ISO/IEC/IEEE 12207 ''Systems and software engineering – Software life cycle processes'' is an

international standard An international standard is a technical standard developed by one or more international standards organizations. International standards are available for consideration and use worldwide. The most prominent such organization is the International O ...

for software lifecycle processes. First introduced in 1995, it aims to be a primary standard that defines all the processes required for developing and maintaining

software system A software system is a system of intercommunicating software component, components based on software forming part of a computer system (a combination of Computer hardware, hardware and software). It "consists of a number of separate Computer progr ...

s, including the outcomes and/or activities of each process.

Revision history

ISO/IEC/IEEE 12207:2017 is the newest version, published in November 2017. The

IEEE Computer Society IEEE Computer Society (commonly known as the Computer Society or CS) is a technical society of the Institute of Electrical and Electronics Engineers (IEEE) dedicated to computing, namely the major areas of hardware, software, standards and people ...

joined directly with ISO/IEC JTC 1/SC 7/WG 7 in the editing process for this version. A significant change is that it adopts a process model identical to the ISO/IEC/IEEE 15288:2015 process model (there is one name change, the 15288 "System Requirements Definition" process is renamed to the "System/Software Requirements Definition" process). This harmonization of the two standards led to the removal of separate software development and software reuse processes, bringing the total number of 43 processes from 12207 down to the 30 processes defined in 15288. It also caused changes to the

quality management Total quality management, Total Quality management (TQM), ensures that an organization, product, or service consistently performs as intended, as opposed to Quality Management, which focuses on work process and procedure standards. It has four mai ...

and

quality assurance Quality assurance (QA) is the term used in both manufacturing and service industries to describe the systematic efforts taken to assure that the product(s) delivered to customer(s) meet with the contractual and other agreed upon performance, design ...

process activities and outcomes. Additionally, the definition of "

audit An audit is an "independent examination of financial information of any entity, whether profit oriented or not, irrespective of its size or legal form when such an examination is conducted with a view to express an opinion thereon." Auditing al ...

" and related audit activities were updated. Annex I of ISO/IEC/IEEE 12207:2017 provides a process mapping between the 2017 version and the previous version, including the primary process alignments between the two versions; this is intended to enable traceability and ease transition for users of the previous version. Prior versions include: * ISO/IEC 12207:2008, which was published in February 2008 * ISO/IEC 12207:1995/Amd 2:2004, an amended version of the prior, published in November 2004 * ISO/IEC 12207:1995/Amd 1:2002, an amended version of the prior, published in May 2002 * ISO/IEC 12207:1995, the first iteration, published in July 1995; originally was divided into five primary processes (acquisition, supply, development, operation, and maintenance), with eight supporting and four organizational life cycle processes

IEEE versions

Prior to the IEEE Computer Society formally joining the editing process (becoming a major stakeholder) for the 2017 release, the

IEEE The Institute of Electrical and Electronics Engineers (IEEE) is an American 501(c)(3) organization, 501(c)(3) public charity professional organization for electrical engineering, electronics engineering, and other related disciplines. The IEEE ...

maintained its own versions of ISO/IEC 12207, initially with modifications made jointly with the

Electronic Industries Alliance The Electronic Industries Alliance (EIA; until 1997 Electronic Industries Association) was an American standards organization, standards and trade organization composed as an alliance of trade associations for electronics manufacturers in the ...

(EIA). With the 2008 update came a "shared strategy of ISO/IEC JTC 1/SC 7 and the IEEE to harmonize their respective collections of standards," resulting in identical standards thereon, but with slightly different names. Those IEEE versions included: * IEEE Std. 12207-2008: "integrates ISO/IEC 12207:1995 with its two amendments and was coordinated with the parallel revision of ISO/IEC 15288:2002 (System life cycle processes) to align structure, terms, and corresponding organizational and project processes"; superseded by ISO/IEC/IEEE 12207:2017 * IEEE/EIA 12207.2-1997: "provides implementation consideration guidance for the normative clauses of IEEE/EIA 12207.0"; superseded/made obsolete by IEEE Std. 12207-2008, which was then superseded by ISO/IEC/IEEE 12207:2017 * IEEE/EIA 12207.1-1997: "provides guidance for recording life cycle data resulting from the life cycle processes of IEEE/EIA 12207.0"; superseded by ISO/IEC/IEEE 15289:2011, which was then superseded by ISO/IEC/IEEE 15289:2017 * IEEE/EIA 12207.0-1996: "consists of the clarifications, additions, and changes o ISO/IEC 12207:1995 for industry implementationaccepted by the Institute of Electrical and Electronics Engineers (IEEE) and the Electronic Industries Alliance (EIA) as formulated by a joint project of the two organizations"; superseded by IEEE Std. 12207-2008, which was then superseded by ISO/IEC/IEEE 12207:2017 It's also worth noting that IEEE/EIA 12207 officially replaced MIL-STD-498 (released in December 1994) for the development of DoD software systems on May 27, 1998.

Processes not stages

The standard establishes a set of processes for managing the lifecycle of software. The standard "does not prescribe a specific software life cycle model, development methodology, method, modelling approach, or technique.". Instead, the standard (as well as ISO/IEC/IEEE 15288) distinguishes between a "stage" and "process" as follows: * stage: "period within the life cycle of an entity that relates to the state of its description or realization". A stage is typically a period of time and ends with a "primary decision gate". * process: "set of interrelated or interacting activities that transforms inputs into outputs". The same process often recurs within different stages. Stages (aka phases) are not the same as processes, and this standard only defines specific processes - it does not define any particular stages. Instead, the standard acknowledges that software life cycles vary, and may be divided into stages (also called phases) that represent major life cycle periods and give rise to primary decision gates. No particular set of stages is normative, but it does mention two examples: * The system life cycle stages from ISO/IEC TS 24748-1 could be used (concept, development, production, utilization, support, and retirement). * It also notes that a common set of stages for software is concept exploration, development, sustainment, and retirement. The life cycle processes the standard defines are not aligned to any specific stage in a software life cycle. Indeed, the life cycle processes that involve planning, performance, and evaluation "should be considered for use at every stage". In practice, processes occur whenever they are needed within any stage.

Processes

ISO/IEC/IEEE 12207:2017 divides software life cycle processes into four main process groups: agreement, organizational project-enabling, technical management, and technical processes. Under each of those four process groups are a variety of sub-categories, including the primary activities of acquisition and supply (agreement); configuration (technical management); and operation, maintenance, and disposal (technical).

Agreement processes

Here ISO/IEC/IEEE 12207:2017 includes the acquisition and supply processes, which are activities related to establishing an agreement between a supplier and acquirer. Acquisition covers all the activities involved in initiating a project. The acquisition phase can be divided into different activities and deliverables that are completed chronologically. During the supply phase a

project management plan A project plan, is a series of structured tasks, objectives, and schedule to a complete a desired outcome, according to a project managers designs and purpose. According to the Project Management Body of Knowledge (PMBOK), is: "...a formal, appr ...

is developed. This plan contains information about the project such as different milestones that need to be reached.

Organizational project-enabling processes

Detailed here are life cycle model management,

infrastructure Infrastructure is the set of facilities and systems that serve a country, city, or other area, and encompasses the services and facilities necessary for its economy, households and firms to function. Infrastructure is composed of public and pri ...

management, portfolio management,

human resource management Human resource management (HRM) is the strategic and coherent approach to the effective and efficient management of people in a company or organization such that they help their business gain a competitive advantage. It is designed to maximize e ...

, quality management, and

knowledge management Knowledge management (KM) is the set of procedures for producing, disseminating, utilizing, and overseeing an organization's knowledge and data. It alludes to a multidisciplinary strategy that maximizes knowledge utilization to accomplish organ ...

processes. These processes help a business or organization enable, control, and support the system life cycle and related projects. Life cycle model management helps ensure acquisition and supply efforts are supported, while infrastructure and portfolio management supports business and project-specific initiatives during the entire system life cycle. The rest ensure the necessary resources and quality controls are in place to support the business' project and system endeavors. If an organization does not have an appropriate set of organizational processes, a project executed by the organization may apply those processes directly to the project instead.

Technical management processes

ISO/IEC/IEEE 12207:2017 places eight different processes here: * roject planning* Project assessment and control * Decision management *

Risk management Risk management is the identification, evaluation, and prioritization of risks, followed by the minimization, monitoring, and control of the impact or probability of those risks occurring. Risks can come from various sources (i.e, Threat (sec ...

Configuration management Configuration management (CM) is a management process for establishing and maintaining consistency of a product's performance, functional, and physical attributes with its requirements, design, and operational information throughout its life. ...

Information management Information management (IM) is the appropriate and optimized capture, storage, retrieval, and use of information. It may be personal information management or organizational. Information management for organizations concerns a cycle of organiz ...

Measurement Measurement is the quantification of attributes of an object or event, which can be used to compare with other objects or events. In other words, measurement is a process of determining how large or small a physical quantity is as compared to ...

* Quality assurance These processes deal with planning, assessment, and control of software and other projects during the life cycle, ensuring quality along the way.

Technical processes

The technical processes of ISO/IEC/IEEE 12207:2017 encompass 14 different processes, some of which came from the old software-specific processes that were phased out from the 2008 version. The full list includes: * Business or mission analysis * Stakeholder needs and requirements definition * Systems/Software requirements definition *

Architecture Architecture is the art and technique of designing and building, as distinguished from the skills associated with construction. It is both the process and the product of sketching, conceiving, planning, designing, and construction, constructi ...

definition * Design definition *

System analysis System analysis in the field of electrical engineering characterizes electrical systems and their properties. System analysis can be used to represent almost anything from population growth to audio speakers; electrical engineers often use it b ...

Implementation Implementation is the realization of an application, execution of a plan, idea, scientific modelling, model, design, specification, Standardization, standard, algorithm, policy, or the Management, administration or management of a process or Goal ...

* Integration * Verification * Transition * Validation * Operation *

Maintenance The technical meaning of maintenance involves functional checks, servicing, repairing or replacing of necessary devices, equipment, machinery, building infrastructure and supporting utilities in industrial, business, and residential installa ...

* Disposal These processes involve technical activities and personnel (

information technology Information technology (IT) is a set of related fields within information and communications technology (ICT), that encompass computer systems, software, programming languages, data processing, data and information processing, and storage. Inf ...

, troubleshooters, software specialists, etc.) during pre-, post- and during operation. The analysis and definition processes early on set the stage for how software and projects are implemented. Additional processes of integration, verification, transition, and validation help ensure quality and readiness. The operation and maintenance phases occur simultaneously, with the operation phase consisting of activities like assisting users in working with the implemented software product, and the maintenance phase consisting of maintenance tasks to keep the product up and running. The disposal process describes how the system/project will be retired and cleaned up, if necessary.

Conformance

Clause 4 describes the document's intended use and conformance requirements. It is expected that particular projects "may not need to use all of the processes provided by this document." In practice, conforming to this standard normally involves selecting and declaring the set of suitable processes. This can be done through either "full conformance" or "tailored conformance". "Full conformance" can be claimed in one of two ways. "Full conformance to tasks" can be claimed if all requirements of the declared processes' activities and tasks are met. "Full conformance to outcomes" can be claimed if all required outcomes of the declared processes are met. The latter permits more variation. "Tailored conformance" may be declared when specific clauses are selected or modified through the tailoring process also defined in the document.

References

{{DEFAULTSORT:ISO IEC 12207 #12207 Software development process Software engineering standards #12207 #12207