ISO IEC IEEE 15026-4 pdf download Systems and software engineering — Systems and software assurance — Part 4: Assurance in the life cycle
5.2Assurance claim and assurance information
A claim for which system or software assurance is considered,is called an assurance claim.The systemassurance process view in Clause 6 and the software assurance process view in Clause 7 can be usedto achieve the assurance claim, and to provide assurance information that shows the achievement.Commonly, such an assurance claim is in area where substantial risks or consequences are involvedsuch as reliability and maintainability, safety, security, or human fartors.
While the assurance claim can be derived from a number of sources, it is normally motivated bypotential real-world adverse consequences associated with the capability of the system, the intendeduse of the system, and the outcomes produced by the system.
The body of information showing that the system-of-interest achieves the assirance claim is calledassurance information, which includes:
a)the assurance claim,
b)the required degree of confidence in achievement of the assurance claim.cjustification of selection of the assurance claim,
devidence of achievement of the assurance claim, adequate for the required degree of confidence,
e) an argument about how the evidence in d) supports achievement of the assurance claim a).
The item b] includes the required integrity level of the system with respect to the assurance claim.ltems c),d),e) should be adequate for the required degree of confidence in b).The item e) should reflectsatisfaction of the assurance claim [item al) commensurate with the required degree of confidence.NOTE Assurance case as specified by 1SO/IEC 15026-2 can be used as a structured approach to compilethese items of assurance information.
The argument often includes several different kinds of sub-arguments, e.g. arguments based on designrationale, use of defensive design techniques, verification and validation results, performance of similarsystems or products, conformance to standards, or field data.An argument consisting of different kindsof sub-arguments gains more confidence in achievement of the assurance claim.
The assurance information is maintained and updated throughout the system life cycle,in accordancewith the change of the system during maintenance and redevelopment.The assurance information is aconfiguration element of the system-of-interest and associated with all the system life cycle processes.In particular, the assurance information needs to be controlled within the configuration managementprocess which activates the verification process and the validation process,which in turn provides thecontents.
5.3 Using this document5.3.1General
This document can be used for establishing an agreement between an acquirer and a supplier, forregulatory purposes, or for assessment of internal development processes. This document clarifiesadatviedmitaxnssbit)htwvavbiewetthenitssitathesclalmeapoautpodesnonstrate that the assurance claim is5.3.2Use for an agreement
This document can be used for establishing an agreementbetween an acquirer and asupplier concerningachieving the assurance claim and showing the achievement. The acquirer and supplier relationshipcan be at different levels of the supply chain (prime-supplier, internal to one organization,etc.).
NOTE An agreement can range in formality from a written contract to a verbal understanding.
5.3.3 Use for regulation
An authoritative body can use this document for regulation about, for certification about or just forclarification of assurance required in the condition of trade.
5.3.4Use for development
This document can be used for an internal assessment by a developer in improving its processes forachieving the assurance claim and showing the achievement.
6 System assurance process view
This clause provides the system assurance process view. 6.2 provides its purpose; 6.3 provides itsoutcomes; 6.4 identifies the processes, activities and tasks that implement the process view; and6.5 provides guidance about and recommendations for the identified processes. Since all processesof ISO/IEC/IEEE 15288 are applied iteratively and recursively in the life cycle,the guidance andrecommendations should also be applied iteratively and recursively.
NOTE1 See ISO/IEC/IEEE 24748-1 for more information about life cycle models and the iteration andrecursion of processes.
NOTE2 Performance of the system assurance process view is affected crucially by the quality of assuranceclaim, which in turn reflects the quality of requirements. See ISO/IEC/IEEE 29148 for guidance on requirementengineering.
The purpose of the system assurance process view is to achieve the assurance claim and to provideasHrance-infgrmatigntesmenatrate that thassyrancoclieis achiRKa4in the accurance claim.
As a result of the successful implementation of the system assurance process view:a) the assurance claim for the system is identified;
b)the required degree of confidence in achievement of the assurance claim is identified;c justification of selection of the assurance claim is produced;
d) the assurance claim identified by outcome a) has been or will be achieved.e)evidence of achievement of the assurance claim is produced;
f) an argument about how the evidence in e) supports achievement of the assurance claim a) is
The degree of confidence in outcome b] includes the required integrity level of the system with respectto the assurance claim. Outcomes c), d), e) and f) should be obtained to the extent that the degree ofconfidence identified by outcome b) is attained.