- 1. Welcome
- 2. SWEHB Introduction
- 3. Title Material
- 4. Resources
- 5. Accessing Other Versions of SWEHB
- 6. NASA-STD-8739.8B Title Material
Welcome to the NASA Software Engineering
and Assurance Handbook, NASA-HDBK-2203.
Software is a core capability and key enabling technology for NASA's missions and supporting infrastructure.
This wiki-based NASA Software Engineering and Assurance Handbook, NASA-HDBK-2203 provides users and practitioners with guidance material for implementing the requirements of NPR 7150.2, NASA Software Engineering Requirements, and the implementation of the NASA Software Assurance and Software Safety requirements in NASA-STD-8739.8 278. The requirements in this directive and standard have been extracted from industry standards and proven NASA experience in software engineering.
The NASA Software Engineering and Assurance Handbook, NASA-HDBK-2203 is for the community that is involved in the acquisition, management, development, assurance, maintenance, and operations of NASA software. The use of this handbook is intended to provide "best-in-class" guidance for the implementation of safe and reliable software in support of NASA projects.
The NASA Software Engineering and Assurance Handbook, NASA-HDBK-2203 is an easily accessible reference or manual that captures the broad knowledge base of numerous experts who have extensive experience in all aspects of NASA's software systems. The handbook is a key component of an Agency-wide plan to work toward a continuous and sustained software engineering and software assurance process and product improvement.
You can submit any inputs and suggestions regarding SWEHB via "Feedback" in the NASA Technical Standards System (NTSS).
The NASA Software Engineering and Assurance Handbook, NASA-HDBK-2203, originated from multiple requests for additional guidance, rationale, resources, references, and lessons learned for acquiring, managing, developing, assuring, and maintaining NASA software systems. The design of the electronic (wiki-based) format was selected to accommodate the following evolving needs:
- To publish material in a timely fashion.
- To provide needed information in concise screen-friendly parts.
- To simplify updates to the Handbook.
- To make it easily searchable.
- To engage the NASA software community by providing an easy-to-use vehicle for
- sharing examples of best practices, and
- contributing lessons learned developed on their projects.
The NASA Software Engineering and Assurance Handbook, NASA-HDBK-2203 is accessible via https://swehb.nasa.gov, the NASA Technical Standard site https://standards.nasa.gov, or on the NASA Engineering Network (NEN). Links are available for relevant processes, templates, and tools in the Software Processes Across NASA (SPAN) repository, accessible only to NASA users from the SPAN tab in this Handbook.
The NASA Software Engineering and Assurance Handbook, NASA-HDBK-2203 wiki can be used similarly to the use of any hard copy guidebooks, but it offers significant advantages for the reader. Once familiar with the resource, a user will be able to directly access concise information relevant to their interest or need. (Typically, a quick scan and flip through the Handbook structure, including the chapter organization and the reference/appendix material, is enough to gain familiarity.)
The NASA Software Engineering and Assurance Handbook, NASA-HDBK-2203 provides guidance associated with each SWE (Software Requirement) in NPR 7150.2, guidance in the form of features and topics, and software assurance and software safety requirements and guidance information. Users are expected to consult NASA Center resources for local procedures and guidance, when available.
Here's an overview of each major section within the NASA Software Engineering and Assurance Handbook, NASA-HDBK-2203:
- A contains the Introduction.
- B contains the developed guidance for each institutional requirement in NPR 7150.2. These SWE descriptions are from Chapter 2 of NPR 7150.2. Each SWE guidance section provides stand-alone explanations and interpretive information about the implementation of the requirement. The guidance material includes hyperlinks for easy reference to related SWEs and Topics.
- C contains the developed guidance for each software project requirement in NPR 7150.2. Each SWE guidance section provides a stand-alone explanation and interpretive information about the implementation of the requirement. The guidance includes hyperlinks for easy reference to related SWEs and Topics. Each requirement in C also includes the software assurance steps and software safety requirements and guidelines.
- D contains special Topics, most in the form of essays, that are broader than any single SWE. Many of the special Topics take the form of "how-to" and instructional material for users seeking to improve their knowledge and practices in software engineering, software assurance, and software safety. The special topics help the user go beyond the minimum descriptions presented in each SWE. Topics are more expansive on particular ideas and contain additional instructions for developing and acquiring software.
- E contains a list of terms including acronyms used in the Handbook, listings of and references to software development and assurance tools used by the Centers, and a complete listing of Handbook references in a numerated References Table.
- F is a link to the Software Processes Across NASA (SPAN) repository accessible to NASA users only. This repository contains processes and process assets approved for use across the Agency.
Explanation of the SEARCH Box in the splash banner above: This utility allows the NASA Software Engineering and Assurance Handbook, NASA-HDBK-2203 user to interrogate the Handbook contents for particular items of interest.
In the handbook, each typical requirement, SWE, has seven sections:
- THE REQUIREMENT: This section is a restatement of the NPR 7150.2 requirement wording, including any Notes from either the requirement paragraph itself or any applicable note from Appendix C. This section also gives a tabular representation of the applicability to each software class 438.
- RATIONALE: This section provides useful information regarding the purpose of the requirement. Occasionally, historical information and references are included to support the rationale statement.
- GUIDANCE: This section provides information helpful for interpreting the requirement, its scope, its relationship to other SWE, associated best practices, and references to supporting materials (standards, guides, published technical papers, the NEN, and SPAN materials).
- SMALL PROJECTS: This section suggests implementation aids to small projects to help satisfy the SWE while accommodating the typically limited resources of time, funds, and personnel. The definition of a "small project" needs to be determined by the user.
This determination does not relieve a project from satisfying the requirements of the NPR. When small projects need to reduce the set of applicable software requirements due to constraints, consult the designated Center Software Technical Authority. NPR 7120.5 and the NASA Chief Engineer’s specific direction provide direction on tailoring the NPR 7120.5 requirements.
- RESOURCES: This section provides a listing of referenced and footnoted texts, documents found within publicly accessible NASA repositories and out on the web, and other useful documents (e.g., checklists and templates). The Handbook includes in the Resources sections listings of additional readings, i.e., useful items not specifically cited or linked to in the GUIDANCE section, but thought by the authors to contain educational or expanded discussions of the ideas covered in the SWE write-up. Also, this section usually includes a separate table listing of tools and items that will help the user satisfy the requirement (e.g., developer tools). The Handbook wiki links SWEs and tools through the use of a master Tools table. The Tools table provides websites for accessing the tool. It also lists the Center(s) that currently use the tool in case the reader wants to seek out the "experiences" of a current user of the tool. Readers are invited to submit their tools for candidate inclusion in the Tools table for the benefit of others around the Agency.
- LESSONS LEARNED (LL): This section contains references to the experiences of others involved in NASA software development activities as well as other industry and government development efforts. The majority are in the Public Lessons Learned library 439 at the Office of the Chief Engineer (OCE). Some are derived from specialized projects or Center collections as well as from reputable industry and government groups. Occasionally a lesson has only indirect applicability to the requirement.
- SOFTWARE ASSURANCE: This section contains the software assurance and software safety steps and requirements needed to assure each engineering requirement, the software assurance and software safety products required for each requirement, the software assurance, and software safety metrics required for each requirement, and the software assurance and software safety guidance associated with each software assurance and software safety step and requirement.
Remember that the NPR 7150.2 is a requirements document. It uses "shall" exclusively to indicate requirements. Applicability of an NPR 7150.2 requirement applies per the NASA Software Classification, and the matrix in Appendix C (of the NPR). The handbook is not a requirements document, only an informational document.
Earlier versions of NPR 7150.2 made extensive use of the NPR's Notes sections to help with the interpretation of the SWE. This Handbook is intended to collaborate with and augment the current NPR Notes, and to include valuable guidance from previous versions of NPR 7150.2.
The Requirements Mapping Matrix (RMM) in NPR 7150.2 provides a list of the applicability of each software project requirement by the class of software. Associated with many of the entries in the RMM are one or more notes that modify the applicability of the requirement for a particular class. Since the handbook makes explicit mention of these modifiers in section 1 of the guidance for each requirement, SWE, an additional explanation for the modifiers is:
- X - Indicates an invoked requirement by this NPR consistent with Software Classification (ref. SWE-139). May be tailored with Technical Authority approval (ref. Chapter 2.2).
Blank - Optional/Not invoked by this NPR.
Center - Center Director or the Center Director’s designated Engineering Technical Authority, the Center Director's designated SMA Technical Authority, and the CHMO designated for Health and Medical Technical Authority. The CIO, or the designee, has institutional authority on all Class F software projects and has joint responsibility for the cybersecurity requirements in section 3.11 per the direction in the Requirements Mapping Matrix.
CIO - The OCIO, or the designee Center CIO, has institutional authority on all Class F software projects and has joint responsibility for the cybersecurity requirements in section 3.11 per the direction in the Requirements Mapping Matrix.
Each requirement marked 'X' for the project's software classification(s) should be addressed in the Requirements Mapping Matrix. All requirements can be tailored per the guidance in this directive. Requirements that do not apply to a given project, such as the IV&V requirements, should be tailored out in the Requirements Mapping Matrix with justification.
Some general comments:
- Note that the SWE titles in the SWEHB may not always agree with those in the NPR. The SWEHB Development Team expanded the titles for some of the SWE to help distinguish between other similarly sounding SWE names (e.g., "bidirectional traceability").
- See the Terms Table for a complete list of definitions of unique terms used in the SWEHB.
- The referenced material listed in the Resources section is located on the NASA Headquarters NODIS site, e.g., NPRs, NPDs, in NTSS 442, e.g., NASA standards, IEEE standards, or in other NASA sites, e.g., materials from the OCE, Public lesson learned sources; etc. Please note that many of the Agency or Center assets are subject to scheduled updates. While we will make every effort to link to the latest versions, editions, or documents, you may discover references that have broken links or require updating. We invite the community to submit requests for information via "Feedback" at http://standards.nasa.gov/ and requests for changes to the Handbook via MSFC Form 4657, Change Request for a NASA Engineering Standard.
- The handbook uses citations to external sites and general web-hosted sites. While attempts were made to cite publicly available (i.e., "free") references, there may be an occasional reference that suggests the reader "buy" a copy. If you come across one of these, and you are a NASA user, try to access it through the NASA Technical Standards 442 site. This NASA site provides prepaid access to many external repositories through an Agency-wide agreement with the site.
- (Caveat: Since the web is a dynamic place, some references in the Resources section of the SWE may have been discontinued online or moved to another host by their owners. While all references have been verified on internal Agency networks as well as external Virtual Private Network (VPN) access, the variances in firewall and VPN settings, permissions, and configurations may affect access to these references.)
NASA TECHNICAL HANDBOOK
National Aeronautics and Space Administration
Washington, DC 20546-0001
NASA Software Engineering and Software Assurance Handbook
Approved: April 20, 2020
DOCUMENT HISTORY LOG
Handbook updated to address the NASA Software Engineering Requirements, NPR 7150.2B, changes. Update the guidance topics.
|Revision||B||04-20-2020||Handbook updated to address the NASA Software Engineering and Software Assurance Requirements, NPR 7150.2C, changes, and NASA-STD-8739.8 changes. Update the guidance topics.|
|Revision||C||Handbook updated to address the NASA Software Engineering and Software Assurance Requirements, NPR 7150.2D, changes, and NASA-STD-8739.8 changes. Update the guidance topics.|
This NASA Technical Handbook is published by the National Aeronautics and Space Administration (NASA) as a guidance document to provide engineering information; lessons learned; possible options to address technical issues; classification of similar items, materials, or processes; interpretative direction and techniques; and any other type of guidance information that may help the Government or its contractors in the design, construction, selection, management, support, or operation of systems, products, processes, or services.
This NASA Technical Handbook is approved for use by NASA Headquarters and NASA Centers and Facilities. It may also apply to the Jet Propulsion Laboratory and other contractors only to the extent specified or referenced in applicable contracts.
This wiki-based NASA Technical Handbook provides users and practitioners with guidance material for implementing the requirements of NPR 7150.2, NASA Software Engineering Requirements 083 and the NASA Software Assurance and Software Safety Standard, NASA-STD-8739.8. The use of this Software Engineering and Software Assurance Handbook is intended to provide "best-in-class" guidance for the implementation of safe and reliable software in support of NASA projects. The NASA Software Engineering and Assurance Handbook, NASA-HDBK-2203 is a key component of the NASA Software community implementation of an Agency-wide plan to work toward a continuous and sustained software engineering and software assurance process and product improvement.
Requests for information should be submitted via "Feedback" at http://standards.nasa.gov/. Requests for changes to this NASA Technical Handbook should be submitted via MSFC Form 4657, Change Request for a NASA Engineering Standard.
Ralph R. Roe, Jr
5. Accessing Handbook Versions
The version of the handbook that you are viewing is noted in the header image. Clicking on this image, while on any page of the SWEHBVD, will take you back to the Introduction page for this version.
To access other versions of the Software Engineering Handbook use the links below:
- Click here to go back to the Software Engineering Handbook from NPR 7150.2A
- Click here to go back to the Software Engineering Handbook from NPR 7150.2B
- Click here to go back to the Software Engineering Handbook from NPR 7150.2C
- You are already in the Software Engineering and Software Assurance Handbook from NPR 7150.2D
Four versions of the NASA Software Engineering and Assurance Handbook, NASA-HDBK-2203 are available for use (see Tab 5 to access the versions of the handbook)
- The original version of the handbook - addresses the NASA Software Engineering Requirements in NPR 7150.2A. NPR 7150.2A had an effective date of November 19, 2009, to the expiration date of November 19, 2014.
- Revision A - addresses the NASA Software Engineering Requirements in NPR 7150.2B. NPR 7150.2B had an effective date of November 19, 2014, to the expiration date of August 2, 2019.
- Revision B - addresses the NASA Software Engineering Requirements in NPR 7150.2C and the requirements in the NASA Software Assurance and Software Safety standard, NASA-STD-8739.8A. NPR 7150.2C had an effective date of August 2, 2019, to the expiration date of August 2, 2024. NASA-STD-8739.8A 278 has an effective date of June 10, 2020.
- Revision C - Addresses the NASA Software Engineering Requirements in NPR 7150.2D, and the requirements in the NASA Software Assurance and Software Safety standard, NASA-STD-8739.8A. NPR 7150.2D had an effective date of 03/08/2022, to the expiration date of 03/08/2027. NASA-STD-8739.8B 278 has an effective date of June 10, 2020.
NPR 7150.2D is the latest version of the NASA Software Engineering Requirements.278 has an effective date of September 8, 2022.
NASA-STD-8739.8B is the latest version of the NASA Software Assurance and Software Safety Standard
5.1 SWE History
The SWE History Summary includes all SWE numbers and their history of use in all versions of the Software Engineering Handbook.
Click SWE History to view.
NASA-STD-8739.8B Title Material
|Status||Document Revision||Approval Date||Description|
|1||2005-05-05||Administrative changes to the Preface; Paragraphs 1.1, 1.4, 1.5, 2.1.1, 2.2.2, 3, 126.96.36.199, 188.8.131.52; 5.6.2, 184.108.40.206, 6.7.1.a, 7.3.2, 7.3.3, 7.5, 7.5.1; Table 1; Appendix A; Appendix C to reflect NASA Transformation changes, reflect the release of NASA Procedural Requirements (NPR) 7150.2, NASA Software Engineering Requirements and to make minor editorial changes. Note: Some paragraphs have changed pages as a result of these changes. Only pages where content has changed are identified by change indications.|
|A||2020-06-10||The revised document addresses the following significant issues: combined the NASA Software Assurance Standard (NASA-STD-8739.8) with the NASA Software Safety Standard (NASA-STD-8719.13), reduction of requirements, bring into alignment with updates to NPR 7150.2, added a section on IV&V requirements to perform IV&V, and moved guidance text to an Electronic Handbook. This change combines the updates to NASA-STD-8739.8 and the content of NASA-STD-8719.13. The update includes the NASA software safety requirements and cancels NASA-STD-8719.13 standard.|
|B||2022-09-08||Brings into alignment with the update to NPR 7150.2D. Update the Appendix A table containing the additional areas to consider when identifying software causes in Hazard Analysis.|
DOCUMENT HISTORY LOG
|Approved: TBD||Measurement System Identification: Not Measurement Sensitive|
NASA TECHNICAL STANDARD
National Aeronautics and Space Administration
|SOFTWARE ASSURANCE AND SOFTWARE SAFETY STANDARD|
APPROVED FOR PUBLIC RELEASE – DISTRIBUTION IS UNLIMITED
This NASA Technical Standard is published by the National Aeronautics and Space Administration (NASA) to provide uniform engineering and technical requirements for processes, procedures, practices, and methods that have been endorsed as standard for NASA facilities, programs, and projects, including requirements for selection, application, and design criteria of an item.
This standard was developed by the NASA Office of Safety and Mission Assurance (OSMA). Requests for information, corrections, or additions to this standard should be submitted to the OSMA by email to Agency-SMA-Policy-Feedback@mail.nasa.gov or via the “Email Feedback” link at https://standards.nasa.gov.
NASA Chief, Safety and Mission Assurance