INFORMATION
ASSURANCE
Security
Certification
& Accreditation
Disaster
Recovery & Contingency Planning
Independent Validation
& Verification
All Services
Home
....
.....
|
|
Independent
Verification and Validation (IV&V)
The Software Engineering Institute (SEI)
Capability Maturity Models (CMM) defines Validation and Verification
as Level 3 Engineering Process Areas. Validation, as defined in “CMMI
Guidelines for Process Integration and Product Improvement,” is
to demonstrate that products or product components fulfill their intended
purpose when placed in their intended environment. Verification ensures
that selected work products meet their specified requirements.
The objective is to minimize your risk and maximize your benefits from
implementing new products, systems, and applications.
Lines of Business have significant investments in new applications,
systems, processes, architectures, training and procedures. Prior to
implementation, concerns are raised: Will the new system
work in the agency’s infrastructure? How will it work with other
applications? What impact will the new application have on the infrastructure?
Will the new application introduce any security vulnerabilities? Do
we need additional infrastructure investment? How can we cost effectively
assess these impacts?
DSD can minimize your risk with
our DSD Information Assurance Laboratory (DIAL). Because of our experience,
DIAL has developed a rigorous, comprehensive test methodology to answer
these key questions. DIAL uses a System Development Life Cycle (SDLC)
methodology, tailored for each customer’s needs to address a system
or component set.
Facility
DIAL is a secure 4100 square foot facility in Fairmont, WV dedicated to IV&V testing. The facility is well equipped to perform all testing operations and contains four dedicated test areas, each network capable with a cipher-lock secured entrance. Substantial space is also available to overflow test capability.
Staffing
It is staffed, full-time, by a multi-disciplined team with expertise in full-spectrum IT infrastructure from the WAN entry point of the carrier through application layers of systems and components. DIAL’s staff is cleared and has both civilian and military agency experience.
DIAL IV&V Process
DSD can independently verify and validate applications by testing them in their intended environments. Typically, DIAL would leverage an agency’s current operating environment. Alternatively, DIAL could construct a test environment, install the application, and test it. DIAL would examine resource usage (bandwidth, memory, disk space, etc.) issues as well as integration issues with operating infrastructures. DIAL minimizes risk while maximizing benefits.
SDLC Phase |
Typical Tailorable DSD Process Steps |
Typical Techniques |
DSD Deliverable |
Planning
(System Request)
|
|
|
|
|
|
Review Technical Feasibility
Assess Economic Feasibility
Examine Organizational Feasibility
|
|
|
|
Time Estimation
Task Identification
Work Breakdown Structure
Pert Chart
GANTT Chart
Scope Management
|
|
|
|
Project Staffing
Project Charter
|
|
|
Control and Direct
Project
|
CASE Repository
Determine Standards
Manage & Identify Documentation
Risk Management
|
Standards List
Risk Assessment |
Analysis
(System Proposal)
|
Develop Analysis Strategy
|
Business Process Automation
Business Process Improvement
Business Process Reengineering
|
|
|
Determine Business Requirements
|
Interview key Stakeholders
JAD session
Questionnaire
Document Analysis
Observation
|
|
|
|
|
|
|
|
|
|
|
|
Entity Relationship Modeling
Normalization
|
|
|
Develop Continuity of Operation
|
Interview
Standards
Risk Management
Verify Standard, e.g. PDD-67
|
|
Design
(System Specification)
|
|
Design Selection
Data Flow Diagramming
Entity Relationship Modeling
|
Physical Process Models
Physical Data Model
System Specification
|
|
Architecture Design
Hardware & Software Selection
|
Architecture Report
Hardware & Software Specifications
|
|
|
|
Use Scenario Modeling (Design Reference Mission Profile, DRMP)
Validate Interface Standards
Review Interface Prototype
Analyze Interface Evaluation
|
|
|
Design Databases and Files
|
Data Format Selection
Denormalization
Performance Tuning
Size Estimation
|
|
|
|
Transform Analysis
Program Structure Chart
Program Specification
|
|
Implementation
(Installed System)
|
|
Programming
Software Testing
Performance Testing
|
Test Plan
Programs
Documentation
|
|
|
Deployment Strategy Session
|
|
|
|
Conversion Style Selection
Training
|
Conversion Plan
Training Plan
|
|
|
Support Selection
System Maintenance
Project Assessment
|
Support Plan
Problem Report
Change Request
|
|
|
Post implementation Audit
|
Post implementation Audit Report
|
|
