SWE-058 Supporting Materials
- Software Design Principles
- This topic contains the Guiding Principles that have been built over the years at NASA. These Principles are designed to help projects be successful by reducing the likelihood of defects.
Links to Software Design Principles
Title Software Design Principle 9.03 Coding Standards Implement a "secure" coding standard on all mission-critical software. 9.04 Command Receipt Acknowledgement Design software to send a positive acknowledgement of command receipt. 9.05 Data Interface Integrity Design software to verify the integrity of all inputs and outputs in the control system 9.06 Dead Code Exclusion Establish a policy for eliminating unreachable code or mitigating the risk of any unreachable code. 9.07 Fault Detection and Response In the software design, provide mechanisms to detect credible system faults and to react to these faults according to a pre-described plan. 9.08 Flight Software Modification Include in the software design the capability for commanding modification of the software, and for preventing unwanted modifications. 9.09 Incorrect Memory Use or Access Design software to protect against incorrect use of memory. 9.10 Initialization - Safe Mode Design flight software to initialize software and hardware to a known, safe, and deliberate state 9.11 Invalid Data Handling Design software to handle invalid data appropriately. 9.12 Resource Margins Establish and maintain quantitative margins for all critical resources, allowing for maturation of usage estimates through the life cycle. 9.13 Resource Oversubscription Include a robust and well thought out response to resource oversubscription situations in the software design. 9.14 Resource Usage Measurement Incorporate timely visibility into the use of computing resources into the software design. 9.15 Safe Transitions Assert required preconditions and post-conditions at software transitions. 9.16 Thread Safety Design interaction between threads to prevent inappropriate interference. 9.17 Toggle Commands Design both internal and external commanding to place the system into an explicitly specified state.
