0x00 shall be reported as active state.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Secure Boot and Application State Control. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 24

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 0x0 6.14.2 Absolute Position Control This value shall be sent when the ECA is actuating Absolute Position Control.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 24

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 0x1 6.14.3 Relative Position Control This value shall be sent when the ECA is actuating Relative Position Control.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 24

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 0x2 6.14.4 Torque Control This value shall be sent when the ECA is actuating Torque Control.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 24

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 0x4 6.14.5 Self-Adjustment This value shall be sent when the ECA is performing a Self-Adjustment procedure that is not part of a RPC or TC request (i.e.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 24

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 0x5 6.14.6 Initializing This value shall be sent when the ECA is performing its initiation routine and is not yet available for control.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 24

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 0xA 6.14.7 Shut down This value shall be sent when the ECA is performing its shut down routing and is not available for control.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 24

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 0xB 6.14.8 Debug / Test This value shall be sent when the actuator is in debug or test control state.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Security view: Supplier Development and Production Hardening. Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 24

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: 0xC 6.14.9 Motor Brake Simulation This value shall be sent when the actuator is performing a motor brake simulation.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 24

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: P 1 Page 6.15 System Temperature The ECA shall report the current system temperature.(Ref 14.14) 6.16 Torque Feedback The ECA shall calculate and report the actuator motor torque.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 25

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.

Full requirement statement: (Ref 14.14) 6.17 Current feedback The ECA shall report the current for each phase of the actuator.

Engineering expectation: Engineering work is expected to allocate this requirement to the affected ECU function, interface, architecture element, or evidence work product.

Engineering interpretation: Architecture view: System Core.

Mapped security capability: None

Mapped feature: System behavior

Mapped interface: None

Mapped architecture element: System Core

Source PDF: 3299216_1.pdf

Source Markdown: converted/markdown-cleaned/3299216_1.md

Page reference: page 25

Classification: Not Applicable

Mandatory level: Shall

Customer clarification status: Not needed

Human review status: Not needed

Recommended action: Complete missing traceability links.