How can project managers best incorporate estimation, planning, risk management, corporate processes and resources into a coordinated, tailored approach to developing and managing software? Large software efforts face the challenges of (1) identifying software risks, (2) judiciously planning for IV&V, development & QA activities to mitigate risks, (3) estimating cost & schedules of these plans, (4) accommodating the priorities of the primary stakeholders while ensuring mission success, (5) complying with standards & processes. This presentation will describe and demonstrate a coherent approach and accompanying tool support that addresses these challenges.
The first phase of the approach uses a user-friendly electronic interview to elicit overall project characteristics. Behind the scenes, relevant portions of this data are automatically fed into COCOMO II to yield cost and schedule estimates. The COCOMO estimates, and other portions of the user-provided data, are then combined with institutional practices and policies (for example, ISO 9001, CMM and site-specific principles), yielding estimates of cost, schedule, and risk, and plans for mitigating risk while conducting software development.
The second phase of the approach allows the user to scrutinize and tailor this development plan. Key to this phase is the use of several cogent visualizations of risks, mitigations, and their interrelationships. Through these visualizations the user can both comprehend and customize the plan and its impacts (on cost, schedule, and risk). The final phase of the approach combines all of the above to yield the outputs of this whole approach, namely:
- Identified software risks. The risk lists will take into consideration risks associated with software failures on previous NASA and aerospace missions (lessons learned, failure reports, defect profiles, etc.). This includes the identification of software components and intermediate deliverables by level of system criticality.
- An optimized plan that identifies software IV&V, development, and QA activities that mitigate and eliminate software risk for a given project at various times during the lifecycle.
- Consistent cost and schedule risk reduction budget estimates that establish a responsible balance between constrained project funding and the safe implementation of software subsystems.
- An equitably negotiated IV&V, Software Development, and QA plan that includes the priorities of the primary stakeholders while maintaining a high integrity program.
- IV&V, QA, and project plans that are compliant with institutional policies, ISO based Software Development Process Descriptions, and best practices from (for example) CMM.
The elements of the approach have been successfully developed and applied separately, in the form of NASA Glenn's AskPete tool (http://tkurtz.grc.nasa.gov/PETE/Default.htm) and NASA JPL's DDP tool ("Scalable Mechanisms for Requirements Interaction Management", Feather et al, in Proceedings IEEE 4th Int. Conf. on Requirements Engineering, IEEE Computer Society, 2000). Determination of the value of the combined approach is currently in process. The added utility of a planning tool that combines estimation, tailorable development processes, QA and IV&V estimates, and risk management based on the integration of these disparate but related activities is believed to provide a definite benefit to program managers.
For the 13 years prior to joining Scientific Applications International Corporation (SAIC), Tim worked for Defense Contract Management Command (DCMC). During that time, he was the program manager for the Mk 48 ADCAP torpedo program at DPRO Westinghouse and implemented the software quality assurance program and monitored the transfer of software and development of test equipment for the Mk 50. At DCMC Dayton he was responsible for training and overseeing the SQA activities of Software Quality Assurance Specialists who monitored DoD software development contracts and the development and maintenance of all Air Force simulators. Trained in ISO 9000 auditing and Software Development Capability Evaluation Training, Tim developed and implemented the ISO 9000 Qualification Audit system for DCMC Dayton to provide second party ISO certification to defense contractors and provided software certification training for all Software Professional Development Program applicants in DCMC.
Martin S. Feather:
For the last four years, Senior Engineer in NASA/JPL's Software Quality Assurance Group. Prior to that, was a research scientist at Univ. of Southern California's Information Sciences Institute for 15 years, and a research scientist with Principal Investigator status on NSF and DARPA tasks at Computing Services Support Solutions (Los Angeles) for 3 years. Holds BA and MA degrees in Mathematics and Computer Science from Cambridge Univ., England, and PhD degree in Artificial Intelligence from the Univ. of Edinburgh, Scotland. Has over 50 refereed publications in the areas of automated support for early-phase lifecycle software development, and is an active participant in the software engineering milieu.