1 / 37

Section 508 and the System Development Life Cycle

Section 508 and the System Development Life Cycle. Section 508 Coordinators Meeting Gettysburg 2009. Panelists. Kyle Zdanowski Section 508 Coordinator Internal Revenue Service - IRS Mark Rew Team Leader, Blind and Low Vision Team Computer/Electronic Accommodations Program (CAP)

adlai
Download Presentation

Section 508 and the System Development Life Cycle

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Section 508 and the System Development Life Cycle Section 508 Coordinators Meeting Gettysburg 2009

  2. Panelists • Kyle Zdanowski • Section 508 Coordinator • Internal Revenue Service - IRS • Mark Rew • Team Leader, Blind and Low Vision Team • Computer/Electronic Accommodations Program (CAP) • Norman B. Robinson • Office of Accessible Systems & Technology (OAST) • Department of Homeland Security

  3. What is the System Development Life Cycle?

  4. System Development Life Cycle • Named differently at different agencies: • Enterprise Life Cycle (ELC) • Systems Engineering Life Cycle (SELC) • System Development Life Cycle (SDLC) • Accomplishes the same mission: Ensuring that appropriate activities are planned and implemented in each stage of the life cycle to increase the project’s success

  5. Developed, Procured, Maintained, or Used Projects should be managed using a life cycle: • EIT contracts produce formal project deliverables • Development of EIT is part of a formal project • Procurements involve acquisitions of EIT for integration in a specific project • Maintenance of EIT is a part of a project’s ongoing operations and maintenance • Some EIT is used without formal acquisition: integrating already acquired technology or Open Source Software into your project

  6. Where is Section 508 in Your Lifecycle? • If at the end, many missed opportunities, with increased risk and costly repairs or replacements • If at the beginning, great opportunity to make an effective difference, with the target of accessibility hit more often and efficiently

  7. Section 508 Throughout the Lifecycle 1) Requirements: • Begin to identify applicable 508 standards 2) Design: • Refine applicable 508 standards 3) Development: • Develop with 508 standards in mind 4) Implementation: • Test against 508 standards 5) Maintenance: • Mitigate failures found after deployment

  8. 1) Requirements (Analysis, Planning) • Partnership with clients and stakeholders • Determines mission and goals (including usability/accessibility) • Determines the expectations and sets performance benchmarks (including how accessible) • Maps resources and schedule

  9. Planning for Section 508 Compliance: Project plans must include compliance activities based on alignment with the stages of the Life Cycle These activities are general steps taken in any Section 508 compliant life-cycle planning Official forms standardize documentation Official policy standardizes responsibility decision points 1) Requirements (Analysis, Planning)

  10. 1) Requirements (Analysis, Planning) Section 508 Education/Outreach • Tools - GSA's Buy Accessible Wizard • Online Training - Guides/Tutorials • Briefings (to individuals, projects, or in bulk) • Assistive technology demonstrations

  11. 1) Requirements (Analysis, Planning) Business Requirements and Legal Compliance • Identify the business requirements • These requirements will be used during evaluation of alternatives to determine if technologies should be commercially purchased or custom developed • Legal compliance: • Utilize standardized contract language

  12. 1) Requirements (Analysis, Planning) Possible Early Exception: • National Security Determination • Determine if a Section 508 National Security Exception (NSE) applies • If authorized, additional planning is not required for that particular EIT • “Distinct technology” • Section 508 is never waived; exceptions are specified

  13. 1) Requirements (Analysis, Planning) Section 508 Technical Compliance for Each Distinct Technology: • determine what Section 508 standards apply • determine if any other Section 508 exceptions apply • Provide approved Section 508 Request and Authorization Forms during any reviews • For Pilots: Alternative Analysis required

  14. 1) Requirements (Analysis, Planning) Determine what Section 508 standards apply: • Functional performance criteria (§ 1194.31 ) always apply • Meeting functional performance criteria should be accomplished through meeting the technical standards where possible

  15. Project Owner Responsibility and Accountability

  16. Accountability • Who is responsible? The project owner. • Project owner tests • 508 Program has oversite • Define procedures to address conformance failures

  17. 1) Requirements (Analysis, Planning) Determine what Section 508 Technical Standards apply: • 1194.21 Software applications and operating systems • 1194.22 Web-based intranet and internet information and applications • 1194.23 Telecommunications products • 1194.24 Video and multimedia products • 1194.25 Self contained, closed products • 1194.26 Desktop and portable computers

  18. 2) Design (Concept) • Foundation for the user experience (including the assistive technology user) • High-level concepts • Constructs prototype (One that is accessible for stakeholders who use assistive technology!) • Blueprint for the entire project • Establish and validate the technical approach (Ask, does it meet the accessibility requirements?”)

  19. 2) Design • Requirements in cases of Development and Customization • If the project involves development or custom integration of EIT: • incorporate Section 508 Functional Performance Criteria into the functional requirements documentation and • include applicable Section 508 Technical Standards in the technical requirements documentation • include both into the project’s schedule & requirements • traceability matrix

  20. 2) Design • Compliance Expectations • All developed systems or items are expected to fully comply with all applicable technical and functional performance requirements • Legal compliance: • Standardized contract language • Customized contract language for functional and technical requirements

  21. Selection is Design Purchasing Most Compliant Products: • For each commercial or government item (COTS/GOTS) used in the project: • Perform market research • Determine applicable Section 508 Technical Standards • Select the most accessible system or item that best meets business needs • Vendor accessibility claims can be validated through testing • Does vendor accessibility compliance documentation provide all information needed to make a decision?

  22. Section 508 Planning • Plan for Section 508 accessibility testing against the requirements • Include Section 508 when developing traceability matrix, system acceptance plans, and test plans • Ensure schedule includes adequate time to integrate, test, and resolve any Section 508 defects • Test using standardized, approved testing methodologies & tools • Conduct interoperability test using assistive technologies • Ensure electronic documentation and training meets Section 508 requirements • Ensure any special configuration information related to assistive technologies is documented and available to the users

  23. 3) Development • Develops an implementation plan • Uses unit testing (Includes accessibility testing when the unit has accessibility requirements) • Created and use an accessibility/Section 508 check list • Perform end-to-end accessibility testing

  24. 3) Development • Software Development Life Cycle • Developers addressing Section 508 for the first time in development are at a disadvantage • Increases project risk • Often seen in organizations lacking a SDLC • Increases pressure on Section 508 Program • Developers must test internally • “Throwing it over the fence” • Even formal IV&V requires developers to test

  25. 4) Implementation (Integration, Deployment, Testing) • User acceptance testing (include stakeholders - to test accessibility) • Process metrics include accessibility bug fixes • Each iteration is completed with a full compile, load, and system test which includes testing for any broken accessibility • “I just heard something about 508...” • Risk of project failure • Increased pressure on Section 508 Program

  26. 4) Implementation (Integration, Deployment, Testing) Pre-Deployment Testing: • Test against the requirements, to include Section 508 requirements • Test and plan to resolve any Section 508 defects • Testing using standardized, approved testing methodologies • Conduct interoperability testing with assistive technologies • Ensure electronic documentation and electronic training meets Section 508 requirements • Ensure any special configuration information related to assistive technologies is documented and available to the users • Track Section 508 defects for any developed items • Track COTS/GOTS failures to meet Section 508 Technical Standards

  27. 4) Implementation (Integration, Deployment, Testing) Testing: • Test Plan • Testing Methods: Manual, Automated, with Assistive Technology • Test Results • Failure Mitigation (Short Term and Long Term) • Remediation Planning

  28. 5) Maintenance (Operations, Support) • Review and document all phases of the project • Process analysis (continuous improvement) • Configuration and change management that considers the affect on accessibility when modifications are made

  29. 5) Maintenance (Operations, Support) Specific Considerations: • Lessons Learned • Maintenance or New Release • What is changing? • Do the changes affect the accessibility of the system?

  30. 5) Maintenance (Operations, Support) • Remediation Plans: a plan to resolve defects • Document accessibility problems reported during integration and operations as Section 508 defects • Develop a remediation plan to include reporting any product deficiencies found (typically in test) • Vendor (COTS) • Developers (developed items) • Establish timelines for bringing EIT into compliance • Without a timeline you do not have a plan • Proactive approach

  31. 508 Program Responsibility and Accountability

  32. Address the Challenges • Lack of formal policies that include Section 508 • Section 508 not explicitly defined in agency’s life cycle • Section 508 not included in change control processes • Section 508 not included in acquisition reviews • To standardize and create initial contract language • To standardize review and approval of contract language • Formal approval any general exceptions • Lack of standardized testing approach • Lack of formal Section 508 training program

  33. Integration into Organizational Culture • The contract statement of work contains specific accessibility and Section 508 requirements and metrics • Accessibility awareness is through out the staff and life cycle • Accessibility questions during potential employee interview • Employee training (Including a base line accessible code training) • Part of the requirements at all phases • User interface specialist is knowledgeable of accessibility • UI specialist attends the code review meetings • Accessibility is part of testing and quality control • Risk analysis includes analyzing the risk of a unit being accessible or usable for assistive technology • Accessibility is considered at all phases of the methodology

  34. Conclusion • Agencies should have a formal Section 508 policy that is inclusive of Section 508 in agency processes • A formal life cycle ensures that appropriate Section 508 activities are planned and implemented in each stage of the life cycle to increase the project’s Section 508 compliance success • Less impact on cost or schedule when Section 508 is part of the process • Significant impact on cost and schedule when Section 508 is not part of the process • Remediation Plans reduce ongoing risks • Section 508 life cycle compliance integrates with Security, Information Assurance, Privacy, and Performance Standards

  35. Questions? • Please ask questions or briefly share your thoughts about Section 508 in the system development life cycle.

  36. Contact Information • Kyle Zdanowski Section 508 Coordinator Internal Revenue Service - IRS Information Resources Accessibility Program - IRAP Email: 508@irs.gov • Mark Rew Team Leader, Blind and Low Vision Team TEL 703-681-8812 FAX 703-681-9075 Computer/Electronic Accommodations Program (CAP) visit us online www.tricare.mil/cap" "CAP" your wasteful ways and Reduce, Reuse and Recycle • Norman B. Robinson Office of Accessible Systems & Technology (OAST) Department of Homeland Security voice: 202-447-0322, cell: 202-834-3192 norman.b.robinson@dhs.gov

  37. SDLC/SELC References • DHS Acquisition Instruction/Guidebook #102-01-001: Appendix B B-i Interim Version 1.9 November 7 2008

More Related