7.16 - Appendix C. Requirements Mapping and Compliance Matrix

1. Requirements Mapping and Compliance Matrix

The following text is slightly modified from NPR 7150.2D, NASA Software Engineering Requirements, Appendix C.

1.1 The Software Classification Spreadsheet

To download the Software Classification Spreadsheet PAT-028, please click the image below. The spreadsheet contains the full matrix from NPR7150.2D as well as a customized matrix for each of the classes, A through F. 

Click on the image to preview the file. From the preview, click on Download to obtain a usable copy. 

PAT-028 - NPR 7150.2D Compliance Matrix

Tabs include Class A through Class F Matrixes

1.2 Rationale

The rationale for the requirements is contained in the NASA-HDBK-2203. Programs/Projects may substitute a matrix that documents their mapping with their particular Center's implementation of NPR 7150.2 083, if applicable. See NASA-HDBK-2203 for requirements mapping matrices organized by class, tailoring field for each requirement, tailoring rationale, and approval signature lines.

The Compliance Matrix documents the program/project's mappings or intent to comply with the requirements of this NPR or justification for tailoring. The matrix lists:

  1. The section reference.
  2. The unique requirement identifier.
  3. The NPR 7150.2 requirement statement.
  4. The Authority Level responsible for assessing a project’s requirements mapping matrices and any requested tailoring from requirements in this NPR. The CIO, or the designee, has institutional authority on all Class F software projects and has joint responsibility on the cybersecurity requirements in section 3.11.
  5. The applicability of the requirements in this NPR to specific systems and subsystems within the Agency’s investment areas, programs, and projects is determined through the use of the NASA-wide definition of software classes.

Requirements relating to completing a Compliance Matrix include: 

See also Topic 7.02 - Classification and Safety-Criticality, 7.13 - Transitioning to a Higher Class

1.3 Tailoring Guidance

Use the following guidance, also included in the matrix, to interpret the contents of the compliance matrix included in this topic:

X - Indicates an invoked requirement by this NPR consistent with Software Classification (See SWE-139 - Shall Statements).  May be tailored with Technical Authority approval (NPR 7150.2, Chapter 2.2).

Blank - Optional/Not invoked by NPR 7150.2.

Center - Center Director or the Center Director's designated Engineering Technical Authority or Center Director's designated Safety and Mission Assurance Technical Authority.

CIO - The OCIO, or the designee Center CIO, has institutional authority on all Class F software projects and has joint responsibility on the cybersecurity requirements in section 3.11 per the direction in the Requirements Mapping Matrix.

Each requirement marked 'X' for the project's software classification(s) should be addressed in the Requirements Mapping Matrix. All requirements can be tailored per the guidance in this directive. Requirements that are not applicable to a given project, such as the IV&V requirements, should be tailored out in the Requirements Mapping Matrix with justification.

1.4 Applicability Across Classes

Each requirement in this Handbook also includes a graphical representation of its compliance matrix data:















Key:    - Applicable | - Not Applicable

1.5 Additional Guidance

Links to Additional Guidance materials for this subject have been compiled in the Relevant Links table. Click here to see the Additional Guidance in the Resources tab.

2. Resources

2.1 References

2.2 Tools

Tools to aid in compliance with this SWE, if any, may be found in the Tools Library in the NASA Engineering Network (NEN). 

NASA users find this in the Tools Library in the Software Processes Across NASA (SPAN) site of the Software Engineering Community in NEN. 

The list is informational only and does not represent an “approved tool list”, nor does it represent an endorsement of any particular tool.  The purpose is to provide examples of tools being used across the Agency and to help projects and centers decide what tools to consider.

2.3 Additional Guidance

Additional guidance related to this requirement may be found in the following materials in this Handbook:

2.4 Center Process Asset Libraries

SPAN - Software Processes Across NASA
SPAN contains links to Center managed Process Asset Libraries. Consult these Process Asset Libraries (PALs) for Center-specific guidance including processes, forms, checklists, training, and templates related to Software Development. See SPAN in the Software Engineering Community of NEN. Available to NASA only.  197

See the following link(s) in SPAN for process assets from contributing Centers (NASA Only). 

SPAN Links

2.5 Related Activities

This Topic is related to the following Life Cycle Activities:

2.6 Process Asset Templates

Click on a link to download a usable copy of the template.