See edit history of this section
Post feedback on this section
Entrance and Exit Criteria
Background
This guidance provides the maximum set of life cycle review entrance and exit criteria for software projects and should be tailored for the project class.
This guidance is a summarized collection of material from the following core documents: NPR 7123.1, Appendix G 082-T73; NPR 7120.5 082; and Center Procedures.
This guidance includes three types of information for each review:
- Entrance criteria - Activities and products that are to be completed before the review can begin.
- Materials for the Review - Items to be reviewed during review and used to confirm exit criteria; this information is typically available a couple of weeks prior to the review.
- Exit criteria – Decisions and actions to be completed before the review is considered complete.
This guidance is focused on the responsibilities of the software engineering community throughout the project life cycle reviews. Therefore, the guidance includes reviews and products which are the primary responsibility of the software engineering community as well as software engineering community contributions to system activities and products, such as the Project Plan.
Note that different mission types (e.g., robotic vs. human) can have different life cycles and, therefore, different sets of life cycle reviews which apply.
This material considers a software project to be a system of systems as well as a single subsystem within the larger project. "System of systems" refers to a software project that includes software subsystems that perform functions allocated to them. Just as a project allocates requirements to hardware, software, external components, etc., software projects allocate software requirements to software subsystems.
This material has been reviewed by the Software Working Group and the Office of the Chief Engineer.
Source of Content
Including the resources in the list below, information was pulled and consolidated based on repetition between Center Process Asset Libraries (PALs) and documents (Ames Research Center (ARC), Jet Propulsion Laboratory (JPL), Goddard Space Flight Center (GSFC), Marshall Space Flight Center (MSFC), Stennis Space Center (SSC)).
- (SWEREF-041) NPR 7123.1D, Office of the Chief Engineer, Effective Date: July 05, 2023, Expiration Date: July 05, 2028
- (SWEREF-082) NPR 7120.5F, Office of the Chief Engineer, Effective Date: August 03, 2021, Expiration Date: August 03, 2026,
- (SWEREF-083) NPR 7150.2D, Effective Date: March 08, 2022, Expiration Date: March 08, 2027 https://nodis3.gsfc.nasa.gov/displayDir.cfm?t=NPR&c=7150&s=2D Contains link to full text copy in PDF format. Search for "SWEREF-083" for links to old NPR7150.2 copies.
- (SWEREF-172) Defense Acquisition University, Production Date:16-September-2013. Retrieved from https://at.dod.mil/sites/default/files/documents/DefenseAcquisitionGuidebook.pdf.
- (SWEREF-197) Software Processes Across NASA (SPAN) web site in NEN SPAN is a compendium of Processes, Procedures, Job Aids, Examples and other recommended best practices.
- (SWEREF-278) NASA-STD-8739.8B , NASA TECHNICAL STANDARD, Approved 2022-09-08 Superseding "NASA-STD-8739.8A,
Mission Concept Review (MCR)
The MCR affirms the mission need and examines the proposed mission's objectives and the concept for meeting those objectives. Key technologies are identified and assessed. It is an internal review that usually occurs at the cognizant system development organization. Rough Order of Magnitude (ROM) budget and schedules are presented. (NPR 7120.5 082)
Jump to: Entrance Criteria | Items Reviewed | Exit/Success Criteria
MCR Entrance Criteria
- Need for mission is clearly identified.
- Concept of operations available.
- Preliminary risk assessment available, including technologies and associated risk management/mitigation strategies and options.
- Conceptual test and evaluation strategy available.
- A Mission Concept Review (MCR) agenda, success criteria, and charge to the board have been agreed to by the technical team, project manager, and review chair.
- Preliminary technical plans available to achieve next phase.
- Conceptual life cycle available.
- Top level set of requirements are identified to meet the mission objectives.
- The mission is feasible.
- A solution has been identified that is technically feasible.
- A rough cost estimate is within an acceptable cost range.
- Draft cost and schedule estimates are available.
- As developed by software (SW) developers and SW assurance personnel.
- A technical search was done to identify existing assets/products that could satisfy the mission or parts of the mission
- Software inputs/contributions provided for:
- Preliminary Project Plan.
- Preliminary Systems Engineering Management Plan (SEMP).
- Development and analysis of alternative concepts (showing at least one feasible).
MCR Items Reviewed
- Mission goals and objectives.
- Analysis of alternative concepts.
- Preliminary development approaches and acquisition plans.
- Concept of operations.
- Risk assessments.
- Conceptual test and evaluation strategy.
- Technical plans to achieve next phase.
- Conceptual life cycle.
- Preliminary requirements.
- Draft cost and schedule estimates.
- Conceptual system design.
MCR Exit/Success Criteria
- Review panel agrees that:
- Technical planning is sufficient to proceed to next phase.
- Risk and mitigation strategies have been identified and are acceptable based on technical risk assessments.
- Cost and schedule estimates are credible.
- Mission goals and objectives are clearly defined and stated, unambiguous, and internally consistent.
- Conceptual system design meets mission requirements, and the various system elements are compatible.
- Technology dependencies are understood, and alternative strategies for achievement of requirements are understood.
- As applicable, agreement is reached that:
- Objectives are clearly understood and comprehensively defined.
- Preliminary mission requirements are traceable to science objectives.
- Operations concept clearly supports achievement of science objectives.
System Requirements Review (SRR)
The SRR examines the functional and performance requirements defined for the system and the preliminary Program or Project Plan and ensures that the requirements and the selected concept will satisfy the mission. (NPR 7120.5 082)
- If not performing a Software Requirements Review (SwRR), include SwRR criteria as part of SRR.
- For software-only projects, the SwRR serves as the SRR.
Jump to: Entrance Criteria | Items Reviewed | Exit/Success Criteria
SRR Entrance Criteria
- Successful completion of Mission Concept Review (MCR) and responses made to all MCR Requests for Actions (RFAs), Review Item Discrepancies (RIDs).
- A preliminary SRR agenda, success criteria, and charge to the board have been agreed to by the technical team, project manager, and review chair.
- Technical products required for this review made available to participants prior to SRR.
- System requirements captured in format for review.
- System requirements allocated to next lower level system (subsystems) – preliminary allocation completed.
- System level software functionality description completed.
- System level interface requirements for software documented.
- Updated concept of operations available.
- Updated mission requirements available, if applicable.
- Preliminary Hazards Analysis (PHA) available.
- Software inputs/contributions completed for:
- Baselined Systems Engineering Management Plan (SEMP).
- Preliminary Project Plan.
- System safety and mission assurance plan, including software classification.
- Risk management plan.
- Updated risk assessment and mitigations (including Probabilistic Risk Assessment (PRA) as applicable).
- Technology Development Maturity Assessment Plan.
- Logistics documentation (e.g., preliminary maintenance plan).
- Preliminary human rating plan, if applicable.
- Initial document tree.
- Lessons Learned
- Review of existing Lessons Learned (LL) from previous projects completed.
- LL captured from software areas of the project (indicate the problem or success that generated the LL, what the LL was, and its applicability to future projects).
- Confirmation exists that LL added to LL database.
SRR Items Reviewed
- System-level requirements and preliminary allocation to next lower level-system (subsystems).
- System-level software functionality description.
- System-level interface requirements for software.
- Concept of operations.
- Mission requirements.
- Preliminary Hazard Analysis (PHA).
- Preliminary approach for how requirements will be verified and validated down to the subsystem level.
- Risk and mitigation strategies.
- Acquisition strategy.
SRR Exit/Success Criteria
- Review panel agrees that:
- Process for allocation and control of requirements throughout all levels is deemed sound; plan is defined to complete the definition activity within schedule constraints.
- Requirements definition is complete with respect to top-level mission and science requirements; interfaces with external entities and between major internal elements are defined.
- Preliminary allocation of system requirements to hardware, human, and software subsystems is defined.
- Requirements allocation and flow down of key driving requirements are defined down to subsystems.
- Preliminary approaches have been determined for how requirements will be verified and validated down to the subsystem level.
- Major risks have been identified and technically assessed, and viable mitigation strategies defined.
- Requirements and selected concept of operations will satisfy the mission.
- System requirements, approved material solution, available product/process technology, and program resources are sufficient to proceed to the next life cycle phase.
Software Requirements Review (SwRR)
See definition of SRR.
- If not performing a Software Requirements Review (SwRR), include SwRR criteria as part of SRR.
- For software-only projects, the SwRR serves as the SRR.
Jump to: Entrance Criteria - General | Entrance Criteria - Plans | Entrance Criteria - Requirements | Entrance Criteria - Design | Entrance Criteria - Analysis | Items Reviewed | Exit/Success Criteria
SwRR Entrance Criteria - General
- Successful completion of the previous review (typically System Definition Review (SDR)) and responses made to all Requests for Actions (RFAs) and Review Item Discrepancies (RIDs).
- A final Software Requirements Review (SwRR) agenda, success criteria, and charge to the board have been agreed to by the technical team, project manager, and review chair.
- Technical products for this review made available to participants prior to SwRR.
- Peer reviews completed: Software Management Plan (SMP), software requirements, verification and validation (V&V) planning.
- Preliminary concept of operations available for review.
SwRR Entrance Criteria - Plans
- Preliminary Software Development Plan (SDP)/Software Management Plan (SMP) updated for corresponding architectural design and test development activities
- Preliminary approach and acquisition strategy.
- Preliminary identification of personnel (quantity; assignment duration; required skills) or reference to document with this information.
- Organizational responsibilities and interfaces.
- Preliminary schedules exist for all software to be developed including dependencies with other disciplines within the project.
- Preliminary cost estimate.
- Milestones defined/revised.
- Processes and metrics defined for program success.
- Management methods and controls for design and development identified.
- Programming languages (if known), security requirements, operational and support concepts identified
- Training for project personnel identified.
- Preliminary Software Quality Assurance Plan (SQAP) exists.
- Preliminary Software Safety Plan exists (if have safety-critical software).
- Preliminary software verification and validation (V&V) planning, including qualification requirements:
- Overall software verification strategy.
- Software development and test environments, including processors, operating systems, communications equipment, simulators and their fidelity.
- Test facilities, needs and capabilities.
- Methodology for verifying the flowed down system requirements and acceptance criteria.
- Test tool requirements and development plans.
- Risk management plan updated.
- Risks that may impact cost, schedule and technical goals completed.
- Preliminary configuration management plan is available addressing:
- Configuration identification, change control, status accounting, and configuration audits.
- Independent Verification and Validation (IV&V) plan available and IV&V assessment of software requirements, if reviewed
SwRR Entrance Criteria - Requirements
- Preliminary allocation of system requirements to software available
- Preliminary software requirements (SRS)
- Complete for preliminary concept.
- Requirements are consistent, feasible, testable, and traceable.
- Test, delivery, and quality requirements identified and understandable.
- Functional requirements.
- High-level requirements defined for each functional area.
- Block diagram exists for the major software components in each functional area, their interfaces and data flows
- Relevant software operational modes defined (e.g., nominal, critical, contingency).
- Critical and/or controversial requirements identified, including safety-critical requirements, open issues, and areas of concern.
- Requirements identified that need clarification or additional information.
- Performance requirements.
- Performance requirements for the software identified.
- Description exists of critical timing relationships and constraints.
- Software requirements and interface requirements have been analyzed and specified.
- Quality assurance assessment of the requirements completed and ready for review.
- Bidirectional traceability matrix.
- Requirements traced to higher-level requirements.
- Includes identification of verification methodology (e.g., test, demonstration, analysis, inspection).
SwRR Entrance Criteria - Design
- Preliminary high-level software architecture defined.
- Report of current computer resource estimates and margins (memory, bus, throughput) available for review.
- Design constraints documented.
- Design drivers exist:
- Explanation of design drivers and preliminary investigations made during the requirements process to determine reasonableness of the requirements, including preliminary decisions regarding software architecture, operating systems, reuse of existing software, and selection of commercial-off-the-shelf (COTS) components.
- Resource goals and preliminary sizing estimates (including timing and database storage) in the context of available hardware allocations; strategies for measuring and tracking resource utilization.
- Initial Build Plan.
- Review completed for technical and economic feasibility of allocation of functions at the (sub)system level to hardware, firmware, and software.
- Software Interface Specifications (SISs - requirements portion) exist.
- Software-related trade-off and design decisions completed and reviewed or preliminary results available, as applicable, for:
- Inherited capabilities.
- New technologies.
- Programming language selection.
- Sizing and timing budget.
- Design methods and tool selection.
- Programming standards and conventions.
- Database conceptual design.
SwRR Entrance Criteria - Analysis
- Preliminary Hazard Analysis (PHA)/Software Assurance Classification Report (SACR), Software Safety Litmus Test available for review.
- Make-buy decisions available and supported by analysis, if they exist.
- Software-related analyses completed or preliminary results available, as applicable:
- Functional analyses.
- Testability.
- Operability.
- Failure modes and effects analyses.
- Reliability engineering.
- Systems safety and hazards.
- Life cycle costs.
- Security.
SwRR Items Reviewed
- Concept of operations.
- Requirements.
- Preliminary system requirements allocation to software.
- Software requirements (SRS).
- Functional requirements.
- Performance requirements.
- Software interface requirements
- Risk management plan.
- Preliminary software verification and validation (V&V) planning.
- Software quality assurance (QA) plan.
- Preliminary Hazards Analysis (PHA), software classification, litmus test results.
- Design: constraints, strategy, trade-off decisions.
- Results of technical and economic feasibility review and associated analyses.
- Bidirectional traceability matrix.
- Independent verification and validation (IV&V) plan and assessment of software requirements.
- QA assessment of requirements.
- Computer resource estimates and margins.
- Configuration management (CM) plan.
- Software Development Plan (SDP)/Software Management Plan (SMP).
- Software concept of operations.
- Peer review results.
SwRR Exit/Success Criteria
- Review panel agrees that plans and requirements are satisfactory and ready to proceed to the design phase:
- Software requirements determined to be clear, complete, consistent, feasible, traceable, testable.
- Software Management Plan (SMP), software requirements, interface requirements, verification and validation (V&V) planning is adequate and feasible basis for architectural design activities and are approved, baselined, and placed under configuration management (CM).
- Requirements and performance requirements defined, testable, and consistent with cost, schedule, risk, technology readiness, and other constraints.
- System requirements, approved material solution, available product/process technology, and program resources form a satisfactory basis for proceeding into the development phase.
- Milestones are verifiable and achievable.
- Initial computer resource estimate are within margin limits; if not, plans for control of resource margins is deemed adequate to meet margins by preliminary design reveiw (PDR).
- All Software Requirements Review (SwRR) Review Item Discrepancies (RIDs) and actions are documented with resolution plans and authorization received to proceed to software architecture design.
Mission Definition Review (MDR)
The MDR (or SDR) examines the proposed requirements, the mission/system architecture, and the flow down to all functional elements of the system. (NPR 7120.5 082)
- MDR is equivalent to SDR for robotic projects.
Jump to: Entrance Criteria | Items Reviewed | Exit/Success Criteria
MDR Entrance Criteria
- Successful completion of the previous review (typically SRR) and responses made to all Requests for Actions (RFAs) and Review Item Discrepancies (RIDs)
- Final agenda, success criteria, and charge to the board have been agreed to by the technical team, project manager, and review chair
- Technical products for this review made available to participants prior to MDR
- System requirements document updated, if applicable
- Concept of operations updated, if applicable
- Mission requirements, goals, and objectives updated, if applicable
- Preliminary Software Development/Management Plan (SDP/SMP)
- Updated risk management plan, if applicable
- Updated risk assessment and mitigations (including Probabilistic Risk Assessment (PRA), as applicable)
- Updated project software classification(s)
- Cost and schedule data updated
- Preferred system solution definition exists, including major trades and options
- Logistics documentation exists (e.g., preliminary maintenance plan)
- Preliminary configuration management plan available for review
- Preliminary system safety analysis available
- System requirements traced to mission goals and objectives and to concept of operations
- Project software cost estimate exists and project has the ability to track software-related costs and assess those costs
- Preliminary Human Rating Plan exists, if applicable
- Software inputs / contributions completed for:
- Systems Engineering Management Plan (SEMP), if applicable
- Project Plan
- System safety and mission assurance plan
- Technology Development Maturity Assessment Plan
- Updated initial document tree, if applicable
MDR Items Reviewed
- System documentation, as applicable
- Architecture
- Updated system requirements document
- System level software functionality description
- System requirements traceability and preliminary allocation to software
- Preliminary system safety analysis
- Preferred system solution definition
- Mission requirements, goals, objectives, if applicable
- Concept of operations, if applicable
- SDP/SMP
- CM plan
- Acquisition strategy/plans
- Cost and schedule data
- Logistics documentation (e.g., preliminary maintenance plan)
- Initial document tree, if applicable
- Preliminary Human Rating Plan
MDR Exit/Success Criteria
- Review panel agrees that:
- Overall concept is reasonable, feasible, complete, responsive to the mission requirements, and is consistent with system requirements and available resources (cost, schedule, mass, and power)
- Software design approaches and operational concepts exist and are consistent with the requirements set
- Requirements, design approaches, and conceptual design will fulfill the mission needs within the estimated costs
- Major risks have been identified and technically assessed, and viable mitigation strategies have been defined
- System level requirements are clearly and logically allocated to software
System Definition Review (SDR)
The MDR (or SDR) examines the proposed requirements, the mission/system architecture, and the flow down to all functional elements of the system. (NPR 7120.5 082)
- MDR is equivalent to SDR for robotic projects.
Jump to: Entrance Criteria | Items Reviewed | Exit/Success Criteria
SDR Entrance Criteria
- Successful completion of the previous review (typically SRR) and responses made to all Requests for Actions (RFAs) and Review Item Discrepancies (RIDs)
- Final agenda, success criteria, and charge to the board have been agreed to by the technical team, project manager, and review chair
- Technical products for this review made available to participants prior to SDR
- Preferred software solution defined including major tradeoffs and options
- Baselined documentation updated, as required
- Preliminary functional baseline (with supporting trade-off analyses and data) available
- Preliminary system software functional requirements available
- As applicable, risk management plan updated (could be part of SDP/SMP)
- Updated software risk assessment and mitigations (including Probabilistic Risk Assessment (PRA), as applicable)
- As applicable, SDP/SMP updated
- Updated technology development, maturity, and assessment plan
- Updated cost and schedule data
- Work Breakdown Structure
- Preliminary software safety analysis available for review
- Project software data dictionary available
- Preliminary project software assurance plan available
- As applicable, updated project software maintenance plan available
- Software inputs / contributions completed for:
- Systems Engineering Management Plan (SEMP) changes, if any
- Based on system complexity, updated human rating plan
- Flow down of system requirements to all software functional elements of the system
- Requirements process
- Technical approach
SDR Items Reviewed
- System architecture, including software
- Preferred software solution with tradeoffs and options
- Preliminary functional baseline
- Preliminary system software functional requirements
- Risk management plan, as applicable
- SDP/SMP, as applicable
- Preliminary software verification and validation (V&V) planning, as applicable
- Software requirements documents
- Interface requirements documents, including SW
- Technical resource utilization estimates and margins
- Software safety analysis
- Software data dictionary
- Software configuration management (CM) plan
- Software quality assurance (QA) plan
SDR Exit/Success Criteria
- Review panel agrees that:
- Software requirements, including mission success criteria and any sponsor-imposed constraints, are defined and form the basis for the proposed conceptual design
- System level requirements are flowed down to software
- All software technical requirements are allocated and flow down to subsystems is adequate; they are verifiable, and traceable to their corresponding system level requirement; requirements, design approaches, and conceptual design will fulfill the mission needs consistent with the available resources (cost, schedule, throughput, and sizing)
- Technical plans have been updated, as necessary, including risk management plan, SDP/SMP, V&V planning, software maintenance plan, QA plan, CM plan
- Tradeoffs are completed, and those planned for Phase B adequately address the option space
- Adequate planning exists for the development of any enabling new technology
- Significant development, mission, and safety risks are identified and technically assessed, and a process and resources exist to manage the risks
- Operations concept is consistent with proposed design concept(s) and in alignment with the mission requirements
- Requisite level of detail and resources are available to support the acquisition and development plan within existing constraints
- All of these software subsystem requirements are traceable to either mission objectives, concept of operations, or interface requirements
- Monitoring processes/practices are in place to create software subsystem within planned technical, schedule, cost, effort, and quality capabilities
- Preliminary verification approaches are agreed upon
Preliminary Design Review (PDR)
The PDR demonstrates that the preliminary design meets all system requirements with acceptable risk and within the cost and schedule constraints and establishes the basis for proceeding with detailed design. It shows that the correct design option has been selected, interfaces have been identified, and verification methods have been described. Full baseline cost and schedules, as well as risk assessments, management systems, and metrics are presented. (NPR 7120.5 082)
Jump to: Entrance Criteria - General | Entrance Criteria - Plans | Entrance Criteria - Requirements | Entrance Criteria - Design | Entrance Criteria - Analysis | Items Reviewed | Exit/Success Criteria
Entrance Criteria - General
- Successful completion of the SDR or MDR and responses made to all SDR or MDR Requests for Actions (RFAs) and Review Item Discrepancies (RIDs), or a timely closure plan exists for those remaining open
- Final agenda, success criteria, and charge to the board have been agreed to by the technical team, project manager, and review chair
- Technical products for this review made available to participants prior to PDR
- Baselined documentation updated, as required
- Risk assessment and mitigation updated
- Cost and schedule data baselined
- Peer reviews completed: SRS, software architectural design (if identified for SW peer review/inspection in SW development plans), integration test plans
- Lessons Learned
- Review of existing Lessons Learned (LL) from previous projects completed
- Lessons Learned captured from software areas of the project (indicate the problem or success that generated the LL, what the LL was, and its applicability to future projects)
- Confirmation exists that Lessons Learned added to LL database
PDR Entrance Criteria - Plans
- Applicable technical plans (e.g., technical performance measurement plan, payload-to-carrier integration plan, producibility / manufacturability program plan, reliability program plan, baselined quality assurance plan) available
- SDP/SMP baselined
- Work Breakdown Structure
- For the corresponding detailed design activities
- Metrics established and gathered to measure software development progress
- Logistics documentation (e.g., maintenance plan) updated, as required
- Software inputs or contributions completed for:
- Updated Project Plan
- Updated Technology Development Maturity Assessment Plan
- Configuration management plan baselined
- Configuration Control Board established for software (and change control procedures working)
- Configuration management system understood by those who must use it
- Procedures and tools developed for mechanizing management and configuration management plans
- Supplier documentation available for review:
- Software Data Dictionary(s)
- Software Classification(s)
- SDP/SMP [with verification and validation (V&V) separate]
- Software configuration management plan(s)
- Software assurance plan(s)
- Software maintenance plan(s)
- Test tools and facility requirements identified with plans and actions to ensure their availability when needed
- Development environment ready (e.g., hardware diagram, operating system(s), compilers, DBMS, tools)
- Developmental tools and facility requirements identified and plans made and actions taken to ensure their availability when needed
- If relevant, new compiler validated and producing acceptable object code for the target machine
- Tools needed for software implementation completed, qualified, installed and accepted, and team trained in their use
- Facilities for software implementation in place, operating, ready for use
- Library established for storing, controlling and distributing software products; library procedures understood and working
- Independent software quality assurance group formed and contributing as a team member to the design and test activities
PDR Entrance Criteria - Requirements
- Preliminary traceability matrix to Computer Software Configuration Item (CSCI) level exists, including V&V trace
- Safety-critical requirements highlighted
- Requirements allocated to components of the architecture (to CSCI level)
- SRS baselined:
- Software requirements to CSCI level
- Subsystem and lower-level technical requirements
- Requirements for reuse of existing software, reuse analysis
- Performance requirements, including memory, bus, Central Processor Unit (CPU) requirements
- Quality requirements, e.g., reliability, usability, or maintainability requirements
- Safety requirements
- Security requirements
- Derived requirements
PDR Entrance Criteria - Design
- Applicable standards available to the review team
- Preliminary interface control documents available for review
- Technical resource utilization estimates and margins ready for review
- Storage or memory resource allocations developed allocating those resources to each software segment in the architecture
- Solutions, analysis, decision, and rationale documented
- Inherited capabilities identified and compatible with the designs
- Security and supportability requirements factored into the design
- Trade studies completed
- Addressing Commercial Off the Shelf, reuse, etc.
- Trade-off analysis and data supporting design, as required
- Alternative design solutions and selection criteria
- Results of prototyping factored into architectural design
- Preliminary Software Design Document (SDD) created:
- Completed definition of the software architecture and preliminary database design description, as applicable
- External interfaces and end-to-end data flow
- Design drivers (e.g., performance, reliability, usability, hardware considerations)
- Overview of software architecture, including context diagram
- List of subsystems, tasks, or major components – e.g., user interface, database, task management
- Functional allocations, descriptions of major modules, and internal interfaces
- Safety considerations in the design elements and interfaces
- Design verification approach, e.g., prototyping, inspection, peer review
- Architectural design (baselined) verified via operational scenarios to include required functionality, operating modes, and states
- Results available from evaluations of prototype software, if necessary to evaluate design
- Human engineering aspects of design addressed with solutions acceptable to potential users
- SDD and traceability matrix review by test team completed and SDD updated as needed
- Critical components identified and trial coding scheduled
- Confirmation exists that
- The test group participated in requirements and design analysis
- Interdisciplinary teams are working design issues that cross (sub)system component boundaries (software, hardware, etc.)
PDR Entrance Criteria - Analysis
- Safety analyses and plans baselined:
- Matrix showing each subsystem/task/component's software classification (per NPR 7150.2A), its safety classification (per NASA-STD-8719.13B), the rationale for the classifications, and the status of the classifications' approval by Software Assurance and management
- Updated PHA, Software Safety Litmus Test, if necessary
- Approved SMP/ PHA/Software Assurance Classification Report (SACR)
- Analyses completed:
- Partitioning analysis (modularity)
- Executive control and Start/Recovery
- Control and Data flow analysis
- Operability
- Preliminary failure modes and effects analyses
- Operational Concepts revised, as applicable, and baselined
- Normal operations scenarios
- Fault detection, isolation and recovery (FDIR) strategy
- Hazard reduction strategies
- Status of change requests available for review
PDR Items Reviewed
- Risk assessment and mitigation
- Safety analysis and plans
- Cost and schedule data
- Logistics documentation (e.g., maintenance plan)
- Technical plans (e.g., QA plan, performance measurement plan)
- Interface control documents
- Software V&V planning
- Resource utilization estimates and margins
- SDP/SMP
- Bidirectional traceability matrix
- Software design documents
- Supplier documentation
- Requirements documents
- Concept of operations
- Trade studies
- Documented solutions, analysis, decisions and rationale
- Completed analyses
- Prototype software, if applicable
- Plans for development and test tools and facilities
- Software development progress metrics
- CM plan
- Peer review results / proof of completion
- Status of change requests
PDR Exit/Success Criteria
- Top-level requirements including mission success criteria, Technical Performance Measures (TPMs), and any sponsor-imposed constraints are agreed upon, finalized, stated clearly, and consistent with preliminary design
- Review panel agrees that:
- Flow down of verifiable requirements is complete and proper or, if not, an adequate plan exists for timely resolution of open items; requirements are traceable to mission goals and objectives
- All supplier software requirements are verifiable
- Preliminary design is expected to meet the functional and performance requirements at an acceptable level of risk
- Definition of technical interfaces is consistent with overall technical maturity and provides an acceptable level of risk
- Adequate technical interfaces are consistent with the overall technical maturity and provide an acceptable level of risk
- Adequate technical margins exist with respect to TPMs
- Any required new technology has been developed to an adequate state of readiness, or back-up options exist and are supported to make them a viable alternative
- Project risks are understood and credibly assessed; plans, process, and resources exist to effectively manage them
- Operational concept is technically sound, includes (where appropriate) human factors, and includes flow down of requirements for its execution
- Proposed design approach has sufficient maturity to proceed to final design
- Subsystem requirements, subsystem preliminary design, results of peer reviews, and plans for development, testing and evaluation form a satisfactory basis for proceeding into detailed design and test procedure development
- SMP, the software architectural design, and integration test plans adequate and feasible to support software detailed design
- All RIDs/actions are completed or have closure plans and customer approval received to proceed to detailed design phase
- Products from this review are approved, baselined and placed under configuration management
- Approval received for software inputs / contributions:
- Safety and mission assurance (e.g., safety, reliability, maintainability, quality, and IEEE parts) is adequately addressed in preliminary designs and any applicable S&MA products (e.g., Probabilistic Risk Assessment (PRA), system safety analysis, and failure modes and effects analysis)
- Management processes used by the mission team are sufficient to develop and operate the mission
- Cost estimates and schedules indicate that the mission will be ready to launch and operate on time and within budget, and that the control processes are adequate to ensure remaining within allocated resources
Critical Design Review (CDR)
The CDR demonstrates that the maturity of the design is appropriate to support proceeding with full scale fabrication, assembly, integration, and test, and that the technical effort is on track to complete the flight and ground system development and mission operations in order to meet mission performance requirements within the identified cost and schedule constraints. Progress against management plans, budget, and schedule, as well as risks assessments are presented. (NPR 7120.5 082)
Jump to: Entrance Criteria - General | Entrance Criteria - Plans | Entrance Criteria - Requirements | Entrance Criteria - Design | Entrance Criteria - Analysis | Entrance Criteria - Other | Items Reviewed | Exit/Success Criteria
CDR Entrance Criteria - General
- Successful completion of the previous review (typically PDR) and responses made to all Requests for Actions (RFAs) and Review Item Discrepancies (RIDs), or a timely closure plan exists for those remaining open
- Final agenda, success criteria, and charge to the board have been agreed to by technical team, project manager, and review chair
- Technical products for this review made available to participants prior to CDR
- Baselined documents updated, as required
- Peer reviews for software and rework accomplished, as defined in the s/w and/or project plans
- NPR 7150.2 compliance matrix baselined
- Lessons Learned
- Review of existing Lessons Learned (LL) from previous projects completed
- Lessons Learned captured from software areas of the project (indicate the problem or success that generated the LL, what the LL was, and its applicability to future projects)
- Confirmation exists that Lessons Learned added to LL database
CDR Entrance Criteria - Plans
- Software development/management plan (SDP/SMP) updated for implementation and unit test activities
- Updated Work Breakdown Structure
- Updated cost and schedule data
- Progress against software management plans available for review
- Plan exists for milestone and peer reviews, walkthroughs, and external reviews
- Documentation plan exists, including each document's status and when it will be baselined
- Software requirements, management process, including documents used and produced, and verification and validation (V&V) planning updated and baselined
- Logistics documentation (e.g., maintenance plan) updated
- Staffing-up problems being addressed, contingency plans in place
- Independent verification and validation (IV&V) plans and status available for review
- Management procedures and tools for measuring and reporting progress available and working
- Software measurements available for review (on planned and actual regarding product size, cost, schedule, effort, and defect)
- Procedures established and working for software quality assurance and quality an integral part of the product being produced
- Implementation process exists, incl. standards, review process, problem reporting, unit test, integration
- Supplier documentation available for review:
- Software Design Description(s)
- Interface Design Description(s)
- Updated Supplier Software V&V Plan(s)
- Preliminary Supplier Software Test Procedure(s)
- Systems and subsystem certification plans and requirements exist (as needed)
- Changes since PDR available for review:
- Updated product assurance and software safety plans and activities
- System safety analysis with associated verifications
- Status of configuration management processes since PDR available, including discrepancy reporting and tracking (development and post-release)
- Build plan exists
- Build test timeline and ordered list of components and requirements to be tested in each build ready for review
- Test group trained and prepared to evaluate the code using their facilities and tools
- Software is ready for testing / activation
- Coding, integration, and test plans and procedures available for review
- Test plans baselined
- Preliminary integration and test procedures
- Test team roles, functions, support required are defined
- Test levels described (e.g., unit testing, integration testing, software system testing) – description, who executes, test environment, standards followed, verification methodologies
- Testing preparation and execution activities planned, incl. testing of reused/heritage software, if applicable
- Test environments described for each test level --diagram and description of tools, testbeds, facilities
- Plans available for review:
- Launch site operations plan
- Checkout and activation plan
- Disposal plan (including decommissioning or termination)
- Delivery, installation, maintenance processes planned
- System and acceptance testing defined – operational scenarios to be tested, including stress tests and recovery testing, if applicable
- Acceptance process exists – reviews (e.g., Acceptance Test Readiness Review, Acceptance Test Review), approval, and signoff processes
- Acceptance criteria baselined
- Software inputs / contributions completed for:
- Updated Project Plan
- Updated technology development maturity assessment plan
CDR Entrance Criteria - Requirements
- Changes to IT security requirements since PDR available for review (Mission-specific)
- SRS updated to the Computer Software Unit (CSU) level
- Traceability matrix updated (to CSU level)
- Verification exists that detailed designs cover the requirements
CDR Entrance Criteria - Design
- Technical data package (e.g., integrated schematics, spares provisioning list, interface control documents, engineering analyses, and specifications) available for review
- Design process exists, including methodology and standards used, design documentation produced, inspections and reviews
- Software design document(s) baselined (including interface design documents, detailed design and unit test)
- Command and telemetry list available for review
- Final design solution, evaluation, and rationale available
- Documented make, buy, and/or reuse, analysis, criteria, and rationale
- Reused/heritage software or functionality from previous projects; necessary modifications
- Final architecture definition available
- Subsystem/component context diagram available
- Data flow diagrams available
- Software subsystem design diagram available (e.g., Level 0 data flow diagram or Unified Modeling Language (UML))
- For each task in the software subsystem design diagram
- Design diagrams for the task
- Description of functionality and operational modes
- Safety considerations addressed in the design
- Resource and utilization constraints (e.g., CPU, memory); how the software will adapt to changing margin constraints; performance estimates
- Data storage concepts and structures
- Input and output data and formats identified
- Interrupts and/or exception handling available, including event, FDC, and error messages
- IT Security features (design features) identified
- Detailed description of software operation and flow exists
- Operational limits and constraints identified
- Technical resource utilization estimates and margins updated
- Detailed timing and storage allocation compiled
- Algorithms exist sufficient to satisfy their requirements
- Failure detection and correction (FDC) requirements, approach, and detailed design available for review
- Trial code analyzed and designs modified accordingly
- Designs comprising the software completed, peer reviewed and placed under change control
CDR Entrance Criteria - Analysis
- Analyses completed:
- Algorithm accuracy
- Critical timing and sequence control
- Undesired event handling
- Operability
- Failure modes and effects analyses
- Final status and results of analyses ready for review
- Hazard analysis / Software Assurance Classification Report (SACR) updated, if necessary
- Subsystem-level and preliminary operations safety analyses exist
- Risk assessment and mitigation updated
- Reliability analyses and assessments updated
- Operational Concepts updated
- Product build-to specifications exist for each hardware and software configuration item, along with supporting trade-off analyses and data
- Status of change requests available for review
CDR Entrance Criteria - Other
- Software requirement verification recording, monitoring, and current status available for review – databases and test reports; sample test verification matrix
- Preliminary operations handbook created
- Programmer's manual drafted
- User's manual drafted
CDR Items Reviewed
- Baselined documents
- Technical data package
- SDP/SMP
- Progress against software management plans
- Plan and status for reviews
- Documentation plan
- NPR 7150.2 compliance matrix
- Design and implementation processes
- Status of management procedures and tools
- Software measurements
- Logistics documentation (e.g., maintenance plan)
- Status of any staffing problems
- Software design document(s)
- Command and telemetry list
- Final Design Solution, Evaluation, and Rationale
- Final Architecture Definition
- Software subsystem design diagram
- Data flow diagrams
- Identification and formats of input and output data
- Interrupts and/or exception handling, including event, FDC, and error messages
- IT Security requirements and features
- Detailed description of software operation and flow
- Operational limits and constraints
- Technical resource utilization estimates and margins
- Status and results of analyses
- Algorithms sufficient to satisfy their requirements
- Failure detection and correction (FDC) requirements, approach, and detailed design
- Subsystem/component context diagram
- Status of trial code analysis and design
- Supplier documentation
- Status of SW designs and requirements coverage verification
- SRS
- Bidirectional Traceability Matrix
- Status of software QA and safety plans, procedures, activities
- Hazard analysis / Software Assurance Classification Report (SACR), if necessary
- Risk assessment and mitigation
- Reliability analyses and assessments
- IV&V plans and status
- Systems and subsystem certification plans and requirements (as needed)
- CM processes
- Status of development environment and personnel training
- Build plan
- Product build-to specifications along with supporting trade-off analyses and data
- Coding, integration, and test plans and procedures
- V&V planning
- Software test plan, procedures
- Testing preparation and execution activities
- Build test timeline and ordered list of components and requirements to be tested in each build
- Description of test environments for each test
- Status of test group training
- Launch site operations plan
- Checkout and activation plan
- Disposal plan
- Preliminary Operations Handbook
- Draft of Programmer's Manual
- Draft of User's Manual
- Status of change requests
CDR Exit/Success Criteria
- Review panel agrees that:
- All supplier software requirements have been mapped to the software design
- All elements of the design are compliant with functional and performance requirements (detailed design is expected to meet requirements with adequate margins at acceptable level of risk)
- Interface control documents are sufficiently matured to proceed with fabrication, assembly, integration, and test, and plans are in place to manage any open items
- Product verification and product validation requirements and plans are complete; verification approach is viable, and will confirm compliance with all requirements
- Management processes used by the project team are sufficient to develop and operate the mission
- Testing approach is comprehensive, and planning for system assembly, integration, test, and launch site and mission operations is sufficient to progress into next phase
- Adequate technical and programmatic margins and resources exist to complete development within budget, schedule, and risk constraints
- Risks to mission success are understood and credibly assessed, and plans and resources exist to effectively manage them
- SDP/SMP, software detailed designs, and unit test plans are an adequate and feasible basis for the implementation and test activities
- High confidence exists in the product baseline, and adequate documentation exists or will exist in a timely manner to allow proceeding with coding, integration, and test
- Approval received for software inputs / contributions:
- Safety and mission assurance (e.g., safety, reliability, maintainability, quality, and EEE parts) have been adequately addressed in system and operational designs, and any applicable S&MA products (e.g., Probabilistic Risk Assessment (PRA), system safety analysis and failure modes and effects analysis) have been approved
- High priority RIDs against the SDD are closed/actions are completed and customer approval received to proceed to next phase
- Approved readiness to proceed with software implementation and test activities
- Products from this review are approved, baselined, and placed under configuration management
Production Readiness Review (PRR)
The PRR is held for projects developing or acquiring multiple similar or identical flight and/or ground support systems. The purpose of the PRR is to determine the readiness of the system developer(s) to efficiently produce (build, integrate, test, and launch) the required number of systems. The PRR also evaluates how well the production plans address the system's operational support requirements. (NPR 7120.5 082)
Jump to: Entrance Criteria | Items Reviewed | Exit/Success Criteria
PRR Entrance Criteria
- Significant production engineering problems encountered during development are resolved
- Design documentation is adequate to support production
- Production plans and preparation are adequate to begin fabrication
- Production-enabling products and adequate resources are available, allocated, and ready to support end product production
- Production risks and mitigations identified
- Schedule reflects production activities
PRR Items Reviewed
- Design documentation
- Production plans and preparation
- Production risks and mitigations
- Schedule
PRR Exit/Success Criteria
- Review panel agrees that:
- System requirements are fully met in final production configuration
- Adequate measures are in place to support production
- Design-for-manufacturing considerations ensure ease and efficiency of production and assembly
- Risks are identified, credibly assessed, and characterized, and mitigation efforts defined
- Alternate sources for resources identified, as appropriate
- Required facilities and tools are sufficient for end product production
- Specified special tools and test equipment are available in proper quantities
- Production and support staff are qualified
- Production engineering and planning are sufficiently mature for cost-effective production
- Production processes and methods are consistent with quality requirements
- Qualified suppliers are available for materials that are to be procured
- Delivery schedules are verified
System Integration Review (SIR)
The SIR evaluates the readiness of the project to start flight system assembly, test, and launch operations. V&V Planning, integration plans, and test plans are reviewed. Test articles (hardware/software), test facilities, support personnel, and test procedures are ready for testing and data acquisition, reduction, and control. (NPR 7120.5 082)
Jump to: Entrance Criteria | Items Reviewed | Exit/Success Criteria
SIR Entrance Criteria
- Integration plans and procedures completed and approved
- Segments and/or components available for integration
- Mechanical and electrical interfaces verified against the interface control documentation
- All applicable functional, unit-level, subsystem, and qualification testing conducted successfully
- Integration facilities, including clean rooms, ground support equipment, electrical test equipment, and simulators ready and available
- Support personnel adequately trained
- Handling and safety requirements documented
- All known system discrepancies identified and disposed in accordance with agreed-upon plan
- All previous design review success criteria and key issues satisfied in accordance with agreed-upon plan
- Quality control organization is ready to support integration effort
SIR Items Reviewed
- Integration plans and procedures
- Interface control documentation
- Functional, unit-level, subsystem, and qualification test results/proof of completion
- Test preparation (facilities, tools, equipment, personnel)
- Handling and safety requirements
- V&V planning, test plans
SIR Exit/Success Criteria
- Review panel agrees that:
- Adequate integration plans and procedures are completed and approved for the system to be integrated
- Previous component, subsystem, and system test results form a satisfactory basis for proceeding to integration
- Integration procedures and work flow have been clearly defined and documented
- Review of integration plans, as well as procedures, environment, and configuration of items to be integrated, provides a reasonable expectation that integration will proceed successfully
- Integration personnel have received appropriate training in integration and safety procedures
- Risk level is identified and accepted by program/project leadership, as required
Test Readiness Review (TRR)
The TRR ensures that the test article (hardware/software), test facility, support personnel, and test procedures are ready for testing and data acquisition, reduction, and control. (NPR 7123.1 041)
Jump to: Entrance Criteria - General | Entrance Criteria - Plans | Entrance Criteria - Requirements | Entrance Criteria - Design | Entrance Criteria - Analysis | Entrance Criteria - Other | Items Reviewed | Exit/Success Criteria
TRR Entrance Criteria - General
- All TRR-specific materials, such as test plans, test cases, procedures, and version description document available to all participants prior to TRR
- Updated baselined documentation available (from previous reviews – SwRR, SRR, PDR, CDR)
- Required documents are in the state/status required; any required deviations or waivers are in place and approved
- All known system discrepancies identified and disposed in accordance with agreed-upon plan
- Software cost estimate updated, and software related expenditures collection and report by life cycle phases available
- Test schedule updated:
- Current system test status
- Issues and concerns
- Test schedule
- Schedules for integration and test established and are reasonable based on results of unit testing
- Lessons Learned
- Plans to capture any lessons learned from test program are documented
- Review of existing Lessons Learned from previous projects completed
- Lessons Learned captured from software areas of the project ( indicate the problem or success that generated the Lesson Learned, what the Lesson Learned was, and its applicability to future projects)
TRR Entrance Criteria - Plans
- Objectives of testing and testing approach clearly defined and documented and supported by:
- Test plans, test cases, procedures, environment
- Defined configuration of test item(s)
- Interfaces placed under configuration management or defined in accordance with an agreed-to plan
- All required test resources, people (including a designated test director), facilities, test articles, test instrumentation, and other test enabling products identified and available to support required tests
- Facilities and tools for integration and test ready, qualified, validated, and available for operational use including test engineering products (test cases, procedures, tools, etc.), test beds, simulators, and models
- Roles and responsibilities of all test participants defined and agreed to and all personnel have been trained
- Supplier Software Version Description(s) available
- Metric data and reports (implementation and test) ready for review
- SDP/SMP updated for integration and test activities
- IV&V report/status - if applicable
- Any current risks, issues, or requests for action (RFAs) that require follow-up and how they will be tracked to closure ready for review
- Risk analysis and risk list updated and associated risk management plan updated
- Test plan includes test scenarios:
- User-defined scenarios to test interactive or operator-oriented software
- Safety critical scenarios
- For all software/system requirements defined in the bidirectional traceability matrix
- Performance checks at the limit of ranges specified for the requirements and operational scenarios, including test limitations and constraints
- Test case structure established that identifies per test case:
- Software requirements to be tested and SW entities to be exercised
- Required inputs
- Facilities and test tools required, setup, and required qualifications
- Limitations of the test environment
- Verification of standards compliance
- Test plan updated for integration and test activities
- Software test procedures baselined:
- Defined build process
- Safety critical software test considerations
- Defined software test success criteria
- Defined CM process and procedures used for testing
- Process for capturing test data and storing it
- Test procedure red-line process
- Process for restarting a test if error found during testing
- Discrepancy Reporting System
- Process for tracking Test Progress
- Role of Quality Assurance including redlining and QA witnessing role and responsibilities
- Any safety and security issues relevant to the testing activity
- All workarounds and non-functioning software components
- Time required for testing; include schedule and analysis of time needed on various environments / test beds / spacecraft
TRR Entrance Criteria - Requirements
- All requirements included in baselined test procedure document and uniquely identified and traceable in the updated bidirectional traceability matrix (includes necessary corrections due to discrepancy reports)
TRR Entrance Criteria - Design
- All previous design review success criteria and key issues satisfied in accordance with agreed-upon plan
TRR Entrance Criteria - Analysis
- Outstanding software change requests (SCRs) ready for review
- Code inspection results available for review
- Results of testing completed to date available for review:
- Objectives of tests
- Expected results defined
- Confirm all steps in the test runs are documented
- Results including safety critical test results
- Tests performed
- Successful tests
- Known problems, issues
- Deviations, waivers
TRR Entrance Criteria - Other
- Software build created from CM and ready for testing
- Applicable functional, unit-level, subsystem, system, and qualification testing conducted successfully
- Informal dry run completed without errors
- Validation of operations and users manuals completed
- Successful functional audit (FCA) of the version description document (VDD) (such as FSW) including fixes
- Tests reusable for regression testing exist
- Databases for integration and test have been created and validated
- Test network showing interdependencies among test events and planned time deviations for these activities prepared
- Evaluations completed (in conjunction with unit testing):
- Verification of computations using nominal and stress data
- Evaluations completed (in conjunction with s/w integration and test):
- Verification of performance throughout anticipated range of operation conditions including nominal, abnormal, failure and degraded mode situations
- Verification of performance throughout anticipated range of operating conditions as various strings of units are linked together and various modes are exercised
- Verification of end-to-end functional flows and database linkages
- Exercise of logic switching and executive control options at least once
TRR Items Reviewed
- Test preparation
- Test plans, test cases, scenarios, databases, procedures, environment, expected results, and configuration of test item(s)
- Software build ready for testing
- Resources (people, facilities, tools, etc.)
- Test schedule
- Test contingency planning
- Test network
- Results for all testing completed to date
- Interfaces
- SDP/SMP
- VDD and VDD audit results
- Software change requests
- Bidirectional traceability matrix
- Current risks, issues, or requests for action (RFAs)
- Baselined documentation from previous reviews
- Requirements and design
- Status of quality assurance (QA) activities
- Status of known system discrepancies
- Software cost estimate and expenditures report
- Supplier Software VDD(s)
- Requirements Analysis and Traceability Reports
- Code Analysis and Assessment Results
- Metric Data and Reports
- Operations and users manuals
- Completed evaluations of unit, integration tests
- Risk analysis, list, management plan
TRR Exit/Success Criteria
- Review panel agrees that:
- Peer reviews completed for implementation and tests to be performed, as defined in the software plans
- Adequate identification and coordination of required test resources are completed
- Previous component, subsystem, and system test results form a satisfactory basis for proceeding into planned tests
- All the entrance criteria have been met
- Test cases have been reviewed and analyzed for expected results, and results are consistent with test plans and objectives
- Test personnel have received appropriate training in test operation and safety procedures
- Provisions have been made should test levels or system response exceed established limits or if the system exceeds its expected range of response
- Software is ready to be tested
- SDP/SMP, software implementations, and test plans are an adequate and feasible basis for integration and test activities
- Formal dry test run completed
- Adequate test plans are completed and approved to proceed for the system under test
- Risk level associated with testing is identified (during TRR) and accepted by the appropriate program/competency leadership, as required
- Products from this review are approved, baselined and placed under configuration management
System Acceptance Review (SAR)
The SAR verifies the completeness of the specific end item with respect to the expected maturity level and to assess compliance to stakeholder expectations. The SAR examines the system, its end items and documentation, and test data and analyses that support verification. It also ensures that the system has sufficient technical maturity to authorize its shipment to the designated operational facility or launch site. (NPR 7120.5 082)
Jump to: Entrance Criteria | Items Reviewed | Exit/Success Criteria
SAR Entrance Criteria
- A final agenda coordinated (nominally)
- Technical products for this review made available to participants prior to SAR
- Acceptance test readiness available for review
- Process for analysis of Test Results including the division of responsibility
- Acceptance Test testbed (environment) setup (hardware)
- Setup and use of Simulators or other Test tools and their required qualifications
- Limitations of the testbed (environment)
- Tests that require: hardware for verification and/or human input
- Description, at a high level, of what each test does, how long it lasts, and any special circumstances
- IV&V report/status - if applicable
- Preparedness for Acceptance Testing
- Requests For Action (RFAs)
- Decision to proceed to Acceptance Testing
- Results available from SARs conducted at major suppliers
- Transition to production and/or manufacturing plan exists
- Product verification results / final test reports available
- Product validation results available
- Acceptance plans and acceptance criteria
- Documentation exists to confirm that the delivered system complies with the established acceptance criteria
- Documentation exists to confirm that the system will perform properly in the expected operational environment
- Technical data package updated to include all test results
- Certification package available for review
- Risk assessment and mitigations updated
- Previous milestone reviews successfully completed
- Metrics data and reports available for review
- Remaining liens or unclosed actions and plans for closure available for review
- Waivers and deviations available for review
- Software build has been updated
- Functional audit (FCA) completed
- Software presentation prepared (for AR):
- Software overview
- Project System Diagram
- Functional software overview
- Software products/artifacts
- Software traceability matrix examples
- STPr/SVVPr status
- Open RIDs
- Open SCRs
- Software summary and recommendations
- Lessons Learned
- Review of existing Lessons Learned from previous projects completed
- Lessons Learned captured from software areas of the project ( indicating the problem or success that generated the Lesson Learned, what the Lesson Learned was, and its applicability to future projects)
- Confirmation exists that Lessons Learned added to Lessons Learned database
SAR Items Reviewed
- Test readiness information
- Results of the SARs conducted at the major suppliers
- Transition to production and/or manufacturing plan
- Product verification results / test reports
- Product validation results
- Baselined Software Build
- Certification package
- Documentation that the delivered system complies with the established acceptance criteria
- Documentation that the system will perform properly in the expected operational environment
- Technical data package
- Risk assessment and mitigation
- Hazard report
- Results/proof of completion for previous milestone reviews
- Remaining liens or unclosed actions and plans for closure
- Waivers/deviations
- Metrics Data and Reports
SAR Exit/Success Criteria
- Review panel agrees that:
- Required tests and analyses are complete and indicate that system will perform properly in expected operational environment
- Risks are known and manageable
- Software system meets established acceptance criteria
- Required safe shipping, handling, checkout procedures are complete and ready for use
- Required operational plans and procedures are complete and ready for use
- Technical data package is complete and reflects delivered system, including software user's manual and version description document
- All applicable lessons learned for organizational improvement and system operations are captured
- Software system has sufficient technical maturity to authorize shipment to designated operational facility or launch site
Operational Readiness Review (ORR)
The ORR examines the actual system characteristics and the procedures used in the system or product's operation and ensures that all system and support (flight and ground) hardware, software, personnel, and procedures are ready for operations and that user documentation accurately reflects the deployed state of the system. (NPR 7120.5 082)
Jump to: Entrance Criteria | Items Reviewed | Exit/Success Criteria
ORR Entrance Criteria
- All validation testing completed
- Test failures and anomalies from validation testing resolved and results incorporated into all supporting and enabling operational products
- All operational supporting and enabling products (e.g., facilities, equipment, documents, updated databases) that are necessary for the nominal and contingency operations have been tested and delivered/installed at the site(s) necessary to support operations
- Operations manual complete
- Physical audit (PCA) completed
- Software inputs / contributions completed for:
- Training provided to users and operators on correct operational procedures for system
- Ground systems readiness
- Diagram describing main functionality for project, how parts interact, and main flow of data between major functional parts
- Problem reporting and change request process for discrepancy reports (DR), enhancement reports (ER), Database change requests (DCR)
- Current DR, ER, DCR status, include historical trend data, and details on current open DRs, ERs, DCRs
- Key parts of system, their current operational readiness, and how verified
- Any issues, how they will be handled, and workarounds available including when permanent fixes will be completed
- Key interactions with other systems, their operational readiness, and how verified; any issues, how they will be handled, and workarounds available including when permanent fixes will be completed
- Outstanding items that need to be completed before readiness is achieved along with scheduled date
- Software maintenance plan completed
- When software is frozen, what types of fixes will be approved for implementation under a freeze, etc.
- How change control board (CCB) will handle software changes or bug fixes
- Science planning and processing system readiness is available for review, as applicable:
- Diagram describing science data processing products and general timelines involved
- Diagram describing science system context (relationship of main Mission Operations Center, Mission Planning Office, Science Validation Facility, Ground stations, interconnecting networks, and the main science data Instrument teams)
- Description of these main components in high-level detail including planning and processing functions; include any special cases for launch, in-orbit checkout, end of mission, etc.; description of testing, results, and issues done to verify and validate these components
- Summary of all testing done, results, and outstanding issues for Science Data Processing
- Safety and security issues status available for review:
- Software issues with safety, how addressed, and current status
- Software issues with security, how addressed, and current status
- Simulations status available for review:
- Number and main details for simulations by subsystem exercised, for example: Launch, Attitude Control System, Command & Data Handling, Communication, Flight Software, Power System Electronics, Mission Operations Center, Pre-Launch, others deemed important for project
- Outstanding issues from Simulation testing, schedule impact, workarounds, and risks; for workarounds, when will problem/issue be permanently fixed
- Contingencies and constraints available for review:
- State of Contingency Flow Chart Book and any planned updates
- List of current constraints on system, state of database that details these constraints, and any outstanding actions that need to be taken
- Audits that were done and against what areas to verify constraints
- Operational problem escalation process
- Operational emergency notification process including telephone numbers to be called
- Status of documentation readiness available for review:
- Version Description Document(s); its location, and any outstanding issues
- Baselined Software User's Manual; its location, and any outstanding issues
- Software Operations Plan; its location, and any outstanding issues
- Software Maintenance Plan; its location, and any outstanding issues
- Planned software retirement activities; location, and any outstanding issues
- Lessons Learned
- Lessons Learned (LL) captured from software areas of the project (indicating the problem or success that generated the Lesson Learned, what the LL was, and its applicability to future projects)
- Confirmation exists that Lessons Learned added to LL database
- Status of work remaining available for review:
- All critical work that needs to be completed along with expected completion data
ORR Items Reviewed
- Validation test results/proof of completion
- Status of test failures and anomalies from validation testing
- Status of all testing, delivery, and installation for operational supporting and enabling products necessary for nominal and contingency operations
- Status of software user's manual
- Status of operations manual
- Software Maintenance Plan
- Science Planning and Processing System Readiness
- Safety and Security Issues
- Number and main details for simulations by subsystem exercised and any open issues
- Contingencies and constraints
- Status of documentation readiness
- Work Remaining
ORR Exit/Success Criteria
- Review panel agrees that:
- System, including any enabling products, is ready to be placed in operational status
- All applicable lessons learned for organizational improvement and systems operations have been captured
- All waivers/deviations and anomalies have been closed
- Systems hardware, software, personnel, and procedures are in place to support operations
- All project and support h/w, s/w, and procedures are ready for operations and user documentation accurately reflects the deployed state of the entire system
- RFA and review item discrepancy (RID) reports generated, as needed, as result of this ORR
Flight Readiness Review (FRR)
The FRR examines tests, demonstrations, analyses, and audits that determine the system's readiness for a safe and successful flight/launch and for subsequent flight operations. It also ensures that all flight and ground hardware, software, personnel, and procedures are operationally ready. (NPR 7120.5 082)
Jump to: Entrance Criteria | Items Reviewed | Exit/Success Criteria
FRR Entrance Criteria
- Certification received that flight operations can safely proceed with acceptable risk
- System and support elements confirmed as properly configured and ready for flight
- Interfaces compatible and function as expected
- System state supports a launch "go" decision based on go/no-go criteria
- Flight failures and anomalies from previously completed flights and reviews resolved and results incorporated into all supporting and enabling operational products.
- System configured for flight
- Tests, demonstrations, analyses, audits support flight readiness
FRR Items Reviewed
- Open items and waivers/deviations
- System and support elements configuration confirmation
- Status of interface compatibility and functionality
- System state
- Status of failures and anomalies from previously completed flights and reviews
- System configuration
- Tests, demonstrations, analyses, audits
- Software user's manual
FRR Exit/Success Criteria
- Review panel agrees that:
- Flight vehicle is ready for flight
- Software is deemed acceptably safe for flight (i.e., meeting the established acceptable risk criteria or documented as being accepted by the PM and Designated Governing Authority (DGA))
- Flight and ground software elements are ready to support flight and flight operations
- Interfaces are checked and found to be functional
- Open items and waivers/deviations have been examined and found to be acceptable
- Software contributions to all open safety and mission risk items have been addressed
- Operators are ready and work-arounds have been fully vetted
- Software user's manual is ready and available to be used for testing