View this section on the website
See edit history of this section
Post feedback on this section
1. Requirements
6.3.3 The Engineering Technical Authority(s) for this NPR shall consider the following information when assessing waivers and deviations from requirements in this NPR:
a. The NASA software inventory data on the project.
b. The classification of systems and subsystems containing software, as defined in Appendix E.
c. Applicable Center-level software directives that meet the intent of this NPR.
d. Applicable contractor and subcontractor software policies and procedures that meet the intent of this NPR.
e. Potential impacts to NASA missions.
f. Potential impacts to health, medical concerns, or safety.
1.1 Notes">1.1 Notes
NPR 7150.2, NASA Software Engineering Requirements, does not include any notes for this requirement.
1.2 Applicability Across Classes
This requirement applies to all classes and safety criticalities.
Class |
A_SC |
A_NSC |
B_SC |
B_NSC |
C_SC |
C_NSC |
D_SC |
D_NSC |
E_SC |
E_NSC |
F |
G |
H |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Applicable? |
|
|
|
|
|
|
|
|
|
|
|
|
|
Key: A_SC = Class A Software, Safety-Critical | A_NSC = Class A Software, Not Safety-Critical | ... | 
- Applicable | 
- Not Applicable
X - Applicable with details, read above for more | P(C) - P(Center), follow center requirements or procedures
2. Rationale
NPR 7150.2 contains the basic set of requirements for software developed by or for the agency. Any request for a
<ac:macro ac:name="unmigrated-wiki-markup">
<ac:plain-text-body><![CDATA[
]]></ac:plain-text-body>
</ac:macro>
<ac:macro ac:name="unmigrated-wiki-markup">
<ac:plain-text-body><![CDATA[
]]></ac:plain-text-body>
</ac:macro>
3. Guidance
General directions for preparing
<ac:macro ac:name="unmigrated-wiki-markup">
<ac:plain-text-body><![CDATA[
]]></ac:plain-text-body>
</ac:macro>
<ac:macro ac:name="unmigrated-wiki-markup">
<ac:plain-text-body><![CDATA[
]]></ac:plain-text-body>
</ac:macro>
If the project or software lead engineer submits a deviation or waiver request against any of the NPR requirements, the following items are among those considered by the ETA when assessing the deviation or waiver request.
- The Headquarters' OCE's NASA Software Inventory 330: Access to this inventory, which is controlled, needs to be coordinated through Center software representatives and/or the
<ac:macro ac:name="unmigrated-wiki-markup">
OCE
<ac:plain-text-body><![CDATA[]]></ac:plain-text-body>
. This document lists all software currently under development for the NPR 7150.2, Appendix E, classes A through E. The OCE is responsible for generating and maintaining this listing. The software inventory typically has information on the software in development, whether it is safety critical, what is the expected size in
</ac:macro><ac:macro ac:name="unmigrated-wiki-markup">
KSLOC
<ac:plain-text-body><![CDATA[]]></ac:plain-text-body>
s, whether it is using NASA Independent Verification and Validation (IV&V) Facility services, the software classification, dates of major milestone reviews, the percentage of software that will be newly developed, and how much software quality assurance effort is dedicated to the project. These are just a few of the items that are useful as background when considering approval/disapproval of a waiver. The software inventory for classes F through H is generated and maintained by the Headquarters Chief Information Officer (CIO); access to this inventory is controlled and may need to be coordinated through Center or Headquarters'
</ac:macro><ac:macro ac:name="unmigrated-wiki-markup">
CIO
<ac:plain-text-body><![CDATA[]]></ac:plain-text-body>
representatives. In some instances, Centers maintain a more detailed local software inventory with additional information. In these cases, it is recommended to get a copy of the local record for the project as well.
</ac:macro> - Classification of systems and subsystems: Appendix E of NPR 7150.2 gives definitions and examples of systems that typically have the listed software classification. Relief from requirements for higher level software classes (A and B) or with safety critical aspects are evaluated with increased rigor. Additional classifications, such as human-rated systems and payload classifications, also imply the degree to which a waiver/deviation would be acceptable. The TA also checks to ensure correct classification of the system, subsystem, and software, as requirements can vary significantly across classifications. Consideration is given to the software classification associated with these systems or subsystems to assure the level of risk accepted by granting the waiver or deviation is consistent with the overall importance of the system under development.
- Applicable Center directives: A review of these directives in the context of the waiver/deviation request would reveal any that may support or be in conflict with the request. In many instances, Centers augment NASA-wide procedural requirements with local direction and specific practices. The project's use of a local engineering practice may partially mitigate the risk inherent in a waived NASA-wide requirement.
- Applicable
<ac:macro ac:name="unmigrated-wiki-markup">
OTS
<ac:plain-text-body><![CDATA[]]></ac:plain-text-body>
(see [SWE-027]) or contractor-developed software: Approval of a deviation or waiver for OTS software, while at times necessary, carries the risk of the OTS software impacting the proper functioning of the system. Contractor-developed software is primarily subject to the contract clauses and requirements levied on the contractor by the procurement activity. Deviation and waiver evaluations must weigh the impacts to the contract against the benefits from the approved request.
</ac:macro> - NASA missions: Consideration is given to how waiving this requirement could impact this mission as well as subsequent missions. It is not uncommon for software to be reused on future missions or to evolve to a more critical role on the current mission. A relevant factor is that waivers and deviations are not granted on a permanent basis, because software developed under waivers and/or deviations can negatively impact its reuse.
- Potential impact to health, medical concerns, or safety: These factors directly affect the risk consideration in evaluating a waiver/deviation request. When these factors are relevant, it is very likely that involvement of the Safety TA and/or the Health and Medical TA will be necessary. It is not uncommon for a waiver/deviation request to come up through one TA chain but not another. When this occurs, it is the ETA's responsibility to coordinate with counterparts.
The ETA who is assessing the deviation or waiver request also considers the interactions between the impacts determined above and those found by others considering the following areas:
- Impacts to health and safety, e.g., medical TA.
- Results of
<ac:macro ac:name="unmigrated-wiki-markup">
FMEA
<ac:plain-text-body><![CDATA[]]></ac:plain-text-body>
s
</ac:macro> - Findings in Hazard Reports.
- Other risk evaluations, e.g.,
<ac:macro ac:name="unmigrated-wiki-markup">
SMA
<ac:plain-text-body><![CDATA[]]></ac:plain-text-body>
</ac:macro><ac:macro ac:name="unmigrated-wiki-markup">
TA
<ac:plain-text-body><![CDATA[]]></ac:plain-text-body>
)
</ac:macro> - Overall considerations for mission success.
The
<ac:macro ac:name="unmigrated-wiki-markup">
<ac:plain-text-body><![CDATA[
]]></ac:plain-text-body>
</ac:macro>
Information and results for deviation and waiver request activities are recorded and tracked in the project's configuration management system. Information on configuration management systems is available throughout the NASA literature. This documentation typically includes request procedures (see [SWE-113]), configuration control techniques, general instructions for evaluating impacts, and guidelines for completing the necessary forms. Project development activities typically draw upon these resources to develop project-specific documentation. The request packages are typically processed through management chains, through project control boards, and to higher administrative and management levels, e.g., the Headquarters' OCE, when appropriate.
Additional guidance on deviations and waivers related to contracts may be found in the following related topic in this Handbook: Topic 7.4 - Flow Down of NPR Requirements to Contracts and to Other Centers in Multi-Center Projects.
4. Small Projects
This requirement applies to all projects regardless of size.
5. Resources
(SWEREF-023)
NPR 8900.1B, NASA Office of the Chief Health & Medical Officer, 2008., Effective Date: December 16, 2016, Expiration Date: December 16, 2021(SWEREF-024)
NPR 8705.2C, NASA Office of Safety and Mission Assurance, 2008., Effective Date: July 10, 2017, Expiration Date: July 10, 2022(SWEREF-036)
NPD 8700.1E, NASA Office of Safety and Mission Assurance, 2008. Effective Date: October 28, 2008, Expiration Date: April 28, 2020(SWEREF-037)
NPR 1441.1E, NASA Office of the Chief Information Officer, Effective Date: January 29, 2015, Expiration Date: January 29, 2024(SWEREF-066)
NPD 1000.3E, Associate Administrator, April 15, 2015, Expiration Date: April 15, 2026(SWEREF-082)
NPR 7120.5F, Office of the Chief Engineer, Effective Date: August 03, 2021, Expiration Date: August 03, 2026,(SWEREF-144)
Diaz, Al,NASA Goddard Space Flight Center (Jan, 2004). CAIB Columbia Accident Investigation Board Report. (August 2003). Vol. 1. PB2005-100968(SWEREF-256)
NPR 1400.1H, NASA Office of Internal Controls and Management Systems, Effective Date: March 29, 2019, Expiration Date: March 29, 2024(SWEREF-257)
NPD 7120.4E, NASA Office of the Chief Engineer, Effective Date: June 26, 2017, Expiration Date: June 26, 2022(SWEREF-262)
NASA Headquarters NASA Office of the Chief Engineer engineering deviations and waivers website.(SWEREF-268)
NPD 1440.6I, 2008. Effective Date: September 10, 2014(SWEREF-273)
NASA SP-2016-6105 Rev2 supersedes SP-2007-6105 Rev 1 dated December, 2007(SWEREF-373)
NPR 2210.1C, Space Technology Mission Directorate, Effective Date: August 11, 2010, Expiration Date: January 11, 2022(SWEREF-403)
NPR 2810.1F, Office of the Chief Information Officer, Effective Date: January 03, 2022, Expiration Date: January 03, 2027,(SWEREF-406)
January, 2012. This is a list of the NASA Requirement Waivers. Instructions for submitting requirement waivers are outlined in Chapter 4 of NPR 1400.1, NASA Directives Procedural Requirements.
5.1 Tools
Tools to aid in compliance with this SWE, if any, may be found in the Tools Library in the NASA Engineering Network (NEN).
NASA users find this in the Tools Library in the Software Processes Across NASA (SPAN) site of the Software Engineering Community in NEN.
The list is informational only and does not represent an “approved tool list”, nor does it represent an endorsement of any particular tool. The purpose is to provide examples of tools being used across the Agency and to help projects and centers decide what tools to consider.
6. Lessons Learned
Columbia Accident Investigation Board, Report Vol 1, Aug 2003, Recommendation R7.5-1: "Establish an independent Technical Engineering Authority that is responsible for technical requirements and all waivers to them, and will build a disciplined, systematic approach to identifying, analyzing, and controlling hazards throughout the life of the Shuttle System." 144
