ISO/IEC JTC1/SC7 /N2736

Transcription

1 ISO/IEC JTC1/SC7 Software and Systems Engineering Secretariat: CANADA (SCC) ISO/IEC JTC1/SC7 /N Document Type Title Source Comment Disposition Report Comment Disposition Report, on N Letter Ballot Summary on the Study group report on the harmonization of ISO/IEC and ISO/IEC WG7 Project & Status Reference Action ID Final N2684, N2733 FYI or ACT Due Date Mailing Date Distribution AG No. of Pages 13 Note Address reply to: ISO/IEC JTC1/SC7 Secretariat École de technologie supérieure Département de génie électrique 1100 Notre Dame Ouest, Montréal, Québec Canada H3C 1K3 secretariat@jtc1-sc7.org

2 Document type Comment disposition report (Generated by Comment database Version 3.2.0) ISO/IEC JTC 1/SC 7/WG 7 N0670 Title Source Status Reference Action ID Harmonization Study Group Report - Comment disposition for SC 7 N2684 ISO/IEC JTC 1/SC 7/WG 7 Convener Final ISO/IEC JTC 1/SC 7 N2684 FYI or ACT Ballot document information Document title Harmonization Study Group Report Comments 80 W07N0670.DOC 17 November 2002 Page 1 of 13

3 AUS-1 E Use of numbered lists instead of bullets Change bullets to a), b) etc A or 1), 2), 3) would make it easier to reference this AUS-2 TL 1.4 Some standards will be due for review as a AIP Modify the 2nd sentence of 1.4 as result of the ISO 5 year review model. This : WG7 products, on a regular is also a driver for harmonization at the basis as feedback appropriate time. AUS-3 TL 1.5 Also an input is the report of the Study A Group on Systems Engineering WG 7 N0560 AUS-4 TL 3.1 b Add the revision of ISO currently A under way in SC7 (WG18). AUS-5 TL 3.1 c Should also include the TR on Mockup and AIP this document is a too detailed and Prototyping. specifics for the harmonization objectives of primary harmonization project but may need to be considered for the secundary harmonization project. Include list of current IS & TR documents of WG7 with change priority. AUS-6 TH 3.2 A key issue in the harmonisation is to A establish a shared understanding of "consistency" - what does it mean to have "consistent" documents in the context of our standards work? I would like to see this document addressing the concept of "consistency" and expressing the goals of the project in much clearer and less ambiguous terms. AUS-7 TH 3.2 Completeness of coverage of a subject R This is out of scope of the present should be a goal. SC 7 should provide all effort aspects of the solution rather than relying on other e.g. IEEE documents. AUS-8 TH 3.3 Last This statement conflicts with the Terms of The work of the Study Group on Systems A sentence Reference 1.2 3rd bullet Engineering must be incorporated, as appropriate to the liaisons that are established. AUS-9 TH 3.3 3, 4 Harmonization is a two-way street. The A The BPG is developing a procedure impact these documents have on the SC 7 for cooperation with IEEE CS. It documents that are being harmonized must may serve as a model for other also be considered. coordination arrangements. AUS-10 TH 3.4 Two levels of guidance are required and AIP "Small to medium enterprise" will be should be identified in the figure i.e. overall captured during the users' needs life cycle process stage model guidance plus identification and is not to be guidance that relates specifically to each of addressed in the present report. The W07N0670.DOC 17 November 2002 Page 2 of 13

4 15288 and Guidance about other part of comment will deal with needs to also recognize the needs of Small architectural design process for to Medium Enterprise as exemplified by harmonization. many software developers. (this was clearly identified at the Perth meering of WG 7). AUS-11 TL 3.4 Clarify the distinction between "user" and AIP Replace termes users and "customer", and as opposed to "stakeholder" customers by stakeholders. AUS-12 TL and 9001 could be considered to be AIP This is an architectural issue which Enabling Systems for 15288, to take the will be addressed in the architectural concept of using further. design process of the harmonization. AUS-13 TH is being used to model the has Maintenance Process Outcomes a) R There is confusion between harmonization but e.g does not map - f) only and e.g. the history of documents is outcomes and activities. correctly to the Outcomes in We marked as [j] when it should really be [f]. should use the standard accurately as an example for others. AUS-14 TL 4.3 We should use process definitions specific R This way had been chosen because to our 'project' and 'fit' the processes of educational reasons for (tailored) to them AUS-15 TL 4.3 The tailoring process in requires that a AIP 4.1 & 4.2 provide justifications. Add documented justification of tailoring be in 4.3 : The rational of the provided. tailoring is based on the nature of the system : documents. AUS-16 TH The project will need to ensure that A developers and users of "related external standards" (3.3) are regarded as stakeholders in the project. AUS-17 TH Include "assess" in the list of functions. i.e. to conceptualise, specify, design, perform, A assess... AUS-18 TL Remove this section and re number OBE refer to GBR 33 document (or add the rest of 15288) for consistency and completeness. AUS-19 G Refer to WG10N310 for an example of A establishment of verification criteria for requirements for standards. AUS-20 G The experiences of the SPICE Project A emphasise the need to establish significant resources and planning for any comprehensive program of trials. AUS-21 TL This is really an "Obsolesence process" that R Refer to AUS 14 is met by the 'Disposal process'. See also AUS-?? W07N0670.DOC 17 November 2002 Page 3 of 13

5 AUS-22 G 5.1 Incorporate required 5 year ISO reviews into AIP Add notes under the table : the schedule "Publication should not exceed 2007". And " Planning of scope and revisions for harmonization will consider current document revision schedule." AUS-23 TH 5.3 para 2 point "have implemented with success some of AIP We agree with the comment. The 3 the approaches recommended.".it may risk will be manage. No change is be difficult to achieve this in view of the identified in the comment. newness of some of these standards, even amongst long term WG 7 members" AUS-24 TH 5.3 SWG 5 Architecture Management provides AIP Change title word "Editorial" by SC 7 oversight of standards architecture I.e. "Project". Rephrase the secund bullet it is not only the Project Editor who is with following principles : Editorial team and SWG5 for architecture ; Editorial team for content ; Convenor WG7 for schedule. AUS-25 TH 5.3 The Project Editor also takes direction from OBE refer to AUS 24 National Bodies via submitted comments AUS-26 TH 5.3 para 2 point "have performed assessments with ISO Noting "at least some of the following skills" R There is a misunderstanding issue of , or CMM "Why? It is extremely are required", split this section into a the paragraph. The set of skills is difficult to understand why this is necessary. mandatory part and a nice-to-have part. assigned to a team globally and CMM determine how well you do things NOT what needs to be done" W07N0670.DOC 17 November 2002 Page 4 of 13

6 CSK-1 TH 3.3 second set We recommend to include other documents IEC Software defendability through the of bullets into the group of "may be impacted" software life-cycle process - Application guide OBE refer to AUS 5 IEC Management of defendability -P.3- Appl. guide Section 6: Software aspects of defendability CSK-2 TL 5.1 figure Please include the numbers of relevant AIP Add "preliminar and secundary" in standards also into the Primary and the lower figure of page 13, 5.1 Secondary Harmonization projects boxes W07N0670.DOC 17 November 2002 Page 5 of 13

7 GBR-1 G This work item should proceed as soon as AIP establish the appropriate liaisons with possible as outlined in the document and a the concerned ISO TC in the future. liaison should be established with JTC 1 SC The harmonization outcome may 27 IT Security Techniques (responsible for influence the LC of related ISO/IEC 21827). Although ISO/IEC Systems Security Engineering is not planned for revision in the timescale of 15288/12207, the harmonization should consider it and could influence its update. GBR-2 G This report is inward looking and fails to step Revise clause 3 to take account of the AIP establish the appropriate liaisons with up to the need for harmonisation with other two-way relationship between WG7 the concerned ISO TC in the future. key standards that cannot be ignored just harmonisation activity and the broader process The harmonization outcome may because they are outside of SC7, unless modelling community in which it operates. influence the LC of related SC7 selectively defines the stakeholders (and tries to create a process laager/stockade). Examples: the influence on ISO/IEC and in particular of ISO is completely missed. The large bodies of systems process work by IEC SC 65 and 56, and ISO 159 are relevant. The enterprise process work in TC184 provides the framework for all process models. GBR-3 G The importance of developing and verifying Recognise the use of disciplined design AIP This in not in the scope of the report the consistency and the compatibility of the method and tools and map this into a realistic to describe the "how" to do. standards by using objective descriptions Nevertheless it will be used methods based on modelling languages and design and techniques in order to perform tools seems appears to be ignored by this work as objective of possible after report. The next step in the evolution of the scope and use cases has been and requires this established. (system/software engineering) rigor, not the subjectivity of previous development. The optimistic schedule in 5.2 underlines the intention to follow a subjective and not objective development path. GBR-4 G The harmonisation study report does not take Include a list of existing liaisons, the process AIP Liaisons will receive reports and account of the existing range of liaisons with modelling communities that they represent and document for comments. Refer this other process modelling activities. If the how the needs and constraints arising from comment to SWG 5 to establish documents resulting from the harmonisation these stakeholders will be addressed in the guidance on liaisons. are to be of value their context of use within harmonisation process. Examples are Safety the broader family of proces models needs - IEC SC65 and 56 (H Daniel), to be taken into account and these liaisons Human-system interaction - ISO TC159 (J used to good effect. Earthy), Enterprise - ISO TC184 (P Bernhus). This list is probably best located in Clause 1.3 GBR-5 TH 1.1 Para 2 The level of detail may be quite different and Insert 'and complementary and coherent' AIP remove the words "level of detail". thus not strictly consistent, but it must be before 'level of detail' Insert new sentence : " The level of W07N0670.DOC 17 November 2002 Page 6 of 13

8 complementary and coherent. detail of the documents must be complementary and coherent." GBR-6 TL 1.1 Para 2 and other factors' is of no value Delete 'and other factors' or define them R At this early stage, it is not possible to compile an exhaustive list of factors that may be affected by the GBR-7 TH 1.2 1st Bullet harmonization effort. The statement of the WG7 vision is clearly a Insert the document reference that defines the A key reference document but it is not WG7 vision. referenced. GBR-8 TL 1.2 3rd Bullet This implies that the SC7 N2573 is a Delete 'Incorporate' and replace with 'Consider' R Cannot change quotation of a requirement, whereas it is candidate resolution. But the TOR must be Stakeholder Requirement information interpreted as considering the requirements from N2573 rather than unthinking incorporation. GBR-9 TH 1.2 4th Bullet This implies an identical process model for all Insert 'principles' after 'model' AIP Replace the sentence by : "Define harmonised standards whereas it may vary the process model to be applied to with level of detail and implementation the harmonization effort." technology factors. GBR-10 TL 1.4 Para 1 be updated' is a perjorative term Replace 'be updated' with 'also evolve' A GBR-11 TH 1.4 1st Bullet The Amendment material may or may not be Replace 'the Amendment ' by the influence AIP Modify bulle 1 as :. Amendment appropriate to other SC7 documents and of the Amendment material on SC7 documents material may be incorporated within must not be prejudged. needs to be considered.' the SC7 documents as appropriate. GBR-12 TH 1.4 3rd Bullet This statement is conjecture and has not Delete the bullet AIP The level of detail of the 2 been assessed. Different levels of detail documents need to be revised to may well benefit the ensure that they are complementary engineering/management at different levels GBR-13 TL 1.4 3rd Sentence does not convey rigour in this Delete AIP Delete the sentence "These are only Sentence presentation of rationale. Either define the the most ", and add to second list or delete after "rational" : (not an exhaustive list) GBR-14 TL 1.4 4th Define the other documents Insert 'as defined in 3.1' A Sentence GBR-15 E 1.5 here and Throughout the document there are throughout references to documents that have no clear As comment OBE refer to GBR 7, USA 4, AUS 3 identification, these should be defined in the text and included in a Reference Section. GBR-16 TH 1.5 1st Bullet The statement of the WG7 vision is clearly a Insert the document reference that defines the key reference document but it is not WG7 vision. OBE refer to GBR 7 referenced. GBR-17 E 3.1 item b ISO/IEC TR examplar model(s). This Delete "TR" AIP TR goes out, reference to part 2 bullet 4 TR is being revised to an IS. It is the IS that added. W07N0670.DOC 17 November 2002 Page 7 of 13

9 will follow 12207/15288, and this will happen automatically. GBR-18 TL 3.1 item b all These docments are all derived from the Add a footnote to the third and fourth items R The harmonization effort is intended bullets process models. Normal process is "subsequent versions of these documents". to produc subsequent version of except 1 therefore that they will be revised to follow these guides that are in sync with the source IS. However, the issue to note is the respective IS that there will be non-harmonised version in tis cycle and the replacement will reflect the results of harmonisation. GBR-19 TL 3.2 bullet 4 The level of detail may be quite different and Insert 'and or compatibility' after consistency A thus not strictly consistent, but it must be complementary and coherent GBR-20 TH 3.3 Para 1 Simplifying the implementation of the Clarify sentence or delete AIP The purpose of the harmonization is Standards is a strange objective. Users are to improve and simplify the use of not interested in this but are concerned with the standards. Change the term the ease of their application. Is this what is "implementation" by "use of the meant? standards". GBR-21 TH 3.3 Third para This paragraph implies that WG7 process Add a clause that describes and analyses the AIP This is an issue of disseminating and modelling activities are driving process context of use of WG7 standards. In marketing, the vision and fact of a modelling in other bodies and TCs. This is of particular the iterative relationship between the core set of SE processes and the course not the case, but there is a definite large number of process standards in value of using this core set in a need for more harmonisation across this existance and development. speciality, domain, profession range of stakeholders. WG7 could play a standards. very useful part in this harmonisation activity. It is already very fortunate in the range of its membership and liaisons. GBR-22 E 3.3 Third para This TR is from ISO not ISO/IEC. The 4th bullet documents from TC159 that will be impacted replace ISO/IEC with "ISO TR" A are the revision to ISO (which originally responded to the lack of uesr centred design in 12207) and the forthcoming "Human-system" PAS that is mapped to the existing GBR-23 TL 3.3 Third para The engineering standard AP233 is Include this liaison in the new clause proposed OBE refer to GBR 21 & WG 2 liaison mentioned. Mention should also be made of in GBR 3 activities. the XML process modelling activities coordinated by e-centre (which have far more impact and financial support). A liaison with e-centre (in particular Umang Patel) is GBR-24 TL 3.3 First list makes constraints on process Replace text in braces with "constraints on the A item 1 reference models rather than lifecycle format and presentation of process reference processes. models" GBR-25 TL 3.4 Figure in Top level' and 'Lower level' are not clear in Give examples in text or figure OBE refer to JPN 3 W07N0670.DOC 17 November 2002 Page 8 of 13

10 clause the figure. GBR-26 TH Outputs What does 'internal to WG7' mean. A Reword to clarify the communication channel AIP Delete the first sentence of the Stakeholder Requirements Document should with stakeholders. Outputs and reword the. be available to all Stakeholders. Nor is it 'intermediate'. This gives the suggestion of WG7 being the agent of all stakeholders without reference to them or interaction. GBR-27 TH item 5 The context of use of the harmonised Revise the relevant item or add new items to AIP The method to identify and define process model(s) is insufficiently described. address the results of a context of use the use cases is not described in The environment of use, capabilities of the analysis and the range of emergent this report, but the method will be expected users, the range of tasks that they stakeholder needs. (use the text of the defined and performed. Add to bullet will perform using the model(s) will all comment and the Note to d) 5 : " and document a concept of provide design input. For example, is a operations (context of use). Also add paper standard the best format for a process this to the Outputs of the process. GBR-28 TH Note Note that in tailoring out activity f) the Ratify decision to ceed safety lifecycle to AIP The system we deal with is regarding engineering of safety related systems is IEC. Ratify decision to not consider user "standards" and safety concerns are tailoring explicitly ceeded to IEC SC65. (this is requirements in the harmonisation process. not in line. Nevertheless the content probably sensible give the more stringent of this comment addresses development requirements of safety interfaces betwee Life cycle standards. Tailoring out activity e) is odd. standards and safety. Add in bullet 5 Is it really the intention that the standards will a reference to activity [e], take not be used or usable? away from the note [e] GBR-29 TL th Bullet Containers (physical items) is not clear. Clarify sentence or delete the text AIP As a publisher, ISO has constraints Does this mean.pdf or html files and printed onto documents files. Container documents. If so, these are constraints should be replaced by : physical imposed by ISO (publisher stakeholder) and rendering. are in the Stakeholder Requirements Document. GBR-30 G here and Requirements analysis provides a statement Change title throughout the report Suggest AIP Change "Detailed Requirements throughout of functional requirements for the system 'Systems Requirement Document' to match Document" by "System product that have been translated from the language of ISO/IEC Requirements Document" required system services in the Stakeholder Requirements Document. The term Detailed Requirements Document is a peculiar term to use. Detail is not the issue, the functional requirements that must be satisfied by the result of architectural design is the output of this process. System Functional Requirement Document or System Requirement Document would be better, though it also contains imposed implementation constraints. GBR-31 TL First bullet This seems rather more like analysis that Move this activity to an early invocation of R The suggestion and the proposed design. Does it actually mean review the validation. text are not consistent. existing standards against a set of requirements? That would be an evaluation W07N0670.DOC 17 November 2002 Page 9 of 13

11 feeding the requirements definition not a design activity. GBR-32 TL Second Population of logical items is hardly logical Move relevant sub-activities to the AIP Change the term "populate" by bullet design! Its implementation. implementation process. "document" "with" by including, "revisited" by "reviewed" in bullet 2. GBR-33 TL first para If the implementations have active links Reconsider this statement AIP Change the text by "The integration between discrete standards, then integration process will be defined when is an applicable process. architecture will be designed. GBR-34 TH first para What about integration with other standards Replace the text regarding integration not being AIP Change the text by "The integration in the WG7, SC7 and wider process relevant with the text derived from the process will be defined when modelling set? What about itegration of the activities in the comment and other activities architecture will be designed. standard with other artifacts in the enviroment of use (methodologies, data related to connecting the standard(s) into the intented worksystem(s) that it will be used in. (note not Transition which is as described in GBR-35 TH th Bullet The implementations should be consistent Delete R It seems to be missed reference. with ISO/IEC physical architectures and defined as constraints the Stakeholder Requirements Document and the System GBR-36 TH 5.2 Step 2 Requirements Document The Harmonisation study report is not a Replace with prepare the Stakeholder Stakeholders Requirement Document Requirement Document for National Vote (by AIP Add a verb in the column of tasks the Stakeholders) in Cape Town and adjust contingent tasks as necessary in the GBR-37 TH 5.2 Table in This schedule presupposes that stakeholder's Assess stakeholder needs and then define the clause requirements will favour new software and Schedule that best meets them. OBE refer JPN 7 system International Standards in shorter timescales than their normal ISO revision period. When all stakeholders are consulted (in particular industry that applies the standard to its product and service provision), the need for stability and continuity of current documents during the ISO 5 year cycle time may be a key requirement. This schedule could be seen as the product of technical perfectionists, not representative of the requirement of trade GBR-38 TH 5.3 2nd Bullet and commerce. Editor(s) have the role of editing the text Delete OBE refer to AUS 24 according to National Body comments and WG dispositions, the WGs have responsibility for architecture W07N0670.DOC 17 November 2002 Page 10 of 13

12 JPN-1 G It should express more clearly that this This issue should be included in harmonization AIP By ISO 12207, understand the 1995 harmonization gives a higher priority to requirements and stakeholder requirements, version and the AMD (2002). The organizing ISO/IEC (1995) and which will be created and provided. comment shall be considered as ISO/IEC 12207AMD(2002) and creating revised version for software life cycle processes, as well as ISO/IEC and JPN-2 G Overlapped processes and activities between This issue should be included in harmonization AIP This is an architectural issue which ISO/IEC and ISO/IEC should requirements and stakeholder requirements, will be addressed in the architectural be kept in both of standards during which will be created and provided. design process of the harmonization. harmonization. For example, system requirements analysis is still needed to be described in ISO/IEC 12207, because software development /maintenance organizations usually perform or take a part in system requirements analysis activity. Such software development /maintenance organizations and current ISO/IEC users should be guided to apply appropriately a standard for software life cycle processes with less effort for referring a higher level standard for system life cycle processes. JPN-3 TL 3.4 "Top Level life cycle processes standards" "Top Level life cycle processes standards" are AIP This will be considered during and "Lower level life cycle processes based on ISO/IEC for system view and architectural design and after users' standards" need additional explanations.for "Lower level life cycle processes standards" needs has been established. At example, such a proposed text should be are based on ISO/IEC for software present time it is too early to added. determine exactly what will be the content and splitting between top level and lower level. JPN-4 G We need to care about abbreviations of This issue should be included in Detailed process names during harmonization. For Requirements. AIP This will be addressed. examples, SYCM may stand for System Configuration Management and SWCM may for Software Configuration Management. JPN-5 TL In Stakeholder requirements definition st item of bulletsidentify the users of AIP The identification of stakeholders will process, ISO/IEC12207 users should be the content of the documents. ISO/IEC12207 be made when performing the identified as the one of major users of the users, other Sw./Sys. Engineers Communities Stakeholders Requirements Process. content of the documents. such as INCOSE, IEEE etc. [a] JPN-6 TL 3.4 Outputs of harmonization work should be Outline of expected outputs from R 3.4 does not cover harmonization clearer in this report. ISO/IEC revision harmonization should be described in clause outputs. The exact outputs will be and ISO/IEC revision may be 3.4.Otherwise, this issue should be included defined after stakeholder included in outputs of the successful into stakeholder requirements. requirements and architectural design have been performed. JPN-7 TL 5.1 and 5.2 Because both of ISO/IEC and The planned schedule in clause 5.2 should AIP Schedule will be revised when W07N0670.DOC 17 November 2002 Page 11 of 13

13 are planned concurrently development even introduce incremental 1st and 2nd phases. architecture of documents will be in incremental phasing in clause 5.1, the established. planned schedule in clause 5.2 may be too tight to create multiple documents. JPN-8 TL 5.3 Architect personnel other than an editor Please add the below text in clause 5.3. OBE refer to AUS 24 should be assigned to research relating Architect reviews consistency and assists the standards and to improve consistency with editor and co-editors to keep consistency with them. relating standards. JPN-9 TL Although maintenance process also This process investigates the opportunities for R The proposed text adds no originates from the Technical Processes in improvements to the current set of Life Cycle significant value. The suggested ISO/IEC 15288, there are some differences Processes Standards to take perfective and addition is too detailed. its Maintenance Process Purpose and preventive actions as a part of maintenance Activities.If this report use maintenance process.note: This report does not intend to process, procedures or mechanism should be propose any of procedures or mechanisms to also proposed to monitor the SC7 process monitor the SC7 process related standards' related standards' capability to deliver capability to deliver services, to record services, to record problems for analysis, to problems for analysis, to take take corrective,adaptive, perfective and corrective,adaptive, perfective and preventive preventive actions and to confirm restored actions and to confirm restored capability. capability.and this harmonization work should be regarded as perfective and preventive maintenance. W07N0670.DOC 17 November 2002 Page 12 of 13

14 USA-1 TL 1.2 and 1.5 1st bullet It is unclear to what the term WG7 Vision in Define and document the vision or clearly the terms of reference and the Inputs point to it, if it exists. OBE refer to GBR 7 section is referring. USA-2 TL 1.5 All The the extent of use or influence of each Define the extent of use or influence of the AIP To early ; this point will be input is not defined or clear to the reader. inputs for each of the inputs listed. considered after user needs has USA-3 TL 3.3 2nd para. The constraints listed do not address the Expand the identified constraints to include A specific constraints resulting from specific ISO/IEC constraints identified Vision in Vision USA-4 TL 1.2 3rd bullet Version of SE Study Group Report Change reference from SC7 N2573 to WG7 A referenced is not the latest N0560 USA-5 TL 3.1 Item b), 4th Reference to is to the TR vice the Change to reference the standard OBE refer to GBR 17 bullet standard W07N0670.DOC 17 November 2002 Page 13 of 13