software engineering standards int -...
TRANSCRIPT
6/21/2008
1
Software Engineering StandardsIntroduction
9126
J-016
9000
1679
1028
15288
12207
CMMI
730
CMM
6/21/2008 2
Outline1. Definitions2. Sources of Standards3. Why Use Standards ?4. ISO and Software Engineering Standards5. IEEE Software Engineering Collection
Sources: IEEE Standards, Software Engineering, Volume Three: Product Standards, Introduction to the1999 Edition, pages i to xxiii.
Horch, J., ‘Practical Guide to Software Quality management’, Artech House, 1996, chap 2.Wells, J., ‘An Introduction to IEEE/EIA 12207’, US DoD, SEPO, 1999.Moore, J., ‘Selecting Software Engineering Standards’, QAI Conference, 1998.Moore, J., ‘The Road Map to Software Engineering: A Standards-Based Guide’, Wiley-IEEE
Computer Society Press, 2006.Moore, J.,’An Integrated Collection of Software Engineering Standards’, IEEE Software, Nov 1999.
Gray, L., ‘Guidebook to IEEE/EIA 12207 Standard for Information Technology, Software Life Cycle Processes’, Abelia Corporation, Fairfax, Virginia, 2000.
Coallier, F.; International Standardization in Software and Systems Engineering, Crosstalk, February 2003, pp. 18-22.
6/21/2008
2
6/21/2008 3
Exemple d’un système complexe
Système degestion du trafic
aérien
Système de Transport Aérien
Systèmede distributiondu kérosène
Systèmeaéroportuaire
Système deréservation
Système detransportterrestre
Système detransportterrestre
Système avionSystème de
Structure
Système depropulsion
équipage
Système de gestion de la
vie à bord
Système decontrôle de vol
Navigationsystem
Système de réceptionGPS
Systèmede VisualisationSystème de
navigation
Système degestion du trafic
aérien
Systèmede distributiondu kérosène
Systèmeaéroportuaire
Système deréservation
Système detransportterrestre
Système detransportmaritime
Système avioniqueSystème de
Structure
Système depropulsion
équipage
Système de gestion de la
vie à bord
Système decontrôle de vol
Navigationsystem
Système de réceptionGPS
Systèmede visualisation
Système denavigation
Système de transport aérien
6/21/2008 4
Toward a Software Engineering Profession
Source: Steve McConnel, 1999
• What does it take ?1. Body of Knowledge (e.g. SWEBOK)2. Standards3. ‘Best practices’ (i.e. techniques proven to work)4. Education5. Code of Ethics6. Certification mechanism7. Licensing mechanism
6/21/2008
3
6/21/2008 5
• Mandatory requirements employed and enforced to prescribe a disciplined uniformapproach to software development, that is, mandatory conventions and practices are in fact standards.
(ISO/IEC 24765, Systems and Software Engineering Vocabulary)
Standard: Définition
http://pascal.computer.org/sev_display/index.action
6/21/2008 6
Standard: Définition• Formal mandatory requirements developed and used
to prescribe consistent approaches to development (e.g., ISO/IEC standards, IEEE standards, and organizational standards). (source: CMMI)– Normative: “prescribing a norm or standard” (Webster)– Informative: Tell users something useful about the standard
itself, or provide information that complements the normative parts (source: Gray 2000)
Intrant
ExtrantProcessus
Evaluation de la conformité
6/21/2008
4
6/21/2008 7
Normes et Standards• Norme de jure
– Norme définie et adoptée par une organisation officiellede normalisation, sur le plan national ou international.
• Norme de facto– Norme qui n’a pas été définie ni entérinée par un
organisme officiel de normalisation mais qui s’est imposée par la force des choses, parce qu’elle fait consensus auprès des utilisateurs, d’un groupe d’entreprises ou encore d’un consortium
Adapté de F Coallier
6/21/2008 8
Normes/Standards ouverts
• Sa définition est accessible à tous,• Son utilisation n’est pas sujette à des redevances
de la part d’un propriétaire,• Au moins une implémentation de référence existe,• Il est possible de vérifier la conformité d’un
système/processus à ce standard
Adapté de F Coallier
6/21/2008
5
6/21/2008 9
Software engineering: Definition
(1) The application of a systematic, disciplined, quantifiable approach to the development, operation and maintenance of software, that is, the application of engineering to software.
-- IEEE Std 610.12
6/21/2008 10
Software engineering standards
• Approximately 315 software engineering standards, guides, handbooks, and technical reports are maintained by approximately 46 professional, sector, national, and international standards organizations.
• In 1981, IEEE had one software engineering standard. By year end 1997, the collection had grown to 44.
Source: Moore 98
6/21/2008
6
6/21/2008 11
Roles of Software Engineering Standards
1. Specify techniques to develop software faster, cheaper, better, IEEE 982.1 (Measures for Reliable SW)
2. Provide consensus validity for “best practices” that cannotbe scientifically validated, IEEE 1008 (Unit Testing)
3. Provide a systematic treatment of “ilities”, IEEE 730 (SW Quality Assurance)
4. Provide uniformity in cases where agreement is more important than small improvements, IEEE P1320.1 (IDEF0)
5. Provide a framework for communication between buyerand seller, IEEE/EIA 12207 (SW Life Cycle Processes)
6. Give precise names to concepts that are fuzzy, complex, detailed and multidimensional, IEEE 1028 (SW Reviews)
More exciting
More effectiveSource: J Moore 98
6/21/2008 12
Software Engineering Standards - ScopeProcess
1. Acquisition2. Requirements
definition3. Design4. Code and Test5. Integration6. Maintenance and
Operations7. CM8. Documentation9. Project Management10. Quality Assurance11. V & V
Technique/Tool1. CASE tools2. Languages and
Notations3. Metrics4. Privacy5. Process
Improvement6. Reliability7. Safety8. Security9. Software reuse10. Vocabulary
Applicability1. General2. Defense3. Financial4. Medical5. Nuclear6. Process Control7. Scientific8. Shrink-wrap9. Transportation
Source: Moore 98
Most software engineering standards are practice standards rather than the more familiar product standards in other fields (e.g. chemistry).
6/21/2008
7
6/21/2008 13Source: Moore 05
Software Engineering Standards Organizational Goals
1. Improve and evaluate software competence2. Framework for two-party agreements3. Evaluation of software products4. Assurance of high integrity levels for software
products
6/21/2008 14
Why Use Standards?1. Establish uniform requirements and vocabulary for development and
documentation
2. Define a common framework for software life cycle processes
3. Clarify the roles and interfaces of participants
4. Clarify the types and contents of documentation
5. Identify the tasks, phases, baselines, reviews, and documents needed
6. Follow the lessons learned and proven (best) practices of the industry
7. Avoid the pitfalls and problems of the past
8. Save time and $ by not reinventing the wheel again (NRH vs. NIH).
9. Select a supplier or a developer (e.g. ISO 9000)
10. Impose requirements in a contract
11. Impose a trade barrier !
(NRH= Not Re-Invented Here; NIH = Not Invented here)
6/21/2008
8
6/21/2008 15
Software Engineering Standardsin Courts (US)
• Courts generally view the application of standards as important evidence that engineers performed their work with appropriate diligence and responsibility.
• If sued for negligence or reckless conduct, an engineer can cite the standards used when he or she conducted the work to demonstrate that it was performed in accordance with codified professional practices.
Moore, J.,’An Integrated Collection of Software Engineering Standards’, IEEE Software, Nov 1999.
6/21/2008 16
PSP
IEEE/EIA 12207
Baldrige
ISO/IEC 15504
People CMM
IPD-CMM*
SECAM
SCE
MIL-STD-498
DOD-STD-
2167A
MIL-STD499B*
ISO/IEC12207IEEE
1220
SDCE
SE-CMM
EIA/IS731
EIA/IS 632
ISO 9000series
EIA 632
SSE-CMM
ISO/IEC 15288*
*not released **based on CBA IPI, SAM, and others # V2 also based on many othersSee www.software.org/quagmire
CMMI
SA-CMM
Q9000
DOD-STD-2168
Source: Sarah Sheard, SPC
FAA-iCMM#
RTCA DO-178B
SW-CMM
TL9000
ISO 15939*
PSM
SCAMPI
CBA IPI
SAM
FAM**
Process StdsQuality StdsMaturity or Capability
ModelsAppraisalmethods
Guidelines
Six Sigma
J-STD016
DOD-STD-
7935ATSP
The Frameworks Quagmire
supersedes
uses/referencesbased on
Italic = obsoleteboxed = integrating
6/21/2008
9
6/21/2008 17
Sources of Standards1. Within an organization
– Documented from day-to-day activities2. From consultants mandated to develop them3. From manufacturers’ user groups (e.g. IBM)4. From a group of companies working together (e.g. Telecom)5. From professional groups (e.g. IEEE)6. From government agencies (e.g. NASA, Transport)7. From Standards Organizations (e.g. ISO)8. From Countries (e.g. Conseil canadien des normes)
6/21/2008 18
Outline
1. Definitions2. Sources of Standards3. Why Use Standards ?4. ISO and Software Engineering Standards
• Name of organization ISO comes from ‘ISOS’ a greek word‘Equal’
5. IEEE Software Engineering Collection
6/21/2008
10
6/21/2008 19
Life cycle processes
ISO IEC
JTC1TC176
SC1
Other WGs WG9 WG15
SC22Terminology Software
EngineeringLanguage, OS
POSIXAda
Quality Information Technology
SC7
TC56 SC65A
ITU
Dependability Functional Safety
Members of these committees are “national bodies,” i.e. countries, represented by “national delegations.”
WG7
International Software Standards Developers
6/21/2008 20
International Organization For Standardization
• ESTABLISHED: 1947
• OBJECT: Promote the development of standardization ... in the world... to facilitating international exchange of goods and services
• MEMBERS: 148 countries• Over 14,000 Standards
• TECHNICAL COMMITTEES (TCs): Carry out technical work
• TCs THAT MAY IMPACT SOFTWARE ENGINEERING:- TC 10: Technical Drawings- TC 20: Space and aircraft vehicles - TC 46: Information and documentation- TC 145: Graphical symbols- TC 154: Documents and data elements in administration, commerce and industry- TC 159: Ergonomics- TC 176: Quality management and quality assurance- TC 184: Industrial automation systems
6/21/2008
11
6/21/2008 21
Joint Technical Committee 1Information Technology
IECISO
SC1 - VocabularySC2 - Character sets & information codingSC6 - Telecommunications & information exchange between systemsSC7 - Software and System EngineeringSC11 - Flexible magnetic media for digital data interchangeSC14 - Representation of data elementsSC15 - Labeling and file structureSC17 - Identification cards & related devicesSC18 - Document processing and related communicationSC21 - Information retrieval, transfer & management for OSISC22 - Programming languages, their environments & systems software interfacesSC23 - Optical disk cartridges for information interchangeSC24 - Computer graphics and image processingSC25 - Interconnection of information technology equipmentSC26 - Microprocessor systemsSC27 - IT security techniquesSC28 - Office equipmentSC29 - Coded representation of picture, audio and multimedia/hypermedia information
ESTABLISHED: 1987OBJECT: TO CARRY ON STANDARDIZATION WORK IN INFORMATION TECHNOLOGY
JTC1
6/21/2008 22
SC7 - Terms of Reference
Standardization of processes, methods and supporting technologies for the
engineering and management of softwareand systems throughout their life cycles.
Standardization of processes, methods and supporting technologies for the
engineering and management of softwareand systems throughout their life cycles.
6/21/2008
12
6/21/2008 23
ProjectManagement
ComputerSciences andEngineering Dependability
Engineering(IEC TC 56)
Safety(IEC TC65),
Security, other mission-critical
IndustrialEngineering
QualityManagement(ISO TC 176)
APPLICATIONDOMAINS
(many TCs)
SOFTWARE and SYSTEMS SOFTWARE and SYSTEMS ENGINEERINGENGINEERING
ISO/IEC JTC 1/SC7
6/21/2008 24
SC7Prof F. Coallier
SYSTEM SOFTWARE
DOCUMENTATION
WG2
WG6 , WG12 & WG13EVALUATIONS AND
MEASUREMENTS
Prof J-M Desharnais
PROCESS ASSESSMENT
WG 10
TOOLS AND ENVIRONMENT
WG 4
LIFE CYCLE PROCESSES
WG 7
SYSTEM INTEGRITY
WG 9
BPGSWG 1
ODP Enterprise Language
WG 17
ODP and Modeling Languages
WG 19
SWG 5ArchitectureManagement
Quality ManagementProf W. Suryn
SecretariatProf W Suryn
Certification of Software Engineers
Prof C Laporte
WG 20
WG 18
Asset Management
WG 21
Very Small EnterprisesProf C Laporte
WG24
6/21/2008
13
6/21/2008 25
Standards Produced and Maintained by SC7
SC7 Secretariat ReportMoscow, May 2007.
0
10
20
30
40
50
60
70
80
90
100
1987 1989 1991 1993 1995 1997 1999 2001 2003 2005 2007
Standards Published
Standards Maintained
6/21/2008 26
ProcessImplementation and
Assessment
12207
15271
90003
15504Process
Assessment
Software Engineering
15288
19760
Systems Engineering
659292941591018019
Documentation
15939Measurement
15846
ConfigurationManagement
SC7’s legacy
353514759
1608515026
Risk & Integrity
19770Asset
Management
14764
Softwaremaintenance
16326
ProjectManagement
Software Quality
91261459814756
ProductProduct packaging
9127
Product Evaluation
12119
SoftwareFunctional sizemeasurement
1414319761209262096824570
15289
Tools, Methods
14102144711594018018
Tools and environment
5806 – 5807 – 6593 8631 – 8790 – 11411
SC7 Legacy Standards
10746, 1323514750, 1475214753, 1476914771, 1541415935, 19500Specifications
Documentation
Vocabulary
12182Software Body of Knowledge(SWEBOK)
19759
Foundation
14568154741547515476
CDIF
1543715909195018807
Modeling
From SWG5
Standards Collection
6/21/2008
14
6/21/2008 27
Relationships betweenISO/IEC software engineering standards
SURYN, W., HAILEY V, COSTER, A., Huge potential user base for ISO/IEC 90003the state of the art for improving quality in software engineering, ISO Focus, July-August 2004
6/21/2008 28
Outline
1. Definitions2. Sources of Standards3. Why Use Standards ?4. ISO and Software Engineering Standards5. IEEE Software Engineering Collection
• http://standards.computer.org/sesc/• Bibliothèque de l’ÉTS
• IExplore donne accès à toutes les normes IEEE
6/21/2008
15
6/21/2008 29
• Mission1. Identify and understand user needs in the field of
software engineering2. Develop an integrated family of standards that respond
effectively to user needs3. Support implementation of these standards4. Facilitate meaningful evaluation of resulting
implementations
– Using the IEEE processes to achieve consensus and compatibility with other IEEE standards
– Harmonization with international standards • e.g. ISO
IEEE Computer SocietySoftware Engineering Standards
Committee (SESC)
6/21/2008 30
• Purpose1. Provide a vocabulary for communication between
participants in the software engineering process,2. Provide objective criteria for understanding claims
regarding a product’s nature,3. Provide methods for specifying product
characteristics, and4. Assure that quality assurance practices were applied
IEEE Computer SocietySESC Collection
Source: Tripp, L., ‘Benefits of Certification’, IEEE Computer, June 2002
6/21/2008
16
6/21/2008 31
IEEE Computer SocietySESC Collection
• Currently numbers over 50 standards.– Over 2400 pages
• Book provides a guide to the collection.
6/21/2008 32Source: Moore 98
Software Engineering Standards:Importance
1. They consolidate existing technology into a firm basis for introducing newer technology
2. They increase professional discipline3. They protect the business4. They protect the buyer5. They improve the product
6/21/2008
17
6/21/2008 33
IEEE Computer SocietySESC Collection
Process
Project
Resource
Customer Product
aids transforms
producesInterects
with
uses
Applies to
interactswith
6/21/2008 34
Framework of Collection
Overall Guide
Terminology
“Toolbox” ofTechnique Standards
Customer Resource Process Product
Principles or Policies
Element Standards
Application Guides
SystemDisciplines
SoftwareEngineering
QualityManagement
Terminology
ISO and IECStandards
Source: Moore 98
6/21/2008
18
6/21/2008 35
• IEEE/EIA12207, Software Life Cycle Processes, is an umbrella for all of the customer and process standards in the SESC collection.
• All of the relevant standards will be revised to improve their fit with 12207– Many of them will detail the processes of the 12207 framework.
• From the user’s viewpoint, IEEE/EIA 12207 will serve as a single entry point to all the process standards of the IEEE software engineering collection.
• As a baseline to articulate new processes.– IEEE Std. 1517, Software Reuse Processes, adds three reuse
specific processes to those of 12207– IEEE Std. 1540 standard adds a software risk management process.
SESC CollectionIEEE/EIA 12207 – Umbrella Standard
6/21/2008 36
Outer Layer of SESC collection
Customerstandards
Processstandards
610.12IEEE glossary
[Moore97]
Productstandards
Resourcestandards
1044Classification of
anomalies
1044.1Guide to
1044
Terminology
OverallGuide
Principles
ElementStandards
ApplicationGuides and
Supplements
“Toolbox” ofTechniques
Source: Moore 98
6/21/2008
19
6/21/2008 37
SESC Collection – Customer Stack
Two-PartyAgreement
Principles
ElementStandards
ApplicationGuides and
Supplements
SupplierSelection System Stakeholders
12207.0Software life cycle processes
J-Std-016Acq / sup
agreement
12207.1 and 2Guide to software life cycle data and processes
1062Software
acquisition
1220Systems eng
process
1228SW safety
plans
1233Guide--System
rqmts spec
1362Concept of
operations doc
Source: Moore 98
6/21/2008 38
GeneralProcesses
1074.1Guide to 1074
730.1Guide--SW QA
planning
Principles
ElementStandards
ApplicationGuides and
Supplements
PrimaryProcesses
SupportingProcesses
ProcessMeasurement
12207.0Software life cycle (SWLC) processes
12207.1Guide--SW life
cycle data
12207.2Guide--SWLC
process
1220Systems eng.
process
1362Concept of
operations doc
1233Guide--System
rqmts spec
1058.1SW projectmgmt plans
1074DevelopingSWLC proc
J-Std-016Acq/sup
agreement
829SW test
documentation
830SW require-ments spec
1008SW unittesting
1219SW maint.
730SW QA plans
828SW CM plans
1012SW V & V
plans
1028SW reviewsand audits
1042Guide-SW CM
1059Guide--SWV & V plans
1298SW quality
mgmt system
1045SW product-ivity metrics
SESC Collection – Process Stack
Source: Moore 98
6/21/2008
20
6/21/2008 39
SESC Collection –Product Stack
Charac-teristics
982.2Guide to
982.1
730.1Guide--SW QA
planning
Principles
ElementStandards
ApplicationGuides and
Supplements
ProductMeasurement
ProductEvaluation
End ItemSpecification
730SW QA plans
982.1Measures forreliable SW
1012SW V & V
plans
1059Guide--SWV & V plans
1063SW user
documentation
1228SW safety
plans
1233Guide--System
reqmts spec
1362Concept of
operations doc
1061Software quality
metrics methodology
Source: Moore 98
6/21/2008 40
SESC Collection – Resource Stack
Data Storage& Interchange
1016.1Guide to
1016
Principles
ElementStandards
ApplicationGuides and
Supplements
Notation ReuseLibraries
Tools &Environments
829SW test
documentation
830SW rqmts
specifications
1016SW designdescriptions
1175Tool inter-connection
P1471Architecturaldescription
P1320.xIDEF
1430Guide to1420.x
1420.xData model forreuse lib interop
1209Selection
of CASE tools
1348Adoption ofCASE tools
Source: Moore 98
6/21/2008
21
6/21/2008 41
SESC Standards for Project Management
STANDARD TITLE VOLUME
IEEE std 1044-1993 IEEE Standard Classification for Software Anomalies
Volume Four : Resource and Technique Standards
IEEE std 1044.1-1995 IEEE Guide to Classification for Software Anomalies
Volume Four : Resource and
IEEE std 1058-1998 IEEE Standard for Software Project Management Plans
Volume Two : Process Standards
IEEE std 1490-1998 IEEE Guide to the Project management body of knowledge
Volume Two : Process Standards
6/21/2008 42
SESC Standards for PlansSTANDARD TITLE VOLUME
IEEE std 730-1998 IEEE Standard for Software Quality Assurance Plans
Volume Two : Process Standards
IEEE std 730.1-1995 IEEE Guide for Software Quality Assurance Planning
Volume Two : Process Standards
IEEE std 828-1998 IEEE Standard for Software configuration Management Plans
Volume Two : Process Standards
IEEE std 1012-1998 IEEE Standard for Software Verification and Validation
Volume Two : Process Standards
IEEE std 1012a-1998 Supplement to IEEE Standard for Software Verification and validation
Volume Two : Process Standards
IEEE std 1228-1998 IEEE Standard for Software Safety Plans
Volume One : Customer and Terminology Standards
6/21/2008
22
6/21/2008 43
SESC Standards for Documentation
STANDARD TITLE VOLUME
IEEE std 829-1998 IEEE Standard for Software Test Documentation
Volume Four : Resource and Technique standards
IEEE std 830-1998 IEEE Recommended Practice for Software requirements Specifications
Volume Four : Resource and Technique Standards
IEEE std 1016-1998 IEEE Recommended Practice for Software Design Descriptions
Volume Four : Resource and Technique Standards
IEEE std 1063-1987 IEEE Standard for Software User Documentation
Volume Three : Product Standards
IEEE std 1233-1998 Edition IEEE Guide for Developing System Requirements Specifications
Volume One : Customer and terminology Standards
IEEE std 1362-1998 IEEE Guide for Information Technology – System Definition – Concept of Operations Document
Volume One : Customer and Terminology Standards
6/21/2008 44
SESC Standards for Measurement
STANDARD TITLE VOLUME
IEEE std 982.1-1998 IEEE Standard Dictionary of Measures to Produce Reliable Software
Volume Three : Product standards
IEEE std 982.2-1998 IEEE Guide for the Use of Standard Dictionary for Measures to Produce Reliable Software
Volume Three : Product Standards
IEEE std 1045-1992 IEEE Standard for Software Productivity Metrics
Volume Two : Process Standards
IEEE std 1061-1998 IEEE Standard for a Software Quality Metrics Methodology
Volume Three : Product Standards