An Overview of IEEE Software Engineering Standards and

Paul R. Croll Knowledge Products Chair, IEEE SESC Computer Sciences Corporation [email protected] Objectives l Provide an introduction to The IEEE Software Engineering Standards Committee (SESC) l Provide an overview of the current state and future direction of IEEE Software Engineering Standards and knowledge products u IEEE Software Engineering Standards Collection u Software Engineering Competency Recognition Program u Standards-Based Training l Discuss how you can participate in software engineering standardization efforts

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 2 The IEEE Software Engineering Standards Committee (SESC)

http://computer.org/standard/sesc/

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 3 The SESC Vision

l The leading supplier and promoter of a family of software engineering standards and related products and services.

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 4 Software Engineering: An Object View

Source: [SESC95]

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 5 SESC in the IEEE Structure

IEEE

IEEE IEEE Computer Society Standards Board

Software Engineering Standards Committee

Executive Committee & Management Board

Working Group Study Group Planning Group Conferences

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 6 SESC Strategic Program Model

ISO and IEC IEEE SESC Standards Standards Program

Terminology Terminology

Overall Guide Quality Customer Resource Process Product Management Principles or Policies

Element Standards Software Engineering Application Guides

System “Toolbox” of Disciplines Technique Standards

Source: [SESC95] ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 7 The IEEE Software Engineering Standards Collection http://standards.ieee.org/catalog/softwareset.html

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 8 The 2000 Software Engineering Standards Collection l Forty-six Standards u Customer & Terminology u Process u Product u Resource & Technique l Overall guide u Several “views”

n Context

n Object

n Normative intent

n Provider and subject u Relationships among Source: [Moore97] standards

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 9 IEEE/EIA 12207: The Life Cycle Process Framework l IEEE/EIA 12207, Standard for Information Technology – Software Life Cycle Processes u Addresses the complete software engineering life cycle, from acquisition and supply, through development, to operations and maintenance u Provides a process framework upon which an organization can build its enterprise-level life cycle processes u These enterprise-level processes are then tailored into projects, in order to meet specific project-level requirements.

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 10 IEEE/EIA 12207 Process Tree

ACQUISITION SUPPLY DEVELOPMENT OPERATION MAINTENANCE PRIMARY

LIFE CYCLE

SUPPORTING DOCUMENTATION CONFIGURATION MANAGEMENT QUALITY ASSURANCE VERIFICATION VALIDATION JOINT REVIEW AUDIT PROBLEM RESOLUTION

ORGANIZATIONAL MANAGEMENT INFRASTRUCTURE IMPROVEMENT TRAINING Source: [Singh97] TAILORING

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 11 Unit 2: IEEE/EIA 12207 Overview - Process Interactions 12207 Process Flow

ORGANIZATION MANAGEMENT INFRASTRUCTURE IMPROVEMENT TRAINING

M F PROJECT

OPERATION F F F E: 3 F T

ACQUISITION SUPPLY MAINTENANCE T E U: 4 U: 4 T E: 2,3 P JOINT E REVIEW E: ACQ E U E: 3 T: SUB E U E AUDIT P QA DEVELOPMENT E: 3 E: 3 E: 1,2,3 (T)E (I)V&V E V&V E: 3 E: 3

1 2 3 4 E PROBLEM DOCUMENTATION CM RESOLUTION TAILORING ACQ - ACQUISITION. SUB - SUBCONTRACTOR E - EXECUTE Source: [Singh97] F - FEEDBACK. M - MANAGE. P - PARTICIPATE. T - TASK. U - USE PDCA E:N - EXECUTE THE PROCESS NUMBERED N ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 12 Unit 2: IEEE/EIA 12207 Overview - Primary Process Flow Primary Process Flow

OPERATION

T

ACQUISITION SUPPLY MAINTENANCE T E/T

U E = EXECUTE T =TASK DEVELOPMENT U =USE

Source: [Singh97] PLAN, DO, CHECK & ACT

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 13 Unit 2: IEEE/EIA 12207 Overview - Supporting Process Flow Supporting Process Flow

QUALITY ASSURANCE

ACQUISITION VERIFICATION

SUPPLY DOCUMENTATION VALIDATION DEVELOPMENT JOINT REVIEW CONFIGURATION OPERATION MANAGEMENT

AUDIT MAINTENANCE

PROBLEM RESOLUTION Source: [Singh97]

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 14 Unit 2: IEEE/EIA 12207 Overview - Organizational Process Flow Organizational Process Flow

MANAGEMENT PROCESS

INFRASTRUCTURE PROCESS PRIMARY PROCESS IMPROVEMENT SUPPORTING PROCESS PROCESS

TRAINING PROCESS

Source: [Singh97]

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 15 Unit 2: IEEE/EIA 12207 Overview - Process Roles 12207 Process Roles

Role

ACQUISITION employ S ACQUIRER ACQUISITION PROCESS ROLE U P contract P O SUPPLY employ SUPPLIER SUPPLY PROCESS R ROLE T employ employ employ I N OPERATING • OPERATOR G OPERATION PROCESS employ ROLE • USER

use P R ENGINEERING • DEVELOPER MAINTENANCE use DEVELOPMENT employ O ROLE • MAINTAINER PROCESS PROCESS C E S EMPLOYER SUPPORTING OF • Documentation • Validation S • Configuration management • Joint review ROLE SUPPORTING E PROCESSES • Quality assurance • Audit S • Verification • Problem resolution ORGANIZATIONAL ORGANIZATIONAL• PROCESSES MANAGER ROLE Management • Infrastructure • Improvement • Training Source: [Singh97]

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 16 Unit 2: IEEE/EIA 12207 Overview - Process Roles Role Definitions l Acquirer: u an organization that acquires or procures a system, software product or software service from a supplier l Supplier: u an organization that enters into a contract with the acquirer for the supply of a system, software product or software service under the terms of the contract l Operator: u an organization that operates the system

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 17 Unit 2: IEEE/EIA 12207 Overview - Process Roles Role Definitions - 2 l Developer: u an organization that performs development activities (including requirements analysis, design, testing through acceptance) during the software life cycle process l Maintainer: u an organization that performs maintenance activities l Supporting Process Performer and Manager are undefined

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 18 Unit 2: IEEE/EIA 12207 Overview - Structure IEEE/EIA 12207 Document Structure l IEEE/EIA 12207.0-1996, Software Life Cycle Processes u Industry adoption of ISO/IEC 12207-1995 l IEEE/EIA 12207.1-1997, Life Cycle Data u Industry guide to life cycle data l IEEE/EIA 12207.2-1997, Implementation Considerations u Industry guide to implementation of the life cycle processes contained in 12207.0

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 19 Unit 2: IEEE/EIA 12207 Overview - Structure IEEE/EIA 12207.0 Document Structure

l Foreword to IEEE/EIA 12207.0-1996 l ISO/IEC 12207-1995 u Introduction u Foreword u Clause 1 - Scope u Clause 2 - Normative references u Clause 3 - Definitions u Clause 4 - Application of this International Standard u Clause 5 - Primary life cycle processes u Clause 6 - Supporting processes u Clause 7 - Organizational life cycle processes

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 20 Unit 2: IEEE/EIA 12207 Overview - Structure IEEE/EIA 12207.0 Annexes

l ISO/IEC 12207-1995 Annexes u A - Tailoring process u B - Guidance on tailoring u C - Guidance on processes and organizations u D - Bibliography l Additional IEEE/EIA 12207.0 Annexes u E - Basic concepts of ISO/IEC 12207 u F - Compliance u G - Life cycle processes objectives u H - Life cycle data objectives u I - Relationships u J - Errata

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 21 Unit 2: IEEE/EIA 12207 Overview - Structure IEEE/EIA 12207.1 Document Structure

u Introduction u Clause 1 - Scope u Clause 2 - Normative references u Clause 3 - Definitions u Clause 4 - Life cycle data

n Clause 4.1 Overview

n Clause 4.2 Life cycle data objectives

n Clause 4.3 Information item matrix

n Clause 4.4 Compliance u Clause 5 - Generic information item content guidelines u Clause 6 - Specific information item content guidelines u Annex A - References

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 22 Unit 2: IEEE/EIA 12207 Overview - Structure IEEE/EIA 12207.2 Document Structure l Foreword l Introduction l Clause 1 - Scope l Clause 2 - Normative references l Clause 3 - Definitions l Clause 4 - Application l Clause 5 - Primary life cycle processes l Clause 6 - Supporting processes l Clause 7 - Organizational life cycle processes

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 23 Unit 2: IEEE/EIA 12207 Overview - Structure IEEE/EIA 12207.2 Annexes

l IEEE/EIA 12207 Annexes u A - IEEE/EIA 12207.0 Annex A - Tailoring process u B - IEEE/EIA 12207.0 Annex F - Compliance u C - IEEE/EIA 12207.0 Annex G - Life cycle processes objectives u D - IEEE/EIA 12207.0 Annex H - Life cycle data objectives u E - IEEE/EIA 12207.0 Annex J - Errata

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 24 Unit 2: IEEE/EIA 12207 Overview - Structure IEEE/EIA 12207.2 Annexes - 2

l Additional IEEE/EIA 12207.2 Annexes u F - Use of reusable software products u G - Candidate joint management reviews u H - Software measurement categories u I - Guidance on development strategies and build planning u J - Category and priority classifications for problem reporting u K - Software product evaluations u L - u M - Life cycle processes references

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 25 Supporting Standards for High Integrity Software l IEEE/EIA 12207 relies upon other standards to fill in the details regarding the activities supporting life cycle processes. l In the case of high integrity software, several additional software engineering standards are of interest.

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 26 Customer and Terminology

l 610.12, Standard Glossary of Software Engineering Terminology l 1062, Recommended Practice for Software Acquisition l 1220, Standard for Application and Management of the Systems Engineering Process l 1228, Standard for Software Safety Plans l 1233, Guide for Developing System Requirements Specifications l 1362, Guide for Document l 12207, Software Life Cycle Processes l 12207.1, Guide to Software Life Cycle Processes—Life Cycle Data l 12207.2, Guide to Software Life Cycle Processes—Implementation Considerations n = High Integrity Systems Related ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 27 Process

l 730, Standard for Software Quality Assurance Plans l 730.1, Guide for Software Quality Assurance Planning l 828, Standard for Software Configuration Management Plans l 1008, Standard for Software Unit Testing l 1012, Standard for Software Verification and Validation l 1012a, Software Verification and Validation Content Map to IEEE/EIA 12207.1 l 1028, Standard for Software Reviews l 1042, Guide to Software Configuration Management l 1045, Standard for Software Productivity Metrics l 1058, Standard for Software Plans l 1059, Guide for Software Verification and Validation Plans l 1074, Standard for Developing Software Life Cycle Processes l 1219, Standard for l 1490, A Guide to the Program Management Body of Knowledge n = High Integrity Systems Related ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 28 Process - 2

l J-STD-016-1995, (EIA/IEEE) Interim Standard for Information Technology - Software Life Cycle Processes - Software Development - Acquirer-Supplier Agreement l 1517-1999, Standard for Information Technology - Software Life Cycle Processes - Reuse Processes l P1540, D7.0, Draft Standard for Software Life Cycle Processes - Risk Management

n = High Integrity Systems Related ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 29 Product

l 982.1, Standard Dictionary of Measures to Produce Reliable Software l 982.2, Guide for the Use of Standard Dictionary of Measures to Produce Reliable Software l 1061, Standard for a Software Quality Metrics Methodology l 1063, Standard for Software User Documentation l 1465, IEEE Standard Adoption of ISO/IEC 12119: 1994 (E) International Standard--Information Technology - Software Packages - Quality Requirements and Testing l 14143.1, Approved Draft - Standard Adoption of ISO/IEC 1443- 1:1998 - Information Technology - Software Measurement - Functional Size Measurement - Part 1: Definition of Concepts n = High Integrity Systems Related ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 30 Resource and Technique l 829, Standard for Software Test Documentation l 830, Recommended Practice for Software Requirements Specifications l 1016, Recommended Practice for Software Design Descriptions l 1044, Standard Classification for Software Anomalies l 1044.1, Guide to Classification for Software Anomalies l 1320.1, Syntax and Semantics for IDEF0 l 1320.2, Syntax and Semantics for IDEF1X97 (IDEFObject) l 1348, Recommended Practice for the Adoption of CASE Tool l 1420.1, Software Reuse—Data Model for Reuse Library Interoperability: Basic Interoperability Data Model l 1420.1a, Software Reuse—Data Model for Reuse Library Interoperability: Asset Certification Framework l 1420.1b-1999, Trial Use Supplement - Software Reuse—Data Model for Reuse Library Interoperability: Data Model for Reuse Library Interoperability: Intellectual Property Rights Framework n = High Integrity Systems Related ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 31 Resource and Technique - 2

l 1430, Guide for Software Reuse - Concept of Operations for Interoperating Reuse Libraries l 1462, Guide for the Evaluation and Selection of CASE Tools l P1471, Recommended Practice For Architectural Description of Software Intensive Systems

n = High Integrity Systems Related ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 32 IEEE 1540: Software Risk Management - Process Model

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 33 IEEE 1471: Recommended Practice for Architectural Description of Software- Intensive Systems - Conceptual Model

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 34 Software Engineering Competency: Professionalizing Software Engineering

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 35 The Three Components of Engineering Competency l A defined Body of Knowledge l A Code of Practice l Competency recognition

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 36 Guide to the Software Engineering Body of Knowledge l Objectives u Better characterize the discipline of Software Engineering u Provide a consistent view Software Engineering as an engineering discipline

http://www.swebok.org

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 37 IEEE Software Engineering Competency Recognition Program l Goals u Identify qualified professionals u Ensure recognition of expertise u Assist in professional development u Establish professional practice standards u Protect public u Enable professionals to stay current

Source: [IEEE99]

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 38 IEEE Software Engineering Competency Recognition Program - 2 l Roles u software engineering practitioner u software project manager u software systems architect u supporter (e.g. CM, QA, etc.)

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 39 Standards-Based Training l Skills training in the “Code of Practice” u tailorable course outlines u completion certificates l Pilot training program u State of California u New York City Transit Authority u Delta Airlines l Twenty-three courses were delivered last year to 500 attendees l Five universities contracted to teach courses

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 40 IEEE Software Engineering Standards Committee

Our Future and Yours

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 41 SESC objectives for the New Millenium l A consistent collection of Software Engineering Standards to support process definition and product development, that improve the quality of delivered software and software-intensive systems l Development and delivery of Standards-based training to improve skills l Feedback mechanisms to capture experience in standards usage l A conformance program for the organizational implementation of SESC standards

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 42 How You Can Participate l Join the IEEE Computer Society (at http://www.computer.org) l Join the IEEE Software Engineering Standards Committee (at http://www.tcse.org) u Lead or participate in Working Groups developing or revising Standards u Lead or participate in Study Groups investigating new areas for standardization u Participate in SESC special projects u Become part of the SESC balloting pool (IEEE Standards Association membership required)

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 43 Questions

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 44 For more information . . .

Paul R. Croll Computer Sciences Corporation 5166 Potomac Drive King George, VA 22485-5824

Phone: +1 540.663.9251 Fax: +1 540.663.0276 e-mail: [email protected]

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 45 References

[IEEE99] IEEE Computer Society, “Business Plan for the Software Engineering Competency Recognition Program”, May1999 [Moore97] James W. Moore, Software Engineering Standards: A User's Road Map, IEEE Computer Society Press, Los Alamitos, CA, 1997. [SESC95] SESC Business Planning Group, “Vision 2000 Strategy Statement (Final Draft),” v0.9, SESC/BPG-002, August 20, 1995. [Singh97] Raghu Singh, An Introduction to International Standards ISO/IEC 12207, Software Life Cycle Processes, 1997.

ASQ Section 509 SSIG Meeting, 8 November 2000 Paul R. Croll - 46