05. Software Implementation Activity Overview

Software Implementation is the building of code modules driven by the software requirements. It is shaped by the architecture and design considerations, and by the planning parameters including cost and schedule constraints. Coding standards and the use of accredited software development tools help to ensure that the code is accurate and easy to maintain. Tools like static analysis analyze the code during the development and testing phases to, at a minimum, detect defects, software security, code coverage, and software complexity. Unit testing verifies that the code performs its intended functions and can be integrated into the larger code base. 

Some tools can even be used to auto generate code. This can save time but still needs to be rigorously tested to ensure proper performance. 

Frequency Of This Activity

Coding is a long activity which continues up to final testing and release of software. There are many opportunities to revisit and revise code: 

• Changes in requirements
• Changes in architecture or design, including advances in technology 
• Changes in coding, including advances in coding environments or tools
• Changes in testing, including advances in testing environments or tools
• Testing may find errors that need re-coding

05.1 Related SWEs

• SWE-060 - Coding Software - 4.4.2 The project manager shall implement the software design into software code.
• SWE-061 - Coding Standards - 4.4.3 The project manager shall select, define, and adhere to software coding methods, standards, and criteria.
• SWE-135 - Static Analysis - 4.4.4 The project manager shall use static analysis tools to analyze the code during the development and testing phases to, at a minimum, detect defects, software security, code coverage, and software complexity.
• SWE-062 - Unit Test - 4.4.5 The project manager shall unit test the software code.
• SWE-186 - Unit Test Repeatability - 4.4.6 The project manager shall assure that the unit test results are repeatable.
• SWE-063 - Release Version Description - 4.4.7 The project manager shall provide a software version description for each software release. 
• SWE-136 - Software Tool Accreditation - 4.4.8 The project manager shall validate and accredit the software tool(s) required to develop or maintain software.

Cybersecurity

• SWE-185 - Secure Coding Standards Verification - 3.11.7 The project manager shall verify that the software code meets the project’s secure coding standard by using the results from static analysis tool(s).
• SWE-207 - Secure Coding Practices - 3.11.6 The project manager shall identify, record, and implement secure coding practices.

Auto-generated Code

• SWE-146 - Auto-generated Source Code - 3.8.1 The project manager shall define the approach to the automatic generation of software source code including: 

  a. Validation and verification of auto-generation tools.
  b. Configuration management of the auto-generation tools and associated data.
  c. Description of the limits and the allowable scope for the use of the auto-generated software.
  d. Verification and validation of auto-generated source code using the same software standards and processes as hand-generated code.
  e. Monitoring the actual use of auto-generated source code compared to the planned use.
  f. Policies and procedures for making manual changes to auto-generated source code.
  g. Configuration management of the input to the auto-generation tool, the output of the auto-generation tool, and modifications made to the output of the auto-generation tools.

• SWE-206 - Auto-Generation Software Inputs - 3.8.2 The project manager shall require the software developers and custom software suppliers to provide NASA with electronic access to the models, simulations, and associated data used as inputs for auto-generation of software.

05.2 Related Work Products

• Modules of code
• Unit Test Procedures for the code
• Unit Test Results for the code
• 5.16 - VDD - Version Description Document - Minimum recommended content for the Version Description Document. 
• A.10 Software Peer Reviews and Inspections - Code modules are good candidates for a Peer Review
• 7.19 - Risk Management Checklists - tab 5 Software Implementation Phase checklist

05.2.1 Related Process Asset Templates

• PAT-017 - C Code Inspection Checklist
• PAT-022 - Programming Practices Checklist
• PAT-032 - Considerations When Using Interrupts
• PAT-033 - TASKS NEEDING OBJECTIVE EVIDENCE

05.3 Related Topics

• 6.5 - Checklist for C Programming Practices -  Good practices to follow when coding in C for safety-critical software.
• 6.6 - Checklist for C++ Programming Practices - Good practices to follow when coding in C++ for safety-critical software.
• 6.7 - Checklist for Ada Programming Practices - Common errors to look for when coding in Ada.
• 6.8 - Checklist for Fortran Programming Practices - Points out a number of common problems to avoid when coding in Fortran.
• 6.9 - Checklist for Generic (Non-Language-Specific) Programming Practices - Practices that should be considered when coding safety-critical software in any language.
• 6.10 - Checklist for General Good Programming Practices - Contains a number of practices and activities that can improve the quality of the software.
• 6.11 - Examples of Programming Practices for Exception Handling - Shows some good and bad examples of exception handling when coding safety-critical software. 
• 7.08 - Maturity of Life Cycle Products at Milestone Reviews - This chart summarizes current guidance approved by the NASA Office of the Chief Engineer (OCE) for software engineering life cycle products and their maturity level at the various software project life cycle reviews.
• 8.01 - Off Nominal Testing - Guidance focusing on out of bounds parameters, failure scenarios, unexpected conditions, and capabilities that are typically considered as "must not work" functions.
• 8.02 - Software Reliability - The goal of SW reliability and maintainability is to assure that SW performs consistently as desired, when operating within specified conditions. This topic covers additional basic information on software reliability.
• 8.04 - Additional Requirements Considerations for Use with Safety-Critical Software - Requirements to be considered when you have safety-critical software on a program/project/facility.
• 8.11 - Auto-Generated Code - Model based coding techniques used with code generating tools.
• 8.26 - Static Analysis - This topic is designed to provide a basic knowledge of the implementation and importance of good software assurance and software safety through the use of static code analysis in support of projects and missions.
• 8.56 - Source Code Quality Analysis - Source Code Analysis methods and techniques.

05.4 Related SPAN Links