1. Introduction

The software assurance and software safety activities provide a level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its life cycle, that the software functions in an intended manner, and that the software does not function in an unintended manner. The software assurance process is the planned and systematic set of activities that ensure the conformance of software life cycle processes and products to requirements, standards, and procedures.  Software assurance assures that the software and its related products meet their specified requirements, conform to standards and regulations, are consistent, complete, correct, safe, secure, and reliable as warranted for the system and operating environment, and satisfy customer needs. The objectives of software assurance and software safety activities include the following:

1. Ensuring that the processes, procedures, and products used to produce and sustain the software conform to all specified requirements and standards that govern those processes, procedures, and products.
   • A set of activities that assess adherence to, and the adequacy of the software processes used to develop and modify software products.
   • A set of activities that define and assess the adequacy of software processes to provide evidence that establishes confidence that the software processes are appropriate for and produce software products of suitable quality for their intended purposes.
2. Determining the degree of software quality obtained by the software products.
3. Ensuring that the software systems are safe and that the software safety-critical requirements are followed.
4. Ensuring that the software systems are secure.

1.1 Related Activities

• SE-Initiation and Planning - Assurance activities are planned. They are dependent on a whole host of other project activities.  
• SE-Estimation - Estimates are made and tracked for assurance activities. Assurance must be measured and controlled. 
• SE-Schedules - Assurance Activities are scheduled and tracked to completion.  
• SE-Training - Assurance tam members are trained in Assurance methods, the use of Assurance tools, and related subjects. 
• SE-Scope Management - Requirements, defect management, change management, Non-conformance and Defect Management. 
• SE-Testing - including V&V
• SE-Operations, Maintenance and Retirement
• SE-Configuration Mgmt - including code repository, builds, and releases 
• Peer Reviews - including Assurance reviews
• Measurements - related to Assurance

1.2 Related NPR 7150.2 SWEs

• SWE-022 - Software Assurance

1.3 Related Topics and Process Assets

2. Independent V&V

2.1 Related NPR 7150.2 SWEs

• SWE-022 - Software Assurance
• SWE-141 - Software Independent Verification
                     and Validation

2.2 Related Topics and Process Assets

3. IV&V Planning

3.1 Related NPR 7150.2 SWEs

• SWE-131 - Independent Verification and
                     Validation Project Execution Plan

3.2 Related Topics and Process Assets

4. IV&V Artifacts

4,1 Related NPR 7150.2 SWEs

• SWE-178 - IV&V Artifacts

4.2 Related Topics and Process Assets

5. IV&V Issues and Risks

5.1 Related NPR 7150.2 SWEs

• SWE-179 - IV&V Submitted Issues and Risks

5.2 Related Topics and Process Assets

6.

7.

8.

9.

10.