software engineering standards int -...

6/21/2008

1

Software Engineering StandardsIntroduction

9126

J-016

9000

1679

1028

15288

12207

CMMI

730

CMM

6/21/2008 2

Outline1. Definitions2. Sources of Standards3. Why Use Standards ?4. ISO and Software Engineering Standards5. IEEE Software Engineering Collection

Sources: IEEE Standards, Software Engineering, Volume Three: Product Standards, Introduction to the1999 Edition, pages i to xxiii.

Horch, J., ‘Practical Guide to Software Quality management’, Artech House, 1996, chap 2.Wells, J., ‘An Introduction to IEEE/EIA 12207’, US DoD, SEPO, 1999.Moore, J., ‘Selecting Software Engineering Standards’, QAI Conference, 1998.Moore, J., ‘The Road Map to Software Engineering: A Standards-Based Guide’, Wiley-IEEE

Computer Society Press, 2006.Moore, J.,’An Integrated Collection of Software Engineering Standards’, IEEE Software, Nov 1999.

Gray, L., ‘Guidebook to IEEE/EIA 12207 Standard for Information Technology, Software Life Cycle Processes’, Abelia Corporation, Fairfax, Virginia, 2000.

Coallier, F.; International Standardization in Software and Systems Engineering, Crosstalk, February 2003, pp. 18-22.

6/21/2008

2

6/21/2008 3

Exemple d’un système complexe

Système degestion du trafic

aérien

Système de Transport Aérien

Systèmede distributiondu kérosène

Systèmeaéroportuaire

Système deréservation

Système detransportterrestre


Système avionSystème de

Structure

Système depropulsion

équipage

Système de gestion de la

vie à bord

Système decontrôle de vol

Navigationsystem

Système de réceptionGPS

Systèmede VisualisationSystème de

navigation

Système degestion du trafic

aérien

Systèmede distributiondu kérosène

Systèmeaéroportuaire

Système deréservation


Système detransportmaritime

Système avioniqueSystème de

Structure

Système depropulsion

équipage

Système de gestion de la

vie à bord

Système decontrôle de vol

Navigationsystem

Système de réceptionGPS

Systèmede visualisation

Système denavigation

Système de transport aérien

6/21/2008 4

Toward a Software Engineering Profession

Source: Steve McConnel, 1999

• What does it take ?1. Body of Knowledge (e.g. SWEBOK)2. Standards3. ‘Best practices’ (i.e. techniques proven to work)4. Education5. Code of Ethics6. Certification mechanism7. Licensing mechanism

6/21/2008

3

6/21/2008 5

• Mandatory requirements employed and enforced to prescribe a disciplined uniformapproach to software development, that is, mandatory conventions and practices are in fact standards.

(ISO/IEC 24765, Systems and Software Engineering Vocabulary)

Standard: Définition

http://pascal.computer.org/sev_display/index.action

6/21/2008 6

Standard: Définition• Formal mandatory requirements developed and used

to prescribe consistent approaches to development (e.g., ISO/IEC standards, IEEE standards, and organizational standards). (source: CMMI)– Normative: “prescribing a norm or standard” (Webster)– Informative: Tell users something useful about the standard

itself, or provide information that complements the normative parts (source: Gray 2000)

Intrant

ExtrantProcessus

Evaluation de la conformité

6/21/2008

4

6/21/2008 7

Normes et Standards• Norme de jure

– Norme définie et adoptée par une organisation officiellede normalisation, sur le plan national ou international.

• Norme de facto– Norme qui n’a pas été définie ni entérinée par un

organisme officiel de normalisation mais qui s’est imposée par la force des choses, parce qu’elle fait consensus auprès des utilisateurs, d’un groupe d’entreprises ou encore d’un consortium

Adapté de F Coallier

6/21/2008 8

Normes/Standards ouverts

• Sa définition est accessible à tous,• Son utilisation n’est pas sujette à des redevances

de la part d’un propriétaire,• Au moins une implémentation de référence existe,• Il est possible de vérifier la conformité d’un

système/processus à ce standard

Adapté de F Coallier

6/21/2008

5

6/21/2008 9

Software engineering: Definition

(1) The application of a systematic, disciplined, quantifiable approach to the development, operation and maintenance of software, that is, the application of engineering to software.

-- IEEE Std 610.12

6/21/2008 10

Software engineering standards

• Approximately 315 software engineering standards, guides, handbooks, and technical reports are maintained by approximately 46 professional, sector, national, and international standards organizations.

• In 1981, IEEE had one software engineering standard. By year end 1997, the collection had grown to 44.

Source: Moore 98

6/21/2008

6

6/21/2008 11

Roles of Software Engineering Standards

1. Specify techniques to develop software faster, cheaper, better, IEEE 982.1 (Measures for Reliable SW)

2. Provide consensus validity for “best practices” that cannotbe scientifically validated, IEEE 1008 (Unit Testing)

3. Provide a systematic treatment of “ilities”, IEEE 730 (SW Quality Assurance)

4. Provide uniformity in cases where agreement is more important than small improvements, IEEE P1320.1 (IDEF0)

5. Provide a framework for communication between buyerand seller, IEEE/EIA 12207 (SW Life Cycle Processes)

6. Give precise names to concepts that are fuzzy, complex, detailed and multidimensional, IEEE 1028 (SW Reviews)

More exciting

More effectiveSource: J Moore 98

6/21/2008 12

Software Engineering Standards - ScopeProcess

1. Acquisition2. Requirements

definition3. Design4. Code and Test5. Integration6. Maintenance and

Operations7. CM8. Documentation9. Project Management10. Quality Assurance11. V & V

Technique/Tool1. CASE tools2. Languages and

Notations3. Metrics4. Privacy5. Process

Improvement6. Reliability7. Safety8. Security9. Software reuse10. Vocabulary

Applicability1. General2. Defense3. Financial4. Medical5. Nuclear6. Process Control7. Scientific8. Shrink-wrap9. Transportation

Source: Moore 98

Most software engineering standards are practice standards rather than the more familiar product standards in other fields (e.g. chemistry).

6/21/2008

7

6/21/2008 13Source: Moore 05

Software Engineering Standards Organizational Goals

1. Improve and evaluate software competence2. Framework for two-party agreements3. Evaluation of software products4. Assurance of high integrity levels for software

products

6/21/2008 14

Why Use Standards?1. Establish uniform requirements and vocabulary for development and

documentation

2. Define a common framework for software life cycle processes

3. Clarify the roles and interfaces of participants

4. Clarify the types and contents of documentation

5. Identify the tasks, phases, baselines, reviews, and documents needed

6. Follow the lessons learned and proven (best) practices of the industry

7. Avoid the pitfalls and problems of the past

8. Save time and $ by not reinventing the wheel again (NRH vs. NIH).

9. Select a supplier or a developer (e.g. ISO 9000)

10. Impose requirements in a contract

11. Impose a trade barrier !

(NRH= Not Re-Invented Here; NIH = Not Invented here)

6/21/2008

8

6/21/2008 15

Software Engineering Standardsin Courts (US)

• Courts generally view the application of standards as important evidence that engineers performed their work with appropriate diligence and responsibility.

• If sued for negligence or reckless conduct, an engineer can cite the standards used when he or she conducted the work to demonstrate that it was performed in accordance with codified professional practices.

Moore, J.,’An Integrated Collection of Software Engineering Standards’, IEEE Software, Nov 1999.

6/21/2008 16

PSP

IEEE/EIA 12207

Baldrige

ISO/IEC 15504

People CMM

IPD-CMM*

SECAM

SCE

MIL-STD-498

DOD-STD-

2167A

MIL-STD499B*

ISO/IEC12207IEEE

1220

SDCE

SE-CMM

EIA/IS731

EIA/IS 632

ISO 9000series

EIA 632

SSE-CMM

ISO/IEC 15288*

*not released **based on CBA IPI, SAM, and others # V2 also based on many othersSee www.software.org/quagmire

CMMI

SA-CMM

Q9000

DOD-STD-2168

Source: Sarah Sheard, SPC

FAA-iCMM#

RTCA DO-178B

SW-CMM

TL9000

ISO 15939*

PSM

SCAMPI

CBA IPI

SAM

FAM**

Process StdsQuality StdsMaturity or Capability

ModelsAppraisalmethods

Guidelines

Six Sigma

J-STD016

DOD-STD-

7935ATSP

The Frameworks Quagmire

supersedes

uses/referencesbased on

Italic = obsoleteboxed = integrating

6/21/2008

9

6/21/2008 17

Sources of Standards1. Within an organization

– Documented from day-to-day activities2. From consultants mandated to develop them3. From manufacturers’ user groups (e.g. IBM)4. From a group of companies working together (e.g. Telecom)5. From professional groups (e.g. IEEE)6. From government agencies (e.g. NASA, Transport)7. From Standards Organizations (e.g. ISO)8. From Countries (e.g. Conseil canadien des normes)

6/21/2008 18

Outline

1. Definitions2. Sources of Standards3. Why Use Standards ?4. ISO and Software Engineering Standards

• Name of organization ISO comes from ‘ISOS’ a greek word‘Equal’

5. IEEE Software Engineering Collection

6/21/2008

10

6/21/2008 19

Life cycle processes

ISO IEC

JTC1TC176

SC1

Other WGs WG9 WG15

SC22Terminology Software

EngineeringLanguage, OS

POSIXAda

Quality Information Technology

SC7

TC56 SC65A

ITU

Dependability Functional Safety

Members of these committees are “national bodies,” i.e. countries, represented by “national delegations.”

WG7

International Software Standards Developers

6/21/2008 20

International Organization For Standardization

• ESTABLISHED: 1947

• OBJECT: Promote the development of standardization ... in the world... to facilitating international exchange of goods and services

• MEMBERS: 148 countries• Over 14,000 Standards

• TECHNICAL COMMITTEES (TCs): Carry out technical work

• TCs THAT MAY IMPACT SOFTWARE ENGINEERING:- TC 10: Technical Drawings- TC 20: Space and aircraft vehicles - TC 46: Information and documentation- TC 145: Graphical symbols- TC 154: Documents and data elements in administration, commerce and industry- TC 159: Ergonomics- TC 176: Quality management and quality assurance- TC 184: Industrial automation systems

6/21/2008

11

6/21/2008 21

Joint Technical Committee 1Information Technology

IECISO

SC1 - VocabularySC2 - Character sets & information codingSC6 - Telecommunications & information exchange between systemsSC7 - Software and System EngineeringSC11 - Flexible magnetic media for digital data interchangeSC14 - Representation of data elementsSC15 - Labeling and file structureSC17 - Identification cards & related devicesSC18 - Document processing and related communicationSC21 - Information retrieval, transfer & management for OSISC22 - Programming languages, their environments & systems software interfacesSC23 - Optical disk cartridges for information interchangeSC24 - Computer graphics and image processingSC25 - Interconnection of information technology equipmentSC26 - Microprocessor systemsSC27 - IT security techniquesSC28 - Office equipmentSC29 - Coded representation of picture, audio and multimedia/hypermedia information

ESTABLISHED: 1987OBJECT: TO CARRY ON STANDARDIZATION WORK IN INFORMATION TECHNOLOGY

JTC1

6/21/2008 22

SC7 - Terms of Reference

Standardization of processes, methods and supporting technologies for the

engineering and management of softwareand systems throughout their life cycles.

Standardization of processes, methods and supporting technologies for the

engineering and management of softwareand systems throughout their life cycles.

6/21/2008

12

6/21/2008 23

ProjectManagement

ComputerSciences andEngineering Dependability

Engineering(IEC TC 56)

Safety(IEC TC65),

Security, other mission-critical

IndustrialEngineering

QualityManagement(ISO TC 176)

APPLICATIONDOMAINS

(many TCs)

SOFTWARE and SYSTEMS SOFTWARE and SYSTEMS ENGINEERINGENGINEERING

ISO/IEC JTC 1/SC7

6/21/2008 24

SC7Prof F. Coallier

SYSTEM SOFTWARE

DOCUMENTATION

WG2

WG6 , WG12 & WG13EVALUATIONS AND

MEASUREMENTS

Prof J-M Desharnais

PROCESS ASSESSMENT

WG 10

TOOLS AND ENVIRONMENT

WG 4

LIFE CYCLE PROCESSES

WG 7

SYSTEM INTEGRITY

WG 9

BPGSWG 1

ODP Enterprise Language

WG 17

ODP and Modeling Languages

WG 19

SWG 5ArchitectureManagement

Quality ManagementProf W. Suryn

SecretariatProf W Suryn

Certification of Software Engineers

Prof C Laporte

WG 20

WG 18

Asset Management

WG 21

Very Small EnterprisesProf C Laporte

WG24

6/21/2008

13

6/21/2008 25

Standards Produced and Maintained by SC7

SC7 Secretariat ReportMoscow, May 2007.

0

10

20

30

40

50

60

70

80

90

100

1987 1989 1991 1993 1995 1997 1999 2001 2003 2005 2007

Standards Published

Standards Maintained

6/21/2008 26

ProcessImplementation and

Assessment

12207

15271

90003

15504Process

Assessment

Software Engineering

15288

19760

Systems Engineering

659292941591018019

Documentation

15939Measurement

15846

ConfigurationManagement

SC7’s legacy

353514759

1608515026

Risk & Integrity

19770Asset

Management

14764

Softwaremaintenance

16326

ProjectManagement

Software Quality

91261459814756

ProductProduct packaging

9127

Product Evaluation

12119

SoftwareFunctional sizemeasurement

1414319761209262096824570

15289

Tools, Methods

14102144711594018018

Tools and environment

5806 – 5807 – 6593 8631 – 8790 – 11411

SC7 Legacy Standards

10746, 1323514750, 1475214753, 1476914771, 1541415935, 19500Specifications

Documentation

Vocabulary

12182Software Body of Knowledge(SWEBOK)

19759

Foundation

14568154741547515476

CDIF

1543715909195018807

Modeling

From SWG5

Standards Collection

6/21/2008

14

6/21/2008 27

Relationships betweenISO/IEC software engineering standards

SURYN, W., HAILEY V, COSTER, A., Huge potential user base for ISO/IEC 90003the state of the art for improving quality in software engineering, ISO Focus, July-August 2004

6/21/2008 28

Outline

1. Definitions2. Sources of Standards3. Why Use Standards ?4. ISO and Software Engineering Standards5. IEEE Software Engineering Collection

• http://standards.computer.org/sesc/• Bibliothèque de l’ÉTS

• IExplore donne accès à toutes les normes IEEE

6/21/2008

15

6/21/2008 29

• Mission1. Identify and understand user needs in the field of

software engineering2. Develop an integrated family of standards that respond

effectively to user needs3. Support implementation of these standards4. Facilitate meaningful evaluation of resulting

implementations

– Using the IEEE processes to achieve consensus and compatibility with other IEEE standards

– Harmonization with international standards • e.g. ISO

IEEE Computer SocietySoftware Engineering Standards

Committee (SESC)

6/21/2008 30

• Purpose1. Provide a vocabulary for communication between

participants in the software engineering process,2. Provide objective criteria for understanding claims

regarding a product’s nature,3. Provide methods for specifying product

characteristics, and4. Assure that quality assurance practices were applied

IEEE Computer SocietySESC Collection

Source: Tripp, L., ‘Benefits of Certification’, IEEE Computer, June 2002

6/21/2008

16

6/21/2008 31


• Currently numbers over 50 standards.– Over 2400 pages

• Book provides a guide to the collection.

6/21/2008 32Source: Moore 98

Software Engineering Standards:Importance

1. They consolidate existing technology into a firm basis for introducing newer technology

2. They increase professional discipline3. They protect the business4. They protect the buyer5. They improve the product

6/21/2008

17

6/21/2008 33


Process

Project

Resource

Customer Product

aids transforms

producesInterects

with

uses

Applies to

interactswith

6/21/2008 34

Framework of Collection

Overall Guide

Terminology

“Toolbox” ofTechnique Standards

Customer Resource Process Product

Principles or Policies

Element Standards

Application Guides

SystemDisciplines

SoftwareEngineering

QualityManagement

Terminology

ISO and IECStandards

Source: Moore 98

6/21/2008

18

6/21/2008 35

• IEEE/EIA12207, Software Life Cycle Processes, is an umbrella for all of the customer and process standards in the SESC collection.

• All of the relevant standards will be revised to improve their fit with 12207– Many of them will detail the processes of the 12207 framework.

• From the user’s viewpoint, IEEE/EIA 12207 will serve as a single entry point to all the process standards of the IEEE software engineering collection.

• As a baseline to articulate new processes.– IEEE Std. 1517, Software Reuse Processes, adds three reuse

specific processes to those of 12207– IEEE Std. 1540 standard adds a software risk management process.

SESC CollectionIEEE/EIA 12207 – Umbrella Standard

6/21/2008 36

Outer Layer of SESC collection

Customerstandards

Processstandards

610.12IEEE glossary

[Moore97]

Productstandards

Resourcestandards

1044Classification of

anomalies

1044.1Guide to

1044

Terminology

OverallGuide

Principles

ElementStandards

ApplicationGuides and

Supplements

“Toolbox” ofTechniques

Source: Moore 98

6/21/2008

19

6/21/2008 37

SESC Collection – Customer Stack

Two-PartyAgreement

Principles

ElementStandards


Supplements

SupplierSelection System Stakeholders

12207.0Software life cycle processes

J-Std-016Acq / sup

agreement

12207.1 and 2Guide to software life cycle data and processes

1062Software

acquisition

1220Systems eng

process

1228SW safety

plans

1233Guide--System

rqmts spec

1362Concept of

operations doc

Source: Moore 98

6/21/2008 38

GeneralProcesses

1074.1Guide to 1074

730.1Guide--SW QA

planning

Principles

ElementStandards


Supplements

PrimaryProcesses

SupportingProcesses

ProcessMeasurement

12207.0Software life cycle (SWLC) processes

12207.1Guide--SW life

cycle data

12207.2Guide--SWLC

process

1220Systems eng.

process

1362Concept of

operations doc

1233Guide--System

rqmts spec

1058.1SW projectmgmt plans

1074DevelopingSWLC proc

J-Std-016Acq/sup

agreement

829SW test

documentation

830SW require-ments spec

1008SW unittesting

1219SW maint.

730SW QA plans

828SW CM plans

1012SW V & V

plans

1028SW reviewsand audits

1042Guide-SW CM

1059Guide--SWV & V plans

1298SW quality

mgmt system

1045SW product-ivity metrics

SESC Collection – Process Stack

Source: Moore 98

6/21/2008

20

6/21/2008 39

SESC Collection –Product Stack

Charac-teristics

982.2Guide to

982.1

730.1Guide--SW QA

planning

Principles

ElementStandards


Supplements

ProductMeasurement

ProductEvaluation

End ItemSpecification

730SW QA plans

982.1Measures forreliable SW

1012SW V & V

plans

1059Guide--SWV & V plans

1063SW user

documentation

1228SW safety

plans

1233Guide--System

reqmts spec

1362Concept of

operations doc

1061Software quality

metrics methodology

Source: Moore 98

6/21/2008 40

SESC Collection – Resource Stack

Data Storage& Interchange

1016.1Guide to

1016

Principles

ElementStandards


Supplements

Notation ReuseLibraries

Tools &Environments

829SW test

documentation

830SW rqmts

specifications

1016SW designdescriptions

1175Tool inter-connection

P1471Architecturaldescription

P1320.xIDEF

1430Guide to1420.x

1420.xData model forreuse lib interop

1209Selection

of CASE tools

1348Adoption ofCASE tools

Source: Moore 98

6/21/2008

21

6/21/2008 41

SESC Standards for Project Management

STANDARD TITLE VOLUME

IEEE std 1044-1993 IEEE Standard Classification for Software Anomalies

Volume Four : Resource and Technique Standards

IEEE std 1044.1-1995 IEEE Guide to Classification for Software Anomalies

Volume Four : Resource and

IEEE std 1058-1998 IEEE Standard for Software Project Management Plans

Volume Two : Process Standards

IEEE std 1490-1998 IEEE Guide to the Project management body of knowledge


6/21/2008 42

SESC Standards for PlansSTANDARD TITLE VOLUME

IEEE std 730-1998 IEEE Standard for Software Quality Assurance Plans


IEEE std 730.1-1995 IEEE Guide for Software Quality Assurance Planning


IEEE std 828-1998 IEEE Standard for Software configuration Management Plans


IEEE std 1012-1998 IEEE Standard for Software Verification and Validation


IEEE std 1012a-1998 Supplement to IEEE Standard for Software Verification and validation


IEEE std 1228-1998 IEEE Standard for Software Safety Plans

Volume One : Customer and Terminology Standards

6/21/2008

22

6/21/2008 43

SESC Standards for Documentation


IEEE std 829-1998 IEEE Standard for Software Test Documentation

Volume Four : Resource and Technique standards

IEEE std 830-1998 IEEE Recommended Practice for Software requirements Specifications


IEEE std 1016-1998 IEEE Recommended Practice for Software Design Descriptions


IEEE std 1063-1987 IEEE Standard for Software User Documentation

Volume Three : Product Standards

IEEE std 1233-1998 Edition IEEE Guide for Developing System Requirements Specifications

Volume One : Customer and terminology Standards

IEEE std 1362-1998 IEEE Guide for Information Technology – System Definition – Concept of Operations Document

Volume One : Customer and Terminology Standards

6/21/2008 44

SESC Standards for Measurement


IEEE std 982.1-1998 IEEE Standard Dictionary of Measures to Produce Reliable Software

Volume Three : Product standards

IEEE std 982.2-1998 IEEE Guide for the Use of Standard Dictionary for Measures to Produce Reliable Software


IEEE std 1045-1992 IEEE Standard for Software Productivity Metrics


IEEE std 1061-1998 IEEE Standard for a Software Quality Metrics Methodology


6/21/2008

23

6/21/2008 45

Sites

• http://standards.computer.org/sesc/

• http://www.iso.ch/