bannerc
SWE-057 - Software Architecture

1. Requirements

4.2.3 The project manager shall transform the requirements for the software into a recorded software architecture.

1.1 Notes

A documented software architecture that describes: the software’s structure; identifies the software qualities (i.e., performance, modifiability, and security); identifies the known interfaces between the software components and the components external to the software (both software and hardware); identifies the interfaces between the software components and identifies the software components. 

1.2 History

SWE-057 - Last used in rev NPR 7150.2D

RevSWE Statement
A

3.2.2 The project shall transform the allocated and derived requirements into a documented software architectural design.

Difference between A and B

Descoped the requirement to transform the allocated and derived requirements into an architectural design to just develop the SW architecture.


B

4.2.3 The project manager shall develop and record the software architecture.

Difference between B and C

Changed "develop" to "transform the requirements".

C

4.2.3 The project manager shall transform the requirements for the software into a recorded software architecture.

Difference between C and DNo change
D

4.2.3 The project manager shall transform the requirements for the software into a recorded software architecture.



1.3 Applicability Across Classes

Class

     A      

     B      

     C      

     D      

     E      

     F      

Applicable?

   

   

   

   

   

   

Key:    - Applicable | - Not Applicable

2. Rationale

Experience confirms that the quality and longevity of a software-reliant system is largely determined by its architecture. (See lessons learned NASA Study of Flight Software Complexity. 571) The software architecture underpins a system's software design and code; it represents the earliest design decisions, ones that are difficult and costly to change later. 131  The transformation of the derived and allocated requirements into the software architecture results in the basis for all software development work.

Software architecture:

  • Formalizes precise subsystem decompositions.
  • Defines and formalizes the dependencies among software work products within the integrated system.
  • Serves as the basis for evaluating the impacts of proposed changes.
  • Maintains rules for use by subsequent software engineers that assure a consistent software system as the work products evolve.
  • It provides a stable structure for use by future groups through the documenting of the architecture, its views and patterns, and its rules.

3. Guidance

Architectural design is defined as "the process of defining a collection of hardware and software components and their interfaces to establish the framework for the development of a computer system." 131 More specifically, architecture is defined as "the fundamental organization of a system, embodied in its components, their relationships to each other and the environment, and the principles governing its design and evolution." 210 The architecture process, after defining the structural elements, then defines the interactions between these structural elements. It is these interactions that provide the desired system behavior. Design rules are necessary for the enforcement of the architectural patterns for current and future software development (i.e., for open architecture systems).

The software architecture of a program or computing system is the structure or structures of the system, which comprise software components, the properties of those components, and the relationships between them. Documenting software architecture facilitates communication between stakeholders, documents early decisions about high-level design, and allows reuse of design components and patterns between projects.

The software architecture is drafted during the early life-cycle phases of a project and baselined during Preliminary Design Review (PDR) (see Topic 7.08 - Maturity of Life-Cycle Products at Milestone Reviews ). The drafting begins when the top-level (systems) requirements are collected and organized. The project's operational concepts document is prepared based on these top-level requirements. From this point, the project development team develops, decomposes, and sub-allocated these requirements to multiple and more narrowly focused activities. (Tarullo 345 describes a model for creating software architectures by using the de-facto standard software modeling tool, UML (v2.0) 139. His approach fosters decomposition, which is a major practice used to control complexity in large (and small) software systems.) The evaluation and sub-allocation of these requirements result in a hierarchical ordering of the complete set of requirements, which forms the basis and an initial structuring of the software architecture. Often this activity is accomplished by performing a functional or physical decomposition of the systems components and performance functions. As these allocated requirements are further matured and organized, a new set of statements evolves in the form of derived requirements. These derived requirements are nominally logical extensions of the originally specified requirements. See SWE-050 and SWE-051 for more discussion on derived requirements.

NASA/SP-2007-6105, NASA Systems Engineering Handbook, 273 and the Defense Acquisition University's Systems Engineering Fundamentals Guidebook 174  both provide more detailed discussions of requirements decomposition. The latter document includes several example templates for conducting decomposition activities. Some key concepts from these two references include: "Logical decomposition is the process for creating the detailed functional requirements that enable NASA programs and projects to meet stakeholders' needs." 273 "The allocation process is accomplished by "arranging functions in logical sequences, decomposing higher-level functions into lower-level functions, and allocating performance from higher to lower-level functions."  174 "The process is recursive (repeatedly applied to lower levels) and iterative (repeatedly applied to the same products after fixes are made) and continues until all desired levels of the system architecture have been analyzed, defined, and baselined. 273

As the software development team starts its effort, it organizes the activities based on these allocated and derived requirements. The key step is to transform these requirements into a logical and cohesive software architecture that supports the overall systems architecture for the NASA project. The team develops a software architecture to serve as guidance for the development of the components and systems-level software work products through a process known as architectural design.

Software architecture is commonly organized using the concepts of "views" and "patterns." A view is a representation of a set of system components and the relationships among them. Views are used to describe the system from the viewpoint of different stakeholders, such as end-users, developers, or project managers. 313  Views are analogous to the different types of blueprints that are produced to describe a commercial building's architecture. Patterns in architectural design refer to the use of common or standard designs. "A pattern system provides, on one level, a pool of proven solutions to many recurring design problems. On another (level)it shows how to combine individual patterns into heterogeneous structures and as such, it can be used to facilitate a constructive development of software systems." 191

The resulting software architecture also allows for the following: The verification of the software components, the integration of work products into systems, and the integration of the software systems into the rest of the project's systems. 224

SWE-057 calls for software architecture to be documented. The required content for the 5.13 - SwDD - Software Design Description document includes the CSCI architectural design. The actual format for recording and describing the architectural concept is left to the software project team (all projects are different!). As a minimum, include the following:

  • An assessment of architectural alternatives.
  • A description of the chosen architecture.
  • Adequate description of the subsystem decomposition.
  • Definition of the dependencies between the decomposed subsystems.
  • Methods to measure and verify architectural conformance.
  • Characterization of risks inherent to the chosen architecture.
  • The documented rationale for architectural changes (if made).
  • Evaluation and impact of proposed changes.

See topic 7.07 - Software Architecture Description for additional information on the recommended kinds of content that usually appear in software architecture descriptions and for examples from a number of sources of outlines for documenting software architecture descriptions.

In situations where the software architecture does need to be changed, dependency models now offer the potential for maintaining the architecture over successive revisions during the software life cycle by specifying rules explicitly that define the acceptable and unacceptable dependencies between subsystems. The dependency structure model is an example of a compact representation that lists all constituent subsystems/activities and the corresponding information exchange and dependency patterns. 295

The Software Architecture Review Board, a software engineering sub-community of practice available to NASA users via the NASA Engineering Network (NEN), is a good resource of software design information including sample documents, reference documents, and expert contacts.

NASA-specific software measurement usage information and resources are available in Software Processes Across NASA (SPAN), accessible to NASA users from the SPAN tab in this Handbook. 

Additional guidance related to the software architecture development and documentation may be found in the following related requirements in this handbook:

4. Small Projects

Software architecture is one of those non-coding activities that can improve the quality of the software. Small projects may want a less-formal, more-affordable method of development. In general, if software development involves a low-risk and highly precedented system, the project can skimp on architecture. If the development involves high-risk and novel systems, the project must pay more attention to it. 131 Smaller, less risky projects may do just enough architecture by identifying their project's most pressing risks and applying only architecture and design techniques that mitigate them. Regardless of size, the resulting software architecture still needs to be adequately documented.

5. Resources

5.1 References


5.2 Tools


Tools to aid in compliance with this SWE, if any, may be found in the Tools Library in the NASA Engineering Network (NEN). 

NASA users find this in the Tools Library in the Software Processes Across NASA (SPAN) site of the Software Engineering Community in NEN. 

The list is informational only and does not represent an “approved tool list”, nor does it represent an endorsement of any particular tool.  The purpose is to provide examples of tools being used across the Agency and to help projects and centers decide what tools to consider.

6. Lessons Learned

6.1 NASA Lessons Learned

A documented lesson from the NASA Lessons Learned database notes the following:

  • NASA Study of Flight Software Complexity. Lesson number: 2050 571: This March 2009 study identified numerous factors that led to the accelerating growth of flight software size and complexity that in turn lead to flight software development problems. In particular, the lesson learned states "Good software architecture is the most important defense against incidental complexity in software designs..."

6.2 Other Lessons Learned

No other Lessons Learned have currently been identified for this requirement.

7. Software Assurance

SWE-057 - Software Architecture
4.2.3 The project manager shall transform the requirements for the software into a recorded software architecture.

7.1 Tasking for Software Assurance

  1. Assess that the software architecture addresses or contains the software structure, qualities, interfaces, and external/internal components.

  2. Analyze the software architecture to assess whether software safety and mission assurance requirements are met.

7.2 Software Assurance Products

  • Software Design Analysis
  • Results of the software assurance architecture analysis confirming the necessary content, including any identified risks, issues with architecture.
  • List of the software architecture features that impact safety and mission assurance.


    Objective Evidence

    • Software design analysis results.
    • Software Architecture Review Board report and findings (if applicable).

    Objective evidence is an unbiased, documented fact showing that an activity was confirmed or performed by the software assurance/safety person(s). The evidence for confirmation of the activity can take any number of different forms, depending on the activity in the task. Examples are:

    • Observations, findings, issues, risks found by the SA/safety person and may be expressed in an audit or checklist record, email, memo or entry into a tracking system (e.g. Risk Log).
    • Meeting minutes with attendance lists or SA meeting notes or assessments of the activities and recorded in the project repository.
    • Status report, email or memo containing statements that confirmation has been performed with date (a checklist of confirmations could be used to record when each confirmation has been done!).
    • Signatures on SA reviewed or witnessed products or activities, or
    • Status report, email or memo containing a short summary of information gained by performing the activity. Some examples of using a “short summary” as objective evidence of a confirmation are:
      • To confirm that: “IV&V Program Execution exists”, the summary might be: IV&V Plan is in draft state. It is expected to be complete by (some date).
      • To confirm that: “Traceability between software requirements and hazards with SW contributions exists”, the summary might be x% of the hazards with software contributions are traced to the requirements.
    • The specific products listed in the Introduction of 8.16 are also objective evidence as well as the examples listed above.

7.3 Metrics

  • # of software work product Non-Conformances identified by life-cycle phase over time
  • # of architectural issues identified vs. number closed
  • # of safety-related non-conformances identified by life-cycle phase over time

7.4 Guidance

Confirm that the project documents the software architecture.

The software architecture is drafted during the early life-cycle phases of a project and baselined during Preliminary Design Review (PDR) (see Topic 7.08 - Maturity of Life-Cycle Products at Milestone Reviews ). The drafting begins when the top-level (systems) requirements are collected and organized. The project's operational concepts document is prepared based on these top-level requirements. From this point, the project development team develops, decomposes, and sub-allocated these requirements to multiple and more narrowly focused activities. (Tarullo 345 describes a model for creating software architectures by using the de-facto standard software modeling tool, UML (v2.0) 139. His approach fosters decomposition, which is a major practice used to control complexity in large (and small) software systems.) The evaluation and sub-allocation of these requirements result in a hierarchical ordering of the complete set of requirements, which forms the basis and an initial structuring of the software architecture. Often this activity is accomplished by performing a functional or physical decomposition of the systems components and performance functions. As these allocated requirements are further matured and organized, a new set of statements evolves in the form of derived requirements. These derived requirements are nominally logical extensions of the originally specified requirements. See SWE-050 and SWE-051 for more discussion on derived requirements.

Confirm that the software architecture addresses or contains the software structure, qualities, interfaces, and external/internal components.

  • An assessment of architectural alternatives.
  • A description of the chosen architecture.
  • Adequate description of the subsystem decomposition.
  • Data flow diagrams.
  • Definition of the dependencies between the decomposed subsystems.
  • Methods to measure and verify architectural conformance.
  • Characterization of risks inherent to the chosen architecture.
  • The documented rationale for architectural changes (if made).
  • Evaluation and impact of proposed changes.

Analyze the software architecture features to determine if any software architecture features impact safety and mission assurance.

  • Do any hazards trace to any software architecture components? 
  • Does any software architectural component(s) impact safety and mission assurance? For example, can a software partitioning approach impact safety and mission assurance?

  • No labels