Software Assurance
practitioners in the NASA community
Overview of Software Safety
Software has become a vital and integral part of most systems today. When a system can lead to injury, death, the destruction or loss of vital equipment, or damage to the environment, system safety, including software safety, is paramount. The discipline of software safety is the systematic approach to identifying, analyzing, and tracking software mitigation and control of hazards and hazardous functions (e.g., data and commands) to ensure safer software operation within a system. Project managers, systems engineers, software engineers, software assurance personnel, and system safety personnel all play a part in creating and ensuring a safe system.
- Does your System include Safety-Critical Software?
- Who is responsible for Software Safety?
- When do I need to get started?
- Software Safety Activity Matrix (coming soon!)
- Where can I learn more?
- Other Resource Documents
- NASA Software Safety overview brochure
- Training
Does your System include Safety-Critical Software?
Software must be evaluated for its contribution to the safety of the system during the concept phase and prior to the acquisition or planning of the software. Software is safety-critical if it meets at least one of the following criteria:
- Resides in a safety-critical system (as determined by a hazard analysis) AND at least one of the following:
- Causes or contributes to a hazard
- Provides control or mitigation for hazards
- Controls safety-critical functions
- Processes safety-critical commands or data
- Detects and reports, or takes corrective action, if the system reaches a specific hazardous state
- Mitigates damage if a hazard occurs
- Resides on the same system (processor) as safety-critical software
- Processes data or analyzes trends that lead directly to safety decisions (e.g., determining when to turn power off to wind tunnel to prevent system destruction)
- Provides full or partial verification or validation of safety-critical systems, including hardware or software subsystems
Who is responsible for Software Safety?
The discipline of Software Safety functions as part of the overall System Safety program and engages system safety personnel, systems engineers, software developers, software assurance personnel, and project management. A successful Software Safety program requires continuous coordination and open communication between all participants.
At NASA GSFC, the Office of Systems Safety and Mission Assurance (OSSMA) is responsible for System Safety (Code 302, Safety and Reliability) and Software Assurance (Code 303, Assurance Management Office). Systems engineering and software development is provided by multiple divisions within Code 400, Code 500, Code 600, Code 900, and their support contractors.
When do I need to get started?
A Software Safety program begins during the concept and formulation phase through a preliminary hazard analysis (PHA). For projects that are beyond the concept phase, the software still needs to be evaluated for its contribution to, or impairment of, the safety of the system.
To get started:
- A software safety manager is assigned to each project, program, or facility with the responsibility to develop and implement the software safety processes and plans
- One or more software safety personnel are assigned to participate in the overall system safety analysis
- One or more software assurance personnel are assigned to assure that software safety processes, product standards, and procedures are followed
- Software developers and systems engineers are engaged in the safety analyses and decision making
Software Safety Activity Matrix
Coming soon!
Where can I learn more?
The NASA Safety Manual, NPR 8753.3, specifies the methodology for determining whether a system is safety-critical. The NASA Software Safety Standard, NASA-STD-8719.13, defines whether the software is safety-critical and describes the activities necessary to ensure that safety is designed into the software. This standard also specifies the software safety requirements, activities, data, and documentation necessary for the acquisition or development of software in a safety-critical system.
NOTE: This standard is applicable to the following software when it is included in a safety-critical NASA system:
- software that resides in hardware (e.g., firmware)
- government furnished software
- purchased software (including commercial-off-the-self (COTS) software)*
- any reuse software
- * COTS also includes MOTS (modified off-the-shelf ) and GOTS (government off-the-shelf)
The NASA Software Safety Guidebook, NASA-GB-8719.13, is designed to help create a set of tailored activities and analyses that will meet the requirements of the Software Safety Standard, NASA-STD-8719.13. The guidebook concentrates on software acquisition and development and the associated tasks and analyses. While the NASA Software Safety Standard addresses the "who, what, when, and why", the NASA Software Safety Guidebook addresses the "how to".
Other Resource Documents
- NPD 8700.1A - NASA Policy for Safety and Mission Assurance
- NPD 2820.1 - NASA Software Policies
- NASA-STD-8739.8 - NASA Software Assurance Standard
- IEEE 1228 - Standard for Software Safety Plans
- IEEE 12207 - Standard for Information Technology: Software Life Cycle Processes
- DOD Joint Software system Safety Committee - Software System Safety Handbook
- Leveson, Nancy G., Safeware System Safety and Computers: A Guide to Preventing Accidents and Losses caused by Technology, Addison-Wesley Publishing Company, Inc., 1995.
- NASA Reports on Aerospace Accidents
NASA Software Safety overview brochure
Training
More information on Software Safety Training will be available soon.
