3. GuidanceSoftware design is created based on the software requirements. Some assurance is needed to show that the design fulfills the software requirements and that no requirements are lost or left out of the design. One method of providing this "check and balance" is to create a traceability matrix between the software requirements and the resulting design. Traceability links between individual requirements and other system elements, including, but not limited to design, are helpful tools when evaluating the impact of changing or deleting a requirement. When a requirement is changed, traceability can help identify the affected products, including design, documentation, source code, tests, etc. (NASA-GB-8719.13, NASA Software Safety Guidebook  ) Bidirectional traceability is defined as an “association among two or more logical entities that is discernable in either direction (to and from an entity)” (ISO/IEC 24765:2009 Systems and software engineering vocabulary  ). |
Traceability is important because it can point out software design elements that are not fulfilled in the code (i.e., missing or incomplete functionality) as well as source code that does not have a parent design element (i.e., extra functionality). Ideally, the trace does not identify any design elements that have no source requirement, but if such "orphan" design elements are discovered in the trace, they need to be discussed by the project team and assurance personnel to determine if the "orphan" elements are necessary. If they are determined to be necessary, any missing source requirements are added to the project. Bidirectional traceability is a traceability chain that can be traced in both the forward and backward directions. Figure 1 illustrates how software design is traced between software products. 
Before starting the traceability activity, it is assumed that the documents being traced (e.g., requirements, design, code, test data, etc.) have been approved. Using a matrix such as the one shown below (  ) allows a single exercise to show traceability both forwards and backwards. The matrix is completed left to right early in the appropriate phase in the project life cycle. As each column is completed, the forward trace is extended to the next set of products. Simply starting with a column such as the UTS Case # and looking at the data in the columns to the left shows the backward traceability from a test case to its parent test specification all the way back to the parent requirement. 
While traceability matrices are not the only method for capturing bidirectional traceability, they are the most common. Traceability matrices can be included in the documents to which they apply, such as the SDD, or they can be combined into a single matrix covering higher level requirements, software requirements, design, code, and verification. General guidance for creating a bidirectional traceability matrix includes the following suggested actions: - Create the matrix at the beginning of the project.
- Uniquely identify the elements in the matrix (requirements identifiers, design document identifiers and paragraph numbers for design elements, etc.).
- Keep the matrix maintained throughout the life of the project.
- Assign responsibility for creating and maintaining the matrix to a project team member, since managing the links/references can be a labor-intensive process that should be tracked/monitored.
- Maintain the matrix as an electronic document to make maintenance and reporting easier.
- Create the matrix such that it may be easily sorted to achieve/convey bi-directional traceability.
- Ensure a review of the matrix at major phases/key reviews of the project.
A bidirectional traceability matrix can be manually created and maintained, or may be a by-product of a requirements management tool. The tracing system needs to be chosen based on project complexity and the number of requirements. Check with project management to see if a requirements management tool exists for the local project that is capable of producing a bidirectional traceability matrix. Keep in mind that a single requirement could trace to multiple architectural elements, design elements, etc. The reverse is also true, design elements could trace back to multiple source requirements, so the relationships identified in the matrix are not required to be one-to-one. 
As decisions are made during the development of the software design, the team may generate new requirements. When that happens and the requirements are confirmed as being within the scope of the project (not expanding the scope or “gold plating” the system by including unnecessary functionality), the traceability matrix is revised to include the new requirements and the mapped design elements. Keep in mind that the requirements document(s) will also need to be revised when this occurs. If the software design team is not the same as the requirements development team, collaboration may be needed to ensure proper bidirectional traceability between design and requirements. Likewise, when tracing detailed design to high-level design, collaboration between the different groups may be needed to ensure proper understanding and proper documentation of traceability. According to “Software Development Life Cycles: Outline for Developing a Traceability Matrix”, an article from The Regulatory Forum  , key aspects of tracing design elements include: - Trace high level design specifications to software requirements.
- Trace detailed design specifications to high level design.
- Trace design interfaces to hardware, user, operator, and software interface requirements.
- Trace design back to hazard analysis, if the design introduces hazards.
NASA-specific bidirectional traceability resources are available in Software Processes Across NASA (SPAN), accessible to NASA users from the SPAN tab in this Handbook. Additional guidance related to bidirectional traceability may be found in the following related requirements in this handbook: |