Principle statements are deliberately brief to avoid including the detail that might not be universally applicable. Each principle has a short rationale that expresses why it was considered important enough to include in the Agency-wide set of design principles. Following this is a section entitled “Examples and Discussion” that elaborates on the principle. Depending on the topic, this section may provide life cycle guidance, discussion of techniques commonly used to implement the principle, and implementation considerations. When applicable entries from the NASA Lessons Learned 439 database are available, links to these entries are also included in the Examples and Discussion section. Lessons Learned often highlight a subtle aspect of a design principle or identify an opportunity to consider how the application of a principle might have helped avoid an incident. In a handful of cases, there are positive lessons learned that support adoption of the related principle. Each principle was derived from one or more source materials. Where this material is not included in the Examples and Discussion section, it is included in a concluding section entitled “Inputs”. Inputs may be from works in progress furnished to the team, or from official standards. The Center responsible for the input material is identified by a subheading preceding that Center’s material. Each principle has the same basic structure: Implement a "secure" coding standard on all mission-critical software. Design software to send a positive acknowledgement of command receipt. Design software to verify the integrity of all inputs and outputs in the control system Establish a policy for eliminating unreachable code or mitigating the risk of any unreachable code. In the software design, provide mechanisms to detect credible system faults and to react to these faults according to a pre-described plan. Include in the software design the capability for commanding modification of the software, and for preventing unwanted modifications. Design software to protect against incorrect use of memory. Design flight software to initialize software and hardware to a known, safe, and deliberate state Design software to handle invalid data appropriately. Establish and maintain quantitative margins for all critical resources, allowing for maturation of usage estimates through the life cycle. Include a robust and well thought out response to resource oversubscription situations in the software design. Incorporate timely visibility into the use of computing resources into the software design. Assert required preconditions and post-conditions at software transitions. Design interaction between threads to prevent inappropriate interference. Design both internal and external commanding to place the system into an explicitly specified state. Caveat on using JPL rules: Additional guidance related to this requirement may be found in the following materials in this Handbook: SPAN - Software Processes Across NASA See the following link(s) in SPAN for process assets from contributing Centers (NASA Only).
See edit history of this section
Post feedback on this section
1. Software Principles at NASA
1.1 Structure of the Software Principle Topics
1.2 Support for NASA Software Safety Standard
2. Resources
2.1 References
Some of you may be interested in viewing standards recently made available to NASA civil servants. They are JPL Flight Project Practices; JPL Design, Verification/Validation & Ops Principles for Flight Systems (Design Principles); and JPL Systems Engineering Practices. Please keep in mind that these documents are labeled as confidential/proprietary and should be handled according to SBU procedures. JPL has lessons learned infusion process that cross-references lessons learned directly to JPL’s two mandatory core engineering standards – and you might be interested in reviewing the JPL process as guidance for your Centers lessons learned infusion.2.2 Additional Guidance
2.3 Center Process Asset Libraries
SPAN contains links to Center managed Process Asset Libraries. Consult these Process Asset Libraries (PALs) for Center-specific guidance including processes, forms, checklists, training, and templates related to Software Development. See SPAN in the Software Engineering Community of NEN. Available to NASA only. https://nen.nasa.gov/web/software/wiki 197SPAN Links
9.01 Software Design Principles
Web Resources
View this section on the websiteUnknown macro: {page-info}