Title Page
-
Site conducted
-
Conducted on
-
Project / Software Name
-
Software Owner / SME / SCCC
-
Prepared by (Software Quality Assurance Inspector/Auditor)
-
Location
Instructions
-
This checklist references to IEEE 1012:2016(IEEE Standard for System, Software and Hardware Verification and Validation) as guidance on the adequacy of the Software Verification and Validation Plan (SVVP). Although the standards cover system, hardware and software V&V, this checklist will focus on the software V&V checks.
-
Verification (builds the product correctly) - checks for objective evidence to determine whether the products: 1) Conform to requirements for all activities during each life cycle process. 2) Satisfy the standards, practices and conventions during life cycle processes. 3) Successfully complete and satisfy the criteria for each life cycle activity.
-
Validation (builds the correct product) - provides evidence to determine whether the products: 1) satisfy system requirements allocated to the products at the end of each life cycle activity. 2) solve the right problems (eg. use the proper system assumptions, implement business rules). 3) satisfy the intended use and user needs in the operational environment.
SVVP and System Requirements V&V Checklist
-
Has the Software Verification and Validation Plan (SVVP) or equivalent been established?
-
Are there any other related documents that cover V&V controls across the SDLC phases? (eg. Software Test Plan )
-
Are the system requirements allocation to the software verified for correctness, accuracy, traceability and completeness against customer requirements?
-
Are the system architectural design validated to satisfy customer requirements in terms of 1) system functions, 2) end-to-end system performance, 3) feasibility and testability of functional requirements, 4) system architecture design, 5) operation and maintenance requirements where applicable.
-
Have the necessary hazard, risk and security analysis been performed on the conceptual system?
Software Requirements Analysis V&V
-
Have the software requirements/interfaces in SRS / IRS documents been evaluated for correctness, consistency, completeness, accuracy, readability, testability, and traceability?
-
Have all software requirements been identified? And were these software requirements verified to be bi-direction traceable to system requirements?
-
Have documentation of V&V controls (eg. test cases, procedures, results) been planned for the applicable test phases (unit test, integration test, qualification test, acceptance test)?
-
Has the necessary software requirements contributing to each system hazard, security requirements that address the system security risks, and any other risks, been identified and addressed?
Software Design V&V
-
Have the software design elements/interfaces in SDD/IDD documents been evaluated for correctness, consistency, completeness, accuracy, readability, testability, and traceability?
-
Have documentation of test design V&V (eg. test cases and test steps) been planned for the applicable test phases (unit test, integration test, qualification test, acceptance test)?
-
Have the necessary hazard, risk and security analysis that have been performed been updated with strategies (prevention, mitigation, control, avoidance) to address these hazards, non-security and security risks?
Software Development V&V
-
Have a software development plan and unit test plan ot their equivalent been established, reviewed and approved?
-
Have the source code and source code documentations been evaluated for correctness, consistency, completeness, accuracy, readability and testability?
-
Have the software source code interfaces with hardware, software, system and user been verified and validated for correctness, consistency, completeness, accuracy, testability?
-
Have the source code and source code documentations been bi-directional traceable to design as well as requirements?
-
Have the software unit test cases been validated for correctness, consistency, completeness, accuracy, testability?
-
Have the software units been verified with unit test cases to ensure that the software conforms to test requirements? Have all software unit tests resulting in failures been corrected and re-tested?
-
Process Verification - Are the activities during the implementation phase are in compliance with the life cycle processes documented in the plans.
Software Integration V&V
-
HAve an integration plan and integration test plan or their equivalent have been established, reviewed and approved?<br>
-
Have the software integration components and their documentations been evaluated for correctness, consistency, completeness, accuracy, readability and testability?
-
Have the software integration components and their documentations been bi-directional traceable to design specifications?
-
Have the software integration components been verified with integration test cases to ensure that the software conforms to test requirements? For the integration tests that failed, are the integration components being corrected and re-tested?
-
Have the integration test cases been validated for correctness, consistency, completeness, accuracy, testability?
-
Process Verification - do the activities during the Integration phase comply with the life cycle processes documented in the plans?
Software Qualification/Acceptance Test V&V
-
Have the qualification/acceptance test plan or its equivalent has been established, reviewed and approved?<br>
-
Have the software and the qualification/acceptance test documentations been evaluated for correctness, consistency, completeness, accuracy, readability and testability?
-
Have the software qualification/acceptance test documentations been bi-directional traceable to test plan, test procedures, and design specifications?
-
Have the software been verified with qualification/acceptance test cases to ensure that the software conforms to test requirements? Is the software that is resulting in test failures being corrected and re-tested?<br>
-
Have the qualification/acceptance test cases been validated for correctness, consistency, completeness, accuracy, testability?
-
Process Verification - Do the activities during the Qualification/Acceptance phase comply with the life cycle processes documented in the plans?
Software Installation and Checkout V&V
-
Are all required software products and their versions in the installation package verified to be correct and complete prior to checkout?
-
Are all site-dependent parameters or conditions validated to ensure that these values are correct for the environment to be installed?
-
After checkout, were tests conducted to verify that the installed software corresponds to the software subjected to earlier V&V?
-
Have the necessary hazard, risk and security analysis been updated to include the installed software and the installation documentations? Are these hazards, non-security and security risks addressed?