Ensure that all software listed on the internal software sharing or reuse catalog(s) conforms to NASA software engineering policy and requirements.
- Has a completed NPR 7150.2 requirements mapping matrix signed by the Technical Authorities if needed?
- Has an implemented and completed the required requirements in NASA-STD-8739.8?
- Has an implemented and completed the required requirements in NPR 7150.2 requirements mapping matrix?
This requirement applies to all NASA centers and all software classifications.
All software in the internal software sharing or reuse catalog(s) must have a completed compliance matrix for NPR 7150.2 which includes the NASA Software Assurance and Software Safety requirements in NASA-STD-8739.8 .
NPR 7150.2 establishes a baseline set of requirements to reduce software engineering risks on NASA projects and programs. Appendix C, Requirements Mapping Matrix, defines the default applicability of the requirements based on software classification and safety criticality. Each project has unique circumstances, and tailoring can be employed to modify the requirements set appropriate for the software engineering effort. Each project documents the tailoring in a compliance matrix (see SWE-125), including Technical Authority approved waivers and deviations. The project also captures in the compliance matrix any associated risks, risk mitigations, and rationale for requirements for which the project has received complete relief by the appropriate Technical Authority.
Requests for software requirements relief (partial or complete relief) at either the Center or Headquarters Technical Authority level may be submitted by project managers in the streamlined form of a compliance matrix to the Technical Authority identified in Appendix C. As part of the relief process, project managers obtain the required signatures from the responsible organizations and designated Technical Authorities (engineering and safety and mission assurance [SMA]).
The Requirements Mapping Matrix in NPR 7150.2 uses an “X” to identify the requirements that are designated by the Agency to be applied for each software class. The identified requirements are required activities for the identified software classification and safety criticality. Within the compliance matrix in Appendix C, there are both project and institutional requirements. The project requirements are requirements levied on the project managers specific to handling the development of software projects. The institutional requirements focus on how NASA does business and is independent of any particular program or project. These requirements are levied on NASA Headquarters (including the Office of the Chief Engineer, Office of Safety Mission & Assurance, and Mission Directors) and Center organizations because they directly affect mission success, address risks, or may impact other NASA programs, projects, processes, or procedures.
Center Directors are responsible for institutional requirements (shown in Book B of this Handbook) and ensuring that projects fulfill project requirements identified in Appendix C of NPR 7150.2. The Center Director or designee regularly reviews the compliance matrix to make sure that projects remain in compliance with their approved requirements set.
Downloadable compliance matrices for each class of software are available for NASA users in the Document Repository within the Software Engineering Community of Practice on the NASA Engineering Network (NEN).
Additional guidance related to requirements compliance may be found in the following related requirements in this Handbook: