bannerd

A. Introduction

B. Institutional Requirements

C. Project Software Requirements

D. Topics

E. Tools, References, and Terms

F. SPAN
(NASA Only)

Versions Compared

Old Version 44

changes.mady.by.user Haigh, Fred

Saved on

compared with

New Version Current

changes.mady.by.user Haigh, Fred

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

UNDER CONSTRUCTION

New in SWEHB

Project Software Activities

  • In 

In general, a cleanup like this of the Guidance tabs would give the whole SWEHB a more polished look and make it easier to find things. Tab 7 for SA already looks very clean and functional for the assurance folks. Tabs 1, 5, and 6 in all the SWEs have already had such a make over: 

  • Tab 1 had consistent numbering of subsections implemented when the SWE History section was added. 
  • Tab 5 had some cleanup when the Tools section wording was changed and the PATs added to some SWEs. 
  • Tab 6 was reformatted to account for NASA and NON-NASA Lessons Learned. 
Software Non-conformance or Defect Management


Tabsetup
01. Introduction
12. Institutional Activities
23. Activities
34. Distribution of SWEsSWEHB Pages
45. Activity Page Structure
56. Alternative Activity Styles
67. Other Considerations

2. Institutional Activities

The Management activities associated with Software Development Projects are listed as links below. 

Management activities are typically conducted by those in leadership roles. Supervisors, managers and team leads are involved to varying degrees. Some activities even involve Support, Assurance and Safety roles. Interactions are explained in the activities. 

2.1 OCE  and OSMA Software Engineering Initiative

Agency Level Activities are intended to provide "enabling support" to project teams. These activities include direction, guidance and support to project teams. 

Process Definition 

Requirement Mapping and Tailoring

Measurements and Metrics

Benchmarking and Appraisals

Training

Process Library

Licensing, Sharing and Reuse

3. Activities

The Software and Assurance activities associated with Software Development Projects are listed as links below. 

Each page will contain an activity description and contain links to all the associated SWEs, Topics, PATs, and other pages in the SWEHB that are associated with the activity. 

3.1 Activity Pages

Links go to existing pages. Underlined (Red in edit mode)  links have not yet been created. All activity pages to be children of the Software Project Activities page.

Content structure is contained in the Activity Template

Institutional Activities

Div
idtabs-1

1. Introduction

Software Engineering activities are conducted in a predictable sequence. This sequence may be a once through / "waterfall" cycle. Or, it may be an iterative  or evolutionary series of cycles which build toward a final product. Regardless of the model chosen, individual activities in all these cycles are very similar. 

The major activity groupings here give you a quick way to find guidance in the SWEHB to help you satisfy the needs of the development project while also satisfying the requirements of NPR 7150.2. 

1.1 Activity Concept

Currently the SWEHB is a collection of pages: 

  • SWEs - Requirements from NPR 7150.2D along with Rationale, Guidance, Small Projects, Resources, Lessons Learned and Software Assurance, if applicable
  • Topics - Additional guidance for appropriate for some SWEs
  • PATs - Process Asset Templates - derived from SWEs and Topics
  • Other pages - such as Document Contents, FAQs, etc.

Pages include links to other pages based on the relevance of the content on those pages. 

The notion of Activity is a natural way to bring together pages from the existing SWEHB into a collection of pages that have a common purpose, an Activity. 


Image Added


1.2 Activity Sequence

Software Engineering activities are conducted in a predictable sequence. This sequence may be a once through or "waterfall" cycle. Or, it may be an iterative  or evolutionary series of cycles which build toward a final product. Regardless of the model chosen, individual activities in all these cycles are very similar. 

The major activity groupings here give you a quick way to find guidance in the SWEHB to help you satisfy the needs of the development project while also satisfying the requirements of NPR 7150.2. 

The activities associated with Software Development are listed in the tabs of this page. Each tab takes you to a list of links to The activities associated with Software Engineering are listed in the tabs of this page. Each tab takes you to a list of links to pages where the activity is is explained in more detail. At the lowest level, there is a list of links to specific pages in the SWEHB where details of the activity are explained and more guidance is provided. In some cases, templates or other Process Assets are included to further help you in conducting the activity. 

Image Removed

1.1 Activity Groupings

The tabs in this page initially will contain all of the activities in Ch 2 through 5 of NPR 7150.2. This is done to ensure that all SWEs are accounted for. 

As the page matures, Topics, PATs, and other resources will be distributed to enrich the content of the activities. 

SWEs from NPR 7150.2 are reproduced in a floatbox on the right to ensure that all SWEHB content is accounted for somewhere in the view. 

Div
idtabs-2
Excerpt Include
SWE-002 - Software Engineering InitiativeSWE-002 - Software Engineering Initiative
Excerpt Include
SWE-208 - Advancing Software Assurance and Software Safety PracticesSWE-208 - Advancing Software Assurance and Software Safety Practices
Excerpt Include
SWE-003 - Center Improvement PlansSWE-003 - Center Improvement Plans
Excerpt Include
SWE-005 - Software ProcessesSWE-005 - Software Processes
Excerpt Include
SWE-095 - Report Engineering Discipline StatusSWE-095 - Report Engineering Discipline Status
Excerpt Include
SWE-006 - Center Software InventorySWE-006 - Center Software Inventory
Excerpt Include
SWE-152 - Review Requirements Mapping MatricesSWE-152 - Review Requirements Mapping Matrices
Excerpt Include
SWE-212 - NASA-STD-8739 Mapping MatricesSWE-212 - NASA-STD-8739 Mapping Matrices
Excerpt Include
SWE-223 - Tailoring IV&V project selectionsSWE-223 - Tailoring IV&V project selections
Excerpt Include
SWE-140 - Comply with RequirementsSWE-140 - Comply with Requirements
Excerpt Include
SWE-126 - Tailoring ConsiderationsSWE-126 - Tailoring Considerations
Excerpt Include
SWE-150 - Review Changes To Tailored RequirementsSWE-150 - Review Changes To Tailored Requirements
Excerpt Include
SWE-021 - Transition to a Higher ClassSWE-021 - Transition to a Higher Class
Excerpt Include
SWE-091 - Establish and Maintain Measurement RepositorySWE-091 - Establish and Maintain Measurement Repository
Excerpt Include
SWE-092 - Using Measurement DataSWE-092 - Using Measurement Data
Excerpt Include
SWE-142 - Software Cost RepositoriesSWE-142 - Software Cost Repositories
Excerpt Include
SWE-004 - OCE BenchmarkingSWE-004 - OCE Benchmarking
Excerpt Include
SWE-129 - OCE NPR AppraisalsSWE-129 - OCE NPR Appraisals
Excerpt Include
SWE-221 - OSMA NPR AppraisalsSWE-221 - OSMA NPR Appraisals
Excerpt Include
SWE-209 - Benchmarking Software Assurance and Software Safety CapabilitiesSWE-209 - Benchmarking Software Assurance and Software Safety Capabilities
Excerpt Include
SWE-032 - CMMI Levels for Class A and B SoftwareSWE-032 - CMMI Levels for Class A and B Software
Excerpt Include
SWE-100 - Software Training FundingSWE-100 - Software Training Funding
Excerpt Include
SWE-222 - Software Assurance TrainingSWE-222 - Software Assurance Training
Excerpt Include
SWE-098 - Agency Process Asset LibrarySWE-098 - Agency Process Asset Library
Excerpt Include
SWE-144 - Software Engineering Process AssetsSWE-144 - Software Engineering Process Assets
Excerpt Include
SWE-153 - ETA Define Document ContentSWE-153 - ETA Define Document Content
Excerpt Include
SWE-215 - Software License RightsSWE-215 - Software License Rights
Excerpt Include
SWE-216 - Internal Software Sharing ListSWE-216 - Internal Software Sharing List
Excerpt Include
SWE-217 - List of All Contributors and Disclaimer NoticeSWE-217 - List of All Contributors and Disclaimer Notice
Excerpt Include
SWE-214 - Internal Software Sharing and ReuseSWE-214 - Internal Software Sharing and Reuse
Excerpt Include
SWE-218 - Contracting OfficersSWE-218 - Contracting Officers
Excerpt Include
SWE-147 - Specify Reusability RequirementsSWE-147 - Specify Reusability Requirements
Excerpt Include
SWE-148 - Contribute to Agency Software CatalogSWE-148 - Contribute to Agency Software Catalog
Div
idtabs-3
Activity NameActivity Components
OCE and SMA benchmarking and determining the capability and maturity of software development groups. Benchmarking techniques derived from CMMI best practices. 
Training at all levels from Agency (engineering practices and related training) down to project needs (training for personnel on using development tools). 
Development of repeatable processes and practices for OCE, SMA and Center development activities. 
Determining the applicability of NPR 7150.2 requirements to a particular project. Includes requirements necessary for particular software classifications. 

The diagram below is a visual representation of the activities in a project. Participation by groups such as Institutional Support and Center Support span the whole of the project. the smaller activity boxes represent things that go on for shorter periods of time and as part of a logical sequence. For example, Requirements, Architecture and Design would come before Implementation and Unit Testing. Some activities take place multiple times over the life of a project and occur as needed such as Configuration Management and Peer Reviews. Finally, certain Reviews occur during the life of the project and they are represented at the bottom of the diagram. A timeline is not fixed to this diagram because it varies to suit the needs of the project. The positioning of activities is notional and is, in many  cases, repeating. This repetition is accounted for in the project schedule and its updates. 

Image Added

1.3 Activity Groupings

The tabs in this page initially will contain all of the activities in Ch 2 through 5 of NPR 7150.2. This is done to ensure that all SWEs are accounted for. 

As the page matures, Topics, PATs, and other resources will be distributed to enrich the content of the activities. 

1.4 What Activities ARE and ARE NOT

Activities bring together SWEHB materials that have something in common. In doing this, the activity page brings together links to pages that contain valuable information and guidance about the business of the activity. Activities represent a way of organizing work to make sure that it is performed in a way to ensure the best results. That means, satisfying requirements and achieving mission goals.  

It is NOT: 

  • a list of things that you MUST do - all of the things in an activity such as tasks and work products are suggestions. They are meant to be representative of how you might accomplish the requirements of NPR 7150.2 and the guidance in the Software Engineering Handbook. 
  • a set of templates and forms that must be filled out - 
  • extra things that you must do IN ADDITION to the work in your project (requirements, and mission objectives)
Div
idtabs-2

2. Institutional Activities

The Institutional Activities include activities associated with OCE, OSMA, and Centers as well as Software Development Project teams. Each activity contains several requirements (from NPR 7150.2D chapter 2)  ensuring that higher levels of management establish certain means and infrastructure for projects to use in their projects. In some cases, requirements for Project teams are included describing the use of the management provided resources in their projects. 

For example: Management is responsible for providing training for engineers who develop software. Project teams are responsible for ensuring that team members have had this training (in addition to other training on project specific systems and software) so that they may produce high quality software. 

2.1 OCE  and OSMA Software Engineering Initiative

Agency Level Activities are intended to provide "enabling support" to project teams. These activities include direction, guidance and support to project teams. The requirements describing these activities are found in NPR 7150.2D Chapter 2. The full activity includes some requirements from Chapters 3 through 5 which are the responsibility of the project teams to satisfy. Many of the names for these Activities come directly from NPR 7150.2D. In a few cases, the names are changed to better express the full scope of the Activity. 

Activity NameActivity Components
OCE and SMA benchmarking and determining the capability and maturity of software development groups. Benchmarking techniques derived from CMMI best practices. 
Training at all levels from Agency (engineering practices and related training) down to project needs (training for personnel on using development tools). 
Development of repeatable processes and practices for OCE, SMA and Center development activities. 

Determining the applicability of NPR 7150.2 requirements to a particular project. Includes requirements necessary for particular software classifications. 

Includes SWEs from section 3.5 Software Classification Assessments. 

Suggested measurements and practices for software projects. 


Panel
borderColorblue
titleNPR 7150.2D para 5.4.1

Software measurement is a primary tool for managing software processes and evaluating the quality of software products. Analysis of measures provides insight into the capability of the software organization and identifies opportunities for software process and product improvements. Software measurement programs at multiple levels are established to meet measurement objectives. The requirements below are designed to reinforce the use of measurement at the project, Center software organization, and NASA Chief Engineer levels to assist in managing projects, assuring quality, and improving software engineering practices.

Panel
titleNPR 7150.2D para 2.1.1.6

The NASA OCE shall maintain an Agency-wide process asset library of applicable best practices and process templates for all size projects

Requirements related to the licensing, sharing and reuse of some or all of software products. 
Div
idtabs-3

3. Activities

The Software and Assurance activities associated with Software Development Projects are listed as links below. 

Each page will contain an activity description and contain links to all the associated SWEs, Topics, PATs, and other pages in the SWEHB that are associated with the activity. 

3.1 Software Activity Pages

Links go to existing pages. Underlined (Red in edit mode)  links have not yet been created. All activity pages to be children of the Software Project Activities page.

Content structure is contained in the Activity Template

Project Software Activities

Activity NameActivity Components
Life Cycle Planning
Panel
borderColorblue
titleNPR 7150.2D para 3.1.1

Software life cycle planning covers the software aspects of a project from inception through retirement. The software life cycle planning is an organizing process that considers the software as a whole and provides the planning activities required to ensure a coordinated, well-engineered process for defining and implementing project activities. These processes, plans, and activities are coordinated within the project. At project conception, software needs for the project are analyzed, including acquisition, supply, development, operation, maintenance, retirement, decommissioning, and supporting activities and processes. The software effort is scoped, the development processes defined, measurements defined, and activities are documented in software planning documents.

Activity - Software Peer Reviews and Inspections
Panel
borderColorblue
titleNPR 7150.2D para 5.3.1

Software peer reviews and inspections are the in-process technical examination of work products by peers to find and eliminate defects early in the life cycle. Software peer reviews and inspections are performed following defined procedures covering the preparation for the review, the review itself is conducted, results are recorded, results are reported, and completion criteria is certified. When planning the composition of a software peer review or inspection team, consider including software testing, system testing, software assurance, software safety, software cybersecurity, and software IV&V personnel.

Used when software is acquired or secured from outside sources. 
Used for monitoring progress and keeping the project under control through minor adjustments 
Used for establishing cost of development of the software products. It includes multiple models and parameters, direct and indirect costs, for the work so that tracking can be effectively done. 
Used for establishing and maintaining the development and delivery schedule. Takes into account dependencies on other projects and programs. Includes time for reviews and tracking of issues to resolution,  
Ensures that the project follows established processes and practices. Includes audits and corrective actions. 
Independent testing and evaluation of software against requirements and performance criteria. Applicable to certain categories of projects. Includes planning, execution of tests and tracking issues and risks to closure.   
Includes determining of software is considered safety-critical, and implementing additional requirements to ensure safety of the software product. 

Evaluation of software requirements and planning for their realization in the final software products. 

Panel
borderColorblue
titleNPR 7150.2D para 4.2.1

Experience confirms that the quality and longevity of a software-reliant system is primarily determined by its architecture. The software architecture underpins a system’s software design and code; it represents the earliest design decisions, ones that are difficult and costly to change later. The transformation of the derived and allocated requirements into the software architecture results in the basis for all software development work.

Panel
borderColorblue
titleNPR 7150.2D para 4.3.1

Software design is the process of defining the software architecture, components, modules, interfaces, and data for a software system to satisfy specified requirements. The software architecture is the fundamental organization of a system embodied in its components, their relationships to each other and the environment, and the principles guiding its design and evolution. The software architectural design is concerned with creating a strong overall structure for software entities that fulfill the allocated system and software-level requirements. Typical views captured in an architectural design include the decomposition of the software subsystem into design entities, computer software configuration items, definitions of external and internal interfaces, dependency relationships among entities and system resources, and finite state machines. The design should be further refined into lower-level entities that permit the implementation by coding in a programming language. Typical attributes that are documented for lower-level entities include the identifier, type, purpose, function, constraints, subordinates, dependencies, interface, resources, processing, and data. Rigorous specification languages, graphical representations, and related tools have been developed to support the evaluation of critical properties at the design level. Projects are encouraged to take advantage of these improved design techniques to prevent and eliminate errors as early in the life cycle as possible. Software, developed or purchased, has additional requirements to comply with from Section 508 of the Rehabilitation Act, as defined in NPR 2800.2.

Panel
borderColorblue
titleNPR 7150.2D para 4.4.1

Software implementation consists of implementing the requirements and design into code, data, and records. Software implementation also consists of following coding methods and standards. Unit testing is also usually a part of software implementation (unit testing can also be conducted during the testing phase).

Includes integration of modules into a final deliverable package and testing of that package to determine if it is ready for delivery. 

Panel
borderColorblue
titleNPR 7150.2D para 4.5.1

The purpose of testing is to verify the software functionality and remove defects. Testing verifies the code against the requirements and the design to ensure that the requirements are implemented. Testing also identifies problems and defects that are corrected and tracked to closure before product delivery. Testing also validates that the software operates appropriately in the intended environment. Please note for Class A software there are additional software test requirements and software integration requirements as defined in NPR 8705.2.

  • Acceptance and Release
Final determination of the readiness of the software for release. Includes acceptance testing, and other readiness criteria. 
  • Maintenance

Addresses any ongoing maintenance considerations for the software products. 

Panel
borderColorblue
titleNPR 7150.2D para 4.6.1

Planning for operations, maintenance, and retirement are typically considered throughout the software life cycle. Operational concepts and scenarios are derived from customer requirements and validated in the operational or simulated environment. Software maintenance activities sustain the software product after the product is delivered to the customer until retirement.

  • Operations

Addresses any ongoing operations considerations for the software products

Panel
borderColorblue
titleNPR 7150.2D para 4.6.1

Planning for operations, maintenance, and retirement are typically considered throughout the software life cycle. Operational concepts and scenarios are derived from customer requirements and validated in the operational or simulated environment. Software maintenance activities sustain the software product after the product is delivered to the customer until retirement.

  • Retirement

Addresses any retirement or replacement considerations for the software products

Panel
borderColorblue
titleNPR 7150.2D para 4.6.1

Planning for operations, maintenance, and retirement are typically considered throughout the software life cycle. Operational concepts and scenarios are derived from customer requirements and validated in the operational or simulated environment. Software maintenance activities sustain the software product after the product is delivered to the customer until retirement.

Includes control over software products during development along with any associated work products. 

Panel
borderColorblue
titleNPR 7150.2D para 5.1.1

Software Configuration Management (SCM) is the process of applying configuration management throughout the software life cycle to ensure the completeness and correctness of software configuration items. SCM applies technical and administrative direction and surveillance to identify and record the functional and physical characteristics of software configuration items, control changes to those characteristics, record and report change processing and implementation status, and verify compliance with specified requirements. SCM establishes and maintains the integrity of the products of a software project throughout the software life cycle. Use of standard Center or organizational SCM processes and procedures is encouraged where applicable.

Planning, monitoring and controlling risks which could impact the software products. 

Panel
borderColorblue
titleNPR 7150.2D para 5.2

Record, analyze, plan, track, control, and communicate all of the software risks and mitigation plans.

Identification and tracking of non-conforming products and software. Includes ensuring that defects are removed or fixed. 

  • Project Closeout

Includes the closing of projects and dispositioning work products that may need to be used in subsequent projects related to the software products. 

Panel
borderColorblue
titleNPR 7150.2D para 4.6.1

Planning for operations, maintenance, and retirement are typically considered throughout the software life cycle. Operational concepts and scenarios are derived from customer requirements and validated in the operational or simulated environment. Software maintenance activities sustain the software product after the product is delivered to the customer until retirement.

3.2 Software Assurance Activities

Panel
borderColorblue
titleNASA-STD-8739.8B Para 4.1

Include Page
8739.8B Para 4.1
8739.8B Para 4.1

Many of the activities of Software Assurance run parallel to Software Development Activities. In fact, development activities that have specific SA participation have a tab in the SWE specifically for Software Assurance participation. 

To further this relationship, the activities below draw on the SA requirements and tasks from NASA-STD-8739.8B and are associated with the SWEs in NPR 7150.2D. 

Activity NameActivity Components

Planning of Software Assurance activities in a Software Development Project are done in a collaborative fashion along with the Software Development team. It includes cost estimates and schedules. 

  • SA Auditing
Software Assurance tasks found in Development Activities which audit the processes and work products associated with individual SWEs. 
  • SA SW Requirements Analysis
Software Assurance Analysis tasks in Software Requirements and related activities which further improve the quality of the Software Requirements. Reducing requirement ambiguity, defects, and associated re-work in the of the software.
  • SA Design Analysis
Software Assurance Analysis tasks in Software Design and related activities which further improve the quality of the Software Design. Reducing defects and associated re-work in the design of the software. 
  • SA SW Source Code Analysis
Software Assurance Analysis tasks in Software Source Code and related activities which further improve the quality of the Software Source Code. Reducing defects and associated re-work in the of the software.
  • SA SW Testing
Software Assurance Analysis tasks in Software Testing and related activities which further improve the quality of the Software Testing. Improving test coverage, reducing test defects and associated re-work in the of the software.
  • SA Reporting
Software Assurance Analysis tasks in Software Reporting and related activities which further improve the overall Software Development Processes. Improving the Development Processes reduces defects and associated re-work in the of the software.
Independent testing and evaluation of software against requirements and performance criteria. Applicable to certain categories of projects. Includes planning, execution of tests and tracking issues and risks to closure.   
  • SA Safety and Hazard Analysis

  • SA Test Witnessing

Div
idtabs-4

4. Distribution of SWEHB pages

This tab contains a distribution of SWEs into Activities. Each SWE in the SWEHBVD is in the table. The table lists the Primary Activity in which the SWE is located. Also, for those SWEs that are associated with other activities, the associated activities are listed. This table will be used to distribute the SWEs into activities ensuring that none are lost in the distribution process. 

Under Construction in separate spreadsheet. This table will be updated periodically as the spreadsheet is completed. 

4.1 SWE pages

SWENPR paraPrimary ActivityAssociated Activity
SWE-002 - Software Engineering Initiative2.1.1.1Process Definition
SWE-004 - OCE Benchmarking2.1.1.2Benchmarking and Appraisals
SWE-152 - Review Requirements Mapping Matrices2.1.1.3Requirement Mapping, Tailoring, and Classification
SWE-129 - OCE NPR Appraisals2.1.1.4Benchmarking and Appraisals
SWE-100 - Software Training Funding2.1.1.5TrainingLife Cycle Training
SWE-098 - Agency Process Asset Library2.1.1.6Process Library
SWE-208 - Advancing Software Assurance and Software Safety Practices2.1.2.2Process Definition
SWE-209 - Benchmarking Software Assurance and Software Safety Capabilities2.1.2.3Benchmarking and Appraisals
SWE-212 - NASA-STD-8739 Mapping Matrices2.1.2.4Requirement Mapping, Tailoring, and Classification
SWE-221 - OSMA NPR Appraisals2.1.2.5Benchmarking and Appraisals
SWE-222 - Software Assurance Training2.1.2.6TrainingLife Cycle Training
SWE-223 - Tailoring IV&V project selections2.1.2.7Requirement Mapping, Tailoring, and Classification
SWE-003 - Center Improvement Plans2.1.5.2Process Definition
SWE-005 - Software Processes2.1.5.3Process Definition
SWE-140 - Comply with Requirements2.1.5.4Requirement Mapping, Tailoring, and Classification
SWE-095 - Report Engineering Discipline Status2.1.5.5Process Definition
SWE-006 - Center Software Inventory2.1.5.6Process Definition
SWE-091 - Establish and Maintain Measurement Repository2.1.5.7Measurements and Metrics
SWE-092 - Using Measurement Data2.1.5.8Measurements and Metrics
SWE-142 - Software Cost Repositories2.1.5.10Measurements and Metrics
SWE-144 - Software Engineering Process Assets2.1.5.11Process Library
SWE-153 - ETA Define Document Content2.1.5.12Process Library
SWE-215 - Software License Rights2.1.5.13Licensing, Sharing and Reuse
SWE-216 - Internal Software Sharing List2.1.5.14Licensing, Sharing and Reuse
SWE-217 - List of All Contributors and Disclaimer Notice2.1.5.15Licensing, Sharing and Reuse
SWE-214 - Internal Software Sharing and Reuse2.1.5.16Licensing, Sharing and Reuse
SWE-218 - Contracting Officers2.1.7Licensing, Sharing and Reuse
SWE-126 - Tailoring Considerations2.1.8.2Requirement Mapping, Tailoring, and Classification
SWE-150 - Review Changes To Tailored Requirements2.2.7Requirement Mapping, Tailoring, and Classification
SWE-021 - Transition to a Higher Class2.2.8Requirement Mapping, Tailoring, and Classification
SWE-033 - Acquisition vs. Development Assessment3.1.2AcquisitionLife Cycle Planning
Software Assurance Planning
SA Reporting
SWE-013 - Software Plans3.1.3Life Cycle PlanningSA Planning
SA Auditing
SWE-024 - Plan Tracking3.1.4Monitor and ControlLife Cycle Planning
Software Assurance Planning
SA Reporting
SA Auditing
SWE-034 - Acceptance Criteria3.1.5Acceptance and ReleaseLife Cycle Planning
Software Assurance Planning
SA Design Analysis
SA SW Source Code Analysis
SA Reporting
SWE-036 - Software Process Determination3.1.6Life Cycle PlanningSoftware Assurance Planning
SWE-037 - Software Milestones3.1.7Life Cycle PlanningSoftware Assurance Planning
SA Reporting
SWE-039 - Software Supplier Insight3.1.8AcquisitionLife Cycle Planning
Software Assurance Planning
SA Auditing
SWE-040 - Access to Software Products3.1.9Life Cycle PlanningSoftware Assurance Planning
SWE-042 - Source Code Electronic Access3.1.10Life Cycle PlanningSoftware Assurance Planning
SWE-139 - Shall Statements3.1.11Requirement Mapping, Tailoring, and ClassificationLife Cycle Planning
SA Planning
SA Reporting
SA Auditing
SWE-121 - Document Tailored Requirements3.1.12Life Cycle PlanningSA Planning
SWE-125 - Requirements Compliance Matrix3.1.13Life Cycle PlanningSA Planning
SWE-027 - Use of Commercial, Government, and Legacy Software3.1.14Life Cycle PlanningSoftware Assurance Planning
SWE-015 - Cost Estimation3.2.1Software Cost EstimationSoftware Assurance Planning
SWE-151 - Cost Estimate Conditions3.2.2Software Cost EstimationSA Planning
SA Reporting
SWE-174 - Software Planning Parameters3.2.3Software Cost Estimation
SWE-016 - Software Schedule3.3.1Software SchedulesSA Planning
SA Reporting
SA Auditing
SWE-018 - Software Activities Review3.3.2Software Schedules
SWE-046 - Supplier Software Schedule3.3.3Software SchedulesSA Planning
SWE-017 - Project and Software Training3.4.1TrainingLife Cycle Planning
SWE-020 - Software Classification3.5.1Requirement Mapping, Tailoring, and ClassificationSA Planning
SWE-176 - Software Records3.5.2Requirement Mapping, Tailoring, and Classification
SWE-022 - Software Assurance3.6.1Software Assurance
SWE-141 - Software Independent Verification and Validation3.6.2IV&V
SWE-131 - Independent Verification and Validation Project Execution Plan3.6.3IV&V
SWE-178 - IV&V Artifacts3.6.4IV&V
SWE-179 - IV&V Submitted Issues and Risks3.6.5IV&V
SWE-205 - Determination of Safety-Critical Software3.7.1Safety-Critical SoftwareSA Reporting
SWE-023 - Software Safety-Critical Requirements3.7.2Safety-Critical Software
SWE-134 - Safety-Critical Software Design Requirements3.7.3Safety-Critical SoftwareSA Design Analysis
SA SW Requirements Analysis
SA SW Source Code Analysis
SA Reporting
SWE-219 - Code Coverage for Safety Critical Software3.7.4Safety-Critical Software
SWE-220 - Cyclomatic Complexity for Safety-Critical Software3.7.5Safety-Critical Software
SWE-146 - Auto-generated Source Code3.8.1Implementation and Unit TestingSA Reporting
SWE-206 - Auto-Generation Software Inputs3.8.2Implementation and Unit TestingAcquisition
SWE-032 - CMMI Levels for Class A and B Software3.9.2Benchmarking and AppraisalsSA Reporting
SA Auditing
SWE-147 - Specify Reusability Requirements3.10.1Licensing, Sharing and Reuse
SWE-148 - Contribute to Agency Software Catalog3.10.2Licensing, Sharing and Reuse
SWE-156 - Evaluate Systems for Security Risks3.11.2Software Cybersecurity
SWE-154 - Identify Security Risks3.11.3Software Cybersecurity
SWE-157 - Protect Against Unauthorized Access3.11.4Software Cybersecurity
SWE-159 - Verify and Validate Risk Mitigations3.11.5Software CybersecuritySA SW Source Code Analysis
SWE-207 - Secure Coding Practices3.11.6Software CybersecuritySA SW Source Code Analysis
SWE-185 - Secure Coding Standards Verification3.11.7Software Cybersecurity
SWE-210 - Detection of Adversarial Actions3.11.8Software CybersecuritySA SW Requirements Analysis
SWE-052 - Bidirectional Traceability3.12.1Software Requirements SA SW Requirements Analysis
SWE-050 - Software Requirements4.1.2Software Requirements 
SWE-051 - Software Requirements Analysis4.1.3Software Requirements SA SW Requirements Analysis
SWE-184 - Software-related Constraints and Assumptions4.1.4Software Requirements SA SW Requirements Analysis
SWE-053 - Manage Requirements Changes4.1.5Software Requirements 
SWE-054 - Corrective Action for Inconsistencies4.1.6Software Requirements SA Reporting
SWE-055 - Requirements Validation4.1.7Software Requirements 
SWE-057 - Software Architecture4.2.3Software ArchitectureSA Design Analysis
SWE-143 - Software Architecture Review4.2.4Software ArchitectureSA Reporting
SWE-058 - Detailed Design4.3.2Software DesignSA Design Analysis
SWE-060 - Coding Software4.4.2Software Implementation
SWE-061 - Coding Standards4.4.3Software ImplementationSA SW Source Code Analysis
SWE-135 - Static Analysis4.4.4Software ImplementationSA SW Source Code Analysis
SWE-062 - Unit Test4.4.5Software Implementation
SWE-186 - Unit Test Repeatability4.4.6Software Implementation
SWE-063 - Release Version Description4.4.7Software Implementation
SWE-136 - Software Tool Accreditation4.4.8Software Implementation
SWE-065 - Test Plan, Procedures, Reports4.5.2Software Testing
SWE-066 - Perform Testing4.5.3Software Testing
SWE-187 -Control of Software Items4.5.4Software Testing
SWE-068 - Evaluate Test Results4.5.5Software Testing
SWE-070 - Models, Simulations, Tools4.5.6Software Testing
SWE-071 - Update Test Plans and Procedures4.5.7Software Testing
SWE-073 - Platform or Hi-Fidelity Simulations4.5.8Software Testing
SWE-189 - Code Coverage Measurements4.5.9Software Testing
SWE-190 - Verify Code Coverage4.5.10Software Testing
SWE-191 - Software Regression Testing4.5.11Software TestingSA Reporting
SWE-192 - Software Hazardous Requirements4.5.12Software Testing
SWE-193 - Acceptance Testing for Affected System and Software Behavior4.5.13Software Testing
SWE-211 - Test Levels of Non-Custom Developed Software4.5.14Software Testing
SWE-075 - Plan Operations, Maintenance, Retirement4.6.2OperationsSA Reporting
SWE-077 - Deliver Software Products4.6.3Acceptance and ReleaseSA Auditing
SWE-194 - Delivery Requirements Verification4.6.4Acceptance and Release
SWE-195 - Software Maintenance Phase4.6.5MaintenanceSA Auditing
SWE-196 - Software Retirement Archival4.6.6Retirement
SWE-079 - Develop CM Plan5.1.2Software Configuration ManagementSA Reporting
SA Auditing
SWE-080 - Track and Evaluate Changes5.1.3Software Configuration ManagementSA Design Analysis
SA SW Requirements Analysis
SA SW Source Code Analysis
SWE-081 - Identify Software CM Items5.1.4Software Configuration ManagementSA Design Analysis
SA SW Requirements Analysis
SA SW Source Code Analysis
SA Reporting
SWE-082 - Authorizing Changes5.1.5Software Configuration Management
SWE-083 - Status Accounting5.1.6Software Configuration Management
SWE-084 - Configuration Audits5.1.7Software Configuration ManagementSA Auditing
SWE-085 - Release Management5.1.8Software Configuration ManagementSA Auditing
SWE-045 - Project Participation in Audits5.1.9Software Configuration ManagementSA Reporting
SA Auditing
SWE-086 - Continuous Risk Management5.2Software Risk ManagementSA Reporting
SA Auditing
SWE-087 - Software Peer Reviews and Inspections for Requirements, Plans, Design, Code, and Test Procedures5.3.2Software Peer Reviews and InspectionsSA SW Requirements Analysis
SWE-088 - Software Peer Reviews and Inspections - Checklist Criteria and Tracking5.3.3Software Peer Reviews and InspectionsSA Auditing
SWE-089 - Software Peer Reviews and Inspections - Basic Measurements5.3.4Software Peer Reviews and Inspections
SWE-090 - Management and Technical Measurements5.4.2Measurements and MetricsSA Reporting
SWE-093 - Analysis of Measurement Data5.4.3Measurements and MetricsSA Reporting
SWE-094 - Reporting of Measurement Analysis5.4.4Measurements and Metrics
SWE-199 - Performance Measures5.4.5Measurements and MetricsSA Reporting
SWE-200 - Software Requirements Volatility Metrics5.4.6Software MeasurementsSA Reporting
SWE-201 - Software Non-Conformances5.5.1Software Non-conformance or Defect Management
SWE-202 - Software Severity Levels5.5.2Software Non-conformance or Defect ManagementSA Reporting
SWE-203 - Mandatory Assessments for Non-Conformances5.5.3Software Non-conformance or Defect ManagementSA Design Analysis
SA SW Requirements Analysis
SA SW Source Code Analysis
SWE-204 - Process Assessments5.5.4Software Non-conformance or Defect ManagementSA Reporting

4.2 Topic Pages

Includes Recommended Content pages from some of the topic pages. 

Topic #ActivityAssociated Activities
6.1 - Design for Safety ChecklistSA Safety and Hazard Analysis
6.2 - Checklist for General Software Safety RequirementsSA Safety and Hazard Analysis
6.3 - Checklist for Choosing a Real Time Operating System (RTOS)Implementation and Unit TestingLicensing, Sharing and Reuse
Software Design
6.4 - Checklist for Choosing Off-The Shelf Software (OTS)Implementation and Unit TestingLicensing, Sharing and Reuse
Software Design
6.5 - Checklist for C Programming PracticesImplementation and Unit Testing
6.6 - Checklist for C++ Programming PracticesImplementation and Unit Testing
6.7 - Checklist for Ada Programming PracticesImplementation and Unit Testing
6.8 - Checklist for Fortran Programming PracticesImplementation and Unit Testing
6.9 - Checklist for Generic (Non-Language-Specific) Programming PracticesImplementation and Unit Testing
6.10 - Checklist for General Good Programming PracticesImplementation and Unit Testing
6.11 - Examples of Programming Practices for Exception HandlingImplementation and Unit Testing
7.1 - History and Overview of the Software Process Improvement (SPI) EffortProcess Definition
7.2 - Classification and Safety-CriticalityRequirement Mapping, Tailoring, and Classification
7.3 - Acquisition GuidanceAcquisition
7.4 - Flowdown of NPR Requirements on Contracts and to Other Centers in Multi-Center ProjectsLife Cycle Planning- Acquisition
- Requirement Mapping, Tailoring, and Classification
7.5 - Work Breakdown Structures That Include SoftwareSoftware SchedulingCost Estimation
7.6 - Software Test Estimation and Testing LevelsSoftware Scheduling- Cost Estimation
- Implementation and Unit Testing
- Integration and Testing
7.7 - Software Architecture DescriptionSoftware Architecture
7.8 - Maturity of Life-Cycle Products at Milestone ReviewsSoftware SchedulingLife Cycle Planning
7.9 - Entrance and Exit CriteriaSoftware SchedulingLife Cycle Planning
7.10 - Peer Review and Inspections Including ChecklistsPeer Reviews and Inspections
7.11 - SWE Historyn/a
7.12 - Retiredn/a
7.13 - Transitioning to a Higher ClassRequirement Mapping, Tailoring, and Classification
7.14 - Implementing Measurement Requirements and Analysis for ProjectsMeasurements and Metrics
7.15 - Relationship Between NPR 7150.2 and NASA-STD-7009Software Architecture- Software Design
-Integration and Testing
7.16 - Appendix C. Requirements Mapping and Compliance MatrixRequirement Mapping, Tailoring, and Classification
7.17 - 7150.2C Appendices (Definitions, References, etc.)n/a
7.18 - Documentation Guidancen/a
CR-PR - Software Change Request - Problem ReportNon-Conformance and Defect Management
IDD - Interface Design DescriptionSoftware ArchitectureSoftware Design
Inspect - Software Inspection, Peer Reviews, InspectionsPeer Reviews and Inspections
Maint - Software Maintenance PlanMaintenance
Metrics - Software Metrics ReportMeasurements and Metrics
SCMP - Software Configuration Management PlanConfiguration Management
SDD - Software Data DictionarySoftware Design
SDP-SMP - Software Development - Management PlanLife Cycle Planning
SRS - Software Requirements SpecificationSoftware Requirements
STP - Software Test PlanIntegration and Testing
STR - Software Test ReportIntegration and Testing
SUM - Software User ManualOperationsAcceptance and Release
SwDD - Software Design DescriptionSoftware Design
Test - Software Test ProceduresIntegration and Testing
Train - Software Training PlanTraining
VDD - Version Description DocumentAcceptance and Release
7.19 - Software Risk Management ChecklistsRisk Management
7.20 - Assessing - Meets the IntentRisk Management
7.21 - Multi-condition Software RequirementsIntegration and TestingSafety-Critical Software
8.1 - Off Nonimal TestingSA SW Testing AnalysisSA SW Testing Analysis
8.2 - Software ReliabilitySA SW Testing Analysis
8.3 - Organizational Goals of Software Assurance MetricsMeasurements and Metrics
8.4 - Additional Requirements Considerations for Use with Safety-Critical SoftwareSA Safety and Hazard Analysis
8.5 - SW Failure Modes and Effects AnalysisSA SW Requirements AnalysisSA Safety and Hazard Analysis
8.6 - IV&V SurveillanceIV&VAcquisition
8.7 - Software Fault Tree AnalysisSA Safety and Hazard Analysis
8.8 - COTS Software Safety ConsiderationsSA Safety and Hazard Analysis
8.9 - Software Safety AnalysisSA Safety and Hazard Analysis
8.10 - Facility Software Safety ConsiderationsSA Safety and Hazard Analysis
8.11 - Auto-Generated CodeImplementation and Unit Testing
8.12 - Basics of Software AuditingSA Auditing
8.13 Test WitnessingSA SW Testing AnalysisSA Auditing
8.14 SA Tasking for NPR 7150.2B?
8.15 - SA Tasking Checklist Tool?
8.16 - SA Productsn/a
Audit ReportsSA Reporting
Checklists and Guidance Listsn/a
IV&V Program Execution PlanSA PlanningIV&V
Objective EvidenceAll SA Activities
Software Assurance PlanSA Planning
Software Assurance Status ReportsSA Reporting
Software Design AnalysisSA Design Analysis
 Software Requirements AnalysisSA SW Requirements Analysis
Software Safety and Hazard AnalysisSA Safety and Hazard Analysis
Source Code Quality AnalysisSA SW Source Code Analysis
Testing AnalysisSA SW Testing Analysis
8.17 - Software Safety Audit ChecklistsSA Auditing
8.18 - SA Suggested MetricsMeasurements and Metrics
8.19 - Dead / Dormant Code and Safety Critical SoftwareLicensing, Sharing and Reuse- SA Safety and Hazard Analysis
- Software Design
8.20 - Safety Specific Activities in Each PhaseSA Safety and Hazard Analysis
8.21 - Software Hazard CausesSA Safety and Hazard Analysis
8.22 - Hazardous CommandsSA Safety and Hazard Analysis
8.23 - Software Contents of a Certification of Flight ReadinessAcceptance and Release
Software Design Principles Software DesignSA Design Analysis
Software Safety and Design PrinciplesSA Design AnalysisSoftware Design
Coding StandardsSoftware DesignSA Design Analysis
Command Receipt AcknowledgementSoftware DesignSA Design Analysis
Data Interface IntegritySoftware DesignSA Design Analysis
Dead Code ExclusionSoftware DesignSA Design Analysis
Fault Detection and ResponseSoftware DesignSA Design Analysis
Flight Software ModificationSoftware DesignSA Design Analysis
Incorrect Memory Use or AccessSoftware DesignSA Design Analysis
Initialization - Safe ModeSoftware DesignSA Design Analysis
Invalid Data HandlingSoftware DesignSA Design Analysis
Resource MarginsSoftware DesignSA Design Analysis
Resource OversubscriptionSoftware DesignSA Design Analysis
Resource Usage MeasurementSoftware DesignSA Design Analysis
Safe TransitionsSoftware DesignSA Design Analysis
Thread SafetySoftware DesignSA Design Analysis

4.3 PAT Pages

PAT #ActivityAssociated Activities
PAT-001 - FCA ChecklistSoftware Configuration Management
PAT-002 - PCA ChecklistSoftware Configuration Management
PAT-003 - Functional Requirements ChecklistPeer Reviews and InspectionsSA SW Requirements Analysis
PAT-004 - Safety Requirements Analysis ChecklistSA SW Requirements Analysis
PAT-005 - Software Component Design Analysis ChecklistSA Design Analysis
PAT-006 - Design Practices for SafetySA Design AnalysisSA Safety and Hazard Analysis
PAT-007 - Checklist for General Software Safety RequirementsSA Safety and Hazard Analysis
PAT-008 - Safety Considerations for Design Peer Reviews ChecklistSA Safety and Hazard AnalysisPeer Reviews and Inspections
PAT-009 - Software Safety Process AuditSA Safety and Hazard Analysis
PAT-010 - Software Safety Activities for Internal AuditSA Safety and Hazard Analysis
PAT-011 - ISO 27001-2013 Audit Checklist

PAT-012 - Detection of Adversarial ActionsSoftware Cybersecurity
PAT-013 - Software Requirements ChecklistSoftware RequirementsPeer Reviews and Inspections
PAT-014 - Architecture Design ChecklistSoftware ArchitecturePeer Reviews and Inspections
PAT-015 - Detailed Design ChecklistSoftware DesignPeer Reviews and Inspections
PAT-016 - Functional Design ChecklistSoftware DesignPeer Reviews and Inspections
PAT-017 - C Code Inspection ChecklistIntegration and TestingPeer Reviews and Inspections
PAT-018 - Test Plan ChecklistIntegration and Testing- Implementation and Unit Testing
- Peer Reviews and Inspections
PAT-019 - Test Procedure ChecklistIntegration and Testing- Implementation and Unit Testing
- Peer Reviews and Inspections
PAT-020 - Examples of Interface ProblemsSA Design Analysis
PAT-021 - SADESIGN ChecklistSA Design Analysis
PAT-022 - Programming Practices ChecklistImplementation and Unit Testing
PAT-023 - Preparing for a SARB ChecklistSoftware ArchitectureSA Design Analysis
PAT-024 - Checklist for Choosing Off-The Shelf SoftwareAcquisition
PAT-025 - Checklist for Choosing a Real Time Operating System (RTOS)Acquisition
PAT-026 - Test Review Checklist For Test LeadsIntegration and TestingSA SW Testing Analysis
PAT-027 - Test Review Checklist For Review TeamsIntegration and TestingSA SW Testing Analysis
PAT-028 - NPR 7150.2D Compliance MatrixRequirement Mapping, Tailoring, and Classification
PAT-029 - Software Architecture Review Board ChecklistSoftware ArchitectureSA Design Analysis
PAT-030 - SARB Review Checklist with GuidanceSoftware ArchitectureSA Design Analysis

4.4 Other Pages


Warning

Add page/groups from 8739.8B 

  • SA Tasks
  • IV&V Overview and Requirements
  • SA Tailoring Standard Requirements
Div
idtabs-5

5. Activity Page Structure

We will need to decide how to consistently display information about activities. Since we have two groups involved with the Activity pages. There are multiple ways of displaying the information related to an Activity. 

5.1 Common Elements in the Activity Structure

Tab TitleContent
1IntroductionBrief description of the activity and its scope. If applicable, a quote from the NPR or STD is used to amplify the description. 
1.1InputsList of some of the inputs from other activities that are necessary for the activity to begin. 
1.2 Predecessor ActivitiesList of some of the other activities that must be started (not necessarily completed) so that this activity may begin. 
1.3OutputsList of some of the outputs or work products of the activity. These are typically used as inputs by the downstream activity. In some cases there is a supporting SWE associated with the work product. 
1.4Successor ActivitiesLinks to Activities which might be started or supported by this activity. 
1.5 Activity Repetition

Describe what conditions determine if the activity needs to be repeated, such as re-planning after a change in requirements or schedule constraints. 

  • How much of the activity needs to be repeated
    • Frequency of repetition
1.6Center Resources from SPANAdd links to SPAN activity pages that are appropriate for this activity. Use links from the Activity section of the SPAN front page. SPAN. This further differentiates SWEHB from SPAN in the sense that PATs are templates derived from SWEHB guidance, SPAN assets and templates are Center defined and developed resources. 
2Defining Software Development ActivityThis tab contains the links to pages in the SWEHB that are at the heart of the activity.
2.1SWEsThis section contains the links to SWE pages that form the heart of the activity.
2.2Topics and other Supporting Materials

This section is for SWEHB pages, other than SWEs, that directly support the activity. This section contains Topics, document content pages, PATs, and other pages. 

  • Topics
  • Document Structures
  • Process Asset Templates
  • Other Supporting Materials
2.3Other Associated SWEs, Topics, etc.Includes other SWEHB pages that are indirectly associated with the activity. May include SWEs, Topics, document definition pages, PATs, etc. They may have been mentioned in the guidance of another page. This section may be removed if there is no content for it.
3Defining SA ActivityThis tab contains the links to pages in the SWEHB that are at the heart of the activity.
3.1SWEsThis section contains the links to SWE pages that form the heart of the activity.
3.2Topics and other Supporting Materials

This section is for SWEHB pages, other than SWEs, that directly support the SA activity. This section contains Topics, document content pages, PATs, and other pages. 

  • Topics
  • Document Structures
  • Process Asset Templates
  • Other Supporting Materials
3.3Other Associated SWEs, Topics, etc.Includes other SWEHB pages that are indirectly associated with the activity. May include SWEs, Topics, document definition pages, PATs, etc. They may have been mentioned in the guidance of another page. This section may be removed if there is no content for it.


5.1 Combined Format

In the combined format, Activities that are closely related such as Planning may have a combined format. Tab 2 information is associated with both Software Engineering and Software Assurance content.  An additional tab is provided to include SA tasks (from the included SWEs) that apply to the activity. 

A risk associated with this way of displaying Activity information is that it may be difficult to easily pick out the SA pieces from the Engineering pieces of an activity. It will be critical to specify who is involved in each element of the activity. An example of this can be found in Planning where the Engineering and Assurance elements of the activity run in parallel and have considerable overlap. Engineering will plan certain processes and then Assurance will plan the auditing of those processes. 

Image Added


5.2 Separate Formats 

In separate formats, there is  only one template. The indication of who is performing the activity is indicated in the title of the Activity. In this example, SA activities include the SA Task lists from the associated SWEs. Software Engineering Activities would not have SA Tasks displayed in section 2.1. 


Image Added


Div
idtabs-6

6. Alternative Activity Styles

The Activity is a new concept for organizing content in SWEHB. In this tab, we explore various ways to display activity content while keeping several requirements in mind: 

  • minimize the creation of new content by reusing existing content as much as possible. 
  • minimize training necessary to use the activity, it should be obvious how to use the activity and its information
  • make the activity inclusive so that Software Developers and Software Assurance and others can use it easily

6.1 Initial Reactions to First Two Templates

At our 12/13/2023 meeting, there was some discussion about the organization and content of the two templates reviewed. It was not clear how these templates would accomplish the inclusivity requirement above. In this tab, we will explore some alternatives to these first two templates to attempt to get an Activity organization that satisfies all of the requirements. 


Include Page
SPA6 Alternative Activity Structure
SPA6 Alternative Activity Structure

Suggested measurements and practices for software projects. 

Div
idtabs-7

7. Other Considerations For Activities

7.1 Readiness Reviews in Activities

Topic 7.09 - Entrance and Exit Criteria covers a number of reviews that occur at the completion of certain activities.

  • Should these reviews be accounted for in the activities? 
  • Are they activities by themselves? 
  • Do we need PATS for each of these reviews?
    • Could be a single PAT for each review or 3 PATS (Entrance Criteria, Materials for Review, Exit Criteria) for each review. 

7.2 Life Cycle Products

Topic 7.08 - Maturity of Life Cycle Products at Milestone Reviews covers maturity of certain life cycle work products at the times of readiness reviews. Currently they are mentioned in the Inputs and Outputs sections of activity tab 1. 

  • Should these Work Products be accounted for in the activities in greater depth? Currently I list the docs that are in 7.18. Maybe this should be expanded to cover the docs in NPR 7150.2D, Chapter 6?
  • Some docs in Chapter 6 are not broken out in 7.18. They exist as sections of the docs (like Software Development Plan). Should these be mentioned in the appropriate activity?

7.3 Software Engineering Products 

From NPR 7150.2D, Chapter 6, there are some products in the list that are not in Topic 7.18 Documentation Guidance (Minimum Document Content):

  • w. Programmer’s/Developer’s Manual

Does this require another Topic? 

7.4 Reformatting of Guidance in SWEs

In the Copy of SWE-058 - Detailed Design with new tab 4 the guidance in tab 3 was already formatted into tasks. This permitted the Tasks to be quickly identified in the new tab 4.  Also, there were clear references to several documents (SwDD, IDD, and SUM) that made building the Work Products section of the activity easier and clearer. Metrics were adapted from those in tab 7 in the example. 

In other SWEs, there may be a need to reformat some things and build out others to get clear tasks, work products, and metrics. For example, the SWEs relating to Peer Reviews need some revisions: 

Panel
borderColorblue
titleNPR 7150.2D para 5.4.1

Software measurement is a primary tool for managing software processes and evaluating the quality of software products. Analysis of measures provides insight into the capability of the software organization and identifies opportunities for software process and product improvements. Software measurement programs at multiple levels are established to meet measurement objectives. The requirements below are designed to reinforce the use of measurement at the project, Center software organization, and NASA Chief Engineer levels to assist in managing projects, assuring quality, and improving software engineering practices.

Panel
titleNPR 7150.2D para 2.1.1.6

The NASA OCE shall maintain an Agency-wide process asset library of applicable best practices and process templates for all size projects

Requirements related to the licensing, sharing and reuse of some or all of software products. 
Activity NameActivity Components
Life Cycle Planning
Panel
borderColorblue
titleNPR 7150.2D para 3.1.1

Software life cycle planning covers the software aspects of a project from inception through retirement. The software life cycle planning is an organizing process that considers the software as a whole and provides the planning activities required to ensure a coordinated, well-engineered process for defining and implementing project activities. These processes, plans, and activities are coordinated within the project. At project conception, software needs for the project are analyzed, including acquisition, supply, development, operation, maintenance, retirement, decommissioning, and supporting activities and processes. The software effort is scoped, the development processes defined, measurements defined, and activities are documented in software planning documents.

Software Peer Reviews and Inspections
Panel
borderColorblue
titleNPR 7150.2D para 5.3.1

Software peer reviews and inspections are the in-process technical examination of work products by peers to find and eliminate defects early in the life cycle. Software peer reviews and inspections are performed following defined procedures covering the preparation for the review, the review itself is conducted, results are recorded, results are reported, and completion criteria is certified. When planning the composition of a software peer review or inspection team, consider including software testing, system testing, software assurance, software safety, software cybersecurity, and software IV&V personnel.

Used when software is acquired or secured from outside sources. 
Used for monitoring progress and keeping the project under control through minor adjustments 
Used for establishing cost of development of the software products. It includes multiple models and parameters, direct and indirect costs, for the work so that tracking can be effectively done. 
Used for establishing and maintaining the development and delivery schedule. Takes into account dependencies on other projects and programs. Includes time for reviews and tracking of issues to resolution,  
Ensures that the project follows established processes and practices. Includes audits and corrective actions. 
Independent testing and evaluation of software against requirements and performance criteria. Applicable to certain categories of projects. Includes planning, execution of tests and tracking issues and risks to closure.   
Includes determining of software is considered safety-critical, and implementing additional requirements to ensure safety of the software product. 

Evaluation of software requirements and planning for their realization in the final software products. 

Panel
borderColorblue
titleNPR 7150.2D para 4.2.1

Experience confirms that the quality and longevity of a software-reliant system is primarily determined by its architecture. The software architecture underpins a system’s software design and code; it represents the earliest design decisions, ones that are difficult and costly to change later. The transformation of the derived and allocated requirements into the software architecture results in the basis for all software development work.

Panel
borderColorblue
titleNPR 7150.2D para 4.3.1

Software design is the process of defining the software architecture, components, modules, interfaces, and data for a software system to satisfy specified requirements. The software architecture is the fundamental organization of a system embodied in its components, their relationships to each other and the environment, and the principles guiding its design and evolution. The software architectural design is concerned with creating a strong overall structure for software entities that fulfill the allocated system and software-level requirements. Typical views captured in an architectural design include the decomposition of the software subsystem into design entities, computer software configuration items, definitions of external and internal interfaces, dependency relationships among entities and system resources, and finite state machines. The design should be further refined into lower-level entities that permit the implementation by coding in a programming language. Typical attributes that are documented for lower-level entities include the identifier, type, purpose, function, constraints, subordinates, dependencies, interface, resources, processing, and data. Rigorous specification languages, graphical representations, and related tools have been developed to support the evaluation of critical properties at the design level. Projects are encouraged to take advantage of these improved design techniques to prevent and eliminate errors as early in the life cycle as possible. Software, developed or purchased, has additional requirements to comply with from Section 508 of the Rehabilitation Act, as defined in NPR 2800.2.

Panel
borderColorblue
titleNPR 7150.2D para 4.4.1

Software implementation consists of implementing the requirements and design into code, data, and records. Software implementation also consists of following coding methods and standards. Unit testing is also usually a part of software implementation (unit testing can also be conducted during the testing phase).

Includes integration of modules into a final deliverable package and testing of that package to determine if it is ready for delivery. 

Panel
borderColorblue
titleNPR 7150.2D para 4.5.1

The purpose of testing is to verify the software functionality and remove defects. Testing verifies the code against the requirements and the design to ensure that the requirements are implemented. Testing also identifies problems and defects that are corrected and tracked to closure before product delivery. Testing also validates that the software operates appropriately in the intended environment. Please note for Class A software there are additional software test requirements and software integration requirements as defined in NPR 8705.2.

  • Acceptance and Release
Final determination of the readiness of the software for release. Includes acceptance testing, and other readiness criteria. 
  • Maintenance

Addresses any ongoing maintenance considerations for the software products. 

Panel
borderColorblue
titleNPR 7150.2D para 4.6.1

Planning for operations, maintenance, and retirement are typically considered throughout the software life cycle. Operational concepts and scenarios are derived from customer requirements and validated in the operational or simulated environment. Software maintenance activities sustain the software product after the product is delivered to the customer until retirement.

  • Operations

Addresses any ongoing operations considerations for the software products

Panel
borderColorblue
titleNPR 7150.2D para 4.6.1

Planning for operations, maintenance, and retirement are typically considered throughout the software life cycle. Operational concepts and scenarios are derived from customer requirements and validated in the operational or simulated environment. Software maintenance activities sustain the software product after the product is delivered to the customer until retirement.

  • Retirement

Addresses any retirement or replacement considerations for the software products

Panel
borderColorblue
titleNPR 7150.2D para 4.6.1

Planning for operations, maintenance, and retirement are typically considered throughout the software life cycle. Operational concepts and scenarios are derived from customer requirements and validated in the operational or simulated environment. Software maintenance activities sustain the software product after the product is delivered to the customer until retirement.

Includes control over software products during development along with any associated work products. 

Panel
borderColorblue
titleNPR 7150.2D para 5.1.1

Software Configuration Management (SCM) is the process of applying configuration management throughout the software life cycle to ensure the completeness and correctness of software configuration items. SCM applies technical and administrative direction and surveillance to identify and record the functional and physical characteristics of software configuration items, control changes to those characteristics, record and report change processing and implementation status, and verify compliance with specified requirements. SCM establishes and maintains the integrity of the products of a software project throughout the software life cycle. Use of standard Center or organizational SCM processes and procedures is encouraged where applicable.

Planning, monitoring and controlling risks which could impact the software products. 

Panel
borderColorblue
titleNPR 7150.2D para 5.2

Record, analyze, plan, track, control, and communicate all of the software risks and mitigation plans.

Identification and tracking of non-conforming products and software. Includes ensuring that defects are removed or fixed. 

  • Project Closeout

Includes the closing of projects and dispositioning work products that may need to be used in subsequent projects related to the software products. 

Panel
borderColorblue
titleNPR 7150.2D para 4.6.1

Planning for operations, maintenance, and retirement are typically considered throughout the software life cycle. Operational concepts and scenarios are derived from customer requirements and validated in the operational or simulated environment. Software maintenance activities sustain the software product after the product is delivered to the customer until retirement.

Div
idtabs-4

4. Distribution of SWEs

This tab contains a distribution of SWEs into Activities. Each SWE in the SWEHBVD is in the table. The table lists the Primary Activity in which the SWE is located. Also, for those SWEs that are associated with other activities, the associated activities are listed. This table will be used to distribute the SWEs into activities. 

SWENPR paraPrimary ActivityAssociated Activity
SWE-002 - Software Engineering Initiative2.1.1.1Process DefinitionSWE-004 - OCE Benchmarking2.1.1.2Benchmarking and AppraisalsSWE-152 - Review Requirements Mapping Matrices2.1.1.3Requirement Mapping and TailoringSWE-129 - OCE NPR Appraisals2.1.1.4Benchmarking and AppraisalsSWE-100 - Software Training Funding2.1.1.5TrainingSWE-098 - Agency Process Asset Library2.1.1.6Process LibrarySWE-208 - Advancing Software Assurance and Software Safety Practices2.1.2.2Process DefinitionSWE-209 - Benchmarking Software Assurance and Software Safety Capabilities2.1.2.3Benchmarking and AppraisalsSWE-212 - NASA-STD-8739 Mapping Matrices2.1.2.4Requirement Mapping and TailoringSWE-221 - OSMA NPR Appraisals2.1.2.5Benchmarking and AppraisalsSWE-222 - Software Assurance Training2.1.2.6TrainingSWE-223 - Tailoring IV&V project selections2.1.2.7Requirement Mapping and TailoringSWE-003 - Center Improvement Plans2.1.5.2Process DefinitionSWE-005 - Software Processes2.1.5.3Process DefinitionSWE-140 - Comply with Requirements2.1.5.4Requirement Mapping and TailoringSWE-095 - Report Engineering Discipline Status2.1.5.5Process DefinitionSWE-006 - Center Software Inventory2.1.5.6Process DefinitionSWE-091 - Establish and Maintain Measurement Repository2.1.5.7Measurements and MetricsSWE-092 - Using Measurement Data2.1.5.8Measurements and MetricsSWE-142 - Software Cost Repositories2.1.5.10Measurements and MetricsSWE-144 - Software Engineering Process Assets2.1.5.11Process LibrarySWE-153 - ETA Define Document Content2.1.5.12Process LibrarySWE-215 - Software License Rights2.1.5.13Licensing, Sharing and ReuseSWE-216 - Internal Software Sharing List2.1.5.14Licensing, Sharing and ReuseSWE-217 - List of All Contributors and Disclaimer Notice2.1.5.15Licensing, Sharing and ReuseSWE-214 - Internal Software Sharing and Reuse2.1.5.16Licensing, Sharing and ReuseSWE-218 - Contracting Officers2.1.7Licensing, Sharing and ReuseSWE-126 - Tailoring Considerations2.1.8.2Requirement Mapping and TailoringSWE-150 - Review Changes To Tailored Requirements2.2.7Requirement Mapping and TailoringSWE-021 - Transition to a Higher Class2.2.8Requirement Mapping and Tailoring
SWE-033 - Acquisition vs. Development Assessment3.1.2AcquisitionLife Cycle Planning
SWE-013 - Software Plans3.1.3Life Cycle Planning
SWE-024 - Plan Tracking3.1.4Monitor and ControlLife Cycle Planning
SWE-034 - Acceptance Criteria3.1.5

Acceptance and Release

Life Cycle Planning
SWE-036 - Software Process Determination3.1.6Life Cycle PlanningSWE-037 - Software Milestones3.1.7Life Cycle PlanningSWE-039 - Software Supplier Insight3.1.8AcquisitionSWE-040 - Access to Software Products3.1.9Life Cycle PlanningSWE-042 - Source Code Electronic Access3.1.10Life Cycle Planning
SWE-139 - Shall Statements3.1.11Requirement Mapping and TailoringLife Cycle Planning
SWE-121 - Document Tailored Requirements3.1.12Life Cycle PlanningSWE-125 - Requirements Compliance Matrix3.1.13Life Cycle PlanningSWE-027 - Use of Commercial, Government, and Legacy Software3.1.14Life Cycle PlanningSWE-015 - Cost Estimation3.2.1Software Cost EstimationSWE-151 - Cost Estimate Conditions3.2.2Software Cost EstimationSWE-174 - Software Planning Parameters3.2.3Software Cost EstimationSWE-016 - Software Schedule3.3.1Software SchedulesSWE-018 - Software Activities Review3.3.2Software SchedulesSWE-046 - Supplier Software Schedule3.3.3Software SchedulesSWE-017 - Project and Software Training3.4.1TrainingSWE-020 - Software Classification3.5.1Software Classification AssessmentsSWE-176 - Software Records3.5.2Software Classification AssessmentsSWE-022 - Software Assurance3.6.1Software AssuranceSWE-141 - Software Independent Verification and Validation3.6.2IV&V SWE-131 - Independent Verification and Validation Project Execution Plan3.6.3IV&V SWE-178 - IV&V Artifacts3.6.4IV&V SWE-179 - IV&V Submitted Issues and Risks3.6.5IV&V SWE-205 - Determination of Safety-Critical Software3.7.1Safety-Critical SoftwareSWE-023 - Software Safety-Critical Requirements3.7.2Safety-Critical SoftwareSWE-134 - Safety Critical Software Design Requirements3.7.3Safety-Critical SoftwareSWE-219 - Test Coverage for Safety Critical Software Components3.7.4Safety-Critical SoftwareSWE-220 - Cyclomatic Complexity Values for Safety Critical Software3.7.5Safety-Critical SoftwareSWE-146 - Auto-generated Source Code3.8.1Automatic Generation of Software Source CodeSWE-206 - Auto-Generation Software Inputs3.8.2Automatic Generation of Software Source CodeSWE-032 - CMMI Levels for Class A and B Software3.9.2Benchmarking and AppraisalsSWE-147 - Specify Reusability Requirements3.10.1Licensing, Sharing and ReuseSWE-148 - Contribute to Agency Software Catalog3.10.2Licensing, Sharing and ReuseSWE-156 - Evaluate Systems for Security Risks3.11.2Software CybersecuritySWE-154 - Identify Security Risks3.11.3Software CybersecuritySWE-157 - Protect Against Unauthorized Access3.11.4Software CybersecuritySWE-159 - Verify and Validate Risk Mitigations3.11.5Software CybersecuritySWE-207 - Secure Coding Practices3.11.6Software CybersecuritySWE-185 - Secure Coding Standards Verification3.11.7 Software CybersecuritySWE-210 - Detection of Adversarial Actions3.11.8Software CybersecuritySWE-052 - Bidirectional Traceability3.12.1Software Requirements SWE-050 - Software Requirements4.1.2Software Requirements SWE-051 - Software Requirements Analysis4.1.3Software Requirements SWE-184 - Software-related Constraints and Assumptions4.1.4Software Requirements SWE-053 - Manage Requirements Changes4.1.5Software Requirements SWE-054 - Corrective Action for Inconsistencies4.1.6Software Requirements SWE-055 - Requirements Validation4.1.7Software Requirements SWE-057 - Software Architecture4.2.3Software ArchitectureSWE-143 - Software Architecture Review4.2.4Software ArchitectureSWE-058 - Detailed Design4.3.2Software DesignSWE-060 - Coding Software4.4.2Software ImplementationSWE-061 - Coding Standards4.4.3Software ImplementationSWE-135 - Static Analysis4.4.4Software ImplementationSWE-062 - Unit Test4.4.5Software ImplementationSWE-186 - Unit Test Repeatability4.4.6Software ImplementationSWE-063 - Release Version Description4.4.7Software ImplementationSWE-136 - Software Tool Accreditation4.4.8Software ImplementationSWE-065 - Test Plan, Procedures, Reports4.5.2Software TestingSWE-066 - Perform Testing4.5.3Software TestingSWE-187 -Control of Software Items4.5.4Software TestingSWE-068 - Evaluate Test Results4.5.5Software TestingSWE-070 - Models, Simulations, Tools4.5.6Software TestingSWE-071 - Update Test Plans and Procedures4.5.7Software TestingSWE-073 - Platform or Hi-Fidelity Simulations4.5.8Software TestingSWE-189 - Code Coverage Measurements4.5.9Software TestingSWE-190 - Verify Code Coverage4.5.10Software TestingSWE-191 - Software Regression Testing4.5.11Software TestingSWE-192 - Software Hazardous Requirements4.5.12Software TestingSWE-193 - Acceptance Testing for Affected System and Software Behavior4.5.13Software TestingSWE-211 - Test Levels of Non-Custom Developed Software4.5.14Software TestingSWE-075 - Plan Operations, Maintenance, Retirement4.6.2Life Cycle PlanningSWE-077 - Deliver Software Products4.6.3Acceptance and ReleaseSWE-194 - Delivery Requirements Verification4.6.4Acceptance and ReleaseSWE-195 - Software Maintenance Phase4.6.5MaintenanceSWE-196 - Software Retirement Archival4.6.6RetirementSWE-079 - Develop CM Plan5.1.2Software Configuration Management SWE-080 - Track and Evaluate Changes5.1.3Software Configuration Management SWE-081 - Identify Software CM Items5.1.4Software Configuration Management SWE-082 - Authorizing Changes5.1.5Software Configuration Management SWE-083 - Status Accounting5.1.6Software Configuration Management SWE-084 - Configuration Audits5.1.7Software Configuration Management SWE-085 - Release Management5.1.8Software Configuration Management SWE-045 - Project Participation in Audits5.1.9Software Configuration Management SWE-086 - Continuous Risk Management5.2Software Risk Management5.3.2Software Peer Reviews and Inspections5.3.3Software Peer Reviews and InspectionsSWE-089 - Software Peer Reviews and Inspections - Basic Measurements5.3.4Software Peer Reviews and InspectionsSWE-090 - Management and Technical Measurements5.4.2Measurements and MetricsSWE-093 - Analysis of Measurement Data5.4.3Measurements and MetricsSWE-094 - Reporting of Measurement Analysis5.4.4Measurements and MetricsSWE-199 - Performance Measures5.4.5Measurements and MetricsSWE-200 - Software Requirements Volatility Metrics5.4.6Measurements and MetricsSWE-201 - Software Non-Conformances5.5.1Software Non-conformance or Defect ManagementSWE-202 - Software Severity Levels5.5.2Software Non-conformance or Defect ManagementSWE-203 - Mandatory Assessments for Non-Conformances5.5.3Software Non-conformance or Defect ManagementSWE-204 - Process Assessments5.5.4
Page Editor: Tim Crumbley
NASA Official: Tim Crumbley
Accessibility
NASA Software Engineering Handbook - A service of the NASA Office of the Chief Engineer
NASA Privacy Statement
______________________________________________________________________________