bannera

Book A.
Introduction

Book B.
7150 Requirements Guidance

Book C.
Topics

Tools,
References, & Terms

SPAN
(NASA Only)

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Wiki Markup
{alias:SWE-020}
{tabsetup:1. The Requirement|2. Rationale|3. Guidance|4. Small Projects|5. Resources|6. Lessons Learned}

{div3:id=tabs-1}

h1. 1. Requirements

2.2.8.1 The project shall classify each system and subsystem containing software in accordance with the software classification definitions for Classes A, B, C, D, E, F, G, and H software in Appendix E.

h2. {color:#003366}{*}1.1 Notes{*}{color}

The applicability of requirements in this NPR to specific systems and subsystems containing software is determined through the use of the NASA-wide definitions for software classes in Appendix E and the designation of the software as safety-critical or non safety-critical in conjunction with the Requirements Mapping Matrix in Appendix D. These definitions are based on 1) usage of the software with or within a NASA system, 2) criticality of the system to NASA's major programs and projects, 3) extent to which humans depend upon the system, 4) developmental and operational complexity, and 5) extent of the Agency's investment. The NPR allows software written to support development activities (e.g., verification software, simulations) to be classified separately from the system under development; however, such support software is usually developed in conjunction with the system and not as a separate project. Projects may decide to reuse processes and work products established for the development of the system to satisfy the NPR 7150.2 requirements for the support software. The software assurance organization will perform an independent classification assessment and the results will be compared as per NASA-STD-8739.8, Software Assurance Standard. Software management and software assurance must reach agreement on classification of systems and subsystems. Disagreements are elevated via both the Engineering Technical Authority and Safety and Mission Assurance Technical Authority chains. The classification decision is documented in the Software Development or Management Plan as defined in Chapter 5.

h2. 1.2 Applicability Across Classes

Appendix D of NPR 7150.2 does not include any notes for this requirement.

{applicable:asc=1|ansc=1|bsc=1|bnsc=1|csc=1|cnsc=1|dsc=1|dnsc=1|esc=1|ensc=1|f=1|g=1|h=1}
{div3}
{div3:id=tabs-2}

h1. 2. Rationale

The definitions of the different classes of software which are defined in NPR 7150.2 Appendix E, along with the Requirements Mapping Matrix in NPR 7150.2 Appendix D, provide a built-in method of tailoring software requirements.  Classifying software essentially provides pre-tailoring of software engineering requirements, software safety requirements, software assurance requirements and other software requirements for different types and levels of software.  While every requirement may be applicable to the highest classification (Class A), not every requirement will be applicable to lower level classifications.
{div3}
{div3:id=tabs-3}

h1. 3. Guidance

Complete classifying software as soon as it has been determined that a project includes software.  Both the project and software assurance independently classify software and, as stated in the NPR 7150.2 note for this requirement, "Software management and software assurance must reach agreement on classification of systems and subsystems. Disagreements are elevated via both the Engineering Technical Authority and Safety and Mission Assurance Technical Authority chains. The classification decision is documented in the Software Development or Management Plan ..."

When classifying software be sure to consider:
* All software for the system or subsystem (classification may need to be assessed separately{^}2^)
* How the software is intended to be used
* Relevance to major programs and projects
* Interaction with humans
* Safety criticality (see "Safety-Critical Software Determination" in the [NASA Software Safety Standard|https://standards.nasa.gov/documents/detail/3314914])
* Complexity (developmental and operational complexity is woven into the class definitions)
* Investment

A no-cost classification [tool|http://knox.optimle.com/softwareclasses] is available to help organizations classify software.  Section 7.2 - [Classification Tool and Safety Critical Assessment Tool|https://nasa7150.onconfluence.com/display/7150/7.2+-+Classification+Tool+and+Safety+Critical+Assessment+Tool] of this handbook contains an introduction to the tool and its current Web address. This tool is just a first step in classifying software, but can be useful when starting the process because the results from the tool and the supporting rationale can be printed and included in classification documentation.  Final classification of software occurs through project agreement with the independent check performed by the Software Assurance organization (see [SWE-132|SWE-132]).  In the event of a conflict, the designated Software Engineering Technical Authority facilitates a resolution between the project and the Center Safety and Mission Assurance Organization, if possible. Note that software is not to be mis-classified to reduce requirements on small or higher risk missions. In these instances, a waiver request for reduced requirements submitted to the Engineering Technical Authority is the recommended course of action.

As a project progresses the software classification is revisited since design and usage decisions may be made which alter the original classification. For example, a research project may be so successful during development and testing that a decision is made to take the system out of the research laboratory and directly to the field for use in a real-world environment.  This decision alters the software classification and, therefore, the engineering, safety, and assurance requirements associated with it.

{panel}When questions arise regarding engineering software classification, consult the Engineering Technical Authority (TA). {panel}

{note}Consult Center Process Asset Libraries (PALs) for Center-specific guidance and resources related to classifying software. {note}

Additional guidance related to classifying software may be found in the following related requirement in this handbook:
| *[SWE-021|SWE-021]* | Transition to a Higher Class |
| *[SWE-132|SWE-132]* | Independent Software Classification Assessment |
| *[SWE-133|SWE-133]* | Software Safety Determination |

\\
{div3}
{div3:id=tabs-4}

h1. 4. Small Projects

There is currently no guidance for this requirement specific to small projects.
{div3}
{div3:id=tabs-5}

h1. 5. Resources

# NASA Technical Standard, "[NASA Software Safety Standard|https://standards.nasa.gov/documents/detail/3314914]", NASA-STD-8719.13B, 2004.
# NASA Technical Standard, "[NASA Software Assurance Standard|https://standards.nasa.gov/documents/detail/3315130]", NASA-STD-8739.8, 2004.
# Software Engineering Process Group, Glenn Research Center, "[Software Project Planning|http://software.grc.nasa.gov/processes/GRC%E2%80%93SW%E2%80%937150.3-Software%20Project%20Planning.pdf]", GRC-SW-7150.3, Revision C, 2011.
\\

{toolstable}
{div3}
{div3:id=tabs-6}

h2. 6. Lessons Learned

There are currently no Lessons Learned identified for this requirement.
{div3}
{tabclose}