Software systems have become increasingly
critical sources of risks in the missions and systems
built by NASA. Software Assurance (SA) is “the
planned and systematic set of activities that ensures
that software life cycle processes and products conform to requirements, standards, and procedures.”
[2] It is also defined as “the level of confidence that
software is free from vulnerabilities, either
intentionally designed into the software or accidentally
inserted at anytime during its lifecycle, and that the
software functions in the intended manner.” [3]
Systems and Software Assurance is an umbrella risk
identification and mitigation strategy for mission,
reliability and safety assurance of software systems.
The purpose of full life cycle assurance activities is to
identify and reduce risks arising from quality
uncertainty. For example, “Are the identified risks
sufficiently comprehensive? Has anything important
been forgotten? How frequently has the same mistake
been made in the past? What have been the
consequences of such mistakes?” Assurance is
typically performed by assurance professionals within
a Software Quality Assurance (SQA) engagement,
while conducting verification and validation (V&V) of
systems and software artifacts, or within an
independent V&V (IV&V) assessment. The Software
Quality Assurance (SQA) group at NASA’s Jet
Propulsion Laboratory (JPL) is one of many
organizations developing or assuring large missionand/
or safety-critical systems.