Systems and software engineering -- Life cycle management

This document is a guideline for the application of ISO/IEC/IEEE 12207:2017. This document establishes guidance to implement a common framework for software life cycle processes, with well-defined terminology, that can be referenced by the software industry. This document provides guidance on defining, controlling, and improving software life cycle processes within an organization or a project. This document recommends methods and approaches suitable for a variety of life cycle models. The guidance emphasizes the importance of establishing a strategy, planning, and the involvement of stakeholders, with the ultimate goal of achieving customer satisfaction. This document applies to the acquisition, supply, design and development, transition, operation, maintenance, and disposal (whether performed internally or externally to an organization) of software systems, products, and services (including software as a service (SaaS)), and the software portion of any system. Software includes the software portion of firmware. The guidance on processes, activities, and tasks in this document can also be applied during the acquisition of a system that contains software. The guidance in this document can also be used as a basis for selecting, establishing, and improving organizational environments, e.g., methods, procedures, techniques, tools, and trained personnel. In the context of this document, there is a continuum of human-made systems from those that use little or no software to those in which software is the primary interest. It is rare to encounter a complex system without software, and all software systems require physical system components (hardware) to operate, either as part of the software system-of-interest (SoI) or as an enabling system or infrastructure. Thus, the choice of whether to apply this document for guidance to the software life cycle processes, or ISO/IEC/IEEE 24748-2, depends on the SoI. At a high level, both documents have the same life cycle process framework, but differ in guidance for activities and tasks to perform software engineering or systems engineering, respectively. The processes and process groups in this document are identical in their purpose and outcomes with those in ISO/IEC/IEEE 12207:2017 and in ISO/IEC/IEEE 15288:2015, with one exception: the System/Software Requirements Definition process of ISO/IEC/IEEE 12207:2017 and this document has a different name from the System Requirements Definition process of ISO/IEC/IEEE 15288:2015. Use of the guidance in this document is appropriate regardless of software system size or complexity or organizational size. The process outcomes from the ISO/IEC/IEEE 12207:2017 life cycle processes are meant to be generic and applicable to the engineering of any software system in any size organization. This document does not prescribe nor detail a specific software life cycle model, development methodology, method, modelling approach, or technique and method. The variety of ways for implementing software (e.g., development of new code, integration of existing open source components and commercial products, or modifications to existing software, including transition to new platforms) make it impossible to detail specific procedures. This document does not establish a management system or provide guidance on the use of any management system standard. However, it is intended to be compatible with the quality management system specified by ISO 9001, the service management system specified by ISO/IEC 20000-1, the IT asset management system specified by ISO/IEC 19770 (all parts), and the information security management system specified by ISO/IEC 27000. Clause 6 provides guidance on aspects of purposes, outcomes, activities, and tasks in ISO/IEC/IEEE 12207:2017. However, this document does not repeat the detailed requirements and recommendations for purposes, outcomes, activities, and tasks for each life cycle process found in ISO/IEC/IEEE 12207:2017. Clause 6 also pr

Ingénierie des systèmes et du logiciel -- Gestion du cycle de vie

General Information

Status
Published
Publication Date
22-Oct-2020
Current Stage
5060 - Close of voting Proof returned by Secretariat
Start Date
04-Jun-2020
Completion Date
03-Jun-2020
Ref Project

RELATIONS

Buy Standard

Standard
ISO/IEC/IEEE 24748-3:2020 - Systems and software engineering -- Life cycle management
English language
66 pages
sale 15% off
Preview
sale 15% off
Preview
Draft
ISO/IEC/IEEE FDIS 24748-3:Version 25-apr-2020 - Systems and software engineering -- Life cycle management
English language
69 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

INTERNATIONAL ISO/IEC/
STANDARD IEEE
24748-3
First edition
2020-10
Systems and software engineering —
Life cycle management —
Part 3:
Guidelines for the application of ISO/
IEC/IEEE 12207 (software life cycle
processes)
Ingénierie des systèmes et du logiciel — Gestion du cycle de vie —
Partie 3: Lignes directrices pour l'application de l'ISO/IEC/IEEE
12207 (processus du cycle de vie du logiciel)
Reference number
ISO/IEC/IEEE 24748-3:2020(E)
ISO/IEC 2020
IEEE 2020
---------------------- Page: 1 ----------------------
ISO/IEC/IEEE 24748-3:2020(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2020
© IEEE 2020

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO or IEEE at the

respective address below or ISO’s member body in the country of the requester.
ISO copyright office Institute of Electrical and Electronics Engineers, Inc
CP 401 • Ch. de Blandonnet 8 3 Park Avenue, New York
CH-1214 Vernier, Geneva NY 10016-5997, USA
Phone: +41 22 749 01 11
Email: copyright@iso.org Email: stds.ipr@ieee.org
Website: www.iso.org Website: www.ieee.org
Published in Switzerland
© ISO/IEC 2020 – All rights reserved
ii © IEEE 2020 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC/IEEE 24748-3:2020(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 2

3 Terms, definitions, and abbreviated terms ............................................................................................................................... 2

3.1 Terms and definitions ....................................................................................................................................................................... 2

3.2 Abbreviated terms ............................................................................................................................................................................... 2

4 Concepts for software and software systems .......................................................................................................................... 3

4.1 General ........................................................................................................................................................................................................... 3

4.2 Software system concepts ............................................................................................................................................................. 3

4.3 Organizational concepts ................................................................................................................................................................. 4

4.4 Project concepts ..................................................................................................................................................................................... 6

5 Process and life cycle concepts .............................................................................................................................................................. 8

5.1 Process concepts ................................................................................................................................................................................... 8

5.2 Life cycle concepts ............................................................................................................................................................................10

5.2.1 Life cycle stages..............................................................................................................................................................10

5.2.2 Interrelationships of software processes and stages ....................................................................11

5.2.3 Life cycle process models for software systems ................................................................................12

5.3 Process groups .....................................................................................................................................................................................16

6 Software life cycle processes .................................................................................................................................................................17

6.1 Agreement processes .....................................................................................................................................................................17

6.1.1 Acquisition process ....................................................................................................................................................17

6.1.2 Supply process ................................................................................................................................................................20

6.2 Organizational project-enabling processes .................................................................................................................21

6.2.1 Life cycle model management process ......................................................................................................21

6.2.2 Infrastructure Management process ...........................................................................................................22

6.2.3 Portfolio Management process .........................................................................................................................24

6.2.4 Human Resource Management process ....................................................................................................24

6.2.5 Quality Management process .............................................................................................................................25

6.2.6 Knowledge Management process...................................................................................................................26

6.3 Technical Management processes .......................................................................................................................................27

6.3.1 Project Planning process........................................................................................................................................27

6.3.2 Project assessment and control process ..................................................................................................28

6.3.3 Decision Management process .........................................................................................................................31

6.3.4 Risk Management process ....................................................................................................................................32

6.3.5 Configuration Management process ............................................................................................................34

6.3.6 Information Management process ................................................................................................................35

6.3.7 Measurement process ..............................................................................................................................................36

6.3.8 Quality Assurance process ...................................................................................................................................38

6.4 Technical processes .........................................................................................................................................................................39

6.4.1 Business or Mission Analysis process ........................................................................................................39

6.4.2 Stakeholder Needs and Requirements Definition process .......................................................40

6.4.3 System/Software requirements definition process ........................................................................41

6.4.4 Architecture Definition process .......................................................................................................................43

6.4.5 Design Definition process .....................................................................................................................................47

6.4.6 System Analysis process .........................................................................................................................................49

6.4.7 Implementation process ........................................................................................................................................50

6.4.8 Integration process .....................................................................................................................................................52

6.4.9 Verification process ....................................................................................................................................................53

6.4.10 Transition process .......................................................................................................................................................55

6.4.11 Validation process .................. .................................................... ..................................................................................57

6.4.12 Operation process ........................................................................................................................................................58

© ISO/IEC 2020 – All rights reserved
© IEEE 2020 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC/IEEE 24748-3:2020(E)

6.4.13 Maintenance process .................................................................................................................................................59

6.4.14 Disposal process ............................................................................................................................................................61

Annex A (informative) Tailoring process ......................................................................................................................................................62

Bibliography .............................................................................................................................................................................................................................64

IEEE notices and abstract ............................................................................................................................................................................................67

© ISO/IEC 2020 – All rights reserved
iv © IEEE 2020 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC/IEEE 24748-3:2020(E)
Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical

Commission) form the specialized system for worldwide standardization. National bodies that are

members of ISO or IEC participate in the development of International Standards through technical

committees established by the respective organization to deal with particular fields of technical

activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international

organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the

work. In the field of information technology, ISO and IEC have established a joint technical committee,

ISO/IEC JTC 1.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for

the different types of document should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

IEEE Standards documents are developed within the IEEE Societies and the Standards Coordinating

Committees of the IEEE Standards Association (IEEE-SA) Standards Board. The IEEE develops its

standards through a consensus development process, approved by the American National Standards

Institute, which brings together volunteers representing varied viewpoints and interests to achieve the

final product. Volunteers are not necessarily members of the Institute and serve without compensation.

While the IEEE administers the process and establishes rules to promote fairness in the consensus

development process, the IEEE does not independently evaluate, test, or verify the accuracy of any of

the information contained in its standards.

Attention is drawn to the possibility that some of the elements of this document may be the subject

of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent

rights. Details of any patent rights identified during the development of the document will be in the

Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation on the meaning of ISO specific terms and expressions related to conformity

assessment, as well as information about ISO's adherence to the World Trade Organization (WTO)

principles in the Technical Barriers to Trade (TBT) see www .iso .org/ iso/ foreword .html.

This document was prepared by ISO/IEC JTC 1, Information technology, SC 7, Systems and software

engineering, in cooperation with the Systems and Software Engineering Standards Committee of the

IEEE Computer Society, under the Partner Standards Development Organization cooperation agreement

between ISO and IEEE.

This document cancels and replaces ISO/IEC TR 24748-3:2011, which has been technically revised.

The main changes compared to ISO/IEC TR 24748-3:2011 are as follows:
— revised presentation of concepts, consistent with ISO/IEC/IEEE 12207:2017;

— completely updated presentation of guidance for each life cycle process, including aspects of

purpose; outcomes and outputs; activities, tasks, and approaches;
— identified closely related processes;

— identified related international standards for each process, which offer more detailed requirements

and guidance.

A list of all parts in the ISO/IEC/IEEE 24748 series can be found on the ISO website.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO/IEC 2020 – All rights reserved
© IEEE 2020 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO/IEC/IEEE 24748-3:2020(E)
Introduction

The purpose of this document is to provide guidance on the application of the software life cycle

processes standard, ISO/IEC/IEEE 12207:2017. Taken together, the parts of the ISO/IEC/IEEE 24748

series are intended to facilitate the joint usage of the process content of the two high-level life

cycle process standards (ISO/IEC/IEEE 12207:2017 and ISO/IEC/IEEE 15288:2015), which in turn

may be used together with various more specialized lower-level process standards. In this way,

ISO/IEC/IEEE 24748 (all parts) provides unified and consolidated guidance on the life cycle management

of systems and software engineering. Its purpose is to help ensure consistency in system concepts and

life cycle concepts, models, stages, processes, process application, key points of view, adaptation and

use in various domains as the two standards (and others) are used in combination. It should help an

organization to design, develop, and sustain software systems using a life cycle model.

ISO/IEC/IEEE 24748-1 provides guidance for the concepts of life cycle management applicable to

both systems and software engineering. It covers fundamental concepts such as system-of-interest,

stages, processes, projects, and organizations. This document focuses on and expands the coverage

of those aspects and processes most relevant to software systems. A companion guidance document,

ISO/IEC/IEEE 24748-2, provides similar guidance for the application of ISO/IEC/IEEE 15288:2015.

In conjunction with ISO/IEC/IEEE 24748-1, this document aids in identifying and planning the use of the

life cycle processes described in ISO/IEC/IEEE 12207:2017. Since in many respects the Organizational

Project Enabling processes and the Technical Management processes are quite similar for software

systems to those used for any type of system, this document concentrates on specific guidance

for the Technical processes and how they can be effectively used during the software life cycle.

ISO/IEC/IEEE 24748-5 focuses on the Technical Management processes, especially Project Planning

and Project Assessment and Control, as applied to software projects. The proper use of these processes

can contribute to a project being completed successfully, meeting its objectives and requirements for

each stage and for the overall project.

This document elaborates on factors, 'best-practice' or typical approaches and methods that should be

considered when applying ISO/IEC/IEEE 12207:2017. It does this in the context of the various ways in

which ISO/IEC/IEEE 12207:2017 can be applied. It is intended to be useful in a variety of software life

cycle situations, including the use of agile methods, which are the most widely used on all types and

sizes of projects.
© ISO/IEC 2020 – All rights reserved
vi © IEEE 2020 – All rights reserved
---------------------- Page: 6 ----------------------
INTERNATIONAL STANDARD ISO/IEC/IEEE 24748-3:2020(E)
Systems and software engineering — Life cycle
management —
Part 3:
Guidelines for the application of ISO/IEC/IEEE 12207
(software life cycle processes)
1 Scope

This document is a guideline for the application of ISO/IEC/IEEE 12207:2017. This document establishes

guidance to implement a common framework for software life cycle processes, with well-defined

terminology, that can be referenced by the software industry. This document provides guidance on

defining, controlling, and improving software life cycle processes within an organization or a project.

This document recommends methods and approaches suitable for a variety of life cycle models. The

guidance emphasizes the importance of establishing a strategy, planning, and the involvement of

stakeholders, with the ultimate goal of achieving customer satisfaction.

This document applies to the acquisition, supply, design and development, transition, operation,

maintenance, and disposal (whether performed internally or externally to an organization) of software

systems, products, and services (including software as a service (SaaS)), and the software portion of

any system. Software includes the software portion of firmware. The guidance on processes, activities,

and tasks in this document can also be applied during the acquisition of a system that contains software.

The guidance in this document can also be used as a basis for selecting, establishing, and improving

organizational environments, e.g., methods, procedures, techniques, tools, and trained personnel.

In the context of this document, there is a continuum of human-made systems from those that use little

or no software to those in which software is the primary interest. It is rare to encounter a complex

system without software, and all software systems require physical system components (hardware)

to operate, either as part of the software system-of-interest (SoI) or as an enabling system or

infrastructure. Thus, the choice of whether to apply this document for guidance to the software life

cycle processes, or ISO/IEC/IEEE 24748-2, depends on the SoI. At a high level, both documents have the

same life cycle process framework, but differ in guidance for activities and tasks to perform software

engineering or systems engineering, respectively.

The processes and process groups in this document are identical in their purpose and outcomes with

those in ISO/IEC/IEEE 12207:2017 and in ISO/IEC/IEEE 15288:2015, with one exception: the System/

Software Requirements Definition process of ISO/IEC/IEEE 12207:2017 and this document has a

different name from the System Requirements Definition process of ISO/IEC/IEEE 15288:2015.

Use of the guidance in this document is appropriate regardless of software system size or complexity or

organizational size. The process outcomes from the ISO/IEC/IEEE 12207:2017 life cycle processes are

meant to be generic and applicable to the engineering of any software system in any size organization.

This document does not prescribe nor detail a specific software life cycle model, development

methodology, method, modelling approach, or technique and method. The variety of ways for

implementing software (e.g., development of new code, integration of existing open source components

and commercial products, or modifications to existing software, including transition to new platforms)

make it impossible to detail specific procedures.

This document does not establish a management system or provide guidance on the use of any

management system standard. However, it is intended to be compatible with the quality management

system specified by ISO 9001, the service management system specified by ISO/IEC 20000-1, the

© ISO/IEC 2020 – All rights reserved
© IEEE 2020 – All rights reserved 1
---------------------- Page: 7 ----------------------
ISO/IEC/IEEE 24748-3:2020(E)

IT asset management system specified by ISO/IEC 19770 (all parts), and the information security

management system specified by ISO/IEC 27000.

Clause 6 provides guidance on aspects of purposes, outcomes, activities, and tasks in

ISO/IEC/IEEE 12207:2017. However, this document does not repeat the detailed requirements and

recommendations for purposes, outcomes, activities, and tasks for each life cycle process found in

ISO/IEC/IEEE 12207:2017. Clause 6 also provides references to specialized standards that provide more

detailed requirements and guidance for the various processes and information products (information

items). This document does not detail information items (process inputs and outputs) in terms of name,

format, explicit content and recording media.

NOTE ISO/IEC/IEEE 15289 addresses the content for life cycle process information items (documentation).

2 Normative references
There are no normative references in this document.
3 Terms, definitions, and abbreviated terms
3.1 Terms and definitions
No terms and definitions are listed in this document.

ISO, IEC, and IEEE maintain terminological databases for use in standardization at the following

addresses:
— ISO Online browsing platform: available at https:// www .iso .org/
— IEC Electropedia: available at http:// www .electropedia .org/
— IEEE Standards Dictionary Online: available at: http:// dictionary .ieee .org

NOTE For additional terms and definitions in the field of systems and software engineering, see

ISO/IEC/IEEE 24765, which is published periodically as a “snapshot” of the SEVOCAB (Systems and software

Engineering Vocabulary) database and is publicly accessible at www .computer .org/ sevocab.

3.2 Abbreviated terms
API application program interface
CM configuration management
COTS commercial-off-the-shelf
FCA functional configuration audit
IDEF Integration DEFinition
MOE measure of effectiveness
MOP measure of performance
NDI non-developmental item
PCA physical configuration audit
PII personally identifiable information
PRM process reference model
© ISO/IEC 2020 – All rights reserved
2 © IEEE 2020 – All rights reserved
---------------------- Page: 8 ----------------------
ISO/IEC/IEEE 24748-3:2020(E)
QA quality assurance
QM quality management
SaaS software as a service
SME subject matter expert
SoI system-of-interest
SoS system of systems
TPM technical performance measure
V&V validation and verification
VSE very small entity
WBS work breakdown structure
4 Concepts for software and software systems
4.1 General

This clause is included to help explain essential concepts as applicable to software and software

systems. While understanding concepts does not give the ability to immediately apply them without

further thought and work, it is the foundation for their practical use in different project, organizational

and life cycle environments.
4.2 Software system concepts

The application of ISO/IEC/IEEE 12207:2017 presupposes an understanding of system concepts. A

system is a combination of interacting elements organized to achieve one or more stated purposes.

Software is the subsystems or elements of a system consisting of computer programs, related

procedures, associated documentation, and data pertaining to the operation of the subsystem or

element. Software occurs in most systems, even if it is not the predominant element of interest as it is in

a software system.

For the purposes of this document, software systems are considered as created by humans and utilized

to provide services in defined environments for the benefit of users and other stakeholders. These

systems may be configured with one or more of the following: hardware, software, services, humans,

processes (e.g. review process), procedures (e.g. operator instructions), facilities, and naturally

occurring entities (e.g. water, organisms, minerals). A system may be considered as a product or as

the services it provides. A system element is a member of a set of elements that constitutes a system. A

system element is a discrete part of a system that can be implemented to fulfil specified requirements.

NOTE 1 Additional discussion regarding systems, systems of systems, and system structure, is provided in

ISO/IEC/IEEE 24748-1. ISO/IEC/IEEE 24748-2 provides more information on concepts related to system life cycle

management.

System concepts are directly applicable to software systems. An underlying principle of

ISO/IEC/IEEE 12207:2017 is that software engineering applies similar processes to systems engineering,

but that software is the leading method for system requirements realization. Consequently, processes

are aligned and adapted for methods and approaches relevant for software.

NOTE 2 As applicable to all systems and projects, guidance to concepts is found in ISO/IEC/IEEE 24748-1.

ISO/IEC/IEEE 24748-2 includes guidance more specifically applicable to systems where hardware or other non-

software elements are the primary concern.
© ISO/IEC 2020 – All rights reserved
© IEEE 2020 – All rights reserved 3
---------------------- Page: 9 ----------------------
ISO/IEC/IEEE 24748-3:2020(E)

Typically, the system engineering approach to develop a system design is described as a hierarchical,

top-down process of systematic decomposition of the system into its subsystems and elements

(components). This top-down approach has been traditionally applied to the architecture of software

systems as well, from the top-level system-of-interest down through the lowest system element level of

the software system structure, such as a line of code. However, the malleable, easily refactored nature

of software leads to a different way of considering the software structure. The common practice of

producing a minimum of new code and integrating a software system from available components

(open source modules, application program interfaces (APIs), software services, support software such

as a database management system and a web browser) leads to a more holistic view of its structure.

Software systems include a number of components for processing information that can be directly or

indirectly related to the software functions and requirements. In compartmentalized software, often

none of the sub-systems or components can be considered "top-level" in a hierarchy. Traceability of a

high-level stakeholder requirement to each specific subsystem can be difficult.

Characteristic properties at the boundary of a SoI arise from the interactions between subordinate

systems. Whatever the boundaries chosen to define the software system, the concepts and models in

this document are generic and permit a practitioner to correlate or adapt individual instances of life

cycles to its software concepts and principles.

Enabling systems are required for each life cycle process and are typically integrated as an

infrastructure for concurrent performance of multiple development, test, and operational processes.

Enabling systems are deployed throughout the software life cycle to provide the SoI with support as

needed. Each life cycle sta
...

FINAL
INTERNATIONAL ISO/IEC/
DRAFT
STANDARD IEEE/FDIS
24748-3
ISO/IEC JTC 1/SC 7
Systems and software engineering —
Secretariat: BIS
Life cycle management —
Voting begins on:
2020-04-08
Part 3:
Voting terminates on:
Guidelines for the application of ISO/
2020-06-03
IEC/IEEE 12207 (software life cycle
processes)
Ingénierie des systèmes et du logiciel — Gestion du cycle de vie —
Partie 3: Lignes directrices pour l'application de l' ISO/CEI/IEEE
12207 (processus du cycle de vie du logiciel)
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
ISO/IEC/IEEE/FDIS 24748-3:2020(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
ISO/IEC 2020
DARDS TO WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS. IEEE 2020
---------------------- Page: 1 ----------------------
ISO/IEC/IEEE/FDIS 24748-3:2020(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2020
© IEEE 2020

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO or IEEE at the

respective address below or ISO’s member body in the country of the requester.
ISO copyright office Institute of Electrical and Electronics Engineers, Inc
CP 401 • Ch. de Blandonnet 8 3 Park Avenue, New York
CH-1214 Vernier, Geneva NY 10016-5997, USA
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org Email: stds.ipr@ieee.org
Website: www.iso.org Website: www.ieee.org
Published in Switzerland
© ISO/IEC 2020 – All rights reserved
ii © IEEE 2020 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC/IEEE/FDIS 24748-3:2020(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 2

3 Terms, definitions, and abbreviated terms ............................................................................................................................... 2

3.1 Terms and definitions ....................................................................................................................................................................... 2

3.2 Abbreviated terms ............................................................................................................................................................................... 2

4 Concepts for software and software systems .......................................................................................................................... 3

4.1 General ........................................................................................................................................................................................................... 3

4.2 Software system concepts ............................................................................................................................................................. 3

4.3 Organizational concepts ................................................................................................................................................................. 4

4.4 Project concepts ..................................................................................................................................................................................... 6

5 Process and life cycle concepts .............................................................................................................................................................. 8

5.1 Process concepts ................................................................................................................................................................................... 8

5.2 Life cycle concepts ............................................................................................................................................................................10

5.2.1 Life cycle stages..............................................................................................................................................................10

5.2.2 Interrelationships of software processes and stages ....................................................................11

5.2.3 Life cycle process models for software systems ................................................................................12

5.3 Process groups .....................................................................................................................................................................................16

6 Software life cycle processes .................................................................................................................................................................17

6.1 Agreement processes .....................................................................................................................................................................17

6.1.1 Acquisition process ....................................................................................................................................................17

6.1.2 Supply process ................................................................................................................................................................20

6.2 Organizational project-enabling processes .................................................................................................................21

6.2.1 Life cycle model management process ......................................................................................................21

6.2.2 Infrastructure Management process ...........................................................................................................22

6.2.3 Portfolio Management process .........................................................................................................................24

6.2.4 Human Resource Management process ....................................................................................................24

6.2.5 Quality Management process .............................................................................................................................25

6.2.6 Knowledge Management process...................................................................................................................26

6.3 Technical Management processes .......................................................................................................................................27

6.3.1 Project Planning process........................................................................................................................................27

6.3.2 Project assessment and control process ..................................................................................................28

6.3.3 Decision Management process .........................................................................................................................31

6.3.4 Risk Management process ....................................................................................................................................32

6.3.5 Configuration Management process ............................................................................................................34

6.3.6 Information Management process ................................................................................................................35

6.3.7 Measurement process ..............................................................................................................................................36

6.3.8 Quality Assurance process ...................................................................................................................................38

6.4 Technical processes .........................................................................................................................................................................39

6.4.1 Business or Mission Analysis process ........................................................................................................39

6.4.2 Stakeholder Needs and Requirements Definition process .......................................................40

6.4.3 System/Software requirements definition process ........................................................................41

6.4.4 Architecture Definition process .......................................................................................................................43

6.4.5 Design Definition process .....................................................................................................................................47

6.4.6 System Analysis process .........................................................................................................................................49

6.4.7 Implementation process ........................................................................................................................................50

6.4.8 Integration process .....................................................................................................................................................52

6.4.9 Verification process ....................................................................................................................................................53

6.4.10 Transition process .......................................................................................................................................................55

6.4.11 Validation process .................. .................................................... ..................................................................................57

6.4.12 Operation process ........................................................................................................................................................58

© ISO/IEC 2020 – All rights reserved
© IEEE 2020 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC/IEEE/FDIS 24748-3:2020(E)

6.4.13 Maintenance process .................................................................................................................................................59

6.4.14 Disposal process ............................................................................................................................................................61

Annex A (informative) Tailoring process ......................................................................................................................................................62

Bibliography .............................................................................................................................................................................................................................64

IEEE notices and abstract ............................................................................................................................................................................................67

© ISO/IEC 2020 – All rights reserved
iv © IEEE 2020 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC/IEEE/FDIS 24748-3:2020(E)
Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical

Commission) form the specialized system for worldwide standardization. National bodies that are

members of ISO or IEC participate in the development of International Standards through technical

committees established by the respective organization to deal with particular fields of technical

activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international

organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the

work. In the field of information technology, ISO and IEC have established a joint technical committee,

ISO/IEC JTC 1.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for

the different types of document should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

IEEE Standards documents are developed within the IEEE Societies and the Standards Coordinating

Committees of the IEEE Standards Association (IEEE-SA) Standards Board. The IEEE develops its

standards through a consensus development process, approved by the American National Standards

Institute, which brings together volunteers representing varied viewpoints and interests to achieve the

final product. Volunteers are not necessarily members of the Institute and serve without compensation.

While the IEEE administers the process and establishes rules to promote fairness in the consensus

development process, the IEEE does not independently evaluate, test, or verify the accuracy of any of

the information contained in its standards.

Attention is drawn to the possibility that some of the elements of this document may be the subject

of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent

rights. Details of any patent rights identified during the development of the document will be in the

Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation on the meaning of ISO specific terms and expressions related to conformity

assessment, as well as information about ISO's adherence to the World Trade Organization (WTO)

principles in the Technical Barriers to Trade (TBT) see www .iso .org/ iso/ foreword .html.

This document was prepared by ISO/IEC JTC 1, Information technology, SC 7, Systems and software

engineering, in cooperation with the Systems and Software Engineering Standards Committee of the

IEEE Computer Society, under the Partner Standards Development Organization cooperation agreement

between ISO and IEEE.

This document cancels and replaces ISO/IEC TR 24748-3:2011, which has been technically revised.

The main changes compared to ISO/IEC TR 24748-3:2011 are as follows:
— revised presentation of concepts, consistent with ISO/IEC/IEEE 12207:2017;

— completely updated presentation of guidance for each life cycle process, including aspects of

purpose; outcomes and outputs; activities, tasks, and approaches;
— identified closely related processes;

— identified related international standards for each process, which offer more detailed requirements

and guidance.

A list of all parts in the ISO/IEC/IEEE 24748 series can be found on the ISO website.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO/IEC ISO pub-date year – All rights reserved
© IEEE 2020 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO/IEC/IEEE/FDIS 24748-3:2020(E)
Introduction

The purpose of this document is to provide guidance on the application of the software life cycle

processes standard, ISO/IEC/IEEE 12207. Taken together, the parts of the ISO/IEC/IEEE 24748 series

are intended to facilitate the joint usage of the process content of the two high-level life cycle process

standards (ISO/IEC/IEEE 12207 and ISO/IEC/IEEE 15288), which in turn may be used together with

various more specialized lower-level process standards. In this way, ISO/IEC/IEEE 24748 (all parts)

provides unified and consolidated guidance on the life cycle management of systems and software

engineering. Its purpose is to help ensure consistency in system concepts and life cycle concepts, models,

stages, processes, process application, key points of view, adaptation and use in various domains as the

two standards (and others) are used in combination. It should help an organization to design, develop,

and sustain software systems using a life cycle model.

ISO/IEC/IEEE 24748-1 provides guidance for the concepts of life cycle management applicable to

both systems and software engineering. It covers fundamental concepts such as system-of-interest,

stages, processes, projects, and organizations. This document focuses on and expands the coverage

of those aspects and processes most relevant to software systems. A companion guidance document,

ISO/IEC/IEEE 24748-2, provides similar guidance for the application of ISO/IEC/IEEE 15288:2015.

In conjunction with ISO/IEC/IEEE 24748-1, this document aids in identifying and planning the use of the

life cycle processes described in ISO/IEC/IEEE 12207:2017. Since in many respects the Organizational

Project Enabling processes and the Technical Management processes are quite similar for software

systems to those used for any type of system, this document concentrates on specific guidance

for the Technical processes and how they can be effectively used during the software life cycle.

ISO/IEC/IEEE 24748-5 focuses on the Technical Management processes, especially Project Planning

and Project Assessment and Control, as applied to software projects. The proper use of these processes

can contribute to a project being completed successfully, meeting its objectives and requirements for

each stage and for the overall project.

This document elaborates on factors, 'best-practice' or typical approaches and methods that should be

considered when applying ISO/IEC/IEEE 12207:2017. It does this in the context of the various ways in

which ISO/IEC/IEEE 12207:2017 can be applied. It is intended to be useful in a variety of software life

cycle situations, including the use of agile methods, which are the most widely used on all types and

sizes of projects.
© ISO/IEC ISO pub-date year – All rights reserved
vi © IEEE 2020 – All rights reserved
---------------------- Page: 6 ----------------------
FINAL DRAFT INTERNATIONAL STANDARD ISO/IEC/IEEE/FDIS 24748-3:2020(E)
Systems and software engineering — Life cycle
management —
Part 3:
Guidelines for the application of ISO/IEC/IEEE 12207
(software life cycle processes)
1 Scope

This document is a guideline for the application of ISO/IEC/IEEE 12207:2017. This document establishes

guidance to implement a common framework for software life cycle processes, with well-defined

terminology, that can be referenced by the software industry. This document provides guidance on

defining, controlling, and improving software life cycle processes within an organization or a project.

This document recommends methods and approaches suitable for a variety of life cycle models. The

guidance emphasizes the importance of establishing a strategy, planning, and the involvement of

stakeholders, with the ultimate goal of achieving customer satisfaction.

This document applies to the acquisition, supply, design and development, transition, operation,

maintenance, and disposal (whether performed internally or externally to an organization) of software

systems, products, and services (including software as a service (SaaS)), and the software portion of

any system. Software includes the software portion of firmware. The guidance on processes, activities,

and tasks in this document can also be applied during the acquisition of a system that contains software.

The guidance in this document can also be used as a basis for selecting, establishing, and improving

organizational environments, e.g., methods, procedures, techniques, tools, and trained personnel.

In the context of this document, there is a continuum of human-made systems from those that use little

or no software to those in which software is the primary interest. It is rare to encounter a complex

system without software, and all software systems require physical system components (hardware) to

operate, either as part of the software system of interest (SoI) or as an enabling system or infrastructure.

Thus, the choice of whether to apply this document for guidance to the software life cycle processes, or

ISO/IEC/IEEE 24748-2, depends on the SoI. At a high level, both documents have the same life cycle

process framework, but differ in guidance for activities and tasks to perform software engineering or

systems engineering, respectively.

The processes and process groups in this document are identical in their purpose and outcomes with

those in ISO/IEC/IEEE 12207:2017 and in ISO/IEC/IEEE 15288:2015, with one exception: the System/

Software Requirements Definition process of ISO/IEC/IEEE 12207:2017 and this document has a

different name from the System Requirements Definition process of ISO/IEC/IEEE 15288:2015.

Use of the guidance in this document is appropriate regardless of software system size or complexity or

organizational size. The process outcomes from the ISO/IEC/IEEE 12207:2017 life cycle processes are

meant to be generic and applicable to the engineering of any software system in any size organization.

This document does not prescribe nor detail a specific software life cycle model, development

methodology, method, modelling approach, or technique and method. The variety of ways for

implementing software (e.g., development of new code, integration of existing open source components

and commercial products, or modifications to existing software, including transition to new platforms)

make it impossible to detail specific procedures.

This document does not establish a management system or provide guidance on the use of any

management system standard. However, it is intended to be compatible with the quality management

system specified by ISO 9001, the service management system specified by ISO/IEC 20000-1, the

© ISO/IEC ISO pub-date year – All rights reserved
© IEEE 2020 – All rights reserved 1
---------------------- Page: 7 ----------------------
ISO/IEC/IEEE/FDIS 24748-3:2020(E)

IT asset management system specified by ISO/IEC 19770 (all parts), and the information security

management system specified by ISO/IEC 27000.

Clause 6 provides guidance on aspects of purposes, outcomes, activities, and tasks in

ISO/IEC/IEEE 12207:2017. However, this document does not repeat the detailed requirements and

recommendations for purposes, outcomes, activities, and tasks for each life cycle process found in

ISO/IEC/IEEE 12207:2017. Clause 6 also provides references to specialized standards that provide more

detailed requirements and guidance for the various processes and information products (information

items). This document does not detail information items (process inputs and outputs) in terms of name,

format, explicit content and recording media.

NOTE ISO/IEC/IEEE 15289 addresses the content for life cycle process information items (documentation).

2 Normative references
There are no normative references in this document.
3 Terms, definitions, and abbreviated terms
3.1 Terms and definitions
No terms and definitions are listed in this document.

ISO, IEC, and IEEE maintain terminological databases for use in standardization at the following

addresses:
— ISO Online browsing platform: available at https:// www .iso .org/
— IEC Electropedia: available at http:// www .electropedia .org/
— IEEE Standards Dictionary Online: available at: http:// dictionary .ieee .org

NOTE For additional terms and definitions in the field of systems and software engineering, see

ISO/IEC/IEEE 24765, which is published periodically as a “snapshot” of the SEVOCAB (Systems and software

Engineering Vocabulary) database and is publicly accessible at www .computer .org/ sevocab.

3.2 Abbreviated terms
API application program interface
CM configuration management
COTS commercial-off-the-shelf
FCA functional configuration audit
IDEF Integration DEFinition
MOE measure of effectiveness
MOP measure of performance
NDI non-developmental item
PCA physical configuration audit
PII personally identifiable information
PRM process reference model
© ISO/IEC ISO pub-date year – All rights reserved
2 © IEEE 2020 – All rights reserved
---------------------- Page: 8 ----------------------
ISO/IEC/IEEE/FDIS 24748-3:2020(E)
QA quality assurance
QM quality management
SaaS software as a service
SME subject matter expert
SoI system of interest
SoS system of systems
TPM technical performance measure
V&V validation and verification
VSE very small entity
WBS work breakdown structure
4 Concepts for software and software systems
4.1 General

This clause is included to help explain essential concepts as applicable to software and software

systems. While understanding concepts does not give the ability to immediately apply them without

further thought and work, it is the foundation for their practical use in different project, organizational

and life cycle environments.
4.2 Software system concepts

The application of ISO/IEC/IEEE 12207:2017 presupposes an understanding of system concepts. A

system is a combination of interacting elements organized to achieve one or more stated purposes.

Software is the subsystems or elements of a system consisting of computer programs, related

procedures, associated documentation, and data pertaining to the operation of the subsystem or

element. Software occurs in most systems, even if it is not the predominant element of interest as it is in

a software system.

For the purposes of this document, software systems are considered as created by humans and utilized

to provide services in defined environments for the benefit of users and other stakeholders. These

systems may be configured with one or more of the following: hardware, software, services, humans,

processes (e.g. review process), procedures (e.g. operator instructions), facilities, and naturally

occurring entities (e.g. water, organisms, minerals). A system may be considered as a product or as

the services it provides. A system element is a member of a set of elements that constitutes a system. A

system element is a discrete part of a system that can be implemented to fulfil specified requirements.

NOTE 1 Additional discussion regarding systems, systems of systems, and system structure, is provided in

ISO/IEC/IEEE 24748-1. ISO/IEC/IEEE 24748-2 provides more information on concepts related to system life cycle

management.

System concepts are directly applicable to software systems. An underlying principle of

ISO/IEC/IEEE 12207:2017 is that software engineering applies similar processes to systems engineering,

but that software is the leading method for system requirements realization. Consequently, processes

are aligned and adapted for methods and approaches relevant for software.

NOTE 2 As applicable to all systems and projects, guidance to concepts is found in ISO/IEC/IEEE 24748-1.

ISO/IEC/IEEE 24748-2 includes guidance more specifically applicable to systems where hardware or other non-

software elements are the primary concern.
© ISO/IEC ISO pub-date year – All rights reserved
© IEEE 2020 – All rights reserved 3
---------------------- Page: 9 ----------------------
ISO/IEC/IEEE/FDIS 24748-3:2020(E)

Typically, the system engineering approach to develop a system design is described as a hierarchical,

top-down process of systematic decomposition of the system into its subsystems and elements

(components). This top-down approach has been traditionally applied to the architecture of software

systems as well, from the top-level system-of-interest down through the lowest system element level of

the software system structure, such as a line of code. However, the malleable, easily refactored nature

of software leads to a different way of considering the software structure. The common practice of

producing a minimum of new code and integrating a software system from available components

(open source modules, application program interfaces (APIs), software services, support software such

as a database management system and a web browser) leads to a more holistic view of its structure.

Software systems include a number of components for processing information that can be directly or

indirectly related to the software functions and requirements. In compartmentalized software, often

none of the sub-systems or components can be considered "top-level" in a hierarchy. Traceability of a

high-level stakeholder requirement to eac
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.