| Name |
Description |
Abstract |
Status |
Publication date |
Edition |
Number of pages |
Technical committee |
ICS |
| ISO/IEC 14598-3:2000 |
Software engineering — Product evaluation — Part 3: Process for developers |
|
Withdrawn |
2000-02 |
Edition : 1 |
Number of pages : 16 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14598-4:1999 |
Software engineering — Product evaluation — Part 4: Process for acquirers |
|
Withdrawn |
1999-10 |
Edition : 1 |
Number of pages : 34 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15026-1:2013 |
Systems and software engineering — Systems and software assurance — Part 1: Concepts and vocabulary |
ISO/IEC 15026-1:2013 defines assurance-related terms and establishes an organized set of concepts and their relationships, thereby establishing a basis for shared understanding of the concepts and principles central to all parts of ISO/IEC 15026 across its user communities. It provides information to users of the subsequent parts of ISO/IEC 15026, including the use of each part and the combined use of multiple parts.
Coverage of assurance for a service being operated and managed on an ongoing basis is not covered in ISO/IEC 15026.
|
Withdrawn |
2013-11 |
Edition : 1 |
Number of pages : 24 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14598-5:1998 |
Information technology — Software product evaluation — Part 5: Process for evaluators |
This part of ISO/IEC 14598 provides requirements and recommendations for the practical
implementation of software product evaluation when several parties need to understand, accept and
trust evaluation results. In particular, it may be used to apply the concepts described in
ISO/IEC 9126.
The process described in this part of ISO/IEC 14598 defines the activities needed to analyse
evaluation requirements, to specify, design and perform evaluation actions and to conclude the
evaluation of any kind of software product.
The evaluation process may be used to evaluate already existing products, provided the needed
product components are available, or to evaluate products in development.
NOTE For the evaluation of a product in development, the evaluation process needs to be
synchronized with the software development process and product components are evaluated as they
are delivered.
This part of ISO/IEC 14598 may be used by
- testing laboratory evaluators, when providing software product evaluation services,
- software suppliers, when planning evaluation of their products, including evaluation to be
carried out by independent testing services,
- software acquirers, when requesting evaluation information from a supplier or testing service,
- software users when evaluating products or when using evaluation reports provided by testing
laboratories,
- certification bodies in defining new certification schemes for software products.
|
Withdrawn |
1998-07 |
Edition : 1 |
Number of pages : 35 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14598-6:2001 |
Software engineering — Product evaluation — Part 6: Documentation of evaluation modules |
This part of ISO/IEC 14598 defines the structure and content of the documentation to be used to describe an
Evaluation Module. Evaluation modules are intended to be used within the context of the ISO/IEC 9126 and the
ISO/IEC 14598 multipart standards.
This part of ISO/IEC 14598 is intended to be used by experts in evaluation technology such as testing laboratories,
research institutes and others when producing new evaluation modules.
|
Published |
2001-06 |
Edition : 1 |
Number of pages : 31 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14750:1999 |
Information technology — Open Distributed Processing — Interface Definition Language |
This Recommendation | International Standard is intended to provide the ODP Reference Model (see ITU-T Rec. X.902 |
ISO/IEC 10746-2 and ITU-T Rec. X.903 | ISO/IEC 10746-3) with a language and environment neutral notation to
describe computational operation interface signatures. Use of this notation does not imply use of specific supporting
mechanisms and protocols.
|
Published |
1999-03 |
Edition : 1 |
Number of pages : 31 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14752:2000 |
Information technology — Open Distributed Processing — Protocol support for computational interactions |
This Recommendation | International Standard is based on the framework of abstractions and concepts developed in the
Reference Model for Open Distributed Processing (ITU-T Rec. X.902 | ISO/IEC 10746-2 and ITU-T Rec. X.903 |
ISO/IEC 10746-3).
This Recommendation | International Standard defines how interactions between computational objects in a
computational specification of a system relate to protocol support for those interactions in an engineering specification of
that system. In particular it:
? defines a General Interworking Framework (GIF);
? within the GIF, defines a set of facilities each comprising a set of functionally-related service primitives as
abstract definitions of the interactions of basic engineering objects and channel objects;
? defines the parameters of the service primitives of the GIF;
? defines the permitted sequence of the service primitives by means of state tables;
? specifies, in annexes, the mapping of the GIF service primitives and their parameters to the messages and
fields of particular protocols.
As specified in this Recommendation | International Standard, the GIF defines protocol support for a pragmatic subset of
the possible computational interactions defined in ITU-T Rec. X.903 | ISO/IEC 10746-3. It is also restricted in the
features of the protocol support and the supported transparencies.
The GIF, as specified here, defines:
? support for computational operations, but not for streams;
? support using stub, binder and protocol objects hierarchically, such that any interaction at the interworking
reference point of the supporting protocol object supports liaisons of one of those objects or of the basic
engineering object, and any interaction to support those liaisons is passed via that interworking reference
point; and
? interactions at a single interworking reference point, from the perspective of one side; interceptors are not
explicitly considered;
NOTE 1 ? It is intended that the GIF could be extended, in a future amendment, to support streams and flows. The present
specification is restricted to areas that are technically stable.
The GIF supports at least some forms of:
? access transparency; and
? location transparency.
The GIF as specified here also supports a limited equivalent of relocation transparency. Other transparencies are not
addressed in this present specification.
NOTE 2 ? It is intended that the GIF could be extended, in future amendments, to support additional transparencies.
The GIF does not explicitly model Quality of Service requirements.
The application of security-related issues to the GIF are not included in the current text and are for further study.
The set of mappings to particular protocols specified in annexes to this Recommendation | International Standard is not
exhaustive. The GIF could be mapped to other protocols.
NOTE 3 ? In particular, a mapping to the DCOM protocol family would be a candidate for an additional annex.
|
Published |
2000-04 |
Edition : 1 |
Number of pages : 29 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14753:1999 |
Information technology — Open Distributed Processing — Interface references and binding |
Interface references are crucial to interworking between ODP systems and federation of groups of ODP systems. An
interface reference embodies the information needed to establish bindings, including binding to objects at nodes that
support several different communication protocols and binding to objects in different management domains. An
interface reference further embodies the information required for the engineering mechanism to maintain bindings
between computational objects in the presence of distribution transparencies such as migration transparency. They are
the foundation of ODP location and relocation transparency.
This Recommendation | International Standard includes:
· a framework for binding interfaces and a generic binding protocol (for both stream and operational
interfaces);
· a specification of the generic information structure of interface references (for both stream and
operational interfaces);
· representation(s) for interface references when transferred using standardized protocols;
· identification of procedures for the management and transfer of interface references with respect to
individual transparencies;
· identification of node management interfaces related to binding and federation which create or transform
interface references;
· identification of requirements for quality of service information and for invocation of QoS or related
measurement procedures.
This Recommendation | International Standard provides an engineering description of the functionality needed to
support the computational binding of objects in ODP systems. Security and support for group communication are
important issues, but not within the scope of this Recommendation | International Standard.
1.2 Field of Application
This Recommendation | International Standard enables interworking between ODP systems.
|
Published |
1999-07 |
Edition : 1 |
Number of pages : 31 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14756:1999 |
Information technology — Measurement and rating of performance of computer-based software systems |
This International Standard defines how user oriented performance of computer-based software systems (CBSS)
may be measured and rated. A CBSS is a data processing system as it is seen by its users, e.g. by users at various
terminals, or as it is seen by operational users and business users at the data processing center.
A CBSS includes hardware and all its software (system software and application software) which is needed to
realize the data processing functions required by the users or what may influence to the CBSS's time behaviour.
This International Standard is applicable for tests of all time constrained systems or system parts. Also a network
may be part of a system or may be the main subject of a test. The method defined in this International Standard is
not limited to special cases like classic batch or terminal-host systems, e.g. also included are client server systems
or, with a broader comprehension of the definition of ?task', real time systems. But the practicability of tests may be
limited by the expenditure required to test large environments.
This International Standard specifies the key figures of user oriented performance terms and specifies a method of
measuring and rating these performance values. The specified performance values are those which describe the
execution speed of user orders (tasks), namely the triple of:
- execution time,
- throughput,
- timeliness.
The user orders, subsequently called tasks, may be of simple or complex internal structure. A task may be a job,
transaction, process or a more complex structure, but with a defined start and end depending on the needs of the
evaluator. When evaluating the performance it is possible to use this International Standard for measuring the time
behaviour with reference to business transaction completion times in addition to other individual response times.
The rating is done with respect to users requirements or by comparing two or more measured systems (types or
versions).
Intentionally no proposals for measuring internal values, such as:
- utilisation values,
- mean instruction rates,
- path lengths,
- cache hit rates,
- queuing times,
- service times,
are given, because the definition of internal values depends on the architecture of the hardware and the software of
the system under test. Contrary to this the user oriented performance values which are defined in this International
Standard are independent of architecture. The definition of internal performance values can be done independently
from the definition of user oriented performance values. They may be used and can be measured in addition to the
user oriented performance values. Also the definition of terms for the efficiency with which the user oriented values
are produced can be done freely. In addition this International Standard gives guidance on how to establish at a
data processing system a stable and reproducible state of operation. This reproducible state may be used to
measure other performance values such as the above mentioned internal values.
This International Standard focuses on:
- application software;
- system software;
- turn-key systems (i.e. systems consisting of an application software, the system software and the
hardware for which it was designed);
- general data processing systems.
This International Standard specifies the requirements for an emulation (by a technical system - the so-called
remote terminal emulator (RTE) - of user interactions with a data processing system. It is the guideline for precisely
measuring and rating the user oriented performance values. It provides the guideline for estimating these values
with the required accuracy and repeatability of CBSSs with deterministic as well as random behaviour of users. It is
also a guidance for implementing a RTE or proving whether it works according to this International Standard.
This International Standard provides the guideline to measure and rate the performance of CBSS with random user
behaviour when the accuracy and repeatability is required. It specifies in detail how to prepare and carry out the
measurement procedure. Along with a description of the analysis of the measured values, the formulas for
computing the performance value and the rating value, are provided.
This International Standard also gives guidance on:
- how to design a user oriented benchmark test using a:
* transaction oriented workload,
* batch oriented workload,
* or transaction and batch mixed workload.
It specifies:
- how to describe such a workload,
- how to perform the measurement procedure,
- how to rate the measured results.
This International Standard is of interest to:
- evaluators,
- developers,
- buyers (including users of a data processing system),
- system integrators
of CBSSs.
NOTE 1 The field of application of this International Standard may be extended to include the following aspects.
Workloads fulfilling the specifications of this standard and having a sufficiently general structure may be used as standard
workloads. They may be used to measure and rate performance of data processing systems used in specific fields. E.g. a
standard workload for word-processing may be used to compare the time efficiency of different software products or
different versions of the same product running on the same hardware system. Such a standard workload may also be
used if always applying the same application software version and the same hardware to compare the efficiency of the
system software. When applying the same application software and workload to different systems, consisting of hardware
and system software, as normally sold by system vendors, the efficiency of the data processing systems may be
compared with respect to the application and workload used.
|
Published |
1999-11 |
Edition : 1 |
Number of pages : 49 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 14759:1999 |
Software engineering — Mock up and prototype — A categorization of software mock up and prototype models and their use |
|
Withdrawn |
1999-11 |
Edition : 1 |
Number of pages : 12 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14764:1999 |
Information technology — Software maintenance |
|
Withdrawn |
1999-11 |
Edition : 1 |
Number of pages : 38 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14764:2006 |
Software Engineering — Software Life Cycle Processes — Maintenance |
ISO/IEC 14764:2006 describes in greater detail management of the Maintenance Process described in ISO/IEC 12207, including Amendments. It also establishes definitions for the various types of maintenance. ISO/IEC 14764:2006 provides guidance that applies to planning, execution and control, review and evaluation, and closure of the Maintenance Process. The scope of ISO/IEC 14764:2006 includes maintenance for multiple software products with the same maintenance resources. "Maintenance" in ISO/IEC 14764:2006 means software maintenance unless otherwise stated.
ISO/IEC 14764:2006 provides the framework within which generic and specific software maintenance plans may be executed, evaluated, and tailored to the maintenance scope and magnitude of given software products. It provides the framework, precise terminology and processes to allow the consistent application of technology (tools, techniques and methods) to software maintenance.
ISO/IEC 14764:2006 provides guidance for the maintenance of software. The basis for the Maintenance Process and its activities comes from the definitions of ISO/IEC 12207. It defines the activities and tasks of software maintenance, and provides maintenance planning requirements. It does not address the operation of software and the operational functions, e.g. backup, recovery and system administration, which are normally performed by those who operate the software.
ISO/IEC 14764:2006 is written primarily for maintainers of software and additionally for those responsible for development and quality assurance. It may also be used by acquirers and users of systems containing software who may provide inputs to the maintenance plan.
|
Withdrawn |
2006-09 |
Edition : 2 |
Number of pages : 44 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE 14764:2022 |
Software engineering — Software life cycle processes — Maintenance |
This document provides guidance for the maintenance of software, based on the maintenance process and its activities and tasks defined in ISO/IEC/IEEE 12207:2017, 6.4.13. Moreover, this document describes the maintenance process in greater detail and establishes definitions for the various types of maintenance. This includes maintenance for multiple software products with the same maintenance resources. “Maintenance” in this document means software maintenance unless otherwise stated.
The document does not address the operation of software and the operational functions, e.g. backup, recovery, system administration, which are normally performed by those who operate the software. However, it does include the related disposal process defined in ISO/IEC/IEEE 12207:2017, 6.4.14.
This document is written primarily for managers, maintenance organizations, quality managers, users and acquirers of systems containing software.
Many of the activities and tasks discussed in this document apply equally to maintenance services, as well as to maintained software products. For example, in a COTS intensive system, maintenance services are performed to sustain the product in operations.
While the scope of this document is software maintenance, hardware and hardware costs are important considerations for maintenance.
|
Published |
2022-01 |
Edition : 3 |
Number of pages : 36 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14769:2001 |
Information technology — Open Distributed Processing — Type Repository Function |
The concept of "type" is fundamental to ODP systems; the interaction model of ODP-RM involves strongly-typed
interactions.
This Recommendation | International Standard:
? defines a framework for describing types of interest in ODP systems by determining what entities need to
be typed and what needs to be said about the identified types. The primary focus of this work is the
computational interface type system;
? identifies and characterizes type languages sufficient to describe the types identified above in an
informative annex;
? provides enterprise, information, and computational specifications of a generic type repository function
within the type description framework which can be specialized to select a specific type system or type
notation. The type repository function provides:
? storage and retrieval of type descriptions;
? management of type descriptions;
? management of the relationship between types including matching of types;
? naming of types (in a manner consistent with ODP Naming Framework);
? interworking and federation of different type repositories.
This Recommendation | International Standard provides a standard method of accessing type descriptions used within
open distributed processing systems, where the type descriptions can be in various concrete syntaxes and type languages
used in these open distributed processing systems. This Recommendation | International Standard also facilitates the
dynamic matching of types for interactions, binding and trading purposes.
|
Published |
2001-05 |
Edition : 1 |
Number of pages : 28 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14771:1999 |
Information technology — Open Distributed Processing — Naming framework |
This Recommendation I International Standard:
defines a general framework for context-relative naming, refining and elaborating on the naming concepts defined in Part 2 of the ODP-RM;
identifies and characterizes functions necessary to handle names in the context of a federation of different naming systems; and
clarifies the relationship between the concepts of name management (i.e. federation and naming) in distributed computing systems.
It provides a general framework for the naming of entities of interest in ODP systems, which includes naming in the infrastructure of an ODP system, naming in the applications built on the infrastructure, and naming in the enterprise the system serves.
|
Published |
1999-12 |
Edition : 1 |
Number of pages : 25 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14834:1996 |
Information technology — Distributed Transaction Processing — The XA Specification |
Specifies the bidirectional interface between a transaction manager and a resource manager (the XA interface) in an X/Open Distributed Transaction Processing (DTP) environment. Technically identical to X/Open CAE Specification. Contains also the text of the X/Open DTP Reference Model Version 3.
|
Published |
1996-08 |
Edition : 1 |
Number of pages : 111 |
Technical Committee |
35.080
Software
|
| ISO/IEC 14863:1996 |
Information technology — System-Independent Data Format (SIDF) |
|
Published |
1996-07 |
Edition : 1 |
Number of pages : 89 |
Technical Committee |
35.080
Software
|
| ISO/IEC 23360-3:2006 |
Linux Standard Base (LSB) core specification 3.1 — Part 3: Specification for IA64 architecture |
ISO/IEC 23360-3:2006 is the Itanium(TM) architecture-specific Core part of the Linux Standard Base (LSB). It supplements the generic LSB Core module with those interfaces that differ between architectures.
Interfaces described in ISO/IEC 23360-3:2006 are mandatory except where explicitly listed otherwise. Core interfaces may be supplemented by other modules; all modules are built upon the core.
|
Withdrawn |
2006-12 |
Edition : 1 |
Number of pages : 83 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15026-1:2010 |
Systems and software engineering — Systems and software assurance — Part 1: Concepts and vocabulary |
ISO/IEC TR 15026-1:2010 defines terms and establishes an extensive and organized set of concepts and their relationships, thereby establishing a basis for shared understanding of the concepts and principles central to ISO/IEC 15026 across its user communities. It provides information to users of the subsequent parts of ISO/IEC 15026, including the use of each part and the combined use of multiple parts.
Coverage of assurance for a service being operated and managed on an ongoing basis is not covered in ISO/IEC 15026.
|
Withdrawn |
2010-08 |
Edition : 1 |
Number of pages : 95 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE 15026-1:2019 |
Systems and software engineering — Systems and software assurance — Part 1: Concepts and vocabulary |
This document defines assurance-related terms and establishes an organized set of concepts and relationships to form a basis for shared understanding across user communities for assurance. It provides information to users of the other parts of ISO/IEC/IEEE 15026 including the combined use of multiple parts. The essential concept introduced by ISO/IEC/IEEE 15026 (all parts) is the statement of claims in an assurance case and the support of those claims through argumentation and evidence. These claims are in the context of assurance for properties of systems and software within life cycle processes for the system or software product.
Assurance for a service being operated and managed on an ongoing basis is not covered in ISO/IEC/IEEE 15026 (all parts).
A variety of potential users of ISO/IEC/IEEE 15026 (all parts) exists including developers and maintainers of assurance cases and those who wish to develop, sustain, evaluate or acquire a system that possesses requirements for specific properties in such a way as to be more certain of those properties and their requirements. ISO/IEC/IEEE 15026 (all parts) uses concepts and terms consistent with ISO/IEC/IEEE 12207 and ISO/IEC/IEEE 15288 and generally consistent with the ISO/IEC 25000 series, but the potential users of ISO/IEC/IEEE 15026 (all parts) need to understand the differences from concepts and terms to which they may be accustomed. This document attempts to clarify these differences.
The primary purpose of this document is to aid users of the other parts of ISO/IEC/IEEE 15026 by providing context, concepts and explanations for assurance, assurance cases and integrity levels. While essential to assurance practice, details regarding exactly how to measure, demonstrate or analyse particular properties are not covered. These are the subjects of more specialized standards of which a number are referenced and included in the Bibliography.
|
Published |
2019-03 |
Edition : 1 |
Number of pages : 27 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15026-1:2010/Cor 1:2012 |
Systems and software engineering — Systems and software assurance — Part 1: Concepts and vocabulary — Technical Corrigendum 1 |
|
Withdrawn |
2012-09 |
Edition : 1 |
Number of pages : 1 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15026-2:2011 |
Systems and software engineering — Systems and software assurance — Part 2: Assurance case |
ISO/IEC 15026-2:2011 specifies minimum requirements for the structure and contents of an assurance case to improve the consistency and comparability of assurance cases and to facilitate stakeholder communications, engineering decisions, and other uses of assurance cases.
An assurance case includes a top-level claim for a property of a system or product (or set of claims), systematic argumentation regarding this claim, and the evidence and explicit assumptions that underlie this argumentation. Arguing through multiple levels of subordinate claims, this structured argumentation connects the top-level claim to the evidence and assumptions.
Assurance cases are generally developed to support claims in areas such as safety, reliability, maintainability, human factors, operability, and security, although these assurance cases are often called by more specific names, e.g. safety case or reliability and maintainability (R&M) case.
ISO/IEC 15026-2:2011 does not place requirements on the quality of the contents of an assurance case and does not require the use of a particular terminology or graphical representation. Likewise, it places no requirements on the means of physical implementation of the data, including no requirements for redundancy or co-location.
|
Withdrawn |
2011-02 |
Edition : 1 |
Number of pages : 10 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE 15026-2:2022 |
Systems and software engineering — Systems and software assurance — Part 2: Assurance case |
This document specifies requirements for structure terminology of assurance cases.
This document is applicable for developing and maintaining assurance cases.
|
Published |
2022-11 |
Edition : 2 |
Number of pages : 20 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15026-3:2011 |
Systems and software engineering — Systems and software assurance — Part 3: System integrity levels |
ISO/IEC 15026-3:2011 specifies the concept of integrity levels with corresponding integrity level requirements that are required to be met in order to show the achievement of the integrity level. It places requirements on and recommends methods for defining and using integrity levels and their integrity level requirements, including the assignment of integrity levels to systems, software products, their elements, and relevant external dependences.
ISO/IEC 15026-3:2011 is applicable to systems and software and is intended for use by:
definers of integrity levels such as industry and professional organizations, standards organizations, and government agencies;
users of integrity levels such as developers and maintainers, suppliers and acquirers, users, and assessors of systems or software and for the administrative and technical support of systems and/or software products.
One important use of integrity levels is by suppliers and acquirers in agreements; for example, to aid in assuring safety, economic, or security characteristics of a delivered system or product.
ISO/IEC 15026-3:2011 does not prescribe a specific set of integrity levels or their integrity level requirements. In addition, it does not prescribe the way in which integrity level use is integrated with the overall system or software engineering life cycle processes.
ISO/IEC 15026-3:2011 can be used alone or with other parts of ISO/IEC 15026. It can be used with a variety of technical and specialized risk analysis and development approaches. ISO/IEC TR 15026-1 provides additional information and references to aid users of ISO/IEC 15026-3:2011.
Assurance cases are covered by ISO/IEC 15026-2. ISO/IEC 15026-3:2011 does not require the use of assurance cases but describes how integrity levels and assurance cases can work together, especially in the definition of specifications for integrity levels or by using integrity levels within a portion of an assurance case.
|
Withdrawn |
2011-12 |
Edition : 1 |
Number of pages : 32 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15476-6:2006 |
Information technology — CDIF semantic metamodel — Part 6: State/event models |
ISO/IEC 15476-6:2006 defines the State/event subject area of the CDIF semantic metamodel. The CDIF semantic metamodel is used to ensure that the information transferred by tools communicating using CDIF is expressed with an agreed meaning. This subject area contains meta-objects that describe the entities of state transition diagrams and state transition tables, and also meta-relationships and meta-attributes that are necessary for available state transition.
ISO/IEC 15476-6:2006 is intended to be used by anyone wishing to understand and/or use CDIF. It provides a definition of a single subject area of the CDIF semantic metamodel. It is suitable for:
Those evaluating CDIF;Those who wish to understand the principles and concepts of a CDIF transfer; andThose developing importers and exporters.
|
Published |
2006-02 |
Edition : 1 |
Number of pages : 17 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15026-3:2015 |
Systems and software engineering — Systems and software assurance — Part 3: System integrity levels |
ISO/IEC 15026-3:2015 specifies the concept of integrity levels with corresponding integrity level requirements that are required to be met in order to show the achievement of the integrity level. It places requirements on and recommends methods for defining and using integrity levels and their corresponding integrity level requirements. It covers systems, software products, and their elements, as well as relevant external dependences.
This part of ISO/IEC 15026 is applicable to systems and software and is intended for use by the following:
a) definers of integrity levels such as industry and professional organizations, standards organizations, and government agencies;
b) users of integrity levels such as developers and maintainers, suppliers and acquirers, system or software users, assessors of systems or software and administrative and technical support staff of systems and/or software products.
One important use of integrity levels is by suppliers and acquirers in agreements; for example, to aid in assuring safety, financial, or security characteristics of a delivered system or product.
ISO/IEC 15026-3:2015 does not prescribe a specific set of integrity levels or their integrity level requirements. In addition, it does not prescribe the way in which integrity level use is integrated with the overall system or software engineering life cycle processes. It does, however, provide an example of use of this part of ISO/IEC 15026 in Annex A.
|
Published |
2015-12 |
Edition : 2 |
Number of pages : 23 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE DIS 15026-3 |
Systems and software engineering — Systems and software assurance — Part 3: System integrity levels |
This document specifies the concept of integrity levels with corresponding integrity level requirements. It places requirements on and recommends methods for defining and using integrity levels and their corresponding integrity level requirements. It covers systems, software products, and their elements, as well as relevant external dependences.
This document is applicable to systems and software and is intended for use by:
a) definers of integrity levels such as industry and professional organizations, standards organizations, and government agencies;
b) users of integrity levels such as developers and maintainers, suppliers and acquirers, system or software users, assessors of systems or software and administrative and technical support staff of systems or software products.
One important use of integrity levels is by suppliers and acquirers in agreements; for example, to aid in assuring safety, financial, or security characteristics of a delivered system or product.
This document does not prescribe a specific set of integrity levels or their integrity level requirements. In addition, it does not prescribe the way in which integrity level use is integrated with the overall system or software engineering life cycle processes.
|
Under development |
|
Edition : 3 |
Number of pages : 21 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15026-4:2012 |
Systems and software engineering — Systems and software assurance — Part 4: Assurance in the life cycle |
ISO/IEC 15026-4:2012 gives guidance and recommendations for conducting selected processes, activities and tasks for systems and software products requiring assurance claims for properties selected for special attention, called critical properties. ISO/IEC 15026-4:2012 specifies a property-independent list of processes, activities and tasks to achieve the claim and show the achievement of the claim. ISO/IEC 15026-4:2012 establishes the processes, activities, tasks, guidance and recommendations in the context of a defined life cycle model and set of life cycle processes for system and/or software life cycle management.
|
Withdrawn |
2012-10 |
Edition : 1 |
Number of pages : 24 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE 15026-4:2021 |
Systems and software engineering — Systems and software assurance — Part 4: Assurance in the life cycle |
This document provides guidance and recommendations for assurance of a selected claim about the system-of-interest by achieving the claim and showing the achievement. The guidance and recommendations are given in a system assurance process view on top of ISO/IEC/IEEE 15288 and a software assurance process view on top of ISO/IEC/IEEE 12207.
|
Published |
2021-05 |
Edition : 1 |
Number of pages : 38 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15026:1998 |
Information technology — System and software integrity levels |
|
Withdrawn |
1998-11 |
Edition : 1 |
Number of pages : 12 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15271:1998 |
Information technology — Guide for ISO/IEC 12207 (Software Life Cycle Processes) |
|
Withdrawn |
1998-12 |
Edition : 1 |
Number of pages : 49 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15288:2002 |
Systems engineering — System life cycle processes |
|
Withdrawn |
2002-11 |
Edition : 1 |
Number of pages : 62 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15504-1:2004 |
Information technology — Process assessment — Part 1: Concepts and vocabulary |
This part of ISO/IEC 15504:2004 provides overall information on the concepts of process assessment and its use in the two contexts of process improvement and process capability determination. It describes how the parts of the suite fit together, and provides guidance for their selection and use. It explains the requirements contained within ISO/IEC 15504, and their applicability to performing assessments.
Readers of this guide should familiarize themselves with the terminology and structure of the document suite, and then reference the appropriate parts of the suite for the context in which they propose to conduct an assessment. A more detailed description of the use of ISO/IEC 15504 is given in clause 4.
|
Withdrawn |
2004-11 |
Edition : 1 |
Number of pages : 19 |
Technical Committee |
35.080
Software
|
| IEC 847:1988 |
Characteristics of local area networks (LAN) |
|
Withdrawn |
1988-06 |
Edition : 1 |
Number of pages : 14 |
Technical Committee |
35.110
Networking
|
| ISO/IEC/IEEE 15288:2015 |
Systems and software engineering — System life cycle processes |
ISO/IEC/IEEE 15288:2015 establishes a common framework of process descriptions for describing the life cycle of systems created by humans. It defines a set of processes and associated terminology from an engineering viewpoint. These processes can be applied at any level in the hierarchy of a system's structure. Selected sets of these processes can be applied throughout the life cycle for managing and performing the stages of a system's life cycle. This is accomplished through the involvement of all stakeholders, with the ultimate goal of achieving customer satisfaction.
ISO/IEC/IEEE 15288:2015 also provides processes that support the definition, control and improvement of the system life cycle processes used within an organization or a project. Organizations and projects can use these processes when acquiring and supplying systems.
ISO/IEC/IEEE 15288:2015 concerns those systems that are man-made and may be configured with one or more of the following system elements: hardware, software, data, humans, processes (e.g., processes for providing service to users), procedures (e.g., operator instructions), facilities, materials and naturally occurring entities.
|
Published |
2015-05 |
Edition : 1 |
Number of pages : 108 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE 15288 |
Systems and software engineering — System life cycle processes |
|
Under development |
|
Edition : 2 |
|
Technical Committee |
35.080
Software
|
| ISO/IEC 15288:2008 |
Systems and software engineering — System life cycle processes |
ISO/IEC 15288:2008 establishes a common framework for describing the life cycle of systems created by humans. It defines a set of processes and associated terminology. These processes can be applied at any level in the hierarchy of a system's structure. Selected sets of these processes can be applied throughout the life cycle for managing and performing the stages of a system's life cycle. This is accomplished through the involvement of all interested parties, with the ultimate goal of achieving customer satisfaction.
ISO/IEC 15288:2008 also provides processes that support the definition, control and improvement of the life cycle processes used within an organization or a project. Organizations and projects can use these life cycle processes when acquiring and supplying systems.
ISO/IEC 15288:2008 concerns those systems that are man-made and may be configured with one or more of the following: hardware, software, data, humans, processes (e.g., processes for providing service to users), procedures (e.g., operator instructions), facilities, materials and naturally occurring entities. When a system element is software, the software life cycle processes documented in ISO/IEC 12207:2008 may be used to implement that system element.
ISO/IEC 15288:2008 and ISO/IEC 12207:2008 are harmonized for concurrent use on a single project or in a single organization.
|
Withdrawn |
2008-02 |
Edition : 2 |
Number of pages : 70 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15289:2006 |
Systems and software engineering — Content of systems and software life cycle process information products (Documentation) |
ISO/IEC 15289:2006 was developed to assist users of systems and software life cycle processes to manage information items (documents). It is based on the life cycle processes specified in ISO/IEC 15288 or ISO/IEC 12207:1995/AMD 1:2002/AMD 2. Information items are essential to preserving what transpired when using system life cycle processes, and may be identified as deliverable documents.
ISO/IEC 15289:2006 identifies the purpose and content of all identified systems and software life cycle information items as required for the various life cycle processes. The information item contents are defined according to generic document types (which may be referred to as information item types) and the specific purpose of the document.
ISO/IEC 15289:2006 may be applied to any of the activities and tasks of a project, system or software product, or service life cycle. It is not limited by the size, complexity or criticality of the project. It may be applied to all forms of information items, information item content, and document delivery media. Information items may be combined or subdivided as needed for project or organizational purposes. The nomenclature for information items, document titles and contents is informative.
|
Withdrawn |
2006-04 |
Edition : 1 |
Number of pages : 51 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE 15289:2011 |
Systems and software engineering — Content of life-cycle information products (documentation) |
ISO/IEC/IEEE 15289:2011 provides requirements for identifying and planning the specific information items (information products, documentation) to be developed and revised during systems and software life cycles and service processes. It specifies the purpose and content of all identified systems and software data records and life cycle information items, as well as records and information items for information technology service management. The information item contents are defined according to generic document types (description, plan, policy, procedure, report, request, and specification) and the specific purpose of the document. For simplicity of reference, each information item is described as if it were published as a separate document. However, information items may be unpublished but available in a repository for reference, divided into separate documents or volumes, or combined with other information items into one document. ISO/IEC/IEEE 15289:2011 is based on the life cycle processes specified in ISO/IEC 12207:2008 (IEEE Std 12207-2008) and ISO/IEC 15288:2008 (IEEE Std 15288-2008), and the service management processes specified in ISO/IEC 20000-1:2005 and ISO/IEC 20000-2:2005.
|
Withdrawn |
2011-11 |
Edition : 1 |
Number of pages : 84 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15504-1:1998 |
Information technology — Software process assessment — Part 1: Concepts and introductory guide |
|
Withdrawn |
1998-08 |
Edition : 1 |
Number of pages : 11 |
Technical Committee |
35.080
Software
|
| IEC/TR 907:1989 |
Local area networks CSMA/CD 10 Mbit/s baseband planning and installation guide |
|
Withdrawn |
1989-04 |
Edition : 1 |
Number of pages : 83 |
Technical Committee |
35.110
Networking
|
| ISO/IEC/IEEE 15289:2015 |
Systems and software engineering — Content of life-cycle information items (documentation) |
ISO/IEC/IEEE 15289:2015 provides requirements for identifying and planning the specific information items (information products, documentation) to be developed and revised during systems and software life cycles and service processes. It specifies the purpose and content of all identified systems and software data records and life-cycle information items, as well as records and information items for information technology service management. The information item contents are defined according to generic document types (description, plan, policy, procedure, report, request, and specification) and the specific purpose of the document. For simplicity of reference, each information item is described as if it were published as a separate document. However, information items may be unpublished but available in a repository for reference, divided into separate documents or volumes, or combined with other information items into one document. ISO/IEC/IEEE 15289:2014 is based on the life-cycle processes specified in ISO/IEC 12207:2008 (IEEE Std 12207-2008) and ISO/IEC 15288:2008 (IEEE Std 15288-2008), and the service management processes specified in ISO/IEC 20000-1:2011 (IEEE Std 20000-1:2013) and ISO/IEC 20000-2:2012 (IEEE Std 20000-2:2013).
|
Withdrawn |
2015-05 |
Edition : 2 |
Number of pages : 84 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE 15289:2017 |
Systems and software engineering — Content of life-cycle information items (documentation) |
ISO/IEC/IEEE 15289:2017 specifies the purpose and content of all identified systems and software life-cycle and service management information items (documentation). The information item contents are defined according to generic document types, as presented in Clause 7, and the specific purpose of the document (Clause 10).
ISO/IEC/IEEE 15289:2017 assumes an organization is performing life-cycle processes, or practicing service management, using one or more of the following:
- ISO/IEC 12207:2008 (IEEE Std 12207-2008), Systems and software engineering ? Software life cycle processes;
- ISO/IEC/IEEE 15288:2015, Systems and software engineering ? System life cycle processes;
- ISO/IEC 20000-1:2011 (IEEE Std 20000-1:2013), Information technology ? Service management ? Part 1: Service management system requirements; and
- ISO/IEC 20000-2 (IEEE Std 20000-2:2013), Information technology ? Service management ? Part 2: Guidance on the application of service management systems.
ISO/IEC/IEEE 15289:2017 provides a mapping of processes from the above standards to a set of information items. It provides a consistent approach to meeting the information and documentation requirements of systems and software engineering and IT service management.
ISO/IEC/IEEE 15289:2017 does not establish a service management system.
|
Withdrawn |
2017-05 |
Edition : 3 |
Number of pages : 88 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE 15289:2019 |
Systems and software engineering — Content of life-cycle information items (documentation) |
This document specifies the purpose and content of all identified systems and software life‐cycle and service management information items (documentation). The information item contents are defined according to generic document types, as presented in Clause 7, and the specific purpose of the document, as presented in Clause 10.
This document assumes an organization is performing life‐cycle processes, or delivering system or software engineering services, using either or both of the following:
— ISO/IEC/IEEE 12207:2017 software life cycle processes;
— ISO/IEC/IEEE 15288:2015 system life cycle processes.
ISO/IEC/IEEE 12207:2017 and ISO/IEC/IEEE 15288:2015 define an Information Management process, but do not "detail information items in terms of name, format, explicit content, and recording media" (ISO/IEC/IEEE 12207:2017, 1.4). These standards identify, recommend or require a number of documentation items. This document provides a mapping of processes from the above standards to a set of information items. It provides a consistent approach to meeting the information and documentation requirements of systems and software engineering and engineering service management.
The generic document types defined in this document are used to identify the information necessary to support the processes required by ISO/IEC/IEEE 12207:2017 and ISO/IEC/IEEE 15288:2015. The generic document types (which can be referred to as information item types) are used to identify the information necessary to support the processes.
For each life‐cycle process or service, it would be possible to prepare a policy, plan, procedures and reports, as well as numerous records, requests, descriptions and specifications. Such an elaboration of the documentation schema would be more rigorous than specified by ISO/IEC/IEEE 12207:2017 or ISO/IEC/IEEE 15288:2015. As ISO/IEC/IEEE 15288:2015, 1.4 points out, "The users of this document are responsible for selecting a life cycle model for the project and mapping the processes, activities, and tasks in this document into that model. The parties are also responsible for selecting and applying appropriate methodologies, methods, models and techniques suitable for the project." Thus, information items are combined or subdivided consistent with the life cycle model, as needed for project or organizational purposes, as further defined in Clause 4 and Clause 5.
This document is not a management system standard and does not establish a service management system, quality management system, or asset management system. The scope of this document does not include the following:
a) the format or content of recommended input data or input information items, except for the content of those input items that are also output information items;
b) instructions on combining or subdividing information items and information item contents of a similar nature;
c) guidance on selecting an appropriate presentation format, delivery media and maintenance technology for systems or software life‐cycle data, records, information items or documentation, such as electronic publishing systems, content management systems or data repositories;
NOTE ISO/IEC/IEEE 26531 provides requirements for content management and component content management systems. ISO/IEC 26514 provides guidance on formats for user documentation (information for users).
d) detailed content for information items related to general business, contractual, organizational and financial management that is not specific to systems and software engineering and engineering service management, such as business strategies, contract change notices (agreement change report), human resources and investment policies, personnel selection criteria, financial budgeting and accounting policies and procedures, cost reports, or payroll data;
e) information items showing only approval of an ISO/IEC/IEEE 12207:2017 or ISO/IEC/IEEE 15288:2015 subclause, such as ISO/IEC/IEEE 12207:2017, 6.4.10.3 c) 3);
f) any ISO/IEC/IEEE 15288:2015 or ISO/IEC/IEEE 12207:2017 subclause not explicitly or implicitly identifying the recording of information about a process, activity or task, for example, ISO/IEC/IEEE 12207:2017, 6.2.4.3 c);
g) work products, models, software, and other artifacts of life‐cycle products and services that are not information items or records used in information items.
|
Published |
2019-07 |
Edition : 4 |
Number of pages : 73 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15414:2002 |
Information technology — Open distributed processing — Reference model — Enterprise language |
|
Withdrawn |
2002-10 |
Edition : 1 |
Number of pages : 20 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15414:2006 |
Information technology — Open distributed processing — Reference model — Enterprise language |
ISO/IEC 15414:2006 provides:
a language (the enterprise language) comprising concepts, structures, and rules for developing, representing, and reasoning about a specification of an Open Distributed Processing (ODP) system from the enterprise viewpoint (as defined in ISO/IEC 10746-3); andrules which establish correspondences between the enterprise language and the other viewpoint languages (defined in ISO/IEC 10746-3) to ensure the overall consistency of a specification.
|
Withdrawn |
2006-06 |
Edition : 2 |
Number of pages : 41 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15414:2015 |
Information technology — Open distributed processing — Reference model — Enterprise language |
ISO/IEC 15414:2015 provides:
a) a language (the enterprise language) comprising concepts, structures, and rules for developing, representing and reasoning about a specification of an ODP system from the enterprise viewpoint (as defined in Rec. ITU-T X.903 | ISO/IEC 10746-3);
b) rules which establish correspondences between the enterprise language and the other viewpoint languages (defined in Rec. ITU-T X.903 | ISO/IEC 10746-3) to ensure the overall consistency of a specification.
The language is specified to a level of detail sufficient to enable the determination of the compliance of any modelling language to this Recommendation | International Standard and to establish requirements for new specification techniques.
ISO/IEC 15414:2015 is intended for use in preparing enterprise viewpoint specifications of ODP systems, and in developing notations and tools to support such specifications.
As specified in clause 5 of Rec. ITU-T X.903 | ISO/IEC 10746‑3, an enterprise viewpoint specification defines the purpose, scope and policies of an ODP system.
ISO/IEC 15414:2015 is a refinement and extension of Rec. ITU‑T X.903 | ISO/IEC 10746‑3, clauses 5 and 10, but does not replace them.
|
Published |
2015-04 |
Edition : 3 |
Number of pages : 44 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15437:2001 |
Information technology — Enhancements to LOTOS (E-LOTOS) |
This International Standard defines the syntax and semantics of the enhanced LOTOS language (ISO 8807),
named E-LOTOS. E-LOTOS is used for the formal description of the behavioural aspects of distributed and
concurrent systems in general and in the area of open distributed processing in particular.
|
Published |
2001-08 |
Edition : 1 |
Number of pages : 187 |
Technical Committee |
35.060
Languages used in information technology
;
35.080
Software
|
| ISO 14191:1998 |
Aerospace — Airframe spherical roller bearings, single row, self-aligning, diameter series 3 and 4 — Metric series |
|
Withdrawn |
1998-04 |
Edition : 1 |
Number of pages : 5 |
Technical Committee |
49.035
Components for aerospace construction
|
| ISO/IEC 15474-1:2002 |
Information technology — CDIF framework — Part 1: Overview |
The CDIF family of standards is primarily designed to be used as a description of a mechanism for transferring
information between modelling tools. It facilitates a successful transfer when the authors of the importing and
exporting tools have nothing in common except an agreement to conform to CDIF.
The CDIF family of standards includes a semantic metamodel and a transfer format definition. It also includes the
specification of a meta-metamodel and associated rules that define a framework for the semantic metamodel and
the transfer format. The language that is defined for the transfer format also has applicability as a general language
for Import/Export for repositories. The CDIF semantic metamodel also has applicability as the basis of standard
definitions for use in repositories.
The diagram in Figure 1 depicts the various standards that comprise the CDIF family of standards. The shaded box
depicts this Standard and its position in the CDIF family of standards.
This document introduces the CDIF family of standards and defines the terms common to the CDIF family of
standards.
This document is intended to be used by anyone wishing to understand and/or use CDIF. This document provides
an introduction to the entire CDIF family of standards. It is suitable for:
Those evaluating CDIF,
Those who wish to understand the principles and concepts of a CDIF transfer, and
Those developing importers and exporters.
This document, ISO/IEC 15474-1:2002, Information technology - CDIF framework - Part 1: Overview, and the
Framework document ISO/IEC 15474-2:2002, Information technology - CDIF framework - Part 2: Modelling and
extensibility, should be read first when initially exploring CDIF and before attempting to read other documents in the
CDIF family of standards.
While there are no specific prerequisites for reading this document, it will be helpful for the reader to have familiarity
with the following:
Entity-Relationship-Attribute modelling;
Modelling (CASE) tools;
Information repositories;
Data dictionaries;
Multiple meta-layer modelling.
|
Published |
2002-10 |
Edition : 1 |
Number of pages : 17 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15474-2:2002 |
Information technology — CDIF framework — Part 2: Modelling and extensibility |
The CDIF family of standards is primarily designed to be used as a description of a mechanism for transferring
information between modelling tools. It facilitates a successful transfer when the authors of the importing and
exporting tools have nothing in common except an agreement to conform to CDIF.
The CDIF family of standards includes a semantic metamodel and a transfer format definition. It also includes the
specification of a meta-metamodel and associated rules that define a framework for the semantic metamodel and
the transfer format. The language that is defined for the transfer format also has applicability as a general language
for Import/Export for repositories. The CDIF semantic metamodel also has applicability as the basis of standard
definitions for use in repositories.
The standards that form the complete family of CDIF Standards are documented in ISO/IEC 15474-1:2002,
Information technology - CDIF framework - Part 1: Overview. These standards cover the overall framework, the
transfer format and the CDIF semantic metamodel.
Figure 1 − CDIF family of standards
The diagram in Figure 1 depicts the various standards that comprise the CDIF family of standards. The shaded box
depicts this Standard and its position in the CDIF family of standards.
This document (ISO/IEC 15474-2:2002, Information technology - CDIF framework - Part 2: Modelling and
extensibility) includes the definition of the CDIF meta-metamodel and describes the rules and notations used
throughout the CDIF family of standards. The rules for extending the CDIF semantic metamodel are also defined.
This document is intended to be used by anyone wishing to understand and/or use CDIF. This document provides
an introduction to the entire CDIF family of standards. It is suitable for:
Those evaluating CDIF,
Those who wish to understand the principles and concepts of a CDIF transfer, and
Those developing importers and exporters.
The document, ISO/IEC 15474-1:2002, Information technology - CDIF framework - Part 1: Overview, and this
framework document ISO/IEC 15474-2:2002, Information technology - CDIF framework - Part 2: Modelling and
extensibility, should be read first when initially exploring CDIF and before attempting to read other documents in the
CDIF family of standards.
While there are no specific prerequisites for reading this document, it will be helpful for the reader to have familiarity
with the following:
Entity-Relationship-Attribute modelling;
Modelling (CASE) tools;
Information repositories;
Data dictionaries;
Multiple meta-layer modelling.
|
Published |
2002-10 |
Edition : 1 |
Number of pages : 46 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15475-1:2002 |
Information technology — CDIF transfer format — Part 1: General rules for syntaxes and encodings |
The CDIF family of standards is primarily designed to be used as a description of a mechanism for transferring
information between modelling tools. It facilitates a successful transfer when the authors of the importing and
exporting tools have nothing in common except an agreement to conform to CDIF. The language that is defined for
the Transfer Format also has applicability as a general language for Import/Export from repositories. The CDIF
Semantic Metamodel defined for modelling tools also has applicability as the basis of standard definitions for use in
repositories.
The standards, which form the complete family of CDIF Standards, are documented in ISO/IEC 15474-1:2002,
Information technology — CDIF framework — Part 1: Overview. These standards cover the overall framework,
the transfer format and the CDIF Semantic Metamodel.
The diagram in Figure 1 depicts the various standards that comprise the CDIF family of standard. The shaded box
depicts this Standard and its position in the CDIF family of standard.
This document describes the way that CDIF metamodels are concretely represented during a transfer and the way
that CDIF supports multiple exchange syntaxes and encodings. No specific exchange syntaxes or encodings are
described in this document. ISO/IEC 15475-2:2002, Information technology — CDIF transfer format — Part 2:
Syntax SYNTAX.1 and ISO/IEC 15475-3:2002, Information technology — CDIF transfer format —Part 3: Encoding
ENCODING.1. define one specific CDIF syntax and one specific CDIF encoding.
This document is intended to be used by anyone wishing to understand and/or use CDIF. This document provides
an introduction to the entire CDIF family of standard. It is suitable for:
— Those evaluating CDIF,
— Those who wish to understand the principles and concepts of a CDIF transfer, and
— Those developing importers and exporters.
The documents ISO/IEC 15474-1:2002, Information technology — CDIF framework — Part 1: Overview and
ISO/IEC 15474-2:2002, Information technology — CDIF framework — Part 2: Modelling and extensibility should be
read first when initially exploring CDIF and before attempting to read other documents in the CDIF family of
standard.
While there are no specific prerequisites for reading this document, it will be helpful for the reader to have familiarity
with the following:
— Entity-Relationship-Attribute modelling;
— Modelling (CASE) tools;
— Information repositories;
— Data dictionaries;
— Multiple meta-layer modelling;
— Formal grammars;
— Transfer formats.
|
Published |
2002-11 |
Edition : 1 |
Number of pages : 15 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15475-2:2002 |
Information technology — CDIF transfer format — Part 2: Syntax SYNTAX.1 |
The CDIF family of standards is primarily designed to be used as a description of a mechanism for transferring
information between modelling tools. It facilitates a successful transfer when the authors of the importing and
exporting tools have nothing in common except an agreement to conform to CDIF. The language that is defined for
the transfer format also has applicability as a general language for Import/Export from repositories. The CDIF
semantic metamodel defined for modelling tools also has applicability as the basis of standard definitions for use in
repositories.
The standards, which form the complete family of CDIF Standards, are documented in ISO/IEC 15474-1:2002,
Information technology — CDIF framework — Part 1: Overview. These standards cover the overall framework,
the transfer format and the CDIF semantic metamodel.
Figure 1 − Position in the CDIF family of standards
The diagram in Figure 1 depicts the various standards that comprise the CDIF family of standards. The shaded box
depicts this Standard and its position in the CDIF family of standards.
This document describes the standard CDIF transfer syntax. No encodings for SYNTAX.1 are specified in this
document. ISO/IEC 15475-3:2002, Information technology — CDIF transfer format — Part 3: Encoding
ENCODING.1, specifies one standard encoding for this syntax.
This document is intended to be used by anyone wishing to understand and/or use CDIF. This document provides
an introduction to the entire CDIF family of standards. It is suitable for:
— Those evaluating CDIF,
— Those who wish to understand the principles and concepts of a CDIF transfer, and
— Those developing importers and exporters.
The documents ISO/IEC 15474-1:2002, Information technology — CDIF framework — Part 1: Overview and
ISO/IEC 15474-2:2002, Information technology — CDIF framework — Part 2: Modelling and extensibility should be
read first when initially exploring CDIF and before attempting to read other documents in the CDIF family of
standards.
This document should be read in conjunction with ISO/IEC 15475-1:2002, Information technology — CDIF transfer
format — Part 1: General rules for syntaxes and encodings.
While there are no specific prerequisites for reading this document, it will be helpful for the reader to have familiarity
with the following:
— Entity-Relationship-Attribute modelling;
— Modelling (CASE) tools;
— Information repositories;
— Data dictionaries;
— Multiple meta-layer modelling;
— Formal grammars;
— Transfer formats.
|
Published |
2002-11 |
Edition : 1 |
Number of pages : 29 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15504-9:1998 |
Information technology — Software process assessment — Part 9: Vocabulary |
|
Withdrawn |
1998-09 |
Edition : 1 |
Number of pages : 11 |
Technical Committee |
35.080
Software
;
01.040.35
Information technology (Vocabularies)
|
| ISO/IEC/IEEE 8802-1AE:2013/Amd 2:2015 |
Information technology — Telecommunications and information exchange between systems — Local and metropolitan area networks — Part 1AE: Media access control (MAC) security — Amendment 2: Extended Packet Numbering |
|
Withdrawn |
2015-05 |
Edition : 1 |
Number of pages : 53 |
Technical Committee |
35.110
Networking
|
| ISO/IEC 15475-3:2002 |
Information technology — CDIF transfer format — Part 3: Encoding ENCODING.1 |
The CDIF family of standards is primarily designed to be used as a description of a mechanism for transferring
information between modelling tools. It facilitates a successful transfer when the authors of the importing and
exporting tools have nothing in common except an agreement to conform to CDIF. The language that is defined for
the transfer format also has applicability as a general language for Import/Export from repositories. The CDIF
semantic metamodel defined for modelling tools also has applicability as the basis of standard definitions for use in
repositories.
The standards, which form the complete family of CDIF Standards, are documented in ISO/IEC 15474-1:2002,
Information technology — CDIF framework — Part 1: Overview. These standards cover the overall framework,
the transfer format and the CDIF semantic metamodel.
Figure 1 − Position in the CDIF family of standards
The diagram in Figure 1 depicts the various standards that comprise the CDIF family of standards. The shaded box
depicts this Standard and its position in the CDIF family of standards.
This document describes the standard CDIF Transfer Encoding for the standard CDIF Transfer Syntax as defined
in ISO/IEC 15475-2:2002, Information technology —CDIF transfer format — Part 2: Syntax SYNTAX.1.
This document is intended to be used by anyone wishing to understand and/or use CDIF. This document provides
an introduction to the entire CDIF family of standards. It is suitable for:
— Those evaluating CDIF,
— Those who wish to understand the principles and concepts of a CDIF transfer, and
— Those developing importers and exporters.
The documents ISO/IEC 15474-1:2002, Information technology — CDIF framework — Part 1: Overview and
ISO/IEC 15474-2:2002, Information technology — CDIF framework — Part 2: Modelling and extensibility should be
read first when initially exploring CDIF and before attempting to read other documents in the CDIF family of
standards.
This document should be read in conjunction with ISO/IEC 15475-1:2002, Information technology — CDIF transfer
format — Part 1: General rules for syntaxes and encodings and ISO/IEC 15475-2:2002, Information technology —
CDIF transfer format — Part 2: Syntax SYNTAX.1.
While there are no specific prerequisites for reading this document, it will be helpful for the reader to have familiarity
with the following:
— Entity-Relationship-Attribute modelling;
— Modelling (CASE) tools;
— Information repositories;
— Data dictionaries;
— Multiple meta-layer modelling;
— Formal grammars;
— Transfer formats.
|
Published |
2002-11 |
Edition : 1 |
Number of pages : 20 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15476-1:2002 |
Information technology — CDIF semantic metamodel — Part 1: Foundation |
The CDIF family of standards is primarily designed to be used as a description of a mechanism for transferring
information between modelling tools. It facilitates a successful transfer when the authors of the importing and
exporting tools have nothing in common except an agreement to conform to CDIF. The language that is defined for
the transfer format also has applicability as a general language for import/export from repositories. The CDIF
semantic metamodel defined for CASE also has applicability as the basis of standard definitions for use in
repositories.
The standards which form the complete family of CDIF standards are documented in ISO/IEC 15474-1:2002,
Information technology — CDIF framework — Part 1: Overview. These standards cover the overall framework, the
transfer format and the CDIF semantic metamodel.
The diagram in Figure 1 depicts the various standards that comprise the CDIF family of standards. The shaded box
depicts this Standard and its position in the CDIF family of standards.
This standard defines the Foundation subject area of the CDIF semantic metamodel. This subject area contains the
basic objects on which all other objects, including those defined using extensibility, must be based.
This document is intended to be used by anyone wishing to understand and/or use CDIF. This document provides
a definition of a single subject area of the CDIF semantic metamodel. It is suitable for:
Those evaluating CDIF,
Those who wish to understand the principles and concepts of a CDIF transfer, and
Those developing importers and exporters.
The document, ISO/IEC 15474-1:2002, Information technology — CDIF framework — Part 1: Overview, and the
framework document ISO/IEC 15474-2:2002, Information technology — CDIF framework — Part 2: Modelling and
extensibility, should be read first when initially exploring CDIF and before attempting to read other documents in the
CDIF family of standards.
While there are no specific prerequisites for reading this document, it will be helpful for the reader to have familiarity
with the following:
Entity-Relationship-Attribute modelling;
Modelling (CASE) tools;
Information repositories;
Data dictionaries;
Multiple meta-layer modelling.
|
Published |
2002-11 |
Edition : 1 |
Number of pages : 11 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15476-2:2002 |
Information technology — CDIF semantic metamodel — Part 2: Common |
The CDIF family of standards is primarily designed to be used as a description of a mechanism for transferring
information between modelling tools. It facilitates a successful transfer when the authors of the importing and
exporting tools have nothing in common except an agreement to conform to CDIF. The language that is defined for
the transfer format also has applicability as a general language for import/export from repositories. The CDIF
semantic metamodel defined for CASE also has applicability as the basis of standard definitions for use in
repositories.
The standards which form the complete family of CDIF standards are documented in ISO/IEC 15474-1:2002,
Information technology — CDIF framework — Part 1: Overview. These standards cover the overall framework, the
transfer format and the CDIF semantic metamodel.
Figure 1 − CDIF family of standards
The diagram in Figure 1 depicts the various standards that comprise the CDIF family of standards. The shaded box
depicts this Standard and its position in the CDIF family of standards.
This standard defines the Common Subject Area of the CDIF semantic metamodel. This subject area contains
meta-objects that are used as the basis of the other subject area standards, and also meta-relationships and metaattributes
that are applicable to all meta-objects.
This document is intended to be used by anyone wishing to understand and/or use CDIF. This document provides
a definition of a single subject area of the CDIF semantic metamodel. It is suitable for:
Those evaluating CDIF,
Those who wish to understand the principles and concepts of a CDIF transfer, and
Those developing importers and exporters.
This document, ISO/IEC 15474-1:2002, Information technology — CDIF framework — Part 1: Overview, and the
Framework document ISO/IEC 15474-2:2002, Information technology — CDIF framework — Part 2: Modelling and
extensibility, should be read first when initially exploring CDIF and before attempting to read other documents in the
CDIF family of standards.
While there are no specific prerequisites for reading this document, it will be helpful for the reader to have familiarity
with the following:
Entity-Relationship-Attribute modelling;
Modelling (CASE) tools;
Information repositories;
Data dictionaries;
Multiple meta-layer modelling.
|
Published |
2002-11 |
Edition : 1 |
Number of pages : 41 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15476-3:2006 |
Information technology — CDIF semantic metamodel — Part 3: Data definitions |
ISO/IEC 15476-3:2006 explains the Data definitions subject area of the CDIF semantic metamodel, that defines the primitive data types and the objects which are used for structured data. The CDIF semantic metamodel is used to ensure that the information transferred by tools communicating using CDIF is expressed with an agreed meaning. This subject area contains meta-objects that are used as the basis of the data components of other subject area standards, and also meta-relationships and meta-attributes that are applicable to all data-related meta-objects.
ISO/IEC 15476-3:2006 is intended to be used by anyone wishing to understand and/or use CDIF. It provides a definition of a single subject area of the CDIF semantic metamodel. It is suitable for:
Those evaluating CDIF;Those who wish to understand the principles and concepts of a CDIF transfer; andThose developing importers and exporters.
|
Published |
2006-01 |
Edition : 1 |
Number of pages : 88 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15476-4:2005 |
Information technology — CDIF semantic metamodel — Part 4: Data models |
ISO/IEC 15476-4:2005 explains the Data models subject area. The CDIF semantic metamodel is used to ensure that the information held by tools communicating using CDIF is transferred with an agreed meaning. It covers the information required to express Entity-Relationship-Attribute Modelling and Logical Database Design concepts.
ISO/IEC 15476-4:2005 is intended to be used by anyone wishing to understand and/or use CDIF. It provides a definition of a single subject area of the CDIF semantic metamodel. It is suitable for:
Those evaluating CDIF,Those who wish to understand the principles and concepts of a CDIF transfer, andThose developing importers and exporters.
|
Published |
2005-12 |
Edition : 1 |
Number of pages : 113 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE 8802-1X:2013/Amd 2:2020 |
Information technology — Telecommunications and information exchange between systems — Local and metropolitan area networks — Part 1X: Port-based network access control — Amendment 2: YANG data model |
|
Withdrawn |
2020-11 |
Edition : 1 |
Number of pages : 129 |
Technical Committee |
35.110
Networking
|
| ISO/IEC 15504-2:2003 |
Information technology — Process assessment — Part 2: Performing an assessment |
ISO/IEC 15504-2:2003 defines the requirements for performing process assessment as a basis for use in process improvement and capability determination.
Process assessment is based on a two dimensional model containing a process dimension and a capability dimension. The process dimension is provided by an external process reference model, which defines a set of processes characterized by statements of process purpose and process outcomes. The capability dimension consists of a measurement framework comprising six process capability levels and their associated process attributes.
The assessment output consists of a set of process attribute ratings for each process assessed, termed the process profile, and may also include the capability level achieved by that process.
ISO/IEC 15504-2:2003 identifies the measurement framework for process capability and the requirements for:
performing an assessment;process reference models;process assessment models;verifying conformity of process assessment.
The requirements for process assessment defined in ISO/IEC 15504-2:2003 form a structure which:
facilitates self-assessment;provides a basis for use in process improvement and capability determination;takes into account the context in which the assessed process is implemented;produces a process rating;addresses the ability of the process to achieve its purpose;is applicable across all application domains and sizes of organization; andmay provide an objective benchmark between organizations.
The minimum set of requirements defined in ISO/IEC 15504-2:2003 ensures that assessment results are objective, impartial, consistent, repeatable and representative of the assessed processes. Results of conformant process assessments may be compared when the scopes of the assessments are considered to be similar; for guidance on this matter, refer to ISO/IEC 15504-4.
|
Withdrawn |
2003-10 |
Edition : 1 |
Number of pages : 16 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15504-2:1998 |
Information technology — Software process assessment — Part 2: A reference model for processes and process capability |
|
Withdrawn |
1998-08 |
Edition : 1 |
Number of pages : 39 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15504-2:2003/Cor 1:2004 |
Information technology — Process assessment — Part 2: Performing an assessment — Technical Corrigendum 1 |
|
Withdrawn |
2004-02 |
Edition : 1 |
Number of pages : 2 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15504-3:2004 |
Information technology — Process assessment — Part 3: Guidance on performing an assessment |
ISO/IEC 15504 (all parts) provides a framework for the assessment of processes. This framework can be used by organizations involved in planning, managing, monitoring, controlling and improving the acquisition, supply, development, operation, evolution and support of products and services.
ISO/IEC 15504-3:2004 provides guidance on meeting the minimum set of requirements for performing an assessment contained in ISO/IEC 15504-2.
It provides an overview of process assessment and interprets the requirements through the provision of guidance on:
performing an assessment; the measurement framework for process capability; process reference models and process assessment models;selecting and using assessment tools;competency of assessors;verification of conformity.
ISO/IEC 15504-3:2004 also provides an exemplar documented assessment process that conforms to the requirements of 4.2 in ISO/IEC 15504-2.
|
Withdrawn |
2004-01 |
Edition : 1 |
Number of pages : 54 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15504-3:1998 |
Information technology — Software process assessment — Part 3: Performing an assessment |
|
Withdrawn |
1998-08 |
Edition : 1 |
Number of pages : 4 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15504-4:2004 |
Information technology — Process assessment — Part 4: Guidance on use for process improvement and process capability determination |
ISO/IEC 15504 provides a framework for the assessment of processes. This framework can be used by organizations involved in planning, managing, monitoring, controlling, and improving the acquisition, supply, development, operation, evolution and support of products and services.
ISO/IEC 15504-4:2004 provides guidance on how to utilize a conformant process assessment within a process improvement programme or for process capability determination.
Within a process improvement (PI) context, process assessment provides a means of characterizing an organizational unit in terms of the capability of selected processes. Analysis of the output of a conformant process assessment against an organizational unit's business goals identifies strengths, weaknesses and risks related to the processes. This, in turn, can help determine whether the processes are effective in achieving business goals, and provide the drivers for making improvements.
Process capability determination (PCD) is concerned with analysing the output of one or more conformant process assessments to identify the strengths, weaknesses and risks involved in undertaking a specific project using the selected processes within a given organizational unit. A process capability determination can provide a fundamental input to supplier selection, in which case it is often termed a "supplier capability determination".
ISO/IEC 15504-4:2004 describes the PI and PCD processes and how to deploy them, and provides guidance on
utilizing process assessment,selecting Process Reference Model(s),setting target capability,defining the assessment input,inferring process-related risk from assessment output,steps of process improvement,steps of process capability determination,comparability of assessment output analysis.
|
Withdrawn |
2004-07 |
Edition : 1 |
Number of pages : 33 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15504-4:1998 |
Information technology — Software process assessment — Part 4: Guide to performing assessments |
|
Withdrawn |
1998-08 |
Edition : 1 |
Number of pages : 18 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15504-5:2006 |
Information technology — Process Assessment — Part 5: An exemplar Process Assessment Model |
ISO/IEC 15504-5:2006 describes an exemplar Process Assessment Model (PAM), conformant with the ISO/IEC 15504-2 requirements for PAMs. It provides guidance, by way of example, on the nature and structure of PAMs, and on the variety and function of different indicators of process performance and capability. It also provides guidance, through example, on the requirements for conformance of PAMs, and on the approaches for demonstration of conformance.
ISO/IEC 15504 provides a framework for the assessment of process capability. This framework can be used by organizations involved in planning, managing, monitoring, controlling and improving the acquisition, supply, development, operation, evolution and support of products and services. It is also intended for use by assessors in the performance of process assessment, and by organizations involved in the development of process reference models, process assessment models or process assessment processes.
|
Withdrawn |
2006-03 |
Edition : 1 |
Number of pages : 162 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15504-5:1999 |
Information technology — Software Process Assessment — Part 5: An assessment model and indicator guidance |
|
Withdrawn |
1999-05 |
Edition : 1 |
Number of pages : 123 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15504-5:2012 |
Information technology — Process assessment — Part 5: An exemplar software life cycle process assessment model |
ISO/IEC 15504-5:2012 provides an example of a Process Assessment Model for use in performing a conformant assessment in accordance with the requirements of ISO/IEC 15504-2.
ISO/IEC 15504-5:2012 provides a detailed description of the structure and key components of the Process Assessment Model, which includes two dimensions: a process dimension and a capability dimension. It also introduces assessment indicators.
ISO/IEC 15504-5:2012 uses process definitions from ISO/IEC 12207:2008 to identify a Process Reference Model. The processes of the Process Reference Model are described in the Process Assessment Model in terms of purpose and outcomes and are grouped in three process categories. The Process Assessment Model expands the Process Reference Model process definitions by including a set of process performance indicators called base practices for each process. The Process Assessment Model also defines a second set of indicators of process performance by associating work products with each process.
ISO/IEC 15504-5:2012 duplicates the definitions of the capability levels and process attributes from ISO/IEC 15504-2, and expands each of the nine attributes through the inclusion of a set of generic practices. These generic practices belong to a set of indicators of process capability, in association with generic resource indicators, and generic work product indicators.
ISO/IEC 15504-5:2012 also provides the following:
a statement of conformance of the Process Assessment Model to the requirements defined in ISO/IEC 15504-2;
selected characteristics for typical work products to assist the assessor in evaluating the capability level of processes;
style guides for defining base practices, work products and generic practices for adjusting the Process Assessment Model, and guidance explaining how to expand or adapt the model;
some processes supplementary to the Process Assessment Model.
|
Withdrawn |
2012-02 |
Edition : 2 |
Number of pages : 196 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15504-6:2013 |
Information technology — Process assessment — Part 6: An exemplar system life cycle process assessment model |
ISO/IEC 15504-6:2013 constitutes a Process Assessment Model, conformant with the requirements of ISO/IEC 15504-2, for the assessment of process capability of system life cycle processes.
The Process Dimension of this Process Assessment Model is based upon the Process Reference Model contained in ISO/IEC 15288.
ISO/IEC 15504-6:2013 provides a new Process Dimension for the Process Assessment Model derived from the revised Process Reference Model contained in ISO/IEC 15288:2008.
The scope of ISO/IEC 15504-6:2013 is consistent with the scope of ISO/IEC 15504-5 in order to assist situations where assessment is being made of both system and software life cycle processes.
Users of ISO/IEC 15504-6:2013 may freely reproduce the detailed descriptions contained in the exemplar assessment model as part of any tool or other material to support the performance of process assessments, so that it can be used for its intended purpose.
|
Withdrawn |
2013-06 |
Edition : 1 |
Number of pages : 126 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15504-6:1998 |
Information technology — Software process assessment — Part 6: Guide to competency of assessors |
|
Withdrawn |
1998-08 |
Edition : 1 |
Number of pages : 22 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15504-6:2008 |
Information technology — Process assessment — Part 6: An exemplar system life cycle process assessment model |
ISO/IEC 15504 provides a framework for the assessment of process capability. This framework can be used by organizations involved in planning, managing, monitoring, controlling and improving the acquisition, supply, development, operation, evolution and support of products and services.
ISO/IEC TR 15504-6:2008 describes an exemplar Process Assessment Model (PAM) for system life cycle processes, conformant with the ISO/IEC 15504-2 requirements for a PAM.
The ISO/IEC TR 15504-6:2008 exemplar PAM is derived from the Process Reference Model (PRM) defined in ISO/IEC 15288, associated with the process attributes defined in ISO/IEC 15504-2. The resulting PAM is a two-dimensional PAM which provides indicators for guidance on the interpretation of the process purposes and outcomes as defined in ISO/IEC 15288, and the process attributes as defined in ISO/IEC 15504‑2. It can be used to perform a process assessment conformant with ISO/IEC 15504-2, either in the context of a process improvement programme or for process capability determination.
ISO/IEC TR 15504-6:2008 describes
the overall structure of the PAM with its process dimension (derived from ISO/IEC 15288) and capability dimension (derived from the measurement framework defined in ISO/IEC 15504-2);
process performance indicators (base practices and work products) for 26 processes drawn from ISO/IEC 15288;
process capability indicators (generic practices, generic resources and generic work products) which characterize, for any process attribute of the capability dimension, what are the expected characteristics that demonstrate achievement of that process attribute.
ISO/IEC TR 15504-6:2008 also includes
the demonstration of conformity of the PAM with the requirements of ISO/IEC 15504-2;
the detailed characteristics of the work products and the generic work products;
guidance for adapting the PAM and defining additional assessment indicators.
|
Withdrawn |
2008-10 |
Edition : 1 |
Number of pages : 118 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15504-7:1998 |
Information technology — Software process assessment — Part 7: Guide for use in process improvement |
|
Withdrawn |
1998-08 |
Edition : 1 |
Number of pages : 36 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15504-7:2008 |
Information technology — Process assessment — Part 7: Assessment of organizational maturity |
ISO/IEC 15504 provides a framework for the assessment of processes. This framework can be used by organizations involved in planning, managing, monitoring, controlling, and improving the acquisition, supply, development, operation, evolution and support of products and services.
ISO/IEC TR 15504-7:2008 defines the conditions for an assessment of organizational maturity; it defines a framework for determining organizational maturity, based upon profiles of process capability derived from process assessment, and defines the conditions under which such assessments are valid.
ISO/IEC TR 15504-7:2008, organizational maturity is an expression of the extent to which an organization consistently implements processes within a defined scope that contributes to the achievement of its business goals (current or projected). An Organizational Maturity Model is based upon one or more specified Process Assessment Model(s), and addresses the domains and contexts for use of the Process Reference Model(s) from which the Process Assessment Model(s) are derived.
The assessment of organizational maturity is undertaken through the performance of process assessment as specified in ISO/IEC 15504-2. Specific conditions are defined in ISO/IEC TR 15504-7:2008 relating to the process scope of the organizational maturity assessment, the organizational scope of the assessment (which has to be specified as representing the elements characterised by the organizational maturity rating), and the data collection strategy (which needs to ensure that the results of the assessment are representative of the organizational scope). On completion of the assessment, the set of process profiles established for the organization determine the rating of the level of organizational maturity based on the framework defined in ISO/IEC 15504-7, as specified in the relevant Organizational Maturity Model.
ISO/IEC TR 15504-7:2008 also contains guidance on implementing the requirements for constructing an Organizational Maturity Model; on performing assessments of organizational maturity; and on the application of organizational maturity ratings for process improvement and capability determination.
|
Withdrawn |
2008-12 |
Edition : 1 |
Number of pages : 36 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15504-8:1998 |
Information technology — Software process assessment — Part 8: Guide for use in determining supplier process capability |
|
Withdrawn |
1998-08 |
Edition : 1 |
Number of pages : 17 |
Technical Committee |
35.080
Software
|
| ISO/IEC TS 15504-8:2012 |
Information technology — Process assessment — Part 8: An exemplar process assessment model for IT service management |
ISO/IEC TS 15504-8:2012 provides an example of an IT Service Management Process Assessment Model (PAM) for use in performing a conformance assessment in accordance with the requirements of ISO/IEC 15504-2. It enables implemented processes of ISO/IEC 20000-1 to be assessed according to the requirements of ISO/IEC 15504-2.
An integral part of conducting an assessment is to use a PAM that is constructed for that purpose. A PAM is related to a Process Reference Model (PRM) and is conformant with ISO/IEC 15504-2.
|
Withdrawn |
2012-09 |
Edition : 1 |
Number of pages : 204 |
Technical Committee |
35.080
Software
|
| ISO/IEC TS 15504-9:2011 |
Information technology — Process assessment — Part 9: Target process profiles |
ISO/IEC TS 15504-9:2011 documents guidelines for target process profiles for capability determination and improvement purposes. It provides guidance for establishing target process profiles for the following purposes:
by or on behalf of an organization with the objective of specifying a target process profile to meet specified needs;
by or on behalf of an organization with the objective of specifying a target process profile against which to assess the actual ability of the organization to meet that target;
by or on behalf of an organization with the objective of specifying a target process profile against which to assess the actual ability of another organization to meet that target;
by or on behalf of an organization with the objective of determining the need for improvement based upon any capability gap between the actual capability and the target process profile.
|
Withdrawn |
2011-08 |
Edition : 1 |
Number of pages : 16 |
Technical Committee |
35.080
Software
|
| ISO/IEC TS 15504-10:2011 |
Information technology — Process assessment — Part 10: Safety extension |
ISO/IEC 15504 provides a framework for the assessment of processes. This framework can be used by organizations involved in planning, managing, monitoring, controlling, and improving the acquisition, supply, development, operation, evolution and support of product and services.
The published ISO/IEC 15504 process assessment models for systems and software do not currently provide a sufficient basis for performing a process capability assessment of processes with respect to the development of complex safety-related systems.
Developing safety-related systems requires specialized processes, techniques, skills and experience. Process amplifications (safety extension) are needed in the area of safety management, safety engineering and safety qualification. ISO/IEC TS 15504-10:2011 presents these amplifications (a safety extension) as three process descriptions: safety management, safety engineering and safety certification processes.
The aim of ISO/IEC TS 15504-10:2011 is not to provide a way to verify the compliance with one or more domain-specific safety standards, nor to extend ISO/IEC 15504 in order to use it as a safety standard against which to verify compliance. The aim is to provide assessors with the necessary means and information for measuring the capability of processes and also defining possible process improvement actions when the software/system under development is safety-related.
ISO/IEC TS 15504-10:2011, as a standalone document, can be used in conjunction with ISO/IEC 15504-5 and/or ISO/IEC TR 15504-6 process assessment models by experienced assessors with minimal support from safety domain experts.
ISO/IEC TS 15504-10:2011 is developed independent of any specific safety standards that define safety principles, methods, techniques and work products. However, elements of relevant safety standards are able to be mapped to the safety extension and the safety extension is intended to be extendable to include specific safety standards requirements.
The influence of the safety extension on the assessment of the processes in ISO/IEC 15504-5 and ISO/IEC TR 15504-6 is described in ISO/IEC TS 15504-10:2011. For each process contained in ISO/IEC 15504-5 and ISO/IEC TR 15504-6, there is an indication of additional issues to be taken into account at assessment time. The issues are provided by means of sentences indicating specific relationships between ISO/IEC 15504-5 and ISO/IEC TR 15504-6 processes and the ISO/IEC TS 15504-10:2011 processes as well as highlighting relevant aspects to be considered to improve the completeness of the data-gathering phase of the assessment. In this way, an assessor can use ISO/IEC TS 15504-10:2011 to check whether, in assessing an ISO/IEC 15504-5 or ISO/IEC TR 15504-6 process, some relevant aspects related to the safety development environment have been missed.
|
Published |
2011-11 |
Edition : 1 |
Number of pages : 25 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 15846:1998 |
Information technology — Software life cycle processes — Configuration Management |
|
Withdrawn |
1998-11 |
Edition : 1 |
Number of pages : 17 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15909-1:2004 |
Systems and software engineering — High-level Petri nets — Part 1: Concepts, definitions and graphical notation |
ISO/IEC 15909-1:2004 defines a semi-graphical modelling language for the specification, design and analysis of discrete event systems, including software and in particular distributed and parallel systems where concurrency is an important characteristic. The technique, High-level Petri Nets, is mathematically defined and may thus be used to provide unambiguous specifications and descriptions of applications. The graphical nature of the technique allows information, or resource flow, and control flow to be visualised, providing a powerful aid to understanding system behaviour. It is also an executable technique, allowing specification prototypes to be developed to test ideas at the earliest and cheapest opportunity. Specifications written in the technique may be subjected to analysis methods to prove properties about the specifications, before implementation commences, thus saving on testing and maintenance time. The field of application encompasses a wide range of systems from technical systems such as manufacturing, business processes, computer software and hardware, telecommunication networks and signalling systems, defence systems, mechatronics, postal services and avionics to biological and sociotechnical systems.
|
Withdrawn |
2004-12 |
Edition : 1 |
Number of pages : 38 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15909-1:2004/Amd 1:2010 |
Systems and software engineering — High-level Petri nets — Part 1: Concepts, definitions and graphical notation — Amendment 1: Symmetric Nets |
|
Withdrawn |
2010-05 |
Edition : 1 |
Number of pages : 10 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15909-1:2019 |
Systems and software engineering — High-level Petri nets — Part 1: Concepts, definitions and graphical notation |
This document defines a Petri net modeling language or technique, called high-level Petri nets, including its syntax and semantics. It provides a reference definition that can be used both within and between organizations, to ensure a common understanding of the technique and of the specifications written using the technique. This document also facilitates the development and interoperability of Petri net computer support tools.
This document is applicable to a wide variety of concurrent discrete event systems and in particular distributed systems. Generic fields of application include:
— requirements analysis;
— development of specifications, designs and test suites;
— descriptions of existing systems prior to re-engineering;
— modeling business and software processes;
— providing the semantics for concurrent languages;
— simulation of systems to increase confidence;
— formal analysis of the behavior of systems;
— and development of Petri net support tools.
This document can be applied to the design of a broad range of systems and processes, including aerospace, air traffic control, avionics, banking, biological and chemical processes, business processes, communication protocols, computer hardware architectures, control systems, databases, defense command and control systems, distributed computing, electronic commerce, fault-tolerant systems, games, hospital procedures, information systems, Internet protocols and applications, legal processes, logistics, manufacturing systems, metabolic processes, music, nuclear power systems, operating systems, transport systems (including railway control), security systems, telecommunications and workflows.
|
Published |
2019-08 |
Edition : 2 |
Number of pages : 29 |
Technical Committee |
35.080
Software
|
| ISO/IEC 23360-4:2006 |
Linux Standard Base (LSB) core specification 3.1 — Part 4: Specification for AMD64 architecture |
ISO/IEC 23360-4:2006 is the AMD64 architecture-specific Core part of the Linux Standard Base (LSB). It supplements the generic LSB Core module with those interfaces that differ between architectures.
Interfaces described in ISO/IEC 23360-4:2006 are mandatory except where explicitly listed otherwise. Core interfaces may be supplemented by other modules; all modules are built upon the core.
|
Withdrawn |
2006-12 |
Edition : 1 |
Number of pages : 77 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15909-2:2011 |
Systems and software engineering — High-level Petri nets — Part 2: Transfer format |
ISO/IEC 15909-2:2011 defines an XML-based transfer format for Petri nets, which are defined conceptually and mathematically in ISO/IEC 15909-1. This transfer format enables the exchange of Petri nets among different Petri net tools and among different parties. Moreover, ISO/IEC 15909-2:2011 defines some concepts and XML-based syntax for defining the detailed graphical appearance of Petri nets.
The focus of ISO/IEC 15909-2:2011 is on the transfer format for Place/Transition Nets, High-level Petri Nets and Symmetric Nets. The presentation, however, is structured in such a way that it is open for future extensions, so that other versions of Petri nets can be added later. The exact definition of this extension mechanism, called Petri net type definition, is not defined in ISO/IEC 15909-2:2011; it will be defined in ISO/IEC 15909-3.
The transfer format will be used to transfer specifications of systems developed in High-level Petri Nets between tools to facilitate the development of systems in teams.
ISO/IEC 15909-2:2011 is written as a reference for developers of Petri net tools. It will also be useful for researchers who define new versions and variants of Petri nets.
|
Published |
2011-02 |
Edition : 1 |
Number of pages : 102 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15909-2:2011/Cor 1:2013 |
Systems and software engineering — High-level Petri nets — Part 2: Transfer format — Technical Corrigendum 1 |
|
Published |
2013-12 |
Edition : 1 |
Number of pages : 8 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15909-3:2021 |
Systems and software engineering — High-level Petri nets — Part 3: Extensions and structuring mechanisms |
This document defines enrichments, extensions and structuring mechanisms of Petri nets, applied on the definitions proposed in ISO/IEC 15909-1. This document facilitates the definitions of new kinds of Petri nets and their interoperability, while remaining compatible with those defined in ISO/IEC 15909-1.
This document is written as a reference for designers of new Petri net variants, by defining common enrichments, extensions and structuring mechanisms, as well as a generalized process for defining new ones.
This document is applicable to a wide variety of concurrent discrete event systems and in particular distributed systems. Generic fields of application include:
— requirements analysis;
— development of specifications, designs and test suites;
— descriptions of existing systems prior to re-engineering;
— modelling business and software processes;
— providing the semantics for concurrent languages;
— simulation of systems to increase confidence;
— formal analysis of the behaviour of systems;
— and development of Petri net support tools.
This document can be applied to the design of a broad range of systems and processes, including aerospace, air traffic control, avionics, banking, biological and chemical processes, business processes, communication protocols, computer hardware architectures, control systems, databases, defence command and control systems, distributed computing, electronic commerce, fault-tolerant systems, games, hospital procedures, information systems, Internet protocols and applications, legal processes, logistics, manufacturing systems, metabolic processes, music, nuclear power systems, operating systems, transport systems (including railway control), security systems, telecommunications and workflow.
|
Published |
2021-11 |
Edition : 1 |
Number of pages : 15 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15910:1999 |
Information technology — Software user documentation process |
|
Withdrawn |
1999-12 |
Edition : 1 |
Number of pages : 52 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15939:2002 |
Software engineering — Software measurement process |
|
Withdrawn |
2002-07 |
Edition : 1 |
Number of pages : 37 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE 15939:2017 |
Systems and software engineering — Measurement process |
ISO/IEC/IEEE 15939:2017 provides an elaboration of the measurement process from ISO/IEC 15288 and ISO/IEC 12207. The measurement process is applicable to system and software engineering and management disciplines. The process is described through a model that defines the activities of the measurement process that are required to adequately specify what measurement information is required, how the measures and analysis results are to be applied, and how to determine if the analysis results are valid. The measurement process is flexible, tailorable, and adaptable to the needs of different users.
ISO/IEC/IEEE 15939:2017 identifies a process that supports defining a suitable set of measures that address specific information needs. It identifies the activities and tasks that are necessary to successfully identify, define, select, apply, and improve measurement within an overall project or organizational measurement structure. It also provides definitions for commonly used measurement terms.
|
Published |
2017-05 |
Edition : 1 |
Number of pages : 39 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15939:2007 |
Systems and software engineering — Measurement process |
ISO/IEC 15939:2007 defines a measurement process applicable to system and software engineering and management disciplines. The process is described through a model that defines the activities of the measurement process that are required to adequately specify what measurement information is required, how the measures and analysis results are to be applied, and how to determine if the analysis results are valid. The measurement process is flexible, tailorable, and adaptable to the needs of different users.
ISO/IEC 15939:2007 identifies a process that supports defining a suitable set of measures that address specific information needs. It identifies the activities and tasks that are necessary to successfully identify, define, select, apply and improve measurement within an overall project or organizational measurement structure. It also provides definitions for measurement terms commonly used within the system and software industries.
|
Withdrawn |
2007-08 |
Edition : 2 |
Number of pages : 38 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15940:2006 |
Information Technology — Software Engineering Environment Services |
ISO/IEC 15940:2006 defines the software engineering environment (SEE) services conceptually in a reference model that can be adapted to any SEEs to automate one or more software engineering activities.
It describes services that support the process definitions as in ISO/IEC 12207 so that the set of SEE Services are compatible with ISO/IEC 12207.
ISO/IEC 15940:2006 can be used either as a general reference, or to define an automated software process.
|
Withdrawn |
2006-06 |
Edition : 1 |
Number of pages : 51 |
Technical Committee |
35.080
Software
|
| ISO/IEC 15940:2013 |
Systems and software engineering — Software Engineering Environment Services |
ISO/IEC 15940:2013 aims to update ISO/IEC 15940:2006 to take into account the changes of ISO/IEC 12207:2008 and to add/complete the set of Software Engineering Environment services for software and system processes.
Software engineering environments services, or SEE services, refers to a collection of services, partially or fully automated by software tools, that are used to support the execution of human activities in systems and software engineering.
ISO/IEC 12207:2008 describes a comprehensive set of processes, activities and tasks to be performed when acquiring or developing a system/software. It does not address their implementation or their automation. These activities are usually carried out within a software or system development/maintenance project, and cover such areas as the specification, development, re-engineering or maintenance of systems.
ISO/IEC 15940:2013 describes SEE services and relates them to ISO/IEC 12207:2008 in a manner applicable to a range of organizations. In defining a life cycle process for an organization, the user needs to find the appropriate level of automation provided by a software engineering environment. This may result in establishing a new SEE service or improving an existing one.
The suite of SEE services described supports the process definitions in ISO/IEC 12207:2008. The purpose is to define a set of SEE services that are compatible with ISO/IEC 12207:2008, and that can be used either as a general reference, or to define an automated software and system process.
|
Published |
2013-03 |
Edition : 2 |
Number of pages : 63 |
Technical Committee |
35.080
Software
|
| ISO/IEC 16085:2004 |
Information technology — Software life cycle processes — Risk management |
ISO/IEC 16085:2004 defines a process for the management of risk during software acquisition, supply, development, operations and maintenance. It is intended that both technical and managerial personnel throughout an organization apply ISO/IEC 16085:2004.
|
Withdrawn |
2004-10 |
Edition : 1 |
Number of pages : 23 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE 16085:2021 |
Systems and software engineering — Life cycle processes — Risk management |
This document:
— provides risk management elaborations for the processes described in ISO/IEC/IEEE 15288 and ISO/IEC/IEEE 12207,
— provides the users of ISO/IEC/IEEE 15288, ISO/IEC/IEEE 12207 and their associated elaboration standards with common terminology and specialized guidance for performing risk management within the context of systems and software engineering projects,
— specifies the required information items that are to be produced through the implementation of risk management process for claiming conformance, and
— specifies the required contents of the information items.
This document provides a universally applicable standard for practitioners responsible for managing risks associated with systems and software over their life cycle. This document is suitable for the management of all risks encountered in any organization or project appropriate to the systems or software projects regardless of context, type of industry, technologies utilized, or organizational structures involved.
This document does not provide detailed information about risk management practices, techniques, or tools which are widely available in other publications. Instead this document focuses on providing a comprehensive reference for integrating the large and wide variety of processes, practices, techniques, and tools encountered in systems and software engineering projects and other lifecycle activities into a unified approach for risk management, with the purpose of providing effective and efficient risk management while meeting the expectations and requirements of organization and project stakeholders.
|
Published |
2021-01 |
Edition : 1 |
Number of pages : 47 |
Technical Committee |
35.080
Software
|
| ISO/IEC 16085:2006 |
Systems and software engineering — Life cycle processes — Risk management |
ISO/IEC 16085:2006 defines a process for the management of risk in the life cycle. It can be added to the existing set of system and software life cycle processes defined by ISO/IEC 15288 and ISO/IEC 12207, or it can be used independently.
ISO/IEC 16085:2006 can be applied equally to systems and software.
Risk management is a key discipline for making effective decisions and communicating the results within organizations. The purpose of risk management is to identify potential managerial and technical problems before they occur so that actions can be taken that reduce or eliminate the probability and/or impact of these problems should they occur. It is a critical tool for continuously determining the feasibility of project plans, for improving the search for and identification of potential problems that can affect life cycle activities and the quality and performance of products, and for improving the active management of projects.
|
Withdrawn |
2006-12 |
Edition : 2 |
Number of pages : 34 |
Technical Committee |
35.080
Software
|
| ISO/IEC TR 16326:1999 |
Software engineering — Guide for the application of ISO/IEC 12207 to project management |
|
Withdrawn |
1999-12 |
Edition : 1 |
Number of pages : 30 |
Technical Committee |
35.080
Software
|
| ISO/IEC/IEEE 16326:2009 |
Systems and software engineering — Life cycle processes — Project management |
ISO/IEC/IEEE 16326:2009 provides normative content specifications for project management plans covering software projects, and software-intensive system projects. It also provides detailed discussion and advice on applying a set of project processes that are common to both the software and system life cycle as covered by ISO/IEC 12207:2008 (IEEE Std 12207-2008) and ISO/IEC 15288:2008 (IEEE Std 15288-2008), respectively. The discussion and advice are intended to aid in the preparation of the normative content of project management plans. ISO/IEC/IEEE 16326:2009 is the result of the harmonization of ISO/IEC TR 16326:1999 and IEEE Std 1058-1998.
|
Withdrawn |
2009-12 |
Edition : 1 |
Number of pages : 32 |
Technical Committee |
35.080
Software
|
| ISO/IEC 19506:2012 |
Information technology — Object Management Group Architecture-Driven Modernization (ADM) — Knowledge Discovery Meta-Model (KDM) |
ISO/IEC 19506:2012 defines a meta-model for representing existing software assets, their associations, and operational environments, referred to as the Knowledge Discovery Meta-model (KDM). This is the first in the series of specifications related to Software Assurance (SwA) and Architecture-Driven Modernization (ADM) activities. KDM facilitates projects that involve existing software systems by insuring interoperability and exchange of data between tools provided by different vendors.
|
Published |
2012-04 |
Edition : 1 |
Number of pages : 331 |
Technical Committee |
35.080
Software
|