3

Context:

Developing complex software for NASA missions requires a highly skilled workforce that is proficient in software engineering, software assurance, and mission-specific needs such as safety-critical systems, real-time processing, or AI-based algorithms. Programs must have the right mix of quantity (workforce size) and quality (skillsets) of personnel to meet software development, testing, and verification demands.

An insufficient software workforce or a lack of appropriate software skillsets creates bottlenecks in software engineering workflows, threatens program timelines, and results in underperforming or non-compliant software. This is particularly critical for safety-critical systems or systems classified under NPR 7150.2's highest software classifications (A/B), where expertise is vital for both development and assurance.

Key Risks of Insufficient Software Workforce or Skillsets

1. Delays in Software Development Schedules

  • Issue: With insufficient team size or expertise, development tasks take longer to complete, delaying milestones such as Preliminary Design Review (PDR), Critical Design Review (CDR), and system integration/testing.
  • Risk to Program:
    • Missed deadlines disrupt downstream program dependencies, including hardware integration and mission readiness.
    • Increased schedule compression for testing phases, elevating the risk of undetected defects.

2. Inadequate Quality of Developed Software

  • Issue: Lack of experience in key software areas (e.g., safety-critical design, fault tolerance, or optimization) leads to errors during coding, design, or integration.
  • Risk to Program:
    • Compromised software quality increases the likelihood of system failures during operation.
    • Inability to meet NASA-STD-8739.8 and NPR 7150.2 standards, necessitating significant rework.

3. Limited Expertise in Specialized Technologies

  • Issue: Rapid advancements in software technologies (e.g., machine learning, cybersecurity, Edge computing, space-rated software systems) require domain experts. Insufficient skillsets result in ineffective or suboptimal implementations.
  • Risk to Program:
    • Software innovations critical to mission success are improperly implemented or overlooked.
    • Cybersecurity vulnerabilities emerge due to inadequate knowledge of secure coding practices.

4. Increased Defects Due to Lack of Software Assurance Expertise

  • Issue: An underprepared team, particularly in software assurance (SA) and independent verification & validation (IV&V) activities, fails to identify and mitigate risks and errors during lifecycle phases.
  • Risk to Program:
    • Safety-critical defects remain undetected and propagate into operational software.
    • Failed audits and milestone reviews at key assurance checkpoints.

5. Overworked Software Teams

  • Issue: Small or overly burdened teams must stretch their capacity to meet workload demands, leading to burnout, inefficiency, and errors.
  • Risk to Program:
    • Reduced productivity increases the risk of missed milestones and incomplete deliverables.
    • Critical personnel attrition causes knowledge and continuity gaps, adding further delays.

6. Insufficient Oversight and Leadership

  • Issue: Lack of experienced senior software engineers and leads results in poor project oversight, weak mentoring of junior team members, and ineffective decision-making.
  • Risk to Program:
    • Substandard designs or implementations due to bad decisions may require rework, increasing costs and schedules.
    • Junior software engineers, lacking guidance, fail to grow into critical leadership roles, causing long-term workforce gaps.

7. Inability to Scale Projects

  • Issue: Space missions can demand significant workforce scaling due to program expansions, added requirements, or late-stage integration issues. Smaller or inexperienced teams lack the capacity to respond effectively to such scaling needs.
  • Risk to Program:
    • Teams struggle to adapt to schedule or scope changes, creating cascading delays across subsystems.
    • Critical testing or validation efforts face resource shortages, affecting mission readiness.

8. Missed Compliance with Program Standards

  • Issue: Team members lacking training or expertise in NASA software standards may deliver non-compliant work, necessitating costly reviews and modifications.
  • Risk to Program:
    • Delayed certifications lead to audit failures in critical phases such as Operations Readiness Reviews (ORR).
    • Contract penalties, reputational damage, or stakeholder mistrust affect long-term engagements.

9. Failure to Identify Emerging Risks

  • Issue: Teams with inadequate technical expertise fail to identify critical risks (e.g., software/hardware integration issues, extreme environmental impacts, or unforeseen use cases).
  • Risk to Program:
    • Operational risks multiply as defects go unaddressed until late lifecycle stages.
    • Systems underperform in unanticipated scenarios, risking mission failure.

10. Loss of Knowledge Continuity

  • Issue: Insufficient workforce depth causes mission-critical knowledge—often concentrated in a few experienced personnel—to be lost if key personnel leave mid-program.
  • Risk to Program:
    • New hires face a steep learning curve, further delaying deliverables.
    • Knowledge gaps affect long-term maintenance strategies for deployed systems.

Root Causes of Workforce or Skillset Shortfalls

  1. Underestimation of Workforce Needs:
    • Project planning fails to accurately assess workforce size or required expertise.
  2. Competition for Skilled Personnel:
    • Programs lose high-caliber candidates due to aggressive demand across the aerospace industry and private sector.
  3. Budgetary Constraints:
    • Programs avoid hiring additional personnel due to cost pressures, relying instead on undersized teams.
  4. Highly-Specialized Software Requirements:
    • Skills such as safety-critical real-time development, flight software engineering, or AI-based subsystems are rare, leading to significant hiring delays.
  5. Lack of Cross-Training:
    • Teams lack broad expertise because specialized knowledge isn't actively shared or documented.
  6. Rigid Talent Pipeline:
    • Limited recruitment from diverse or emerging talent pools means new generations of software engineers are unavailable or insufficiently trained.



3. Resources

3.1 References


For references to be used in the Risk pages they must be coded as "Topic R999" in the SWEREF page. See SWEREF-083 for an example. 

Enter the necessary modifications to be made in the table below:

SWEREFs to be addedSWEREFS to be deleted


SWEREFs called out in text: 083, 

SWEREFs NOT called out in text but listed as germane: