Change Management

Software is frequently complex, and the impact of altering specification, design or implementation may be difficult to assess. In safety critical applications, it is important to ensure that any changes have been made with due consideration. Clear responsibility for detailed changes should be recorded alongside descriptions of what was changed. Automated systems can greatly assist in enforcing that an agreed process is followed precisely and that full records of change are obtained.

Change control is frequently partitioned into two aspects:

• Control of versions of documents, such as specifications and source code. This version control ensures that releases of systems may be recovered according to previously defined conditions. The system user may determine not only how a system was at some previous point in time, but may uncover the sequence of changes to its component parts.
• Control over the process of change itself. Requests for change are submitted to developers, for instance to correct defects or to provide enhancements. Such requests for change should be monitored and subjected to an approval process, which ensures that proper consideration of the impact of any change has been given and the changes have been adequately tested.

The two aspects should be unified by tools to ensure that their respective functions are linked. Following a request for change, it is important to be able to revert to an earlier condition and also to find out exactly what was changed in response to the request.

Our whitepaper on Change Management looks at the particular tool we use in more detail.