Assessing traceability – Practical experiences and lessons learned

G. Regan, M. Biró, D. Flood, F. Mc Caffery. Assessing traceability – Practical experiences and lessons learned. Journal of Software: Evolution and Process, volume 27, number 8, pages 591-601, DOI 10.1002/smr.1728, 8, 2015.

  • Gilbert Regan
  • Miklós Biró
  • Derek Flood
  • Fergal Mc Caffery
JournalJournal of Software: Evolution and Process

Software systems are becoming increasingly complex. Creating and maintaining the links between artefacts such as test cases, requirements documents, and source code is a difficult and expensive task. Therefore, most existing software systems lack explicit traceability links between artefacts, or if implemented, is often not leveraged to take advantage of the information it can provide to a development or validation team.

Within the medical device domain, as in other safety critical domains, software must provide reliability, safety and security because failure to do so can lead to injury or death. Regulation normally requires safety critical systems are certified before entering service. This involves submission of a safety case (a reasoned argument that the system is acceptably safe) to the regulator. A safety case should include evidence that the organisation has established effective software development processes that are based on recognised engineering principles appropriate for safety critical systems. At the heart of such processes, they must incorporate traceability.

However, numerous barriers hamper the effective implementation of tracea-bility such as cost, complexity of relationship between artefacts, calculating a return on investment, different stakeholder viewpoints, lack of awareness of traceability and a lack of guidance as to how to implement traceability.

In this paper we address the lack of guidance on traceability implementation by presenting our experience of developing and trialling a traceability assessment model in two medical device organisations. We show that the assessment model was successful in identifying strengths and weaknesses in both organisations implementation of traceability. Through experience of trialling the model we propose an idea to improve it by automation, using the Open Services for Lifecycle Collaboration (OSLC) initiative.