The license could not be verified: License Certificate has expired! Administrators, please check your license details here.
See edit history of this section
Post feedback on this section
1. Requirements
5.2.3.1 The Software Design Description shall include: [SWE-111]
a. Computer Software Configuration Item (CSCI)-wide design decisions/trade decisions.
b. CSCI architectural design.
c. CSCI decomposition and interrelationship between components:
(1) CSCI components:
(a) Description of how the software item satisfies the software requirements, including algorithms, data structures, and functional decomposition.
(b) Software item I/O description.
(c) Static/architectural relationship of the software units.
(d) Concept of execution, including data flow, control flow, and timing.
(e) Requirements, design and code traceability.
(f) CSCI's planned utilization of computer hardware resources.
(2) Rationale for software item design decisions/trade decisions including assumptions, limitations, safety and reliability related items/concerns or constraints in design documentation.
(3) Interface design.
1.1 Notes
The documentation of the architectural design of a software system identifies and describes the architectural elements of the software, the external interfaces, and the interfaces between elements. The description includes element responsibilities (constraints on inputs and guarantees on outputs), and constraints on how the elements interact (such as message and data sharing protocols). The architectural design documentation includes multiple views of the architecture and identifies and supports the evaluation of the key quality attributes of the planned software product. The key quality attributes of the software will depend on the mission in which the software is to be used and the manner in which it is to be developed and deployed. They will usually include: performance, availability, maintainability, modifiability, security, testability and usability (operability.)
1.2 Applicability Across Classes
Classes C through E and Safety Critical are labeled with "P (Center) + SO." "P (Center)" means that an approved Center-defined process that meets a non-empty subset of the full requirement can be used to achieve this requirement, while "SO" means that the requirement applies only for safety-critical portions of the software.
Class C and Not Safety Critical and Class D and Not Safety Critical are labeled with "P (Center.)" This means that an approved Center-defined process that meets a non-empty subset of the full requirement can be used to achieve this requirement.
Classes F and G are labeled with "X (not OTS)." This means that this requirement does not apply to off-the-shelf software for these classes.
Class |
A_SC |
A_NSC |
B_SC |
B_NSC |
C_SC |
C_NSC |
D_SC |
D_NSC |
E_SC |
E_NSC |
F |
G |
H |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Applicable? |
|
|
|
|
X |
P(C) |
X |
P(C) |
X |
|
X |
X |
|
Key: A_SC = Class A Software, Safety-Critical | A_NSC = Class A Software, Not Safety-Critical | ... | - Applicable | - Not Applicable
X - Applicable with details, read above for more | P(C) - P(Center), follow center requirements or procedures
2. Rationale
NPR 7150.2, NASA Software Engineering Requirements, section 5.2.3, states, "The Software Design Description describes the design of a CSCI (computer software configuration item). It describes the CSCI-wide design decisions, the CSCI architectural design, and the detailed design needed to implement the software." The software design process transforms the software requirements into a structured, organized set of information appropriate for implementing in code. This design is captured in the software design description (SDD), making the SDD a critical document in the software development process.
3. Guidance
When creating the software design description (SDD), the following minimum content is included. If the content is included in another document or tool, such as separate trade study documents, interface design documents, modeling or simulation tools, or data dictionaries, those documents or tools may be referenced in the SDD.
CSCI-wide design decisions/trade decisions
It is important to document decisions made during the design process, as well as the reasons those decisions were made. (See Rationale for software item design (Item 2 under CSCI decomposition and interrelationship between components) guidance below.) This information is useful for the implementation phase, as well as future software maintenance activities. Consider the following when capturing "decisions about the CSCI's behavioral design (how it will behave from a user's point of view, in meeting its requirements, and ignoring internal implementation) and other decisions affecting the selection and design of the software units that make up the CSCI": 096
- Make Decisions based on trade studies, including the options considered or a reference to the document(s) that capture the trade study information.
- Capture design decision dependencies on system states or modes. 096
- Capture design decisions "regarding inputs the CSCI will accept and outputs it will produce, including interfaces with other systems, hardware configuration items (HWCIs), CSCIs, and users." 096
- Capture design decisions "on CSCI behavior in response to each input or condition, including actions the CSCI will perform, response times, and other performance characteristics, description of physical systems modeled, selected equations, algorithms, or rules, and handling of invalid inputs or conditions." 096
- Capture design decisions "on how databases and data files will appear to the user." 096
- Capture the "selected approach to meeting safety, security, and privacy requirements." 096
- Capture design decisions "made in response to requirements, such as selected approach to providing required flexibility, availability, and maintainability." 096
CSCI architectural design
"The architectural design documentation includes multiple views of the architecture and identifies and supports the evaluation of key quality attributes of the planned software product. The key quality attributes of the software will depend on the mission in which the software is to be used and the manner in which it is to be developed and deployed. They will usually include performance, availability, maintainability, modifiability, security, testability and usability (operability)." 090
The architectural design may be captured in a variety of ways but is typically captured in one or more diagrams. Consider including diagram conventions, as appropriate, so readers can better understand the architectural design captured in those diagrams. When capturing the architectural design, consider including:
- A subsystem/component context diagram.
- A system design diagram (such as a top-level data flow diagram or UML (Unified Modeling Language) diagram).
- A "list of [software] subsystems, tasks, or major components – e.g., user interface, database, task management." 073
- A map or list of software units that make up each CSCI.
CSCI decomposition and interrelationship between components
- CSCI components
- Description of how the software item satisfies the software requirements, including algorithms, data structures, and functional decomposition.
Consider including the following when describing how each software item satisfies the associated set of software requirements:- Description of functionality and operational modes, data storage concepts, and structures. 072
- Derived requirements. 073
- Functional allocations among the software subsystems.
- Databases, data files, and shared data with safety-critical data marked. 276
- "Identify, state the purpose, and describe in detail the algorithms to be incorporated into the execution of the CSU. The algorithms shall be described in terms of the manipulation of input and local data elements and the generation of output data elements." 176
- Software item input/output (I/O) description.
When capturing the I/O description, consider including the following information, as appropriate: - Static/architectural relationship of the software units.
Like the CSCI architectural design, the static/architectural relationship of software units is typically captured in one or more diagrams. Consider the following when capturing this information:- A subsystem/component context diagram. 072
- A system design diagram (such as a top-level data flow diagram or UML diagram). 072
- Design diagrams for the task 072 and descriptions of major modules. 073
- Identification of non-safety-critical units that can interact with safety-critical ones. 276
- Documentation of the positions and functions of safety-critical components in the design hierarchy. 276
- Relationship of this software to other software components in the system. 387
- Concept of execution, including data flow, control flow, and timing.
The concept of execution may be captured in "diagrams and descriptions showing the dynamic relationship of the software units, that is, how they will interact during CSCI operation." 096 Consider including the following information when capturing the concept of execution:- Interrupts and/or exception handling, including event, failure detection and correction (FDC), and error messages. 072
- End-to-end data flow description and/or diagrams. 073
- "Execution control, interrupt characteristics, initialization, synchronization, and control of the components...include finite state machines." 276
- Timing and sequencing diagrams.
- States and modes of software operation, including the software units that execute in each state and mode, as well as the execution control and data flow between components in the different states and modes. 387
- Control and signal flow, interrupt priorities and interrupt handling, error detection and handling. 387
- "Dynamically controlled sequencing, state transition diagrams..., priorities among units..., concurrent execution, dynamic allocation and de-allocation, dynamic creation and deletion of objects, processes, tasks, and other aspects of dynamic behavior." 096
- Thread interactions.
- Requirements, design, and code traceability.
Traceability is another type of information that is important for development and maintenance of the software because it allows development personnel to identify affected software products when a change or update is made. Consider the following when capturing the traceability information for the design. (See also the traceability guidance in this Handbook for SWE-059 and SWE-064.)- "Requirements trace or flow-down of system-level requirements to the subsystem, with any safety-critical requirements highlighted." 073
- Trace of each safety-critical component back to original safety requirements and how the requirement is implemented. 276
- Traceability between the architectural design and software components.
- CSCI's planned utilization of computer hardware resources.
Consider the following when capturing the planned utilization of computer hardware resources for each CSCI:- "Utilization constraints (e.g., CPU, memory); how the software will adapt to changing margin constraints; performance estimates." 072
- "Estimates of computer hardware resources usage ... to ensure that the design is within the total hardware resource capacity." 001
- Storage and memory resource allocations across the software architecture.
- Memory, bus, throughput estimates, and margins. 387
- Planned CSCI usage of processor capacity, I/O device capacity, auxiliary storage capacity, communication or network capacity. 096
- Description of how the software item satisfies the software requirements, including algorithms, data structures, and functional decomposition.
- Rationale for software item design decisions/trade decisions, including assumptions, limitations, safety and reliability-related items/concerns or constraints in design documentation.
It is important to document the reasons for design decisions for the implementation phase, as well as future software maintenance activities. Design decisions need to be traceable to relevant trade studies and the associated reasoning behind those decisions. Consider the following when capturing the rationale for design decisions:- Alternatives that were part of the design process but that were excluded, along with the reasons for those exclusions, e.g., did not meet requirements, low probability of success, exceeded cost and/or schedule constraints. 001
- Assumptions made during discussions of design options.
- Limitations of various design options that affected the design choice, e.g., technical, cost, schedule limitations.
- Safety and reliability considerations in the design elements and interfaces for each software subsystem, task, or component. 073
- Design constraints, e.g., feasibility, coupling, extensibility, maintainability.
- Design drivers, e.g., performance, reliability, usability, hardware considerations, established for the project that affected the software design.
- "Design alternatives, including reuse of heritage software and/or COTS tradeoffs." 073
- Performance parameters that were part of the rationale, e.g., reliability, safety, affordability, schedule, risk. 001
- "Selection criteria (e.g., adherence to design standards, verifiability, ease of construction, reuse, use of COTS, safety)." 001
- "Assumptions about the environment including operating system, user interface, component, data management, data interchange, graphics, and network services, especially assumptions on which safety functions and computer security needs may be based." 387
- "Assumptions and conditions on which the utilization data are based (e.g., typical usage, worst-case usage, and assumption of certain events)." 096
- "Architectural element responsibilities (constraints on inputs and guarantees on outputs) and constraints on how the elements interact (such as message and data sharing protocols)." 090
- Interface design
Consider the following when capturing the interface characteristics of the software units. (See also the guidance in this Handbook for SWE-112, which describes the content for the interface design description document.) If all or part of this information is captured in one or more interface documents, those documents may be referenced here.- Internal interfaces between all components.
- Operator interfaces.
- Device interfaces.
- Allocation of the software's external interface requirements to components.
- "Identify the safety-critical ... interfaces throughout the design. Identify non-critical units that can interact with safety-critical ones." 276
- "Design of each interface in terms of:
- Information description;
- Initiation criteria;
- Expected response;
- Protocol and conventions;
- Error identification, handling and recovery;
- Queuing;
- Implementation constraints;
- Requirements relative to safety and computer security." 387
- Interface type and purpose.
- Interface description, including data transmitted, messages transmitted, priority of interfaces, and messages transmitted across them. 387
The Software Architecture Review Board 323, a software engineering sub-community of practice, is a good resource of software design information, including sample documents, reference documents, and expert contacts.
Consult Center Process Asset Libraries (PALs) for Center-specific guidance, templates, and examples related to documenting the software design.
Additional guidance related to software design may be found in Topic 7.07 - Software Architecture Description and the following related requirements in this handbook:
4. Small Projects
Projects with limited personnel or budgets need to consider the guidance and use of software design document templates from the local Center PAL, because a local tailoring via "P (Center)" may be applicable. Center Engineering Technical Authorities also have been empowered to provide specific relief when the software classification specifies required design description items, i.e., "X" in Requirements Mapping Matrix in NPR 7150.2.
5. Resources
- (SWEREF-001) Software Development Process Description Document, EI32-OI-001, Revision R, Flight and Ground Software Division, Marshall Space Flight Center (MSFC), 2010. This NASA-specific information and resource is available in Software Processes Across NASA (SPAN), accessible to NASA-users from the SPAN tab in this Handbook.
- (SWEREF-072) Checklist for the Contents of Software Critical Design Review (CDR), 580-CK-008-02, Software Engineering Division, NASA Goddard Space Flight Center (GSFC), 2010. This NASA-specific information and resource is available in Software Processes Across NASA (SPAN), accessible to NASA-users from the SPAN tab in this Handbook.
- (SWEREF-073) Checklist for the Contents of Software Preliminary Design Review (PDR), 580-CK-007-02, Software Engineering Division, NASA Goddard Space Flight Center (GSFC), 2010. This NASA-specific information and resource is available in Software Processes Across NASA (SPAN), accessible to NASA-users from the SPAN tab in this Handbook.
- (SWEREF-096) Software Design Description Template, GRC-SW-TPLT-SDD, NASA Glenn Research Center (GRC), 2011. This NASA-specific information and resource is available in Software Processes Across NASA (SPAN), accessible to NASA users from the SPAN tab in this Handbook.
- (SWEREF-097) Software Design Document Checklist, NASA Marshall Space Flight Center (MSFC), 2008.
- (SWEREF-176) Department of Defense, DI-MCCR-80012A, 1988.
- (SWEREF-276) NASA-GB-8719.13, NASA, 2004. Access NASA-GB-8719.13 directly: https://swehb-pri.msfc.nasa.gov/download/attachments/16450020/nasa-gb-871913.pdf?api=v2
- (SWEREF-323) The objectives of SARB are to manage and/or reduce flight software complexity through better software architecture and help improve mission software reliability and save costs.
5.1 Tools
Tools to aid in compliance with this SWE, if any, may be found in the Tools Library in the NASA Engineering Network (NEN).
NASA users find this in the Tools Library in the Software Processes Across NASA (SPAN) site of the Software Engineering Community in NEN.
The list is informational only and does not represent an “approved tool list”, nor does it represent an endorsement of any particular tool. The purpose is to provide examples of tools being used across the Agency and to help projects and centers decide what tools to consider.
6. Lessons Learned
No Lessons Learned have currently been identified for this requirement. However, there are relevant lessons learned in the related requirements named in the guidance section. Lessons Learned related to software design may be found in the following related requirements in this handbook: