bannerd

A. Introduction

B. Institutional Requirements

C. Project Software Requirements

D. Topics

E. Tools, References, and Terms

F. SPAN
(NASA Only)

Versions Compared

Old Version 1

changes.mady.by.user Tim Crumbley

Saved on

compared with

New Version Current

changes.mady.by.user Tim Crumbley

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tabsetup
01. Risk
12. Mitigation Strategies
23. Resources
Div
idtabs-1

Context:

Software verification ensures that software meets its specified requirements and behaves as intended under both normal and abnormal operating conditions. Missing or incomplete verification represents a critical gap in the software development lifecycle (SDLC) and jeopardizes the reliability, safety, security, and quality of the system.

In industries such as aerospace, automotive, healthcare, and defense, software verification is not optional—it is a regulatory requirement (e.g., DO-178C, ISO 26262, IEC 62304). Missing or incomplete software verification—whether at the unit, integration, system, or acceptance testing levels—can expose a system to critical defects, catastrophic failures, regulatory non-compliance, and post-deployment risks.

Key Risks of Missing or Incomplete Software Verification

1. Unverified Functional Requirements:

  • Issues:
    • Functional requirements are not fully mapped or tested, leaving gaps in assurance that the software will perform as required.
  • Risks:
    1. Core functionality may not operate as expected during real-world use.
    2. Critical features may fail in live environments.

2. Missed Bugs or Defects:

  • Issues:
    • Software defects, logical errors, or code bugs go undetected without stringent verification processes and comprehensive test cases.
  • Risks:
    1. Defects surface after deployment, resulting in product degradation.
    2. Critical software faults may lead to safety incidents or mission losses.

3. Poor Software Quality:

  • Issues:
    • Incomplete verification overlooks key software quality attributes such as usability, reliability, performance, and compatibility under different scenarios.
  • Risks:
    1. Reduced system robustness during edge cases or stress conditions.
    2. Poor customer/end-user experience and product dissatisfaction.

4. Inadequate Regression Testing:

  • Issues:
    • Changes in the software (e.g., bug fixes, feature updates) are not validated against previously confirmed functionality.
  • Risks:
    1. Introduction of regression defects, where previously working features break after updates.
    2. Excessive costs to debug and fix issues at later stages.

5. Unvalidated Edge Cases and Boundaries:

  • Issues:
    • Scenarios involving boundary conditions, edge cases, or unexpected inputs are often missed or insufficiently tested.
  • Risks:
    1. Unhandled exceptions or crashes during real-world use.
    2. Functional or safety-critical processes fail in uncommon but critical situations.

6. Critical Failure in Safety-, Mission-, or Business-Critical Systems:

  • Issues:
    • Missing verification in safety- or mission-critical applications might fail to prevent critical system failures.
  • Risks:
    1. Equipment damage, mission failure, system downtime, or loss of human life.
    2. Severe regulatory non-compliances resulting in lawsuits or project cancellations.

7. Security Vulnerabilities:

  • Issues:
    • Verification often includes security testing to identify vulnerabilities like buffer overflows, SQL injections, or other exploits.
  • Risks:
    1. Compromise of sensitive data or unauthorized system access.
    2. Increased exposure to attacks that could disrupt essential services.

8. Non-Compliance with Regulatory Standards:

  • Issues:
    • Missing verification artifacts compromises compliance with standards or certifications.
    • Examples include DO-178C for avionics, ISO 26262 for automotive, and IEC 62304 for medical devices.
  • Risks:
    1. Regulatory fines or failures in certification audits.
    2. Delayed deployment timelines and increased costs to address verification gaps later.

9. Increased Post-Deployment Costs:

  • Issues:
    • The later a defect is discovered, the more expensive and time-consuming it is to fix.
  • Risks:
    1. Significant operational disruptions and costly fixes in production.
    2. Reputational damage and loss of stakeholder trust.

Root Causes of Missing or Incomplete Software Verification

  1. Poor Requirement Mapping:

    • Functional and non-functional requirements are not adequately defined, making it impossible to fully verify the software.

  2. Ambiguity in Test Plans:

    • Test cases may be incompletely defined, untraceable to requirements, or missing corner/edge cases.

  3. Time and Resource Constraints:

    • Projects with aggressive timelines or limited budgets often deprioritize thorough verification activities.

  4. Overreliance on Unit Testing:

    • Developers may fail to test the system holistically or at higher levels (e.g., integration testing, end-to-end testing).

  5. Undefined Verification Criteria:

    • Absence of clear criteria for determining when verification is complete (e.g., code coverage, scenario coverage).

  6. Lack of Tools and Automation:

    • Manual methods may lead to missed test cases, incomplete documentation, or human error.

  7. Inadequate Test Environments:

    • Real-world scenarios, hardware-in-the-loop (HIL) testing, or production-like environments may be unavailable.

  8. Complex Data Interdependency:

    • For systems with data-driven architectures, incomplete testing of inputs, configuration files, and data loads results in verification gaps.

  9. Overlooking Non-Functional Testing:

    • Areas such as performance, reliability, scalability, usability, or security may not be explicitly verified.
tabs-2
Div
idtabs-2

Mitigation Strategies

1. Establish Comprehensive Software Verification Plans:

  • Develop a Software Verification Plan (SVP) that:
    1. Clearly maps all requirements to test cases (using a Requirements Traceability Matrix (RTM)).
    2. Includes functional, boundary, and edge case verification.
    3. Defines test objectives, inputs, expected outputs, and exit conditions.
    4. Accounts for different test levels: unit, integration, system, acceptance.

2. Perform Thorough Requirements Validation:

  • Validate all functional and non-functional requirements to prevent downstream verification gaps.
  • Use formal methods (e.g., mathematical proofs, model-checking techniques) for safety-critical applications.

3. Use Test Automation for Coverage:

  • Automate repetitive or large-scale tests to ensure comprehensive testing:
    • Example tools: Selenium, JUnit, TESSY, VectorCAST, and Robot Framework.
  • Automate regression testing for continuous validation after software changes (e.g., using Jenkins, GitLab CI/CD, or Azure DevOps).

4. Validate Edge Cases and Stress Conditions:

  • Ensure that boundary conditions (e.g., maximum data input size) are tested.
  • Include stress testing, extreme load scenarios, and invalid input tests.

5. Incorporate Model-Based Verification:

  • Use model-based testing for complex systems with extensive logic or data dependencies (e.g., Simulink, Stateflow for control algorithms).
  • Simulate key software/system states to verify correctness under real-time conditions.

6. Perform Integration and End-to-End Testing:

  • Verify interactions between subsystems during integration testing.
  • Test complete workflows, from input to output, in operationally realistic end-to-end tests.

7. Incorporate Verification Early (Shift-Left Testing):

  • Involve verification activities from the design phase onwards.
  • Use techniques like test-driven development (TDD) and continuous integration/continuous testing (CI/CT) to integrate validation into daily development.

8. Use Hardware-in-the-Loop (HIL) Testing:

  • For embedded or real-time systems, include HIL setups to simulate realistic operational hardware inputs and scenarios.

9. Perform Regression Testing:

  • Revalidate all relevant components after every update, patch, or release to ensure no previously verified functionalities are broken.

10. Leverage Industry Standards:

  • Follow best practices and verification workflows from DO-178C (aerospace), ISO 26262 (automotive), or similar standards for systematic coverage.
  • Adhere to IEC 29119 software testing standards for documentation and processes.

11. Continuous Monitoring and Test Metrics:

  • Track ongoing verification progress using metrics like:
    • Requirements Coverage (%): Percentage of requirements validated/executed.
    • Defects per Verification Step: Identify stages causing frequent failures.
    • Regression Rate Metrics: Track how often new changes introduce bugs.
Div
id

Monitoring and Controls

1. Verification Coverage Metrics:

  • Use tools to monitor test coverage and ensure requirements are comprehensively verified:
    • Examples: TestRail, Zephyr, Jama Connect, Xray for JIRA.

2. Quality Gate Checks:

  • Use tools (e.g., SonarQube, Coverity) to monitor:
    • Code quality.
    • Cyclomatic complexity.
    • Static and dynamic analysis coverage.

3. Verification Review Boards:

  • Have peer review committees verify and approve test plans and results at specific milestones (e.g., TRR, SRR, ORR).

4. Auditable Test Evidence:

  • Maintain detailed test logs, version-controlled scripts, and verification artifacts for audits or regulatory reviews.

5. Traceability Dashboards:

  • Establish dashboards to track verification progress against benchmarks, allowing stakeholders to see gaps in real-time.

Consequences of Missing or Incomplete Software Verification

  1. Critical Software Failures:
    • Faulty operation in safety-critical systems could lead to injury, loss of life, or mission failures.
  2. Regulatory Violations:
    • Non-compliance with standards like DO-178C or ISO 26262 can lead to project termination or certification denials.
  3. High Maintenance Costs:
    • Defects discovered in production environments incur greater time, cost, and resource expenditures.
  4. Reputational Damage:
    • End-user trust in the software or company is degraded, harming long-term viability.
  5. Litigation Risks:
    • Failures caused by unverified systems can lead to class-action lawsuits or fines in heavily regulated industries.

Conclusion:

Complete software verification is not just a technical best practice—it is a critical safety, cost-control, and compliance requirement. Missing or incomplete verification introduces major risks to software quality, safety, and stakeholder trust, especially in mission-critical and high-stakes environments. By formalizing verification plans, automating test workflows, and adhering to industry standards, organizations can ensure comprehensive and auditable validation throughout the software lifecycle.


Div
idtabs-3

3. Resources

3.1 References

refstable-topic


Show If
groupconfluence-users
Panel
titleColorred
titleInstructions for Editors
Expand

For references to be used in the Risk pages they must be coded as "Topic R999" in the SWEREF page. See SWEREF-083 for an example. 

Enter the necessary modifications to be made in the table below:

SWEREFs to be addedSWEREFS to be deleted


SWEREFs called out in text: 083, 

SWEREFs NOT called out in text but listed as germane: 


...

Page Editor: Tim Crumbley
NASA Official: Tim Crumbley
Accessibility
NASA Software Engineering Handbook - A service of the NASA Office of the Chief Engineer
NASA Privacy Statement
______________________________________________________________________________