3.16.6 The project manager shall ensure that the space flight software systems are assessed for possible security vulnerabilities and weaknesses.
NPR 7150.2, NASA Software Engineering Requirements, does not include any notes for this requirement.
1.2 Applicability Across Classes
Space flight software systems are assessed for software and communication security vulnerabilities and weaknesses to ensure such issues are known and managed during the software development life cycle and to ensure the associated risk is also identified and managed.
The project manager is required to have and implement a Project Protection Plan for their system. The software development organization is responsible for implementing mitigations to address the identified software and communication security vulnerabilities and weaknesses for space flight software systems. It is expected that requirements for these mitigations are generated as security requirements and that those security requirements affecting software are included in the software requirements specification (see SRS). These security requirements are then flowed down and implemented in the design and code and tested by the software development team.
A select group of personnel from the Agency's Space Protection Working Group (SPWG) actually writes Project Protection Plans and Program Threat Summaries. Program Threat Summaries for NASA are based on similar standardized documents written for national security space systems.
Project managers are to assess their software systems against identified risks (see SWE-156) and agreed to viable security vulnerabilities and weaknesses to confirm that changes required to mitigate or eliminate identified security risks have been implemented in the completed products.
Project managers work with software assurance and other software security experts, including the Information System Security Officer (ISSO), to have software vulnerability assessments performed. Assessments, conducted by software security specialists, may require input from software developers. The results of these assessments may require updates to software requirements to be sure that identified vulnerabilities that can be mitigated in software are properly addressed. It is important for projects to not introduce vulnerabilities and weaknesses by coding for functionality and performance at the expense of security.
Security assessments are performed throughout the project life cycle rather than being performed at the end of the life cycle when it is costly to correct programming errors, bugs, and other identified vulnerabilities. “Continuous test and evaluation of security attributes of systems is an important part of testing as it allows software developers to identify and address vulnerabilities as part of the system architecture and design.”
Each project establishes assessment guidelines and frequency suitable to its development life cycle or follows any existing Center guidelines, tailored appropriately for the project.