Skip to main content
Entity types are the building blocks of TestAuto2. They define what work items can exist, which fields they contain, and how they relate to other work items through link roles. Understanding entity types is essential for configuring the RTM model.

Entity Type Overview

The TestAuto2 RTM model defines 13 entity types organized across five categories:
CategoryEntity Types
Requirements HierarchyCustomerRequirement, SystemRequirement, SubsystemRequirement, DesignRequirement, Characteristic, UseStep
Analysis and ControlHazard, Harm, SafetyGoal, Function, FailureMode, ProcessFailureMode, RiskControl, RiskRecord
VerificationTestCase, VerificationTestCase, ValidationTestCase
System StructureSystemElement, ProcessStep

Requirements Hierarchy

Requirements decompose through four levels in the V-model: customer → system → subsystem → design. Each level refines the previous level, creating traceability from stakeholder needs through implementation specifications.

CustomerRequirement

PropertyTypeDefaultDescription
polarionTypeStringuserStoryPolarion work item type ID
moduleFolderStringRequirementsAuto-creates in this folder
moduleNameStringCUSTOMER-REQSDocument identifier
moduleDocTypeStringReqSpecPolarion document type
outlineNumberBooleantrueEnables hierarchical numbering (CUS-001, CUS-001.1)
classificationFieldclassificationSafety classification (SC/CC)
refinesLink RoleRefined by SystemRequirement entities
validatesLink RoleValidated by ValidationTestCase entities
Purpose: Captures user-visible system needs and business requirements. Customer requirements are authored early in project planning and traced through system requirements to validation tests. Example:
CUS-001: AEB System shall activate when collision threat detected
- Classification: SC (Safety Critical)
- Validates: V-01 (Validation test for obstacle detection)

SystemRequirement

PropertyTypeDefaultDescription
polarionTypeStringsystemReqPolarion work item type ID
moduleDocTypeStringsystemRequirementsSpecificationDocument type constraint
refinesLink RoleRefines CustomerRequirement
refinedByLink RoleRefined by SubsystemRequirement and DesignRequirement
verifiesLink RoleVerified by VerificationTestCase
classificationFieldclassificationSafety classification
asilFieldasilAutomotive Safety Integrity Level
Purpose: Defines system-level functional and non-functional requirements that satisfy customer needs. System requirements are verified at the system integration level and refined into subsystem requirements. Example:
SYS-001: AEB system shall initiate braking within 500ms of obstacle detection
- ASIL: B (determined by HARA)
- Refines: CUS-001
- Verified by: SV-01 (System verification test)

SubsystemRequirement

PropertyTypeDefaultDescription
polarionTypeStringsysReqSame as SystemRequirement (distinguished by document type)
moduleDocTypeStringsubsystemRequirementsSpecificationSubsystem-level doc type
refinesLink RoleRefines SystemRequirement
refinedByLink RoleRefined by DesignRequirement
verifiesLink RoleVerified by VerificationTestCase
subsystemScopeConstraintCross-reference limited to same subsystem
Purpose: Decomposes system requirements to subsystem level. Enables allocation of requirements to ECU, sensor, and interface subsystems while maintaining traceability. Example:
SUB-001: ECU Processing Subsystem shall compute obstacle distance from sensor fusion
- Refines: SYS-001
- Verified by: SV-02 (Subsystem verification for ECU)

DesignRequirement

PropertyTypeDefaultDescription
polarionTypeStringsysReqPolarion work item type ID
moduleDocTypeStringdesignRequirementsSpecificationDesign-level document type
subTypeFielddesignReqSubTypeClassifies design requirement kind (e.g., interface, algorithm, data structure)
refinesLink RoleRefines SubsystemRequirement
refinedByLink RoleRefined by Characteristic
verifiesLink RoleVerified by VerificationTestCase
classificationFieldclassificationSC/CC classification
subsystemScopeConstraintCross-references limited to same subsystem
Purpose: Specifies detailed design requirements at component level. Design requirements are verified through testing and refined into measurable characteristics. Example:
DES-001: Camera image processing algorithm shall detect objects ≥ 1.0m distant
- Subtype: Algorithm Requirement
- Refines: SUB-001
- Refined by: CHR-012 (Detection accuracy characteristic)

UseStep

PropertyTypeDefaultDescription
polarionTypeStringuserStoryPolarion work item type ID
descriptionFieldDescribes the operational scenario
stepFieldSequential step number in use case flow
actorFieldActor performing the step (driver, system, environment)
preconditionFieldCondition that must be true before step
Purpose: Documents operational scenarios and use cases describing how the system is used. Use steps provide context for operational situations in HARA and system testing. Example:
USE-01: Driver approaching stopped vehicle at highway speed
- Actor: Vehicle operating autonomously
- Precondition: AEB system powered, sensor fusion active
- Step: 1 (first step in AEB activation flow)

Characteristic Entity

PropertyTypeDefaultDescription
polarionTypeStringworkItemPolarion work item type ID
refinesLink RoleRefines DesignRequirement
targetValueFieldNominal or expected value for the characteristic
toleranceFieldAllowable deviation or range specification
classificationFieldclassificationSC (Safety Critical) or CC (Critical Component) badge
unitFieldMeasurement unit (mm, Hz, dB, etc.)
assessedByLink RoleAssessed by FailureMode entities in FMEA
Purpose: Captures measurable design parameters (dimensions, frequencies, thresholds) that are verified in testing and analyzed in FMEA. Each characteristic links to design requirements and to failure modes for risk analysis. Example:
CHR-012: Camera Detection Range Accuracy
- Target Value: 100 ± 5 meters
- Classification: SC (Safety Critical)
- Unit: meters
- Assessed by: FM-045 (Camera detection failure at extreme range)

Analysis & Control Entities

Hazard

PropertyTypeDefaultDescription
polarionTypeStringhazardPolarion work item type ID
descriptionFieldDescription of potential hazardous situation
causeFieldRoot cause or triggering event
consequenceFieldPotential harm if hazard occurs
severityFieldharaSeverityS0–S3 per ISO 26262 (no injury to fatal)
exposureFieldharaExposureE0–E4 per ISO 26262 (rare to highly probable)
controllabilityFieldharaControllabilityC0–C3 per ISO 26262 (easily to difficult to control)
asilFieldharaAsilComputed ASIL (QM, A, B, C, D)
derivedToLink RoleDerived to SafetyGoal entities
Purpose: Documents potential hazardous situations identified in HARA. Each hazard is assessed using ASIL classification matrix (Severity × Exposure × Controllability) to determine required functional safety integrity level. Example:
HAZ-001: Loss of Obstacle Detection
- Cause: Camera/radar sensor failure
- Consequence: Collision with undetected obstacle
- Severity: S3 (fatal or serious injury)
- Exposure: E4 (highly probable)
- Controllability: C3 (difficult for driver to control)
- ASIL: D (highest safety level)
- Derived to: SG-01 (Safety goal for sensor redundancy)

Harm

PropertyTypeDefaultDescription
polarionTypeStringharmPolarion work item type ID
descriptionFieldDescription of potential injury or damage
severityFieldharmSeverityInjury severity classification (e.g., minor, serious, fatal)
affectedPartyFieldWho could be harmed (occupants, pedestrians, property)
linkedToLink RoleLinked to Hazard for harm-hazard mapping
Purpose: Describes potential injuries or damage resulting from hazardous situations. Used in medical device and ISO 14971 risk management contexts.

SafetyGoal

PropertyTypeDefaultDescription
polarionTypeStringsafetyGoalPolarion work item type ID
descriptionFieldStatement of the safety goal
asilFieldasilASIL level (inherited from hazard)
allocatedToLink RoleAllocated to SystemRequirement entities
derivedFromLink RoleDerived from Hazard
mitigatedByLink RoleMitigated by RiskControl entities
Purpose: High-level safety objectives derived from hazard analysis. Safety goals specify what the system must do to prevent or mitigate identified hazards at a required ASIL level. Example:
SG-01: Ensure Continuous Sensor Availability (ASIL D)
- Derived from: HAZ-001 (Loss of Obstacle Detection)
- Allocated to: SYS-002 (Redundant sensor fusion requirement)
- Mitigated by: RC-015 (Sensor health monitoring control)

Function

PropertyTypeDefaultDescription
polarionTypeStringfunctionPolarion work item type ID
descriptionFieldFunctional behavior description
classificationFieldclassificationSC or CC classification
assessedByLink RoleAssessed by FailureMode entities in FMEA
allocatedToLink RoleAllocated to SystemElement via function allocation
Purpose: Defines system and subsystem functions that are analyzed in FMEA. Functions describe what the system does; failure modes describe how functions can fail. Example:
FUNC-005: Obstacle Detection Function
- Classification: SC (Safety Critical)
- Assessed by: FM-001 through FM-015 (failure modes for detection function)
- Allocated to: SYS-001 (AEB System)

FailureMode

PropertyTypeDefaultDescription
polarionTypeStringfailureModePolarion work item type ID
descriptionFieldHow the function can fail
effectFieldConsequence of the failure
causeFieldRoot cause of failure
fmSeverityFieldfmeaSeverity1–10 severity rating
preOccurrenceFieldfmeaOccurrence1–10 pre-mitigation occurrence rate
preDetectionFieldfmeaDetection1–10 pre-mitigation detection rate
postOccurrenceFieldfmeaOccurrencePost-mitigation occurrence (after control implementation)
postDetectionFieldfmeaDetectionPost-mitigation detection (after control implementation)
apFieldactionPriorityH/M/L action priority (computed from pre-mitigation RPN)
apPostFieldactionPriorityPost-mitigation action priority
mitigatedByLink RoleMitigated by RiskControl entities
assessesLink RoleAssesses Function or Characteristic
Purpose: Documents potential failures in FMEA analysis. Failure modes are assessed using severity-occurrence-detection scoring, and action priority determines control implementation priorities. Example:

ProcessFailureMode

PropertyTypeDefaultDescription
polarionTypeStringprocessFailureModePolarion work item type ID
descriptionFieldManufacturing/process failure scenario
effectFieldConsequence on product quality
causeFieldProcess root cause
severityFieldfmeaSeverity1–10 rating
occurrenceFieldpfmeaOccurrence1–10 pre-mitigation rate
detectionFieldpfmeaDetection1–10 detection rate
mitigatedByLink RoleMitigated by ControlPlanItem
Purpose: Analyzes failures in manufacturing and assembly processes. Process FMEA uses similar scoring methodology but focuses on process control rather than design. Example:

RiskControl

PropertyTypeDefaultDescription
polarionTypeStringriskControlPolarion work item type ID
descriptionFieldTechnical control measure or mitigation action
controlTypeFieldcontrolTypeEnumeration: Detection, Preventive, Corrective, etc.
effectivenessFieldEstimated or measured reduction in risk (%)
responsibleFieldTeam or person responsible for implementation
targetCompletionDateFieldScheduled completion date
mitigatesLink RoleMitigates FailureMode or ProcessFailureMode
implementsLink RoleImplements SafetyGoal
Purpose: Specifies control actions that reduce or eliminate identified risks. Controls can be design changes, process improvements, or monitoring strategies. Example:
RC-001: Lens Heating and Cleaning System
- Type: Preventive
- Effectiveness: 65% (reduces occurrence from 6 to 3)
- Implements: SG-01 (Continuous sensor availability)
- Mitigates: FM-001 (Camera lens degradation)

RiskRecord

PropertyTypeDefaultDescription
polarionTypeStringriskRecordPolarion work item type ID
descriptionFieldRisk or issue description
statusFieldOpen, In Progress, Closed, Reopened
probabilityFieldriskProbabilityLikelihood classification
impactFieldriskLevelConsequence severity classification
riskLevelFieldComputed risk matrix intersection (Low/Medium/High/Critical)
ownerFieldIndividual responsible for risk
linkedToLink RoleLinked to Hazard, FailureMode, or RiskControl
Purpose: Tracks residual risks and issues discovered during design or test phases. Risk records maintain visibility into unresolved safety concerns.

Verification Entities

TestCase

PropertyTypeDefaultDescription
polarionTypeStringtestCasePolarion work item type ID
descriptionFieldTest objective and acceptance criteria
procedureFieldStep-by-step test procedure
verifiesLink RoleVerifies SystemRequirement, SubsystemRequirement, or DesignRequirement
validatesLink RoleValidates CustomerRequirement
evidenceLink RoleLinks to external evidence (test reports, logs)
Purpose: Generic test case that can verify requirements at any level or validate customer requirements.

VerificationTestCase

PropertyTypeDefaultDescription
polarionTypeStringtestCasePolarion work item type ID
moduleDocTypeStringverificationSpecificationVerification document type
verifiesLink RoleVerifies SystemRequirement, SubsystemRequirement, or DesignRequirement
evidenceLink RoleLinks to verification evidence (test logs, reports)
Purpose: Verification-specific test case that proves requirements are correctly implemented. Verification tests are organized in system/subsystem/design verification documents and tracked separately from validation tests. Example:
SV-01: System Verification Test - Braking Response Time
- Verifies: SYS-001 (AEB activation within 500ms)
- Procedure: Simulate obstacle at range X, measure braking activation time
- Evidence: V-SVT-001-20260215.log (test execution log)

ValidationTestCase

PropertyTypeDefaultDescription
polarionTypeStringtestCasePolarion work item type ID
moduleDocTypeStringvalidationSpecificationValidation document type
validatesLink RoleValidates CustomerRequirement
evidenceLink RoleLinks to validation evidence (field trial data, customer feedback)
Purpose: Validation test that confirms the system meets customer needs and operates correctly in real-world conditions. Validation is distinct from verification and occurs after system implementation. Example:
VAL-01: Customer Validation - AEB Activation in Real Traffic Scenario
- Validates: CUS-001 (AEB system shall activate when collision threat detected)
- Procedure: Test vehicle in real traffic, measure system performance over 1000 km
- Evidence: Field trial report with pedestrian detection accuracy metrics

System Structure Entities

SystemElement

PropertyTypeDefaultDescription
polarionTypeStringsystemElementPolarion work item type ID
descriptionFieldElement description and responsibility
statusFieldsystemElementStatusConcept, Design, Implemented, Verified, etc.
outlineNumberBooleantrueHierarchical numbering (AEB.1, AEB.1.1, AEB.1.1.1)
safetyRelevantFieldBoolean: is this element safety-relevant?
allocatedFromLink RoleAllocated from SafetyGoal or Function
allocatedToLink RoleAllocated to ProcessStep entities
parentElementLink RoleParent in hierarchy (system → subsystem → component)
childElementLink RoleChildren in hierarchy
Purpose: Defines the system architecture hierarchy. System elements represent physical or logical components (AEB System, ECU Subsystem, Camera Module, etc.) and support allocation of functions, requirements, and process steps. Example - Hierarchy: diagram

ProcessStep

PropertyTypeDefaultDescription
polarionTypeStringprocessStepPolarion work item type ID
descriptionFieldProcess step description
outlineNumberBooleantrueSequential numbering
phaseFieldV-model phase (Planning, Requirements, Design, Implementation, Verification, Validation)
allocatedToLink RoleAllocated to SystemElement entities (many-to-many)
inputFromLink RoleReceives input from previous process step
outputToLink RoleProduces output consumed by next process step
Purpose: Documents the development and verification process flow. Process steps enable tracking of which system elements participate in each phase and establish process-to-design traceability for ISO 26262 compliance. Example:
PS-01: System Requirements Specification Phase
- Phase: Requirements
- Allocatedto: AEB (System)
- OutputTo: PS-02 (System architecture definition)

PS-02: System Architecture Definition Phase
- Phase: Design
- Allocated to: AEB.1, AEB.2, AEB.3 (all subsystems)
- InputFrom: PS-01
- OutputTo: PS-03 (Detailed design phase)

Entity Type Configuration

Entity types are defined in the RTM model YAML file (.polarion/nextedy/models/rtm.yaml). Each entity type includes:
entityTypes:
  SystemRequirement:
    polarionType: sysReq
    moduleDocType: systemRequirementsSpecification
    outlineNumber: true
    fields:
      - name: description
        type: Text
      - name: asil
        type: Enumeration
        options: [QM, A, B, C, D]
    linkRoles:
      - role: refines
        targetType: CustomerRequirement
      - role: refinedBy
        targetType: SubsystemRequirement
    moduleConstraint:
      autoCreate:
        folder: Requirements
        name: SYSTEM-REQS
Each work item created in TestAuto2 instantiates one of these entity types, inheriting its fields, relationships, and constraints.
Modifying entity types requires SVN commit and project reload. Changes affect all documents using those entity types. Always validate risksheet and powersheet configurations after entity type changes to ensure they still reference correct fields and link roles.
See also: