1. Requirements

3.5.1 The project manager shall classify each system and subsystem containing software in accordance with the highest applicable software classification definitions for Classes A, B, C, D, E, and F software in Appendix D. 

1.1 Notes

The expected applicability of requirements in this directive to specific systems and subsystems containing software is determined through the use of the NASA-wide definitions for software classes in Appendix D in conjunction with the Requirements Mapping Matrix in Appendix C. These definitions are based on (1) usage of the software with or within a NASA system, (2) criticality of the system to NASA’s major programs and projects, (3) extent to which humans depend upon the system, (4) developmental and operational complexity, and (5) extent of the Agency’s investment. Software assurance can perform an independent software classification, or software assurance can concur with engineering’s software classification decision. Software engineering and software assurance technical authorities need to agree on the classification of each system and subsystem containing software.

Software assurance may perform an independent software classification, or concur with engineering’s software classification decision. Software engineering and software assurance technical authorities need to agree on the classification of each system and subsystem containing software. If there is a disagreement between the technical authorities, then the dissenting opinion process for your center should be followed.

1.2 History

1.3 Applicability Across Classes

Key:    - Applicable | - Not Applicable

2. Rationale

Classifying software provides essentially pre-tailoring of software engineering requirements, software safety requirements, software assurance requirements, and other software requirements for different types and levels of software. While every requirement may apply to the highest classification, not every requirement will apply to lower-level classifications.

Software classification is a cornerstone of NASA’s software engineering framework as it ensures that development rigor, safety measures, and assurance levels are appropriately aligned with the software's criticality, complexity, and mission significance. By classifying software correctly, the project can address safety risks, technical challenges, and the potential impact of software failure on the mission's success.

The rationale for this requirement is to provide a systematic approach to applying the appropriate level of engineering, assurance, and risk management to software systems and subsystems. Misclassification can result in underestimating the risks and applying inadequate controls, which could lead to failures or inefficiencies.

This requirement is essential to achieve an optimal and consistent balance between risk, resource allocation, and engineering rigor. By mandating a structured and collaborative classification process, NASA ensures that all software systems and subsystems are developed with appropriate levels of oversight, reliability, and compliance to maximize mission success.

2.1 Reasons for Software Classification

1. Ensures the Correct Application of Requirements

   • NASA-STD-7150.2 Guidelines: Software classes (A–F) are designed to define the level of engineering rigor and controls necessary for the scope and risks involved with each system or subsystem. By determining the software classification, projects can map the appropriate requirements using Appendix C to ensure compliance with NASA’s directives.
   • Without classification, there would be no structured approach to applying requirements, potentially leading to under-engineering or overburdening the project with unnecessary requirements.

2. Matches Criticality with Rigor

   • Safety-Critical Systems: For software deemed safety-critical, additional requirements and scrutiny are necessary because failures could result in loss of life, mission failure, or damage to property. Classification mandates stricter controls (e.g., Software Classes A or B) aligned with these risks.
   • Lower Risk Systems: Non-critical research or exploratory software may be classified as Class C or D, enabling the project to scale back unnecessary rigor while still maintaining accountability.

3. Improves Risk Mitigation

   • Correct classification ensures that software with significant risks to safety, mission objectives, or NASA’s reputation receives the highest level of oversight and testing. For example:
     • Mission-critical flight control systems (Class A) require rigorous validation and verification to minimize the risk of failure.
     • Software for internal research (Class D or E) may require lighter processes, reducing unnecessary burden.

4. Optimizes Resources

   • Classification enables projects to allocate resources—budget, personnel, and time—proportionally to the software’s importance and risk. Systems with higher classifications receive more intensive assurance and engineering focus, while less critical systems are developed using an efficient, streamlined process.
   • This avoids inefficient use of Agency resources while maintaining the necessary controls for high-risk systems.

5. Supports Multi-Subsystem and Multi-Center Projects

   • In projects with multiple subsystems or collaborations across Centers, classification ensures that each software product is developed with the necessary level of rigor. For example:
     • A rover’s autonomous navigation system may be classified as Class B or A, while its monitoring software may be Class C or D.
   • Classification allows teams to distinguish between critical and secondary components, enabling tailored requirements within large, complex projects.

6. Provides Objective Documentation

   • Software classification provides documented, traceable decisions that can be revisited and reevaluated as projects evolve. These decisions are essential during independent assessments, audits, and post-mission evaluations.

7. Facilitates Relationship Between Engineering and Software Assurance

   • The collaborative process of assigning classifications fosters communication and alignment between Software Engineering (ETA) and Software Assurance (SMA TA). Mutual agreement on classifications ensures consistent application of NPR 7150.2 requirements.

8. Supports Transition to Higher Classes

   • Software classifications can evolve as project scope expands (e.g., transitioning from laboratory testing to operational deployment). The NPR includes guidance for reevaluating classifications during major project reviews to safeguard against underestimating project requirements.

2.2 Key Classification Drivers

Classification decisions are based on several critical factors, as defined in the NPR:

1. Purpose of the Software: What is the intended function of the software, and what objectives does it support?
2. Safety-Critical Designation: Is the software directly or indirectly linked to systems upon which personnel safety depends?
3. Operational Complexity: Does the software integrate with other systems in complex ways, requiring additional controls?
4. Developmental Complexity: Are there challenges or risks related to developing the software, such as high levels of innovation or unproven technologies?
5. NASA Investment: Does the project represent a significant monetary or reputational investment for NASA, dictating additional scrutiny and assurance requirements?

2.3 Benefits of Implementing the Requirement

1. Improved Mission Safety and Reliability
   Correctly classified software ensures that safety-critical systems are subject to the rigor required to identify and mitigate risks, improving the reliability of NASA programs and protecting human life.

2. Efficient Use of Resources
   Resources are applied where they are most needed—higher-risk systems are developed with full assurance measures, while lower-risk systems use more streamlined approaches.

3. Flexibility Across Project Types
   The classification system allows for tailored application of requirements across a wide range of software, from research software and onboard spacecraft systems to administrative tools.

4. Scalability for Multi-System Projects
   By assigning classifications at the system or subsystem level, the guidance ensures effective requirements management even for complex, multi-component projects.

5. Accountability and Traceability
   Classification records provide objective evidence of decisions made, fostering accountability and simplifying assessment and audit processes.

6. Compliance with Standards
   Ensures all software aligns with NASA-STD-7150.2, NASA-STD-8739.8, and other applicable agency standards, fostering consistent practices across Centers and projects.

2.4 Risks Addressed by This Requirement

1. Failure in Safety-Critical Systems: Misclassification of critical systems can lead to inappropriate application of verification and validation processes, increasing the likelihood of catastrophic failures.
2. Over-Engineering Low-Risk Components: Without tailored classifications, systems with minimal risk could be subjected to excessive processes, leading to inefficiency and unnecessary expenditure.
3. Miscommunication Between Teams: Clear classification encourages communication across software engineering, software assurance, and project management, reducing the likelihood of conflicting interpretations.
4. Evolving Project Scope Without Reclassification: Revisiting classifications ensures that project or mission changes are reflected in the requirements applied to software systems.

3. Guidance

Adherence to accurate software classification ensures that the appropriate requirements are applied to systems and subsystems based on their criticality, purpose, and risks. For small projects, classification must balance efficiency with compliance, while for larger projects, it provides a foundation for robust assurance and risk mitigation practices throughout the software lifecycle. Regular review and documentation are essential for maintaining classification accuracy as project scope and goals evolve.

3.1 Applicability of Requirements

3.1.1 Overview

In projects containing multiple systems and subsystems with varying software classifications, the applicability of NPR 7150.2 requirements is determined based on the combination of software classification (Appendix D) and safety-critical designation, as outlined in the Requirements Mapping and Compliance Matrix (Appendix C). This mapping process ensures the appropriate application of engineering, safety, and assurance practices that reflect the software’s criticality, operational complexity, and role within its system.

3.1.2 Key Considerations for Applicability

When classifying software and determining the applicability of requirements:

1. Usage Context: Evaluate the software's purpose and its interaction within a NASA system.
2. Criticality of System: Assess the impact of the software on major NASA programs, focusing on mission reliability.
3. Human Dependency: Consider the extent to which humans directly depend on the software (e.g., safety-critical flight systems).
4. Developmental and Operational Complexity: Complexity drives rigor and requirements—analyze integration challenges and operational constraints.
5. Agency Investment: Ensure robust classification for high-investment systems that require stringent assurance to protect resources.

3.1.3 Actionable Guidance

• Timing: Perform software classification as soon as a project includes software. Early classification ensures requirements are applied in alignment with project scope and risks.
• Technical Authority Agreement: Classification decisions must be agreed upon by Software Engineering Technical Authority (ETA) and Software Assurance Technical Authority (SMA TA). Disagreements follow the Center’s dissenting opinion process.
• Default Compliance Matrix: Use Appendix C as the foundation to map requirements based on the assigned software class and safety-criticality designation.

3.1.4 Resources

1. Topic 7.04: Flow Down of NPR Requirements on Contracts and Multi-Center Projects.
2. Topic 7.16: Appendix C - Requirements Mapping and Compliance Matrix.
3. SWE-176: Guidelines for Software Records Documentation.

3.2 Classification Considerations

3.2.1 Critical Factors for Classification

When classifying systems or subsystems containing software, consider the following:

1. Scope of Classification:

   • Conduct classification assessments for all software components within the system or subsystem.
   • Some subsystems may merit unique classifications if their usage or risks differ from the broader system.

2. Purpose of Software:

   • Classify based on the intended function of the software: control functions, data processing, or interaction with hardware.

3. Usage Context:

   • Evaluate how the software will be employed within operational environments or systems (e.g., flight or ground operations).

4. Program and Project Relevance:

   • Determine how the software contributes to major NASA programs or the mission’s critical objectives.

5. Hardware Controls:

   • Assess interaction with hardware, as systems that control critical hardware (e.g., propulsion systems) may require higher classification.

6. Human Interaction:

   • Identify systems with direct human interaction, as these often require enhanced safety and usability assurance.

7. Complexity:

   • Consider both developmental complexity (e.g., integration with external systems) and operational complexity (e.g., adapting to dynamic environments).

8. Risks:

   • Address risks to the project, the sponsoring Center, and the Agency, factoring in potential failures.

9. Investment:

   • Higher levels of Agency investment in a software product warrant thorough classification and applicable requirements.

3.2.2 Special Considerations for Safety-Critical Components

• Any software component deemed safety-critical, per the process defined in NASA-STD-8739.8, must be classified as Class D or higher. This ensures rigor appropriate for systems where failures could result in loss of life, mission, or system integrity.

3.2.3 Resources

1. Topic 7.02: Classification and Safety-Criticality Overview.
2. NASA-STD-8739.8: Safety-Critical Software Designation Process.

3.3 Commercial, Government, Legacy, Heritage, and MOTS Software

3.3.1 Verification and Validation Standards

COTS (Commercial Off-the-Shelf), MOTS (Modified Off-the-Shelf), GOTS (Government Off-the-Shelf), reused, legacy, heritage, or auto-generated software components must be verified and validated to meet the same standards as newly developed software to ensure fitness for their intended use.

Projects must ensure compliance by:

1. Matching with Class Requirements: These software components must meet the applicable requirements based on their assigned classification from Appendix C.
2. Consistency in Testing: Conduct verification and validation activities equivalent to those required for developed software, including:
   • Functional testing.
   • Performance testing.
   • Integration testing with system hardware.
3. Documenting Compliance: Record results in project documentation to demonstrate compliance.

3.3.2 Resources and Special Considerations

1. Topic 8.08 - COTS Software Safety Considerations 
2. Topic 8.11 - Auto-Generated Code

3.4 Final Classification

3.4.1 Resolving Classification Conflicts

The final classification of systems and subsystems containing software is achieved through agreement between the project office, Software Development organization, and Software Assurance (SA).

• Conflict Resolution: In cases of disagreement, the Software Engineering Technical Authority (ETA) facilitates resolution with the Safety and Mission Assurance Organization (SMA).

3.4.2 Prevent Misclassification

Software classifications must reflect the true criticality and risk associated with the component—misclassification to reduce requirements is prohibited. If certain requirements cannot be met for a high-risk or small mission, initiate a waiver process through the Engineering Technical Authority.

3.5 Classification Revisited

3.5.1 Periodic Review

Software classification is not static and may evolve as the project progresses. Revisit and validate the classification during major project reviews (e.g., PDR, CDR) or whenever there are significant changes in:

1. Software Design: New architectural or functional decisions may alter risks and classification.
2. Operational Usage: Moving software from research/development environments into operational use may require transitioning to a higher classification level.
3. Project Scope: Scope changes impacting criticality or investment may warrant re-evaluation.

3.5.2 Example Case

A research software system initially classified as Class C for laboratory use may be transitioned to Class B if it becomes essential for operations in real-world environments.

3.5.3 Transition Considerations

• Use SWE-021 and Topic 7.13 for guidelines on transitioning software classification to a higher class.
• Update SWE-125 Requirements Compliance Matrix to reflect new classifications and ensure all revised requirements are addressed.

3.6 NASA Software Classifications

Definitions and examples for each software classification taken from NPR 7150.2D, Appendix D:

3.7 Additional Guidance

Additional guidance related to this requirement may be found in the following materials in this Handbook:

Records of classification are maintained by the project. See also SWE-013 - Software Plans, and Topic 5.08 - SDP-SMP - Software Development - Management Plan, 8.51 - Software Assurance Plan, 

3.8 Center Process Asset Libraries

See the following link(s) in SPAN for process assets from contributing Centers (NASA Only). 

4. Small Projects

Small projects often have less complexity and fewer resources compared to large-scale missions. However, classification remains a critical step for ensuring appropriate rigor is applied to software systems and subsystems. To address the needs of small projects efficiently, the guidance below focuses on streamlining the classification process while ensuring compliance with NPR 7150.2 ⁰⁸³.

Small projects can successfully meet classification requirements by tailoring the process for their scale, leveraging pre-existing classifications, efficiently collaborating, and documenting decisions concisely. This approach balances compliance with resource constraints to enable small projects to achieve high-quality outcomes without unnecessary administrative overhead.

4.1 Leverage Pre-Existing Classification Frameworks

Small projects can reduce effort by reusing or referencing classification decisions from similar previous projects, particularly those using similar technologies, methodologies, and risk profiles.

• Analyze Similar Projects: Identify previous projects that share similarities in system goals, software tools, or subsystems.
• Reuse Established Class Definitions: If the classification process for similar projects is well-documented, adapt it for the current project, ensuring the rationale still applies.
• Confirm Applicability: Verify that conditions such as new risks, safety-criticality, or added complexity are accounted for—adjust classifications if necessary.

4.2 Create a Simplified Classification Workflow

For small projects, the classification process can be optimized based on fewer systems and subsystems. Establish a straightforward workflow:

1. List Subsystems and Their Software Components: Identify all software integrated into the project’s systems and subsystems.
2. Evaluate Safety-Criticality: Identify whether any component qualifies as safety-critical per NASA-STD-8739.8, requiring a minimum classification of Software Class D.
3. Review Appendix D Definitions: Align the classification of each system and subsystem with NPR 7150.2 Appendix D definitions based on:
   • How the software is intended to be used.
   • Interaction with humans.
   • Developmental and operational complexity.
   • Risks and Agency investment.
4. Assign Classifications: Apply the highest applicable classification level across related systems and subsystems (e.g., if a safety-critical subsystem is Class D, the system may need to match this classification).

4.3 Collaborate Effectively

Although small projects may have a leaner team, collaboration between Software Engineering and Software Assurance (SA) remains critical:

• Shared Responsibility: Software Engineering performs the initial classification, while SA reviews and provides concurrence.
• Streamlined Communication: Use regular team meetings or joint reviews to agree on classifications early in the project timeline.
• Dispute Resolution: Escalate disagreements through the Technical Authority chains only when local collaboration cannot resolve the discrepancy.

4.4 Focus on Key Known Risks

Small projects typically have limited scope, so risk assessment is often focused on a few critical factors:

• Safety-Critical Designation: Determine whether the software supports hardware or functions that could compromise safety or operational integrity (e.g., software controlling flight systems or hazardous operations).
• Interaction Complexity: Assess systems that interact extensively with users or external systems for higher classification.
• Investment Protection: Ensure rigorous classification for software systems tied to significant Agency investments (e.g., research software or mission control software).

4.5 Minimize Documentation Overhead

Small projects often have lighter documentation requirements. Scale classification records to reflect the project size:

• Simplified Classification Report: Consolidate the classification results for all systems and subsystems into a single brief document that includes:
  • List of systems/subsystems and their classifications.
  • Justifications for classification decisions.
  • Evidence of SA concurrence (e.g., meeting notes, signed documents).
• Use Existing Templates: NASA or Center-provided templates for classification reports can be adapted for small projects.

4.6 Schedule Classifications Early

Small projects often need to move quickly through the initial stages. Early classification ensures applied requirements correspond with the risk and complexity of the system.

• Classify During Formulation Phase: Begin classification as soon as it is determined that the project includes software.
• Efficiency Tip: For software reusing heritage code or tools, classifications can often be inherited (with reassessments as needed).

4.7 Tools and Resources for Small Projects

Leverage lightweight tools and resources to streamline classifications for small projects. Useful resources include:

• Software Classification Appendix D: Review the definitions provided by NPR 7150.2.
• NASA-STD-8739.8: Define and confirm safety-critical software designations.
• Center Tools: Many Centers have tools or databases that include previously documented classification decisions for reference.
• SATERN Training: Provide concise training to project personnel on classification requirements if gaps exist in team expertise.

4.8 Handling Multiple Classifications

Some small projects may contain systems and subsystems with varying software classifications:

• Aggregate by Highest Classification: Ensure that subsystems with the highest classification drive overarching requirements for the system.
• Apply Minimal Differentiation Where Possible: Whenever feasible, minimize complexity by combining subsystems under a single classification to streamline processes.
• Customize Individual Subsystems Only If Needed: Adapt requirements specifically for subsystems with lower classifications, but avoid excessive partitioning that undermines efficiency.

4.9 Addressing Discrepancies

For small projects where classification disagreements arise:

• Resolve Locally: Schedule focused discussions between SA and software engineering to reconcile views.
• Escalate Only If Necessary: Small projects should avoid Technical Authority escalation unless disagreements pose significant risks to system development or compliance.
• Use Precedent: Reference classifications from older projects to support resolution of disputes.

4.10 Example Use Case

Small Project Scenario: A small project is developing a scientific autonomous software system controlling a rover for environmental monitoring.

• Initial Indicators:
  • The rover’s software interacts minimally with humans but is central to mission functionality.
  • Some subsystems are designed for high-complexity sequences (e.g., autonomous decision-making).
  • The project investment is moderate.
  • The software does not support hardware impacting safety directly.
• Classification Result:
  • Safety review determines software is not safety-critical.
  • Classification aligns closely with Class C, based on relevance to NASA programs and operational complexity.
  • Software engineering proposes Class C classification, and SA concurs after review.

4.11 Benefits of This Approach

1. Efficiency: Reduces unnecessary steps by leveraging pre-existing resources and streamlining the process.
2. Compliance: Ensures proper classifications are applied, adhering to NPR requirements without overburdening small projects.
3. Consistency: Establishes a repeatable framework for small projects, enabling predictability across future classification workflows.
4. Cost-Effectiveness: Minimizes documentation and effort while maintaining oversight.

5. Resources

5.1 References

5.2 Tools

6. Lessons Learned

6.1 NASA Lessons Learned

No Lessons Learned have currently been identified for this requirement.

6.2 Other Lessons Learned

No other Lessons Learned have currently been identified for this requirement.

7. Software Assurance

Accurate software classification is critical to ensuring appropriate application of NASA’s software engineering requirements as defined in NPR 7150.2. Software classifications influence the rigor applied to development, assurance, and verification processes. Software Assurance (SA) plays a critical role in independently reviewing the classification process and providing concurrence (or identifying disagreements that require escalation). Ensuring alignment with the correct classification minimizes risks by applying the appropriate controls proportional to the software’s criticality, complexity, and importance to NASA missions.

7.1 Tasking for Software Assurance

7.2 Software Assurance Products

7.2.1 Software Classification Assessment Report

Purpose: Documents SA’s evaluation and concurrence (or disagreement) with the classifications assigned to the project's systems and subsystems containing software.
Contents:

• List of all systems and subsystems containing software, along with their assigned classifications (Class A, B, C, D, E, F).
• Justification for the classifications assigned by software engineering, including:
  • Software purpose and relevance to NASA programs and projects.
  • Hardware controls and software's role in the system.
  • Operational and developmental complexity.
  • Interaction with humans and other subsystems.
  • Risks to the project or Agency.
  • Agency investment in the software.
• Results of the SA review, including:
  • Concurrence with classifications or identification of inconsistencies.
  • Recommendations or alternatives for reclassification (if applicable).
• Record of communication between SA and software engineering regarding classification agreement or disagreements.

7.2.2 Evidence of Software Assurance Concurrence

Purpose: Tracks formal Software Assurance concurrence (or non-concurrence) on the project’s software classification decisions.
Contents:

• Signed concurrence document or verification notes where SA agrees with the assigned software classifications.
• Records of SA participation in discussions or meetings where software classification assignments were reviewed.
• Documentation of reclassification processes (if reclassification was required based on SA input).

7.2.3 Software Classification Discrepancy Report (if applicable)

Purpose: Formalizes cases where SA identifies discrepancies in the software classifications assigned by software engineering.
Contents:

• Specific areas of disagreement with the assigned software classifications, including detailed rationale and references to NPR 7150.2 Appendix D and NASA-STD-8739.8.
• Recommended resolutions or actions to escalate the discrepancy via the Engineering Technical Authority (ETA) and Safety and Mission Assurance Technical Authority (SMA TA) chains.
• Status and resolution details of discrepancies, including outcomes of discussions between SA and software engineering.

7.3 Metrics

Metrics provide insight into the completeness, accuracy, and distribution of software classifications across the project portfolio.

Key Metrics

7.3.1 Distribution of Software Classifications Across the Project:

• % of Total Source Code at Each Software Classification (organizational measure):
  • Indicates the proportional breakdown of the project's software code across classifications (e.g., Class A, B, C, etc.).
  • Supports resource planning and ensures appropriate levels of rigor are applied to software products based on their assigned classes.

7.3.2 Software Classification Agreement Metrics:

• % of Projects with SA Concurrence for Software Classifications:
  • Tracks the rate of agreement between SA and software engineering on classification assignments.
• % of Classification Discrepancies Resolved Before Major Reviews (e.g., PDR, CDR):
  • Measures the resolution effectiveness of classification disagreements to ensure timely compliance.

see also Topic 8.18 - SA Suggested Metrics.

7.4 Guidance

7.4.1 Reaching Agreement on Software Classifications

• Collaboration Between SA and Software Engineering: Classification is a joint responsibility between Software Engineering and Software Assurance. Both parties must agree on the assigned classifications for systems and subsystems.
• Independent SA Assessment (Optional): Although an independent reclassification effort by SA is not required by default, NASA Centers may mandate an independent review of classifications based on local processes. If no independent review is required, SA should perform an evaluation of the proposed classifications and confirm their concurrence.

7.4.2 Classification Considerations

Ensure all factors are considered when classifying software:

1. Software Role in the System or Subsystem: Assess the software’s purpose, usage, and relevance to program or system objectives.
2. Safety-Critical Status: If software is determined to be safety-critical (per NASA-STD-8739.8), it must be assigned Class D or higher.
3. Interaction with Humans: Systems with significant interaction with humans may require higher classification levels based on inherent risks.
4. Operational and Developmental Complexity: Complex systems with high integration demands may require stricter classification.
5. Risk to the Mission or Agency: Consider risks associated with software failure to NASA’s reputation, mission success, and financial investment.

7.4.3 Best Practices for Timely Classification

• Classify as soon as it is determined that a project includes software. Early classification ensures that requirements (e.g., SWE-071, SWE-190 for safety-critical software) are applied promptly.
• Use Appendix D of NPR 7150.2 as the primary reference for classification definitions and apply the Requirements Mapping and Compliance Matrix in Appendix C to guide requirements applicability.

7.4.4 Resolving Classification Disagreements

When SA and software engineering do not agree on classification assignments:

1. Document Disagreement: SA should record the specific issues in a Software Classification Discrepancy Report.
2. Engage the Technical Authority Chains: Escalate unresolved discrepancies through the Engineering Technical Authority (ETA) and SMA Technical Authority (SMA TA) to ensure resolution.
3. Determine Correct Classification: Use authority chain decisions to finalize classification assignments, ensuring compliance with NPR 7150.2 requirements.

By rigorously verifying and concurring on software classifications, Software Assurance ensures that appropriate development rigor, risk management, and NASA standards are applied to each software product in the project. Accurate and timely classifications reduce risks and improve the quality, safety, and reliability of software for NASA’s critical systems and missions.

When classifying software be sure to consider:

• All software for the system or subsystem (classification may need to be assessed separately). ²⁷⁸
• The purpose of the software.
• How the software is intended to be used.
• Relevance to major programs and projects.
• Hardware controls.
• Operations.
• Interaction with humans.
• Complexity (developmental and operational complexity is woven into the class definitions).
• The risk to the project, Center, and Agency
• Investment.

If a software component is determined to be safety-critical software, per the software safety-critical determination process defined in NASA-STD-8739.8 ²⁷⁸, then the software component classification must be Software Class D or higher.

7.5 Additional Guidance

Additional guidance related to this requirement may be found in the following materials in this Handbook:

8. Objective Evidence

Objective evidence ensures traceability and accountability for the software classification process as it applies to systems and subsystems.

8.1 Objective Evidence to Be Collected

8.1.1 Classification Documentation:

• Classification assignments for all software systems and subsystems, including:
  • Assigned classifications (e.g., Class A, B, C, D, E, F).
  • Classification rationale (aligned with NPR 7150.2 Appendix D definitions).
  • Safety-critical software designations per NASA-STD-8739.8.

8.1.2 Evidence of SA Involvement in Classification:

• Records of SA concurrence with the project’s software classifications, such as:
  • Signed documentation of classification agreement between SA and software engineering.
  • Meeting minutes or communications showing collaborative discussions on software classification.

8.1.3 Evidence of Escalation (if applicable):

• If disagreements arose, evidence of escalation through ETA and SMA TA chains:
  • Discrepancy reports or formal notifications to the appropriate authorities.
  • Resolutions and artifacts showing resulting classification adjustments.