SARP Supports Software Assurance Research Projects

SARP Supports Software Assurance Research Projects

3-minute read

NASA’s Software Assurance Research Program (SARP) supports research initiatives to benefit Software Assurance (SA) processes across the agency. This year, SARP is supporting six initiatives, including multi-year studies that are continuing from last year.

The JIRA-based Hazard Tracking Tool is one of the multi-year studies that were selected in 2014. It is a web-based hazard tracking system that is being developed by the Fraunhofer Center for Experimental Software Engineering. The system will support, streamline and standardize hazard analysis processes. A beta version of the system was rolled out to NASA’s Jet Propulsion Laboratory (JPL) at the end of March, and the system is expected to be released to the SA community by the end of the year.

“The goal is to help people store their hazard analysis information in a consistent way,” said Research Scientist Lucas Layman, who developed the tool. “When you do hazard analysis it’s a lot of pen and paperwork…and it’s not standardized across the agency.”

The JIRA-based Hazard Tracking Tool allows users to enter their data in a consistent format and store the information online. It also manages hazard relationships for the user, which can be extremely difficult to do by hand.

“The tool manages the tree relationship for you. Multiple causes may have the same control — it’s not so much a tree as a bush. If you delete something, relationships can get messy,” said Layman.

Removing a cause may cause a ripple effect in the hazard analysis. Traditionally, users had to constantly keep things updated anytime there was a change. When multiple users are involved, this could be even more complicated. The JIRA-based Hazard Tracking Tool helps to mitigate those complications.

When a user makes a change in the system, he or she receives a notification that other users will be affected by the change, and those users receive a notification of the change. The tool also auto-generates documentation of the hazard analysis.

Like many of the other SARP initiatives, the JIRA-based Tracking Tool started as a need identified by the SA community.

SARP’s Agency-Wide Selection Approach

SARP is unique because of its agency-wide perspective on research. The program has a broad scope that builds off of the research already being done, which is cost-effective and helps unify SA practices across the agency.

SARP requests research topics from the NASA SA community that would benefit the entire agency.

“We poll the Software Assurance community on what topics they would like to see that would be most valuable to them,” said Safety and Mission Assurance Support Office Lead Ken Rehm.

From there, SARP narrows the list down to around eight or ten topics and releases them for proposal solicitation. The proposals are peer-reviewed to ensure that the selections are meeting the SA community and working group needs. Of the many proposals — which come from a variety of sources including universities, contractors and civil servants working in the field — a few are selected for funding.

“I think that’s very unique and extremely important that all the different center SA folks get together and decide on what research they’re going to do, said Rehm. “We all review the research that’s being done and all use the outputs of the research being done, which is a huge advantage. It is deliberate, it is planned, and we do spend money on it. It is indeed giving us advantages across the agency and across all the projects we look at.”

“We want to make sure we’re not just doing research for research’s sake, and that we’re creating practical tools for our community with the research,” said SA Program Manager Martha Wetherholt.