NASA Procedural Requirements

NPR 7150.2D Effective Date: March 08, 2022 Expiration Date: March 08, 2027

Subject: NASA Software Engineering Requirements

Responsible Office: Office of the Chief Engineer

Appendix E. References

a. CMMI® Development V2.0 model, see https://cmmiinstitute.com/.

b. CMU/SEI-2010-TR-033 CMMI® for Development, Version 1.3 Software Engineering Institute, Carnegie Mellon University, 2010. See https://cmmiinstitute.com/.

c. DO-178C, Software Considerations in Airborne Systems and Equipment Certification.

d. FAR 52.212-4, Contract Terms and Conditions - Commercial Items.

e. FAR 2005-014, Federal Acquisition Regulation; Smart BUY Pages 61603 – 61605.

f. Federal Information Security Modernization Act of 2014 (FISMA), 44 U.S.C. § 3551, et seq.

g. Federal Information Technology Acquisition Reform Act (FITARA).

h. Government-Wide, US Government Accountability Office, GAO-14-413.

i. IEEE 828-2012, IEEE Standard for Configuration Management in Systems and Software Engineering.

j. IEEE 1012, IEEE Standard for Software Verification and Validation, https://standards.nasa.gov/.

k. IEEE 1028, IEEE Standard for Software Reviews and Audits, https://standards.nasa.gov/.

l. ISO 5806, Information processing -- Specification of single-hit decision tables.

m. ISO/IEC 2382-20, Information technology–Vocabulary–Part 20: System development, 20.05.05.

n. ISO/IEC 19770-1:2017, Information technology – IT asset management – Part 1: IT asset management systems—Requirements.

o. ISO/IEC 19770-5:2015, Information technology.

p. ISO/IEC 26514:2008, Systems and software engineering–requirements for designers and developers of user documentation.

q. ISO/IEC/IEEE 15026-1:2019, Systems and software engineering—Systems and software assurance—Part 1: Concepts and vocabulary.

r. ISO/IEC/IEEE 24765, Systems and software engineering – Vocabulary.

s. ISO/IEC/IEEE 26513:2017, Systems and software engineering–requirements for testers and reviewers of information for users.

t. ISO/IEC/IEEE 29119-4:2015, Software and systems engineering -- Software testing -- Part 4: Test techniques.

u. ISO/IEC 15939, Systems and Software Engineering—Measurement Process.

v. ISO/IEC 19770, International Standards for Software Asset Management Processes.

w. ISO/IEC 24765, Systems and Software Engineering – Vocabulary.

x. NASA-STD-3001, Volumes I-II, Space Flight Human System Standard.

y. NASA-STD-7009, Standard for Models and Simulations, https://standards.nasa.gov/.

z. NASA-STD-8739.9, Software Formal Inspection Standard, https://standards.nasa.gov/.

aa. NASA FAR Supplement 1852.227-86, Commercial Computer Software License in software agreements.

bb. NASA Guidelines for Use of IT Contracts for Supporting End User Services (Update to MFR#137 and MFR#7).

cc. NASA IV&V Management System, https://www.nasa.gov/centers/ivv/ims/home/index.html.

dd. NASA Software Engineering Website, https://nen.nasa.gov/web/software.

ee. NASA Software Process Across NASA (SPAN) Website, https://nen.nasa.gov/web/software/wiki.

ff. NASA/SP-2010-3403, NASA Scheduling Management Handbook.

gg. NASA-HDBK-4008, Programmable Logic Devices (PLD) Handbook, https://standards.nasa.gov/.

hh. NASA-HDBK-7009, NASA Handbook for Models and Simulations: An Implementation Guide for NASA-STD-7009, https://standards.nasa.gov/.

ii. NFS 1813.301-79, Supporting Federal Policies, Regulations, and NASA Procedural Requirements.

jj. NFS 1852.237-72, Access to Sensitive Information.

kk. NFS 1852.237-73 Release of Sensitive Information.

ll. NIST 800-146, Cloud Computing Synopsis and Recommendations.

mm. NIST 800-37, Risk Management Framework.

nn. NIST 800-53, Security and Privacy Controls for Federal Information Systems and Organizations.

oo. NPD 1200.1, NASA Internal Control.

pp. NPD 2540.1, Personal Use of Government Office Equipment Including Information Technology, https://nodis3.gsfc.nasa.gov/.

qq. NPD 2810.1, NASA Information Security Policy.

rr. NPR 2190.1, NASA Export Control Program, https://nodis3.gsfc.nasa.gov/.

ss. NPR 2210.1, Release of NASA Software, https://nodis3.gsfc.nasa.gov/.

tt. NPR 2830.1, NASA Enterprise Architecture Procedures, https://nodis3.gsfc.nasa.gov/.

uu. NPR 2841.1, Identity, Credential, and Access Management, https://nodis3.gsfc.nasa.gov/.

vv. NPR 7120.7, NASA Information Technology Program and Project Management Requirements.

ww. NPR 7120.10, Technical Standards for NASA Programs and Projects, https://nodis3.gsfc.nasa.gov/.

xx. NPR 7120.11, Health and Medical Technical Authority Implementation.

yy. NPR 7123.1, NASA Systems Engineering Processes and Requirements.

zz. NPR 8000.4, Agency Risk Management Procedural Requirements.

aaa. NPR 8735.2, Management of Government Quality Assurance Functions for NASA Contracts.

bbb. NPR 9250.1, Capital Asset Identification and Treatment, https://nodis3.gsfc.nasa.gov/.

ccc. NTRS ID 20160005787, “Quality Attributes for Mission Flight Software: A Reference for Architects.”

ddd. OMB Memo M-04-08, “Maximizing Use of SmartBuy and Avoiding Duplication Agency Activities with the President’s 24 E-Gov Initiatives.”

eee. OMB Memo M-04-16, “Software Acquisition.”

fff. OMB Memo M-15-14, “Management and Oversight of Federal Information Technology.”

ggg. OMB Memo M-16-12, “Category Management Policy 16-1: Improving the Acquisition and Management of Common Information Technology: Software Licensing.”

DISTRIBUTION:
NODIS

This document does not bind the public, except as authorized by law or as incorporated into a contract. This document is uncontrolled when printed. Check the NASA Online Directives Information System (NODIS) Library to verify that this is the correct version before use: https://nodis3.gsfc.nasa.gov.