Evaluaiton of Compliance Matrix

NASA-STD-8739.
8 Requirements Compliance Matrix

Center/Program:__________________
Date:___________________
Software Classes:__________________
Matrix _____ of _________
Completed by: ________________________
NASA-STD-8739.8 Requirements Compliance Matrix

Compliance
Requirement
Role/Responsibility*
Full
Partial None
No requirements
N/A
No requirements
N/A
No requirements
N/A
No requirements
N/A
Not a requirement
N/A
5.1
5.1.1
Not a requirement
Identify software assurance manager
The software assurance manager shall
perform the following tasks:
Perform Classification Assessment
Ensure safety critical software projects
comply with NASA Software Safety
Standard NASA-STD-8719.13B
Ensure tailoring of software assurance
requirements based on software
classification
Assure project agreement with
classification
Apply acquirer software assurance
requirements
Apply provider software assurance
requirements
Assure contract contains oversight/insight
requirements
Section
Scope
Applicable
Documents
Definitions And
Acronyms
Software
Assurance
Overview
Acquirer Software
Assurance
Initialization,
Pre-Award
No.
5.1.2
5.1.2.1
5.1.2.2
5.1.2.3
5.1.2.4
5.1.2.5
5.1.2.6
5.1.2.7
257698494.doc
N/A
Acquirer SA Mgr
Acquirer SA Mgr
Acquirer SA Mgr
Acquirer SA Mgr
Acquirer SA Mgr
Acquirer SA Mgr
Acquirer SA Mgr
Acquirer SA Mgr
Page 1 of 11
Comments

Center/Program:__________________
Date:___________________
Matrix _____ of _________
Completed by: ________________________
Section
No.
5.1.2.8
5.1.2.9
5.1.2.10
Post RFP, PreAward
5.2
5.2.1
5.2.1.1
5.2.1.2
5.2.1.3
5.2.1.4
5.2.1.5
Post-Award,
Pre-Development
5.2.1.6
5.3
5.3.1
5.3.1.1
5.3.1.2
5.3.1.3
5.3.1.4
5.4
257698494.doc

Compliance
Requirement
Full
Partial None
Prepare preliminary acquirer software
Acquirer SA Mgr
assurance plan
Verify that the RFP/MOU/MOA addresses
Acquirer SA Mgr
software quality metrics
Identify, analyze, track, and control
Acquirer SA Mgr
procurement/development risks
Not a requirement
N/A
Evaluate proposals
Acquirer SA Mgr
Participate in pre-award surveys when
Acquirer SA Mgr
such surveys are requested.
Participate in contract negotiations
Acquirer SA Mgr
Perform an updated Software Assurance
Acquirer SA Mgr
Classification Assessment
Update software assurance requirements
Acquirer SA Mgr
based on Assessment results
Maintain Assessment results
Acquirer SA Mgr
Not a requirement
N/A
Verify providers software assurance plan
Acquirer SA Mgr
meets contractual requirements.
Verify acquirers and providers software
assurance plans are consistent, compatible,
Acquirer SA Mgr
and are baselined
Ensure acquirer software assurance
Acquirer SA Mgr
personnel are trained and qualified
Assure provider software assurance
Acquirer SA Mgr
personnel are trained and qualified
Not a requirement
N/A
Page 2 of 11
Comments

Center/Program:__________________
Date:___________________
Matrix _____ of _________
Completed by: ________________________
Section
Contract
Implementation,
Development
No.
5.4.1
5.4.1.1
5.4.1.2
5.4.1.3
5.4.1.4
5.4.1.5
5.4.1.6
5.4.1.7
Acceptance
5.5
5.5.1
5.5.1.1
5.5.1.2
5.5.1.3
5.5.1.4
Operation
257698494.doc
5.6
5.6.1

Compliance
Requirement
Full
Partial None
Assure both acquirer and provider software
assurance organizations perform according
Acquirer SA Mgr
to their plans
Verify provider has developed and
maintained processes for assurance of
Acquirer SA Mgr
COTS, MOTS, and GOTS software
Ensure insight performed over provider
Acquirer SA Mgr
Ensure oversight performed over provider
Acquirer SA Mgr
Assure proper software configuration
Acquirer SA Mgr
management
Assure software issues are documented
Acquirer SA Mgr
and tracked to resolution
Assure software products are reviewed and
assure that software quality metrics are
Acquirer SA Mgr
collected
Not a requirement
N/A
Ensure an acceptance audit is performed
Acquirer SA Mgr
prior to delivery
Ensure that any acquirer facilities are
Acquirer SA Mgr
prepared to receive and install the software
Assure all acceptance documentation is
Acquirer SA Mgr
complete
Assure acquisition lessons learned are
recorded and entered into the NASA
Acquirer SA Mgr
lessons learned database
Not a requirement
N/A
Page 3 of 11
Comments

Center/Program:__________________
Date:___________________
Matrix _____ of _________
Completed by: ________________________
Section
No.
5.6.1.1
5.6.1.2
5.6.2
Maintenance
5.7
5.7.1
5.7.1.1
5.7.1.2
5.7.1.3
Retirement
5.8
5.8.1
5.8.1.1
5.8.1.2
Provider Software
Assurance
Software
Assurance
Program
257698494.doc

Compliance
Requirement
Full
Partial None
Ensure software assurance processes are in
place for operation of the software
Acquirer SA Mgr
developed or acquired by NASA
Ensure software assurance processes
include a periodic audit of the operational
Acquirer SA Mgr
software
Ensure software configuration
Acquirer SA Mgr
management of operational software
Not a requirement
N/A
Ensure software assurance processes are in
Acquirer SA Mgr
place for software maintenance.
Assure transfer and maintenance of any
Acquirer SA Mgr
licenses, simulators, models, and test suites
Assure that any software metrics are
transferred to the maintenance organization
Acquirer SA Mgr
and maintained
Not a requirement
N/A
Assure that software engineering and
management prepare, approve, and execute
Acquirer SA Mgr
a retirement plan.
Ensure that the retirement plan includes
archival or disposal of software assurance
Acquirer SA Mgr
records and documents
Not a requirement
6.1
6.1.1
Not a requirement
Plan, document, and implement software
assurance program
N/A
N/A
Provider SA Mgr
Page 4 of 11
Comments

Center/Program:__________________
Date:___________________
Matrix _____ of _________
Completed by: ________________________
Section
No.
6.1.2
6.1.3
6.1.4
6.1.5
Software
Assurance
Management
6.2
6.2.1
6.2.2
6.2.3
6.2.4
6.2.5
6.2.6
Software
Assurance Plan
6.3
6.3.1
6.3.2
6.3.2.1
6.3.2.2
6.3.2.3
6.4
257698494.doc

Compliance
Requirement
Full
Partial None
Include software assurance processes for
Provider SA Mgr
COTS, MOTS, and GOTS software
Include all software assurance disciplines
Provider SA Mgr
Coordinate with IV&V
Provider SA Mgr
Describe SA metrics collection and
Provider SA Mgr
reporting
Not a requirement
N/A
Identify provider software assurance
Provider Mgmt
manager
Establish and maintain interface between
Provider Mgmt
software assurance and project
Provider SA Mgr
Establish an independent reporting channel
Provider Mgmt
to provider management
Provider SA Mgr
Conduct and document periodic reviews of
Provider Mgmt
provider software assurance process
Provider SA Mgr
Conduct and document periodic reviews,
audits, and assessments of the
Provider SA Mgr
development process and products
Assure software problems and risks are
Provider SA Mgr
documented and tracked to resolution
Not a requirement
N/A
Establish and maintain a software
Provider Mgmt
assurance plan
Provider SA Mgr
The software assurance plan shall:
Provider Mgmt
Conform plan to IEEE 730-2002
Provider SA Mgr
Implement requirements of provider
Provider Mgmt
software assurance and software assurance
Provider SA Mgr
disciplines sections into plan
Give precedence of software assurance
Provider Mgmt
Standard sections over IEEE 730-2002
Provider SA Mgr
Not a requirement
N/A
Page 5 of 11
Comments

Center/Program:__________________
Date:___________________
Matrix _____ of _________
Completed by: ________________________
Section
Software
Assurance Plan
Change
Procedures
Software
Assurance
Approval
Authority
Software
Assurance
Records
6.7

Compliance
Requirement
Full
Partial None
Submit plan deviations or changes
Provider SA Mgr
formally to acquirer
Perform and submit risk analysis of
Provider SA Mgr
deviations or changes to plan
Have approval authority on the
establishment and composition of all
Provider SA Mgr
software baselines and any changes to the
baselines
Not a requirement
Prepare, maintain, and manage
configuration of software assurance
Provider SA Mgr
records
Include recommended preventive
measures, corrective actions, and lessons
Provider SA Mgr
learned in software assurance records
Not a requirement
N/A
6.7.1
Prepare software assurance status reports
Provider SA Mgr
6.8
Not a requirement
Ensure that software assurance personnel
are trained and/or experienced
Obtain software assurance training for
management, engineering, and software
assurance personnel
Ensure software assurance personnel
training is current with assurance and
development methods
Ensure that software assurance personnel
are trained for their assigned environment
Ensure training records are available and
maintained
Not a requirement
N/A
No.
6.4.1
6.4.2
6.5
6.6
6.6.1
6.6.2
Software
Assurance Status
Reporting
Training
6.8.1
6.8.2
6.8.3
6.8.4
6.8.5
6.9
257698494.doc
Provider SA Mgr
Provider SA Mgr
Provider SA Mgr
Provider SA Mgr
Provider SA Mgr
N/A
Page 6 of 11
Comments

Center/Program:__________________
Date:___________________
Matrix _____ of _________
Completed by: ________________________
Section
Subcontractor
Controls
No.
6.9.1
6.9.2
Disciplines
Software Quality Product
Assurance
7
7.1
7.1.1
7.1.1.1
7.1.1.2
7.1.1.3
7.1.1.4
7.1.1.5
7.1.1.6
7.1.1.7
7.1.1.8
7.1.1.9
257698494.doc

Compliance
Requirement
Full
Partial None
Flow down the requirements of this
Provider SA Mgr
Standard to all subcontractors
Assure that the subcontractors satisfy the
Provider SA Mgr
flowed down requirements
Not a requirement
N/A
Not a requirement
N/A
Product assurance shall be performed to
assure that:
All of the required plans are documented,
adhere to applicable standards and
Acquirer and
procedures, are mutually consistent, and
Provider SA Engr
are being executed.
All software requirements are defined,
Acquirer and
traceable from one life cycle phase to
Provider SA Engr
another, and analyzed
Evaluate software products and related
Acquirer and
documentation
Provider SA Engr
Project documentation and any changes to
Acquirer and
them have been reviewed for impact to the
Provider SA Engr
quality of the product
Witness formal and acceptance-level
Acquirer and
software testing
Provider SA Engr
Update, audit, and/or review lower level
Acquirer and
testing results and development folders
Provider SA Engr
Software quality metrics are in place and
Acquirer and
are used to ensure the quality and safety of
Provider SA Engr
the software products.
Specify standards and procedures for
Acquirer and
management, acquisition, engineering, and
Provider SA Engr
assurance activities
Verify software is compliant with
Acquirer and
functional and performance requirements
Provider SA Engr
Page 7 of 11
Comments

Center/Program:__________________
Date:___________________
Matrix _____ of _________
Completed by: ________________________
Section
No.
7.1.1.10
7.1.1.11
Software Quality Process Assurance
7.1.2
7.1.2.1
7.1.2.2
7.1.2.3
7.1.2.4
7.1.2.5
7.1.2.6
Software Safety
257698494.doc
7.2
7.2.1

Compliance
Requirement
Full
Partial None
Acquirer and
Present the status and quality of the
Provider SA Engr/SA
software at formal reviews
Mgr
Acquirer and
Report problems with software products at
Provider SA Engr/SA
formal and informal reviews
Mgr
Process assurance shall be performed to
assure that:
Those software life cycle processes
Acquirer and
employed for the project adhere to the
Provider SA Engr
applicable plans.
Document, track, and resolve problems
Acquirer and
found with the implementation of software Provider SA Engr/SA
life cycle processes
Mgr
The software engineering practices,
development environment, test
Acquirer and
environment, and libraries employed for
Provider SA Engr
the project adhere to applicable standards
and procedures.
Formal reviews and inspections are
Acquirer and
monitored and address software quality
Provider SA Engr
issues.
Audit all management, engineering, and
Acquirer and
assurance processes for compliance with
Provider SA Engr
applicable plans.
Assess the software quality metrics process
Acquirer and
for compliance to appropriate
Provider SA Engr
documentation or requirements.
Not a requirement
N/A
Implement the requirements for NASAAcquirer and
STD-8719.13, NASA Software Safety
Provider
Standard
Page 8 of 11
Comments

Center/Program:__________________
Date:___________________
Matrix _____ of _________
Completed by: ________________________
Section
No.
7.2.2
7.2.3
7.2.4
Software
Reliability
7.3
7.3.1
7.3.2
7.3.3
7.3.4
7.3.5
Software
Verification and
Validation
7.4
7.4.1
7.4.2
257698494.doc

Compliance
Requirement
Full
Partial None
Coordinate software safety tasks between
Acquirer and
system safety personnel and software
Provider SA Mgr
safety personnel
Communicate any safety risks to the
Acquirer and
appropriate safety organization
Provider SA Mgr
Conduct periodic reviews and/or audits for
Acquirer and
compliance with the defined software
Provider SA Mgr
safety process
Not a requirement
N/A
Assure that fault tolerance and redundancy
Acquirer and
have been specified, implemented
Provider SA Engr
correctly, and verified by testing.
Include in appropriate status reports,
Acquirer and
software reliability analyses, and
Provider SA Engr
measurements
Maintain the collection and classification
of defects found during/from software
Acquirer and
assurance and programmatic/project
Provider SA Engr
formal and informal reviews
Document, monitor, analyze, and track the
use of software quality metrics during each
Acquirer and
stage of development and across
Provider SA Engr
development and operational phases
Perform trend analyses on software quality
Acquirer and
metrics
Provider SA Engr
Not a requirement
N/A
Assure that software verification and
validation activities occur according to
Acquirer and
established plans, policies, procedures, and
Provider SA Engr
standards.
Participate in the formal and informal
Acquirer and
reviews.
Provider SA Engr
Page 9 of 11
Comments

Center/Program:__________________
Date:___________________
Matrix _____ of _________
Completed by: ________________________
Section
No.
7.4.3
7.4.4
7.4.5
7.4.6
Independent
Verification and
Validation
7.5
7.5.1
7.5.2
7.5.3
257698494.doc

Compliance
Requirement
Full
Partial None
Witness or review/audit results of software
Acquirer and
testing and demonstration.
Provider SA Engr
Collect and use defect data to analyze
Acquirer and
software quality metrics.
Provider SA Engr
Collect and maintain software quality
records showing the participation of
Acquirer and
software assurance staff in verification and
Provider SA Engr
validation efforts
Provide objective evidence to the project
Acquirer and
and NASA SMA of the softwares
Provider SA Mgr
readiness for operational release.
Not a requirement
N/A
All software projects that are identified as
safety-critical or software Class A by the
Software Assurance Classification
IV&V
Assessment shall be candidates for IV&V
with safety criticality as the highest
criterion.
IV&V work shall be performed by the
contractors selected and managed by the
IV&V
IV&V Facility.
When the IV&V function is required, the
Provider Mgmt
provider shall provide all required
information to NASA IV&V Facility
personnel. (This requirement includes
specifying on the contracts and
subcontracts, IV&Vs access to system and
software products and personnel.)
Page 10 of 11
Comments

Center/Program:__________________
Date:___________________
Matrix _____ of _________
Completed by: ________________________
Section
No.
7.5.4
7.5.5

Compliance
Requirement
Full
Partial None
The IV&V Facility shall initially conduct a
planning and scoping exercise to determine
the specific software components to be
IV&V
analyzed and the tasks to be performed.
The IV&V approach will be documented
in an IV&V plan.
The IV&V team shall provide input to the
appropriate software assurance personnel,
IV&V
as well as provide feedback to the project
manager as agreed in the IV&V Plan.
* Role/Responsibility Definitions:
Center SMA
Director
Center Safety and Mission Assurance Director
IV&V
IV&V Facility
Mgmt
Program/Project/Facility Management
SA Mgr
Software Assurance Manager
SWA Plan
Requirements for what is included in the Software Assurance Plan
SA Engr
Software Assurance Engineer assigned responsibility for Software
Assurance activity
257698494.doc
Page 11 of 11
Comments

Evaluaiton of Compliance Matrix

Diunggah oleh

Informasi Dokumen

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Evaluaiton of Compliance Matrix

Diunggah oleh

Hak Cipta:

Format Tersedia

NASA-STD-8739.

8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

Post RFP, PreAward

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

Prepare software assurance status reports

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

Software Quality Process Assurance

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

NASA-STD-8739.8 Requirements Compliance Matrix

Anda mungkin juga menyukai