This chapter describes the standards (military and international) that supplier use for the development of software, capability assessment, and software development measurement.
|Objective||Provides information related to military and international software standards, United States and international working groups, military standards status, and how to obtain standards.|
Over the past 30 years, the ability to develop
software has increased in complexity and the ability to improve the
software development standards has also increased in complexity. In the
1970s and early 80s, various software development standards evolved such
as DoD-STD-1679A, DoD-STD-7935A, Mil-STD-490, DoD-STD-2167A, and
DoD-STD-2168.These documents were descendants from hardware standards that
included software-related terminology.
Various groups or committees develop all standards, and the development process of these standards is generally slow. In the world of software development, technology can quickly out-pace the standard or process being developed. Standards shall be maintained and updated or else they become outdated and obsolete.
|U.S Military Standards||
U. S. Military Standards are developed by organizations within DoD to direct or guide suppliers in the area of software development and are authored by industry suppliers. A committee guides these authors that consist of representatives from military and Industry organizations. These standards are legally enforced on military software suppliers and identify engineering and technical limitations for materials, processes, methods, designs, and engineering practices.
In June 1994, Secretary of Defense William J. Perry issued a memorandum “Specifications & Standards – A New Way of Doing Business." This memo outlined the need to reduce the requirements for MilSpecs and MilStds in our acquisition. Some of the MilSpecs and MilStds are misused, obsolete, redundant, or unnecessarily restrictive. Additionally, some of these documents have increased the price the Government pays for goods and services. Government and Industry shall make greater use of performance and commercial specifications, increase access to commercial advanced technologies, increase the industrial base upon which DoD depends, and help military suppliers to be more competitive in the marketplace. Today, this is known as “Acquisition Reform” – changing our acquisition management perspectives, roles, responsibilities, and goals.
International Standards are created by committees of national representatives. The ultimate goal of these committees, when developing international standards, is to:
Improve communication between suppliers and buyers;
3. Improve the quality of delivered software and systems.
The United States participates in the development of international standards through ISO/IEC JTC1 SC7 Technical Advisory Group (TAG). The JTC1 has a wide charter to develop standards for information technology. The SC7 is an international technical standards committee working on standards for software engineering, and is a subcommittee of JTC1.
In the United States, there are 10 Working Groups (WG) that provide support to SC7.The function of these WGs is to develop guidance for the management techniques, standardization of supporting methods, and tools necessary for the development and testing of software. Members of these WGs represent the United States at International Plenary and Technical Working Group meetings. The purpose of attending International Meetings is to represent the United States in each SC7 Working Group and to establish United States position on SC7 standards development milestones and SC7 business plans.
Participation on these working groups consists of TAG membership and Technical Experts (TE). Participation on these working groups is strictly voluntarily. There can be multiple TAG individuals representing a company but only one designated individual can vote on ballots. TEs have no voting authority but can participate in any work group they so desire. DCMA currently participates on WG 7, WG 10 and WG 13.
|SC7 Work Groups and Purpose||
Working Group 2 – Systems Software
Working Group 4 – Tools and Environments
Working Group 6 – Evaluations and Metrics
Working Group 7 – Life Cycle Management
Working Group 7 – Life Cycle Management
Working Group 8 – Support of Life Cycle Processes
Working Group 9 – Software Integrity
Working Group 10 – Software Process Assessment
Working Group 11 – Software Engineering Data Definition and
Working Group 12- Functional Size Measurement
Working Group 13 – Software Measurement ProcessPurpose: Development of standards and technical reports to define and implement software measurement processes, frameworks, and guidance.
and EIA Software Standards
There are two accredited organizations collaborating with DoD on the creation of lifecycle standards for use in the United States. These organizations are Electronics Industries Association (EIA) and the Institute of Electrical and Electronic Engineers (IEEE). There are three standards objectives that have motivated this work:
Resulting products from the EIA and IEEE:
is the “demilitarized” version of Mil-STD-498 and the J-STD-016 exist
as a single document and this document was considered the interim or
“bridged” document to Mil-STD-498.It was intended that J-STD-016 will
fill the role for organizations that continue to use processes that are a
legacy of older standards and this document will allow them to reference
those processes. The J-STD-016was developed to be applied in the following
IEEE/EIA 12207 – Software Life Cycle Process, (widely known as US 12207) was approved as a standard in the United States in 1998.This standard was adapted from ISO/IEC 12207 that provided a framework of software lifecycle processes suitable for use in:
The following chart illustrates the software development lifecycle development based on past and current philosophy.
|Figure 10-1.Past and Current Development
adoption of US 12207 has shifted the focus from compliance at the project
level to the organizational level. The object is to have an
organization develop its own set of processes and procedures compliant
with the requirements of US 12207, which would be applied across the
US 12207 offers many advantages over past software lifecycle process standards such as:
of US 12207
standard is organized in three parts designated Part 0: 12207.0, Part
1: 12207.1, and Part 2: 12207.2.This may seem a bit confusing,
but just remember that Part 0 is like a “sandwich” that wraps US
material around the full text of ISO/IEC 12207. The difference in the U.S.
As previously described, US 12207 is broken down into three parts and the description of these three parts are as follows:
This part contains the body ISO/IEC 12207 in its
original form and 6 US Annexes:
Annex E (Informative) – Basic concepts of ISO/IEC 12207 that consist of four processes: Organizational, Primary, Supporting, and Special. The illustration below identifies these processes and their associated sub-processes:
Figure 10-2.ISO/IEC 12207 Processes
of US 12207
Life Cycle Processes:
Establishes and implements an underlying structure of processes and
personnel that provide the basis for the organization’s projects. Organizational
processes include Management, Infrastructure, Training, and Improvement.
Primary Life Cycle Processes: Processes that provides the framework to accomplish the Acquisition, Development, Operation, and Maintenance of software.
Supporting Life Cycle Processes: Provides
processes that are an integrated part of the software process and
contribute to the success and quality of the software project. Supporting
processes include Documentation, Configuration Management, Quality
Assurance, Verification & Validation, Joint Review, Audit, and Problem
Note: Informative is defined as sections that are considered information process activity and normative is considered sections that are required process activity.
Annex F (Informative) – Provides compliance
information related to situations, level, and criteria.
PART 1 (Guide for Information
Technology – Software Life Cycle Processes – Life Cycle Data)
Additionally, Part 1 provides content guidelines for each information item:
This document also provides references to other standards such as ISO/15504 (Software Process Assessment), ISO/IEC 15939 (Software Measurement), guides, and technical reports.
PART 2 (Guide for Information
Technology – Software Life Cycle Processes – Implementation
NATO Quality Requirements
NATO has published a document called the AQAP-160 NATO Quality Requirements for Software Throughout the Life Cycle. This publication provides for a common framework for software life cycle processes based upon ISO 12207, Software Life Cycle Processes. Once formally released, AQAP-160 publication will replace AQAP-150, NATO Quality Assurance Requirements for Software Development publication dated September 1997.
|DoD-STD-2167A, known as the Defense System Software Development document was developed in the late 80s. The majority of the software suppliers used this document, along with Data Item Descriptions (DIDs) and DoD-STD-2168, as the contractual vehicles for software development.2167A established a strict set of requirements the software supplier had to follow. In the middle 90s, when the Perry Memo was released, 2167A, along with 2168, 7935A, and 1703 merged into a single document called Mil-STD-498.|
|Mil-STD-498 was the first step to shift from military standards to commercial standards. Mil-STD-498 provided a “bridge” from DoD-STD-2167A to J-STD-16. In May 1998, Mil-STD-498 was canceled because this information is now contained in IEEE/EIA 12207.|
ISO/IEC 15504 is a 9-part international standard that provides a framework for the assessment of software processes. Two parts are normative:
The sophistication and complexity required of a process
is dependent upon its context. For instance, the planning required for a
five person project team is much less than for a fifty person team. This
context influences how a qualified assessor judges a practice when
assessing its adequacy and influences the degree of comparability between
The standard therefore, provides a rating framework that is as much an assessment of effectiveness as it is of conformance to the practice definition. From the ratings of process instances, a number of derived or average ratings can be determined that provide better insight into the capability of a process within an organizational unit as a whole.
ISO/IEC 15939 (Software Measurement Process). International standard that is currently being developed and that defines a software measurement process applicable to all software-related engineering and management disciplines. The software measurement process in this standard is described through a model that defines the activities of the measurement process, which are required to adequately specify what information is required. Additionally, it describes how the measures and analysis results are to be used and how to determine the validity of the analysis results within a project or organizational structure.
The following illustration describes the measurement process model.
Figure 10-3. Process Model 15939
|Software and Software Related Standards||The following tables list some of the major software and software related standards that have evolved over the past 30 years and the standards current status (Canceled or Active).|
Figure 10-4.Current and Canceled Standards
|Software Standards Time Line|
Figure 10-5. Standard Timeline
ISO 9000 has been significantly revised to the following
ISO/IEC15288 (System Life Cycle Process) is up to Committee Draft (CD) 3, and it should be published as an International Standard in 2003.
|Information on How to Obtain Standards||
Some documents are available for free and some are a
cost to Government employees. Some documents, such as J-STD-016, ISO/IEC
14958 (Product Evaluation) have not been adopted by the US Government, are
not free to US Government employees.
Effective October 1, 2001, Defense Printing Service will no longer provide US 12207 for free. This document will need to be obtained through IEEE or other sources. DCMA HQ is currently working on an agreement between IEEE to provide specific international standards to DCMA personnel who require a need for these documents.
|Assist-Online Web Site||
The ASSIST-Online web site is a robust, comprehensive web site providing access to current information associated with the military and federal specification and standards in the management of Defense Standardization Program (DSP). Managed by the DoD Single Stock Point (DoD SSP), Philadelphia, ASSIST-Online provides public access to standardization documents over the internet. Additionally, this web site provides many powerful reporting features and an exhaustive collection of both digital and warehouse documents. ASSIST is the official source of DoD specifications and standards.