CLASSIFICATION
3 Program Technical Management
47
• Describe the integration, test, and release strategy (including Continuous Authority to
Operate (cATO) process) to enable early and continuous integration to validate mission
effectiveness early and throughout the software life cycle (DoDI 5000.88, Para 3.4.a.(3).(o)).
• Describe the process of identifying, managing, and mitigating software unique program
risks.
• Describe the handling of critical SW requirements to address (1) flight clearance, (2) safety
assurance, (3) cybersecurity, (4) program protection/software assurance, and (5) assurance
of other critical requirements (e.g., nuclear surety). To avoid duplication and overlap with
other documents providing more detailed topic coverage, provide a brief overview and a link
to the document.
• Address reusable SW products (e.g., commercial off-the-shelf (COTS), government off-the-
shelf (GOTS)). Describe (1) the approach for identifying, evaluating, and incorporating
reusable SW products, including the scope of the search for such products and the criteria
to be used for their evaluation and (2) the approach for identifying, evaluating, and reporting
opportunities to develop reusable SW products.
• Identify software development deliverables and artifacts. Identify what IP rights licenses the
Government will acquire to those deliverables and the access to software development
artifacts. Specifically, describe the approach to provide authorized representatives with
access to developer and subcontractor facilities to review SW products and activities.
Expectation: Program will plan for the integration of software “procurement” and “sustainment”
activities. Software functionality will be developed, delivered, and sustained continuously across
its life cycle; therefore, it must be constantly maintained to retain capability and to, for example,
address future security threats and a potential increase in functionality. Software system safety
should also be addressed.
3.2.8.3 Software Execution Phase
Address the following execution aspects for software engineering activities:
• SW development environment (e.g., software factory, digital ecosystem integration):
establishing, controlling, and maintaining a software development environment, to include
(1) SW engineering environment, (2) SW test environment, (3) SW development library, (4)
SW development files, (5) non-deliverable SW, and (6) SW assurance considerations,
including tool selection
• SW requirements analysis: requirements decomposition process, including the steps
needed to ensure that SW requirements are stable, traceable, prioritized and allocated to
iterations; how deferred requirements will be managed
• SW design approach: (1) global design decisions, (2) architectural design, and (3) detailed
design, with each area addressing: (4) SW Safety/Airworthiness, (5) Cybersecurity, and (6)
Reliability/dependability (e.g., Site Reliability Engineering), (7) MOSA considerations, and
(8) Software Assurance
• How the architecture and design strategy underpins SW sustainability
• SW integration and test approach, including (1) mapping of dependencies and performing
frequent end-to-end integration and test, (2) preparing for integration and test, (3)
performing integration and test, (4) recording and analysis of integration and test results,
and (5) regression test of revisions