Towards a Consistent World View
of Systems and Software
Engineering Practice
The opinions
contained in this
presentation are those
Jim Moore
of the author and do
The MITRE Corporation
not necessarily
represent those of The
Vice President of Standards, IEEE Computer Society
MITRE Corporation
or its sponsors.
James.W.Moore@ieee.org
IEEE Computer Society

Institute of Electrical and Electronics Engineers:




The Computer Society is the largest of IEEE’s 37
technical societies:



360,000 members in 175 countries.
Publishes 30% of the world’s technical literature within its
scope of interest.
900 standards with another 700 under development.
100,000 members, 40% outside the US.
Founded in 1946, the world’s oldest and largest association
of computing professionals.
The Software and Systems Engineering Standards
Committee (S2ESC) of IEEE CS maintains a
collection of about 40 standards.
SSTC 2004
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 2
Harmonization

I’ve been talking about harmonization
of software engineering standards for
years.

A lot of progress has been made.

The scope of harmonization is
enlarging, though.

This is a status report.
SSTC 2004
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 3
A Success Story: Harmonization of SWE Standards and
Professional Development
Strong
Compatibility
Selected
SC7
Standards
S2ESC
Standards
CCSE
S2ESC
Book
Series
Substantial Consistency
SWEBOK
Guide
• SWEBOK Guide cites key
standards.
• CSDP uses SWEBOK Knowledge
Areas + 1
• S2ESC organizes its collection
via the SWEBOK KAs.
• SC7 is adopting SWEBOK Guide
as an ISO/IEC Technical Report
• CCSE started with SWEBOK and
rebalanced for undergraduate
needs.
SSTC 2004
CSDP
Exam
Strong
Compatibility
CSDP
Online
Course
CSDP
Study
Material
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 4
Dimensions of Complexity







Professional Development Materials, e.g. Training,
Certification Examination
Standards Developing Organization, e.g. IEEE, ISO,
etc, and other Professional Organizations
Discipline, e.g. Systems, Software, Quality
Management Level, e.g. Enterprise, Project
Product Hierarchy, e.g. System of Systems
Subject Areas, e.g. Safety, Dependability, Security
Level of Prescription, e.g. Principles, Standards,
Guides
SSTC 2004
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 5
Harmonization among Organizations
IEEE SA IEEE CS
IEEE-SA
ISO
IEC
Examples:


TC176
JTC1

QM

S2ESC
SC7
SE, SWE
SE, SWE



ASQ SW QM
PMI
PM
INCOSE
SEI
Process
Assessment
SE
SSTC 2004
EIA
IEEE CS, like INCOSE, maintains a
liaison to SC7.
S2ESC has policies re compatibility
with other products, e.g. ISO 9001
S2ESC will adopt ISO/IEC 90003
S2ESC and SC7 have a shared
“Vision of Outcomes”
S2ESC adopts some key SC7
standards and contributes some of
its own to SC7.
S2ESC is coordinating with
INCOSE on SE process standards.
S2ESC has adopted PMI PMBOK as
IEEE Std 1490
SE,
SWE
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 6
Harmonization among Disciplines

ISO TC176
QM
Standards
ISO 9001 and 9004
Quality Mgmt System

Liaison between
TC176 and SC7
Cross-membership
of S2ESC, US TAG
to TC176 and ASQ
SW.
SC7 developed
ISO/IEC 90003.
S2ESC will adopt.
SC7 considers the
relevant subsidiary
TC176 standards in
its planning.
Subsidiary
TC176
Standards
ISO
10006
Quality
in PM
ISO
10007
Quality
in CM
ISO
10005
Quality
Plans
15288
Sys LC
Processes
Project
Plan,
Assess,
& Control
CM
QM
Verifica
tion
Validati
on

12207
SW LC
Processes
Mgmt
CM
QA
Verifica
tion
Validati
on
What about Enterprise
Architecture standards
from TC 184?
SSTC 2004

Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 7
Harmonization across Management Levels
Enterprise
Processes
Agreement
Processes
Project
Processes
Technical
Processes
Enterprise
Processes
Project
Processes
Process
Categories of
ISO/IEC 15288

PMI PMBOK applies to
“Project” Management.

Management process of
12207 is inherent to the
enterprise and
“instantiated” for a project.
Technical
Processes
Hopeful Steps:
 SC7 and S2ESC apply material
from ISO 9001, PMI, and others.
 Material from ISO 15704,
Enterprise Architectures and
Methodologies, is being
introduced.
 The new ISO/IEC 15504, Process
Assessment, can be applied to
processes at any level.
SSTC 2004
Example - Management:
Example - Quality:


The “quality manual” of
ISO 9001 applies at the
enterprise level.
The “quality assurance”
process of 12207 is a
technical process.
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 8
Harmonization across Product Hierarchy
15288 Technical Processes


There is a reasonably good
fit of 12207 development
activities with 15288
technical processes.
But how will 15288 enterprise
processes fit with other
standards?

Enterprise Environment
Management

System Life Cycle Processes
Management

Quality Management

Resource Management

Investment Management
Activities of 12207
Development Process
Stakeholder Reqmts
Reqmts Analysis
Sys Reqmts Analysis
Arch Design
Sys Arch Design
Implementation
SW Reqmts Analysis
SW Arch Design
SW Detail Design
SW Code & Test
SW Integration
SW Qualification Test
Integration
Sys Integration
Verification
Sys Qualification Test
Transition
SW Installation
Validation
SW Accept Support
Delivery …
SSTC 2004
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 9
Harmonization among Subject Areas
ISO
TMB
IEC
Risk Mgmt
Vocabulary
TC176
TC184
Quality Mgmt
Enterprise Arch
SC7
JTC1
Study Group
TC56
TC65
Dependability
Safety
SC27
Privacy
Software and
Systems
Engineering
SSTC 2004
IT Security
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 10
Harmonization across Levels of
Prescription
Example:
(SW) Risk
Management
Example:
(SW) Configuration
Management
Terminology
ISO Guide 73
ISO 9000
Principles
ISO/IEC 12207 Amd
ISO 10007
ISO/IEC 12207 Amd
Standards
Guides
SSTC 2004
IEEE 1540
(now ISO/IEC and
IEEE 16085)
ISO/IEC 12207
AS/NZS 4360
IEEE Std 1042
(now withdrawn)
IEEE Std 828
ISO/IEC TR 15846
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 11
Harmonization Tools

Vocabulary

Body of Knowledge

Product Quality Model

Measurement Model

Reference Processes
SSTC 2004
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 12
Vocabulary


IEEE 610.12, Glossary of Software Engineering Terminology,
was last revised in 1990.
JTC1 doesn’t have a system and software engineering
vocabulary but does have a few near-misses of varying ages:






ISO/IEC 2382-1:1993, Information technology–Vocabulary–Part 1:
Fundamental terms
ISO/IEC 2382-7:2000, Information technology–Vocabulary–Part 7:
Computer programming
ISO/IEC 2382-8:1998, Information technology–Vocabulary–Part 8:
Security
ISO/IEC 2382-14:1997, Information technology–Vocabulary–Part
14: Reliability, maintainability and availability
ISO/IEC 2382-20:1990, Information technology–Vocabulary–Part
20: System development
IEEE CS and SC7 approved a project to
develop a shared vocabulary …
… but the convener lost his funding.
SSTC 2004
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 13
Body of Knowledge
Classification
of Topics
Topic
Descriptions
Matrix of Topics
& References
Classification
by Bloom’s
Taxonomy
References
References
to Related
Disciplines
Knowledge Areas
• Requirements
• Design
• Construction
• Testing
• Maintenance
• CM
• Management
• Tools & Methods
• Process
• Quality
Related Disciplines
•
•
•
•
•
•
•
•
•
Comp Science
Mathematics
Project Mgmt
Computer Eng
Cognitive Sci
Human Factors
Systems Eng
Management
Mgmt Science

IEEE CS Guide to the Software Engineering Body of
Knowledge (Trial Use Version) was released in 2001.

2004 edition will be released this year.

JTC1 is adopting it as ISO/IEC Technical Report
19759.
http://www.swebok.org
SSTC 2004
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 14
Product Quality Model

S2ESC adopted the quality model of ISO/IEC
9126-1:2001.
External
Quality
Function
-ality
Reliability
Suitability
Accuracy
Interoperability
Security
Compliance
Maturity
Fault
Tolerance
Recoverability
Compliance
Usability
Understand
ability
Learnability
Operability
Attractiveness
Compliance
Internal
Quality
Quality
in Use
Efficiency
Maintainability
Portability
Time
Behavior
Resource
Utilization
Compliance
Analyzability
Changeability
Stability
Testability
Compliance
Adaptability
Installability
Coexistence
Replaceability
Compliance
Effectiveness
Productivity
Safety
Satisfaction
http://standards.computer.org/sesc/sesc_pols
SSTC 2004
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 15
Measurement Model

S2ESC adopted the
measurement model
of ISO/IEC 15389 …

… which, in turn,
came from the DoD
Practical Software
Measurement
program.
http://standards.computer.
org/sesc/sesc_pols
SSTC 2004
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 16
Reference Processes (Part 1)
An Enterprise
An Enterprise
Management
Infrastructure
Training
Acquisition
Supply
Improvement
Documentation
The existing reference
processes of S2ESC are:
• 17 processes of 12207
• + Measurement from
ISO/IEC 15939
• + Risk Management from
IEEE 1540 (now ISO/IEC
16085)
• + 3 software reuse
processes from IEEE 1517
All additions were designed to
“plug into” 12207.
SSTC 2004
Quality Assurance
Development
Verification
Validation
Operation
Configuration Mgmt
Joint Review
Maintenance
Three SW reuse
processes
Audit
Problem Resolution
Measurement
Risk Management
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 17
Reference Processes (Part 2)




ISO/IEC 12207 Amd 1 and 2 describe
purpose and outcomes of three dozen
software life cycle processes.
ISO/IEC 15288 describes purpose,
outcomes and activities of two dozen
system life cycle processes.
There seems to be some overlap.
The current “harmonization” project is
intended to sort this out.
SSTC 2004
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 18
Summary





IEEE CS S2ESC has been integrating and stabilizing
selected software and systems engineering standards
for the last decade.
IEEE CS S2ESC standards are now supported by
compatible professional development and certification
material.
Integration of software engineering discipline is largely
completed.
Integration with systems engineering and quality
management is underway.
“Horizon” for integration is being pushed out further.
SSTC 2004
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 19
Abbreviations (Part 1)











Accept: Acceptance
Amd: Amendment [to an
international standard]
Arch: Architecture
AS/NZS: Australia and New Zealand
Standard
ASQ SW: Software Division of
American Society for Quality
CCSE: Computing Curriculum-Software Engineering
CM: Configuration Management
Comp: Computer
Config: Configuration
CS: [IEEE] Computer Society
CSDP: [IEEE Computer Society]
Certified Software Development
Professional
SSTC 2004










DoD: [US] Department of Defense
EIA: Electronic Industries Alliance
Eng: Engineering
IEC: International Electrotechnical
Commission
IEEE: Institute of Electrical and
Electronics Engineers, Inc.
INCOSE: International Council on
Systems Engineering
ISO: International Organization for
Standardization
IT: Information Technology
JTC1: Joint Technical Committee 1
(Information Technology) of ISO
and IEC
KA: [SWEBOK] Knowledge Area
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 20
Abbreviations (Part 2)













LC: Life Cycle
Mgmt: Management
PM: Project Management
PMBOK: Project Management Body
of Knowledge
PMI: Project Management Institute
QM: Quality Management
Reqmts: Requirements
S2ESC: Software and Systems
Engineering Standards Committee
SA: [IEEE] Standards Association
SC7: Subcommittee 7 (Software
and Systems Engineering) of
ISO/IEC JTC1
Sci: Science
SE: Systems Engineering
SEI: Software Engineering Institute
SSTC 2004










Std: Standard [in IEEE jargon]
SW: Software
SWE: Software Engineering
SWEBOK: Software Engineering
Body of Knowledge
Sys: System
TAG: Technical Advisory Group
TCxxx: Technical Committee xxx of
ISO or IEC
TMB: [ISO] Technical Management
Board
TR: [ISO or ISO/IEC] Technical
Report
US: United States
Copyright © James W. Moore, 2004. Permission is granted to
reproduce without change provided this notice is included.
Moore - 21