Quality Management Systems - Requirements for Aviation, Space and Defense Organizations - Deliverable Software (Supplement to EN 9100)

The requirements of EN 9100 apply with the following clarification for software.
This European standard supplements the EN 9100 standard requirements for deliverable software and
contains quality management system requirements for organizations that design, develop, and/or
produce deliverable software and services for the aviation, space, and defence industry. This includes,
as required, support software that is used in the development and maintenance of deliverable software
and services. The deliverable software may be stand-alone, embedded, mobile application, or loadable
into a target computer
This deliverable software may also be part of services (e.g., cloud environment, web hosted solutions or
platforms).
Where the use of Hardware Description Language (HDL) or high order language is utilized as the design
source of electronic hardware [e.g., Application Specific Integrated Circuit (ASIC), Programmable Logic
Device (PLD)]; the organization and customer, and/or supplier shall agree on the extent of applicability
of this supplement.
NOTE For airborne electronic hardware guidance, see RTCA/DO-254 or EUROCAE ED-80. For operations
requirements, see EN 9100, clause 8.
Where Commercial-Off-The-Shelf (COTS) or non-developmental software is integrated into a
deliverable product, the organization and customer shall agree on the extent of applicability of this
supplement.
For the purposes of this document, the terms “product” and “software product” are considered
synonymous.
For the purposes of this document, the term “services” may be considered a product.

Qualitätsmanagementsysteme - Anforderungen an Organisationen der Luftfahrt, Raumfahrt und Verteidigung - Mitgelieferte Software (Ergänzung zu EN 9100)

Systèmes de management de la Qualité - Exigences pour les Organisations de l'Aéronautique, l'Espace et la Défense - Logiciel livrable (Supplément à l'EN 9100)

Sistemi vodenja kakovosti - Zahteve za organizacije za zračni promet, astronavtiko in obrambo - Dobavljivost programske opreme (dopolnilo k EN 9100)

Zahteve EN 9100 se uporabljajo z naslednjimi pojasnitvami za programsko opremo.
Ta evropski standard dopolnjuje zahteve standarda EN 9100 za dobavljivo programsko opremo in vsebuje zahteve sistema vodenja kakovosti za organizacije, ki oblikujejo, razvijajo in/ali proizvajajo dobavljivo programsko opremo in storitve za letalsko, vesoljsko in obrambno industrijo. To po potrebi vključuje podporno programsko opremo, ki se uporablja pri razvijanju in vzdrževanju dobavljive programske opreme in storitev. Dobavljiva programska oprema je lahko samostojna, vdelana, mobilna aplikacija ali pa jo je možno naložiti v ciljni računalnik. Ta dobavljiva programska oprema je lahko del storitev (npr., v oblaku, spletne rešitve ali platforme).
Kjer se uporaba opisnega jezika za strojno opremo (HDL) ali jezika visokega razreda uporablja kot vir oblikovanja elektronske strojne opreme (npr. integrirana vezja za določen namen (ASIC), logična naprava z možnostjo programiranja (PLD)), se morata organizacija in potrošnik in/ali dobavitelj strinjati o obsegu uporabnosti tega dodatka.
OPOMBA Za smernice glede elektronske opreme v zraku glejte RTCA/DO-254 ali EUROCAE ED-80. Za zahteve za obratovanje glejte standard EN 9100, točka 8.
Kjer je v dobavljivi izdelek vdelana kupljena komercialna (COTS) ali nerazvojna programska oprema, se morata organizacija in potrošnik strinjati o obsegu uporabnosti tega dodatka.
Za namene tega dokumenta sta izraza »izdelek« in »programski izdelek« enakovredna.
V tem dokumentu izraz »storitve« lahko pomeni izdelek.

General Information

Status
Published
Publication Date
04-Sep-2018
Technical Committee
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
26-Jul-2018
Due Date
30-Sep-2018
Completion Date
05-Sep-2018

Relations

Buy Standard

Standard
EN 9115:2018 - BARVE
English language
27 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN 9115:2018
01-oktober-2018
1DGRPHãþD
SIST EN 9115:2013
6LVWHPLYRGHQMDNDNRYRVWL=DKWHYH]DRUJDQL]DFLMH]D]UDþQLSURPHWDVWURQDYWLNR
LQREUDPER'REDYOMLYRVWSURJUDPVNHRSUHPH GRSROQLORN(1
Quality Management Systems - Requirements for Aviation, Space and Defense
Organizations - Deliverable Software (Supplement to EN 9100)
Qualitätsmanagementsysteme - Anforderungen an Organisationen der Luftfahrt,
Raumfahrt und Verteidigung - Mitgelieferte Software (Ergänzung zu EN 9100)
Systèmes de management de la Qualité - Exigences pour les Organisations de
l'Aéronautique, l'Espace et la Défense - Logiciel livrable (Supplément à l'EN 9100)
Ta slovenski standard je istoveten z: EN 9115:2018
ICS:
03.100.70 Sistemi vodenja Management systems
03.120.10 Vodenje in zagotavljanje Quality management and
kakovosti quality assurance
49.020 Letala in vesoljska vozila na Aircraft and space vehicles in
splošno general
95.020 Vojaštvo na splošno Military in general
SIST EN 9115:2018 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST EN 9115:2018

---------------------- Page: 2 ----------------------

SIST EN 9115:2018


EN 9115
EUROPEAN STANDARD

NORME EUROPÉENNE

July 2018
EUROPÄISCHE NORM
ICS 03.100.70; 03.120.10; 35.080; 49.020 Supersedes EN 9115:2013
English Version

Quality Management Systems - Requirements for Aviation,
Space and Defense Organizations - Deliverable Software
(Supplement to EN 9100)
Systèmes de management de la Qualité - Exigences Qualitätsmanagementsysteme - Anforderungen an
pour les Organisations de l'Aéronautique, l'Espace et la Organisationen der Luftfahrt, Raumfahrt und
Défense - Logiciel livrable (Supplément à l'EN 9100) Verteidigung - Mitgelieferte Software (Ergänzung zu
EN 9100)
This European Standard was approved by CEN on 28 March 2018.

CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this
European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references
concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN
member.

This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management
Centre has the same status as the official versions.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and United Kingdom.





EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2018 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN 9115:2018 E
worldwide for CEN national Members.

---------------------- Page: 3 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
Contents
Page
European foreword . 3
Rationale . 4
Foreword . 4
Intended Application . 4
0 Introduction . 5
1 Scope . 6
2 Normative references . 6
3 Terms and definitions . 6
4 Context of the organization . 11
5 Leadership . 12
6 Planning . 12
7 Support . 12
8 Operation . 14
9 Performance evaluation . 25
10 Improvement . 26
Bibliography . 27

2

---------------------- Page: 4 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
European foreword
This document (EN 9115:2018) has been prepared by the Aerospace and Defence Industries
Association of Europe - Standardization (ASD-STAN).
After enquiries and votes carried out in accordance with the rules of this Association, this Standard has
received the approval of the National Associations and the Official Services of the member countries of
ASD, prior to its presentation to CEN.
This European Standard shall be given the status of a national standard, either by publication of an
identical text or by endorsement, at the latest by January 2019, and conflicting national standards shall
be withdrawn at the latest by January 2019.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN shall not be held responsible for identifying any or all such patent rights.
This document supersedes EN 9115:2013.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia,
France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta,
Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.
3

---------------------- Page: 5 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
Rationale
This European standard supersedes the initial release of prEN 9115 published in April 2010. This
European standard has been revised to incorporate the new clause structure and content of
EN ISO 9001:2015. In addition, industry requirements, definitions, and notes have been revised in
response to EN ISO 9001:2015 and EN 9100:2016 revisions and stakeholder needs.
This is the second revision of EN 9115 which is an international supplement to EN 9100 providing
clarification of the corresponding EN 9100 requirements, as necessary, for deliverable software. In
some cases, where clarification is needed, it was necessary due to the complexity of software to
decompose “shall” statements in EN 9100 into more granular requirements. Where no software
clarification is required of the EN 9100 requirements, the following phrase is presented: “The
requirements of EN 9100 apply. No clarification required for software.”
NOTE This document must be used in conjunction with EN 9100:2016; references throughout the text to
EN 9100 are understood to mean EN 9100:2016.
Foreword
This document standardizes, to the greatest extent possible, the software quality management system
requirements for the aviation, space, and defence industry. This was accomplished through the
harmonization of quality management system requirements from international aviation, space, and
defence software standards and other applicable documents and good practice. The establishment of
common requirements for use at all levels of the supply-chain by organizations around the world
should result in improved quality, schedule, and cost performance by the reduction or elimination of
organization unique requirements and wider application of good practice.
Intended Application
The requirements of EN 9100 apply with the following clarification for software.
Organizations whose products are deliverable software or contain deliverable software should use the
supplemental EN 9115 standard when planning and evaluating the software design, development,
release, procurement, and management activities of the organization. The EN 9115 standard provides
guidance to the requirements of EN 9100 when it is desired to add “deliverable software” to the
organization’s EN 9100-registration certificate, and a greater depth of specificity and granularity to the
requirements for assuring that the objectives of EN 9100 will be met for deliverable software.
NOTE This document is independent of the life cycle models (e.g., waterfall, spiral, agile, evolutionary,
incremental) or methodology (e.g., objected oriented design, unified modelling language).
4

---------------------- Page: 6 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
0 Introduction
0.1 General
The requirements of EN 9100 apply. No clarification required for software.
0.2 Quality management principles
The requirements of EN 9100 apply. No clarification required for software.
0.3 Process approach
The requirements of EN 9100 apply. No clarification required for software.
0.3.1 General
The requirements of EN 9100 apply. No clarification required for software.
0.3.2 Plan-do-check-act cycle
The requirements of EN 9100 apply. No clarification required for software.
0.3.3 Risk-based thinking
The requirements of EN 9100 apply. No clarification required for software.
0.4 Relationship with other management system standards
The requirements of EN 9100 apply. No clarification required for software.
5

---------------------- Page: 7 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
1 Scope
The requirements of EN 9100 apply with the following clarification for software.
This European standard supplements the EN 9100 standard requirements for deliverable software and
contains quality management system requirements for organizations that design, develop, and/or
produce deliverable software and services for the aviation, space, and defence industry. This includes,
as required, support software that is used in the development and maintenance of deliverable software
and services. The deliverable software may be stand-alone, embedded, mobile application, or loadable
into a target computer
This deliverable software may also be part of services (e.g., cloud environment, web hosted solutions or
platforms).
Where the use of Hardware Description Language (HDL) or high order language is utilized as the design
source of electronic hardware [e.g., Application Specific Integrated Circuit (ASIC), Programmable Logic
Device (PLD)]; the organization and customer, and/or supplier shall agree on the extent of applicability
of this supplement.
NOTE For airborne electronic hardware guidance, see RTCA/DO-254 or EUROCAE ED-80. For operations
requirements, see EN 9100, clause 8.
Where Commercial-Off-The-Shelf (COTS) or non-developmental software is integrated into a
deliverable product, the organization and customer shall agree on the extent of applicability of this
supplement.
For the purposes of this document, the terms “product” and “software product” are considered
synonymous.
For the purposes of this document, the term “services” may be considered a product.
2 Normative references
The requirements of EN 9100 apply with the following clarification for software.
EN 9100:2016, Quality Management Systems — Requirements for Aviation, Space and Defence
Organizations
NOTE Documents referenced in this European standard, other than the normative references
(i.e., EN ISO 9000, EN ISO 9001, EN 9100), are listed in the supporting bibliographies (see Annex A and Annex B).
For undated references, the latest edition of the referenced document (including any amendments) applies. The
referenced documents are “informative” references; the requirements of these referenced documents do not add
any additional requirements to this European standard.
3 Terms and definitions
For the purposes of this document, the terms and definitions given in EN 9100 and EN ISO 9000 apply.
The following terms and definitions are included to support the understanding of this document.
3.1
baseline
approved, recorded configuration of one or more configuration items that thereafter serves as the basis
for further development, and is changed only through change control documented information
[see RTCA/DO-178 or EUROCAE ED-12]
6

---------------------- Page: 8 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
3.2
Commercial-Off-The-Shelf (COTS) Software
commercially available applications sold by vendors through public catalogue listings. COTS software is
not intended to be customized or enhanced. Contract-negotiated software developed for a specific
application is not COTS software [see RTCA/DO-178 or EUROCAE ED-12]
Note 1 to entry: COTS software is a type of non-developmental software.
3.3
configuration item
one or more hardware/software entities treated as a unit for configuration management purposes or
software life cycle data treated as a unit for configuration management purposes
[SOURCE: RTCA/DO-178 or EUROCAE ED-12, modified]
3.4
critical items
definition in EN 9100, 3.2, applies with the following clarification for software
Critical items in software are those characteristics, requirements, or attributes that have been
determined to be most important to achieve product realization (e.g., safety, maintainability, testability,
usability, performance). For example, in the case of an aircraft’s flight control system software, the
response time could be elevated to a critical item to ensure overall performance characteristics are met;
or if a project has customer specific testability requirements, cyclomatic complexity may become a
critical item.
3.5
Cyclic Redundancy Check
CRC
type of function that takes a data stream of any length as an input and produces a value of a certain
space (commonly a 32-bit integer) as an output. A CRC can be used to detect alteration of data during
transmission or storage
3.6
digital signature
digital signature scheme
type of asymmetric cryptography used to express compliance with the security properties of a
handwritten signature on paper
3.7
Information Assurance
IA
set of activities needed to protect information and information systems by ensuring availability,
integrity, authentication, confidentiality, and non-repudiation including protection, detection, and
reaction capabilities
This includes activities conducted to reduce vulnerability of operational networks, Information
Technology (IT), and computing equipment. Activities may include development of innovative and cost-
effective ways to mitigate those vulnerabilities. IA may include actions to provide assured access, and
transparent identification and authentication across the network or within systems of systems.
See Figure 1 for added clarity of related terms.
7

---------------------- Page: 9 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
d
Figure 1 — Relationship of information assurance, information security and cybersecurity
References:
— Committee on National Security Systems National Information Assurance Glossary, CNSSI
th
Instruction No. 4009 (26 April 2010)
— ISO 27001:2013, Information technology — Security techniques — Information security management
systems — Requirements
— ISO 27002:2013, Information technology — Security techniques — Code of practice for information
security controls
— ISO 27034-1:2011, Information technology — Security techniques — Application security — Part 1:
Overview and concepts
3.8
interested parties
party having a right, share, or claim in a system or in its possession of characteristics that meet that
party’s needs and expectations [see ISO/IEC 12207]
Note 1 to entry: Interested parties include, but are not limited to customers, suppliers, regulatory bodies, and
functional organizations or groups needed to achieve product quality.
8

---------------------- Page: 10 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
3.9
key characteristic
definition in EN 9100, 3.3 applies with the following clarification for software
Key characteristics in software are those measurable attributes where variability can be measured by
the project and can, if left unchecked, adversely impact the project or product in areas (e.g., memory
utilization, response time, functionality, reliability, usability, efficiency, maintainability, portability).
3.10
monitoring
act of witnessing or inspecting selected instances of test, inspections, or other activities, or documented
information of those activities, to assure that the activity is under control and that the reported results
are representative of the expected results. Such activities could be performed and used as evidence for
formal test verification to support conformity, certification, and customer acceptance
Monitoring is usually associated with activities done over an extended period of time where 100 %
witnessing is considered impractical or unnecessary. Monitoring permits authentication that the
claimed activity was performed as planned [see RTCA/DO-178 or EUROCAE ED-12].
3.11
non-developmental software
deliverable software that is not developed under the contract, but is provided by the organization,
customer, or a third party [e.g., reused software, customer furnished software, COTS software,
Government off-the Shelf (GOTS) software, open source software]
3.12
phase
collection of processes, activities, tasks, and outcomes within the software life cycle [see IEEE 24765]
3.13
release
particular version of a configuration item that is made available for a specific purpose (e.g., test release)
[SOURCE: ISO/IEC 12207]
3.14
reliability
probability of failure-free operation of a computer program in a specified environment for a specified
time [based on IEEE 982.1]
Note 1 to entry: Software reliability requirements should consider the level and manner of fault and failure
detection, isolation, fault tolerance, and recovery expected to be fulfilled by the software.
9

---------------------- Page: 11 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
3.15
robustness
extent to which software can continue to operate correctly despite invalid inputs [see RTCA/DO-178 or
EUROCAE ED-12]
Note 1 to entry: Robustness, in the software context, means that the organization has utilized techniques
(e.g., exception handling, redundancy, related verification techniques).
3.16
secure hash algorithm
cryptographic functions that compute a fixed-length digital representation, known as a message digest,
of an input data sequence of any length
3.17
software
computer programs, associated documentation, and data pertaining to the operation of a computer
system
[SOURCE: RTCA/DO-178 or EUROCAE ED-12, modified]
Note 1 to entry: The executable programs and data that are embedded in hardware devices are considered to
be included in this definition (i.e., firmware).
Note 2 to entry: Firmware is the combination of a hardware memory device loaded with computer instructions
and/or digital data that reside as read-only software on a device that a computing system can read. The software
cannot typically be readily modified under program control.
3.18
software life cycle
period of time that begins with the decision to produce or modify software, and ends when the software
product support is no longer required. The software life cycle typically contains a concept phase,
requirements phase, design phase, implementation phase, test phase, installation and checkout phase,
and operation and maintenance phase; could at times include the retirement phase. These phases may
overlap or be performed iteratively
[SOURCE: IEEE 610.12:1990, IEEE 15288, modified]
3.19
software product
set of computer programs and associated documentation/data intended for, or required by, a customer;
or any intended output resulting from the product development process
Note 1 to entry: A software product may be designated for delivery, an integral part of another software or
hardware product, or used in the development process.
3.20
special requirements
definition in EN 9100, 3.5 applies with the following clarification for software
Examples of special requirements that may introduce high risk for software include: the introduction of
a new compiler, new advanced modelling technique, qualification of tools, specific test equipment
capabilities, introduction of a new type of interface, or specific customer technical requirements. These
requirements are included in the risk management process.
10

---------------------- Page: 12 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
3.21
support software
software or a program that aids in the development, compilation, maintenance, or use of other software
or provides general application-independent capability
[SOURCE: see ISO/IEC 2382-1]
3.22
validation
determination that the requirements for a product are correct and complete; confirms the organization
is building the right aircraft system/function/item
[SOURCE: SAE ARP 4754, modified]
3.23
verification
evaluation of an implementation of requirements to determine that they have been met; confirms the
organization built the aircraft system/function/item correctly
[SOURCE: SAE ARP 4754, modified]
4 Context of the organization
4.1 Understanding the organization and its context
The requirements of EN 9100 apply. No clarification required for software.
4.2 Understanding the needs and expectations of interested parties
The requirements of EN 9100 apply. No clarification required for software.
4.3 Determining the scope of the quality management system
The requirements of EN 9100 apply with the following clarification for software.
When determining the scope of the quality management system, the organization shall include the
elements of IA (e.g., culture of security, including personal identifiable information security; technical
security; software development life-cycle security elements; supply chain security; internal security
audits; notification; response; recovery), appropriate to the size, criticality, complexity, or consequence
of exploitation of the organization’s processes, products, or services.
NOTE For further information, see the IAQG Supply Chain Management Handbook (SCMH).
4.4 Quality management system and its processes
The requirements of EN 9100 apply with the following clarification for software.
The documented information shall address quality management system requirements for software
processes, products, or services by inclusion or reference.
11

---------------------- Page: 13 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
5 Leadership
5.1 Leadership and commitment
5.1.1 General
The requirements of EN 9100 apply. No clarification required for software.
5.1.2 Customer focus
The requirements of EN 9100 apply. No clarification required for software.
5.2 Policy
5.2.1 Establishing the quality policy
The requirements of EN 9100 apply. No clarification required for software.
5.2.2 Communicating the quality policy
The requirements of EN 9100 apply. No clarification required for software.
5.3 Organizational roles, responsibilities, and authorities
The requirements of EN 9100 apply. No clarification required for software.
6 Planning
6.1 Actions to address risks and opportunities
The requirements of EN 9100 apply with the following clarification for software.
The organization shall consider deliverable software products, processes, and services when
determining risk and opportunities.
NOTE This should include consideration of external providers, when appropriate.
6.2 Quality objectives and planning to achieve them
The requirements of EN 9100 apply. No clarification required for software.
6.3 Planning of changes
The requirements of EN 9100 apply. No clarification required for software.
7 Support
7.1 Resources
7.1.1 General
The requirements of EN 9100 apply. No clarification required for software.
12

---------------------- Page: 14 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
7.1.2 People
The requirements of EN 9100 apply. No clarification required for software.
7.1.3 Infrastructure
The requirements of EN 9100 apply with the following clarification for software.
The organization shall determine, provide, and maintain an infrastructure, as appropriate, to support
software activities, including services.
Organization infrastructure includes, as applicable:
a) software development tools and utilities, including host computer and support software;
b) software verification tools and utilities, including test equipment and test software;
c) equipment, tools, software and utilities for archiving and storage (e.g., network, web or cloud based
storage), backup, disaster recovery, protection, replication, software loading, transmittal, and
documented information retention;
d) integrity verification tools and utilities (e.g., virus protection/checking, digital signatures, secure
hash algorithms, CRC);
e) security for software environments against threats (e.g., cyber/information security breaches,
malicious code, enumeration, electronic fingerprints, worms, viruses, backdoors, spyware, trojan
horses, malware).
NOTE Further elaboration on potential security elements may be found in the IAQG SCMH. In addition
references to publications dealing with software cyber vulnerabilities and weaknesses [e.g., Mitre Top 25
Common Weakness Enumeration, SANS Institute 20 Critical Controls; Institute of Electrical and Electronic
Engineers (IEEE) Top 10 Software Security Design Flaws] can be found in the IAQG SCMH.
7.1.4 Environment for the operation of processes
The requirements of EN 9100 apply with the following clarification for software.
The organization shall ensure that the operational environment appropriately protects the software
against unauthorized access and tampering.
7.1.5 Monitoring and measuring resources
7.1.5.1 General
The requirements of EN 9100 apply with the following clarification for software.
The organization shall determine the development and verification resources needed for monitoring
and measuring of software.
The software test environment and support tools shall be evaluated for their intended use, verified as
appropriate, and controlled. Any limitations to testing shall be recorded.
7.1.5.2 Measurement traceability
The requirements of EN 9100 apply. No clarification required for software.
13

---------------------- Page: 15 ----------------------

SIST EN 9115:2018
EN 9115:2018 (E)
7.1.6 Organizational knowledge
The requirements of EN 9100 apply. No clarification required for software.
7.2 Competence
The requirements of EN 9100 apply with the following clarification for software.
Software practitioners (e.g., Engineering, Quality, Testers) shall be qualified by education, experience,
and training appropriate for the criticality, complexity, customer and regulatory requirements, and
other relevant attributes (e.g., IA) of the associated software product and activities.
7.3 Awareness
The requirements of EN 9100 apply with the following clarification for software.
The organization shall ensure software developers and other relevant personnel are aware of software
product requirements, including IA, customer, and regulatory requirements.
7.4 Communication
The requirements of EN 9100 apply. No clarification required for software.
7.5 Documented information
7.5.1 General
The requirements of EN 9100 apply. No clarification required for software.
7.5.2 Creating and updating
The requirements of EN 9100 apply. No clarification required for software.
7.5.3 Control of documented information
The requirements of EN 9100 apply with the following clarification for software.
Electronic documented information associated with deliverable software (i.e., executable) may include
source code, and any necessary life-cycle support data.
Where docum
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.