1、BRITISH STANDARD BS ISO/IEC TR 13233:1995 Information technology Interpretation of accreditation requirements in ISO/IEC Guide 25 Accreditation of Information Technology and Telecommunications testing laboratories for software and protocol testing services ICS 35.020BSISO/IEC TR 13233:1995 This Brit
2、ish Standard, having been prepared under the direction of the DISC Board, was published under the authority of the Standards Board and comes into effect on 15 November 1996 BSI 10-1998 ISBN 0 580 26595 1 National foreword This British Standard reproduces verbatim ISO/IEC TR 13233:1995, and implement
3、s it as the UK national standard. The UK participation in its preparation was entrusted to Technical Committee IST/21, Open Systems Interconnection, Data Management and Open Distributed Processing, which has the responsibility to: aid enquirers to understand the text; present to the responsible inte
4、rnational/European committee any enquiries on the interpretation, or proposals for change, and keep the UK interests informed; monitor related international and European developments and promulgate them in the UK. A list of organizations represented on this committee is available on request. Cross-r
5、eferences The British Standards which implement international or European publications referred to in this document may be found in the BSI Standards Catalogue under the section entitled “International Standards Correspondence Index”, or using the “Find” facility of the BSI Standards Electronic Cata
6、logue. A British Standard does not purport to include all the necessary provisions of a contract. Users of British Standards are responsible for their correct application. Compliance with a British Standard does not of itself confer immunity from legal obligations. Summary of pages This document com
7、prises a front cover, an inside front cover, pages i and ii, theISO/IEC title page, pages ii to iv, pages 1 to 46 and a back cover. This standard has been updated (see copyright date) and may have had amendments incorporated. This will be indicated in the amendment table on the inside front cover. A
8、mendments issued since publication Amd. No. Date CommentsBS ISO/IEC TR 13233:1995 BSI 10-1998 i Contents Page National foreword Inside front cover Foreword iv Text of BS ISO/IEC TR 13233:1995 1ii blankBS ISO/IEC TR 13233:1995 ii BSI 10-1998 Contents Page Foreword iv Introduction 1 0 Scope of this Te
9、chnical Report 1 1 Scope 3 2 References 3 3 Definitions 3 4 Organization and management 4 4.A Use of commercial reference implementations 4 4.B Proficiency testing 5 5 Quality system, audit and review 6 5.A Maintenance procedures 7 5.B Documentation of MOT and test tool validation 8 6 Personnel 9 6.
10、A Maintaining Competence 9 7 Accommodation and environment 9 7.A Separation of data partitions 10 7.B Identification of environment 11 7.C Remote testing over a network 11 7.D Checking the testing or validation environment 12 8 Equipment and reference materials 13 8.A Means of testing and test tool
11、validation records 13 8.B Procedures for handling errors in the MOT and test tools 14 8.C MOT and test tool maintenance 15 8.D Identification of equipment 15 9 Validation and traceability (Measurement traceability and calibration 15 9.A The validation concept 16 9.B MOT and test tool validation 18 9
12、.B.1 Use of reference implementations 18 9.C Validation of test software in the system under test 21 9.D Traceability 22 9.D.1 Traceability of validations 22 9.D.2 Traceability of test results 23 9.D.3 Traceability of test cases 23 9.D.4 Traceability of test tools 24 9.E Confidence checks 24 9.F Cal
13、ibration of test tools used to measure software timers 24 10 Test methods (Calibration and test methods) 25 10.A Introduction to test methods 25 10.B Repeatability and reproducibility 25 10.C Internationally agreed test methods 28 10.D Measurement uncertainty 29 10.E Configuration management 29 11 H
14、andling of test items (Handling of calibration and test items) 30 11.A Protection against viruses and other agents of corruption 30 12 Records 31 12.A Confidentiality and integrity of records 31 13 Certificates and reports 32 13.A Objectivity 32 13.B Clear and unambiguous test reports 35BS ISO/IEC T
15、R 13233:1995 BSI 10-1998 iii Page 14 Sub-contracting of calibration or testing 36 15 Outside support services and supplies 36 15.A Provision of MOT and test tool validation services 36 16 Complaints 36 Annex A Glossary of Terms 37 Annex B Bibliography 45BS ISO/IECTR 13233:1995 iv BSI 10-1998 Forewor
16、d ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical com
17、mittees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
18、 work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. The main task of technical committees is to prepare International Standards, but in exceptional circumstances a technical committee may propose the publication of a Technical Repor
19、t of one of the following types: type 1, when the required support cannot be obtained for the publication of an International Standard, despite repeated efforts; type 2, when the subject is still under technical development or where for any other reason there is the future but not immediate possibil
20、ity of an agreement on an International Standard; type 3, when a technical committee has collected data of a different kind from that which is normally published as an International Standard (“state of the art”, for example). Technical Reports of types 1 and 2 are subject to review within three year
21、s of publication, to decide whether they can be transformed into International Standards. Technical Reports of type 3 do not necessarily have to be reviewed until the data they provide are considered to be no longer valid or useful. ISO/IEC TR 13233, which is a Technical Report of type 3, was prepar
22、ed by Technical Committee ISO/IEC JTC 1, Information technology.BSISO/IEC TR 13233:1995 BSI 10-1998 1 Introduction The general requirements for accreditation of laboratories are specified in ISO/IEC Guide 25. The requirements are designed to apply to all types of objective testing and therefore need
23、 to be interpreted in respect of the type of testing concerned and the techniques involved. This document is a Technical Report Type 3, which provides the interpretation of the requirements for testing laboratories operating in the Information Technology and Telecommunications (IT and the right colu
24、mn giving associated guidance and examples to help readers to understand how to apply the interpretations in specific subject areas (e.g. OSI testing, product data exchange testing or compiler testing). The interpretive text uses the same clause numbering as ISO/IEC Guide 25. Each clause contains a
25、summary of the ISO/IEC Guide 25 subclauses, indicating whether interpretive text is provided or whether the subclause is referenced in the interpretive text. References to interpretive text subclauses are also provided as appropriate. This summary is followed by any interpretive text required, each
26、subclause of which is designated by the clause number followed by a capital letter, assigned in alphabetical order (e.g. the interpretive text for clause 4 may be found in subclauses 4.A and 4.B, etc.). A glossary of terms is provided in Annex A, giving the definitions of terms as used in this Techn
27、ical Report, where possible based upon definitions given in International Standards, ISO/IEC Guides or other similar documents. A bibliography is provided in Annex B. 0 Scope of this Technical Report 0.1 This Technical Report provides guidance for assessors and testing laboratories on the specific i
28、nterpretation of the accreditation requirements applicable to testing (including validation of means of testing and test tools) in the field of Information Technology and Telecommunications (IT it does not in any way replace them. Furthermore, there may be other interpretations of ISO/IEC Guide 25 w
29、hich are sector independent, maybe focusing on just one aspect of accreditation, in which case such generally applicable interpretations continue to apply, and are not replaced by this interpretation.BSISO/IEC TR 13233:1995 2 BSI 10-1998 0.5 This interpretation applies to conformance testing and oth
30、er types of objective testing of software. Specific guidance is provided for OSI, telecommunications protocols, product data exchange (as defined by ISO TC184), graphics, POSIX and compilers. The testing of physical properties of hardware is outside the scope of this interpretation, but may be cover
31、ed elsewhere. Evaluation of systems and products, as in IT fail class 2: invalid behaviour but satisfied the test purpose), but this does not alter the general points about test verdicts.BSISO/IEC TR 13233:1995 BSI 10-1998 3 Requirements in ISO/IEC Guide 25, IT in this case, the item to be validated
32、 is to be regarded as a system or implementation under test. 2 References No IT for these, see Annex A. As far as possible standard definitions are used. Even where this is not possible, the intent is not to standardize new definitions but rather to explain the meaning of terms as used in this Techn
33、ical Report.BSISO/IEC TR 13233:1995 4 BSI 10-1998 The distinction between a means of testing (MOT) and a test tool is important in this interpretation. For the purposes of this Technical Report, a means of testing is hardware and/or software, and the procedures for its use, including the executable
34、test suite itself, used to carry out the testing required. In an accredited testing service, the MOT is run under the control of the testing laboratory. For the purposes of this Technical Report, a test tool is hardware and/or software, excluding the test suite itself, used to carry out or assist in
35、 carrying out the testing required. It may be concerned with running the test cases, analysing the results, or both. Those concerned with running the test cases may also involve parameterization, selection or even generation of the test cases. The complexity of MOT and test tools varies from one are
36、a of software testing to another. For example, in OSI and telecommunications protocol testing, each MOT is a very complex hardware and software system which plays a major part in the testing, whereas in compiler testing, in addition to the test suite (of programs) itself, only a few ancillary softwa
37、re test tools are used. 4 Organization and management 4.1 No IT c) be organized in such a way that confidence in its independence of judgement and integrity is maintained at all times; .” In IT b) a set of implementations from different suppliers; or c) an implementation which is designed to be a re
38、ference implementation. See 9.B for a description of the use of reference implementations in MOT validation. It is recognised that for some IT” In IT&T, these requirements shall be interpreted as follows. 4.B.1 If a laboratory claims to offer a harmonised testing or validation service, it shall prov
39、ide evidence of its participation in the relevant inter-laboratory comparisons to ensure that the declared harmonisation is achieved and maintained. There may be numerous inter-laboratory comparison schemes organised for IT&T. IT&T Agreement Groups have been and are being formed to operate mutual re
40、cognition agreements whereby the group of testing laboratories establish the means to recognise the mutual equivalence of their corresponding testing services. Such Agreement Groups provide one formalized way of participating in inter-laboratory comparisons. They may require that testing service har
41、monization and demonstrations of equivalence are carried out, and that all participating testing laboratories become accredited for the services they offer (within a reasonable period of time). Agreement Groups may also provide inter-laboratory comparison schemes for MOT validation services. If it i
42、s not practical or economic for the laboratory to participate in inter-laboratory comparisons, then the laboratory shall not claim that the service is harmonised. A laboratory may decide not to join an Agreement Group and therefore not to claim to provide a harmonised testing or validation service.
43、It may nevertheless be required by the accreditation body to participate in some informal inter-laboratory comparison exercises, in order to overcome any doubts there may be about the objectivity of its test or validation results. 5 Quality system, audit and review 5.1 No IT&T specific interpretatio
44、n is required for this subclause. 5.2 ISO/IEC Guide 25 subclause 5.2 is interpreted in 5.A and 5.B. 5.3 No IT&T specific interpretation is required for this subclause. 5.4 No IT&T specific interpretation is required for this subclause. 5.5 No IT&T specific interpretation is required for this subclause. Requirements in ISO/IEC Guide 25, IT&T Interpretations and Definitions Guidance and Examples
