10 Years of ISVV: What´s Next?

Independent verification and validation (IV&V) has been a key process for decades, and is highlighted in several international certification standards as an important process to support certification and guarantee high systems resilience. In the European market, ESA supported the definition of the "ESA ISVV Guide", a guidebook containing the description of tasks and procedures, defining uniform guidelines on how to carry out IV&V activities for software systems, called ISVV. This article presents the more relevant facts related to safety-critical software development quality metrics performed by independent assessments (ISVV) of quite mature systems, providing the grounds to evaluate the return on investment (ROI) of the independent assessments. The discussion covers metrics such as effort required to perform specific types of assessments (requirements analysis, design analysis, code inspections, etc) and the obtained results on terms of number of issues found per hour or per artifact according to the issues severity and to the customer acceptance rate of the issues. This study includes data from 10 years of ISVV over a large set of projects from distinct domains (safety-critical and mission-critical). Not only the results and the main findings are discussed, the authors also present their view on how will IV&V/ISVV evolve and contribute to software/system certification and system\´s dependability improvement in the next 10 years. Case studies details and institutions involved cannot be disclosed.