1、 IEEE Standard Adoption of ISO/IEC 15026-4Systems and Software EngineeringSystems and Software AssurancePart 4: Assurance in the Life Cycle Sponsored by the Software +1 978 750 8400. Permission to photocopy portions of any individual standard for educational classroom use can also be obtained throug
2、h the Copyright Clearance Center. Copyright 2013 IEEE. All rights reserved. iv Notice to users Laws and regulations Users of IEEE Standards documents should consult all applicable laws and regulations. Compliance with the provisions of any IEEE Standards document does not imply compliance to any app
3、licable regulatory requirements. Implementers of the standard are responsible for observing or referring to the applicable regulatory requirements. IEEE does not, by the publication of its standards, intend to urge action that is not in compliance with applicable laws, and these documents may not be
4、 construed as doing so. Copyrights This document is copyrighted by the IEEE. It is made available for a wide variety of both public and private uses. These include both use, by reference, in laws and regulations, and use in private self-regulation, standardization, and the promotion of engineering p
5、ractices and methods. By making this document available for use and adoption by public authorities and private users, the IEEE does not waive any rights in copyright to this document. Updating of IEEE documents Users of IEEE Standards documents should be aware that these documents may be superseded
6、at any time by the issuance of new editions or may be amended from time to time through the issuance of amendments, corrigenda, or errata. An official IEEE document at any point in time consists of the current edition of the document together with any amendments, corrigenda, or errata then in effect
7、. In order to determine whether a given document is the current edition and whether it has been amended through the issuance of amendments, corrigenda, or errata, visit the IEEE-SA Website at http:/standards.ieee.org/index.html or contact the IEEE at the address listed previously. For more informati
8、on about the IEEE Standards Association or the IEEE standards development process, visit IEEE-SA Website at http:/standards.ieee.org/index.html. Errata Errata, if any, for this and all other standards can be accessed at the following URL: http:/standards.ieee.org/findstds/errata/index.html. Users ar
9、e encouraged to check this URL for errata periodically. Copyright 2013 IEEE. All rights reserved. v Patents Attention is called to the possibility that implementation of this standard may require use of subject matter covered by patent rights. By publication of this standard, no position is taken by
10、 the IEEE with respect to the existence or validity of any patent rights in connection therewith. If a patent holder or patent applicant has filed a statement of assurance via an Accepted Letter of Assurance, then the statement is listed on the IEEE-SA Website at http:/standards.ieee.org/about/sasb/
11、patcom/patents.html. Letters of Assurance may indicate whether the Submitter is willing or unwilling to grant licenses under patent rights without compensation or under reasonable rates, with reasonable terms and conditions that are demonstrably free of any unfair discrimination to applicants desiri
12、ng to obtain such licenses. Essential Patent Claims may exist for which a Letter of Assurance has not been received. The IEEE is not responsible for identifying Essential Patent Claims for which a license may be required, for conducting inquiries into the legal validity or scope of Patents Claims, o
13、r determining whether any licensing terms or conditions provided in connection with submission of a Letter of Assurance, if any, or in any licensing agreements are reasonable or non-discriminatory. Users of this standard are expressly advised that determination of the validity of any patent rights,
14、and the risk of infringement of such rights, is entirely their own responsibility. Further information may be obtained from the IEEE Standards Association. Participants At the time this IEEE standard was completed, the Life Cycle Processes Working Group had the following membership: James W. Moore,
15、IEEE Computer Society Liaison to ISO/IEC JTC 1/SC7 The following members of the individual balloting committee voted on this standard. Balloters may have voted for approval, disapproval, or abstention. Ed Addario Edward Addy Pieter Botman Bill Brown Sue Carroll Lawrence Catchpole Keith Chow Scott Cr
16、awford Paul Croll Geoffrey Darnton Ronald Dean Sourav Dutta Andrew Fieldsend David Friscia David Fuschi Gregg Giesler Randall Groves Louis Gullo John Harauz Mark Henley David Herrell Richard Hilliard Werner Hoelzl Bernard Homes Peter Hung Noriyuki Ikeuchi Atsushi Ito Mark Jaeger Cheryl Jones Piotr K
17、arocki Ronald Kohl Thomas Kurihara George Kyle Susan Land David Leciston Murray Little Claire Lohr James W. Moore Michael S. Newman Ulrich Pohl Robert Robinson Benjamin Rolfe Sergio Santos Bartien Sayogo Robert Schaaf Maud Schlich David Schultz Stephen Schwarm Carl Singer James Sivak Michael Smith F
18、riedrich Stallinger Thomas Starai Walter Struppler Gerald Stueve Marcy Stutzman Thomas Tullia John Vergis David Walden Jingxin Wang Michael Waterman Stephen Webb Oren Yuen Shuhui Zhang Daidi Zhong Copyright 2013 IEEE. All rights reserved. vi When the IEEE-SA Standards Board approved this standard on
19、 23 August 2013, it had the following membership: John Kulick, Chair David J. Law, Vice Chair Richard H. Hulett, Past Chair Konstantinos Karachalios, Secretary Masayuki Ariyoshi Peter Balma Farooq Bari Ted Burse Wael William Diab Stephen Dukes Jean-Philippe Faure Alexander Gelman Mark Halpin Gary Ho
20、ffman Paul Houz Jim Hughes Michael Janezic Joseph L. Koepfinger* Oleg Logvinov Ron Petersen Gary Robinson Jon Walter Rosdahl Adrian Stephens Peter Sutherland Yatin Trivedi Phil Winston Yu Yuan *Member Emeritus Also included are the following nonvoting IEEE-SA Standards Board liaisons: Richard DeBlas
21、io, DOE Representative Michael Janezic, NIST Representative Patrick Gibbons IEEE Standards Program Manager, Document Development Malia Zaman IEEE Standards Program Manager, Technical Program Development Copyright 2013 IEEE. All rights reserved. vii Introduction This introduction is not part of IEEE
22、Std 15026-4-2013, IEEE Standard Adoption of ISO/IEC 15026-4, Systems and Software EngineeringSystems and Software AssurancePart 4: Assurance in the Life Cycle. The IEEE Software and Systems Engineering Standards Committee (S2ESC) has undertaken a long-term program to harmonize its standards with tho
23、se of ISO/IEC JTC 1/SC 7, the international standards committee for software and systems engineering. In areas of overlap, one organization sometimes adopts the relevant standard from the other organization, or the two organizations cooperate to produce a single joint standard. In this case, S2ESC h
24、as chosen to adopt a relevant document from SC 7. This IEEE standard is an adoption of ISO/IEC 15026-4:2012. References to some ISO/IEC standards should be considered as references to the identical IEEE standard: ISO/IEC/IEEE 12207:2008 is identical to ISO/IEC 12207:2008 ISO/IEC/IEEE 15288:2008 is i
25、dentical to ISO/IEC 15288:2008 ISO/IEC/IEEE 15289:2011 is identical to ISO/IEC 15288:2011 ISO/IEC/IEEE 16085:2006 is identical to ISO/IEC 16085:2006 ISO/IEC/IEEE 29148:2011 is identical to ISO/IEC 29148:2011 ISO/IEC/IEEE 42010-2011 is identical to ISO/IEC 42010:2011 IEEE Std 15026-1-2011 is identica
26、l to ISO/IEC TR 15026-1:2010 IEEE Std 15026-2-2011 is identical to ISO/IEC 15026-2:2011 IEEE Std 15026-3-2011 is identical to ISO/IEC 15026-3:2011 IEEE Std 15939:20xx is identical to ISO/IEC 15939:2007 IEEE Std 24748-1:2010 is identical to ISO/IEC 24748-1:2010 IEEE Std 24748-2:2011 is identical to I
27、SO/IEC 24748-2:2011 IEEE Std 24748-3:2011 is identical to ISO/IEC 24748-3:2011 IEEE Std 90003:2008 is identical to ISO/IEC 90003:2004 Errata The following editorial corrections are made in the adopted document: Page 5, 7.2.2: Add a closing parenthesis before the period appearing in the fourth line.
28、Page 6, 7.3.1: Change the column headings of the table to read “Activities from 15288” and “Activities from 12207”. Page 15, 7.9.1: Change “form” to “from” in the left-hand column heading. Page 22, 7.13.2: Change “assurance=claim=related” to “assurance-claim-related” in the fifth line. Copyright 201
29、3 IEEE. All rights reserved. viiiContents of IEEE Std 15026-4-2013 ISO/IEC 15026-4:20121 Copyright 2013 IEEE. All rights reserved. 1 IEEE Standard Adoption of ISO/IEC 15026-4Systems and Software EngineeringSystems and Software AssurancePart 4: Assurance in the Life Cycle IMPORTANT NOTICE: IEEE Stand
30、ards documents are not intended to ensure safety, health, or environmental protection, or ensure against interference with or from other devices or networks. Implementers of IEEE Standards documents are responsible for determining and complying with all appropriate safety, security, environmental, h
31、ealth, and interference protection practices and all applicable laws and regulations. This IEEE document is made available for use subject to important notices and legal disclaimers. These notices and disclaimers appear in all publications containing this document and may be found under the heading
32、“Important Notice” or “Important Notices and Disclaimers Concerning IEEE Documents.” They can also be obtained on request from IEEE or viewed at http:/standards.ieee.org/IPR/disclaimers.html. Reference numberISO/IEC 15026-4:2012(E)ISO/IEC 2012INTERNATIONALSTANDARDISO/IEC15026-4First edition2012-10-0
33、1Systems and software engineering Systems and software assurance Part 4: Assurance in the life cycle Ingnierie du logiciel et des systmes Assurance du logiciel et des systmes Partie 4: Assurance du cycle de vie ISO/IEC 15026-4:2012(E) COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2012 All rights reserved. Un
34、less otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO
35、 copyright office Case postale 56 x CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2012 All rights reserved ISO/IEC 15026-4:2012(E) ISO/IEC 2012 All rights reserved iiiContents PageForeword . vIntroduction vi
36、1 Scope 12 Conformance . 13 Normative references 14 Terms and definitions . 25 Key concepts for and use of this part of ISO/IEC 15026 . 25.1 Life cycle approach . 25.2 Assurance claims 25.3 Using this part of ISO/IEC 15026 35.3.1 Use for an agreement 35.3.2 Use for regulation 35.3.3 Use for developm
37、ent . 36 Process view purposes and required outcomes . 36.1 Systems assurance process view . 36.1.1 Purpose 46.1.2 Required outcomes . 46.2 Software assurance process view . 46.2.1 Purpose 46.2.2 Required outcomes . 47 Assurance guidance and recommendations for selected processes . 47.1 Introduction
38、 47.2 Acquisition process 57.2.1 Relevant activities and tasks . 57.2.2 Assurance guidance and recommendations 57.3 Supply process 67.3.1 Relevant activities and tasks . 67.3.2 Assurance guidance and recommendations 67.4 Project planning process . 77.4.1 Relevant activities and tasks . 77.4.2 Assura
39、nce guidance and recommendations 77.5 Decision Management process 87.5.1 Relevant activities and tasks . 97.5.2 Assurance guidance and recommendations 97.6 Risk Management process . 97.6.1 Relevant activities and tasks . 107.6.2 Assurance guidance and recommendations 117.7 Configuration management p
40、rocess . 117.7.1 Relevant activities and tasks . 117.7.2 Assurance guidance and recommendations 127.8 Information Management process . 137.8.1 Relevant activities and tasks . 137.8.2 Assurance guidance and recommendations 137.9 Stakeholder Requirements Definition process 147.9.1 Relevant activities
41、and tasks . 157.9.2 Assurance guidance and recommendations 157.10 Requirements Analysis process 177.10.1 Relevant activities and tasks . 187.10.2 Assurance guidance and recommendations 19ISO/IEC 15026-4:2012(E) iv ISO/IEC 2012 All rights reserved7.11 Verification process 197.11.1 Relevant activities
42、 and tasks 207.11.2 Assurance guidance and recommendations 207.12 Operation process .207.12.1 Relevant Activities and Tasks 217.12.2 Assurance guidance and recommendations 217.13 Maintenance process 217.13.1 Relevant activities and tasks 217.13.2 Assurance guidance and recommendations 22Bibliography
43、 23ISO/IEC 15026-4:2012(E) ISO/IEC 2012 All rights reserved vForewordISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate
44、in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and n
45、on-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The mai
46、n task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casti
47、ng a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. ISO/IEC 15026-4 was prepared by Joint Technical Committee ISO/TC JTC 1, Information techno
48、logy,Subcommittee SC 7, Software and systems engineering.ISO/IEC 15026 consists of the following parts, under the general title Systems and software engineering Systems and software assurance: Part 1: Concepts and vocabulary Technical Report Part 2: Assurance case Part 3: System integrity levels Part 4: Assurance in the life cycle ISO/IEC 15026-4:2012(E) vi ISO/IEC 2012 All rights reservedIntroduction In its entirety, ISO/IEC 15026 consist
