2.2.1.3 If a project is selected for software Independent Verification and Validation (IV&V) by the NASA Chief, Safety and Mission Assurance, the NASA IV&V program shall develop an IV&V Project Execution Plan (IPEP). Note: The selection of projects and capabilities by the Chief, Safety and Mission Assurance, for IV&V is based on recommendations from the NASA IV&V Board of Advisors. The recommendations provided by the NASA IV&V Board of Advisors are the result of a multi-step process. First, the NASA Software Inventory, maintained by the Office of the Chief Engineer, is used to generate a candidate list of projects. The candidate project criteria include: a. Whether the project contains safety-critical software. Second, the IV&V program utilizes this list and associated Center-provided data, captured in the NASA Software Inventory, to initiate a portfolio based risk assessment (PBRA) for capabilities within the candidate projects. The PBRA process assesses the risk of capabilities which have software associated with them, based on factors including: a. Complexity of the software implementing the capability under assessment. The results of these assessments are prioritized, by capability, in order to provide recommendations for IV&V support on specific capabilities associated with specific projects. These recommendations are provided to the NASA IV&V Board of Advisors, which in turn provides its recommendations to the Chief, Safety and Mission Assurance. Note: The IV&V program determines and documents the services to be provided for projects selected for IV&V by the NASA Chief, Safety and Mission Assurance. IV&V support is funded and managed independent of the selected project. The IPEP is developed by the IV&V program and serves as the operational document that will be provided to the project receiving IV&V support. The IV&V program and the project will establish a mutual understanding of the NASA IV&V program's activities and IV&V project interfaces. Per the responsibilities defined in NPD 7120.4, NASA Engineering and Program/Project Management Policy 257, section 5.J.(5), projects ensure that software providers allow access to software and associated artifacts to enable implementation of IV&V. Additional information on the content of the IPEP is found in Chapter 5 [of NPR 7150.2]. Additional detail on the IV&V PBRA and IPEP may be found in the NASA IV&V Management System, located at: http://www.nasa.gov/centers/ivv/ims/home/index.html. Note from 5.1.8 IV&V Project Execution Plan (IPEP): The IPEP is divided into two major parts: The body of the document and the appendices. The body includes mission overview, IV&V goals and objectives, high-level description of the IV&V approach, associated milestones, activities and deliverables, resources, roles and responsibilities, and lines of communication to establish a formal mutual agreement, as necessary to execute the project. The appendices include information that will change over the course of the effort and include schedules, relevant IV&V PBRA results, IV&V Coverage Diagram Data, and an acronym list. Additional information on the IV&V PBRA and IPEP may be found in the NASA IV&V Management System, located at: http://www.nasa.gov/centers/ivv/ims/home/index.html. This requirement applies to all classes and safety criticalities selected for IV&V except as noted in the following table: Class A_SC A_NSC B_SC B_NSC C_SC C_NSC D_SC D_NSC E_SC E_NSC F G H Applicable? Key: A_SC = Class A Software, Safety-Critical | A_NSC = Class A Software, Not Safety-Critical | ... | - Applicable | - Not Applicable The IPEP provides a mechanism for the IV&V Program to coordinate with a project to identify and describe IV&V activities that apply. This helps IV&V fulfill its mission to the Agency. The IV&V Project Execution Plan (IPEP) Template 028 states that its purpose is two-fold. "First, it is to communicate IV&V interactions, interfaces, roles and responsibilities, technical products, and reporting methods with the Project. Second, the IPEP serves as the operational document for the IV&V efforts. The IPEP is prepared and maintained by the IV&V Project Manager (PM). The IV&V PM coordinates the creation and maintenance of this document with affected individuals and organizations (within the NASA IV&V Program as well as with the Project)." Because the IV&V Program is responsible for developing the IPEP, this guidance will address coordination efforts needed from projects chosen for IV&V to support the development and execution of the IPEP. Note that both an IPEP and a separate Memorandum of Understanding (MOU) may be established for project's receiving IV&V services, but only if the project requests the MOU. Note that the IPEP is reviewed when it is initially developed, not at any particular life cycle milestone review. The milestone review at which the IPEP may be reviewed depends on which milestone the mission is approaching when IV&V gets involved with the mission. Per the IV&V Program, IPEPs are reviewed every 6-months for applicability or when there are significant changes made on the mission (e.g., a milestone slips out several months) or there is a significant change to IV&V (e.g., an IV&V budget cut which forces IV&V to reduce their work on a mission). The responsibilities below and the means for carrying them out are documented as part of the IPEP (or other appropriate documents, in the case of contracted software efforts). Per NASA-STD-8739.8: 278 Per NASA-STD-8739.8, 271the Center S&MA organizations are assumed to carry out the following: NASA-GB-8719.13, NASA Software Safety Guidebook, 276 states that for contractor-developed software, "At a minimum, management, software development, and software assurance will need to work with the IV&V or IA (Independent Assessment) personnel, providing information, answers, and understanding of the software system and the development process. "Depending on the level of IV&V levied on the project, some independent tests may be performed. These may require some contractor resources to implement." The activities to be carried out by IV&V are coordinated with the appropriate stakeholders, including the project manager. The IV&V team captures the following types of information in the IV&V Plan: The IV&V team captures detailed fiscal year activity information in the appendices as activities, risks, schedules, and required resources may be subject to change each year based on project life cycle progress and other factors. The following actions, summarized from NASA-GB-8719.13 276 and other sources may be performed (this is not an all-inclusive list): Issues inherent in performing IV&V include the following for which projects and IV&V coordinate to minimize the impact to project success while assuring safety: The IV&V Program does not distinguish between "large" and "small" projects. All projects with mission- or safety-critical software and selected by the NASA Chief S&MA, based on recommendations from the IV&V IBA to have IV&V, are treated the same. The same process is used for developing an IPEP, regardless of project size, and IPEPs all have the same basic elements (objectives, schedules, interfaces, etc.). The actual content of each IPEP is, of course, different for each project. Tools to aid in compliance with this SWE, if any, may be found in the Tools Library in the NASA Engineering Network (NEN). NASA users find this in the Tools Library in the Software Processes Across NASA (SPAN) site of the Software Engineering Community in NEN. The list is informational only and does not represent an “approved tool list”, nor does it represent an endorsement of any particular tool. The purpose is to provide examples of tools being used across the Agency and to help projects and centers decide what tools to consider. The NASA Lessons Learned database contains the following lesson learned related to the IV&V plan: Independent Verification and Validation of Embedded Software (Use of IV&V Procedures). Lesson Number 723: "The use of Independent Verification and Validation (IV&V) processes ensures that computer software is developed in accordance with original specifications, that the software performs the functions satisfactorily in the operational mission environment for which it was designed, and that it does not perform unintended functions. Identification and correction of errors early in the development cycle are less costly than identification and correction of errors in later phases, and the quality and reliability of software are significantly improved." 518
See edit history of this section
Post feedback on this section
1. Requirements
1.1 Notes
b. The project's software classification(s) per this NPR.
c. The level of software effort on the project.
d. The project's NASA Category (e.g., Category 1, 2, or 3, as defined in NPR 7120.5D, NASA Space Flight Program and Project Management Requirements).
e. Whether the responsible Center recommends the project for IV&V.
b. Risk to safety and mission success associated with the capability under assessment.
c. Consequences of failure of the capability under assessment.
d. Time to criticality (i.e., the amount of time before the system or subsystem enters into a critical condition).1.2 Applicability Across Classes
X - Applicable with details, read above for more | P(C) - P(Center), follow center requirements or procedures2. Rationale
3. Guidance
Provider Responsibilities
IV&V Responsibilities
Execution Issues
4. Small Projects
5. Resources
5.1 Tools
6. Lessons Learned
SWE-131 - Independent Verification and Validation Project Execution Plan
Web Resources
View this section on the websiteUnknown macro: {page-info}
Per NASA-STD-8739.8, Software Assurance Standard, "IV&V, as a part of software assurance, plays a role in the overall NASA software risk mitigation strategy applied throughout the life cycle, to improve the safety and quality of software. IV&V, focusing on mission-critical software, provides additional reviews, analyses, and in-depth evaluations of life cycle products that have the highest risk. When applied to a particular software system, IV&V works independently from the program/project, but works in coordination with the other software assurance disciplines."