ISO/IEC/IEEE 24748-3:2020 系统和软件工程 生命周期管理 第3部分：ISO/ IEC/IEEE 12207应用指南（软件生命周期过程）

标准编号：ISO/IEC/IEEE 24748-3:2020

中文名称：系统和软件工程 生命周期管理 第3部分：ISO/ IEC/IEEE 12207应用指南（软件生命周期过程）

英文名称：Systems and software engineering — Life cycle management — Part 3: Guidelines for the application of ISO/IEC/IEEE 12207 (software life cycle processes)

发布日期：2020-10

标准范围

本文件是ISO/IEC/IEEE 12207:2017应用指南。本文档为实现软件生命周期过程的通用框架建立了指导，具有定义明确的术语，可供软件行业参考。本文档提供了在组织或项目中定义、控制和改进软件生命周期过程的指导。本文档推荐了适用于各种生命周期模型的方法和途径。该指南强调了建立战略、规划和利益相关者参与的重要性，最终目标是实现客户满意度。本文档适用于软件系统、产品和服务（包括软件即服务（SaaS））以及任何系统的软件部分的采购、供应、设计和开发、过渡、操作、维护和处置（无论是在组织内部还是外部执行）。软件包括固件的软件部分。本文档中关于流程、活动和任务的指南也可应用于包含软件的系统的采购过程。本文档中的指南也可用作选择、建立和改进组织环境的基础，例如方法、程序、技术、工具和训练有素的人员。在本文档的上下文中，存在一系列人造系统，从很少或不使用软件的系统到主要关注软件的系统。很少会遇到没有软件的复杂系统，所有软件系统都需要物理系统组件（硬件）才能运行，要么作为感兴趣的软件系统（SoI）的一部分，要么作为使能系统或基础设施。因此，选择是否应用本文档来指导软件生命周期过程或ISO/IEC/IEEE 24748-2取决于SoI。在高层次上，这两个文档具有相同的生命周期过程框架，但在分别执行软件工程或系统工程的活动和任务的指导上有所不同。本文件中的过程和过程组在目的和结果上与ISO/IEC/IEEE 12207:2017和ISO/IEC/IEEE 15288:2015中的过程和过程组相同，只有一个例外:ISO/IEC/IEEE 12207:2017的系统/软件需求定义过程，本文件的名称与ISO/IEC/IEEE 15288:2015的系统需求定义过程不同。无论软件系统规模、复杂性或组织规模如何，使用本文档中的指南都是合适的。ISO/IEC/IEEE 12207:2017生命周期过程的过程结果是通用的，适用于任何规模组织中的任何软件系统的工程。本文档没有规定或详细说明特定的软件生命周期模型、开发方法、方法、建模方法或技术和方法。实现软件的各种方式（例如，开发新代码、集成现有开源组件和商业产品，或修改现有软件，包括过渡到新平台）使得不可能详细说明具体的程序。本文件不建立管理体系，也不对任何管理体系标准的使用提供指导。但是，它旨在与ISO 9001规定的质量管理体系、ISO/IEC 20000规定的服务管理体系-1、ISO/IEC 19770规定的IT资产管理体系（全部部分），以及ISO/IEC 27000规定的信息安全管理体系。第6条为ISO/IEC/IEEE 12207:2017中的目的、结果、活动和任务提供了指导。但是，本文件没有重复ISO/IEC/IEEE 12207:2017中每个生命周期过程的目的、结果、活动和任务的详细要求和建议。第6条还提供了专门标准的参考，这些标准为各种过程和信息产品（信息项）提供了更详细的要求和指导。本文件没有在名称、格式、明确内容和记录介质方面详细说明信息项（过程输入和输出）。注:ISO/IEC/IEEE 15289涉及生命周期过程信息项（文档）的内容。

This document is a guideline for the application of ISO/IEC/IEEE 12207:2017. This document establishes guidance to implement a common framework for software life cycle processes, with well-defined terminology, that can be referenced by the software industry. This document provides guidance on defining, controlling, and improving software life cycle processes within an organization or a project. This document recommends methods and approaches suitable for a variety of life cycle models. The guidance emphasizes the importance of establishing a strategy, planning, and the involvement of stakeholders, with the ultimate goal of achieving customer satisfaction.
This document applies to the acquisition, supply, design and development, transition, operation, maintenance, and disposal (whether performed internally or externally to an organization) of software systems, products, and services (including software as a service (SaaS)), and the software portion of any system. Software includes the software portion of firmware. The guidance on processes, activities, and tasks in this document can also be applied during the acquisition of a system that contains software. The guidance in this document can also be used as a basis for selecting, establishing, and improving organizational environments, e.g., methods, procedures, techniques, tools, and trained personnel.
In the context of this document, there is a continuum of human-made systems from those that use little or no software to those in which software is the primary interest. It is rare to encounter a complex system without software, and all software systems require physical system components (hardware) to operate, either as part of the software system-of-interest (SoI) or as an enabling system or infrastructure. Thus, the choice of whether to apply this document for guidance to the software life cycle processes, or ISO/IEC/IEEE 24748-2, depends on the SoI. At a high level, both documents have the same life cycle process framework, but differ in guidance for activities and tasks to perform software engineering or systems engineering, respectively.
The processes and process groups in this document are identical in their purpose and outcomes with those in ISO/IEC/IEEE 12207:2017 and in ISO/IEC/IEEE 15288:2015, with one exception: the System/Software Requirements Definition process of ISO/IEC/IEEE 12207:2017 and this document has a different name from the System Requirements Definition process of ISO/IEC/IEEE 15288:2015.
Use of the guidance in this document is appropriate regardless of software system size or complexity or organizational size. The process outcomes from the ISO/IEC/IEEE 12207:2017 life cycle processes are meant to be generic and applicable to the engineering of any software system in any size organization.
This document does not prescribe nor detail a specific software life cycle model, development methodology, method, modelling approach, or technique and method. The variety of ways for implementing software (e.g., development of new code, integration of existing open source components and commercial products, or modifications to existing software, including transition to new platforms) make it impossible to detail specific procedures.
This document does not establish a management system or provide guidance on the use of any management system standard. However, it is intended to be compatible with the quality management system specified by ISO 9001, the service management system specified by ISO/IEC 20000-1, the IT asset management system specified by ISO/IEC 19770 (all parts), and the information security management system specified by ISO/IEC 27000.
Clause 6 provides guidance on aspects of purposes, outcomes, activities, and tasks in ISO/IEC/IEEE 12207:2017. However, this document does not repeat the detailed requirements and recommendations for purposes, outcomes, activities, and tasks for each life cycle process found in ISO/IEC/IEEE 12207:2017. Clause 6 also provides references to specialized standards that provide more detailed requirements and guidance for the various processes and information products (information items). This document does not detail information items (process inputs and outputs) in terms of name, format, explicit content and recording media.
NOTE ISO/IEC/IEEE 15289 addresses the content for life cycle process information items (documentation).

标准预览图