1、raising standards worldwideNO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAWBSI Standards PublicationBS EN 9115:2013Quality ManagementSystems Requirements forAviation, Space and DefenseOrganizations DeliverableSoftware (Supplement to EN9100)BS EN 9115:2013 BRITISH STANDARDNation
2、al forewordThis British Standard is the UK implementation of EN 9115:2013. The UK participation in its preparation was entrusted to TechnicalCommittee ACE/1, International and European Aerospace Policy and Processes.A list of organizations represented on this committee can be obtained on request to
3、its secretary.This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2013. Published by BSI Standards Limited 2013ISBN 978 0 580 67509 6 ICS 03.120.10; 49.020 Compliance with a Brit
4、ish Standard cannot confer immunity from legal obligations.This British Standard was published under the authority of the Standards Policy and Strategy Committee on 31 January 2013.Amendments issued since publicationDate T e x t a f f e c t e dBS EN 9115:2013EUROPEAN STANDARD NORME EUROPENNE EUROPIS
5、CHE NORM EN 9115 January 2013 ICS 03.120.10; 49.020 English Version Quality Management Systems - Requirements for Aviation, Space and Defense Organizations - Deliverable Software (Supplement to EN 9100) Systmes de management de la Qualit - Exigences pour les Organisations de lAronautique, lEspace et
6、 la Dfense - Logiciel livrable (Supplment lEN 9100) Qualittsmanagementsysteme - Anforderungen an Organisationen der Luftfahrt, Raumfahrt und Verteidigung -Mitgelieferte Software (Ergnzung zu EN 9100) This European Standard was approved by CEN on 18 June 2011. CEN members are bound to comply with the
7、 CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC Management
8、 Centre or to any CEN member. This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same status a
9、s the official versions. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Ne
10、therlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG Management Centre: Avenue Marnix 17, B-1000 Brussels 2013 CEN All rights of ex
11、ploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. EN 9115:2013: EBS EN 9115:2013EN 9115:2013 (E) 2 Contents Page Foreword 40 Introduction 60.1 General 60.2 Process approach 6QUALITY MANAGEMENT SYSTEMS REQUIREMENTS 61 Scope 61.1 General 61.2 Application .62
12、 Normative references 73 Terms and definitions .74 Quality management system . 104.1 General requirements . 104.2 Documentation requirements 104.2.1 General . 104.2.2 Quality manual 104.2.3 Control of documents 114.2.4 Control of records. 115 Management responsibility . 115.1 Management commitment .
13、 115.2 Customer focus . 115.3 Quality policy 115.4 Planning . 115.4.1 Quality objectives . 115.4.2 Quality management system planning . 115.5 Responsibility, authority and communication . 115.5.1 Responsibility and authority . 115.5.2 Management representative 115.5.3 Internal communication . 115.6
14、Management review 125.6.1 General . 125.6.2 Review input 125.6.3 Review output . 126 Resource management 126.1 Provision of resources . 126.2 Human resources 126.2.1 General . 126.2.2 Competence, training and awareness 126.3 Infrastructure . 126.4 Work environment 137 Product realization 137.1 Plann
15、ing of product realization . 137.1.1 Project management 137.1.2 Risk management . 147.1.3 Configuration management . 147.1.4 Control of work transfers . 167.2 Customer-related processes . 167.2.1 Determination of requirements related to the product . 16BS EN 9115:2013EN 9115:2013 (E) 3 7.2.2 Review
16、of requirements related to the product 167.2.3 Customer communication 177.3 Design and development 177.3.1 Design and development planning 177.3.2 Design and development inputs 177.3.3 Design and development outputs 177.3.4 Design and development review 177.3.5 Design and development verification 18
17、7.3.6 Design and development validation 187.3.6.1 Design and development verification and validation testing . 187.3.6.2 Design and development verification and validation documentation . 187.3.7 Control of design and development changes 187.4 Purchasing . 197.4.1 Purchasing process 197.4.2 Purchasi
18、ng information 197.4.3 Verification of purchased product . 197.5 Production and service provision . 197.5.1 Control of production and service provision . 197.5.1.1 Production process verification 197.5.1.2 Control of production process changes . 207.5.1.3 Control of production equipment, tools and s
19、oftware programs 207.5.1.4 Post-delivery support 207.5.2 Validation of processes for production and service provision 207.5.3 Identification and traceability . 207.5.4 Customer property 207.5.5 Preservation of product 207.6 Control of monitoring and measuring equipment . 218 Measurement, analysis an
20、d improvement 218.1 General . 218.2 Monitoring and measurement 218.2.1 Customer satisfaction . 218.2.2 Internal audit 218.2.3 Monitoring and measurement of processes . 218.2.4 Monitoring and measurement of product . 218.3 Control of nonconforming product . 228.4 Analysis of data . 228.5 Improvement
21、228.5.1 Continual improvement 228.5.2 Corrective action . 228.5.3 Preventive action . 22Bibliography 23BS EN 9115:2013EN 9115:2013 (E) 4 Foreword This document (EN 9115:2013) has been prepared by the Aerospace and Defence Industries Association of Europe - Standardization (ASD-STAN). After enquiries
22、 and votes carried out in accordance with the rules of this Association, this Standard has received the approval of the National Associations and the Official Services of the member countries of ASD, prior to its presentation to CEN. This European Standard shall be given the status of a national sta
23、ndard, either by publication of an identical text or by endorsement, at the latest by July 2013, and conflicting national standards shall be withdrawn at the latest by July 2013. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN
24、 and/or CENELEC shall not be held responsible for identifying any or all such patent rights. According to the CEN/CENELEC Internal Regulations, the national standards organisations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus,
25、Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kin
26、gdom. This document standardizes, to the greatest extent possible, the software quality management system requirements for the aviation, space, and defense industry. This was accomplished through the harmonization of quality management system requirements from international aviation, space, and defe
27、nse software standards and other applicable documents. The establishment of common requirements for use at all levels of the supply-chain by organizations around the world should result in improved quality, schedule, and cost performance by the reduction or elimination of organization unique require
28、ments and wider application of good practice. BS EN 9115:2013EN 9115:2013 (E) 5 SUMMARY/RATIONALE The 9115 document supersedes AS9006, “Deliverable Aerospace Software Supplement for AS9100A, Quality Management Systems Aerospace Requirements for Software”, published in March 2003. The AS9006 standard
29、 was published as an Americas Aerospace Quality Group (AAQG) sector specific document. This is the initial release of 9115, which is an international supplement to 9100 providing clarification of the corresponding 9100 requirements, as necessary, for deliverable software. In some cases, where clarif
30、ication is needed, it was necessary due to the complexity of software to decompose “shall” statements in 9100 into more granular requirements. Where no software clarification is required of the 9100 requirements, the following phrase will be presented: “The requirements of 9100 apply. No clarificati
31、on required for software.” NOTE This document must be used in conjunction with EN 9100; references throughout the text to EN 9100 are understood to mean EN 9100:2009. BS EN 9115:2013EN 9115:2013 (E) 6 0 Introduction 0.1 General The requirements of EN 9100 apply. No clarification required for softwar
32、e. 0.2 Process approach The requirements of EN 9100 apply. No clarification required for software. QUALITY MANAGEMENT SYSTEMS REQUIREMENTS 1 Scope 1.1 General The requirements of EN 9100 apply with the following clarification for software. This document supplements the EN 9100 standard requirements
33、for deliverable software and contains quality management system requirements for organizations that design, develop, and/or produce deliverable software for the aviation, space, and defense industry. This includes, as required, support software that is used in the development and maintenance of deli
34、verable software. The deliverable software may be stand-alone, embedded, or loadable into a target computer. Where the use of Hardware Description Language (HDL) or high order language is utilized as the design source of electronic hardware e.g., Application Specific Integrated Circuit (ASIC), Progr
35、ammable Logic Device (PLD), the organization and customer shall agree on the extent of applicability of this supplement. NOTE 1 For airborne electronic hardware guidance, see RTCA/DO-254 or EUROCAE ED-80; and for product realization requirements, see EN 9100. Where Commercial-off-the-Shelf (COTS) or
36、 non-developmental software is integrated into a deliverable product, the organization and customer shall agree on the extent of applicability of this supplement. For the purposes of this document, the terms “product” and “software product” are considered synonymous. NOTE 2 This document is independ
37、ent of the life cycle models (e.g., waterfall, spiral, evolutionary, incremental) or methodology (e.g., objected oriented design, unified modeling language, agile). 1.2 Application The requirements of EN 9100 apply with the following clarification for software. Exclusions to requirements in Clause 7
38、 should only be considered after analysis of software attributes (e.g., size, safety, security, complexity, criticality, risk). BS EN 9115:2013EN 9115:2013 (E) 7 2 Normative references The following documents, in whole or in part, are normatively referenced in this document and are indispensable for
39、 its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. NOTE 1 The requirements of EN 9100 apply with the following clarification for software. EN 9100:2009, Quality Management S
40、ystems Requirements for Aviation, Space and Defence Organizations NOTE 2 Documents referenced in this document, other than the normative references (i.e., 9100, ISO 9000) are listed in the Bibliography. For undated references, the latest edition of the referenced document (including any amendments)
41、applies. The referenced documents are “informative” references; the requirements of these referenced documents do not add any additional requirements to this standard. 3 Terms and definitions For the purposes of this document, the terms and definitions given in EN 9100 and ISO 9000 apply. The follow
42、ing terms and definitions are included to support the understanding of this document. 3.1 baseline the approved, recorded configuration of one or more configuration items, that thereafter serves as the basis for further development, and that is changed only through change control procedures SOURCE:
43、RTCA/DO-178, EUROCAE ED-12 3.2 Commercial-Off-The-Shelf (COTS) software commercially available applications sold by vendors through public catalog listings. COTS software is not intended to be customized or enhanced. Contract-negotiated software developed for a specific application is not COTS softw
44、are. SOURCE: RTCA/DO-178, EUROCAE ED-12 Note 1 to entry: COTS software is a type of non-developmental software. 3.3 configuration item one or more hardware/software entities treated as a unit for configuration management purposes or software life cycle data treated as a unit for configuration manage
45、ment purposes SOURCE: based on RTCA/DO-178, EUROCAE ED-12 3.4 critical items the definition in EN 9100, Clause 3.3, applies with the following clarification for software Critical items in software are those characteristics, requirements, or attributes that have been determined to be most important t
46、o achieve product realization (e.g., safety, maintainability, testability, usability, performance). Critical items should be adequately managed and appropriate action taken to ensure visibility throughout the product life cycle. For example, in a flight control system software response time can be e
47、levated to a critical item to ensure performance characteristics are met. Furthermore, if the project has specific testability requirements, cyclomatic complexity may become a critical item. BS EN 9115:2013EN 9115:2013 (E) 8 3.5 cyclic redundancy check (CRC) a type of function that takes as input a
48、data stream of any length and produces as output a value of a certain space, commonly a 32-bit integer. A CRC can be used to detect alteration of data during transmission or storage. 3.6 digital signature a type of asymmetric cryptography used to express compliance with the security properties of a handwritten signature on paper, also referred to as a digital signature scheme 3.7 key characteristic the definition in EN 9100, Clause 3.4, applies with the following clarification for software Key character
