The power of Polarion to orchestrate complex software development

By Jean-François Thibeault

In this blog post, we’re diving into how our customers use Polarion and our cloud-based service, Polarion X, to streamline their software development process across all industries.

Polarion Overview

Many of our customers use Polarion as a key tool to manage their software development processes. What we have seen is that they are aiming to achieve these key objectives:

  • Maximize Collaboration within their teams
  • Ensure complete traceability of all created assets
  • Define and enforce effective business workflows for maximizing productivity
  • Reuse more and often for developing software as quickly as possible

To meet these goals, they need a robust tool that serves both as a central hub for collaboration and a reliable source of truth for all software-related activities linking various information assets to make informed decisions.

User Needs, Product and System Requirements

Embarking on the software orchestration journey, one begins at a higher level, collecting and identifying Customer or User Needs, Product Requirements, or System Requirements. These elements often originate from various sources, including Requests for Proposals (RFPs), detailed customer specifications, marketing organisations, Original Equipment Manufacturers (OEMs), modeling tools, or from another tool such as a Product Lifecycle Management (PLM) solution like Siemens Teamcenter. The versatility of Polarion is showcased in its ability to either import or seamlessly manage these requirements in all sorts of different sizes and fits, to accommodate the unique working styles, industry standards and processes of different customers. This capability is crucial, as it enables Polarion to serve as the cornerstone for all subsequent software development, providing a clear source and purpose for each line of code that is written.

System Requirements and Teamcenter
Requirements can take different forms and come from different sources

Software Requirements Definition

In Polarion, the process of managing software orchestration begins when we start defining software requirements based on higher-level requirements that could be closely linked to portfolio management strategies. This stage may also involve addressing potential risks identified through Hazard Analysis and Risk Assessment (HARA) and Threat Analysis and Risk Assessment (TARA). At this point, software requirements are typically compiled as detailed textual specifications, or they may be outlined in the form of epics and user stories. To enhance clarity and precision, these requirements can further be elaborated using models from tools like Rhapsody and Simulink.

Example of Polarion integrated with Matlab Simulink

Software Requirements Implementation with CI/CD and DevSecOps

In today’s dynamic software development landscape, companies widely adopt Agile methodologies, focusing on Epics and User Stories in short, iterative sprints that could also be part of a greater release train. Polarion is instrumental in this context, aiding software teams to efficiently assign, plan, and monitor the progress of these stories. For those using Jira or Azure DevOps instead to manage their Agile processes, you can integrate them with Polarion to ensure that every aspect of your software implementation is connected to the bigger picture. Developers contribute by coding and creating unit tests in their Integrated Development Environment (IDE).

Polarion Kanban
Example of Sprint planning for software teams

Incorporating the principles of DevSecOps, security is integrated into every stage of the development process. As developers commit code to repositories like GitHub or GitLab, it is not only linked back to User Stories in Polarion for traceability and status updates but also undergoes rigorous security checks. This integration ensures that security considerations are not an afterthought but a continuous part of the development lifecycle.

Furthermore, Continuous Integration/Continuous Deployment (CI/CD) pipelines are automatically triggered, where both functional and security tests are conducted. The results, including any security vulnerabilities, are reported back to Polarion. Failed tests, automatically generate Issues in Polarion for further investigation and resolution.

Example of how Polarion can be integrated with CI/CD

Software Workflows

Polarion workflows streamline the software implementation process, leading up to the CI/CD pipeline execution. They provide a structured, consistent approach to building software. Here’s how it works:

When a User Story in Polarion is marked ‘In Progress’, it automatically creates a new branch in GitLab. Developers use this branch to write code for that User Story. After coding, they commit their changes, which kicks off a series of automated actions. Jenkins takes over to build the code and run automated tests. At the same time, a Merge Request is created in GitLab.

If the automated tests are successful, the Merge Request is approved, and the branch gets merged into the main branch. This merge triggers an update back to Polarion, indicating whether the merge was successful. This entire process ensures that each step in software development is clear, repeatable, and efficient.

Software Workflow
Example of a software workflow with GitLab

Software Requirements Verification and Simulation

Automated tests play a crucial role in ensuring software quality. As these tests run through the CI/CD pipelines, their results are seamlessly integrated into Polarion. Here, on the Test Dashboards, Quality Engineers can easily monitor the outcomes. They can quickly spot any test failures, gaining a clear understanding of what went wrong. Additionally, they are a great tool to confirm that all software components have been thoroughly tested and verified. This immediate feedback is essential for maintaining high standards in software development.

A test dashboard showing progress of testing

Defect and Vulnerability Resolution

Software inevitably encounters defects or vulnerabilities over time. These issues are tracked in Polarion to ensure complete transparency. The QA and support teams log defects, while vulnerabilities are directly imported from vulnerability scanning solutions like Sigrid from SiG. Within Polarion, these items are then prioritized for resolution in upcoming software releases. The assessment process involves measuring defects based on their business impact and evaluating vulnerabilities through their CVSS scores. Additionally, using the TARA (Threat Analysis and Risk Assessment) analysis that were created during the design phase, the exploitability of a specific vulnerability in the software can be determined. This strategic approach aids software teams in effectively concentrating their efforts and resources on the most critical issues.

Issues and Vulnerabilities

Dashboards and Visualization

Polarion makes it easy to check that every requirement is being met during both the implementation and verification stages, thanks to its traceability matrices and test reports. Whether it is the traceability from source code to user stories to test results, or from from test results to test cases to requirements, Polarion becomes your go-to resource for all regulatory compliance and quality needs. Its strong visualization tools let customer create their own dashboards using widgets that show ongoing processes. This is great for people who aren’t part of the everyday workflow, as it helps them quickly understand what’s happening and how things are progressing. Even if you’re not deeply involved in the day-to-day details, Polarion offers a clear view of the current software’s development state.

Traceability can be showed in many different ways in Polarion

Change and Reuse

When your software is released and you need to make changes or reuse certain components, you can easily do so by revisiting your release artifacts. Here, you’ll find the specific requirements that need updating or repurposing. Next, through a process called impact analysis, you’ll identify all the related software artifacts connected to these requirements. These identified components can then be branched out. You can work on these updates within this branch, ensuring a seamless integration either into a new software version or into a completely new software project.

Key Takeaway

The essence of this blog post is to highlight Polarion’s distinct role in harmonizing software development within the broader scope of system engineering. It’s not just about software; it’s about integrating it into the larger engineering picture allowing various teams to follow different methodologies and stay in sync. All these unique features enable Polarion to drive lifecycle of Software Defined Products (Software Defined Vehicles, Software Defined Planes, etc.) and App-based software architectures in context of the next-gen product designs.

Experience Polarion for Yourself Today

Ready to explore Polarion? We invite you to start your journey today by accessing our Polarion Test Drives. It’s equipped with an intuitive in-app tutorial to guide you every step of the way, to make sure that you are not missing anything.

Leave a Reply

This article first appeared on the Siemens Digital Industries Software blog at