Script NASA Software Release System_2023-01

NASA Software Release Request System

Script NASA Software Release System_2023-01

OMB: 2700-0175

Document [docx]
Download: docx | pdf

Welcome to the NASA Software Release System.

The Software Release System (SRS) will allow Agency software developers to generate and submit software release documents such as the Software Release Request Authorization (SRRA) and the Compliance Matrix in an automated fashion. The SRS will allow Agency SRAs to then easily route these software release documents for review with the added ability to perform parallel routing, use of time based reminders, tracking, and reporting to effectively manage the software release processes at their centers.


Paperwork Reduction Act Statement: This information collection meets the requirements of 44 U.S.C. § 3507, as amended by section 2 of the Paperwork Reduction Act of 1995. You do not need to answer these questions unless we display a valid Office of Management and Budget control number. The OMB control number for this information collection is 2700-0153 and it expires on 9/30/2021. We estimate that it will take up to four (4) hours to read the instructions, gather the facts, answer the questions, and transmit. You may send comments on our time estimate above to: Peter Tran, Ames Research Center, Moffett Field, CA. 94035. Send only comments relating to our time estimate to this address, not the completed form.

Welcome to the NASA Software Release System.

The Software Release System (SRS) will allow Agency software developers to generate and submit software release documents such as the Software Release Request Authorization (SRRA) and the Compliance Matrix in an automated fashion. The SRS will allow Agency SRAs to then easily route these software release documents for review with the added ability to perform parallel routing, use of time based reminders, tracking, and reporting to effectively manage the software release processes at their centers.

Submit New Release Request

Learn about SRS

Go to Request Dashboard


NEW TECHNOLOGY REPORT (NTR) LIST

Below is a list of the new technology reports on which you have been listed as an innovator. Please select from the list the case number for which you would like to prepare a software release request. If you do not see your software listed, this means an NTR has not yet been accepted for your software. An NTR must be accepted before you can proceed with a software release request. To submit an NTR, please visit: https://invention.nasa.gov/



Software Release Package for

Submission of a new software release request requires the preparation of three documents. These documents are a Software Release Request Authorization (SRRA) Form, an NPR 7150.2B Compliance Matrix, and a Section 508 Compliance Checklist. You may prepare these documents in any order by clicking on the button below corresponding with the document you would like to prepare. All three documents must be completed in their entirety before your request can be submitted for review.


REQUEST AUTH FORM

UNFILED

NPR 7150.2B COMPLIANCE

UNFILED

SECTION 508 COMPLIANCE

UNFILED



SRRA Form

The SRRA Form will be presented to you as a series of questions for which you will provide the appropriate answers. You may also need to attach documents when answering some questions. When you are ready to begin preparation of the SRRA Form, click on the Begin SRRA Form Preparation button below.


Begin SRRA Form Preparation

Top of Form


Full Name Of Requestor:

Technology Case Number:


Version Number:


Version Date:


Bottom of Form

Top of Form

Software Title and Abbreviation:


Next Section

NOTE: The software title and description shown below may be used in the NASA Software Catalog as marketing language to describe your software to prospective catalog customers. If the title and description as shown do not adequately or clearly describe your software product, please modify them as needed to provide a clear, succinct title and description that will be understood by all catalog customers.


The NASA Software Catalog, https://software.nasa.gov/ , is an online inventory of NASA’s software which is available for use by industry, academia, other government agencies and/or the general public. Access to the software is determined by the release type restrictions (i.e. U.S. Government Only, U.S. Release, etc.)

Please indicate whether this software code should be listed in the NASA Software Catalog:

Yes

No


Software Marketing Title:


Software Catalog Marketing Description


Software Catalog Category:

Dropdown:

Aeronautics

Autonomous Systems

Business Systems and Project Management

Crew and Life Support

Data Servers Processing and Handling

Data and Image Processing

Design and Integration Tools

Electronics and Electrical Power

Environmental Science (Earth, Air, Space, Exoplanet)

Materials and Processes

Operations

Propulsion

Structures and Mechanisms

System Testing

Vehicle Management (Space/Air/Ground)

Top of Form

Brief Description of Software:


What Type of Code Will Be Released?

Executable

Source

Source & Executable


What Operating System (O/S) Does Your Software Use?

Apple

iOS

Android

Microsoft

Windows

Linux

OSX

Other


Will A User Manual Be Released With Your Software?

Yes

No


Will Other Data Items Be Transferred With the Code:

Yes

No


Type of Release Requested:

License (Copyright and/or Patent) (NOTE: Not Considered a Type of Release But Review Required Per NPR 2210 Section 3.3)
Limited General U.S. Release (Limited to a Funded SAA Partner Where Not Government Purpose)
Government Purpose Only Release
U.S. Release (Recipient Must Be U.S. Person Or Company)
U.S. and Foreign Release (All U.S. Persons And Allowed Foreign Nationals)
Public Release
Open Source Release (No Release Restrictions)


How Do You Plan to Distribute Your Software?

Bottom of Form



Are There Any Programmatic Restrictions On Release of Your Software?

Yes

No


What Is The Classification And Safety Critical Designation Of The Software?

NOTE: Refer to NPR 7150.2B, Appendix D and NASA-STD-8739.8, Appendix A for an explanation of the classifications and safety critical designations for software.

Class A - Non-Safety Critical
Class A - Safety Critical
Class B - Non-Safety Critical
Class B - Safety Critical
Class C - Non-Safety Critical
Class C - Safety Critical
Class D - Non-Safety Critical
Class D - Safety Critical
Class E - Non-Safety Critical
Class E - Safety Critical
Class F
Class G
Class H


Does the Software Comply With the Software Engineering and Assurance Requirements of NPR 7150.2B and NASA-STD-8739.8, Software Assurance Standard, for the Applicable Software Classification?

NOTE: Questions concerning applicability of requirements should be directed to the local designated Software Engineering Technical Authority (for NPR 7150.2B) or Software Assurance Technical Authority (for NASA-STD-8739.8).

Yes

No


Is the Software Safety-Critical as Defined In NASA-STD-8739.8?

Yes

No


OPTIONAL: What Is the Software’s Technology Readiness Level (TRL) as Defined in NPR 7120.8, NASA Research and Technology Program and Project Management Requirements?

Dropdown: TRL-1, TRL-2, TRL-3, TRL-4, TRL-5, TRL-6, TRL-7, TRL-8, TRL-9

Is the Software Section 508 Compliant?

Yes

No


Does Your Software Include Any Embedded Computer Databases?

Yes

No


When Transferring Your Software, Will Your Software Include Other NASA or Government Software?

Yes

No


When Transferring Your Software, Will Your Software Include Any Third Party Software?

Yes

No


Does Your Software "Call" (used when run, but not included in a release) Any Open Source Software or Libraries?

Yes

No


Does Your Software "Call" (used when run, but not included in a release) Any Proprietary/Commercial Software or Libraries?

Yes

No


Are There Any Known Export Restrictions That Apply to the Software?

Yes

No


Was Software Development Funded By the Military?

Yes

No


Does Your Software Contain Embedded Firewall Information or Require Ports to be Opened in the Firewall for Proper Operation?

Yes

No


Does Your Software Contain Embedded Credentials (e.g., Username/Password, Certificates, Encryption Keys)?

Yes

No


Does Your Software Analyze Network Traffic?

Yes

No


Does Your Software Use or Include Encryption?

Yes

No


Has the Software Application Data Owner Been Consulted to Ensure that Your Software Documentation, Embedded Files, Code, or Other Artifacts Do Not Contain Residual SBU Data?

Yes

No


Has the Software Been Screened to Determine if Your Software Documentation, Embedded Files, Code, or Other Artifacts Contain Any Personally Identifiable Information (PII)?

NOTE: If you have questions, please consult your Center Privacy Manager for assistance.
A Frequently Asked Questions (FAQ) Document Addressing NASA PII Can Be Found at:
http://insidenasa.nasa.gov/ocio/information/info_privacy/pii_faq.html

Yes

No


Is the Software Command and Control (C&C)?

NOTE: Endorsement for release of C&C software is required by NPR 2210.1C, Section 2.6.3.

Yes

No

GUIDANCE: The Technical POC is the technical person, who can be either a contractor or NASA employee.

Email Address:


First Name:


Last Name:


Company Name:


Address 1:


Address 2:


City:


State:


Zip:


Mail Code:


Organization Code:


Phone:

GUIDANCE: The Technical POC is the technical person, who can be either a contractor or NASA employee.

Email Address:


First Name:


Last Name:


Company Name:


Address 1:


Address 2:


City:


State:


Zip:


Mail Code:


Organization Code:


Phone:


Bottom of Form


GUIDANCE: The Project/Program Office person is the NASA Civil Servant lead for the project/program under which the software was developed. If the software isn’t specific to a project or program, this person would be the NASA manager for the organization responsible for creation of the software.

Email Address:


First Name:


Last Name:


Company Name:


Address 1:


Address 2:


City:


State:


Zip:


Mail Code:


Organization Code:


Phone:


Attachments


Attach Files



7150.2B COMPLIANCE

If you have already completed the Software Release Request Authorization (SRRA) form in this system, please follow the prompts provided in this section to complete the compliance matrix for your software. The system will already know the classification of your software based on your input in the SRRA section, and will be providing you with the appropriate sections to complete for that software classification.

If you are preparing your compliance matrix prior to completion of the Software Release Request Authorization (*SRRA) form, please refer to NPR 7150.2C and NASA-STD-8739.8 to determine the classification and safety criticality of your software. Once you have determined the appropriate classification, select the classification from the dropdown list below to begin completion of the compliance matrix.

Questions concerning applicability of requirements should be directed to the local designated Software Engineering Technical Authority (for NPR 7150.2C) or Software Assurance Technical Authority (for NASA-STD-8739.8).


The rationale for the requirements is contained in the NASA-HDBK-2203. Programs/Projects may substitute a matrix that documents their mapping with their particular Center's implementation of NPR 7150.2, if applicable. See NASA-HDBK-2203 for requirements mapping matrices organized by class, tailoring field for each requirement, tailoring rationale, and approval signature lines.
The Compliance Matrix documents the program/project's mappings or intent to comply with the requirements of this NPR or justification for tailoring. The matrix lists:

  1. The section reference.

  2. The unique requirement identifier.

  3. The NPR 7150.2 requirement statement.

  4. The Authority Level responsible for assessing a project’s requirements mapping matrices and any requested tailoring from requirements in this NPR. The CIO, or the designee, has institutional authority on all Class F software projects and has joint responsibility on the cybersecurity requirements in section 3.11.

  5. The applicability of the requirements in this NPR to specific systems and subsystems within the Agency’s investment areas, programs, and projects is determined through the use of the NASA-wide definition of software classes.


Top of Form


Section 3.1.2 The project manager shall develop, maintain, and execute software plans that cover the entire software life cycle and, as a minimum, address the requirements of this directive with approved tailoring.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.1.3 The project manager shall track the actual results and performance of software activities against the software plans.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.2.1 The project manager shall establish, document, and maintain two cost estimates and associated cost parameters for all software Class A and B projects that have an estimated project cost of $2 million or more or one software cost estimate and associated cost parameter(s) for other software projects.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.2.2 The project manager‘s software cost estimate(s) shall satisfy the following conditions: a. Covers the entire software life cycle. b. Is based on selected project attributes (e.g., assessment of the size, functionality, complexity, criticality, reuse code, modified code, and risk of the software processes and products). c. Is based on the cost implications of the technology to be used and the required maturation of that technology. d. Incorporates risk and uncertainty. e. Includes the cost for software assurance support. f. Includes other direct costs.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.3.1 The project manager shall document and maintain a software schedule that satisfies the following conditions: a. Coordinates with the overall project schedule. b. Documents the interactions of milestones and deliverables between software, hardware, operations, and the rest of the system. c. Reflects the critical path for the software development activities. d. Adhere to the guidance provided in NASA/SP-2010-3403, NASA Scheduling Management Handbook.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.3.2 The project manager shall regularly hold reviews of software activities, status, and results with the project stakeholders and track issues to resolution.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.3.3 The project manager shall select and document a software development life cycle or model that includes phase transition criteria for each life cycle phase.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable



Section 3.4.1 The project manager shall plan, track, and ensure project specific software training for project personnel.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.5.1 The project manager shall classify each system and subsystem containing software in accordance with the highest applicable software classification definitions for Classes A, B, C, D, E, F, G, and H software in Appendix D.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.5.2 The project’s software assurance manager shall perform an independent classification assessment.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.5.3 The project manager, in conjunction with the Safety and Mission Assurance organization, shall determine the software safety criticality in accordance with NASA-STD-8719.13.
Technical Authority: Center Level
Responsibility: Project and Center S&MA

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.5.4 If a system or subsystem evolves to a higher or lower software classification as defined in Appendix D, or there is a change in the safety criticality of the software, then the project manager shall update their plan to fulfill the applicable requirements per the Requirements Mapping and Compliance Matrix in Appendix C and any approved tailoring.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.5.5 If a software component is determine to be safety critical software then software component classification shall be Software Class D or higher.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.6.1 The project manager shall plan and implement software assurance per NASA-STD-8739.8.
Technical Authority: Center Level
Responsibility: Project and Center S&MA (Note 3)

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.6.3 If software IV&V is performed on a project, project manager shall ensure that an IV&V Project Execution Plan (IPEP) is developed.
Technical Authority: Center Level
Responsibility: Project and Center S&MA

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.7.1 When a project is determined to have safety-critical software, the project manager shall implement the requirements of NASA-STD-8719.13.
Technical Authority: Center Level
Responsibility: Project and Center S&MA (Note 3)

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.7.2 j. Safety-critical software responds to an off nominal condition within the time needed to prevent a hazardous event. k. Software provides error handling of safety-critical functions. l. Safety-critical software has the capability to place the system into a safe state. m. Safety-critical elements (requirements, design elements, code components, and interfaces) are uniquely identified as safety-critical. n. Requirements are incorporated in the coding methods, standards, and/or criteria to clearly identify safety-critical code and data within source code comments.
Technical Authority: Center Level
Responsibility: Project and Center S&MA

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.8.1 The project manager shall define the approach to the automatic generation of software source code including: a. Validation and verification of auto-generation tools. b. Configuration management of the auto-generation tools and associated data. c. Identification of the allowable scope for the use of auto-generated software. d. Verification and validation of auto-generated source code. e. Monitoring the actual use of auto-generated source code compared to the planned use. f. Policies and procedures for making manual changes to auto-generated source code. g. Configuration management of the input to the auto-generation tool, the output of the auto-generation tool, and modifications made to the output of the auto-generation tools.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.9.2 The project manager shall satisfy the following conditions when a COTS, GOTS, MOTS, or reused software component is acquired or used: a. The requirements to be met by the software component are identified. b. The software component includes documentation to fulfill its intended purpose (e.g., usage instructions). c. Proprietary rights, usage rights, ownership, warranty, licensing rights, and transfer rights have been addressed. d. Future support for the software product is planned and adequate for project needs. e. The software component is verified and validated to the same level required to accept a similar developed software component for its intended use. f. The project has a plan to perform periodic assessments of vendor reported defects to ensure the defects do not impact the selected software components.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.10.2 The project manager shall plan software verification activities, methods, environments, and criteria for the project.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.10.3 The project manager shall plan the software validation activities, methods, environments, and criteria for the project.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.10.4 The project manager shall record, address, and track to closure the results of software verification activities.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.10.5 The project manager shall record, address, and track to closure the results of software validation activities.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.11.3 The project manager shall acquire, develop, and maintain software from an organization with a non-expired Capability Maturity Model® Integration for Development (CMMI-DEV) rating as measured by a CMMI Institute authorized or certified lead appraiser as follows: a. For Class A software: CMMI-DEV Maturity Level 3 Rating or higher for software, or CMMI-DEV Capability Level 3 Rating or higher in all CMMI-DEV Maturity Level 2 and 3 process areas for software. b. For Class B software on NASA payloads with risk classifications A, B, and C, as defined in NPR 8705.4: CMMI-DEV Maturity Level 2 Rating or higher for software, or CMMI-DEV Capability Level 2 Rating or higher for software in the following process areas: (1) Requirements Management. (2) Configuration Management. (3) Process and Product Quality Assurance. (4) Measurement and Analysis. (5) Project Planning. (6) Project Monitoring and Control. (7) Supplier Agreement Management (if applicable).
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.12.2 The project manager shall assess options for software acquisition versus development.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.12.3 The project manager shall define and document the acceptance criteria and conditions for the software.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.12.4 The project manager shall establish a procedure for software supplier selection, including proposal evaluation criteria.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.12.5 The project manager shall determine which software processes, software documents, electronic products, software activities, and tasks are required for the project and software suppliers.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.12.6 The project manager shall define the milestones at which the software supplier(s) progress will be reviewed and audited as a part of the acquisition activities.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.12.7 The project manager shall document software acquisition planning decisions.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.12.8 The project manager shall require the software supplier(s) to provide insight into software development and test activities; at a minimum, the software supplier(s) will be required to allow the project manager or designate to: a. Monitor product integration. b. Review the verification activities to ensure adequacy. c. Review trades studies and source data. d. Audit the software development process. e. Participate in software reviews and systems and software technical interchange meetings.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.12.9 The project manager shall require the software supplier(s) to provide NASA with software products and software process tracking information, in electronic format, including software development and management metrics.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.12.10 The project manager shall require the software supplier(s) to provide NASA with electronic access to the source code developed for the project in a modifiable format, including MOTS software and non-flight software (e.g., ground test software, simulations, ground analysis software, ground control software, science data processing software, and hardware manufacturing software).
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.13.1 The project manager shall require the software supplier to track software changes and non-conformances and provide the data for the project's review.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.13.2 The project manager shall participate in any joint NASA/supplier audits of the software development process and software configuration management process.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.13.3 The project manager shall require the software supplier(s) to provide a software schedule for the project's review and schedule updates as requested.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.13.4 The project manager shall require the software supplier(s) to make electronically available the software traceability data for the project's review.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.14.2 The project manager shall specify reusability requirements that apply to its software development activities to enable future reuse of the software, including models used to generate the software.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.14.3 The project manager shall evaluate software for potential reuse by other projects across the Agency and contribute reuse candidates to the Agency Software Catalog.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.15.2 The project manager shall ensure that when an open source software component is acquired or used, the following conditions are satisfied: a. The requirements that are to be met by the software component are identified. b. The software component includes documentation to fulfill its intended purpose (e.g., usage instructions). c. Proprietary, usage, ownership, warranty, licensing rights, and transfer rights have been addressed. d. Future support for the software product is planned and adequate for project needs. e. The software component is verified and validated to the same level required to accept a similar developed software component for its intended use.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.15.3 The project manager shall require the software supplier(s) to notify the project, in the response to the solicitation, as to whether or not open source software will be included in code developed for the project.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.16.2 The project manager shall ensure that mission and safety critical software systems are identified and security risk mitigations are planned for these systems in the Project Protection Plan.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.16.3 The project manager shall implement the identified software security risk mitigations addressed in the Project Protection Plan.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.16.4 The project manager shall ensure and document that all systems including software are evaluated for security risks, including risks posed by the use of COTS, GOTS, MOTS, Open Source, and reused software.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.16.5 The project manager shall ensure that software systems with space communications capabilities are protected against un-authorized access.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.16.6 The project manager shall ensure that the software systems are assessed for possible security vulnerabilities and weaknesses.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 3.16.7 The project manager shall verify and validate the required software security risk mitigations to ensure that security objectives identified in the Project Protection Plan for software are satisfied in their implementation.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable

Top of Form

Bottom of Form


Section 4.1.2.1 The project manager shall establish, capture, record, approve, and maintain software requirements, including the software quality requirements, as part of the technical specification.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.1.2.2 The project manager shall perform software requirements analysis based on flowed-down and derived requirements from the top-level systems engineering requirements and the hardware specifications and design.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.1.2.3 The project manager shall perform, record, and maintain bidirectional traceability between the software requirement and the higher-level requirement.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.1.3.1 The project manager shall track and manage changes to the software requirements.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.1.3.2 The project manager shall identify, initiate corrective actions, and track until closure inconsistencies among requirements, project plans, and software products.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.1.3.3 The project manager shall perform requirements validation to ensure that the software will perform as intended in the customer environment.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.2.3 The project manager shall develop and record the software architecture.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.3.2 The project manager shall develop, record, and maintain the software design.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.3.3 The project manager shall develop, record, and maintain a design based on the software architectural design that describes the lower-level units so that they can be coded, compiled, and tested.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.3.4 The project manager shall perform, record, and maintain bidirectional traceability between the following: a. Software requirements and software architecture. b. Software architecture and software design. c. Software requirements and software design.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.4.2 The project manager shall implement the software design into software code.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.4.3 The project manager shall select, adhere to, and verify software coding methods, standards, and/or criteria.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.4.4 The project manager shall verify the software code by using the results from static analysis tool(s).
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.4.5 The project manager shall unit test the software code per the plans for software testing.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.4.6 The project manager shall provide a software version description for each software release.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.4.7 The project manager shall perform, record, and maintain bidirectional traceability from software design to the software code.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.4.8 The project manager shall validate and accredit software tool(s) required to develop or maintain software.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.5.2 The project manager shall establish and maintain: a. Software test plan(s). b. Software test procedure(s). c. Software test report(s).
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.5.3 The project manager shall perform software testing.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.5.4 The project manager shall verify the requirement to the implementation of each software requirement.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.5.5 The project manager shall evaluate test results and record the evaluation.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.5.6 The project manager shall record defects identified during testing and track to closure.

Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.5.7 The project manager shall use validated and accredited software models, simulations, and analysis tools required to perform qualification of flight software or flight equipment.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.5.8 The project manager shall update software test plan(s) and software test procedure(s) to be consistent with software requirements.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.5.9 The project manager shall provide and maintain bidirectional traceability from the software test procedures to the software requirements.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.5.10 The project manager shall validate the software system on the targeted platform or high-fidelity simulation.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.6.2 The project manager shall plan and implement software operations, maintenance, and retirement activities.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 4.6.3 The project manager shall complete and deliver the software product to the customer with appropriate records, including as-built records, to support the operations and maintenance phase of the software’s life cycle.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.1.2 The project manager shall develop a software configuration management plan that describes the functions, responsibilities, and authority for the implementation of software configuration management for the project.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.1.3 The project manager shall track and evaluate changes to software products.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.1.4 The project manager shall identify the software configuration items (e.g., software records, code, data, tools, models, scripts) and their versions to be controlled for the project.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.1.5 The project manager shall establish and implement procedures to: a. Designate the levels of control through which each identified software configuration item is required to pass. b. Identify the persons or groups with authority to authorize changes. c. Identify the persons or groups to make changes at each level.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.1.6 The project manager shall prepare and maintain records of the configuration status of software configuration items.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.1.7 The project manager shall perform software configuration audits to determine the correct version of the software configuration items and verify that they conform to the records that define them.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.1.8 The project manager shall establish and implement procedures for the storage, handling, delivery, release, and maintenance of deliverable software products.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.2.2 The project manager shall identify, analyze, plan, track, control, communicate, and record software risks and mitigation plans in accordance with NPR 8000.4.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.3.2 The project manager shall perform and report the results of software peer reviews or software inspections for: a. Software requirements. b. Software plans. c. Any design items that the project identified for software peer review or software inspections according to the software development plans. d. Software code as defined in the software and or project plans. e. Software test procedures.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.3.3 The project manager shall, for each planned software peer review or software inspection: a. Use a checklist or formal reading technique (e.g., perspective based reading) to evaluate the work products. b. Use established readiness and completion criteria. c. Track actions identified in the reviews until they are resolved. d. Identify required participants.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.3.4 The project manager shall, for each planned software peer review or software inspection, record basic measurements.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.4.2 The project manager shall establish, record, maintain, report, and utilize software management and technical measurements.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.4.3 The project manager shall analyze software measurement data collected using documented project-specified and/or Center/organizational analysis procedures.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


Section 5.4.4 The project manager shall provide access to the software measurement data, measurement analyses and software development status as requested to the sponsoring Mission Directorate, the NASA Chief Engineer, Center and Headquarters SMA, and Center repositories.
Technical Authority: Center Level
Responsibility: Project

Dropdown:

Fully Compliant

Tailored

Not Applicable


SECTION 508 COMPLIANCE

For the complete guide to the Section 508 standards, please visit the United States Access Board website:

https://www.access-board.gov/guidelines-and-standards/communications-and-it/about-the-ict-refresh/final-rule/text-of-the-standards-and-guidelines#E207-software

Top of Form

Does your software have a human user interface?

Yes

No



1.1.1 Non-text Content (Level A)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.2.1 Audio-only and Video-only (Prerecorded) (Level A)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.2.2 Captions (Prerecorded) (Level A)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.2.3 Audio Description or Media Alternative (Prerecorded) (Level A)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.3.1 Info and Relationships (Level A)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.3.2 Meaningful Sequence (Level A)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.3.3 Sensory Characteristics (Level A)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.4.1 Use of Color (Level A)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.4.2 Audio Control (Level A)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.2.4 Captions (Live) (Level AA)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.2.5 Audio Description (Prerecorded) (Level AA)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.4.3 Contrast (Minimum) (Level AA )


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.4.4 Resize text (Level AA)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:


1.4.5 Images of Text (Level AA)


Conformance Level (dropdown):


Supports

Partially Supports

Does Not Support

Not Applicable


Remarks and Explanation:

File Typeapplication/vnd.openxmlformats-officedocument.wordprocessingml.document
AuthorHeinrich, Judith E. (ARC-TI)[SGT, INC]
File Modified0000-00-00
File Created2023-08-31

© 2024 OMB.report | Privacy Policy