Skip to main content
PASS Quality Consulting

Consulting for Secure Software Development

Consulting, coaching and training for secure, standards-compliant and efficient processes, methods and tools in software development.

Request consultation

Methods & frameworks

The development of safety-critical software is characterized by increasing complexity, regulatory requirements and OEM specifications. At the same time, there is often a lack of transparency regarding the actual maturity level of existing processes.

From analysis and optimization through to assessment, we support you in a structured and goal-oriented manner. We align your existing development processes with industry-specific standards, manufacturer-specific requirements and internationally recognized methodological frameworks, and evaluate them systematically. This enables you to identify improvement potential and implement precisely tailored measures that are not only compliant but also sustainably effective.

graphical illustration of the business approach of PASS PMT Consulting

Our expertise

Icon gears

Automotive SPICE®

Automotive SPICE® is the established process and assessment model for the development of software and systems in the automotive industry. It defines reference processes and evaluation criteria that enable organizations to make their development processes measurable, comparable and systematically improvable. These processes range from requirements engineering through to testing. Automotive SPICE® is needed because OEMs and Tier 1 suppliers often require a verifiable level of maturity. In addition, standardized, auditable processes form the basis for reproducible quality, lower project risks, and supplier capability.

Icon table

Functional safety

Functional safety in accordance with ISO 26262 is the established standard for managing safety risks arising from malfunctions of electrical and electronic (E/E) systems in vehicles. The standard defines a comprehensive safety lifecycle covering concept and development through to production, operation, and service, including the required methods, roles, and work products. A core element is a structured Hazard Analysis and Risk Assessment (HARA) with ASIL classification. Based on this analysis, safety goals as well as hardware and software safety requirements are derived and subsequently verified.

Icon shield keyhole

Cybersecurity

ISO/SAE 21434 is the standard for cybersecurity engineering in the automotive sector. It defines processes and evidence to consistently manage cybersecurity risks in systems, software, and the supply chain — from development to operation and updates. This enables organizations to meet customer and market requirements, create transparency regarding risks and ensure auditable compliance.

Contact us now

Additional services

In addition to our core focus areas, we support organizations in the organizational, methodological and standards-based advancement of their development processes:

ASQMS (Automotive Software Quality Management System) is a management system standard specifically developed for the automotive industry to ensure software quality. Unlike purely project-based assessments, ASQMS takes a holistic view of the organization and covers the entire software lifecycle, including the supply chain and evidence management. In the age of the software-defined vehicle, software is becoming a key factor in quality and competitiveness. ASQMS offers OEMs and suppliers an auditable, systematic approach that is specifically tailored to software-driven development organizations. This enables companies to create transparency, manage quality consistently, and provide reliable evidence to customers and partners.

An ISMS (Information Security Management System) is a company-wide management system for the structured governance and continuous improvement of information security. It is typically based on the international standard ISO/IEC 27001, which defines requirements for the establishment, operation, and ongoing enhancement of a risk-based management system. In light of increasing cyber risks and the growing business criticality of IT, an ISMS creates transparency regarding threats, systematically reduces risks, and enables auditable compliance toward customers and partners.

ISO 9001 is the globally recognized standard for quality management systems (QMS). It defines requirements for how organizations systematically plan, control, and continuously improve quality without prescribing specific organizational structures or methods. At its core are clearly defined and measurable processes that ensure the reliable fulfillment of customer and regulatory requirements, as well as continuous improvement based on data, audits, and management reviews. ISO 9001 provides a verifiable and auditable foundation for consistently high product and service quality. Particularly in environments where transparent evidence and standardized processes are required, the standard reduces risks and strengthens the trust of customers and partners.

We also provide operational support within your projects – with experienced experts in quality management, project and program management, as well as development-related quality assurance. Our specialists integrate seamlessly into your teams, create transparency and ensure a structured, standards-compliant implementation of your initiatives.

Six Sigma is a data-driven improvement methodology that enables organizations to measurably stabilize processes and systematically reduce defect rates and variation. At its core is a structured project approach, typically following the DMAIC cycle (Define, Measure, Analyze, Improve, Control). Root causes are identified using data and statistical methods, targeted improvements are implemented, and results are secured for the long term. Six Sigma is particularly applied in environments where quality, lead time, or cost are significantly influenced by process variability and where decisions should be based on reliable data rather than assumptions. The result is more robust processes, less rework and fewer complaints, and continuous, measurable performance improvement.

SQIL (Software Quality Improvement Leader) is a role established by the Volkswagen Group to systematically and demonstrably improve software quality in development projects, particularly at suppliers. A SQIL acts as an independent quality coach and improvement agent. The role involves reviewing process and product outcomes, monitoring relevant quality metrics, and ensuring that identified improvement actions are implemented in a structured manner and reported transparently. In addition, the SQIL supports the early identification of deviations, the effective steering of improvement activities, and the assurance of required conformity and transparency toward standards and group requirements such as Automotive SPICE® and complementary specifications like KGAS.

Our service portfolio

We support organizations in the sustainable development of their processes and quality management practices.

Icon diagram-project

Process Consulting

  • Guiding software-intensive organizations in enhancing process maturity
  • Improving and streamlining development processes
  • Ensuring standards-compliant implementation of Automotive SPICE®, ISO 26262 and ISO 21434
Icon lightbulb

Supplier Development & R&D

  • Standards-compliant alignment of the R&D organization
  • Conducting supplier assessments and readiness checks
  • Implementation of manufacturer-specific requirements
  • Deployment of SQIL (Software Quality Improvement Leader)
Icon Clipboard

Software Project Management

  • Program management
  • Project leadership
  • Coaching for project leaders and stakeholders
Icon people group

Operational Support

Providing experienced experts in operational roles such as

  • Functional Safety Engineers / Manager
  • Scrum Master
  • Requirements Engineers
  • Configuration Manager
Icon certificate

Automotive SPICE® Assessments

  • Formally recognized assessments according to Automotive SPICE®
  • Including Cybersecurity, Mechanical Engineering and Hardware SPICE®
Icon magnifying glass

Gap Analyses

  • Accurate baseline assessment through gap analyses (informal assessments)
  • Structured action planning and process roadmap definition
  • Integration of existing processes and structures
  • Engagement of all relevant project stakeholders
Icon list

Process Reviews

  • Assessment of completeness, accuracy and practical suitability
  • Evaluation against Automotive SPICE®, ISO 26262 and ISO 21434
  • Verification of alignment with applicable standards
Icon chart line

Potential Analyses

  • Leveraging our experience with OEM requirements
  • Evaluation and further development of suppliers
  • Foundation for assessment and development in accordance with Automotive SPICE® guidelines

Industries with the Highest Requirements

Our services are designed for organizations operating in regulated and safety-critical industries. In these environments, software quality, functional safety and compliance are essential.

  • Automotive: Safety-critical vehicle functions and connected systems require standards-compliant and stable development processes.
  • Defense: Highly available and safety-relevant systems are subject to strict regulatory requirements.
  • Medical Technology: Software with a direct impact on patient and user safety must be developed in a demonstrably safe and compliant manner.
graphical illustration of medical, automotive and defense industry
Request Consulting Now

Get in Touch with Us

We look forward to getting to know you. Our team is available to you at any time by phone, email, or through our online contact form.