By Melissa Walsh

In this automotive age of drive-by-wire systems, we drive around in powerful computers that are our cars. These computers apply modules that rely on an aging communications protocol called the Controller Area Network (CAN). So in light of today’s vision among automakers for design products with autonomous driving capabilities, assuming the computers are smarter than us drivers, is yesterday’s archaic CAN protocol vulnerable for cyber-attack? Will hackers prove to be smarter than the computers driving the cars?

Yes, and yes.

So then as technology and technical compliance grow increasingly complex, how will CAN protocol keep pace in safeguarding vehicle network functions from being compromised? Over the past several years, so called "white hat" hackers have presented the vulnerabilities to automakers, hoping that their findings will; 1- influence automotive software-engineering development and Electronic/Electrical physical-layer design; and 2- spur follow-on legislation and regulation to enforce the mitigation of these vulnerabilities by the automakers and the organizations that prescribe automotive standards.

CAN
The automotive industry adopted and required CAN protocol before service professionals began relying on wireless networking protocol for vehicle diagnostics and service/repair and long before consumers embraced options for on-board wi-fi-based infotainment and utility bells and whistles. In 1983, Robert Bosch introduced the CAN vehicle bus protocol for multiplex communication between physical layer modules. When the protocol was officially accepted as an industry standard at Detroit’s 1986 Society of Automotive Engineers (SAE) Conference, CAN became one of the accepted protocols used for On-board Diagnostics (OBD). In 1996, industry regulators prescribed the CAN-based, OBD-II standard (J-1962 diagnostics interface) as required for all gasoline engine applications for cars and trucks in the United States; and in 2004, the standard (J-1979 diagnostics interface) became mandatory for all diesel cars and trucks.

Because it is low-cost, lightweight, and extensible for interoperability, the 30-plus-year old CAN is here to stay; therefore, any security resolution to prevent cyberattack must assume CAN as the on-board communication platform. Though CAN was developed long before the emergence of the Web and wireless networking protocols, automotive system designers continue to rely on the CAN platform as integrated with on-board Wi-Fi, cellular connectivity, Bluetooth pairing, and, alas, intrusive, or “smart” autonomous driving facility. So if computers are driving the car, how can system designers protect the CAN from cyberattack? Or does the “security by obscurity” argument hold water when it comes to nefarious players hacking into a vehicle communications network to, let's say, throw a driver’s car into Limp mode ... or disable the ABS?

Legislation
The Digital Millennium Copyright Act (DMCA), signed by President Clinton in 1998, legally prohibited car hacking. Intended to protect proprietary rights of software publishers from reverse-engineering, the DMCA also prohibited hacking for academic research. In 2015, the U.S. Copyright Office backed legislation that allowed DMCA “good faith” exemptions for research and for promoting the public good, which took effect in October 2016.

The bipartisan SPY Act was drafted during the Obama administration and introduced in the House January 25, 2017 (sponsored by Rep. Ted Lieu - D-CA and Rep. Joe Wilson - R-SC) as a push on the National Highway Traffic Safety Administration (NHTSA) to protect drivers against vehicle cyberattacks and as an authority directing federal studies to discern the proper defenses in vehicle systems against hackers. The Act remains pending during this Trump administration. While making abstract statements about making the nation safe, Trump also presents a perhaps conflicting objective to reduce regulation in commercial industry. (Track the bill’s progress here: https://www.govtrack.us/congress/bills/115/s680.)

Active regulations are written broadly to safeguard personal and proprietary data from intrusion. The details and documentation are left to self-regulation, requiring private enterprise investment in developing and executing a compliance plan – an honor system to reduce risk of liability. This requires tedious analysis and planning, in addition to imagining possible scenarios resulting from data conflicts and failures and cyberattack. This runs counter to the automotive business model of cost-savings until field issues and public awareness of vulnerabilities force increased investment. Therefore, security experts have taken on the mission of conducting their own security audits by hacking into cars and documenting the vulnerabilities with proposed resolution.

‘White Hat’ Hacking
In 2011, researchers from the University of Washington and University of California-San Diego hacked into a vehicle CAN via several vectors, including the technician wireless/wired scantools, a vehicle communication interface (VCI) (or “pass-through” device), CD player, Bluetooth pairing, and cellular radio. In 2015, researchers Charlie Miller and Chris Valasek hacked into an unaltered 2014 Jeep Cherokee via Sprint cellular interface with the onboard Uconnect infotainment system, allowing them to control the vehicle’s steering, transmission, and brakes. In 2016, Keen Security Lab researchers hacked a Tesla Model S wirelessly via a “malicious Wi-Fi hotspot,” controlling the vehicle’s integrated Web browser.

In 2012, academic researchers in England and the Netherlands exposed a flaw in engine immobilizer systems of vehicles from different manufacturers and expressed intent to publicly disclose the discovery so that manufacturers will eliminate the vulnerability. Among the manufacturers was Volkswagen, which filed a lawsuit to keep the issue undisclosed. After years of litigation and a ruling in favor of the manufacturer, Volkswagen, in 2015, allowed the publication of a redacted version of the findings. 

Critical Security Controls
Assuming that CAN is indeed here to stay, developers would conclude that the surest way to protect drivers from cyberattack would be to properly authenticate device access into the CAN bus, i.e. message encryption to prevent intruders from modifying or reverse-engineering CAN messages.

According to Roderick H. Currie in his whitepaper “Hacking the CAN Bus: Basic Manipulation of a Modern Automobile Through CAN Bus Reverse Engineering,” CAN bus vulnerabilities are numerous. I understood the whitepaper as Currie shooting a flare, warning that zooming into a vision for fully autonomous driving could be putting the shiny new wagon ahead of the old gray mare of a horse that is CAN.

Currie warns, “What is particularly alarming about this research is that the same network bus that was exploited to manipulate the gauge cluster also hosts communications for the engine, transmission, brakes, and steering. On a newer, more connected vehicle with a greater amount of computerization, the same techniques … could be used to take full control of the vehicle and create a dangerous, potentially deadly situation.”

According to Currie, there are at least 20 Critical Security Controls (CSCs) to apply; in another whitepaper, he stresses the following as the “top five”:

1. Document all authorized and unauthorized devices. To prohibit certain devices, it must be clear what devices are allowed to begin defining a baseline security-control strategy. This is a reference for software developers for configuring CAN physical-layer modules (with unique identifiers) to accept a limited inventory of controllers. Further, CAN identification should require encryption in transit.
2. Develop secure configurations for hardware and software. This implies configuring a central control unit to manage CAN configuration according to a robust change-control process, thereby making CAN architecture less open and more secure. (This is similar to the role of the Automotive Service Bus for seeing all controllers at once for troubleshooting a system and servicing a particular controller.)
3. Limit and control network ports, protocols, and services. This is ensuring that ports are not left open or services running, thereby exposing the system to intrusion.
4. Defend the network boundary. While a decade ago, the only external network interface was the OBD-II port, today’s vehicles have a diverse attack surface of external interfaces, including Wi-Fi, Bluetooth, GPS, and cellular connections. Therefore, these multiple interfaces require multiple layers of boundary defense – firewalls that are hardware- and software-based.
5. Control Access on a Need-to-Know Basis. Identify security- and safety-critical assets, classify them for sensitivity, and secure the controllers accordingly. This will remove the scenario of the hacker only requiring remote access to any point in the vehicle network to manipulate critical functions.

In summary, securing the CAN against cyberattack requires strategic planning and structured documentation for supporting it. This should not be an after-thought; nor should documentation be developed in the 11th hour, such as immediately before an audit. The complexity of design ought to drive complexity of structure of supporting documentation, because as the computer takes more command of the helm, we drivers become more vulnerable to hacking.

​“Ironically, it is the newer and more ‘advanced’ cars that offer the most hacking potential," says Currie, "as they have greater interconnectivity between the various Electronic Control Units (ECUs) and a wider overall attack surface.” 

References
“Adventures in Automotive Networks and Control Units” by Charlie Miller and Chris Valasek, 2014 - http://illmatics.com/car_hacking.pdf

“The Automotive Top 5: Applying the Critical Controls to the Modern Automobile” by Roderick Curie, February 2016 - https://www.sans.org/reading-room/whitepapers/critical/automotive-top-5-applying-critical-controls-modern-automobile-36862

“Complying with Data Protection Law in a Changing World” by Benjamin Wright, June 2017: - http://www.sans.org/reading-room/whitepapers/analyst/complying-data-protection-law-changing-world-378

“Comprehensive Experimental Analyses of Automotive Attack Surfaces,” by Stephen Checkoway, Damon McCoy, et al., August 2011 - http://www.autosec.org/pubs/cars-usenixsec2011.pdf

“Developments in Car Hacking” by Roderick Currie, December 2015 - https://www.sans.org/reading-room/whitepapers/ICS/developments-car-hacking-36607

“Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer” by Roel Verdult, Flavio D. Garcia, and Baris Ege, 2015 -- https://www.usenix.org/conference/usenixsecurity13/dismantling-megamos-crypto-wirelessly-lockpicking-vehicle-immobilizer

"Hackers were able to remotely control a moving Tesla Model S" by Andrew Dalton in Engadget, September 20, 2016 - https://www.engadget.com/2016/09/20/tesla-model-s-remote-hack-keen-security/

“Hacking the CAN Bus: Basic Manipulation of a Modern Automobile Through CAN Bus Reverse Engineering” by Roderick Currie, May 2017 -- http://www.sans.org/reading-room/whitepapers/awareness/hacking-bus-basic-manipulation-modern-automobile-through-bus-reverse-engineering-37825

“The Jeep Hackers Are Back to Prove Car Hacking Can Get Much Worse” by Andy Greenberg in Wired, August 2016 - https://www.wired.com/2016/08/jeephackersreturnhighspeedsteeringaccelerationhacks/

​“New Bipartisan SPY Act Pushes NHTSA on Automotive Cyberthreats” by Pete Bigelow in Car and Driver, January 27, 2017 - http://blog.caranddriver.com/new-bipartisan-spy-act-pushes-nhtsa-on-automotive-cyberthreats/

"A New Wireless Hack Can Unlock 100 Million Volkswagens" by Andy Greenberg in Wired, August 10, 2016 -  https://www.wired.com/2016/08/oh-good-new-hack-can-unlock-100-million-volkswagens/

​© 2017, Powerplay Communications

By Melissa Walsh

Is better gas mileage sexy? Will rock songs be written about electric/hybrid propulsion assist? Will teens 20 years from now squeal through the high school parking lot in their 2014 Volt showing off the impressive efficiency and boost of the powertrain. From the perspective of nostalgia and car culture, will electrified vehicles (EV) impress? They're quiet. They expel no nostalgic running-rich exhaust. Can electrification be cool, as in fast-and-furious car-culture cool?

New Product Market
For baby-boomers and older gen-Xers, EV may not surpass 60s- and 70s-era muscle-car cool. But for younger consumers, EV is coming of age. Not only are EV cars and trucks green, they pack a punch in acceleration. High-end models like the Tesla Roadster clock zero to 60 mph under four seconds. Market differentiation will be in style and utility, of course, and also in pragmatics, such as quick charging, range of charge, and bells and whistles that depend on over-the-air software apps and updates. 

EV cars and trucks are becoming more diverse and affordable each model year. If local infrastructure supports charging, then consumers of vehicles requiring charging will follow, especially among younger drivers. Despite low gas prices or pending legislative shifts for environmental requirements, the EV market has emerged and will continue to grow and expand.

Car culture lives on, just more cleanly.

The Aftermarket

Derek Markham reported on treehugger.com in December 2015 that Ford is dedicating $4.5 billion for achieving an electrification projection of 40 percent of its vehicles by 2020. So as EV and hybrid vehicles surpass the typical ten-year warranty of the power pack, what will emerge as aftermarket demand for battery conditioning and battery replacement? Battery replacement involves replacing bad cells to rebuild capacity into a module or replacing the entire module. Battery conditioning returns capacity to low-capacity cells, thereby improving/redeeming the energy economy of the vehicle. 

EV and hybrid markets across the country are radically diverse. Some markets are heavy in electrification; others are light. Compare the California LA and San Francisco markets to those in the rural Midwest, for example. Aftermarket shops with few EV/hybrid-driving customers may not project a good ROI for supporting power pack aftermarket needs on site. They might choose to outsource battery conditioning and replacement services to a company like The Hybrid Shop, which specializes in aftermarket power pack service. Or even if an aftermarket shop decides to offer these services onsite, they might tap specialists like The Hybrid Shop for remote, webinar, and other support for their technicians.  

Vehicle Electrification Lingo

Hybrid – has two power sources – electric and ICE. Applications include Hybrid Electric Vehicle (HEV) and  Plug-in Hybrid Electric Vehicle (PHEV). Hybrid can also mean combining the traditional power source of ICE with not only battery power but solar, wind or water power.

Input power-split – planetary gear distribute power among the engine, motor generator, traction motor, and drivetrain, optimizing propulsion efficiency.

Two-motor system – through the motor generator, the engine supplies energy for the traction motor. The difference between the two-motor system and the input power-split is that planetary gear do not transmit the energy.

Parallel hybrid (P2) – an electric motor and two clutches – one between the engine and electric motor and another between the electric motor and drivetrain.

Regenerative braking – kinetic energy from braking is stored in a power generator and reused by the electric motor for acceleration. This is why hybrid vehicles with regenerative braking get better gas mileage in the city than highway.

Electric Motor Drive Assist – electric motor kicks in to assist the power
train when accelerating onto the expressway or climbing up a hill or coasting gently through a low-speed zone.

Stop-start – the ICE is shut down when the car is stopped; the electric motor runs idle until the accelerator is pressed to trigger an algorithm to wake up ICE.

Mild hybrid – hybrid systems that have more electrified functionality than stop-start, but less than two-motor or P2 systems, such as 48V hybrid systems that integrate a small electric motor into turbocharging application.

Micro hybrid – hybrid systems that apply basic electrification functions, like stop-start, regenerative braking, design for replacing alternator functions.

Belt Alternator Starter (BAS) – ​an electric motor replaces a conventional alternator. A high-tension belt in the electric motor works bi-directionally to provide power-assist to the engine and to collect regenerative braking energy.

© 2017, Powerplay Communications

​Will 'Mustang Sally' become 'Prius Patty'?

Little GTO, you’re lookin’ fine  
Three deuces and a four-speed and a 389  
Listen to her tackin’ up now, listen to her whi-i-ine
C’mon and turn it on, wind it up, blow it out, GTO

With electrification, the song goes:

Little eCVT, you’re conservin’ fuel.
1.8L firing 4-cylinders, 54mpg in the city
Kinetic stoppin’ power, regening it up to sta-a-art
C’mon, plug in the power, buck it up, li’l eCVT

By Melissa Walsh

If you're a player in the ED&D side of the house for an automotive (or defense or commercial vehicle) OEM or supplier, you may have stumbled upon folks from the service side of the house referencing "XML," "single-source publishing," "dynamic publishing," etc. And you may have walked away from the encounter with a clear-as-mud understanding of what they're talking about. 

The snapshot explanation that follows will get you acquainted with the concept and lingo of the structured content approach fundamental for developing content for service/operator technical publications and parts information since the late 1990s.

eXtensible Mark-up Language (XML)

Structured authoring for automotive (and defense and commercial truck) is based on eXtensible Mark-up Language (XML), which executes the strategy of developing and managing content as separate from format. Content owners and Subject Matter Experts (SMEs) plan topics to develop, which are subjects, themes, or talking points. Essentially, a topic is a chunk of content, or content module, that is understood in isolation and used in multiple contexts. Content developers, or authors, manage the development, editing, review, translation, and approval of each topic as a single source, or element. This includes both the structural hierarchy of topics and the mark up of topics, which adds meaning, or intelligence, to content as hidden, background information about a topic in the form of metadata and attributes. 

On December 18, 2015, the Organization for the Advancement of Structured Information Standards (OASIS) ratified DITA 1.3 as the approved standard for authoring and publishing technical content. DITA stands for Darwin Information Typing Architecture, an open, topic-based XML standard first developed by IBM (in 2000) and used increasingly more widely in the automotive industry since the 1.2 release in 2010.  Enterprise IT rules and requirements determine what an organization uses as its Content Management System (CMS) repository for DITA files. End-user experience and allocated budget factor into what XML-based authoring tool is chosen.

XML-based Content Planning
​Initial XML-based content planning determines the XML Schema Definition (XSD), or a document definition for well-formed content structure. XSD becomes the content model, or architecture. This requires functional analysis by a team of representatives from all functional areas that develop and use the content. For many industries, a standard XSD is prescribed, such as DITA for automotive or S1000d for defense. Analysis and inputs by a functionally representative team ensures that the structure and mark-up, as consistent with the chosen definition or schema, make sense.

The team will also plan the Extensible Stylesheet Language Transformations (XSLT), or style templates required for required deliverables, such as XSLT for the Web (XML-to-HTML conversion) and an Extensible Stylesheet Language Formatting Objects (XSL_FO) for a formal print document (XML conversion to a PDF file). XSLT determines the formatting output for imported XML text, much like a styles template in a word-processing document. The difference is that XML content and XSLT formatting rules are stored and developed independently from the content module files. So with the task of responding to a Request for Proposal (RFP), for example, a program associate, as part of a proposal response, would have available in an XML-based content repository a high-level product design description leveraged from previous programs. The program associate would import this content with other content relevant for the proposal response into the XSL-FO stylesheet (pre-configured for showing the compay logo/branding) for distribution to management for review in Adobe Acrobat, before the new business lead submits the formal response to the customer in PDF-formatted, cleanly published document.

More about Darwin Information Typing Architecture (DITA)
DITA is a highly adaptable approach to XML and the fastest growing XML architecture for developing and publishing technical content, largely due to its birth as an OASIS standard for structured authoring and content reuse. Initially embraced as a Control Versioning System (CVS) used for software development, it is where the idea of object-oriented content (for reuse) matured.

DITA plus CMS (tied with a workflow and versioning API) is the automated form of XML-based structured authoring for the automotive industry. It is ideal for enterprises with “big data” ─ many documents that require disciplined processes for change management and configuration control to meet legal and regulatory compliance and industry standards included as requirements in program source packages. From a resource efficiency and cost-reduction standpoint, the DITA approach in XML-based content management is lightweight on a network and optimized for reuse, and a rapid, tracked release cycle.

Adobe FrameMaker XML Author ─ described as “a complete solution for bi-directional technical content” ─ has DITA 1.3 support built-in. Yet FM users may author content in native XML code using a WYSIWYG interface and further customize it with dynamic content filters, a Quick Element Toolbar (QET), and new table features. Authors may also write inline math equations in the content with FrameMaker XML’s native integration with MathFlow Structure and Style editors from Design Science, which are exported to published deliverables as high quality vector graphics. The Packager feature allows the sharing of content with all referenced object files from the DITA exchange CMS included.

Converting Legacy Content to XML-ready Content
A structured-content strategy moves content developers away from inefficient formatting-centric word-processing to strategic topic-based structured authoring and single-source publishing. Topic-element structure allows assignment to SMEs by topic for developing and reviewing content for their topic of specialization. Therefore, it is not feasible to convert each legacy file, one-to-one, to an XML-structured file.
​
Conversion from word-processing formats to XML applies mapping of styles to XML element tags. Conversion is imperfect, as word-processing styles are formatting-based and XML tags are semantically driven. To eliminate redundancy, a good practice is to index legacy content prior to the conversion process and take care to convert “final” or latest versions.  Word-processing styles in legacy documents should also be updated for topic-associated modules of content so that they’ll map directly to corresponding tags for XML topic elements. (New content generated directly in the authoring tool is initially tagged to the refined, prescribed topic-element structure.) A best practice when initiating the actual conversion process is to conduct a pilot-run with a small set of legacy files to validate and refine steps in preparing files for conversion.

​Further reading:
Technical Documentation and Process 
DITA ─  the Topic-Based XML Standard
​Content Strategy 101

© 2017, Powerplay Communications

By Melissa Walsh
​
So you're working out a strategy for empowering your organization with intelligent management of its content. You know that legacy content management practices are insufficient for fast-paced automotive projects that rely on and generate a great deal of content.

As you pitch your recommendations – perhaps to a room full of managers and engineers who are okay with revisions of spreadsheets and powerpoint files saved all over the network drives without version-control and structure – prepare your arguments for structured-authoring and single-sourcing in content management as not only based on best practices in the publishing industry but also as a bottom-line strategy for gaining workflow efficiency and achieving economies of scale.

​Demonstrate how quality content is a highly valuable asset for your enterprise ─ namely, retrieving content readily for reuse and repurposing content for multiple deliverable types and audiences. Then stress that, if users can’t find enterprise content, they can’t use it as an asset. A lack of ease in retrieving content leads to lost resource time and risk in submitting documentation for current programs and proposal responses to new RFPs. Carefully planning for modular, topic-based, structured content upfront and investing in tools to support required enhancements to content development processes and repositories are critical steps toward reducing lost time and rapidly responding to new opportunity. 

Methodology
Undertaking a content strategy project should follow a deliberate, planned process. Upon the acceptance of the recommendations described in your business case, work to implement an enterprise content strategy would follow, guided by colleagues selected for an enterprise Content Working Group and according to the steps below:

1. Identify and interview stakeholders.
2. Establish implementation goals and milestones.
3. Define a pilot project and the roles and responsibilities of the pilot team.
4. Set up a schedule for pilot development and launch.
5. Build the system (install tools, train resources, etc.)
6. Convert legacy content.
7. Deliver pilot batch of content in all desired publishing formats.
8. Facilitate meeting with the pilot team on best practices and tweaks for enterprise roll-out.
9. Build and deliver content following the new strategy, procedures, and tools.
10. Capture project knowledge.

Your Content Working Group ─ representatives from all functional areas that develop and utilize enterprise content ─ will examine enterprise content needs with the aim of implementing a formal Enterprise Content Management strategy. Each participant will contribute to the group’s discussion an understanding of their functional area’s content needs and how content is currently developed, maintained, distributed, and archived. A content-management SME/consultant will introduce the group to the technology and benefits of XML-based structured authoring. With that knowledge, the group will map out a strategy for meeting the enterprise’s particular needs for content management with marked gains in efficiency. The group will consider in its strategy common efficiency features of XML-based structured authoring, including:

• Translation (localization) savings – critical for global business
• Single-sourcing – users review and revise content in one place
• Content reuse – eliminate content development redundancy
• Structured authoring – reduce formatting time; fully utilize author expertise
• Versioning – single source files show history of revision and relevance for programs/products
• Minimalism – content is concise
• Specialization – element topics customized by authors/SMEs
• Multiple output formats – publish to HTML, PDF, EPUB, etc. from single source
• Dynamic lists – push live-data lists, such as for parts and tools, to menus set up in authoring templates
• Metadata – supports ease of content archiving, retrieval, and conditional processing
• Conditional processing – rapid build of content variations for special deliverables
• Modularity – separating content from format; focus on concise and accurate content topic by topic
• Light-weight content management – store content in the network in single, modular content files that are catalogued via rich metadata

Enterprise Needs Assessment
Your enterprise Content Working Group will examine the current content management processes, or gaps in those processes, and survey content creators and users throughout the company. The needs assessment should investigate these questions:

• How many content deliverables does the organization write or revise each year?
• What is the average length (wordcount) per deliverable?
• What percentage of this content is reused (copy & paste)?
• How many heads are dedicated to content generation?
• What percentage of time do content generators spend on formatting?
• What is the per-hour cost of content development?
• How many content pieces are localized each year?
• What is your vendor’s per-word rate for content translation?
• How many target languages, including the source language, do you deliver content in?
• How many different formats do you deliver documentation in (paper, PDF, mobile app, RTF, etc.)?

XML Authoring Must Haves
The enterprise will select an XML-authoring tool for generating structured content. The need for XML-based content development will grow as the need for efficiency grows with new business. Here is what to look for when considering acquisition of an XML authoring tool[1]:

• It can create a new XML file, open an existing XML file, and modify and save an XML file.
• It can validate an XML file against a Document Type Definition (DTD) or XML schema on OPEN and SAVE commands (always running a validation check for well-formed content).
• It is a DITA-aware application[2].
• It includes a publishing engine (such as a Java-script component).
• It includes translation-management support.
• It includes workflow-management support.
• It is easy to use; authors may work in a WYSIWYG view.
• It includes topic and element templates (so that the user doesn’t need to customize tags and code).
• The metadata menu meets the enterprise’s needs.
• All SMEs will be able to use the tool (rather than merely submitting content in Word or emailing it to a technical writer).
• Mapping is not too complicated for users.
• Exporting to HTML and PDF is simple.

CMS Must Haves
Adobe, for example, offers a Web-based Component Content Management Solution (CCMS) for DITA-based content development, storage, and delivery. If your enterprise opts not to authorize purchase and use of Web-based solution, here is what to look for when considering implementing a network-based CMS:
​

• It supports storing modular topic files.
• It supports single-source authoring (write/revise in one file with multichannel output).
• It supports automatic updating/synchronization of a topic across all deliverables.
• It has sophisticated search/retrieval capability.
• It includes workflow features.
• It has native XML features (not just treating XML as a data type).
• It includes referencing features for identifying status of files and impact of revision to a topic.
• It includes version history and checked-in/checked-out status.
• It is compatible with the XML-authoring tool of choice.

CMS
Your XML-based authoring tool should hook with your CMS. For example, Adobe FrameMaker provides easy, menu-based connectivity with third-party CMS applications, enabling integration with off-the-shelf CMSs, including Microsoft SharePoint and Documentum. Adobe offers an FrameMaker XML Publishing Server for ease of mapping elements withing the CMS.

PLM
Check the specifications of your enterprise's Product Lifecycle Manager (PLM) –engineering suite of applications for managing assembly/parts information and product design changes – for connectivity with your CMS and XML authoring tool. XML export of layered model and parts files should flow into image and table elements of your content topic structure. Any current or recent PLM should be XML-ready and compatible for dynamic publishing to XML-based publishing applications. The Export function in Agile, for example, includes options for XML-data export; the application also allows import of XML-structured data. Your content lead should test the export of live PLM data to XML (DITA 1.3) elements in XML authoring tool templates.

Implementing a better way to manage enterprise content will benefit your enterprise both in significant cost-savings for managing current programs and generating new business. What’s more, eliminating manual rework and redundancies in internal documentation and external deliverables will improve the utilization of human resources, making them more available for technical innovation and productivity where their skills are most needed. 

[1] MS Word does not meet these objectives, though presented as an XML-compatible application.

[2] DITA is the preferred XML schema standard for the automotive industry.

​Further reading:
Technical Documentation and Process 
DITA ─  the Topic-Based XML Standard
​Content Strategy 101

© 2017, Powerplay Communications

By Melissa Walsh
​
​An automotive supplier will win new business with an innovative, proven product design. But when it comes to managing that new business, content is king. A pressing reality in today’s automotive industry is compliance to an extensive and growing inventory of standards and requirements. Compliance drives the need for content-management discipline, collaboration, and efficiency. What rules for meeting compliance are best practices for developing and maintaining structured, dynamic content.
​
The Return of Investment (ROI) projected for tools and processes applied for   developing and maintaining structured content is substantial ─ a financial benefit of:

1) improved utilization of resource time and collaboration of work products;
2) decreased lost time due to inefficiencies in developing, maintaining, retrieving, reusing, and publishing content.

The investment is in:

1. Tools (and their process workflows) for collaborative content development, such as SharePoint or Documentum, which enable a structured repository that is version controlled and allows a customized enforceable workflow for writing, review, and approval of content;
2. An XML-based authoring tool, such as Adobe FrameMaker, Altova XMLSpy, JustSystems XMetaL, or ArborText's Epic Editor, which renders intelligence to content structure with topic-based mark-up.

Content Goals
Investment in content management will generate efficiencies in resource management and program controls. The right content authoring and publishing tools and supporting processes will move the enterprise forward in meeting the following objectives:

• Developing information that is controlled and accessible by associates who can analyze it and identify deficiencies;
• Ensuring that confidential and proprietary information is securely stored while remaining accessible by associates requiring access;
• Maintaining a system that tracks and manages content changes related to engineering design changes, product release, internal and external program communication, training, quality, and leadership;
• Meeting industry standards that require:
  • All documents approved for adequacy before distribution,
  • Documents reviewed periodically to verify their validity,
  • Document revisions identified,
  • Relevant versions of applicable documents readily retrievable,
  • Uniquely identifiable documentation,
  • Proper disposition of obsolete documents as “historic,” “obsolete,” “superseded,” or “do not use”;
• Maintaining a document-control process that:
  • Supports product development,
  • Presents record of verification, inspection, or testing of products,
  • Defines industry standards, customer requirements, product specifications,
  • References managing processes,
  • References decision-making;
• Developing and managing semantically meaningful content that is:
  • Repurposed easily,
  • Reused efficiently (without copying and pasting),
  • Retrievable instantly,
  • Stored securely,
  • Represents the structure of supported product/service.

Content Collaboration
Technical, business, and marketing communications personnel develop several types of program and product content. Though different functional teams produce content for different purposes and different audiences, it is important that they do not work in isolation. Much of what they write can be stored, retrieved, and leveraged cross-functionally ─ collaboratively. When content is produced and stored in a structured, modular way, content updates are synchronized and outputs are generated from a single-sourced, light archive of semantically valuable and reliable content.

Listed below are some of the enterprise-published deliverables that can be generated collaboratively from a structured-authoring architecture and single-source model for content management:

• Product design and development – component descriptions, specifications, requirements, other design development collateral such as schematics and drawings;
• Software – data dictionaries, diagnostic messages, design specifications, etc.;
• Online help – content created by subject-matter experts that’s context-sensitive and tagged with unique identifiers;
• Training and education – instructor-led training presentations and handouts, e-learning content, training manuals, user guides;
• Technical support – knowledge-base from customer-care personnel, wiki content, technician cheat-sheets;
• Product-interface labels – a database of labels for providing date, language, location, etc.;
• Web services – Website content (HTML5 output);
• Sales – Proposals, sales support collateral, presentations, data sheets, manuals.

Intelligent Content: A Systems Engineering Approach
Smart content management adopts a systems engineering approach for generating documentation and published deliverables, just as agile program management brings benefits to product development and delivery. This approach begins with envisioning holism for content development and distribution with single-source versioning, viewing, and publishing ─ applying structured authoring for the decomposition of content into modules and separating the maturation, revision, and storage of that content from formatting. This approach considers how the modules of content interact and merge and complement one another for different outputs and deliverables. It captures the emergent properties of content, or the metadata – information about the content as to how it is to be delivered, by whom, for whom, and for what purpose or requirement.

Though each content module is concrete, meaningful information, it is also “marked up” for abstraction and collaboration. Each content module is marked as an element within a pre-defined content architecture; the element is assigned attributes identifying information hierarchy, topic indexing, context, etc. Abstraction employs a mathematical model that “nests” elements for a content structure that is consistent with the system, product, process, or program outputs (deliverables) and retrieval and repurposing needs. Elements are nested as a root node (base node for the element), children (of the root) nodes (become parent nodes to nested children nodes), and sibling nodes in the content management repository. For example, in design specification content for a braking system, the power brake unit is the root element, which is parent of the master cylinder, which might be structured as a sibling to the fluid reservoir. Good attribute mark-up ─ the assignment of rules and categories for elements ─ captures the purpose, scope, and function of element content. Attribute mark-up also produces isomorphism of the content repository, making content retrieval and repurposing efficient and easy to manage for collaboration across enterprise functions. How well elements are structured and marked up for meaning determines the rate and worth of the return on investment for the Extensible Markup Language (XML) planning and tools.

Smart Content Management
Implementing a better way to manage enterprise content will benefit an automotive supplier, manufacturer, or service enterprise both in significant cost-savings for managing current programs and generating new business. What’s more, eliminating manual rework and redundancies in internal documentation and external deliverables will improve the utilization of human resources, making them more available for technical innovation and productivity where their skills are most needed. During a time of rapid business growth for an enterprise, finding better ways to manage enterprise content is critical for managing the development and delivery of an increasing amount of work products with limited resources. 

Further reading:
Technical Documentation and Process 
DITA ─  the Topic-Based XML Standard
​Content Strategy 101

© 2017, Powerplay Communications

By Melissa Walsh
​​
Developers and their OEM sugar daddies are rearing nascent autonomous vehicle technology as a prodigy in car culture. It is maturing and here to stay.

All of the players except Google X -- or the manufacturers who have been in the car-making business long before cruise-control was introduced -- have plotted autonomous vehicle rollout on an ADAS (Advanced Driver Assist Systems) continuum. OEM projections for roll-out of autonomous-driving vehicles are less of planning for a coming out ball and more of releasing autonomous driving snapshots from infancy through adolescence. When the driverless car will emerge as a fully autonomous, independent adult remains to be seen, but most OEMs are projecting their darling’s coming of age for the mid-2020s. In fact, Uber projects releasing a fleet of autonomous vehicles by 2030.

Anecdotally my perception is that consumer demand for driverless cars is tenuous, but I’m a middle-aged Gen-Xer who longs for the return of the carburetor in the NASCAR stockcar. And growing up watching the Jetsons, I thought there’d be stronger demand for flying cars. I'm certain though that the OEMs have market research data supporting their autonomous-driving business case.

OEMs claim that the demand for autonomous vehicles is largely based on statistics on the high rate of driver error leading to accidents; their business case therefore is rooted in safety. And with that, the shift in liability moves from driver to manufacturer. So what about the ROI? Functional Safety (FS) features and the reliability estimation and required system checks and redundancies that go with FS significantly impact program budgets.

Anyone close to the design and development of automotive powertrain systems should understand well how FS engineers and assessors have become critical partners in the automotive product lifecycle. As driver-controlled passive powertrain systems have evolved into driver-assisted active powertrain systems, so has design for safety moved from passive to active.

With projections for mature, fully autonomous vehicles on the roads, assistive driver (drive-by-wire) driving is on track to evolving into driverless (drive-by-machine) driving. Today’s automotive technology is firmly in the “driver assistive” phase, which includes active technologies of advanced driver assist systems (ADAS), such as adaptive cruise control, anti-lock braking, active stability control, driver drowsiness detection, and parking assistance, in addition to legacy passive safety features, such as airbags, seatbelts, and human factures-driven structural design. 

Yet our imaginations skirt off onto rabbit trails with the what-ifs. What if an autonomous vehicle can’t perceive the ambulance about to race through the red light? What if the “cloud” the vehicle depends on malfunctions and sensor inputs on traffic and road conditions are erroneous. How will an autonomous vehicle react to a deer running out into the road? After all, we consumers are already annoyed by our vehicle’s warning beeps when we back out of our unplowed, snowy driveway. The vehicle senses obstacle; we know that it’s merely a minor accumulation of light snowflakes that our AWD vehicle will have no problem driving over. We know that we are smarter than the vehicle we drive. Still, cars are becoming smarter.

The ISO 26262 Functional Safety standard was established in the context of hazard analysis and controllability for driver assistance active safety technologies and is relevant for autonomous braking, acceleration, and turning. But what about the addition of autonomously backing out of a parking spot, starting from a green light, pulling into a car wash, or dropping the kids off at school?

Functional Safety checks and redundancies are established in a Safety Case to ensure that operation is a correct response to input. Inputs from the human operator and inputs from the vehicle’s powertrain control bus E/E hardware components and software algorithms. What additional checks and redundancies are required once the human operator inputs are removed?

Likely, the brilliant folks in the automotive industry are mapping out resolutions to these concerns in a strategy that includes additional programmable logic controllers, ASICs, microprocessors, transmitters, actuators, and more intelligent sensors. Therefore, suppliers responding to RFQs to provide these components must be highly proficient in what the ISO 26262 standard and an OEM’s Safety Case prescribes.
​
It remains to be seen what consumers will pay not to drive their car and how profitable autonomous vehicles will be for OEMs given the heavy projections for cost in reliability analysis, functional safety development and certification, and liability the machine may incur if it is as prone to error leading accident as the human.
​
© 2016, Powerplay Communications

By Melissa Walsh

So you’re responsible for your company’s new business development. After browsing RFPs, you come across a statement of work that directly aligns with your company’s products and services. Confident that your company is positioned to meet the requirements, you’re faced with the challenge of planning your company’s response. And because your company doesn’t maintain a proposals department or retain a proposal writer on staff, you’re on your own. 

Should you request company personnel to write the proposal? Write it yourself? Or should you commission a freelance proposal writer? 

Though business executives function as the experts that cultivate the ideas of an RFP response, they are not proposal writers. Nor is the new sales guy willing to work late qualified as a proposal writer, or the admin who wears many business operations hats. 

Writing is a craft and a trade. Like most other trades, writing is technical and complex. Just as your company invests in engineers, technicians, and sales staff, invest in paying a proposal writer. 

A professional writer will use rich, exact language that is not elaborate, and will follow Chicago Manual of Style convention for proper proposal format and style. A quality writer will also perform a key consulting role in assisting you develop the references, appendices, graphs, and exhibits, adding to the robustness of your proposal and the differentiation of your company.

Your role is to feed the writer with subject-matter expertise, numbers, and statements about your company’s mission and value in the marketplace. As simple as ABC, you will team with the writer to build an RFP response that is active, bold, and credible.

Active

Compose your response as you would an oral presentation, with audience focus. You want your listener — your reader — alert and interested during your pitch. Though a formal response to an RFP demands a formal written proposal, do not over-formalize your proposal text and become unnecessarily boring. Present active, not passive, statements about why your company is the right provider to fulfill the requested scope of work.

Active proposal tips:

• Write in the active voice; eliminate passive subject-verb construction whenever you can.
• Avoid diluting the persuasiveness of your truth claims by leaving out sluggish qualifiers, such as “rather,” “quite,” and “in a sense.”

Bad writing: The service-level agreement (SLA) will be negotiated by the parties.
Good writing: The parties will negotiate a service-level agreement (SLA). 

Bold

Be precise. The Executive Summary may be the only section that the prospect reads for determining first-round candidate cuts. Therefore, it is critical to get the prospect’s attention with a compelling Executive Summary lead that radiates confidence. Your lead should direct the prospect to what differentiates your company from the others represented in the proposal slushpile.

Lead with your company’s branding statement or rephrasing of your tagline. In the first sentence of your Executive Summary, answer this question for your prospect: “Why is your company the strongest candidate for performing the specific scope of work described in the RFP?”

Bold proposal tips:

• Avoid useless adverbs and adjectives in favor of meaningful verbs and nouns.
• Remove “very” from your business lexicon.
• Instead of using the verb “have,” use words of action to present concisely what your company “has.”

Bad writing:  “Our business has trained staff to serve our customers well.”
Good writing: “We train our staff in customer support.”

Credible

Proposal credibility requires professional presentation and quality content. Using other “c” words to elaborate: create content that clearly communicates your company’s competencies for completing the contract. Proceed with building your proposal with active statements that are simple and concise.

Credible proposal tips:

• Avoid lengthy sentences, which give the impression of trying too hard. 
• Employ the semi-colon, dash, and colon.
• Use “that” when you can; use “which” when required for clarity.
• Use bulleted lists.
• Don’t overstate your company’s credentials and accomplishments, avoiding words like “all,” “unique,” and “best-in class.”
• Reference appendices, graphs, exhibits, reports, websites, etc., in your proposal text. Do not embed hyperlinks.

Bad writing: Implemented concurrently with IT enhancements were changes to the networking protocols.
Good writing: [Company Name] enhanced information technology (IT) and administered changes to networking protocols.

Even if you pay a writer to develop a proposal that is not selected for contract award, your investment is not without return. A professional writer brings you the value of finding the correct words and beneficial content organization and structure for communicating your company’s features, benefits, and strengths. It is content that your company owns and may repurpose for responding to the next RFP that intrigues your new business development interest.

© 2014, Powerplay Communications