Certification Process Overview. Wes Turner, Kitware Inc. Matthew McCall, KRM Associates Inc.

Transcription

1 Certification Process Overview Wes Turner, Kitware Inc. Matthew McCall, KRM Associates Inc.

2 Certification Approach Attest that software is Safe, Compliant and Functional. Plan publicly available: ert_plan_v1.0.pdf Initial Surge Phase through Transitioning to Early Maturation Phase.

3 Initial Surge Goals Establish Baseline Repository. Develop Certification Plan. Implement Environment for Initial Certification. Perform Initial Certification of Repository.

4 Initial Surge Milestones Project Start Certification Plan Finalized Certification Environment Notification of Acceptance

5 Certification Plan Overview Software Quality Certification Plan. Focus on safe, compliant, and functional. Safe: Individual code units do not cause errors in other components of the system and the code is robust to all code paths and conditions. Compliant: Code meets agreed upon interface specifications and is adherent to all applicable laws and reservations. Functional: Code has a defined set of requirements that are met when the code executes.

6 Certification Environment Git: Version Control. Enterprise Architect: Architecture Reference. Gerrit: Code Review. CTest: Automatic Testing. CDash: Dashboarding. Technical Journal: Documentation and Attestation. Bug Tracking: JIRA.

7 What Software Quality Certification Is Focus on safe, compliant, and functional. Safe: Individual code units do not cause errors in other components of the system and the code is robust to all code paths and conditions. Compliant: Code meets agreed upon interface specifications and is adherent to all applicable laws and reservations. Functional: Code has a defined set of requirements that are met when the code executes. A First Step

8 What Software Quality Certification Is Not The Final Word The initial framework is powerful But open source and adaptable Certification steps based on VA ProPath Procedures Can and will be adapted to the community needs We need you to get involved and drive the process!

9 Process Diagram XML Dashboard XML CTest XML Gerrit Code Review Automated Tests (XINDEX + Others) Contributor Mods Contributor Package OSERHA Technical Journal Review Git Clone

10 Support for certifying software quality on bug fixes, minor code changes, and periodic OSEHRA releases. GERRIT REVIEW TOOL

11 Reviewing code changes and release candidates The review (red arrow), and diff buttons (blue arrows) provide mechanisms for looking at the code changes and for starting a review. Expand to include Attestation Column

12 Reviewing code changes and release candidates Actual attestations are simple, but linked to the current ProPath Procedures. Two levels allow for peer review to attest code quality and SQA review to ensure compliance with applicable standards. mons/document/oshera-mcode-peer-review-checklist mons/document/oshera-finalreview-checklist

13 Support for certifying new package contributions or major code refactoring OSEHRA TECHNICAL JOURNAL

14 Reviewing larger code contributions The OSEHRA Technical Journal provides mechanisms for formal review (blue arrow) and informal, thumbs up, review (red arrow).

15 Reviewing larger code contributions Again, the initial attestations can be simple. Review checkboxes instantiate the peer and final review checklists.

16 Reviewing testing and attestation results OSEHRA SOFTWARE QUALITY DASHBOARD

17 Code Quality Dashboard A dashboard maintains the current state of the system including all of the automated testing and the manual attestations. Gerrit Reviews (Manual) Nightly Tests (Automated) Manual Verifications (Automated) OTJ Reviews (Manual)

18 Code Quality Dashboard Manual attestations can be viewed over longer time periods for both the Gerrit review site, Nightly Tests (Automated) Manual Verifications (Automated)

19 Code Quality Dashboard And the OSEHAR Technical Journal Site

20 Notification of Acceptance Presumption of Quality through FOIA Release. Baseline Software Quality Release. Initial Certification of Codebase as Safe, Compliant, and Functional. Includes: X-INDEX Review, Functional Review, Test Installation from repository.

21 Early Maturation Phase Goals Software Quality Certification process improvement and growth. Must support existing VA developers. Software Release Certification development and growth. Must align with requirements of the VA. Focus on process transparency and portability. Next Generation EHR. Must be applicable across projects and environments. Align with collaborative goals of the ecosystem.

22 Software Quality Certification process improvement and growth. Purpose of tomorrow s working group. Find gaps between our approach, and VA. Develop strategy for establishing boundaries and requirements for software submission to VA. Develop action plan for collaborating past this event.

23 Software Release Certification development and growth. OSEHRA will be incrementally releasing gold versions. Build process on top of Software Quality Certification. Continue assessing and integrating VA Requirements. Agile Model and Release Certification. Example Release Certification Elements: Pre-Certification. Documentation. Test Cases. Architectural Compliance. Certification. Request Prioritization. Functional Evaluation. Technical Evaluation. Code Review. Certification Release. Release Distribution. Community Engagement.

24 Focus on process transparency and portability. iehr and additional projects are coming. Software Quality and Release Certifications both affected. Continue assessing and integrating VA Requirements. Facilitate the migration of these processes from VistA to iehr and beyond. Encourages more robust community participation. Integrators, Practitioners, (ex. DSS, Medsphere, IBM, CHNWV). Initial projects to support these goals.