184.108.40.206 Center Directors, or designees, shall comply with the requirements in this directive that are marked with an “X” in Appendix C.
Project relief from an applicable “X” requirement can be granted only by the designated Technical Authority called out in the column titled “Technical Authority” in Appendix C. The projects also document their related mitigations and risk acceptance in the approved compliance matrix. When the requirement and software class are marked with an “X,” the projects record the risk and rationale for any requirements that are completely relieved in the compliance matrix.
The requirements marked with an “X” in Appendix C are Agency requirements to implement NASA’s policy as delineated in NPD 7120.4. These requirements are “a designed set of requirements for protecting the Agency's investment in software engineering products and to fulfill its responsibility to the citizens of the United States. ... For engineers to effectively communicate and work seamlessly among Centers, a common framework of generic requirements is needed.”
Compliance with the requirements in NPR 7150.2 ensure these goals are fulfilled.
NPR 7150.2 establishes a baseline set of requirements to reduce software engineering risks on NASA projects and programs. Appendix C, Requirements Mapping Matrix, defines the default applicability of the requirements based on software classification and safety criticality. Each project has unique circumstances and tailoring can be employed to modify the requirements set appropriate for the software engineering effort. Each project documents the tailoring in a compliance matrix (see SWE-125), including Technical Authority approved waivers and deviations. The project also captures in the compliance matrix any associated risks, risk mitigations, and rationale for requirements for which the project has received complete relief by the appropriate Technical Authority.
Requests for software requirements relief (partial or complete relief) at either the Center or Headquarters Technical Authority level may be submitted by project managers in the streamlined form of a compliance matrix to the Technical Authority identified in Appendix C. Software requirements relief may also be granted through waivers and deviations as defined in SWE-145. As part of the relief process, project managers obtain the required signatures from the responsible organizations and designated Technical Authorities (engineering and safety and mission assurance [SMA]).
The Requirements Mapping Matrix in NPR 7150.2 uses an “X” to identify the requirements that are designated by the Agency to be applied for each software class. The identified requirements are required activities for the identified software classification and safety criticality. Within the compliance matrix in Appendix C, there are both project and institutional requirements. The project requirements are requirements levied on the project managers specific to handling the development of software projects. The institutional requirements focus on how NASA does business and are independent of any particular program or project. These requirements are levied on NASA Headquarters (including the Office of the Chief Engineer, Office of Safety Mission & Assurance, and Mission Directors) and Center organizations because they directly affect mission success, address risks, or may impact other NASA programs, projects, processes, or procedures.
Center Directors are responsible for institutional requirements (shown in Book B of this Handbook) and ensuring that projects fulfill project requirements identified in Appendix C of NPR 7150.2. The Center Director or designee regularly reviews the compliance matrix to make sure that projects remain in compliance with their approved requirements set.
Downloadable compliance matrices for each class of software are available for NASA users in the Document Repository within the Software Engineering Community of Practice on the NASA Engineering Network (NEN).
Additional guidance related to requirements compliance may be found in the following related requirements in this Handbook: