ISO/IEC/IEEE 15026-3:2023 系统和软件工程 系统和软件保证 第3部分：系统完整性等级

标准编号：ISO/IEC/IEEE 15026-3:2023

中文名称：系统和软件工程 系统和软件保证 第3部分：系统完整性等级

英文名称：Systems and software engineering — Systems and software assurance — Part 3: System integrity levels

发布日期：2023-10

标准范围

本文件规定了完整性级别的概念以及实现完整性级别的相应完整性级别要求。为定义和使用完整性级别及其相应的完整性级别要求提供了要求和推荐方法。本文档涵盖了系统、软件产品及其元素，以及相关的外部依赖关系。本文档适用于系统和软件，供以下人员使用:a)行业和专业组织、标准组织和政府机构等诚信级别的定义者；b)完整性级别的用户，例如开发者和维护者、供应商和收购者、系统或软件用户、系统或软件的评估者以及系统和/或软件产品的管理和技术支持人员。完整性等级的一个重要用途是供应商和收购方在协议中，例如，帮助确保所交付的系统或产品的安全、财务或安全特性。本文档没有规定一组特定的完整性级别或其完整性级别要求。此外，它没有规定完整性级别使用与整个系统或软件工程生命周期过程集成的方式。然而，它确实提供了附件A中使用该文件的示例。

This document specifies the concept of integrity levels with the corresponding integrity level requirements for achieving the integrity levels. Requirements and recommended methods are provided for defining and using integrity levels and their corresponding integrity level requirements. This document covers systems, software products, and their elements, as well as relevant external dependences.
This document is applicable to systems and software and is intended for use by:
a) definers of integrity levels such as industry and professional organizations, standards organizations, and government agencies;
b) users of integrity levels such as developers and maintainers, suppliers and acquirers, system or software users, assessors of systems or software and administrative and technical support staff of systems and/or software products.
One important use of integrity levels is by suppliers and acquirers in agreements, for example, to aid in assuring safety, financial, or security characteristics of a delivered system or product.
This document does not prescribe a specific set of integrity levels or their integrity level requirements. In addition, it does not prescribe the way in which integrity level use is integrated with the overall system or software engineering life cycle processes. It does, however, provide an example of use of this document in Annex A.

标准预览图