Quality software has always been a priority at the laboratory. Our current effort – to help ensure that the software we develop and use meets performance requirements and specifications – involves revisions to Fermilab’s existing Software Quality Assurance (SQA) program. Lessons learned and feedback were gathered from the implementation of the program over the last few years, and resulted in an improved program document as well as a new supplemental Quality Assurance Manual (QAM) chapter.
What has changed?
The SQA program document was updated to clarify specific requirements throughout the software development lifecycle process, and improve the readability of the document.
The definition for ‘Collaboration Applications’ was added to the Exclusions and Special Provisions section. It clearly defines what collaboration applications are, and whether or not they should be considered for applicability under the SQA program.
Reference to the new QAM Chapter 12090 – SQA Grading & Inventory Procedure was added. The new chapter helps describe how to inventory and grade applications that fall under the requirements of the SQA program.
A potential consequence has been added to the Moderate Quality Assurance Level stating: “Potential consequences if an application does not perform as intended can lead to compromises in systems with personal identifiable information (PII).”
A Quality Control Measure was removed: “Sufficient level of detail in the requirements to develop test cases.” This control measure was removed since the sufficient level of detail needed to develop test cases is implied when collecting requirements.
The following Quality Control Measures were added:
- Test evidence is recorded for all test cases. (Note: This is mandatory for applications graded with a High Quality Assurance level.)
- User acceptance test results must be reviewed and approved prior to production release.
- A traceability matrix must be updated during each phase of the project to ensure all requirements are accounted for. (Note: This is mandatory for applications graded with a High or Moderate Quality Assurance level.)
- Collect and record problems; and ensure that corrective actions are tracked through to completion. (Note: This is mandatory for applications graded with a High Quality Assurance level.)
The SQA program still applies to all software applications used at Fermilab. Individuals responsible for specific applications should continue to use a graded approach based on the analysis of potential risks, should the software not perform as intended. Evaluating each software application against potential consequences allows for the implementation of quality control measures at appropriate levels and ensures the software we develop and purchase meets performance requirements and expectations.