Measurement System Identification: Not Measurement Sensitive
NASA TECHNICAL STANDARD
National Aeronautics and Space Administration
NASA-STD-8739.8B
Approved: TBD Superseding NASA-STD-8739.8A
SOFTWARE ASSURANCE AND SOFTWARE SAFETY STANDARD APPROVED FOR PUBLIC RELEASE – DISTRIBUTION IS UNLIMITED
DOCUMENT HISTORY LOG
Include Page
SWE-057 - SA Task1
SWE-057 - SA Task1
Status
Document Revision
Approval Date
Description
Baseline
Initial
2004-07-28
Initial Release
1
2005-05-05
Administrative changes to the Preface; Paragraphs 1.1, 1.4, 1.5, 2.1.1, 2.2.2, 3, 5.1.2.3, 5.4.1.1; 5.6.2, 5.8.1.2, 6.7.1.a, 7.3.2, 7.3.3, 7.5, 7.5.1; Table 1; Appendix A; Appendix C to reflect NASA Transformation changes, reflect the release of NASA Procedural Requirements (NPR) 7150.2, NASA Software Engineering Requirements and to make minor editorial changes. Note: Some paragraphs have changed pages as a result of these changes. Only pages where content has changed are identified by change indications.
A
2020-06-10
The revised document addresses the following significant issues: combined the NASA Software Assurance Standard (NASA-STD-8739.8) with the NASA Software Safety Standard (NASA-STD-8719.13), reduction of requirements, bring into alignment with updates to NPR 7150.2, added a section on IV&V requirements to perform IV&V, and moved guidance text to an Electronic Handbook. This change combines the updates to NASA-STD-8739.8 and the content of NASA-STD-8719.13. The update includes the NASA software safety requirements and cancels NASA-STD-8719.13 standard.
B
TBD
Brings into alignment with the update to NPR 7150.2D. Update the Appendix A table containing the additional areas to consider when identifying software causes in Hazard Analysis.
Forward
This NASA Technical Standard is published by the National Aeronautics and Space Administration (NASA) to provide uniform engineering and technical requirements for processes, procedures, practices, and methods that have been endorsed as standard for NASA facilities, programs, and projects, including requirements for selection, application, and design criteria of an item. This standard was developed by the NASA Office of Safety and Mission Assurance (OSMA). Requests for information, corrections, or additions to this standard should be submitted to the OSMA by email to Agency-SMA-Policy-Feedback@mail.nasa.gov or via the “Email Feedback” link at https://standards.nasa.gov.
Russ Deloach
NASA Chief, Safety and Mission Assurance
TBD
Approval Date
Div
id
tabs-2
Software Assurance and Software Safety Requirements Mapping Matrix
NPR 7150.2 Section
SWE #
NPR 7150.2 Requirement
Software Assurance and Software Safety Tasks
3
Software Management Requirements
3.1
Software Life-Cycle Planning
3.1.2
033
Excerpt Include
SWEHBVD:SWE-033 - Acquisition vs. Development Assessment
SWEHBVD:SWE-033 - Acquisition vs. Development Assessment
nopanel
true
Include Page
SWEHBVD:SWE-033 - Notes
SWEHBVD:SWE-033 - Notes
Include Page
SWE-033 - SA Task1
SWE-033 - SA Task1
Include Page
SWE-033 - SA Task2
SWE-033 - SA Task2
Include Page
SWE-033 - SA Task3
SWE-033 - SA Task3
3.1.3
013
Excerpt Include
SWEHBVD:SWE-013 - Software Plans
SWEHBVD:SWE-013 - Software Plans
nopanel
true
Include Page
SWE-013 - SA Task1
SWE-013 - SA Task1
Include Page
SWE-013 - SA Task2
SWE-013 - SA Task2
3.1.4
024
Excerpt Include
SWEHBVD:SWE-024 - Plan Tracking
SWEHBVD:SWE-024 - Plan Tracking
nopanel
true
Include Page
SWE-024 - SA Task1
SWE-024 - SA Task1
Include Page
SWE-024 - SA Task2
SWE-024 - SA Task2
Include Page
SWE-024 - SA Task3
SWE-024 - SA Task3
3.1.5
034
Excerpt Include
SWEHBVD:SWE-034 - Acceptance Criteria
SWEHBVD:SWE-034 - Acceptance Criteria
nopanel
true
Include Page
SWE-034 - SA Task1
SWE-034 - SA Task1
3.1.6
036
Excerpt Include
SWEHBVD:SWE-036 - Software Process Determination
SWEHBVD:SWE-036 - Software Process Determination
nopanel
true
Include Page
SWE-036 - SA Task1
SWE-036 - SA Task1
Include Page
SWE-036 - SA Task2
SWE-036 - SA Task2
3.1.7
037
Excerpt Include
SWEHBVD:SWE-037 - Software Milestones
SWEHBVD:SWE-037 - Software Milestones
nopanel
true
Include Page
SWE-037 - SA Task1
SWE-037 - SA Task1
Include Page
SWE-037 - SA Task2
SWE-037 - SA Task2
3.1.8
039
Excerpt Include
SWEHBVD:SWE-039 - Software Supplier Insight
SWEHBVD:SWE-039 - Software Supplier Insight
nopanel
true
Include Page
SWE-039 - SA Task1
SWE-039 - SA Task1
Include Page
SWE-039 - SA Task2
SWE-039 - SA Task2
Include Page
SWE-039 - SA Task3
SWE-039 - SA Task3
Include Page
SWE-039 - SA Task4
SWE-039 - SA Task4
Include Page
SWE-039 - SA Task5
SWE-039 - SA Task5
Include Page
SWE-039 - SA Task6
SWE-039 - SA Task6
Include Page
SWE-039 - SA Task7
SWE-039 - SA Task7
Include Page
SWE-039 - SA Task8
SWE-039 - SA Task8
3.1.9
040
Excerpt Include
SWEHBVD:SWE-040 - Access to Software Products
SWEHBVD:SWE-040 - Access to Software Products
nopanel
true
Include Page
SWE-040 - SA Task1
SWE-040 - SA Task1
3.1.10
042
Excerpt Include
SWEHBVD:SWE-042 - Source Code Electronic Access
SWEHBVD:SWE-042 - Source Code Electronic Access
nopanel
true
Include Page
SWE-042 - SA Task1
SWE-042 - SA Task1
3.1.11
139
Excerpt Include
SWEHBVD:SWE-139 - Shall Statements
SWEHBVD:SWE-139 - Shall Statements
nopanel
true
Include Page
SWE-139 - SA Task1
SWE-139 - SA Task1
3.1.12
121
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements
SWEHBVD:SWE-121 - Document Tailored Requirements
nopanel
true
Include Page
SWE-121 - SA Task1
SWE-121 - SA Task1
Include Page
SWE-121 - SA Task2
SWE-121 - SA Task2
3.1.13
125
Excerpt Include
SWEHBVD:SWE-125 - Requirements Compliance Matrix
SWEHBVD:SWE-125 - Requirements Compliance Matrix
nopanel
true
Include Page
SWE-125 - SA Task1
SWE-125 - SA Task1
Include Page
SWE-125 - SA Task2
SWE-125 - SA Task2
3.1.14
027
Excerpt Include
SWEHBVD:SWE-027 - Use of Commercial, Government, and Legacy Software
SWEHBVD:SWE-027 - Use of Commercial, Government, and Legacy Software
nopanel
true
Include Page
SWE-027 - SA Task1
SWE-027 - SA Task1
3.2
Software Cost Estimation
3.2.1
015
Excerpt Include
SWEHBVD:SWE-015 - Cost Estimation
SWEHBVD:SWE-015 - Cost Estimation
nopanel
true
Include Page
SWE-015 - SA Task1
SWE-015 - SA Task1
3.2.2
151
Excerpt Include
SWEHBVD:SWE-151 - Cost Estimate Conditions
SWEHBVD:SWE-151 - Cost Estimate Conditions
nopanel
true
Include Page
SWE-151 - SA Task1
SWE-151 - SA Task1
3.2.3
174
Excerpt Include
SWEHBVD:SWE-174 - Software Planning Parameters
SWEHBVD:SWE-174 - Software Planning Parameters
nopanel
true
Include Page
SWE-174 - SA Task1
SWE-174 - SA Task1
Include Page
SWE-174 - SA Task2
SWE-174 - SA Task2
3.3
Software Schedules
3.3.1
016
Excerpt Include
SWEHBVD:SWE-016 - Software Schedule
SWEHBVD:SWE-016 - Software Schedule
nopanel
true
Include Page
SWE-016 - SA Task1
SWE-016 - SA Task1
Include Page
SWE-016 - SA Task2
SWE-016 - SA Task2
3.3.2
018
Excerpt Include
SWEHBVD:SWE-018 - Software Activities Review
SWEHBVD:SWE-018 - Software Activities Review
nopanel
true
Include Page
SWE-018 - SA Task1
SWE-018 - SA Task1
Include Page
SWE-018 - SA Task2
SWE-018 - SA Task2
3.3.3
046
Excerpt Include
SWEHBVD:SWE-046 - Supplier Software Schedule
SWEHBVD:SWE-046 - Supplier Software Schedule
nopanel
true
Include Page
SWE-046 - SA Task1
SWE-046 - SA Task1
3.4
Software Training
3.4.1
017
Excerpt Include
SWEHBVD:SWE-017 - Project and Software Training
SWEHBVD:SWE-017 - Project and Software Training
nopanel
true
Include Page
SWE-017 - SA Task1
SWE-017 - SA Task1
Include Page
SWE-017 - SA Task2
SWE-017 - SA Task2
3.5
Software Classification Assessments
3.5.1
020
Excerpt Include
SWEHBVD:SWE-020 - Software Classification
SWEHBVD:SWE-020 - Software Classification
nopanel
true
Include Page
SWE-020 - SA Task1
SWE-020 - SA Task1
3.5.2
176
Excerpt Include
SWEHBVD:SWE-176 - Software Records
SWEHBVD:SWE-176 - Software Records
nopanel
true
Include Page
SWE-176 - SA Task1
SWE-176 - SA Task1
3.6
Software Assurance and Software Independent Verification & Validation
3.6.1
022
Excerpt Include
SWEHBVD:SWE-022 - Software Assurance
SWEHBVD:SWE-022 - Software Assurance
nopanel
true
Include Page
SWE-141 - SA Task1
SWE-141 - SA Task1
3.6.2
141
Excerpt Include
SWEHBVD:SWE-141 - Software Independent Verification and Validation
SWEHBVD:SWE-141 - Software Independent Verification and Validation
nopanel
true
Include Page
SWE-141 - SA Task1
SWE-141 - SA Task1
3.6.3
131
Excerpt Include
SWEHBVD:SWE-131 - Independent Verification and Validation Project Execution Plan
SWEHBVD:SWE-131 - Independent Verification and Validation Project Execution Plan
nopanel
true
Include Page
SWE-131 - SA Task1
SWE-131 - SA Task1
3.6.4
178
Excerpt Include
SWEHBVD:SWE-178 - IV&V Artifacts
SWEHBVD:SWE-178 - IV&V Artifacts
nopanel
true
Include Page
SWE-178 - SA Task1
SWE-178 - SA Task1
3.6.5
179
Excerpt Include
SWEHBVD:SWE-179 - IV&V Submitted Issues and Risks
SWEHBVD:SWE-179 - IV&V Submitted Issues and Risks
nopanel
true
Include Page
SWE-179 - SA Task1
SWE-179 - SA Task1
3.7
Safety-Critical and Mission Critical Software
3.7.1
205
Excerpt Include
SWEHBVD:SWE-205 - Determination of Safety-Critical Software
SWEHBVD:SWE-205 - Determination of Safety-Critical Software
SWEHBVD:SWE-121 - Document Tailored Requirements081 - Identify Software CM Items
SWEHBVD:SWE-121 - Document Tailored Requirements081 - Identify Software CM Items
nopanel
true
The project manager shall identify the software configuration items (e.g., software records, code, data, tools, models, scripts) and their versions to be controlled for the project.
1. Confirm that the project has identified the configuration items and their versions to be controlled.2. Assess that the software safety-critical items are configuration-managed, including hazard reports and safety analysis.
The project manager shall establish and implement procedures to: a. Designate the levels of control through which each identified software configuration item is required to pass. b. Identify the persons or groups with authority to authorize changes. c. Identify the persons or groups to make changes at each level.
1. Confirm that software assurance has participation in software control activities.2. Perform an audit against the configuration management procedures to confirm that the project follows the established procedures.
Include Page
SWE-082 - SA Task1
SWE-082 - SA Task1
Include Page
SWE-082 - SA Task2
SWE-082 - SA Task2
5.1.6
083
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements083 - Status Accounting
SWEHBVD:SWE-121 - Document Tailored Requirements083 - Status Accounting
nopanel
true
The project manager shall prepare and maintain records of the configuration status of software configuration items.
1. Confirm that the project maintains records of the configuration status of the configuration items.
The project manager shall perform software configuration audits to determine the correct version of the software configuration items and verify that they conform to the records that define them.
1. Confirm that the project manager performed software configuration audits to determine the correct version of the software configuration items and verify that the results of the audit conform to the records that define them.
The project manager shall establish and implement procedures for the storage, handling, delivery, release, and maintenance of deliverable software products.
1. Confirm that the project establishes procedures for storage, processing, distribution, release, and support of deliverable software products.2. Perform audits on the project to ensure that the project follows defined procedures for deliverable software products.
Include Page
SWE-085 - SA Task1
SWE-085 - SA Task1
Include Page
SWE-085 - SA Task2
SWE-085 - SA Task2
5.1.9
045
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements045 - Project Participation in Audits
SWEHBVD:SWE-121 - Document Tailored Requirements045 - Project Participation in Audits
nopanel
true
The project manager shall participate in any joint NASA/developer audits.
1. Participate in or assess the results from any joint NASA/developer audits. Track any findings to closure.
The project manager shall record, analyze, plan, track, control, and communicate all of the software risks and mitigation plans.
1. Confirm and assess that a risk management process includes recording, analyzing, planning, tracking, controlling, and communicating all software risks and mitigation plans. 2. Perform audits on the risk management process for the software activities.
Include Page
SWE-086 - SA Task1
SWE-086 - SA Task1
Include Page
SWE-086 - SA Task2
SWE-086 - SA Task2
5.3
Software Peer Reviews/Inspections
5.3.2
087
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements087 - Software Peer Reviews and Inspections for Requirements, Plans, Design, Code, and Test Procedures
SWEHBVD:SWE-121 - Document Tailored Requirements
nopanel
true
The project manager shall perform and report the results of software peer reviews or software inspections for: a. Software requirements. b. Software plans, including cybersecurity. c. Any design items that the project identified for software peer review or software inspections according to the software development plans. d. Software code as defined in the software and or project plans. e. Software test procedures.
1. Confirm that software peer reviews are performed and reported on for project activities. 2. Confirm that the project addresses the accepted software peer review findings.3. Perform peer reviews on software assurance and software safety plans.4. Confirm that the source code satisfies the conditions in the NPR 7150.2 requirement SWE-134, "a" through "l," based upon the software functionality for the applicable safety-critical requirements at each code inspection/review.
087 - Software Peer Reviews and Inspections for Requirements, Plans, Design, Code, and Test Procedures
nopanel
true
Include Page
SWE-087 - SA Task1
SWE-087 - SA Task1
Include Page
SWE-087 - SA Task2
SWE-087 - SA Task2
Include Page
SWE-087 - SA Task3
SWE-087 - SA Task3
Include Page
SWE-087 - SA Task4
SWE-087 - SA Task4
5.3.3
088
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements-088 - Software Peer Reviews and Inspections - Checklist Criteria and Tracking
SWEHBVD:SWE-121 - Document Tailored Requirements088 - Software Peer Reviews and Inspections - Checklist Criteria and Tracking
nopanel
true
The project manager shall, for each planned software peer review or software inspection: a. Use a checklist or formal reading technique (e.g., perspective-based reading) to evaluate the work products. b. Use established readiness and completion criteria. c. Track actions identified in the reviews until they are resolved. d. Identify the required participants.
1. Confirm that the project meets the NPR 7150.2 criteria in "a" through "d" for each software peer review.2. Confirm that the project resolves the actions identified from the software peer reviews.3. Perform audits on the peer-review process.
5.3.4
Include Page
SWE-088 - SA Task1
SWE-088 - SA Task1
Include Page
SWE-088 - SA Task2
SWE-088 - SA Task2
Include Page
SWE-088 - SA Task3
SWE-088 - SA Task3
5.3.4
089
Excerpt Include
SWEHBVD:SWE-089 - Software Peer Reviews and Inspections - Basic Measurements
SWEHBVD:SWE-089 - Software Peer Reviews and Inspections - Basic Measurements
nopanel
true
Include Page
SWE-089 - SA Task1
SWE-089 - SA Task1
5.4
Software Measurements
5.4.2
090089
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements090 - Management and Technical Measurements
SWEHBVD:SWE-121 - Document Tailored Requirements090 - Management and Technical Measurements
nopanel
true
The project manager shall, for each planned software peer review or software inspection, record necessary measurements.
1. Confirm that the project records the software peer reviews and results of software inspection measurements.
5.4
Software Measurements
Include Page
SWE-090 - SA Task1
SWE-090 - SA Task1
Include Page
SWE-090 - SA Task2
SWE-090 - SA Task2
Include Page
SWE-090 - SA Task3
SWE-090 - SA Task3
5.4.2
090
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements
SWEHBVD:SWE-121 - Document Tailored Requirements
nopanel
true
The project manager shall establish, record, maintain, report, and utilize software management and technical measurements.1. Confirm that a measurement program establishes, records, maintains, reports, and uses software assurance, management, and technical measures. 2. Perform trending analyses on metrics (quality metrics, defect metrics) and report. 3. Collect any identified organizational metrics and submit them to the organizational repository.
5.4.3
093
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements093 - Analysis of Measurement Data
SWEHBVD:SWE-121 - Document Tailored Requirements093 - Analysis of Measurement Data
nopanel
true
The project manager shall analyze software measurement data collected using documented project-specified and Center/organizational analysis procedures.
1. Confirm software measurement data analysis conforms to documented analysis procedures. 2. Analyze software assurance measurement data.
Include Page
SWE-093 - SA Task1
SWE-093 - SA Task1
Include Page
SWE-093 - SA Task2
SWE-093 - SA Task2
5.4.4
094
Excerpt Include
SWEHBVD:SWE-094 - Reporting of Measurement Analysis
SWEHBVD:SWE-094 - Reporting of Measurement Analysis
nopanel
true
Include Page
SWE-094 - SA Task1
SWE-094 - SA Task1
5.4.4
094
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements
SWEHBVD:SWE-121 - Document Tailored Requirements
nopanel
true
The project manager shall provide access to the software measurement data, measurement analyses, and software development status as requested to the sponsoring Mission Directorate, the NASA Chief Engineer, the Center Technical Authorities, HQ SMA, and other organizations as appropriate.1. Confirm access to software measurement data, analysis, and status as requested to the following entities, at a minimum: - Sponsoring Mission Directorate - NASA Chief Engineer - Center Technical Authorities - Headquarters SMA
5.4.5
199
Excerpt Include
SWEHBVD:SWE-199 - Performance Measures
SWEHBVD:SWE-121 - Document Tailored Requirements
SWEHBVD:SWE-121 - Document Tailored Requirements
nopanel
true
The project manager shall monitor measures to ensure the software will meet or exceed performance and functionality requirements, including satisfying constraints.
1. Confirm that the project monitors and updates planned measurements to ensure the software meets or exceeds performance and functionality requirements, including satisfying constraints. 2. Monitor and track any performance or functionality requirements that are not being met or are at risk of not being met.
-199 - Performance Measures
nopanel
true
Include Page
SWE-199 - SA Task1
SWE-199 - SA Task1
Include Page
SWE-199 - SA Task2
SWE-199 - SA Task2
5.4.6
200
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements
SWEHBVD:SWE-121 - Document Tailored Requirements
nopanel
true
The project manager shall collect, track, and report software requirements volatility metrics.
1. Confirm that the project collects, tracks, and reports on the software volatility metrics. 2. Analyze software volatility metrics to evaluate requirements stability as an early indicator of project problems.
5.5
Software Non-conformance or Defect Management
5.5.1
201
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements
SWEHBVD:SWE-121 - Document Tailored Requirements
nopanel
true
The project manager shall track and maintain software non-conformances (including defects in tools and appropriate ground software).
1. Confirm that all software non-conformances are recorded and tracked to resolution.2. Confirm that accepted non-conformances include the rationale for the non-conformance.
5.5.2
202
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements
SWEHBVD:SWE-121 - Document Tailored Requirements
nopanel
true
The project manager shall define and implement clear software severity levels for all software non-conformances (including tools, COTS, GOTS, MOTS, OSS, reused software components, and applicable ground systems).
1. Confirm that all software non-conformances severity levels are defined. 2. Assess the application and accuracy of the defined severity levels to software non-conformances.3. Confirm that the project assigns severity levels to non-conformances associated with tools, COTS, GOTS, MOTS, OSS, and reused software components. 4. Maintain or access the number of software non-conformances at each severity level for each software configuration item.
5.5.3
203
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements
SWEHBVD:SWE-121 - Document Tailored Requirements
nopanel
true
The project manager shall implement mandatory assessments of reported non-conformances for all COTS, GOTS, MOTS, OSS, and/or reused software components.
1. Confirm the evaluations of reported non-conformances for all COTS, GOTS, MOTS, OSS, or reused software components are occurring throughout the project life cycle. 2. Assess the impact of non-conformances on the project software's safety, quality, and reliability.
5.5.4
204
Excerpt Include
SWEHBVD:SWE-121 - Document Tailored Requirements
SWEHBVD:SWE-121 - Document Tailored Requirements
nopanel
true
The project manager shall implement process assessments for all high severity software non-conformances (closed loop process).
1. Perform or confirm that a root cause analysis has been completed on all identified high severity software non-conformances, and that the results are recorded and have been assessed for adequacy. 2. Confirm that the project analyzed the processes identified in the root cause analysis associated with the high severity software non-conformances. 3. Assess opportunities for improvement on the processes identified in the root cause analysis associated with the high severity software non-conformances. 4. Perform or confirm tracking of corrective actions to closure on high severity software non-conformances.
Div
id
tabs-3
3. Example of Table from Software Assurance Plan
Note
The table below was taken from excerpts from Software Assurance Plan in SWEHBVD. The table is built from SWE excerpts plus SA Tasks using the individual SA tasks from the "SA Tasks from NASA-STD-8739.8B" area of SITE.
The advantage of using this technique is that changes to the requirements (from SWEHBVD SWEs) and SA Tasks (from NASA-STD-8739.8B) will be made in one place. Once the updates are made, all of the places where they are repeated (quoted) are automatically updated.
It is a little one time work to setup. It saves time as updates are made in documents.
SWE #
NPR 7150.2 Requirement
NASA-STD-8739.8 Software Assurance and Software Safety Tasks per SA Standard
013
Excerpt Include
SWEHBVD:SWE-013 - Software Plans
SWEHBVD:SWE-013 - Software Plans
nopanel
true
Include Page
SWE-013 - SA Task2
SWE-013 - SA Task2
Div
id
tabs-4
Note
This example is taken from SWEHBVD: SWE-013 - Software Plans. It uses the excerpt from tab 1 of the SWE and some include pages for appropriate tasks in the NASA-STD-8739.8B page set in SITE.
