Code (software) is based on a software design which is based on a set of software requirements. Some measure of assurance is needed to show that the created code fulfills the design upon which it is based without leaving out any design elements or adding any new functionality not present in the design.
Tracing elements of the code such as functions, subsystems, modules, Computer Software Configuration Items (CSCI), etc. to design elements helps provide the basis of this assurance.
Traceability matrices help ensure that each design element, typically documented in a Software Design Document (SDD), is implemented in the resulting software, giving a reason for the code implementation through the design back to the software requirements.
Traceability links between individual requirements and other system elements, including, but not limited to, source code, are helpful tools when evaluating the impact of changing or deleting a requirement. When a requirement is changed, traceability can help identify the affected products, including design, documentation, source code, tests, etc. (NASA-GB-8719.13, NASA Software Safety Guidebook ).
Tracing source code to design elements also provides the ability to demonstrate traceability of safety-critical software functions and safety-critical software controls to detailed design specifications.
Bidirectional traceability is defined as a traceability chain that can be traced in both the forward and backward directions as illustrated below (Westfall, 2006 ). It is important because it can point out software design elements that are not fulfilled in the code (i.e., missing or incomplete functionality) as well as source code that does not have a parent design element (i.e., extra functionality). Ideally, the trace does not identify any source code elements that have no source design element, but if such "orphan" source code elements are discovered in the trace, they need to be discussed by the project team and assurance personnel to determine if the "orphan" elements are necessary. If they are determined to be necessary, any missing design elements and source requirements are added to the project.
Bidirectional traceability is a traceability chain that can be traced in both the forward and backward directions. Figure 2 illustrates how software design and software code are traced between software products.
Before starting the traceability activity, it is assumed that the documents being traced (e.g., requirements, design, code, test data, etc.) have been approved.
Using a matrix such as the one shown below (Westfall, 2006 ), allows a single exercise to show traceability both forwards and backwards. The matrix is completed left to right early in the appropriate phase in the project life cycle. As each column is completed, the forward trace is extended to the next set of products. Simply starting with a column such as the LLD (low-level design) Section and looking at the data in the columns to the left shows the backward traceability from a LLD element to its parent HLD (high level design) element and back to the parent requirements.
While traceability matrices are not the only method for capturing bidirectional traceability, they are the most common. Traceability matrices can be included in the documents, such as the Software Requirements Specification (SRS), to which they apply or they can be combined into a single matrix covering higher level requirements, software requirements, design, code, and verification. General guidance for creating a bidirectional traceability matrix includes the following suggested actions:
- Create the matrix at the beginning of the project.
- Uniquely identify the elements in the matrix (requirements identifiers, design document identifiers and paragraph numbers, code module identifiers, etc.).
- Keep the matrix maintained throughout the life of the project.
- Assign responsibility for creating and maintaining the matrix to a project team member, since managing the links/references can be a labor-intensive process that needs to be tracked and monitored.
- Maintain the matrix as an electronic document to make maintenance and reporting easier.
- Create the matrix such that it may be easily sorted to achieve/convey bi-directional traceability.
Ensure a review of the matrix at major phases / key reviews of the project.
If the software development team is not the same as the software design team, collaboration may be needed to ensure proper bidirectional traceability between source code and design. Early collaboration is valuable since a one-to-one subsystem to design package relationship (or as close as possible), makes the traceability activity between design and source code much simpler.
Key aspects of tracing source code include:
- Clear tracing of safety requirements to the source code that implements them (typically via comments in the code or via the traceability matrix using requirements traced to design to code) (NASA-GB-8719.13, NASA Software Safety Guidebook ).
- For traceability purposes, safety-critical code and data is to be commented as such (NASA-STD-8719.13C, NASA Software Safety Standard ).
- Trace source code to the detailed design specifications.
- Map each low level function or data specification to the requirements it fulfills.
- Trace unit tests to source code and to design specifications.
NASA-specific bidirectional traceability resources are available in Software Processes Across NASA (SPAN), accessible to NASA users from the SPAN tab in this Handbook.
Additional guidance related to bidirectional traceability may be found in the following related requirements in this Handbook: