bannerd


UNDER CONSTRUCTION

A.13 NASA Institutional Requirements

13.00 NASA Institutional Requirements

This activity describes the institutional responsibilities for maintaining and advancing organizational capability in software engineering practices to effectively meet the scientific and technological objectives of the Agency. Chapter 2 of NPR7150.2 defines the roles and responsibilities of key officials in software engineering management, the software development and management processes, and the software life cycle management processes. Specific software classification applicability, if any, for the requirements in Chapter 2 are contained in the requirement wording. The requirements in Chapter 2 are not part of the Requirements Mapping Matrix in Appendix C. Approval of any tailoring of requirements designated in Chapter 2 can be done by the appropriate organization per the defined roles and responsibilities.

Some of these SWEs have applicability in other activities for projects and are noted in those activities as relevant. 



13.01. Activity Overview and History

Institutional Requirements are grouped into several sub-activities. 

Each of the sub-activities are performed by the Agency or Centers, not by the projects.

Projects benefit from the outputs from these sub-activities. 

History of Improvement Efforts

13.01.1 Related SWEs

  • SWE-002 - Software Engineering Initiative2.1.1.1 The NASA OCE shall lead and maintain a NASA Software Engineering Initiative to advance software engineering practices. 
  • SWE-003 - Center Improvement Plans2.1.5.2 Center Director, or designee, shall maintain, staff, and implement a plan to continually advance the Center’s in-house software engineering capability and monitor the software engineering capability of NASA's contractors.
  • SWE-005 - Software Processes - 2.1.5.3 Center Director, or designee, shall establish, document, execute, and maintain software processes per the requirements in this directive.
  • SWE-095 - Report Engineering Discipline Status2.1.5.5 The Center Director, or designee, shall report on the status of the Center’s software engineering discipline, as applied to its projects, upon request by the OCE, OSMA, or OCHMO.  
  • SWE-208 - Advancing Software Assurance and Software Safety Practices - 2.1.2.2 The NASA Chief, SMA shall lead and maintain a NASA Software Assurance and Software Safety Initiative to advance software assurance and software safety practices.

13.01.2 Related Work Products

  • Software Engineering Handbook - SWEHB

13.01.3 Related Topics


13.02. Appraisals, Assessments, and Benchmarking

NPR 71150.2 is largely based on the industry-wide best practices documented in the CMMI. The CMMI Appraisal is a tool for assessing how closely is following the best practices of the CMMI. 

Some projects are required to use the CMMI Appraisal process administered by an independent CMMI Lead Appraiser to show how closely they follow the CMMI. Other projects are appraised by OCE or OSMA to check on how closely they are following NPR 7150.2. The SWEs listed here describe the benchmarking, appraisal, QAAR audits, and other assessments tools.  

Frequency Of This Activity

13.02.1 Related SWEs

  • SWE-004 - OCE Benchmarking2.1.1.2 The NASA OCE shall periodically benchmark each Center's software engineering capability against requirements in this directive. 
  • SWE-032 - CMMI Levels for Class A and B Software - 3.9.2 The project manager shall acquire, develop, and maintain software from an organization with a non-expired CMMI-DEV rating as measured by a CMMI Institute Certified Lead Appraiser as follows:
      1. For Class A software: CMMI-DEV Maturity Level 3 Rating or higher for software.
      2. For Class B software (except Class B software on NASA Class D payloads, as defined in NPR 8705.4): CMMI-DEV Maturity Level 2 Rating or higher for software.
  • SWE-129 - OCE NPR Appraisals2.1.1.4 The NASA OCE shall authorize appraisals against selected requirements in this NPR to check compliance. 
  • SWE-140 - Comply with Requirements - 2.1.5.4 Center Director, or designee, shall comply with the requirements in this directive that are marked with an “X” in Appendix C.
  • SWE-152 - Review Requirements Mapping Matrices - 2.1.1.3 The NASA OCE shall periodically review the project requirements mapping matrices.
  • SWE-221 - OSMA NPR Appraisals - 2.1.2.5 The NASA Chief, SMA shall authorize appraisals against selected requirements in this NPR to check compliance.
  • SWE-209 - Benchmarking Software Assurance and Software Safety Capabilities - 2.1.2.3 The NASA Chief, SMA shall periodically benchmark each Center’s software assurance and software safety capabilities against the NASA-STD-8739.8, NASA Software Assurance and Software Safety Standard.

13.02.2 Related Work Products

13.02.2.1 Related Process Asset Templates

13.02.3 Related Topics


13.03. Processes

All NASA software development needs to follow some level of defined software processes. Project Managers determines:

  • what processes they are going to use in carrying out the work of the project,
  • customer needs,
  • system-level requirements,
  • make-versus-buy strategies,
  • overall project and software management plans,
  • a work breakdown structure (WBS),
  • software safety assessments, and
  • primary project deliverables and work products, including, but not limited to, software documents and electronic products.

Software Assurance monitors and tracks processes.  

Resources available to the Project Manager include the Process Asset Libraries from the Centers where the Center level processes are recorded for reuse. 

Frequency Of This Activity

13.03.1 Related SWEs

  • SWE-005 - Software Processes - 2.1.5.3 Center Director, or designee, shall establish, document, execute, and maintain software processes per the requirements in this directive.
  • SWE-021 - Transition to a Higher Class - 2.2.8 If a system or subsystem development evolves to meet a higher or lower software classification as defined in Appendix D, then the project manager shall update their plan(s) and initiate modifications to any supplier contracts to fulfill the applicable requirements per the Requirements Mapping Matrix in Appendix C with approved tailoring.
  • SWE-036 - Software Process Determination - 3.1.6 The project manager shall establish and maintain the software processes, software documentation plans, list of developed electronic products, deliverables, and list of tasks for the software development that are required for the project’s software developers, as well as the action required (e.g., approval, review) of the Government upon receipt of each of the deliverables.
  • SWE-098 - Agency Process Asset Library2.1.1.6 The NASA OCE shall maintain an Agency-wide process asset library of applicable best practices and process templates for all size projects.  
  • SWE-126 - Tailoring Considerations2.1.8.2 The technical and institutional authorities for requirements in this directive shall: 

    a. Assess projects’ requirements mapping matrices and tailoring from requirements in this directive by:

    (1) Checking the accuracy of the project’s classification of software components against the definitions in Appendix D.
    (2) Evaluating the project’s Requirements Mapping Matrix for commitments to meet applicable requirements in this directive, consistent with software classification.
    (3) Confirming that requirements marked “Not-Applicable” in the project’s Requirements Mapping Matrix are not relevant or not capable of being applied.
    (4) Determining whether the project’s risks, mitigations, and related requests for relief from requirements designated with “X” in Appendix C are reasonable and acceptable.
    (5) Approving/disapproving requests for relief from requirements designated with “X” in Appendix C, which falls under this Authority’s scope of responsibility.
    (6) Facilitating the processing of projects’ requirements mapping matrices and tailoring decisions from requirements in this directive, which falls under the responsibilities of a different Authority (see column titled “Authority” in Appendix C).
    (7) Include the SAISO (or delegate) in all software reviews to ensure software cybersecurity is included throughout software development, testing, maintenance, retirement, operations, management, acquisition, and assurance activities.
    (8) Ensuring that approved requirements mapping matrices, including any tailoring rationale against this directive, are archived as part of retrievable project records.

    b. Indicate the Technical Authority or Technical Authorities approval by signature(s) in the Requirements Mapping Matrix itself, when the Requirements Mapping Matrix is used to tailor from the applicable “X” requirement(s).

  • SWE-144 - Software Engineering Process Assets2.1.5.11 Each Center Director, or designee, shall contribute applicable software engineering process assets in use at his/her Centers to the Agency-wide process asset library. 
  • SWE-150 - Review Changes To Tailored Requirements2.2.7 The engineering, CIO, and SMA authorities shall review and agree with any tailored NPR 7150.2 requirements per the requirements mapping matrix authority column. 
  • SWE-153 - ETA Define Document Content - 2.1.5.12 The designated ETA(s) shall define the content requirements for software documents or records.
  • SWE-212 - NASA-STD-8739 Mapping Matrices - 2.1.2.4 The NASA Chief, SMA shall periodically review the project’s requirements mapping matrices.
  • SWE-223 - Tailoring IV&V project selections - 2.1.2.7 The NASA Chief, SMA shall make the final decision on all proposed tailoring of SWE-141, the Independent Verification and Validation (IV&V) requirement. 

13.03.2 Related Work Products

  • D. Topics - See section "5.xx Document Contents"

13.03.2.1 Related Process Asset Templates

13.03.3 Related Topics

  • 7.08 - Maturity of Life Cycle Products at Milestone ReviewsThis chart summarizes current guidance approved by the NASA Office of the Chief Engineer (OCE) for software engineering life cycle products and their maturity level at the various software project life cycle reviews.
  • 7.09 - Entrance and Exit CriteriaThis guidance provides the recommended life cycle review entrance and exit criteria for software projects and should be tailored for the project class.


13.04. Measurement and Metrics

Software measurement programs are established to meet measurement objectives and goals at multiple levels. The data gained from these measurement programs are used in the management of projects, to assuring safety and quality, and in improving overall software engineering practices. Software measurement repositories help manage this data and provide the insight needed on projects.  Measurement repositories should be established for collecting, storing, analyzing, and reporting measurement data based on the requirements of the projects and Center. The repository enables the Center to assess its current software status and the engineering capabilities of providers for future work. Once these software measurement systems are established, the software measures and analysis results that emanate from them enable Center-wide assessments of the abilities and skills in the workforce, and opportunities for improving software development.

What gets measured, gets managed. Software measurement programs are established to meet objectives at multiple levels and structured to satisfy particular organization, project, program, and Mission Directorate needs. The data gained from these measurement programs assist in managing projects, assuring quality, and improving overall software engineering practices.  

 Establishing, maintaining, and using a cost repository enables projects and programs to develop credible software cost estimates. 

NASA software measurement programs are designed to provide specific information necessary to manage software products, projects, and services.  For these programs to be current and accurate, certain center measurements (such as size and effort estimates, milestones, and characteristics) are provided to the Center repository at the end of the major project milestones. Defined software measurements are used to make effective management decisions by Center Management. Historical measurement data can also be used to improve aspects of future projects such as cost estimation.

Frequency Of This Activity

13.04.1 Related SWEs

  • SWE-006 - Center Software Inventory2.1.5.6 Center Director, or designee, shall maintain a reliable list of their Center’s programs and projects containing Class A, B, C, and D software. The list should include: 

    a. Project/program name and Work Breakdown Structure (WBS) number.
    b. Software name(s) and WBS number(s).
    c. Software size estimate (report in Kilo/Thousand Source Lines of Code (KSLOCs)).
    d. The phase of development or operations.
    e. Software Class or list of the software classes being used on the project.
    f. Software safety-critical status.
    g. For each Computer Software Configuration Item (CSCI)/Major System containing Class A, B, or C software, provide:

    (1) The name of the software development organization.
    (2) Title or brief description of the CSCI/Major System.
    (3) The estimated total KSLOCs, the CSCI/Major System, represents.
    (4) The primary programming languages used.
    (5) The life cycle methodology on the software project.
    (6) Name of responsible software assurance organization(s).

  • SWE-091 - Establish and Maintain Measurement Repository - 2.1.5.7 For Class A, B, and C software projects, the Center Director, or designee, shall establish and maintain a software measurement repository for software project measurements containing at a minimum: 

    a. Software development tracking data.
    b. Software functionality achieved data.
    c. Software quality data.
    d. Software development effort and cost data.

  • SWE-092 - Using Measurement Data2.1.5.8 For Class A, B, and C software projects, the Center Director, or designee, shall utilize software measurement data for monitoring software engineering capability, improving software quality, and to track the status of software engineering improvement activities. 
  • SWE-142 - Software Cost Repositories2.1.5.10 For Class A, B, and C software projects, each Center Director, or designee, shall establish and maintain software cost repository(ies) that contains at least the following measures: 

    a. Planned and actual effort and cost.
    b. Planned and actual schedule dates for major milestones.
    c. Both planned and actual values for key cost parameters that typically include software size, requirements count, defects counts for maintenance or sustaining engineering projects, and cost model inputs.
    d. Project descriptors or metadata that typically includes software class, software domain/type, and requirements volatility.

  • SWE-174 - Software Planning Parameters - 3.2.3 The project manager shall submit software planning parameters, including size and effort estimates, milestones, and characteristics, to the Center measurement repository at the conclusion of major milestones.
  • SWE-095 - Report Engineering Discipline Status2.1.5.5 The Center Director, or designee, shall report on the status of the Center’s software engineering discipline, as applied to its projects, upon request by the OCE, OSMA, or OCHMO.  

13.04.2 Related Work Products

13.04.2.1 Related Process Asset Templates

13.04.3 Related Topics

  • 7.08 - Maturity of Life Cycle Products at Milestone ReviewsThis chart summarizes current guidance approved by the NASA Office of the Chief Engineer (OCE) for software engineering life cycle products and their maturity level at the various software project life cycle reviews.
  • 8.18 - SA Suggested Metrics - This topic contains the complete list of software assurance/safety metrics that are suggested for use with the SA tasks in NASA-STD-8739.8.


13.05. Software Sharing and Reuse

Sharing and reuse of software can reduce the overall cost of software. It is critical that software that is shared or reused be properly licensed and attributed to the originators of the software. 

13.05.1 Related SWEs

  • SWE-214 - Internal Software Sharing and Reuse2.1.5.16 The Center Director or designee (e.g., the Civil Servant Technical POC for the software product) shall perform the following actions for each type of internal NASA software transfer or reuse:

    a. A NASA civil servant to a NASA civil servant:

    (1) Verify the requesting NASA civil servant has requested and completed an Acknowledgment (as set forth in the note following paragraph 3.10.2e).
    (2) Provide the software to the requesting NASA civil servant.

    b. A NASA civil servant to a NASA contractor:

    (1) Verify a NASA civil servant (e.g., a Contracting Officer (CO) or Contracting Officer Representative (COR)) has confirmed the NASA contractor requires such software for the performance of Government work under their NASA contract and that such performance of work will be a Government purpose. Center Intellectual Property Counsel should be consulted for any questions regarding what is or is not a Government purpose.
    (2) Verify a NASA civil servant (e.g., a CO or COR) has confirmed an appropriate Government Furnished Software clause (e.g., 1852.227-88, “Government-furnished computer software and related technical data”) is in the subject contract (or, if not, that such clause is first added); or the contractor may also obtain access to the software in accordance with the external release requirements of NPR 2210.1, Release of NASA Software.
    (3) Verify NASA contractor is not a foreign person (as defined by 22 CFR §120.16).
    (4) Verify there is a requesting NASA Civil servant (e.g., a CO or COR), and the requesting NASA civil servant has executed an Acknowledgment (as set forth in the note following paragraph 3.10.2e).
    (5) After items (1), (2), (3), and (4) are complete, provide the software to the requesting NASA civil servant. The requesting NASA civil servant is responsible for furnishing the software to the contractor pursuant to the subject contract’s terms.

    c. A NASA civil servant to any NASA grantees, Cooperative Agreement Recipients or any other agreement partners or to any other entity under U.S. Government Agency Release, Open source Release, Public Release, U.S. Release, Foreign Release:

    (1) If the release is to any NASA grantees, Cooperative Agreement Recipients, or any other agreement (e.g., Space Act Agreement) partners or to any other entity under U.S. Government Agency Release, an Open source Release, a Public Release, a U.S. Release, or a Foreign Release, the software release is completed in accordance with the external release requirements of NPR 2210.1, Release of NASA Software – Revalidated w/change 1.

  • SWE-215 - Software License Rights2.1.5.13 The Center Director or designee shall ensure that the Government has clear rights in the software, a Government purpose license, or other appropriate license or permission from third party owners prior to providing the software for internal NASA software sharing or reuse.
  • SWE-216 - Internal Software Sharing List - 2.1.5.14 The Center Director, or designee, shall ensure that all software listed on the internal software sharing or reuse catalog(s) conforms to NASA software engineering policy and requirements.
  • SWE-217 - List of All Contributors and Disclaimer Notice2.1.5.15 The Center Director, or designee, (e.g., the Civil Servant Technical Point of Contact (POC) for the software product) shall perform the following actions:

    a. Keep a list of all contributors to the software product.

    b. Ensure that the software product contains appropriate disclaimer and indemnification provisions (e.g., in a “README” file) stating that the software may be subject to U.S. export control restrictions, and it is provided “as is” without any warranty, express or implied, and that the recipient waives any claims against, and indemnifies and holds harmless, NASA and its contractors and subcontractors.

  • SWE-218 - Contracting Officers - 2.1.7.1 Contracting Officers, as defined in FAR 2.101, or Agreement Managers as defined in NAII 1050.3, NASA Partnership Guide, in conjunction with Program/Project Managers shall ensure that the appropriate FAR, NFS, and other provisions/clauses based on this requirements document and NASA-STD-8739.8 are included for all NASA contracts, Space Act Agreements, cooperative agreements, partnership agreements, grants, or other agreements pursuant to which software is being acquired, developed, modified, operated, or managed for NASA.

13.05.2 Related Work Products

13.05.2.1 Related Process Asset Templates

13.05.3 Related Topics


13.06. Training

NASA software development activities in support of projects often require a balanced blend of software engineering development expertise and knowledge. If the software is contracted out, the development activities also require knowledge of NASA's acquisition practices and regulations. The Office of the Chief Engineer(OCE) and the Centers have committed to support these objectives by providing sufficient funding in support of the training.  In some instances, funding for training may be provided by multiple organizations if the training is beneficial to the communities they represent.

NASA software assurance and software safety activities in support of projects often require a balanced blend of software engineering development expertise, software assurance expertise, software safety expertise, and knowledge. If the software is contracted out, the development activities also require knowledge of NASA's acquisition practices and regulations. The Office of Safety and Mission Assurance and the Centers have committed to support these objectives by providing sufficient funding in support of the training.  In some instances, funding for training may be provided by multiple organizations if the training is beneficial to the communities they represent.

Frequency Of This Activity

13.06.1 Related SWEs

13.06.2 Related Work Products

13.06.2.1 Related Process Asset Templates

13.06.3 Related Topics



  • No labels