In-depth Analysis of GJB5000B: Military Software Capability Maturity Model

（一） Maturity level: Five level progressive model
The maturity model of GJB5000B is divided into five levels, presenting a progressive grading feature, with each level serving as the cornerstone for achieving the next level.
Initial level (Level 1): Passed the weapon and equipment quality management system certification based on GJB9001C-2017, possessing basic software development capabilities.
Standard level (Level 2): Established process improvement organizational structure and process standards, with the ability to replicate successful experiences in similar projects.
Comprehensive Level (Level 3): Fully implement process management and have the comprehensive ability to respond to complex projects.
Quantitative Level (Level 4): Through quantitative management methods, achieve precise control over the software development process.
Excellent Level (Level 5): Achieve industry-leading level on the basis of continuous improvement.
(Note: First time applicants can apply for up to 2 levels and need to be promoted step by step)

（二） Capability Domain: Four Pillar Systems
Covering all elements of software development and forming structural support for capacity building:
1. Process management capability
Core process areas: project planning, project monitoring, supplier agreement management, quality assurance, etc.  
Goal: Ensure that tasks are executed according to plan and risks are controllable.  

2. Engineering and technical capabilities
Core process areas: requirement development, architecture design, code implementation, validation testing, deployment and maintenance, etc.  
Innovation point: New digital engineering requirements such as Model Driven Development (MDD) and Digital Clue Tracking have been added.  

3. Support and guarantee capability
Core process areas: configuration management, decision analysis, organizational training, infrastructure management, etc.  
Key requirements: Tool chain localization rate ≥ 80%, data penetration rate ≥ 95%.  

4. Improve innovation capability
Core process areas: quantitative process management, causal analysis and resolution, continuous optimization, etc.  
Quantitative indicators: Defect repair cycle shortened by 30%, requirement change rate ≤ 15%.  

（三） Process domain: 19 core control nodes
Each process area includes dedicated objectives (SG) and dedicated practices (SP), with a focus on:
1. New Process Domain
Threat and Vulnerability Analysis (Network Security): Require attack tree modeling and penetration testing;  
Intelligent algorithm governance (AI software): covering data quality verification and algorithm interpretability evaluation.  

2. Strengthen the process domain
Requirement development: Mandatory requirement bidirectional traceability and conflict resolution;  
Verification testing: Code coverage rate is required to be ≥ 90% (100% for critical software).  

3. Cross domain collaboration requirements
Software hardware collaborative development: Embedded systems require joint simulation of requirements, hardware, and software;  
Supply chain management: Supporting suppliers need to pass GJB5000B Level 2 certification.  

（四） Support system: toolchain and data base
1. Tool chain requirements
Requirement management: DOORS, Polarion (domestication alternatives require military certification);  
Development validation: Matlab/Simulink (military version), static code analysis tools (such as Klocwork).  

2. Data connectivity mechanism
Establish an organizational level process asset repository (including templates, guidelines, and historical data);  
Deploy an integrated management platform to achieve full traceability of requirements, design, code, testing, and defects.

Enterprises or units applying for GJB5000B certification must meet the following conditions:

1. Possess valid qualifications
The applying unit must have a valid GJB 9001C qualification (i.e. weapon and equipment quality management system certification).

2. Sound organizational structure
The software development quality management responsibilities of relevant departments and personnel need to be clarified, and the organizational structure should be sound.

3. Requirements for software development capability level
According to relevant national military standards, the software development tasks undertaken or planned to be undertaken require a software development capability level of at least Level 2 (including Level 2).

4. Running time of software process system
Units applying for the Level 2 preliminary evaluation of military software development capabilities must establish and effectively operate a software process system for at least 3 months and complete internal evaluations.
Units applying for the preliminary evaluation of military software development capability level three must maintain their current development capability level effectively for more than 2 years. The software process system for which they intend to apply for the development capability level must be established and effectively operated for more than 6 months and have completed internal evaluation.

5. Quality records in the past three years
There have been no major quality issues caused by software quality in the past three years.

6. Undertake military software development tasks
The unit needs to undertake or intends to undertake military software development tasks.

7. Internal evaluation and rectification
The applying unit needs to complete internal evaluation and rectification work to ensure that the software process system meets the requirements of GJB5000B.

8. Project and personnel requirements
At least 4 pilot projects must be selected and cover the entire software lifecycle.
The selected project personnel must account for at least 40% of the software development personnel of the certification unit.
The project scale needs to reach a medium project scale within the organization, with a construction period of at least 6 months.

9. Other requirements
The interval between the application date and the date of the last evaluation failure shall not be less than 1 year.
Comply with the requirements of the Military Software Development Capability Evaluation Procedure.
The re evaluation application should be submitted 9 months before the expiration of the qualification period of the research and development unit. In addition, if the applying research and development unit fails to accept the evaluation due to its own reasons within 3 months from the date of receiving the research and development level evaluation notice, it shall resubmit the application.

（一） Meet military access requirements
In 2017, the Equipment Development Department issued Document No. 73, requiring strict implementation of the military software development capability evaluation system by December 2020. Starting from March 2024, units that have not passed the corresponding level of GJB5000B evaluation will lose their eligibility to participate in the bidding and ordering of military research and development tasks.

（二） Enhance the competitiveness of enterprises
The GJB5000B certificate has been listed as a supplier admission requirement in multiple military bidding documents. By implementing GJB5000B, enterprises can not only enhance their reliable and professional brand image in the military, but also occupy a priority position in market expansion.

（三） Improve software quality and reliability
GJB5000B ensures that every aspect of software development, from requirement analysis, design, development to testing and maintenance, meets strict quality standards through standardized software development lifecycle management. This helps to reduce software defects, improve software stability and reliability, thereby ensuring the performance and combat effectiveness of weapons and equipment.