As software takes on a more prominent role in NASA technology and missions, ensuring Software Assurance is more critical now than ever.
“It’s a new challenge,” said Tim Crumbley. “It’s not an easy job to ensure that all Software Engineering and Assurance activities are being done. Software is a critical part of all NASA missions; there is more and more reliance on software functionality for successful missions. Our challenge is how can we make sure we’re doing everything we can do to have reliable, safe software on our NASA projects?”
In March, Crumbley stepped into a new role as the Office of Safety and Mission Assurance Software Assurance technical fellow. Crumbley is responsible for establishing the agency-level Software Assurance procedures, policies, training and requirements for NASA. Overall, Crumbley leads Software Assurance policy development and provides research program oversight, technical direction, and support for the agency and its partners.
Crumbley started his NASA career in Safety and Mission Assurance (SMA), then moved to the Software Engineering side where he worked for more than 30 years. In his previous role as Software Engineering deputy technical fellow, he established and maintained NASA Software Engineering and management policies and requirements.
With his new position and experience in Software Engineering, Crumbley hopes to improve the integration and communication between Software Assurance and Software Engineering communities and activities.
An Increase in Demand
Crumbley anticipates facing certain challenges in this new role, including what he sees as an agency problem of limited resources and increasingly complex software development projects. Some centers need help in the Software Assurance area to review and assess the software being produced by the projects at their center.
“We are producing exponentially more software on our projects than we’ve ever seen before in the agency, and we will develop more complex software as we go into the future,” said Crumbley. “The question we are looking at is how can we be more efficient and effective in handling our Software Assurance activities and responsibilities?”
A couple of additional challenges in the Software Assurance community are assuring that we have the right level of software requirements defined and taking advantage of existing tools to help NASA perform the Software Assurance activities.
Building a Foundation
Crumbley’s long-term goals are to improve the risk and issue reporting from Software Assurance; help the Software Assurance community add value for Software Assurance activities; help provide and identity standard tools and services for Software Assurance activities on projects; develop measurable Software Assurance process improvement; help improved data and metrics on Software Assurance activities; improve Software Assurance training and training requirements; and to develop more efficient and automated methods for Software Assurance activities. We need to work together to help develop clear software assurance requirements and procedures and ensure they are included in all agency SMA policies.
“I want to try to get back to directly linking Software Assurance activities to Software Engineering activities,” said Crumbley. “When we have Software Engineering requirements stating what we’re going to do, we need equivalent Software Assurance guidance.”
Once standards and procedures are updated, the Software Assurance community can start looking at how to provide services, tools, and capabilities to augment Software Assurance activities. Crumbley wants to use defect data and audit findings to help identify issues, problems, and risks and communicate them to center and agency leadership.
“If we have clear requirements, they will allow people to stand up and say, this is what the agency wants us to do and we’re not doing it,” said Crumbley. “By clarifying what we need to do for Software Assurance will go a long way in helping us to do things correctly.”
Having defined requirements and updated directions will also improve the way NASA works with commercial partners, according to Crumbley. It is crucial for the agency to stay in sync with industry standards and approaches in the Software Assurance arena so that we can work with our industry and commercial partners on projects. The Software Assurance requirements need to be based on industry standards and utilize proven NASA experience in software engineering and assurance.
Crumbley plans to visit the NASA centers during his first few months in his new role. He will meet with the software engineering and assurance communities and SMA leaders to learn about work being done and challenges faced at each center.
“Software engineering is a core capability and key enabling technology for NASA's missions and supporting infrastructure. We need to focus the Software Assurance activities as we go forward,” said Crumbley. “One of the goals is to bring the Agency's Software Assurance, software development, and management communities together to optimize resources and talents across Center boundaries. Also for Software Assurance to be able to effectively communicate any identified software issues and risks to the software engineering and project offices.”