...

...

...

1. Introduction

NASA has two significant independent classification schemas for software: (1) a software engineering classification as described in NPR 7150.2, NASA Software Engineering Requirements, Appendix D, and (2) a software safety definition as described in NASA-STD-8739.8, Software Assurance Standard, Appendix A. SWE-020 describes the relationship between these classifications. For a given system or subsystem, the software is expected to be uniquely defined within a single classification pair (software engineering classification X software safety definition). Knowing this pair determines the minimal set of software requirements from NPR 7150.2 needing to be addressed (via Appendix C of NPR 7150.2) by the project's software team.

The tools found here are aides to those responsible for determining both the software classification and the software safety criticality.

1.1 Safety Criticality

Defining software safety criticality involves the determination of whether the software is performing a safety-critical function, including verification of safety-critical software, hardware, or operations component, subsystem, or system.

NASA recommends that projects used the updated guidance for determining safety-critical software, as defined in NASA-STD-8739.8.

Safety-Critical Software Determination

Software is classified as safety-critical if the software is determined by and traceable to a hazard analysis. Software is classified as safety-critical if it meets at least one of the following criteria:

1. Causes or contributes to a system hazardous condition/event,
2. Controls functions identified in a system hazard,
3. Provides mitigation for a system hazardous condition/event,
4. Mitigates damage if a hazardous condition/event occurs,
5. Detects, reports, and takes corrective action if the system reaches a potentially hazardous state.

Note: See Appendix A for guidelines associated with addressing software in hazard definitions. See Table 1, 3.7.1, SWE-205 for more details. Consideration for other independent means of protection (software, hardware, barriers, or administrative) should be a part of the system hazard definition process.

All Safety-critical software has to be classified as Class D or higher.

1.2 Classification Diagrams and Descriptions

Software classification is the determination of NPR 7150.2 requirement applicability for a specific system or sub-system. As stated in NPR 7150.2: "These definitions are based on 1) usage of the software with or within a NASA system, 2) criticality of the system to NASA's major programs and projects, 3) extent to which humans depend upon the system, 4) developmental and operational complexity, and 5) the extent of the Agency's investment."

For a given system or subsystem, the software is expected to be uniquely defined within a single class. If more than one software class appears to apply, then assign the higher classes to the system/subsystem. Any potential discrepancies in classifying software within Classes A through E are to be resolved using the definitions and the five underlying factors listed in the previous paragraph. Engineering and Safety and Mission Assurance provide dual Technical Authority chains for resolving classification issues. The NASA Chief Engineer is the ultimate Technical Authority for software classification disputes concerning definitions in this NPR.

As stated in Appendix D of NPR 7150.2: "Any potential discrepancies in classifying software within Classes A - E are to be resolved using the definitions and the five underlying factors listed in the previous paragraph. Engineering and Safety and Mission Assurance provide dual Technical Authority chains for resolving classification issues, and the NASA Headquarters' Chief Engineer is the ultimate Technical Authority for software classification disputes..."

...

2. Classification Descriptions

...

...

Human Space Flight Software Systems*:

Ground and flight software systems developed and/or operated by or for NASA that are needed to perform a primary mission objective of human space flight and directly interact with human space flight systems. Limited to software required to perform "vehicle, crew, or primary mission function," as defined by software that is:

1. Required to operate the vehicle or space asset (e.g., spacesuit, rover, or outpost), including commanding of the vehicle or asset,
2. Required to sustain a safe, habitable 1 environment for the crew,
3. Required to achieve the primary mission objectives,
4. Required to directly prepare resources (e.g., data, fuel, power) that are consumed by the above functions.

* - Includes software involving launch, on orbit, in space, surface operations, entry, descent, and landing.

1 - Current standards that address habitability and environmental health, including atmospheric composition and pressure, air and water quality and monitoring, acceleration, acoustics, vibration, radiation, thermal environment, combined environmental effects, and human factors, are documented in NASA-STD-3000, Volumes 2 – NASA Space Flight Human System Standard: Human Factors, Habitability, and Environmental Health 

...

Examples of Class A software (human-rated space flight) include but are not limited to the mission phases listed below: 

...

Surface Operations: planet/lunar surface EVA and communication and tracking.

Exclusions

Class A does not include:

1. The software which happens to fly in space but is superfluous to mission objectives (e.g., software contained in an iPod carried on board by an astronaut for personal use);
    
2. Software that exclusively supports aeronautics, research and technology, and science conducted without spaceflight applications; or
3. Systems (e.g., simulators, emulators, stimulators, facilities) used to test Class A systems containing software in a development environment.

...

1. Space Systems involve flight and ground software that must perform reliably to accomplish primary mission objectives or major function(s) in non-human space-rated systems. Included is software involving launch, on orbit, in space, surface operations, entry, descent, and landing. These systems are limited to software that is:

(a) Required to operate the vehicle or space asset (e.g., orbiter, lander, probe, flyby spacecraft, rover, launch vehicle, or primary instrument) such as commanding of the vehicle or asset,

(b) Required to achieve the primary mission objectives, or

(c) Required to directly prepare resources (data, fuel, power, etc.) that are consumed by the above functions.

2. Airborne Vehicles include large-scale¹ aeronautic vehicles unique to NASA in which the software:

(a) Is integral to the control of an airborne vehicle, 

(b) Monitors and controls the cabin environment, or 

(c ) Monitors and controls the vehicle's emergency systems. 

This definition includes software for vehicles classified as "test," "experimental," or "demonstration" that meets the above definition for Class B software. Also included are systems in a test or demonstration where the software's known and scheduled intended use is to be part of a Class A or B software system.

¹ - Large-scale (life-cycle cost exceeding $250M) fully integrated technology development system — see NPR 7120.8, section 

...

Examples of Class B software include, but are not limited to:

...

Propulsion systems; power systems; guidance navigation and control; fault protection; thermal systems; command and control ground systems; planetary/lunar surface operations; hazard prevention; primary instruments; science sequencing engine; simulations that create operational EDL parameters; subsystems that could cause the loss of science return from multiple instruments; flight dynamics and related data; launch and flight controller stations for non-human spaceflight.

2. Aeronautics Vehicles (Large Scale NASA Unique):

Guidance, navigation, and control; flight management systems; autopilot; propulsion systems; power systems; emergency systems (e.g., fire suppression systems, emergency egress systems, emergency oxygen supply systems, traffic/ground collision avoidance system); and cabin pressure and temperature control.

Exclusions

Class B does not include:

1. Software that exclusively supports non-primary instruments on non-human space-rated systems (e.g., low-cost non-primary university-supplied instruments), or
2.  Systems (e.g., simulators emulators, stimulators, facilities) used in testing Class B systems containing software in a development environment.

...

1. Space Systems include the following types of software:

(a) Flight or ground software necessary for the science return from a single (non-primary) instrument, 

(b) Flight or ground software that is used to analyze or process mission data, 

(c) Other software for which a defect could adversely impact the attainment of some secondary mission objectives or cause operational problems,

(d) Software used for the testing of space assets, 

(e) Software used to verify system requirements of space assets by analysis, or 

(f) Software for space flight operations that are not covered by Class A or B software. 

2. Airborne Vehicles include systems for non-large scale aeronautic vehicles in which the software:

(a) Is integral to the control of an airborne vehicle,

(b) Monitors and controls the cabin environment, or 

(c) Monitors and controls the vehicle's emergency system. 

...

Examples of Class C software include, but are not limited to:

...

Major Center facilities; data acquisition and control systems for wind tunnels, vacuum chambers, and rocket engine test stands; ground-based software used to operate a major facility telescope; and major aeronautic applications facilities (e.g., air traffic management systems; high fidelity motion-based simulators).

Exclusions

Systems unique to a research, development, test, or evaluation activity in a major engineering/research facility or airborne vehicle in which the system is not part of the facility or vehicle and does not impact the operation of the facility or vehicle.

...

3. Classification Examples

The following chart lists projects by software classification as examples of how software has been classified for Class A-E software. The project can use these examples to help inform its classification activities.

...

Projects

...

Software Classification

...

Flight Software on the Commercial Crew Programs

...

A

...

Free Flyer Project

...

A

...

Ground Systems Development and Operations (GSDO) Program - End-to-End Command and Control

...

A

...

International Space Station (ISS) Avionics & Software Critical Flight Software

...

A

...

Multi-Purpose Crew Vehicle (EFT-1) Flight Software

...

A

...

Multi-Purpose Crew Vehicle (EM-1) Flight Software

...

A

...

Multi-Purpose Crew Vehicle (EM-2) Flight Software

...

A

...

Orion Flight Software

...

A

...

Space Launch System Flight Software

...

A

...

Space Shuttle Flight Software

...

A

...

Chandra Space Telescope Flight Software

...

B

...

CloudSat and the Cloud-Aerosol Lidar and Infrared Pathfinder Satellite Observation (CALIPSO) Flight Software

...

B

...

Cyclone Global Navigation Satellite System (CYGNSS) Flight Software

...

B

...

Flight Software on Various Small Satellite Missions (e.g., EDSN, BioSentinel, EuCROPIS)

...

B

...

Geostationary Operational Environmental Satellites (GOES-R) Flight Software

...

B

...

Gravity Recovery and Climate Experiment (GRACE) Flight Software

...

B

...

Ice, Cloud, and land Elevation Satellite (ICESat II) Flight Software

...

B

...

InSight (Interior Exploration using Seismic Investigations, Geodesy, and Heat Transport) Flight Software

...

B

...

Ionospheric Connection (ICON) Explorer Flight Software

...

B

...

James Webb Space Telescope (JWST) Flight Software

...

B

...

Joint Polar Satellite System (JPSS) Flight Software

...

B

...

Joint Polar Satellite System (JPSS (Ground))

...

B

...

Kepler: Flight Software

...

B

...

Kepler: Science Pipeline Software

...

B

...

Laser Communication Rely Demo

...

B

...

Magnetospheric Multiscale (MMS)

...

B

...

Mars Surface Mission/Mars 2020

...

B

...

Origins, Spectral Interpretation, Resource Identification, Security, Regolith Explorer (OSIRIS-REx)

...

B

...

Solar Probe Plus (SPP)

...

B

...

Space Network Ground Segment Sustainment (SGSS)

...

B

...

Stratospheric Aerosol and Gas Experiment (SAGE III) Flight Software, Experiment on ISS

...

B

...

Transiting Exoplanet Survey Satellite (TESS)

...

B

...

Tropospheric Emissions: Monitoring of Pollution (TEMPO) Flight Software

...

B

...

14x22-Foot Subsonic Wind Tunnel

...

C

...

20-Foot Vertical Spin Tunnel Rotary Balance Control System, Fan Control System

...

C

...

8-foot High-Temperature Tunnel

...

C

...

Advanced Microgravity Combustion Experiment (ACME)

...

C

...

Airborne Collision Avoidance System For Unmanned Aircraft (ACAS Xu)

...

C

...

AirSTAR (Flight Software)

...

C

...

Archive Next Generation software (ANGe)

...

C

...

Astrobee Flight and Ground Software

...

C

...

B1221 Research Complex

...

C

...

B1230 Data Acquisition Systems Laboratory

...

C

...

Clouds and the Earth's Radiant Energy System (CERES FM5 on NPP)

...

C

...

Clouds and the Earth's Radiant Energy System (CERES FM6 FVTS Simulator)

...

C

...

Clouds and the Earth's Radiant Energy System (CERES FM6 on NPOESS)

...

C

...

CloudSat and the Cloud-Aerosol Lidar and Infrared Pathfinder Satellite Observation (CALIPSO) Science Level 1, 2, and 3 Code

...

C

...

Cockpit Motion Facility

...

C

...

Combined Loads Test System

...

C

...

Compressor Station Automation Project

...

C

...

Flow Boiling Condensation Experiment (FBCE)

...

C

...

General Aviation Main (GAMain)

...

C

...

Lang+B56:B80ley Standard Real-Time Simulation and Core Vehicle Models (LaSRS Core)

...

C

...

Langley Data Center Atmospheric Flight and Entry Systems Cluster

...

C

...

LaRC Transonic Dynamics Tunnel ABDAS Upgrade

...

C

...

LaRC Transonic Dynamics Tunnel FAS Upgrade

...

C

...

NASA Data Acquisitions System (Ndas)

...

C

...

National Transonic Facility

...

C

...

Radiation Budget Instrument (RBI)

...

C

...

Radiation Dosimetry Experiment (RAD-X)

...

C

...

Radio Frequency Mass Gauge (RF Mass Gauge)

...

C

...

SOFIA Science Pipeline

...

C

...

Space Communications and Navigation (SCaN) Testbed

...

C

...

Space Launch System System Integration Lab (SIL) Ground Software

...

C

...

Spacecraft Fire Safety (Saffire)

...

C

...

Spacecraft Fire Safety Demonstration

...

C

...

Steam Distribution System (Steam Plant)

...

C

...

Stratospheric Aerosol and Gas Experiment (SAGE III) Ground Software, Experiment on ISS

...

C

...

Stratton Road Substation

...

C

...

Structures Laboratory

...

C

...

System Power Analysis for Capability Evaluation

...

C

...

Transiting Exoplanet Survey Satellite (TESS) Science Processing Operations Center (SPOC) Software

...

C

...

Transonic Dynamics Tunnel (TDT) Facility Automation System Upgrade

...

C

...

Vacuum Facility #5 (VF-5) Control Software

...

C

...

Various Health and Human Countermeasures Projects

...

C

...

Advanced Stirling Radio-Isotope Generator

...

D

...

Airspace and Traffic Operations Simulations (ATOS)

...

D

...

AirSTAR (Phase V Ground Facility Software)

...

D

...

COBRA Data Acquisition System

...

D

...

Deterministic and Statistical Link Budget Simulator (DSLB)

...

D

...

Flutter and Strength optimization Program for Lifting-Surface (FASTOP)

...

D

...

Glenn Extreme Environment Rig Control System

...

D

...

Multiple Axis Space Test Inertia Facility (MASTIF)

...

D

...

Optimal Trajectories by Implicit Simulation (OTIS)

...

D

...

Suite of computational
fluid dynamics simulation and design tools (FUN3D)

...

D

...

Various Facility Data Acquisition Systems

...

D

...

Various Facility Industrial Control System Software

...

D

...

Various Models and Simulation Software

...

D

...

Various Research Software Projects

...

D

...

Various SCAN Program Tools

...

D

...

Global Integrated Design Environment (GLIDE)

...

E

...

Unmanned Aircraft Systems Integration in the National Airspace System project, or UAS in the NAS, ADS-B

...

E

...

Various Research Software Projects

...

E

...

 4. Classification Tool Flowcharts

The following diagrams describe the operation of the classification tool. If you follow the chart below or print off the diagrams, you can use the mechanics of the tool offline. To download a PDF of these diagrams, which are appropriate for printing, click the appropriate "Download Printable Diagram" link below.

...

 Image Removed

...

Image Removed

...

 Image Removed

...

 Image Removed

...

 Image Removed

...

 Image Removed

...

 Image Removed

...

...

5. Resources