Book A.

Book B.
7150 Requirements Guidance

Book C.

References, & Terms

(NASA Only)

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin
Wiki Markup
{tabsetup:1. The Requirement|2. Rationale|3. Guidance|4. Small Projects|5. Resources|6. Lessons Learned}


h1. 1. Requirements

6.3.3 The Engineering Technical Authority(s) for this NPR shall consider the following information when assessing waivers and deviations from requirements in this NPR:
a.    The NASA software inventory data on the project.
b.    The classification of systems and subsystems containing software, as defined in Appendix E.
c.    Applicable Center-level software directives that meet the intent of this NPR.
d.    Applicable contractor and subcontractor software policies and procedures that meet the intent of this NPR.
e.    Potential impacts to NASA missions.
f.     Potential impacts to health, medical concerns, or safety.

h2. {color:#003366}{*}1.1 Notes{*}{color}

NPR 7150.2 does not include any notes for this requirement.

h2. 1.2 Applicability Across Classes

This requirement applies to all classes and safety criticalities.


h1. 2. Rationale

NPR 7150.2 contains the basic set of requirements for software developed by or for the agency.  Any request for deviation or a waiver from a particular requirement is made to the appropriate level and type of  Technical Authority(TA) as listed in Appendix D in NPR 7150.2.  When assessing the requests, the designated TA considers a number of relevant factors in their deliberation.  It is not uncommon for a waiver/deviation to require approval from Technical Authorities from two different organizations (e.g., Engineering TA as well as Safety & Mission Assurance TA). The factors listed in parts a - f of this requirement support a responsible evaluation of the waiver/deviation request.

h1. 3. Guidance

General direction for preparing '{term:Deviation}' and {term:Waiver} requests can be found in NPR 7120.5 and on the [NEN Requirements and Technical Authorities|] web page. Direction specific to software is provided in Chapter 6 of NPR 7150.2. 

If the project or software lead engineer submits a deviation or waiver request against any of the NPR requirements, the following should be considered by the Engineering Technical Authority (ETA) when assessing the deviation or waiver request.
* *The Headquarters OCE's* NASA Software Inventory (''): Access to this inventory, which is controlled, needs to be coordinated through Center software representatives and/or the OCE. This document lists all software currently under development for the NPR 7150.2 Appendix E, classes A through E. The OCE is responsible for generating and maintaining this listing. The software inventory typically has information on the software in development, whether it is safety critical, what is the expected size in {term:KSLOC}s, whether it is using NASA IV&V Facility services, what is the SW classification, dates of Major Milestone reviews, the percentage of software that will be newly developed, and how much software quality assurance effort is dedicated to the project. These are just a few of the items that are useful background when considering approval/disapproval of a waiver.  The {color:#0000ff}software inventory{color} for classes F through H is generated and maintained by the Headquarters CIO:  Access to this inventory is controlled and may need to be coordinated through Center or Headquarters CIO representatives. In some instances, Centers maintain a more detailed local software inventory with additional information. In these cases it's recommended to get a copy of the local record for the project as well.
* *Classification of systems and subsystems:*  Appendix E of NPR 7150.2 gives definitions and examples of systems that typically have the listed software classification.  Relief from requirements for higher level software classes (A & B) or with safety critical aspects should be evaluated with increased rigor. Additional classifications like "human rated' systems and "payload classifications" also imply the degree to which a waiver/deviation would be acceptable. The TA should also check to ensure correct classification of the system, subsystem, and software as requirements can vary significantly across classifications.  Consideration should be given to the software classification associated with these systems or subsystems to assure the level of risk accepted by granting the waiver or deviation is consistent with the overall importance of the system under development.
* *Applicable Center directives:* A review of these directives in the context of the waiver/deviation request would reveal any that may support or be in conflict with the request. In many instances, Centers augment NASA wide procedural requirements with local direction and specific practices. The project's use of a local engineering practice may partially mitigate the risk inherent in a waived NASA-wide requirement.
* *Applicable OTS (See [SWE-027|SWE-027]) or contractor developed software*: Approval of a deviation or waiver for OTS software, while at times necessary, carries the risk of the OTS software impacting the proper functioning of the system.  Contractor developed software is primarily subject to the contract clauses and requirements levied on the contractor by the procurement activity.  Deviation and waiver evaluations must weigh the impacts to the contract against the benefits from the approved request.
* *NASA missions:* Consideration should be given to how waiving this requirement could impact this mission as well as subsequent missions. It is not uncommon for software to be reused on future missions, or to evolve to a more critical role on the current mission.  A relevant factor is that waivers and deviations are not granted on a permanent basis, so software developed under waivers and/ or deviations can negatively impact its reuse.
* *Potential impact to health, medical concerns or safety:*  These factors directly affect the risk consideration in evaluating a waiver/deviation request. When these factors are relevant, it is very likely that involvement of the Safety TA, and/or the Health & Medical TA will be necessary. It is not uncommon for a waiver/deviation request to come up through one TA chain, but not another. When this occurs it's the Engineering TA's responsibility to coordinate with their counterpart.

The ETA who is assessing the deviation or waiver request should also consider the interactions between the impacts determined above and those found by others considering the following areas:
* Impacts to health and safety (e.g., medical TA)
* Results of FMEAs
* Findings in Hazard reports
* Other risk evaluations (e.g., SMA TA)
* Overall considerations for mission success 

The ETA's considerations should include the interests of systems stakeholders, support organization functions, and other interested parties.

Information and results for deviation and waiver request activities are recorded and tracked in the project's configuration management system. Information on configuration management systems is available throughout the NASA literature. This documentation typically includes request procedures (see [SWE-113|SWE-113] ), configuration control techniques, general instructions for evaluating impacts, and guidelines for completing the necessary forms. Project development activities typically draw upon these resources to develop project specific documentation. The request packages are typically processed through management chains, through project control boards, and to higher administrative and management levels (e.g., the Headquarters OCE) when appropriate.

Additional guidance related to deviations and waivers related to contracts may be found in the following related Topic in this handbook: |[Topic 7.10] | Flowdown of NPR Requirements to contracts and multi-Center projects| |


h1. 4. Small Projects

The nature of the Guidance should be equally applicable to all projects.

h1. 5. Resources

# [NASA Systems Engineering Handbook|], NASA/SP-2007-6105 Rev 1,
# [NASA Systems Engineering Processes and Requirements|] w/Change 1, NPR 7123.1A, 2009
# [NASA Space Flight Program and Project Management Requirements|] , NPR 7120.5D, 2007
# [Boeing Software Configuration Management|], HOU-EGP-322, October 28, 2002.  This document discusses an approach for a software configuration control Board within a software configuration management system.
# [PASS Software Management Plan|], United Space Alliance, USAD02859, March 27, 2003. This document discusses configuration control activities within a software management plan for an actual project.
# [Software Configuration Management Technologies and Applications|], Software Technology Support Center, Hill AFB ( [|] ).The document is a good discussion of basic CM practices and indicates the importance for documenting new and revised requirements.
# "[NASA Engineering and Program/Project Management Policy|]", NPD 7120.4, 2010
# NASA Engineering Network's "[Requirements/Technical Authorities" webpage|]
# "[The NASA Organization|]", NPD 1000.3D, 2008
# "[Human-Rating Requirements for Space Systems|]", w. Change 1, NPR 8705.2B, 2008
# "[NASA Policy for Safety and Mission Success|]", NPD 8700.1E, 2008
# "[Health and Medical Requirements for Human Space Exploration|]", NPR 8900.1, 2008



h1. 6. Lessons Learned

[Columbia Accident Investigation Board|], Report Vol1, Aug 2003, Recommendation R7.5-1: "Establish an independent Technical Engineering Authority that is responsible for technical requirements and all waivers to them and will build a disciplined,systematic approach to indentifying, analyzing and controlling hazards throughout the life of the shuttle system"