Summary ( class version by Jun Wu )
An Assessment of Space Shuttle Flight Software Development Processes
The space shuttle is one of the most complex engineering projects ever attempted
humans. It has a very sophisticated system to control the wide variety of aerodynamic
actuators and reaction
control system jets that are used to maintain the required
atmospheric and on
orbit flight profiles. This highly complicated, interconnected dig
control system could not work without the software that is loaded into the on
computers during the various phases of a shuttle mission.
In early 1991, the National Aeronautics and Space Administration's (NASA's)
Office of Space Fli
ght commissioned the Aeronautics and Space Engineering Board
(ASEB) of the National Research Council (NRC) to investigate the adequacy of the
current process by which NASA develops and verifies changes and updates to the Space
Shuttle flight software. The
Committee for Review of Oversight Mechanisms for Space
Shuttle Flight Software Processes (hereafter, the Committee) was convened in January
1992 to accomplish the following tasks :
Review the entire flight software development process from the initial
uirements definition phase to final implementation, including object code build
and final machine loading.
Review and critique NASA's independent verification and validation process and
mechanisms, including NASA's established software development and tes
Determine the acceptability and adequacy of the complete flight software
development process, including the embedded validation and verification
processes through comparison with (1) generally accepted industry practices, and
accepted Department of Defense and/or other government practices
(comparing NASA's program with organizations and projects having similar
volumes of software development, software maturity, complexity, criticality, lines
of code, and national standards).
Consider whether independent verification and validation should continue.
The main part of this report outline the committee’s findings, conclusions and
corresponding recommendations in below area:
NASA Guidelines and Standards. System
oftware V&V .The
Independence of IV&V. Software Safety Standards . Software Safety Procedures.
Safety Organizational Roles and Responsibilities .The Role of
Headquarters S&MQ and the Center SR&QA Offices . Documenting the Process. The
e of Headquarters S&MQ and the Center SR&QA Offices. Community
Responsibility . Policies, Guidelines, and Enforcement .
Final Thoughts And Future
After hearing presentations from the Shuttle Program Office and their various
d after reviewing the extensive documentation they provided, the
Committee concluded that: the current IV&V process is necessary to maintain NASA's
stringent safety and quality requirements for man
rated vehicles. Therefore, the
Committee does not support
NASA's plan to eliminate funding for the IV&V effort in
fiscal year 1993. The Committee believes that the Space Shuttle software development
process is not adequate without IV&V and that elimination of IV&V as currently
practiced will adversely affect the
overall quality and safety of the software, both now
and in the future.
ASA Guidelines and