bannerd

A. Introduction

B. Institutional Requirements

C. Project Software Requirements

D. Topics

E. Tools, References, and Terms

F. SPAN
(NASA Only)

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Current »

UNDER CONSTRUCTION


Notes in this template provide guidance to authors on how the section if to be completed. Once the section is populated, the Note may be deleted. Notes are not intended to be left in the completed page. 

Software Assurance Planning

1. Introduction

Typically starts with a definition of the activity. Additional descriptive material is meant to help define the activity but not be so detailed that it pulls in all of the guidance from the SWEs in the activity. 

Planning of Software Assurance activities in a Software Development Project are done in a collaborative fashion along with the Software Development team.


Inputs, Outputs, and Predecessor Activities

Activity graphical representation of Inputs, Outputs, Predecessor and Successor Activities as appropriate. Not meant to be exhaustive, but representative of a typical project. 

 1.1 Inputs

List of some of the inputs from other activities that are necessary for the activity to begin. 

Examples: 

  • Planning - Peer Reviews are planned activities. They appear in the plans and schedules for the project
  • Requirements - These are the things that are Peer Reviewed
  • Test Plans and Procedures - These are the things that are Peer Reviewed

1.2 Predecessor Activities

List of some of the other activities that must be started (not necessarily completed) so that this activity may begin. 

Examples: 

Predecessor Activities are performed before Peer Reviews. These activities produce the work products that will be reviewed. 

  • Life Cycle Planning - plans, schedules, estimates, etc.

1.3 Outputs

List of some of the outputs or work products of the activity. These are typically used as inputs by the downstream activity. In some cases there is a supporting SWE associated with the work product. 

Examples: 

The activities that initiated the Peer Review, receive the findings from Peer Reviews, Those activities then use those findings to to fix defects and implement improvements uncovered in the reviews. 

Output Work ProductUsed by Downstream Activity
  • SA Plan
  • SA Auditing
  • SA SW Requirements Analysis
  • SA SW Source Code Analysis
  • SA SW Testing Analysis
  • SA Reporting
  • SA Design Analysis
  • SA Safety and Hazard Anaysis

1.4 Successor Activities

Links to Activities which might be started or supported by this activity. 

  • SA Auditing
  • SA SW Requirements Analysis
  • SA SW Source Code Analysis
  • SA SW Testing Analysis
  • SA Reporting
  • SA Design Analysis
  • SA Safety and Hazard Anaysis

1.5 Activity Repetition

Describe what conditions determine if the activity needs to be repeated, such as re-planning after a change in requirements or schedule constraints. 

  • How much of the activity needs to be repeated
  • Frequency of repetition

This activity is done in the early stages of a Software Project. Other work may be started before the planning is actually completed. 

During the life of the project there may be multiple times when significant changes to things like requirements, budget, schedule, technology, which make re-planning necessary. Re-planning is covers the same areas of the original planning to make sure that all changes are accounted for in the new plans. Re-planning is done as often as necessary to keep the project under control. 

1.6 Center Resources From SPAN

Add links to SPAN activity pages that are appropriate for this activity. Use links from the Activity section of the front page. SPAN

Several Centers Process Asset Libraries have materials related to this activity. Related Processes, templates, and other resources may be found in the following Activities in SPAN (available to NASA only). 


2. Defining the Activity

This tab contains the links to pages in the SWEHB or excerpts from the NASA-STD-8739.8B that are at the heart of the activity. 

2.1 SWEs

This section contains the links to SWE pages that form the heart of the activity. In the case of Software Assurance, copy in the task table from each of the tab 7.1 from appropriate SWEs. 

Link to the SWE goes here

  • Excerpt include for the SWE goes here (Remove Surrounding Panel)
SWERequirementSA Tasks

SWE-033 - Acquisition vs. Development Assessment

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-033 - Acquisition vs. Development Assessment'.

1. Confirm that the options for software acquisition versus development have been evaluated.

2. Confirm the flow down of applicable software engineering, software assurance, and software safety requirements on all acquisition activities. (NPR 7150.2 and NASA-STD-8739.8).

3. Assess any risks with acquisition versus development decision(s).

SWE-013 - Software Plans

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-013 - Software Plans'.

1. Confirm that all plans, including security plans, are in place and have expected content for the life cycle events, with proper tailoring for the classification of the software.

2. Develop and maintain a Software Assurance Plan following the content defined in NASA-HDBK-2203 for a software assurance plan, including software safety.

SWE-024 - Plan Tracking

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-024 - Plan Tracking'.

1. Assess plans for compliance with NPR 7150.2 requirements, NASA-STD-8739.8, including changes to commitments.

2. Confirm that closure of corrective actions associated with the performance of software activities against the software plans, including closure rationale.

3. Confirm changes to commitments are recorded and managed.

SWE-034 - Acceptance Criteria

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-034 - Acceptance Criteria'.

1. Confirm software acceptance criteria are defined and assess the criteria based on guidance in the NASA Software Engineering Handbook, NASA-HDBK-2203.

SWE-036 - Software Process Determination

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-036 - Software Process Determination'.

1. Confirm the following are approved, implemented, and updated per requirements:
     a. Software processes, including software assurance,
         software safety, and IV&V processes,
     b. Software documentation plans,
     c. List of developed electronic products, deliverables, and
     d. List of tasks required or needed for the project’s
         software development.

2. Confirm that any required government actions are established and performed upon receipt of deliverables (e.g., approvals, reviews).

SWE-037 - Software Milestones

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-037 - Software Milestones'.

1. Confirm that milestones for reviewing and auditing software developer progress are defined and documented.

2. Participate in project milestones reviews.

SWE-039 - Software Supplier Insight

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-039 - Software Supplier Insight'.

1. Confirm that software developer(s) periodically report status and provide insight to the project manager.

2. Monitor product integration.

3. Analyze the verification activities to ensure adequacy.

4. Assess trade studies, source data, software reviews, and technical interchange meetings.

5. Perform audits on software development processes and practices at least once every two years.

6. Develop and provide status reports.

7. Develop and maintain a list of all software assurance review discrepancies, risks, issues, findings, and concerns.

8. Confirm that the project manager provides responses to software assurance and software safety submitted issues, findings, and risks and that the project manager tracks software assurance and software safety issues, findings, and risks to closure.

SWE-040 - Access to Software Products

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-040 - Access to Software Products'.

1. Confirm that software artifacts are available in electronic format to NASA.

SWE-042 - Source Code Electronic Access

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-042 - Source Code Electronic Access'.

1. Confirm that software developers provide NASA with electronic access to the source code generated for the project in a modifiable form.

SWE-139 - Shall Statements

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-139 - Shall Statements'.

1. Assess that the project's software requirements, products, procedures, and processes are compliant with the NPR 7150.2 requirements per the software classification and safety criticality for software.

SWE-121 - Document Tailored Requirements

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-121 - Document Tailored Requirements'.

1. Confirm that any requirement tailoring in the Requirements Mapping Matrix has the required approvals.

2. Develop a tailoring matrix of software assurance and software safety requirements.

SWE-125 - Requirements Compliance Matrix

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-125 - Requirements Compliance Matrix'.

1. Confirm that the project maintains a requirements mapping matrix (matrices) for all requirements in NPR 7150.2.

2. Maintain the requirements mapping matrix (matrices) for requirements in NASA-STD-8739.8.

SWE-027 - Use of Commercial, Government, and Legacy Software

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-027 - Use of Commercial, Government, and Legacy Software'.

1. Confirm that the conditions listed in "a" through "f" are complete for any COTS, GOTS, MOTS, OSS, or reused software that is acquired or used.

SWE-151 - Cost Estimate Conditions

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-151 - Cost Estimate Conditions'.

1. Assess the project's software cost estimate(s) to determine if the stated criteria listed in "a" through "f" are satisfied.

SWE-016 - Software Schedule

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-016 - Software Schedule'.

2. Develop a software assurance schedule, including software assurance products, audits, reporting, and reviews.

SWE-046 - Supplier Software Schedule

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-046 - Supplier Software Schedule'.

1. Confirm the project's schedules, including the software assurance’s/software safety’s schedules, are updated.

SWE-020 - Software Classification

Error rendering macro 'excerpt-include'

No link could be created for 'SWE-020 - Software Classification'.

1. Perform a software classification or concur with the engineering software classification of software per the descriptions in NPR 7150.2.

2.2 Topics and other Supporting Materials

This section is for SWEHB pages, other than SWEs, that directly support the activity. This section contains Topics, document content pages, PATs, and other pages. 

  • Software Assurance Plan

    • Error rendering macro 'excerpt-include'

      No link could be created for 'Software Assurance Plan'.

2.3 Other Associated SWEs, Topics, etc.

Includes other SWEHB pages that are indirectly associated with the activity. May include SWEs, Topics, document definition pages, PATs, etc. They may have been mentioned in the guidance of another page. 

  • Include page for the PAT page goes here


  • No labels

0 Comments

Page Editor: Tim Crumbley
NASA Official: Tim Crumbley
Accessibility
NASA Software Engineering Handbook - A service of the NASA Office of the Chief Engineer
NASA Privacy Statement
______________________________________________________________________________