ABSTRACT
The old days of free-style creativity in the development of software are gradually giving way to more controlled and scientific approaches. Meanwhile, various standards are developed and distributed to provide consistent, rigorous, uniform, and enforceable methods for software development and operation activities. As just published in March 2006, ISO/IEC 15504-5 [8], which establishes a quantitative framework for conducting software assessment of process capability, employs different process attributes to evaluate the capability level achieved by a process. Among software quality characteristics described in [7], the integrity attribute of organizational operations shows an essential factor to determine the scope and rigor of verification and validation (V&V) processes [2, 3]. Software V&V processes determine whether the development products of a given activity conform to the requirements of that activity and whether the software satisfies its intended use and user needs. In principle, integrity level measures project-unique characteristics (e.g., software complexity, criticality, risk, safety level, security level, desired performance, reliability) that define the importance of the software to the user [9]. In referring to IEEE Standard 1012-Standards for Software Verification and Validation Plans [5], we summarize the minimal V&V tasks and use a software-integrity-level scheme based upon software intended use and quantify application of the system to criticality. Furthermore, since their popularity of the ISO 9000 and ISO 15504, relationships between the two models have been studied. In this paper, some mapping results of the ISO 9001:2000 clauses [6] corresponding the new edition of ISO/IEC 15504 processes are also discussed and summarized. By integrating the software integrity level with the capability level in ISO/IEC 15504 standard; these minimal V&V tasks establish a stepwise roadmap for capability level from level 1 to level 4, through stepwisely achieving basic capability levels and advanced capability levels. The benefit of our proposed roadmap of improving software process within a middle-scale organization provides an effective, efficiency and economical approach no matter the companies is ISO 9001:2000 registered or not yet.
