Software Build & Release

Software Build & Release is the dedicated process that runs parallel to the hardware lifecycle for any cyber-physical product — software-defined vehicles, connected medical devices, industrial controllers, robotics, smart consumer goods. It covers source control, branching, automated build & test (CI/CD), software bill of materials (SBOM), version-to-baseline mapping with the EBOM, signed releases, and over-the-air (OTA) update delivery. IEC 62304 prescribes it for medical-device software; ISO/SAE 21434 and UN R155 prescribe it for automotive cybersecurity; the EU Cyber Resilience Act extends similar duties to almost every connected product.

Scope

• Source-control and branching strategy — trunk-based or GitFlow, mainline freezes that match hardware Stop-Ship gates.
• CI/CD pipelines — automated build, static analysis, unit / integration / hardware-in-the-loop test runs.
• SBOM generation and curation — CycloneDX or SPDX manifests of every linked library and licence; mapping each SBOM line to the linked ECO / EBOM item.
• Release candidate / signed-release flow — code-signing, attestation, version-to-baseline mapping, immutable-image storage.
• OTA / connected-update delivery — staged rollouts, A/B partitions, fail-safe rollbacks, telemetry-driven health checks.
• Security-patch lifecycle — CVE intake, severity-driven SLAs, customer notification, regulatory reporting under EU CRA / UN R155.

Relationships (see sidebar)

• Realizes Cybersecurity by Design, Innovation Velocity, and Product Quality.
• Conforms to ISO 13485 (when shipping medical-device software, paired with IEC 62304).
• Supported by ALM Traceability, Requirements Traceability, Workflow Engine, and Metadata Management.
• Tightly coupled to Verification & Validation (every build must close its V&V evidence) and Release Management (the SW release is one input to the integrated product release baseline).