See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/237104465

Software Process and Product ISO Standards: A Comprehensive Survey

Article · January 2005

CITATIONS READS
5 9,538

2 authors:

Rafa E. Al-Qutaish Khalid T. Al-Sarayreh

66 PUBLICATIONS   810 CITATIONS   
Hashemite University
78 PUBLICATIONS   424 CITATIONS   
SEE PROFILE
SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Software Tool for Non Functional Requirements Using International Standards View project

E-Government Maturity Model View project

All content following this page was uploaded by Khalid T. Al-Sarayreh on 28 November 2016.

The user has requested enhancement of the downloaded file.

European Journal of Scientific Research
ISSN 1450-216X Vol.19 No.2 (2008), pp.289-303
© EuroJournals Publishing, Inc. 2008
http://www.eurojournals.com/ejsr.htm

Software Process and Product ISO Standards: A

Comprehensive Survey

Rafa E. Al-Qutaish
Faculty of Information Technology, Applied Science University
P.O. Box: 926296, Amman 11931, Jordan
E-mail: [email protected]

Khalid Al-Sarayreh
Faculty of Information Technology, Applied Science University
P.O. Box: 926296, Amman 11931, Jordan
E-mail: [email protected]

Abstract

Nowadays, many organizations are dealing with the publication of standards for
software engineering, for examples, European Space Agency (ESA), Institute of Electrical
and Electronic Engineers (IEEE), and International Organization for Standardization (ISO).
In this paper, the ISO software engineering standards are classified into software product
and software process ISO standards. Actually, from the huge list of the ISO software
engineering standards, we chose only ten standards; that is, five software product ISO
standards and five software process ISO standards. For some of the selected ISO standards,
this paper presents their intended users (developer, tester, acquirer, etc.) and where (in
terms of the development life-cycle) they could be used. In addition, the software
engineering topics which have no ISO standards are highlighted.

Keywords: Software Engineering, Software Product, Software Process, ISO Standards,

Standardization.

1. Introduction
A ‘standard’ may be defined as an agreement between a number of – and not necessarily all – players
within a certain area of technology. That is to say, the word “standard” is only used in cases where
recognition has been granted by one or more standardisation bodies.
In his book – implementing the IEEE Software Engineering Standards, Schmidt [1] has
summarised the benefits of the use of the software engineering standards to the following:
1. Help in achieving greater conformance to software requirements, reduce the number of
software defects, mitigate risks associated with the software, and decrease software
maintenance costs.
2. Provide a framework for systematic, incremental software process improvements, and helps
reduce the number of defects introduced during early project phases. This reduces the cost and
schedule of the testing, installation, and maintenance phases.
3. Help satisfy governmental regulations and industry quality standards as they relate to software,
and is essential for passing audits and achieving certification. The need to achieve compliance
is a hard business reality for companies in a number of industries.
Software Process and Product ISO Standards: A Comprehensive Survey 290

4. Provide enhanced accuracy of project planning, detailed means of tracking projects, early
measures of software quality, and improved repeatability of success stories.
In addition to the above benefits, Standards are designed to promote the efficient use of
technology, and can be seen as structured and pre-packaged, agreed-upon best practices for specific
technologies [2].
In this paper, the software engineering ISO standards have been classified as the following two
classes:
1. Software Product Standards: the set of ISO standards which could be applied on the software
product itself.
2. Software Process Standards: the set of ISO standards which could be applied on the software
process which produces the software product.
Table 1 contains a list of the ISO software engineering standards which will be discussed in
some details throughout this paper. However, due to the space limitation for this paper, this list
contains only the most used standards in software engineering industry.

Table 1: List of the Software Engineering ISO Standards.

Class ISO Software Engineering Standards

ISO 9126: Software Product Quality Measurement.
ISO 14598: Software Product Evaluation.
ISO 25051: Requirements for Quality of Commercial Off-The-Shelf (COTS) Software Product and
Product Standards
Instructions for Testing.
ISO 15026: System and Software Integrity Levels.
ISO 15910: Software User Documentation Process.
ISO 15504: Software Process Assessment.
ISO 15939: Software Measurement Process.
Process Standards ISO 6592: Guidelines for the Documentation of Computer Based Application Systems
ISO 18019: Guidelines for the Design and Preparation of Software User Documentation.
ISO 14102: Guidelines for the Evaluation and Selection of CASE Tools.

Nowadays, many organizations are dealing with the publication of standards for software
engineering, for examples, European Space Agency (ESA), Institute of Electrical and Electronic
Engineers (IEEE), and International Organization for Standardization (ISO). From these organizations,
we focused on the ISO organization. In this paper, a classification of the software engineering ISO
standards and where they could be used is presented as well as a brief description of each of these
standards is discussed. In addition, the software engineering topics which have no ISO standards is
highlighted.
The rest of this paper is organized as the following: section 2 contains a brief description of the
software product ISO standards. Section 3 shows the software process standards in some details.
Finally, a discussion is presented in section 4.

2. Software Product ISO Standards

2.1. ISO 9126: Software Product Quality Measurement
In 1991, the ISO published its first international consensus on the terminology for the quality
characteristics for software product evaluation; this standard was called as Software Product
Evaluation - Quality Characteristics and Guidelines for Their Use (ISO 9126: 1991) [3].
From 2001 to 2004, the ISO published an expanded version, containing both the ISO quality
models and inventories of proposed measures for these models. The current version of the ISO 9126
series now consists of one International Standard and three Technical Reports:
1. ISO 9126-1: Quality Model [4].
2. ISO TR 9126-2: External Metrics [5].
291 Rafa E. Al-Qutaish and Khalid Al-Sarayreh

3. ISO TR 9126-3: Internal Metrics [6].

4. ISO TR 9126-4: Quality in Use Metrics [7].
The first document of the ISO 9126 series – Quality Model – contains two-parts quality model
for software product quality [4]:
1. Internal and external quality model.
2. Quality in use model.
The first part of the two-parts quality model determines six characteristics in which they are
subdivided into twenty-seven sub-characteristics for internal and external quality, as in Figure 1 [4].
These sub-characteristics are a result of internal software attributes and are noticeable externally when
the software is used as a part of a computer system. The second part of the two-part model indicates
four quality in use characteristics, as in Figure 2 [4].

Figure 1: ISO 9126 Quality Model for External and Internal Quality (Characteristics and Sub-characteristics)
[4].

External and Internal Quality

Functionality Reliability Usability Efficiency Maintainability Portability

- Suitability - Maturity - Understandability - Time - Analyzability - Adaptability

- Accuracy - Fault - Learnability Beha vior - Changeability - Installability
- Interoperability Tolerance - Operability - Resource - Stability - Co-existence
- Security - Recoverability - Attractiveness Utiliza tion - Testability - Replaceability
- Functionality - Reliability - Usability - Efficiency - Maintainability - Portability
Compliance Compliance Complianc e Compliance Compliance Compliance

Figure 2: ISO 9126 Quality Model for Quality in Use (characteristics) [4].

Quality in use

Effectiveness Productivity Safety Satisfaction

Figure 3 shows the ISO view of the expected relationships between internal, external, and
quality in use attributes. The internal quality attributes influence on the external quality attributes while
the external attributes influences on the quality in use attributes. Furthermore, the quality in use
depends on the external quality while the external quality depends on the internal quality [4].

Figure 3: Quality in the Lifecycle [4].

Process Software Product Effect of Software Product

influences influences influences
Internal External Quality in
Process Quality Quality use
Quality Attributes Attributes Attributes
depends on depends on depends on
Context of use
Process Measures Internal Measures External Measures Quality in use Measures
Software Process and Product ISO Standards: A Comprehensive Survey 292

Figure 4 shows the different views of product quality and associated measures at different
stages in the software lifecycle [4].

Figure 4: Quality in the Software Lifecycle [4].

User Quality Use and feedback Quality in

Needs use

Contribute to specifying
Indicates

External Quality Validation External

Requirement Quality

Contribute to specifying
Indicates

Internal Quality Verification Internal

Requirement Quality

The second document of the ISO 9126 series – external metrics – contains a basic set of
measures for each external quality sub-characteristic, explanations of how to apply and use software
external quality metrics, and examples of how to apply these metrics during the software product
lifecycle [5]. The external measures are classified by the characteristics and the sub-characteristics
defined in ISO 9126-1.
The third document of the ISO 9126 series – internal metrics – contains an inventory of
measures for each internal quality sub-characteristic, explanations of the application of these metrics,
and examples of how to use these metrics in the software product lifecycle [6]. Also, the internal
metrics are classified by the characteristics and the sub-characteristics defined in ISO 9126-1.
Finally, the fourth document of the ISO 9126 series – quality in use metrics – contains a basic
set of metrics for each quality in use characteristic, explanations of how to apply them, and examples
of how to use them in the software product lifecycle [7]. The quality in use metrics are classified by the
characteristics defined in ISO 9126-1.

2.2. ISO 14598: Software Product Evaluation

In addition to the four documents of the ISO 9126 series, the ISO also published a set of documents for
guidelines on how to apply ISO 9126, which is called ISO 14598 and named as software product
evaluation. The ISO 14598 series of standards consists of six parts:
1. ISO 14598-1: General overview [8].
2. ISO 14598-2: Planning and management [9].
3. ISO 14598-3: Process for developers [10].
4. ISO 14598-4: Process for acquirers [11].
5. ISO 14598-5: Process for evaluators [12].
6. ISO 14598-6: Documentation of evaluation modules [13].
The part-1 of the ISO 14598 series of standards – general overview – contains an overview of
the contents and the objectives of the other parts, defines a number of terms used in the other parts, and
illustrates the relationship between the other five parts, as in Figure 5 [8]. In addition, it clarifies the
relationship between the quality model in the ISO 9126 part-1 and the ISO 14598 series of standards,
293 Rafa E. Al-Qutaish and Khalid Al-Sarayreh

includes the general requirements for the specification and the evaluation of the software quality, and
presents a framework to evaluate the quality of all types of software product [8].

Figure 5: Relationship between the Evaluation Process and the Evaluation Support [8].

Evaluation Process Evaluation Support

ISO/IEC 14598-3
Process for Developers
ISO/IEC 14598-2 ISO/IEC 14598-6
ISO/IEC 14598-4 Planning Documentation of
Process for Acquirers and Evaluation
Management Modules
ISO/IEC 14598-5
Process for Evaluators

Figure 5 illustrates the relationship between the parts 3, 4, and 5 (evaluation process) and the
parts 2 and 6 (evaluation support) of the ISO 14598 series of standards [8].
The ISO 14598 part-2 – planning and management – presents details about the planning and
management requirements that are associated with the software product evaluation, and it defines the
requirements which should be provided by the organization in order to ensure the success of the
evaluation process [9].
The part-3 of the ISO 14598 series of standards – process for developers – may be used to
apply the concepts explained in the ISO 9126 series of standards and the ISO 14598 parts 1, 2, and 6
[10]. It gives recommendations and requirements for the practical implementation of the software
product evaluation, in parallel with the development, by the developer [10]. This part of the ISO 14598
series of standards may be used by the project manager, software designer, quality assurance audit,
maintainer, and/or software acquirer [10].
The part-4 of the ISO 14598 series of standards – process for acquirers – includes requirements,
recommendations and guidelines for the systematic measurement, assessment and evaluation of the
software product quality [11]. The evaluation process explained in this part of the ISO 14598 series of
standards helps to meet the objectives and the goals of deciding on the acceptance of a single product
or for selecting a product [11]. This part-4 of the ISO 14598 series may be used by the project
manager, system engineers, software engineering staff, and/or end users [11].
The ISO 14598 part-5 – process for evaluators – may be used to apply the concepts explained
in ISO 9126 series of standards by providing requirements and recommendations for the practical
implementation of the software product evaluation when several parties need to understand, accept, and
trust the evaluation results [12]. The evaluation process explained in this part of the ISO 14598 series
defines the activities needed to analyze the evaluation requirements, to specify, design, and perform the
evaluation actions and to conclude the evaluation of any kind of software product [12]. This part of the
ISO 14598 series may be used by testing laboratory evaluators, software suppliers, software acquirer,
software users, and/or certification bodies [12].
Finally, the part-6 of the ISO 14598 series of standards – documentation of evaluation modules
– clarifies and defines the contents, the formation, and the structure of the documentation to be used to
illustrate an evaluation module [13]. This part of the ISO 14598 series may be used by testing
laboratories, research institutions and organizations, and any others who need to produce new
evaluation modules [13].
Software Process and Product ISO Standards: A Comprehensive Survey 294

2.3. ISO 25051: Requirements for Quality of Commercial Off-The-Shelf (COTS) Software
Product and Instructions for Testing
This standard was published in 1994 as ISO 12119 – Software Packages – Quality Requirements and
Testing – [14]. In 2006, it was updated and republished to be part of the SQuaRE series of standards as
ISO 25051 which is about the Requirements for Quality of Commercial Off-The-Shelf (COTS)
Software Product and Instructions for Testing [15]. The ISO 25051 international standard provides
requirements for COTS software product, requirements for test documentation, and instructions for
conformity evaluation, including requirements for product description requirements for user
documentation, and quality requirements for software [15]. In Annex C of this international standard, it
provides guidance and recommendations for safety or business critical COTS software products [15].
However, the quality requirements for the COTS software product consist of the following
product quality characteristics: functionality, reliability, usability, efficiency, maintainability,
portability, and quality in use [15].

2.4. ISO 15026: System and Software Integrity Levels

The ISO 15026 international standard – system and software integrity levels – establishes the
requirements for the system and software integrity levels determination. By identifying the
requirements for system and software level determination, the software integrity requirements can be
determined [16]. This international standard defines the concepts associated with integrity levels,
defines the processes for determining integrity levels requirements, and places requirements on each
process [16]. It can be applied to software only. However, the system integrity level and the integrity
levels of the hardware components are only required in this international standards to determine the
integrity levels of the software components [16].
The software integrity level is an assignment of either the degree of reliability of provision of a
mitigating function, or the limit on the frequency of failure that could result in a threat, that is, the
degree of confidence that can be put on the overall system not to fail [16].
In addition, a software integrity level refers to a range of values of a software property
necessary to maintain system risks within acceptable limits [16]. Figure 6 shows an overview of the
processes required to determine system and software integrity levels and software integrity
requirements. Analysis of risk, comprising three phases: risk analysis, risk evaluation and risk control,
is a key process in assessing integrity levels; these reflect the worst-case risk associated with the
system.
295 Rafa E. Al-Qutaish and Khalid Al-Sarayreh
Figure 6: Overview of the Software Integrity Level Determination Process [16].

Risk Analysis System Overall System Engineering

Definition
New Threats
Threat Identification Risk
Frequency Analysis Dimensions
Risk Elimination
Consequence Analysis /Reduction System Engineering
Risk Calculation Possibilities

Risk Evaluation
Tolerability of
Risks Risk Tolerability Hardware Engineering
Decisions Risks
Risk Control
(Associated with Software)
System Design
System Integrity Level Risk Elimination
Determination /Reduction
Risks Threats Possibilities
Software Integrity Software Engineering
Initiating
Level Determination
Events
Software Integrity
Requirements to Achieve Requirements
Degree of Confidence

2.5. ISO 15910: Software User Documentation Process

This International Standard specifies the minimum process for creating all forms of user
documentation for software which has a user interface. Such forms of documentation include printed
documentation (e.g. user manuals and quick-reference cards), on-line documentation, help text and on-
line documentation systems.
This process standard conforms to ISO 12207 Information technology - software lifecycle
processes as an implementation of the user documentation part of 6.1: Documentation.
If effectively applied, the International Standard will support the development of
documentation which meets the needs of the users. In addition, this International Standard is intended
for use by anyone who produces or buys user documentation. Furthermore, this International Standard
is applicable to not only printed documentation, but also help screens, the help delivery system, and the
on-line text and delivery system. See the Bibliography.
The International Standard is intended for use in a two-party situation and may be equally
applied where the two parties are from the same organisation. The situation may range from an
informal agreement up to a legally binding contract. This International Standard may be used by a
single party as self-imposed tasks.

3. Software Process ISO Standards

3.1. ISO 15504: Software Process Assessment
ISO 15504 is a set of documents which related to the Software Process Assessment. It was first
published in 1998 as a series of 9 Technical Reports. During 2003 to 2005, ISO is re-published this
international standard as a 5-part series:
1. ISO 15504-1: Concepts and Vocabulary [17].
2. ISO 15504-2: Performing an Assessment [18].
3. ISO 15504-3: Performing an Assessment [19].
Software Process and Product ISO Standards: A Comprehensive Survey 296

4. ISO 15504-4: Guidance on use for Process Improvement and Process Capability
Determination [20].
5. ISO 15504-5: An Exemplar Process Assessment Model [21].
The first Part – Concepts and Vocabulary – is an entry point into ISO 15504. It gives an
introduction to the concepts of this international standard, and defines a number of related terms [17].
In addition, this part describes how the other four parts fit together, and provides guidance for their
selection and use [17]. Figure 7 shows a potential roadmap for users of this international standard [17].

Figure 7: A Potential Roadmap for Users of ISO 15504 [17].

Part 1: Concepts and Vocabulary

Part 4: Guidance on use for Process Improvement and

Process Capability Determination

Part 3: Guidance on Performing an Assessment

Part 2: Performing an
Assessment Part 5: An Exemplar Process Assessment Model

The second Part – Performing an Assessment – of this international standard contains

normative requirements for process assessment and for process models in an assessment, and defines a
measurement framework for evaluating process capability. The measurement framework defines nine
process attributes that are grouped into six process capability levels that define an ordinal scale of
capability that is applicable across all selected processes. In addition, this part describes the
relationships between the components of the process assessment model, as in Figure 8 [18].

Figure 8: Process Assessment Model Relationships [18].

Measurement Framework 5 Process

Capability
mapping

4
Scales

- Capability Levels Assessment

3
- Process Attributes 2 Model
- Rating Scale 1
1 2 3 ... n
Process Entities
mapping
Process Reference Model
- Domain and Scope
- Processes with Purpose and Outcomes

Figure 9 demonstrates the relationships between the process attributes with their ratings and the
corresponding capability levels. In this figure, the capability levels start at level one, that is, level zero
is excluded since it indicates that the process is not implemented, or fails to achieve its process
purpose.
297 Rafa E. Al-Qutaish and Khalid Al-Sarayreh
Figure 9: The Relationships between the Process’s Attributes with their Ratings and the Corresponding
Capability Levels.

Furthermore, this Part – Performing an Assessment – of the ISO 15504 introduced the
following rating categories to be used in order to rate each of the process attributes [18]:
• N: Not achieved (0% - 15% achievement).
• P: Partially achieved (15% - 50% achievement).
• L: Largely achieved (50% - 85% achievement).
• F: Fully achieved (85% - 100% achievement).
The third Part – Guidance on Performing an Assessment – provides guidance on how to meet
the minimum set of requirements for performing an assessment contained in the second part –
Performing an Assessment – of this standard [19]. It provides an overview of process assessment and
interprets the requirements through the provision of guidance on: performing an assessment; the
measurement framework for process capability; process reference models and process assessment
models; selecting and using assessment tools; competency of assessors; verification of conformity [19].
This Part also provides an exemplar documented assessment process in Annex A [19].
The fourth Part – Guidance on use for Process Improvement and Process Capability
Determination – provides guidance on how to utilize a conformant process assessment within a process
improvement program or for process capability determination [20]. Within a process improvement
context, process assessment provides a means of characterizing an organizational unit in terms of the
capability of selected processes. Analysis of the output of a conformant process assessment against an
organizational unit's business goals identifies strengths, weaknesses and risks related to the processes.
In addition, this can help determine whether the processes are effective in achieving business goals,
and provide the drivers for making improvements. Process capability determination is concerned with
analyzing the output of one or more conformant process assessments to identify the strengths,
weaknesses and risks involved in undertaking a specific project using the selected processes within a
given organizational unit [20].
Software Process and Product ISO Standards: A Comprehensive Survey 298

Finally, the fifth Part – An Exemplar Process Assessment Model – provides an exemplar model
for performing process assessments that is based upon and directly compatible with the Process
Reference Model in ISO 12207 Amendment 1 and Amendment 2 [22]. The process dimension is
provided by an external Process Reference Model, which defines a set of processes, characterized by
statements of process purpose and process outcomes [21]. The capability dimension is based upon the
Measurement Framework defined in Part 2 – Performing an Assessment – of this standard. The
assessment model(s) extend the Process Reference Model and the Measurement Framework through
the inclusion of a comprehensive set of indicators of process performance and capability [21].

3.2. ISO 15939: Software Measurement Process

Within ISO 15939 (2002), ISO produced an information model (Figure 10) to help in determining what
has to be specified during measurement planning, performance and evaluation [23].
Figure 11 shows that a specific measurement method is used to collect a base measure for a
specific attribute. Then, the values of two or more base measures can be used within a computational
formula (by means of a measurement function) to produce and construct a specific derived measure.
These derived measures are then used in the context of an analysis model to arrive at an indicator
which is a value, and to interpret the indicator’s value to explain the relationship between it and the
information needed, in the language of the measurement user, to produce an Information Product for
his Information Needs [23].

Figure 10: Measurement Information Model from ISO 15939 (2002) [23].

Information Product
Information Needs

Interpretation

Indicator

(Analysis) Model

Derived Measures Derived Measures

Measurable Measurement Function

Concept

Base Measures Base Measures

Measurement Method Measurement Method

Entity
Attribute Attribute
299 Rafa E. Al-Qutaish and Khalid Al-Sarayreh

This ISO standard contains a very mature measurement terminology, and it is well documented
in the ISO International Vocabulary of Basic and General terms in Metrology (VIM) [24]. This
terminology is widely accepted and used in most fields of science, and has been adopted in ISO 15939
as the agreed upon measurement terminology for software and system engineering related ISO
standards.

3.3. ISO 6592: Guidelines for the Documentation of Computer Based Application
System
This International Standard gives guidelines for the documentation of information systems and is
intended for use in that area. It could be applied into the software of information system. However,
some aspects of hardware, e.g. configuration of the system, are included [25].
In addition, it is not intended to be a guide to the way documents are organized or structured.
Instead, it provides a checklist for two parties to use in agreeing on document content [25].
The guidelines given in this International Standard have been developed with the objectives of
[25]:
• Obtaining the necessary commitment of the parties involved with the life cycle of the
information system to participate in the development process.
• Contributing to the production of well-planned, standardized software system documents.
• Enabling the production of software system documents in parallel with the software life
cycle.
The well-defined rules for documents during the software life cycle will facilitate in doing the
following [25]:
• The provision of relevant information;
• The preparation of the documentation itself;
• Estimation of the time and resources required for the achievement of a project;
• Exchange of information between parties concerned, resulting in:
• Selection of attainable objectives for a system.
• A more complete and well-considered functional design.
• Fewer misunderstandings and mistakes.
• Making decisions and briefing of personnel during the software life cycle.
This International Standard is designed to be applicable to the whole range of information
systems and recognizes the software component of a system may vary from a minor part to a major
complex component [25]. It applies to documents in any natural language or representation and is
independent of the medium used for its implementation, i.e., the principles are generally applicable, but
in some cases there may be differences in structure and format [25].
Although this International Standard is intended mainly for use in the software engineering
area, there will be other groups involved less directly with software engineering including: those
involved in software engineering strategy, people with software engineering requirements, software
engineering customers and software engineering users [25]. This International Standard is relevant to
those groups. The groups will produce some of the documents (e.g., strategy, customer requirements
and user documents) [25].
Associated with software engineering activities are methods, techniques and tools. Many of
these products have their own documentation facilities [25]. Software engineers may use documents of
this type, but should ensure the principles and practices given in this International Standard are
observed [25].

3.4. ISO 18019: Guidelines for the Design and Preparation of Software User
Documentation
This International Standard gives guidelines for the design and preparation of user documentation for
application software. It describes how to establish what information users need, how to determine the
Software Process and Product ISO Standards: A Comprehensive Survey 300

way in which that information should be presented to the users, and how then to prepare the
information and make it available [26].
For the purposes of this International Standard, application software includes the types listed
below [26]:
• Consumer software packages, that is, software products designed and sold to carry out
identified tasks, where the software and its associated documentation are packaged for
acquisition as a unit.
• Software for office applications such as word processors, spreadsheets, databases and
electronic mail.
• Business software, for example, software for recording and monitoring business activities,
such as stock control and order processing.
• Specialist software for use by professionals, such as accounting systems, graphic design
systems and engineering design systems.
These guidelines may also be helpful for developing documentation for the following, although
it does not cover all the issues relating to them [26].
• Software engineering products for use by computer professionals.
• Software for programmable electronic or mechanical systems.
This International Standard is for use by people responsible for specifying, designing and
preparing user documentation for application software and people who manage these activities,
including [26].
• Developers of tools for creating hardcopy documentation.
• Product designers.
• Application developers.
• Project managers.
• Authors.
• Programmers.
• Translators.
• Localisation staff.
It is intended for use in all types of organizations, whether or not a dedicated documentation
department is present. In all cases, it can be used as a basis for local standards and procedures. Readers
are assumed to have experience or knowledge of software development or documentation development
processes. This International Standard could also be useful to [26]:
• Developers of tools for creating on-screen documentation.
• People who are evaluating existing or proposed application software.

3.5. ISO 14102: Guidelines for the Evaluation and Selection of CASE Tools
This International Standard deals with the evaluation and selection of CASE tools, covering a partial or
full portion of the software engineering life cycle [27]. It establishes processes and activities to be
applied for the evaluation of CASE tools and selecting the most appropriate CASE tools from several
candidates [27]. These processes are generic, and organizations must tailor them to meet organizational
needs. The CASE tool evaluation and selection processes should be viewed in the larger context of the
organization’s technology adoption process [27]. Furthermore, it provides [27]:
1. Guidance on identifying organizational requirements for CASE tools.
2. Guidance on mapping those requirements to CASE tool characteristics to be evaluated.
3. A process for selecting the most appropriate CASE tool from several tools, based on
measurements of the defined characteristics.
This International Standard is intended to be used by [27]:
1. Testing laboratory evaluators, when providing CASE tool evaluation services,
2. Software suppliers, when planning evaluation of their products, including evaluation to be
carried out by independent testing services,
301 Rafa E. Al-Qutaish and Khalid Al-Sarayreh

3. Software acquirers, when requesting evaluation information from a supplier or testing

service,
4. Software users when evaluating products or when using evaluation reports provided by
testing laboratories,
5. Certification bodies in defining new certification schemes for software products.
This International Standard is not intended to apply to [27]:
1. Software engineering frameworks whose purpose is to provide mechanisms for data, control
and presentation integration.
2. General purpose tools (e.g., word processors, spreadsheets) which may be used in software
engineering activities, nor CASE tools of very narrow scope or specific purpose (e.g., a
compiler).
3. Planning for the implementation of CASE tools within an organization (even though it is
recognized that this is an important subject).

4. Discussion
Throughout this paper we have explained ten ISO software engineering standards. Based on our
classification, these standards could be classified to be software product or software process standards.
Due to the huge number of ISO software engineering standards and to the space limitation for this
paper, we discussed only five software product and five software process standards. We focused on
their use and their intended users.
We observed that a number of the published standards are duplicated, for example, the ISO
6592 (Guidelines for the Documentation of Computer Based Application Systems) and ISO 18019
(Guidelines for the Design and Preparation of Software User Documentation) are in some ways
similar.
In addition, there are some of the software engineering topics without any ISO standards, such
as:
• Software Testing Process.
• Software Quality Assurance.
• Software Reversal Engineering.
• Software Engineering Formal Methods.
• Programming Languages Styles.
• Internet Related Topics.
Developing ISO standards for the above ISO-missing topics might be a good idea since such
standards once published will be valuable and useful in some ways.
Software Process and Product ISO Standards: A Comprehensive Survey 302

References
[1] M. E. C. Schmidt, Implementing the IEEE Software Engineering Standards. Indianapolis, IN,
USA: Sams Publishing, 2000.
[2] A. Abran, "Teaching Software Engineering Using ISO Standards," StandardView, vol. 4, pp.
139-145 1996.
[3] ISO, Software Product Evaluation - Quality Characteristics and Guidelines for their Use.
ISO/IEC IS 9126, Geneva, Switzerland: International Organization for Standardization, 1991.
[4] ISO, Software Engineering - Product Quality - Part 1: Quality Model. ISO/IEC 9126-1,
Geneva, Switzerland: International Organization for Standardization, 2001.
[5] ISO, Software Engineering - Product Quality - Part 2: External Metrics. ISO/IEC TR 9126-2,
Geneva, Switzerland: International Organization for Standardization, 2003.
[6] ISO, Software Engineering - Product Quality - Part 3: Internal Metrics. ISO/IEC TR 9126-3,
Geneva, Switzerland: International Organization for Standardization, 2003.
[7] ISO, Software Engineering - Product Quality - Part 4: Quality in Use Metrics. ISO/IEC TR
9126-4, Geneva, Switzerland: International Organization for Standardization, 2004.
[8] ISO, Information technology - Software product evaluation - Part 1: General overview.
ISO/IEC 14598-1, Geneva, Switzerland: International Organization for Standardization, 1999.
[9] ISO, Software engineering - Product evaluation - Part 2: Planning and management. ISO/IEC
14598-2, Geneva, Switzerland: International Organization for Standardization, 2000.
[10] ISO, Software engineering - Product evaluation - Part 3: Process for developers. ISO/IEC
14598-3, Geneva, Switzerland: International Organization for Standardization, 2000.
[11] ISO, Software engineering - Product evaluation - Part 4: Process for acquirers. ISO/IEC
14598-4, Geneva, Switzerland: International Organization for Standardization, 1999.
[12] ISO, Information technology - Software product evaluation - Part 5: Process for evaluators.
ISO/IEC 14598-5, Geneva, Switzerland: International Organization for Standardization, 1998.
[13] ISO, Software engineering - Product evaluation - Part 6: Documentation of evaluation
modules. ISO/IEC 14598-6, Geneva, Switzerland: International Organization for
Standardization, 2001.
[14] ISO, Information technology - Software packages - Quality Requirements and Testing. ISO/IEC
12119, Geneva, Switzerland: International Organization for Standardization, 1994.
[15] ISO, ISO/IEC 25051: Software engineering - Software product Quality Requirements and
Evaluation (SQuaRE) - Requirements for quality of Commercial Off-The-Shelf (COTS)
software product and instructions for testing. Geneva, Switzerland: International Organization
for Standardization, 2006.
[16] ISO/IEC, ISO/IEC 15026: Information Technology - System and Software Integrity Levels.
Geneva, Switzerland: International Organization for Standardization, 1998.
[17] ISO, Information Technology - Process Assessment - Part 1: Concepts and Vocabulary.
ISO/IEC 15504-1, Geneva, Switzerland: International Organization for Standardization, 2004.
[18] ISO, ISO/IEC 15504-2: Information Technology - Process assessment - Part 2: Performing an
Assessment. Geneva, Switzerland: International Organization for Standardization, 2004.
[19] ISO, Information Technology - Process Assessment - Part 3: Guidance on Performing an
Assessment. ISO/IEC 15504-3, Geneva, Switzerland: International Organization for
Standardization, 2004.
[20] ISO, Information Technology - Process Assessment - Part 4: Guidance on Use for Process
Improvement and Process Capability Determination. ISO/IEC 15504-4, Geneva, Switzerland:
International Organization for Standardization, 2004.
[21] ISO, ISO/IEC FDIS 15504-5: Information Technology - Process Assessment - Part 5: An
Exemplar Process Assessment Model, Document Number: N3302 Dated on 14 September 2005.
Geneva, Switzerland: International Organization for Standardization, 2005.
[22] ISO, Information Technology - Software life cycle processes. ISO/IEC 12207, Geneva,
Switzerland: International Organization for Standardization, 1995.
 303 Rafa E. Al-Qutaish and Khalid Al-Sarayreh

[23] ISO, Software Engineering - Software Measurement Process. ISO/IEC 15939, Geneva,
Switzerland: International Organization for Standardization, 2002.
[24] ISO, International Vocabulary of Basic and General Terms in Metrology (VIM). Geneva,
Switzerland: International Organization for Standardization, 1993.
[25] ISO, Information Technology- Guidelines for the documentation of computer-based application
systems. ISO/IEC 6592, Geneva, Switzerland: International Organization for Standardization,
2000.
[26] ISO, ISO/IEC 18019: Software and system engineering - Guidelines for the design and
preparation of user documentation for application software. Geneva, Switzerland: International
Organization for Standardization, 2004.
[27] ISO, ISO/IEC 14102: Information technology -- Guideline for the evaluation and selection of
CASE tools. Geneva, Switzerland: International Organization for Standardization, 2005.

View publication stats