1、Systems and software engineering Lifecycle profiles for Very Small Entities (VSEs) Part 5-1-3: Software engineering Management and engineering guide: Generic profile group Intermediate profile PD ISO/IEC TR 29110-5-1-3:2017 BSI Standards Publication WB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013
2、 15:06National foreword This Published Document is the UK implementation of ISO/IEC TR 29110-5-1-3:2017. The UK participation in its preparation was entrusted to Technical Committee IST/15, Software and systems engineering. A list of organizations represented on this committee can be obtained on req
3、uest to its secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2017. Published by BSI Standards Limited 2017 ISBN 978 0 580 91538 3 ICS 35.080 Compliance with a Briti
4、sh Standard cannot confer immunity from legal obligations. This Published Document was published under the authority of the Standards Policy and Strategy Committee on 31 March 2017. Amendments/corrigenda issued since publication Date Text affected PUBLISHED DOCUMENT PD ISO/IEC TR 29110-5-1-3:2017Sys
5、tems and software engineering Lifecycle profiles for Very Small Entities (VSEs) Part 5-1-3: Software engineering Management and engineering guide: Generic profile group Intermediate profile Ingnierie des systmes et du logiciel Profils de cycle de vie pour trs petits organismes (TPO) Partie 5-1-3: In
6、gnierie du logiciel Guide dingnierie et de gestion: Groupe de profils gnriques Profil intermdiaire TECHNICAL REPORT ISO/IEC TR 29110-5-1-3 First edition 2017-02 Reference number ISO/IEC TR 29110-5-1-3:2017(E) ISO/IEC 2017 PD ISO/IEC TR 29110-5-1-3:2017 ii ISO/IEC 2017 All rights reserved COPYRIGHT P
7、ROTECTED DOCUMENT ISO/IEC 2017, Published in Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, with
8、out prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Ch. de Blandonnet 8 CP 401 CH-1214 Vernier, Geneva, Switzerland Tel. +41 22 749 01 11 Fax +41 22 749 09 47 copyrightiso.org www.iso
9、.org ISO/IEC TR 29110-5-1-3:2017(E) PD ISO/IEC TR 29110-5-1-3:2017 ISO/IEC TR 29110-5-1-3:2017(E)Foreword v Introduction vi 1 Scope . 1 2 Normative references 1 3 Terms and definitions . 2 4 Conventions and abbreviated terms 3 4.1 Naming, diagramming and definition conventions . 3 4.2 Notation used
10、to document new processes, additions and modifications to the Basic profile processes . 4 4.3 Abbreviated terms . 5 5 Overview . 5 6 Business Management (BM) process . 6 6.1 BM purpose 6 6.2 BM objectives . 6 6.3 BM input work products . 7 6.4 BM output work products . 7 6.5 BM internal work product
11、s 7 6.6 BM roles involved . 8 6.7 BM process description . 8 6.7.1 BM diagram 8 6.7.2 BM activities 9 6.7.3 BM incorporation to the Organizational Repository .14 7 Project Management (PM) process 15 7.1 PM purpose .15 7.2 PM objectives .15 7.3 PM input work products 15 7.4 PM output work products 16
12、 7.5 PM internal work products .16 7.6 PM roles involved .16 7.7 PM process description 17 7.7.1 PM diagram 17 7.7.2 PM activities 17 7.7.3 PM incorporation to Project Repository .23 8 Software Implementation (SI) process 23 8.1 SI purpose 23 8.2 SI objectives 24 8.3 SI input work products .24 8.4 S
13、I output work products 24 8.5 SI internal work products .25 8.6 SI roles involved 25 8.7 SI diagram 25 8.7.1 General.25 8.7.2 SI activities .26 8.7.3 SI incorporation to the Project Repository 35 9 Acquisition Management process (AM) .36 9.1 AM purpose .36 9.2 AM objective .36 9.3 AM input work prod
14、ucts 36 9.4 AM output work products 36 9.5 AM internal work products .36 9.6 AM roles involved 36 ISO/IEC 2017 All rights reserved iii Contents Page PD ISO/IEC TR 29110-5-1-3:2017 ISO/IEC TR 29110-5-1-3:2017(E)9.7 AM diagrams 37 9.7.1 General.37 9.7.2 AM activities .37 9.7.3 AM incorporation to the
15、Project Repository .39 10 Roles .39 11 Work product description .41 12 Software tools requirements 58 12.1 General 58 12.2 Business Management process 59 12.3 Project Management process 59 12.4 Software Implementation process 59 12.5 Acquisition Management process (conditional process) 59 Annex A (i
16、nformative) Software engineering deployment packages 60 Annex B (informative) Mapping between the objectives of ISO/IEC TR 29110-5-1-3 and ISO/ IEC/IEEE 12207 and ISO 9001 .62 Bibliography .78 iv ISO/IEC 2017 All rights reserved PD ISO/IEC TR 29110-5-1-3:2017 ISO/IEC TR 29110-5-1-3:2017(E) Foreword
17、ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical commi
18、ttees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the w
19、ork. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval crit
20、eria needed for the different types of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives). Attention is drawn to the possibility that some of the elements of this document may be the subject of
21、patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents). Any
22、trade name used in this document is information given for the convenience of users and does not constitute an endorsement. For an explanation on the meaning of ISO specific terms and expressions related to conformit y assessment, as well as information about ISOs adherence to the World Trade Organiz
23、ation (WTO) principles in the Technical Barriers to Trade (TBT) see the following URL: www . i s o .org/ iso/ foreword .html. The committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee SC 7, Software and systems engineering. A list of all the parts in the ISO/
24、IEC 29110 series can be found on the ISO website. ISO/IEC 2017 All rights reserved v PD ISO/IEC TR 29110-5-1-3:2017 ISO/IEC TR 29110-5-1-3:2017(E) Introduction Very Small Entities (VSEs) around the world are creating valuable products and services. For the purpose of the ISO/IEC 29110 series, a Very
25、 Small Entity (VSE) is an enterprise, an organization, a department or a project having up to 25 people. Since many VSEs develop and/or maintain system and software components used in systems, either as independent products or incorporated in larger systems, recognition of VSEs as suppliers of high
26、quality products is required. According to the Organization for Economic Co-operation and Development (OECD) SME and Entrepreneurship Outlook report (2005), Small and Medium Enterprises (SMEs) constitute the dominant form of business organization in all countries world-wide, accounting for over 95 %
27、 and up to 99 % of the business population depending on country. The challenge facing governments and economies is to provide a business environment that supports the competitiveness of this large heterogeneous business population and that promotes a vibrant entrepreneurial culture. From studies and
28、 surveys conducted, it is clear that the majority of International Standards do not address the needs of VSEs. Implementation of and conformance with these standards is difficult, if not impossible. Consequently, VSEs have no, or very limited, ways to be recognized as entities that produce quality s
29、ystems/system elements, including software in their domain. Therefore, VSEs are excluded from some economic activities. It has been found that VSEs find it difficult to relate International Standards to their business needs and to justify the effort required to apply standards to their business prac
30、tices. Most VSEs can neither afford the resources, in terms of number of employees, expertise, budget and time, nor do they see a net benefit in establishing over-complex systems or software life cycle processes. To address some of these difficulties, a set of guides has been developed based on a se
31、t of VSE characteristics. The guides are based on subsets of appropriate standards processes, activities, tasks, and outcomes, referred to as profiles. The purpose of a profile is to define a subset of International Standards relevant to the VSEs context; for example, processes, activities, tasks, a
32、nd outcomes of ISO/IEC/IEEE 12207 for software; processes, activities, tasks, and outcomes of ISO/IEC/IEEE 15288 for systems; information products (documentation) of ISO/IEC/IEEE 15289 for software and systems. VSEs can achieve recognition through implementing a profile and by being audited against
33、ISO/IEC 29110 specifications. The ISO/IEC 29110 series of standards and technical reports can be applied at any phase of system or software development within a life cycle. This series of standards and technical reports is intended to be used by VSEs that do not have experience or expertise in adapt
34、ing/tailoring ISO/IEC/IEEE 12207 or ISO/IEC/IEEE 15288 standards to the needs of a specific project. VSEs that have expertise in adapting/tailoring ISO/IEC/IEEE 12207 or ISO/IEC/IEEE 15288 are encouraged to use those standards instead of ISO/IEC 29110. The ISO/IEC 29110 series is intended to be used
35、 with any lifecycle such as waterfall, iterative, incremental, evolutionary or agile. Systems, in the context of the ISO/IEC 29110 series, are typically composed of hardware and software components. The ISO/IEC 29110 series, targeted by audience, has been developed to improve system or software and/
36、or service quality, and process performance. See Table 1.vi ISO/IEC 2017 All rights reserved PD ISO/IEC TR 29110-5-1-3:2017 ISO/IEC TR 29110-5-1-3:2017(E) Table 1 ISO/IEC 29110 target audience ISO/IEC 29110 Title Target audience ISO/IEC 291101 Overview VSEs and their customers, assessors, standards
37、producers, tool vendors and methodology vendors. ISO/IEC 291102 Framework for profile prepa- ration Profile producers, tool vendors and methodology vendors. Not intended for VSEs. ISO/IEC 291103 Certification and assessment guidance VSEs and their customers, assessors, accreditation bodies. ISO/IEC
38、291104 Profile specifications VSEs, customers, standards producers, tool vendors and methodology vendors. ISO/IEC TR 291105 Management, engineering and service delivery guides VSEs and their customers. ISO/IEC 291106 Management and engineering guides not tied to a specific profile VSEs and their cus
39、tomers. If a new profile is needed, ISO/IEC 29110-4 and ISO/IEC TR 29110-5 can be developed with minimal impact to existing documents. ISO/IEC 29110-1 defines the terms common to the ISO/IEC 29110 series. It introduces processes, lifecycle and standardization concepts, the taxonomy (catalogue) of IS
40、O/IEC 29110 profiles and the ISO/IEC 29110 series. It also introduces the characteristics and needs of a VSE, and clarifies the rationale for specific profiles, documents, standards and guides. ISO/IEC 29110-2-1 introduces the concepts for systems and software engineering profiles for VSEs. It estab
41、lishes the logic behind the definition and application of profiles. For standardized profiles, it specifies the elements common to all profiles (structure, requirements, conformance, assessment). For domain-specific profiles (profiles that are not standardized and developed outside of the ISO proces
42、s), it provides general guidance adapted from the definition of standardized profiles. ISO/IEC 29110-3 defines certification schemes, assessment guidelines and compliance requirements for process capability assessment, conformity assessments, and self-assessments for process improvements. ISO/IEC 29
43、110-3 also contains information that can be useful to developers of certification and assessment methods and developers of certification and assessment tools. ISO/IEC 29110-3 is addressed to people who have direct involvement with the assessment process, e.g. the auditor, certification and accredita
44、tion bodies and the sponsor of the audit, who need guidance on ensuring that the requirements for performing an audit have been met. ISO/IEC 29110-4m provides the specification for all profiles in one profile group that are based on subsets of appropriate standards elements. ISO/IEC TR 29110-5m prov
45、ides management, engineering and service delivery guides for the profiles in a profile group. The future ISO/IEC TR 29110-6-x provides management and engineering guides not tied to a specific profile. This document provides a management and engineering guide for the software intermediate profile of
46、the generic profile group. This guide describes the management of more than one project in parallel with more than one work team. Figure 1 describes the ISO/IEC 29110 International Standards (IS) and Technical Reports (TR) and positions the parts within the framework of reference. Overview, assessme
47、nt guide, management and engineering guide are available from ISO as freely available. Technical Reports (TR). The Framework document, profile specifications and certification schemes are published as International Standards (IS). ISO/IEC 2017 All rights reserved vii PD ISO/IEC TR 29110-5-1-3:2017 I
48、SO/IEC TR 29110-5-1-3:2017(E) Figure 1 ISO/IEC 29110 seriesviii ISO/IEC 2017 All rights reserved PD ISO/IEC TR 29110-5-1-3:2017 Systems and software engineering Lifecycle profiles for Very Small Entities (VSEs) Part 5-1-3: Software engineering Management and engineering guide: Generic profile group
49、Intermediate profile 1 Scope This document provides management and engineering guide to the intermediate profile described in terms of business management, project management, software implementation and acquisition processes. This document is applicable to Very Small Entities (VSEs). VSEs are enterprises, organizations, departments or projects having up to 25 people. The life cycle processes described in the ISO/IEC 29110 series are not intended to preclude or discourage their use by organizations bi