ORIGINATOR: |
_________________________ |
__________ |
Author Name ,Title |
Date |
|
Code |
||
REVIEWERS: |
_________________________ |
__________ |
SCM Manager Name, Title |
Date |
|
Code |
||
_________________________ |
__________ |
|
SQA Manager Name, Title |
Date |
|
Code |
||
APPROVAL: |
_________________________ |
__________ |
Project Manager, Title |
Date |
|
Code |
This Software Configuration Management (SCM) Plan (SCMP) describes the SCM organization and practices applied consistently and uniformly throughout the life cycle for Computer Software Configuration Items (CSCIs) that are developed or maintained by [originating organization].
SCM is the process used during software development and maintenance to identify, control, and report functional and physical configurations of software products (e.g., source code, executable code, databases, test scenarios and data, and documentation).
The purpose of this document is to define SCM responsibilities (requirements), resources, and processes used during the development and maintenance of the [system title] system. Figure T1 provides an overview of the SCM functions. In the figure, Data Management (DM) is shown connected to SCM with a broken line. DM is a sub-function of SCM with SCM having overall cognizant responsibility. Section 5 describes the DM responsibilities. Software Quality Assurance (SQA) is a separate function that works closely with SCM to ensure the integrity of the product (i.e., SCM controls the product; SQA certifies the integrity of the product).
Figure T1: Overview of SCM Functions
This plan establishes the SCM methods used during the development and maintenance of the [system title] system.
The SCM discipline is applied to those Configuration Items (CIs) for which the project organization has development and/or maintenance responsibilities. The SCM organization implements the processes described within this plan to ensure that products developed are correct, consistent, complete, and compliant with governing policies.
Table T1 shows the CSCIs that this plan applies to.
Nomenclature |
Acronym |
CSCI Number |
---|---|---|
CSCI Name |
Acronym |
CSCI ID number |
CSCI Name |
Acronym |
CSCI ID number |
CSCI Name |
Acronym |
CSCI ID number |
Listed below is a brief description of each of the CSCIs developed and maintained by [originating organization].
The system includes entering the number of sub-systems within the system. Figure T2 identifies the CSCIs within each sub-system and highlights those that this SCMP applies. The current [system title] Software Development Plan (SDP) contains a detailed description of the software.
Figure T2: [system title] Software
This SCMP establishes the plan for the configuration management of software and related documents produced by the [software development] organization. The processes developed in this SCMP are applicable to all personnel responsible for the analysis, design, development, maintenance, and testing of software embedded in or impacting on the operational capabilities of [system title].
This plan follows the process defined in the SCM Process Definition.
The terms and definitions listed below are provided as an aid to understanding and applying the SCM principles and processes used to manage software development and testing efforts.
Allocated Baseline (ABL)
The initially approved documentation that describes an item's functional, interoperability, and interface characteristics that are allocated from those of a system or a higher level configuration item, interface requirements with interfacing configuration items, additional design constraints, and the verification required to demonstrate the achievement of those specified characteristics.
Allocated Configuration Documentation (ACD)
The approved Allocated Baseline plus approved changes.
As-Built
Defines the initial software, hardware, or system configuration as it actually has been built.
Audit
An independent examination of a work product or set of work products to assess compliance with specifications, standards, contractual agreements, or criteria.
Baseline
A configuration identification document or set of such documents formally designated and fixed at a specific time during the configuration item's life cycle. Baselines, plus approved changes from those baselines, constitute the current configuration identification.
Change Request (CR) Form
A vehicle used to report deficiencies or enhancements generated against CIs or technical data; a document that requests a correction or change to the baselined documentation and software.
Computer Software (or Software)
A combination of associated computer instructions and computer data definitions required to enable the computer hardware to perform computational or control functions.
Computer Software Configuration Item (CSCI)
A configuration item that is software.
Configuration
The functional and physical characteristics of existing or planned hardware, firmware, or software or a combination thereof as set forth in technical documentation and achieved in a product.
Configuration Audit
A formal examination of a CSCI. Two types of configuration audits exist: the Functional Configuration Audit (FCA) and the Physical Configuration Audit (PCA).
Configuration Control
The systematic proposal, justification, evaluation, coordination, and approval or disapproval of proposed changes, and the implementation of all approved changes in the configuration of a Configuration Item (CI) after establishment of the baseline(s) for the CI.
Configuration Identification
The selection of CIs; the determination of the types of configuration documentation required for each CI; the issuance of numbers and other identifiers affixed to the CIs and to the technical documentation that defines the CI's configuration, including internal and external interfaces; the release of CI's and their associated configuration documentation; and the establishment of configuration baselines for CIs.
Configuration Item (CI)
An aggregation of hardware or software that satisfies an end-use function and is designated for separate configuration management.
Configuration Status Accounting (CSA)
The recording and reporting of information needed to manage configuration items (CI) effectively, including:
Deliverable
A system or component that is obligated contractually to a customer or intended user .
Developmental Configuration
The software and associated technical documentation that define the evolving configuration of a CSCI during development. The Developmental Configuration may be stored on electronic media.
Deviation
A specific written authorization to depart from a particular requirement(s) of an item's current approved configuration documentation for a specific number of units or a specified period of time.
Engineering Change Proposal (ECP)
A proposed engineering change and the documentation by which the change is described, justified, and submitted to the government for approval or disapproval.
Firmware
The combination of a hardware device and computer instructions or computer data that reside as read-only software on the hardware device. The software cannot be readily modified under program control.
Functional Baseline (FBL)
The initially approved documentation describing a system's or item's functional, interoperability, and interface characteristics and the verification required to demonstrate the achievement of those specified characteristics.
Functional Configuration Audit (FCA)
The formal examination of functional characteristics of a CI, prior to acceptance, to verify that the CI has achieved the requirements specified in its functional and allocated configuration documentation.
Functional Configuration Documentation (FCD)
The approved FBL plus approved changes.
Nondevelopmental Software (NDS)
Deliverable software that is not developed under the contract but is provided by the contractor, the government, or a third party. NDS may be referred to as reusable software, government-furnished software, or commercially available software, depending on its source.
Notice Of Revision (NOR)
A document used to define revisions to drawings, associated lists, or other referenced documents that require revision after ECP approval.
Physical Configuration Audit (PCA)
The formal examination of the "as-built" configuration of a CI against its technical documentation to establish or verify the CI's product baseline.
Product Baseline (PBL)
The initially approved documentation describing all of the necessary functional and physical characteristics of the CI and the selected functional and physical characteristics designated for production acceptance testing and tests necessary for support of the CI.
Product Configuration DocumentatioN (PCD)
The approved product baseline plus approved changes.
Program Management
The organization sponsoring the field activity project office.
Project Management
The designated government organization from the field activity project office responsible for the overall management of specific projects.
Release
A configuration management action whereby a particular version of software is made available for a specific purpose (e.g., released to test).
Reusable Software
Software developed in response to the requirements for one application that can be used, in whole or in part, to satisfy the requirements for another application.
Resources
The totality of computer hardware, software, personnel, documentation, supplies , and services applied to a given effort.
Software
See Computer Software (or Software).
Software Configuration Management (SCM)
A discipline that applies technical and administrative direction and surveillance to perform the functions listed below:
Software Development Library (SDL)
A controlled collection of software, documentation, and other intermediate and final software development products, and associated tools and procedures used to facilitate the orderly development and subsequent support of software.
Software-Related Group
Project members responsible for generating requirements, design, development, validation, verification, documentation, maintenance, and logistics of software.
Software Support
The sum of all activities that take place to ensure that implemented and fielded software continues to fully support the operational mission of the software.
Software Unit
An element in the design of a software item; for example, a major subdivision of a software item, a component of that subdivision, a class, object, module, function, routine, or database. Software units may occur at different levels of a hierarchy and may consist of other software units. Software units in the design may or may not have a one-to-one relationship with the code and data entities (routines, procedures, databases, data files, etc.) that implement them or with the computer files containing those entities.
Software Test Environment
A set of automated tools, firmware devices, and hardware necessary to test software. The automated tools may include but are not limited to test tools such as simulation software, code analyzers, test case generators, path analyzers, etc. and may also include the tools used in the software engineering environment.
Specification Change Notice (SCN)
A document used to propose, transmit, and record changes to a specification.
Technical Review
An activity by which the technical progress of a project is assessed relative to its technical or contractual requirements. The review is conducted at logical transition points in the development effort to identify and correct problems resulting from the work completed thus far before the problems can disrupt or delay the technical progress. The review provides a method for the contractor and government to determine that the development of a CSCI and its documentation have met contract requirements.
Version
An identified and documented body of software. Modifications to a version of software (resulting in a new version) require configuration management actions, by either the contractor, the government, or both.
Waiver
A written authorization to accept an item, which during manufacture, or after having been submitted for government inspection or acceptance, is found to depart from specified requirements, but nevertheless is considered suitable for use "as is" or after repair by an approved method.
This document will be periodically reviewed to ensure that all SCM functions are accurately described. Audit and review reports or changes to available resources may require this document to be updated. All changes will be incorporated in either change pages or a document revision. Updates to this document are recorded on the Record of Changes and List of Effective Pages sheets located at the front of this document.
This section describes the SCM organization in relation to the program and project organization structure.
Figure T3 is a graphic representation of the program and project organizational structure with respect to the SCM organization. Although SCM takes direction from the Project Manager, it operates within the policies and procedures established by [ name of the organization establishing policies]. Listed below are the responsibilities of each of the organizations as related to [system title] development.
Figure T3: Structure Organization
SCM interfaces with the functions listed below to control software configuration and release activities.
2.1.1 SCM Responsibilities
SCM is responsible for maintaining configuration control over software Developmental Configurations and Baselines and for processing changes to the software configuration. SCM functions include Software Development Library (SDL) operation, software product release coordination, and change request processing and tracking.
The responsibilities of each SCM function are listed in the paragraphs below.
2.1.1.1 Configuration Identification
2.1.1.2 Configuration Control
2.1.1.3 Configuration Status Accounting (CSA)
2.1.1.4 Configuration Audits
2.1.1.5 Training
The SCM Manager is responsible for identifying, establishing, coordinating, and revising training as required to ensure effective performance of SCM activity by the SCM organization and software-related groups.
The paragraphs below provide an overview of the functions, responsibilities, and authority of the CCBs.
2.2.1 Software Change Review Board (SCRB)
The SCRB functions in a technical advisory capacity to the Program Manager. The SCRB considers the recommendations of the project's SCCB for final approval or disapproval of proposed engineering changes to a CSCI's current approved configuration and its documentation. The board also approves or disapproves proposed waivers and deviations.
SCM provides status accounting reports to the program's SCRB and updates the status accounting database to reflect SCRB decisions. [SCM or designate ] serves as secretariat to the board.
2.2.2 Software Configuration Control Board (SCCB)
The SCCB supports the Project Manager and is composed of technical and administrative representatives who recommend approval or disapproval of proposed engineering changes to a CSCI's current approved configuration and its documentation. The board also recommends approval or disapproval of proposed waivers and deviations from a CSCI's current approved configuration and its documentation.
Issues that the project's SCCB is unable to resolve or that involve a change in scheduling or fiscal costs are initially addressed by the SCCB and forwarded to the program's SCRB for final approval or disapproval and recommendations.
SCM provides status accounting reports to the project's SCCB and updates the status accounting database to reflect SCCB decisions. SCM or designate serves as secretariat to the board.
This section describes the software development activity for software-related groups and the SCM responsibilities in relation to this activity and program events. These activities occur within the Engineering and Manufacturing Development phase of the software life cycle. The software life cycle includes five phases: Concept Exploration and Definition, Demonstration and Validation, Engineering and Manufacturing Development, Production and Deployment, and Operations and Support. Some of the Engineering and Manufacturing Development activities may be applicable to and overlap with other life-cycle phases. For this reason, the objectives of each life-cycle phase are presented. Table T2 defines the SCM milestones in relation to software- related group activity for [project name ].
Software-Related Group Activity |
SCM Milestone |
Concept and Exploration |
Plan how project will affect program products and their CM Baseline product identification |
Project Planning and Oversight |
Draft SCMP (new system) or SCMP update (existing system) SCM organization established, staffed Management and technical review participation Configuration identification Planning documents under configuration control Establish SCRB and SCCB |
Software Development Environment |
SCM staff training SDL and SDFs established |
System Requirements Analysis |
System requirements documents under configuration control SCCB and SCRB support |
System Design |
Approved SCMP implemented SCM tasks identified DTPs created and/or maintained System design documents baselined and maintained Functional Baseline established and maintained CSA system established and maintained CM Document Library established and maintained |
Software Requirements Analysis |
Software requirements documents baselined Allocated Baseline established CM Drawing Library established and maintained |
Software Design |
Development Configuration products maintained Development Configuration corrective action process established |
Software Implementation and Unit Testing |
|
Unit Integration and Testing |
|
CSCI Qualification Testing |
Test documents baselined |
CSCI/HWCI Integration and Testing |
FCA and PCA support |
System Qualification Testing |
|
Software Use Preparation |
Product Baseline established and maintained Software user documents and manuals baselined |
Software Transition Preparation |
Product Baseline archived Product Baseline transferred to SSA |
Objectives of the Concept Exploration and Definition phase are to:
SCM responsibilities are to:
Objectives of the Demonstration and Validation phase are to:
SCM responsibilities are to:
Table T2 shows SCM milestones for the Engineering and Manufacturing Development phase of a software life cycle.
3.3.1 Concept and Exploration
During concept and exploration, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.2 Project Planning and Oversight
During project planning and oversight, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.3 Establishment of Software Development Environment
During establishment of a software development environment, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.4 System Requirements Analysis
During system requirements analysis, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.5 System Design
During system design, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.6 Software Requirements Analysis
During software requirements analysis, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.7 Software Design
During software design, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.8 Software Implementation and Unit Testing
During software implementation and unit testing, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.9 Unit Integration and Testing
During unit integration and testing, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.10 CSCI Qualification Testing
During CSCI qualification testing, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.11 CSCI/Hardware Configuration Item (HWCI) Integration and Testing
During CSCI/HWCI integration and testing, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.12 System Qualification Testing
During system qualification testing, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.13 Software Use Preparation
During software use preparation, software-related groups are concerned with the following activities:
SCM responsibilities are to:
3.3.14 Software Transition Preparation
During software transition preparation, software-related groups are concerned with the following activities:
SCM responsibilities are to:
Objectives of the Production and Deployment phase of the software life cycle are to:
SCM responsibilities are to:
Objectives of the Operations and Support phase of the software life cycle are to:
SCM responsibilities are to:
The section describes the data handling, processing, storage, integrity, transfer, security, and maintenance of configuration management technical data.
Data management responsibilities are to:
Access to project technical data is limited in accordance with the applicable distribution statements defined by the contract or Project Manager and by data rights, CDRL distribution security requirements, and data status level (released or submitted for approval unless otherwise specified). Distribution lists of projects technical data are maintained as part of the data status reporting function. Requests for project technical data by activities outside this project require approval by the Project Manager or designated authority.
The following requirements are used to identify and control data during the review and update cycle:
Define the following processes:
Data requirements defined by the CDRL are incorporated into the [ name of the database used to track CDRLs] database. The database is used to identify all CDRL data, to prepare status reports, and to track approval history. The database contains each contractually required data item and information on data submission. In addition to the CDRL item, the title of the data item and source references (e.g., Data Item Description [DID] number, paragraph number of applicable addendum) are included. Listed below are the main areas addressed in the status reports.
Data security and classification management are an integral part of data management. Security requirements are considered during all areas of data management control.
This section describes the process for configuration identification.
The selection of CSCIs is the responsibility of project management or the developer. CSCIs are placed under configuration management in accordance with this plan. Once the CSCI has been identified and provided to the SCM organization, the SCMP will be updated.
For each CSCI, configuration identification is established for software technical documentation, code, and media. The initially approved configuration identifications establish baselines from which subsequent changes are controlled. The configuration identifications and baselines to be established for [system title] CSCIs are defined as shown below.
The paragraphs below describe the methods used in identifying the CSCI and associated technical data and project-developed support software required for development, test, and maintenance.
5.3.1 Document Identification
SCM assigns unique numbers to CSCI documents. Each page of the document contains the identification number with the applicable revision letter.
5.3.1.1 Document Revision
SCM assigns identifiers to document revisions.
5.3.1.2 Document Change Pages
SCM assigns numbers to document change pages.
5.3.2 Drawing Identification
SCM assigns unique numbers to drawings.
5.3.3 Software Identification
SCM assigns unique numbers to drawings.
5.3.3.1 Copy Number
Each accountable copy of a software product (e.g., source code tape), with the exception of the EM and listings, is assigned a unique copy number, both externally and embedded within the software.
5.3.3.2 Volume Number
For software products that require more than one unit of physical storage per copy, a volume number is assigned to each unit of storage, both externally and embedded on the software.
5.3.3.3 Labels
[system title] software is labeled for ease in identification. Describe the specific labeling practices being used.
Listed below is the minimum information necessary to adequately identify software media.
5.3.4 Firmware Identification
The components of firmware, the hardware device, and the computer instructions or computer data that reside as read-only software on the hardware device are each uniquely identified. Firmware identification includes the top-level document/drawing that defines how these components fit together for the firmware assembly. Firmware is assigned a unique identifier.
5.3.5 Change Request Form Identification
Each change request form received by SCM is assigned a unique identifier.
5.3.6 Engineering Release
The software release process begins at the start of system integration and testing. At the initiation of this phase, the software Product Baseline is established by the project's SCCB. The software release identified as part of the Product Baseline is provided for integration with the operational hardware. Final testing is accomplished by Operational Test and Evaluation (OT&E). Issues found by OT&E are resolved using the baseline change process. Upon satisfactory completion of OT&E, the software release is approved as the Product Baseline Configuration. Approval for service use initiates distribution to Fleet users. CM/DM is responsible for making and distributing copies of software products. The copies are made from the EM. SCM is responsible for ensuring that the correct software product and release documentation are distributed through DM.
Anomalies or discrepancies against the Developmental Configuration are resolved through a corrective action process. The corrective action process is a closed-loop process, ensuring that all detected problems are promptly reported and entered into the process, action is initiated on them, resolution is achieved, status is tracked and reported , and records of the problems are maintained for the life of the product.
The corrective action process is the development team's internal control over software that is evolving from requirements and being developed through design, code and unit test, integration test, and software system test.
The Development Group is responsible for the Developmental Configuration and therefore provides status of implementing change proposals and closing out the change request form. The paragraphs below describe the steps in processing a change request form.
The Developmental Configuration management process includes the responsibility to control documentation and repositories containing elements of the Developmental Configuration. The [project organization], in response to this requirement, has established the following libraries: Software Development Library, Documentation Library, and Drawing Library. The following paragraphs describe the functions of each of the libraries.
Project management authorizes access to each of the [project organization] libraries. Access includes types of user privileges granted (e.g., for software: read, write, execute; for documentation: loan copy, distribution copy).
5.5.1 Software Development Library
The SDL is the controlled collection of documentation, intermediate software development products, associated tools, and procedures that comprise a Developmental Configuration CSCI. The SDL provides storage of and controlled access to software development products in human-readable form, machine-readable form, or both. SDL components are initially documented in an identification list for the Allocated Baseline.
The [project organization] SDL consists of a series of phases through which the software is developed. Before software is released from one development phase to the next , it must be validated by a Quality Assurance function and verified by SCM. SCM uses the [ name the tool or briefly explain the process] to perform this verification. SCM verifies that approved software changes have been incorporated into the proper phase of the SDL, reports status to the SCCB, and performs the release function upon SCCB authorization.
5.5.2 Documentation Library
The [project organization] Documentation Library contains the controlled collection of all the project's document inventory, in any media, for both released and development versions; it houses both deliverable and nondeliverable products (e.g., preliminary versions of baseline documents, specifications on commercial off-the-shelf [COTS] tools). The Documentation Library for a newly designated baseline is established at the same time as its Developmental Configuration, and its components are initially documented in an identification list for the Allocated Baseline. SCM verifies that new documents that are entered into the library as CSCIs have been approved by the SCCB and that only approved document changes have been incorporated into all controlled documents. SCM activates the release process upon SCCB authorization.
5.5.3 Drawing Library
The [project organization] Drawing Library contains the controlled collection of all of the project's drawings, Computer-Aided Design (CAD), and Computer-Aided Manufacturing (CAM) instructions. The Drawing Library for a newly designated baseline is established at the same time as its Developmental Configuration, and its components are initially documented in an identification list for the Allocated Baseline. SCM verifies that approved changes have been incorporated into drawings originated by and under control of the [project organization].
This section identifies the interface requirements and establishes the Interface Control Working Group . Interface management is performed to ensure compatibility and interoperability among various hardware and software components in a system as specified in the baselined configuration documentation.
Listed below are the interface requirements for [system title].
The ICWG is chartered to ensure the compatibility of the software and hardware components. The ICWG is composed of members of the systems outlined above and representatives from the system design group. The ICWG meetings will include discussions of the interface control documentation.
SCM may be required to generate and distribute CSA reports and technical data.
This section describes the process for maintaining configuration control of all identified CSCIs developed or maintained by [originating organization].
The purpose of configuration control is to maintain the integrity of baselined CSCIs and their associated documentation by ensuring that only authorized changes are incorporated. This requires the systematic evaluation, processing, and approval or disapproval of all proposed changes. Configuration control begins when a CSCI is baselined and continues as further baselines are established.
SCM is responsible for maintaining software configuration control over software products in the Functional, Allocated, Developmental Configuration, and Product Baselines. In addition, SCM is responsible for administering the process by which a request for change to products under control is submitted, reviewed, and approved or disapproved.
The [originating organization] is subject to a hierarchy of control boards for baseline integrity. A description of each of these boards, along with their functions and responsibilities, is presented in the paragraphs below.
7.1.1 SCCB
A Software Configuration Control Board (SCCB) has been established to authorize changes to baselined documentation and software for delivered products and for in-development products. The specific procedures for conducting an SCCB meeting are detailed in [document name ].
7.1.1.1 SCCB Responsibilities
The SCCB has authority for managing the project's software through the performance of the functions listed below.
7.1.1.2 SCCB Composition
The SCCB is chaired by an SCCB Chairperson or a designated representative. Board members include representatives of the functions designated below:
SCM schedules and coordinates SCCB meetings, including the creation and distribution of meeting agenda and minutes. For time-critical software problems, an emergency SCCB meeting may be convened. The required attendees are listed below.
7.1.1.3 Roles of SCCB Members
The paragraphs below describe the roles of SCCB members.
7.1.1.3.1 SCCB Chairperson
Ultimate authority for the SCCB rests with project management. An SCCB Chairperson is appointed by the Project Manager to serve as Project Manager agent for SCCB functions. The SCCB Chairperson reports all SCCB functions to the Project Manager. The responsibilities of the SCCB Chairperson are listed below.
7.1.1.3.2 SCCB Secretariat
The [originating organization] provides a secretariat (i.e., the SCM Manager) to perform the administrative functions listed below.
7.1.1.3.3 Other SCCB Members
All SCCB members represent their respective activities regarding all proposed software changes brought before the SCCB. Their duties include those listed below.
7.1.2 Other Local Boards
7.1.3 Other Boards
7.1.4 SCRB
The management team required to establish and maintain configuration control of software consists of the sponsor and an established SCRB.
7.1.4.1 SCRB Responsibilities
The SCRB is responsible for evaluating and approving or disapproving proposed software changes. The evaluation of proposed changes must consider, as a minimum, such factors as documentation, equipment interfaces, training equipment, implementation costs, and performance requirements.
Proposed changes submitted for SCRB action must be complete with respect to technical requirements, justification, cost information, logistic requirements, interface requirements, retrofit requirements, and other applicable information. When a proposed change affects any system or item under the cognizance of another SCRB, joint SCRB meetings will be held as required.
7.1.4.2 SCRB Composition
The organization of the SCRB consists of the members listed below.
In addition, advisory personnel from each of the areas listed below are included in the SCRB as required.
In specific cases, representatives of other divisions and offices of NAVAIR TEAM may be required to serve as advisors to the board. Participation of these divisions is coordinated by the SCRB Chairperson.
7.1.4.3 Roles of SCRB Members
The following paragraphs describe the roles of SCRB members.
7.1.4.3.1 SCRB Chairperson
Ultimate authority for the SCRB rests with the [SCRB program management]. An SCRB Chairperson is appointed by the Program Manager to serve as the program management agent for SCRB functions. The SCRB Chairperson reports all SCRB functions to the Program Manager. The responsibilities of the SCRB Chairperson include:
7.1.4.3.2 SCRB Secretariat
The [originating organization] provides a secretariat (i.e., the SCM Manager) to perform the administrative functions listed below.
7.1.4.3.3 Other SCRB Members
All SCRB members represent their respective activities regarding all proposed software changes brought before the SCRB. Their duties include:
The [project organization] baseline change process is a continuous function that involves the preparation, implementation, and distribution of CSCI and associated documentation changes. It has been approved by the [sponsor organization] and involves activity at both the project and program levels.
The assigned responsibilities and approval authority for accomplishing changes to baselines are detailed in a project-originated SCCB charter documented in [list the document name]. This charter interfaces with the [sponsor organization] charter. The charter establishes the processing of change requests and their resolution by local and [sponsor organization] boards.
Changes to a [project organization] baseline configuration are initiated through a change request process that involves the preparation of a defined series of documents (change forms) whose status is determined by a hierarchy of control boards. Change requests are used to report problems and propose changes or enhancements to software or documentation. A change request must be documented, submitted, reviewed, and approved prior to implementation. Change requests against developmental baselines are resolved by the [project organization] SCCB the SCCB, identify the board> . Change requests against established baselines require approval of the [sponsor organization] SCRB.
7.2.1 Change Request Forms
The [project organization] uses the following change forms for control of its software baselines:
7.2.1.1 Engineering Change Proposal
The ECP is used to document all proposed changes to established baselines. The completed ECP must include detailed descriptions, justifications, and costs for the proposed change.
7.2.1.2 Specification Change Notice
The SCN is used to correct or update specifications. The SCN identifies the document to be changed, the SCN number, its status (proposed or approved), the related ECP, and other [project organization] identifying data.
7.2.1.3 Notice of Revision
The NOR is primarily intended for use when the master drawing list and other documents comprising the configuration identification are not held by the originator of the ECP. NORs permit the ECP previewing or approving activity to direct the custodian of an applicable document to make specific revisions in affected documents. A separate NOR is prepared for each drawing, associated list, or other referenced document that requires revision when the related ECP is approved. The description of the revision consists of a detailed statement covering each required correction, addition, or deletion.
7.2.1.4 Deviation and Waiver
A request for deviation or waiver is designated as minor, major, or critical.
7.2.1.5 Local Change Request
Table T3 describes the baseline change process used by the [project organization]. Table T4 displays problem priorities.
Activity |
Responsibility |
SCM Interface |
Comments |
---|---|---|---|
Change Request Initiator |
Use (local) change request to report problem, error, deficiency; request enhancement, change, new requirement. Submit change request to SCM. |
Assign tracking identification. Input appropriate data to CSA database. Provide copies of change request for review. Place master change request in library. |
SCM should automate this process to the fullest extent of its capabilities. Eliminate paper whenever possible. |
Project Technical Evaluation Team |
Evaluate change request for technical feasibility. Provide analysis of change request. |
Gather and distribute additional documentation in support of change request when needed. Perform secretariat duties for Project Technical Evaluation Team when requested . Update CSA databases. |
Composition of the Project Technical Evaluation Team is determined by project management. This may be a CCB activity. |
SCCB |
Convene meeting. Disposition, prioritize, and categorize Direct implementation of change requests to developmental baselines. Direct preparation of preliminary change proposals to delivered baselines for SCRB working group consideration. |
Distribute relevant CSA reports. Update CSA databases. Perform secretariat duties when requested. |
|
SCRB Working Group |
Convene meeting. Disposition and prioritize change proposals. Identify approved change proposals for new baseline configuration. Preparation of ECP. |
Distribute change proposals and associated documentation. Perform secretariat duties when required. |
SCM will provide and prepare, as requested, the appropriate documentation. |
Software Requirements Group |
Prepare ECP for SCRB review. Determine whether deviations or waivers are required; prepare if necessary. |
Provide CSCI and associated technical data required for ECP development. Assign identification or tracking number to ECP. Prepare SCNs and NORs for submittal with completed ECP. Prepare ECP release package to SCRB. Update CSA database. |
|
SCRB |
Convene meeting. Review ECP. Direct implementation of acceptable ECP. Return unacceptable ECP for rework by project organization. |
Provide appropriate tracking for ECP. Update CSA database. |
|
Software Design Group |
Implement approved ECP. Provide design status and information to SCCB. |
||
SCCB |
Begin SCCB oversight of new Developmental Configuration. Initiate corrective action process. Determine development milestones. |
Identify, process, and track change requests. Provide SCCB secretariat function. Assist with reviews and audits as required. |
|
Software Requirements Group |
Update software and configuration documents. |
Receive and process software and documentation changes. |
|
Software Test Group |
Perform V&V of project developed software based on test plans and procedures. Generate change requests for problems detected during test. |
Receive test documents for configuration control. Identify, process, and track change requests reported during testing. |
|
Quality Assurance Group |
Perform review and audits of baseline software. |
Assist SQA in conduct of reviews and audits as required. |
|
SCCB |
Release Developmental configuration as Product Baseline. |
Perform release function for accepted Product Baseline. |
Priority |
Applies if a Problem Could: |
---|---|
1 |
|
2 |
|
3 |
|
4 |
|
5 |
Result in any other effect. |
Table T5 shows categories to be used for classifying problems in software products.
Category |
Applies to Problems in: |
---|---|
Plans |
One of the plans developed for the project |
Concept |
The operational concept |
Requirements |
The system or software requirements |
Design |
The design of the system or software |
Code |
The software code |
Database/data file |
A database or data file |
Test information |
Test plans, test descriptions, or test reports |
Manuals |
The use, operator, or support manuals |
Other |
Other software products |
This section describes the process used to provide configuration status accounting (CSA). CSA is the recording and reporting of information needed to manage CSCIs effectively, including the items listed below.
CSA documentation is the means through which actions affecting CSCIs are recorded and reported to the Software Systems Engineering Manager of the [system title] system. It principally records the "approved configuration" (baseline) and the implementation status of changes to the baseline. It is the bookkeeping part of SCM that provides managers with feedback information to determine whether decisions of the SCCB are being implemented as directed.
To automate CSA, SCM uses [identify the software tool], a relational database management system, to define the data content and format. [Identify the software tool] is an approved, baselined CSCI, so any proposed change to it requires a change request and SCCB approval for implementation.
Input data includes SCCB decisions, such as approving or disapproving change requests, establishing configuration baselines, and approving the release of software for distribution. Input data also includes status information of CSCIs and change requests . Output data is formatted as CSA reports .
The records maintained by SCM contain detailed data that documents that the as-built software conforms to its technical description and specified configuration. They include the information listed below.
8.1.1 Change Request Table
The change request table contains a record of all change requests and related information. It includes, but is not limited to, the data listed below.
8.1.2 Library(ies) Inventory Table
The library inventory table contains a record of each software product stored in the library(ies). It includes, but is not limited to, the data listed below.
Part or document number and revision
8.1.3 Data Distribution Table
The data distribution table contains a record of all data (e.g., documents and drawings, including CDRL items) distributed by the software organization through DM. The table includes, but is not limited to, the information listed below.
8.1.4 Release Table
The release table contains a record of all releases made by the software organization (e.g., drawings, documents, software documents, tape). It includes, but is not limited to, the information listed below.
8.1.5 Archive Records Table
SCM maintains a record of all archived material. Archived material includes obsolete material and data not required for current use and off-site stored backup data in case of loss of online data.
SCM has the prime responsibility for managing, compiling, maintaining, and publishing the [system title] detailed software CSA reports. These reports provide the status to management that all changes between the software technical description and the software itself are being accounted for on a one-to-one relationship. This status information, together with the CSA reports maintained by the SCM organization, is an input for the final review for product acceptance.
Project management determines the frequency of distribution and recipients of the CSA reports. These reports include the information listed below.
The above reports answer basic questions regarding the approved configuration (baseline) and the implementation status of changes to the baseline.
Requests for CSA reports originating outside the project are directed for approval to Project Management, which authorizes need-to-know access.
This section describes the approach used in performing configuration audits.
Configuration audits validate that the design and the final product conform to approved functional requirements defined in specifications and drawings and that the changes to the initially approved specifications and drawings have been incorporated.
The SCM assists in the conduct of two audits for developed baselines prior to their release: the FCA and PCA. These audits ensure that baseline changes are validated and the new baseline meets new requirements and specifications.
SCM personnel provide assistance through the specific activities listed below, as required by the project.
SCM ensures that the released version of the software products is available for the audit so that the inspectors can verify that the software performs as required by its allocated configuration.
FCAs are usually conducted after a major change or a significant number of minor changes have occurred or before the establishment of the Product Baseline. The SCM Manager is responsible for assisting SQA in the preparation of the FCA plan. The FCA plan identifies specific tasks and procedures to accomplish those tasks . The FCA plan identifies documents, hardware, software, test sets, etc. required for performing the audit. The SCM Manager records differences between the SRS and the CSCI under audit for incorporation into the minutes of the FCA for postaudit action.
This audit ensures that the as-built configuration is accurately reflected by the released documentation to establish the Product Baseline. SCM audits the released engineering documentation and quality control records to make sure the as-built or as-coded configuration is reflected by this documentation.
PCAs are usually conducted concurrently with FCAs or immediately following an FCA. The SCM Manager is responsible for assisting SQA in the preparation of the PCA plan. The PCA plan identifies specific tasks and procedures to accomplish those tasks. The PCA plan also identifies the software and technical documentation to be examined.
To ensure that SCM efforts are adequate and completed as detailed in this document, audits and reviews of SCM processes and products are performed as described in the following paragraphs.
9.3.1 SCM Audits
To ensure that the SCM program complies with the requirements specified in this plan, an independent audit of SCM processes, procedures, and products is required. Normally, this type of audit is performed by a QA representative. Products generated or tracked by SCM are listed below.
The audit findings are documented in an audit report and provided to the SCM Manager. The audit report is used by the SCM Manager to correct deficiencies or identify changes in the SCM requirements. Correcting deficiencies would include updating SCM processes and procedures, records, configuration documents, software, or tools. Identifying changes in the SCM requirements would result in adding, modifying, or deleting a requirement in this SCMP.
9.3.2 SCM Reviews
The SCM Manager periodically performs internal reviews of SCM processes, procedures, and products. An SCM review serves as a method to determine how effectively and efficiently the SCM processes and procedures fulfill the SCM requirements as defined in this plan. SCM reviews also include verification of the products generated by SCM. Verification is the process of evaluating the products to ensure correctness and consistency with respect to the SCMP, tasks, processes, and procedures. The review findings are documented in a report that is used by the SCM Manager to correct deficiencies or identify changes in SCM requirements.
It is the SCM Manager's responsibility to perform or assign SCM personnel to perform the SCM reviews and to specify the SCM processes or procedures to be reviewed. The review report includes what actions were taken to resolve the deficiency or requirements change. The review report is filed with the appropriate DTP and serves as a record to show that an internal SCM review was performed and corrective action was taken as required. Review reports may be audited .
This section describes the methods used to ensure subcontractor/vendor compliance with configuration management requirements.
Each contractor working on this system is required to develop a configuration management plan that is in conformance to this document. The development contractor ensures that nondeliverable software will functionally meet the requirements of the system.
Vendors' products are inspected at delivery to ensure that their products meet the requirements as specified. The vendors ' quality control procedures may be obtained to aid in the evaluation of the COTS software by the system developer.
Configuration management personnel are acquired as a team through competitive contract negotiation. The SCM staff has responsibility for conducting the SCM function under the management of [ name of the supervising organization or function assigned by the program]. The staff is required to be fully knowledgeable in all aspects of the program's configuration management function and to maintain and upgrade the SCM program whenever they can.
This appendix includes an alphabetical listing of all acronyms, abbreviations, and their meanings as used in this document.
OAG ” Operational Advisory Group
Software Change/Software Enhancement Proposal
Software Trouble/Change Request (STR/SCR)
Submitting Organization: _________________ |
Tracking No.: _________________ |
|
Contact Person: _________________________ |
Telephone: ___________________ |
|
Mailing Address: |
_______________________________________ |
|
_______________________________________ |
||
_______________________________________ |
||
Date: ______________________ |
Short Title: _____________________________ |
|
Change Location Tag: __________________________________________________ |
||
(Section No., Figure No., Table No., Page No., etc.) |
||
Proposed Change: |
||
|
||
Reason for Change: |
||
|
This section describes the sequence of events and milestones for implementation of SCM in phase with major software and development milestones and events. SCM milestones are achieved upon completion of individual SCM activities.
This is the first phase of system-level planning. During the system requirements analysis phase, the top-level (system) requirements are established, analyzed , and approved. The requirements describe the major functions that the system must fulfill.
The outputs of this phase consist of one preliminary product (Preliminary System Specification) and a program review (System Requirements Review [SRR]). No baselines are established at this point. The SCRB and SCCB are established.
SCM activities during this phase are listed below.
This is the second phase of the system-level planning. During the system design phase, a top-level (system) design is formulated and documented. The outputs of this phase consist of four final deliverable products (System Specification, System/Segment Design Document, Software Development Plan, and Software Configuration Management Plan); two preliminary deliverable products (Preliminary Software Requirements Specification and Preliminary Interface Requirements Specification); one program review (System Design Review); and the establishment of the first of three baselines (Functional Baseline).
The SCCB meets to establish the Functional Baseline. The SCRB meets to exercise software configuration control upon establishment of the Functional Baseline.
SCM activities during this phase are listed below.
During the software requirements analysis phase, the software performance and interface requirements that must be met are formulated and analyzed. This phase is similar to the system requirements analysis phase except that it focuses on the software requirements derived from the system requirements.
The outputs from this phase consist of two final deliverable products (Software Requirements Specification and Interface Requirements Specification), one program review (Software Specification Review), and the establishment of the second of three baselines (Allocated Baseline).
SCM activities during this phase are listed below.
During the preliminary design phase, the system-level architecture, interfaces, and design are developed. A Preliminary Design Review (PDR) is held, and approval is obtained before proceeding with the detailed (low-level) design phase.
The outputs from this phase consist of one final deliverable product (Software Test Plan [Test Ids]), two preliminary deliverable products (Preliminary Software Design Documents and Preliminary Interface Design Document), one program review (Preliminary Design Review), and the establishment of the Developmental Configuration.
SCM activities during this phase are listed below.
Establish corrective action process for Developmental Configuration.
During the detailed design phase, the design team develops the detailed design, and a Critical Design Review (CDR) is held for review and approval of the total design. The design is completed and approved at the CDR. By the time the CDR occurs, the software constituting the system has been decomposed into a hierarchical structure of CSCIs, Computer Software Components (CSCs), and CSUs.
The preceding phases ensure that design requirements have been identified, validated , and allocated to the approved design and to their respective baselines.
The outputs from this phase consist of three final deliverable products (detailed Software Design Documents, Software Test Descriptions [Cases[, and Interface Design Document); one program review (Critical Design Review); and the continuance of the Developmental Configuration.
SCM activities during this phase are listed below.
During the coding and CSU testing phase, coding and unit (CSU) testing is accomplished. All design data, programmer notes, and CSU test results are kept in the Software Development Files (SDFs). This is for programmer and peer review only. SQA can perform audits of the SDFs.
The outputs from this phase result in completed CSU development and testing evidenced by source code and source code listings. The Developmental Configuration continues.
SCM activities during this phase are listed below.
During the CSC integration and testing phase, coding and testing of CSCs is accomplished. CSUs are integrated into their next -higher structures and tested to ensure proper processing. Test drivers and stubs are written to perform these tests. All design data, programming notes, and test results are added to the SDFs. This is for programmer and peer review only. SQA can perform audits of the SDFs.
The outputs from this phase consist of one final deliverable product (Software Test Description (Procedures)), one program review (Test Readiness Review [TRR]), plus updated source code, source code listings, and command files. Successful completion of these activities indicates the conclusion of the Developmental Configuration.
SCM activities during this phase are listed below.
During the CSCI testing phase, testing of CSCIs is accomplished to demonstrate that the software system is reliable and maintainable . All lower-level (CSU and CSC) coding and testing have been completed. This final software testing ensures that each CSCI functions as designed.
The V&V process is a software quality check to ensure that the design is complete and that the software fulfills all approved requirements and may be performed by the Systems Test Group.
Formal Qualification Testing (FQT) is performed in this phase. The CSCI testing is basically the FQT, whereby the customer accepts the tested integrity of the developed system. The completed Software Test Plan includes tests of user identification and access to the system, as well as test plans for any identified safety issues.
The outputs from this phase consist of the following final deliverable products (Software Test Reports, Operation and Support Documents, Version Description Documents, Software Product Specifications, and updated source code and listings); two audits (PCA and FCA); and establishment of the last of the three baselines (Product Baseline).
When the FCA/PCA is approved, the customer accepts the Product Baseline.
SCM activities during this phase are listed below.
During the system integration and testing phase, the software is integrated into the operational hardware and tested. DOD-STD-2167A development activities end with CSCI testing and the establishment of the software Product Baseline. After software Product Baseline, the software must be integrated into the operational hardware and final testing (Operational Testing and Evaluation [OT&E]) accomplished by the customer before placing the system into operation.
This document is an adaptation of a document developed at the request of Naval Air Systems Command (NAVAIR) TEAM. The original document can be found at http://sepo.nosc.mil/sepo/GenSCMP/GenSCMP.html .
SPAWAR Systems Center San Diego, Systems Engineering Process Office, http://sepo.spawar.navy.mil/sepo/index2.htm .
Development Phase |
SCM Activity |
SCM Control |
Milestones |
Product |
---|---|---|---|---|
System Requirements Analysis |
Establish project SCM Train staff Create draft or update SCMP for existing system Attend SRR as required |
SRR SCM established Program SCRB established Project SCCB established |
Preliminary System Specification Preliminary SCMP |
|
System Design |
Implement approved SCMP Identify tasks stated in SCMP Identify processes from tasks Create/update DTPs Establish complete number scheme for project-defined version ID Attend SDR Establish and maintain CSA system Establish and maintain CM library(ies) Support SCCB throughout software life cycle |
System Specification SSDD SDP SCMP |
SDR Functional Baseline |
System Specification SSDD SDP SCMP Preliminary SRS Preliminary IRS |
Software Requirements Analysis |
Attend SSR |
SRS IRS |
SSR Allocated Baseline |
SRS IRS |
Preliminary Design |
Establish and maintain Software Development Library Establish corrective action process Attend PDR Exercise configuration control of Developmental Configuration products |
STP (Test IDs) |
PDR Developmental Configuration |
Preliminary SDD Preliminary IDD STP |
Detailed Design |
Attend CDR Exercise configuration control of Developmental Configuration Products |
SDD IDD STD (Test Cases) |
CDR |
Detailed SDD IDD STD (Test Cases) |
Coding and CSU Testing |
Exercise configuration control of Developmental Configuration Products |
Tested Source Code (CSUs) Source Code Source Code Listings |
Source Code Source Code Listings |
|
CSC Integration and Testing |
Exercise configuration control of Developmental Configuration Products Support TRR by providing CSCI and associated technical data and status of reported software and documentation anomalies Exercise configuration control of developmental configuration products |
STD (Test Procedures) Updated Source Code Updated Source Code Listings Command Files |
TRR |
STD (Procedures) Updated Source Code Source Code Listings Command Files |
CSCI Testing |
Exercise configuration control of product configuration documentation Support FCA and PCA Release product configuration documentation |
Updated Source Code Updated Source Code Listings Command Files STR Operation and Support Documents VDD SPS |
FCA PCA Product Baseline |
Updated Source Code Command Files Software Test Report Operation and Support Documents VDD SPS |
Preface