Chapter 2 - The Leading Concerns in Automotive Software and Technology Development

General

Of those surveyed, 27% cited quality as their top concern in automotive software development, which is consistent with last year’s report. In the previous year, “our codebase is too complex” was the greatest quality challenge. When re-wording the question to address “managing complexity” of the software this year, we saw a sharp increase from 28% to 53%, still as the top concern. The increase could mean that with the rise of overall complexity, not just in the codebase, teams struggle to keep up with the inclusion of AI, vehicle complexity, fewer experienced engineers, and increased safety requirements.

Building a foundation of data management — with the assistance of a scalable version control tool that can handle the expanding size and complexity of today’s projects, like Perforce P4 — supports the quality of complex software and provides individual permissions that ensure all programmers are working from the same files. Development teams managing software for enterprise DevOps also benefit from static analysis tools like Perforce Klocwork, which scales to projects of any size and integrates with large, complex environments and a wide range of developer tools.

Consistent with the 2025 survey report, the next greatest challenge was “our testing efforts are not exhaustive — and we do not have time to test more.” Still others had difficulty “[enforcing] coding best practices” (19%), similar to last year’s responses. 
 

Respondent Experience Level

Respondents with the least experience were most concerned with managing complexity, while those with more experience felt they had a better handle on the complexity of the code, but found the testing process somewhat lacking.

Region

After managing complexity as the number one concern for the regions represented, other concerns varied by location. Respondents from Europe/UK and Asia-Pacific, for example, viewed testing as a greater challenge; while those in North America, Africa, Oceania, and Latin America cited the enforcement of coding best practices as of higher concern. 

(Note that there were no responses from the Middle East region regarding quality concerns.) 

Organization Type

Unanimously, managing complexity was the top concern for all organization types surveyed, and of those, Tier 3 suppliers had the highest percentage of 86%. This makes sense, as globalization and an increasing concentration of Chinese suppliers brings more complexity in automotive software and embedded systems. 

Automotive Development Focus 

When breaking down the responses for quality by automotive development focus, respondents said that it was difficult to manage the complexity of most systems. 

Chassis and Safety, EV Charging, HEV/EV, and 3D Visualization/Digital Twins/Immersive Design had a higher number of responses for enforcing coding practices, while most other areas were more concerned about insufficient testing. 
 

General

Of those surveyed, 24% cited safety as their top concern in automotive software development, reserving safety over security as the second-most important concern in 2026.

When asked about specific safety concerns, “it is difficult (and time-consuming) to fulfill every ISO 26262 requirement” remained the top issue but continued a downward trend since 2024, decreasing by 4% in 2025 and again by 8% in 2026. More organizations may be more aware of the need to meet compliance with the essential safety-critical automotive standard, ISO 26262, and are finding it easier to do so with the right static analysis, version control, and requirements management tools. 

Furthermore, customer expectations around compliance with a safe coding standard (e.g., MISRA®) remained the second-top concern but decreased significantly from 36% in 2025 to just 17% in 2026, likely for two reasons: 

First, the addition of other safety concerns to the report this year. For example, as traceability is a requirement for ISO 26262, it could be that respondents are identifying “managing traceability” (15%) as a specific roadblock to “fulfilling every ISO 26262 requirement.” Rising concerns around managing traceability could signify an outdated tool stack or inefficient workflows. Many teams inherit legacy tools and code that cannot keep up with modern software design needs, and this is more of a challenge than compliance in 2026, especially as automotive development teams face pressure to innovate. 

Second, MISRA C:2023 and MISRA C++:2023 had been more recently published at the time of last year’s report, and while MISRA C:2025 has been released since then, its changes were minimal compared to previous versions. Organizations with such coding standards requirements have had time to become familiar with the updated versions and use tools like Perforce QAC to ensure compliance. Furthermore, any new projects that were started at the time of the 2026 survey would be applying the latest versions of the MISRA guidelines, depending on the version of the C or C++ programming language used.

Organization Size

Respondents from Small, Large, and Enterprise organizations had the most difficulty “[fulfilling] every ISO 26262 requirement,” but those from Medium-sized companies had more trouble “managing traceability.” 

Medium-sized organizations are in an interesting position: They are large enough to inherit complexity, but not large enough to have mature traceability infrastructures, and traceability is often harder than meeting individual ISO 26262 requirements. Companies of this size also may face tool fragmentation that makes traceability harder, and medium-sized development teams within them may struggle more than others with scaling processes originally designed for smaller organizations. 
 

Region

When examining the collected responses by region, those from North America, Europe/UK, and Asia found it most difficult and time-consuming to “fulfill every ISO 26262 requirement.” Those respondents from the Middle East cited their greatest challenge as “our customers expect us to comply with a safe coding standard.” Respondents from Africa, meanwhile, were evenly divided between several safety challenges. 

(Note that there were no safety concern responses from Oceania and Latin America.) 

Automotive Development Focus

The leading safety concern in many areas of automotive development focus was “[fulfilling] every ISO 26262 requirement.” 

However, “[ensuring] safety across the supply chain” was most challenging for those involved in Dealer Management, and was of greater concern for Supply Chain, HEV/EV, Manufacturing, and 3D Visualization than some of the other safety challenges. 

Customer expectations for compliance was more concerning for Chassis and Safety, Powertrain, EV Charging, Energy Management, AD, LiDAR, and Diagnostic. 

“Managing traceability” was more concerning for ECU/ECM, Access Control and Comfort Systems, HMI/Infotainment Systems, and Instrument Clusters/HVAC/Lighting.

General

22% of those surveyed cited security as their top concern in automotive software development.

Comparing the results year over year, the security concern of "unauthorized access to on-board/off-board systems” returned to its former place as the top concern, increasing by 11% since 2025 and closer to the 2024 percentage of 34%. 

Teams reporting a lack of “skills needed to combat security threats” also returned to 2024 numbers at around 10%. Considering that there was less emphasis this year overall on education and training, development teams likely now have the skills they need in this area.

A notable shift occurred for the second-highest security concern in 2026: Respondents are now struggling more to “enable secure, efficient collaboration across globally distributed teams and/or third-party developers” over “[fulfilling] security requirements” for standards like IEC/ISO 21434. Teams struggling with this challenge should upgrade to scalable tools that offer granular permissions and more secure collaboration with full traceability and reporting.

Region

The responses around security concerns differed by region. Respondents from North America had the most difficulty “[fulfilling] security requirements” while other regions were most concerned with “unauthorized access to on-board/off-board systems.” 

(Note that we did not receive any responses around security concerns from Oceania and Latin America.) 

A new U.S. Executive Order from 2025 that revises cybersecurity priorities may be why North Americans had the most trouble fulfilling security requirements, as there may be some confusion about what those requirements are.

Respondent Experience Level 

Contrary to the overall leading security concern, automotive software professionals with 1-3 years of experience were not concerned with “unauthorized access to on-board/off-board systems”; rather, they had similar difficulties in other areas. While those with less than 1 year of experience could have good security training but may not be as confident in security requirements and collaboration. 
 

Automotive Development Focus

Automotive development focus areas such as Chassis and Safety, Powertrain, EV Charging, Hybrid Electric Control Systems, Energy Management, ADAS, Connected Car and V2X, Diagnostic, and Supply Chain cited a significantly greater concern over “[enabling] secure, efficient collaboration across globally distributed teams” compared to the overall security concern around unauthorized access. 

General

13% of those surveyed cited team productivity as their top concern in automotive software development, a 3% increase from last year’s report. 

“[Managing] design and development assets to ensure alignment across hardware and software teams” (37%) led again this year as the greatest productivity concern, increasing by 5%.

If they have not done so already, automotive software development professionals should consider creating a Software Bill of Materials (SBoM), which is a detailed inventory that lists all software components, modules, libraries, and tools used in the build of a software project. Creating and delivering an SBoM with the product improves alignment between hardware and software teams, allowing both teams to see when a change is made, understand its dependencies, and make their own changes as needed—as well as make changes earlier in the development process, avoid breaks in the hardware or software processes, and reduce rework. Many automotive semiconductor design teams already using tools like Perforce IPLM to manage the lifecycle of their IP and provide traceability into IP usage, for example, are now adopting the same tool for their software projects, especially as the Perforce IPLM solution includes automatic creation and management of the SBoM for these software projects. 

The new addition in the 2026 of “we are concerned we are not achieving innovation speed/dev acceleration” was raised as the close second concern for automotive developers at 35%. Although noted later in the report that many teams are shifting left to try to detect issues and vulnerabilities as early as possible in the development lifecycle, accelerating development and freeing up developers to innovate is still a challenge for many organizations. Static analysis tools like Perforce QAC and Perforce Klocwork, enhanced with features such as differential analysis and now AI-assisted code remediation, help to automate DevOps and get automotive software teams to market faster. Scalable data and asset management tools like Perforce P4 and P4 DAM allow teams to manage large binary assets and codebases with full traceability to speed compliance without slowing development.

Team Size

While “[managing] design and development assets to ensure alignment across hardware and software teams” led overall, larger teams composed of over 100 people were most concerned with “not achieving innovation speed/dev acceleration.” With so many people and resources in their teams, those with larger teams may be wondering why they aren’t achieving the speed they need to deliver the product on time. Larger teams would benefit from enterprise static analysis tools — like Perforce Klocwork— that are built for scale and capable of scanning massive, complex codebases.

General

Testing was the leading concern in automotive software development for 8% of those surveyed, remaining consistent over the past few years. 

Struggling to test efficiently remained the top testing concern by far, growing by 11% since 2025. Those who find bugs too late in their code also increased by 2% this year. 

Efficient testing starts with shift-left development, finding and fixing coding errors as early as practical in the software development lifecycle. Making use of tools that build in quality and security from the start help teams test and ship faster, reducing errors and time spent fixing costly bugs later.

Organization Size

Small- and Medium-sized organizations had the most difficulty testing efficiently. While Large organizations still struggled with this, they had almost equal difficulty in documenting their testing efforts for compliance. Enterprise organizations, meanwhile, are not testing early enough in development, so they are finding bugs too late. By using the right static analysis tool, organizations would be better equipped to shift testing to the left of the linear development cycle and to automatically document testing efforts.