Quality standards are used to demonstrate that an organisation can produce products of sufficient quality. This applies as much to software products as to hardware products. Compliance with standards may be demanded by customers but may be mandatory for some fields e.g. for software associated with public safety. Older standards and standards related to safety are prescriptive and provide a recipe for how the software should be developed. Modern standards are more flexible and focus on the justification that the quality processes are suitable. Some of the more important standards are reviewed in the following table:
ISO9000 | International general product quality standard, an explanatory standard for the ISO900x family of quality standards. First set issued in 1994. More focussed and flexible approach issued in 2000. Based on stages in the production process, recording of results of specific tests used in the design/manufacturing process; an insistence that quality records are maintained. Standard defines fundamentals and vocabulary. |
ISO9000-3 | Covers the application of ISO9000 to the provision of software products (now superseded in ISO9000:2000 series). |
ISO9001 | Specifies the documentation of the quality processes of an organisation in a quality manual. Certification of conformance to ISO9000 is mainly based on the content of the company quality manual and evidence (normally records) that it is being used. |
ISO9002 and ISO9003 | Reduced forms of ISO9001 for particular industrial sectors in the 1994 series. Not needed in 2000 series due to increased flexibility in ISO9001. |
ISO 9004 | In the 1994 series this covered Testing. In the 2000 series it covers performance improvement. |
TickIT | Software quality standard, originally based on ISO9000-3. The TickIT Guide was revised to version 5 in January 2001 as 'Using ISO9001:2000 for software quality management system construction, certification and continual improvement'. |
BS5750 or EN29000 | British quality standard which formed the basis for ISO9000. Parts 1-4 became ISO9001 to ISO9004. |
DefStan 00-55 | British defence standard 'Requirements for safety related software in defence equipment'. Has a bias towards formal methods for the expression and satisfaction of software requirements. More directed to firmware and embedded controllers than large systems. |
IEEE1074 | American standard that covers software life cycles used for producing software products. It focuses on processes. |
MIL-STD-2167A | American military standard covering the software life cycle to be used for military software contracts. Mandates use of a waterfall type of software lifecycle model. Superseded by MIL-STD-498. |
EN50128 | European standard covering software for Safety Related and Safety Critical software for railway applications. Mandates a V type of software lifecycle. |
ISO/IEC 12207 | Current standard that permits flexibility in selection of lifecycle and concentrates on the justification that the lifecycle is appropriate to the product. Intended to include software processes from best commercial practice. Used in defence acquisition and the global software marketplace. |
MIL-STD-498 | Defence standard but superseded and incorporated into ISO/IEC 12207 and EIA/IEEE J-STD-016. Produced to meet deficiencies in MIL-STD-2167A. |
Optimal Solutions welcomes enquiries on Software Quality Assurance, and would be pleased to provide consultancy tailored to your requirements. You can get in touch by sending a message from our Contact Us page, or by calling us on the number below.