ISO/IEC/IEEE 15026-1:2019

INTERNATIONAL ISO/IEC/
STANDARD IEEE
15026-1
First edition
2019-03
Systems and software engineering —
Systems and software assurance —
Part 1:
Concepts and vocabulary
Ingénierie des systèmes et du logiciel — Assurance des systèmes et du
logiciel —
Partie 1: Concepts et vocabulaire
Reference number
©
ISO/IEC 2019
©
IEEE 2019
© ISO/IEC 2019
© IEEE 2019
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO or IEEE at the
respective address below or ISO’s member body in the country of the requester.
ISO copyright office Institute of Electrical and Electronics Engineers, Inc
CP 401 • Ch. de Blandonnet 8 3 Park Avenue, New York
CH-1214 Vernier, Geneva NY 10016-5997, USA
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org Email: stds.ipr@ieee.org
Website: www.iso.org Website: www.ieee.org
Published in Switzerland
© ISO/IEC 2019 – All rights reserved
ii © IEEE 2019 – All rights reserved

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
3.1 Terms related to assurance and properties . 2
3.2 Terms related to product and process . 3
3.3 Terms related to integrity level . 4
3.4 Terms related to conditions and consequences . 6
3.5 Terms related to organization. 8
4 Organization of this document . 9
5 Basic concepts . 9
5.1 General . 9
5.2 Assurance . 9
5.3 Stakeholders .10
5.4 System and product .10
5.5 Property .10
5.5.1 General.10
5.5.2 Properties as behaviours .11
5.6 Uncertainty and confidence .11
5.7 Conditions and initiating events .11
5.8 Consequences.12
6 Using multiple parts of ISO/IEC/IEEE 15026 .12
6.1 General .12
6.2 Initial usage guidance .13
6.3 Relationships among parts of ISO/IEC/IEEE 15026 .13
6.4 Authorities .14
7 ISO/IEC/IEEE 15026 (all parts) and the assurance case .14
7.1 General .14
7.2 Justification of method of reasoning .15
7.3 Means of obtaining and managing evidence .15
7.4 Certifications and accreditations .16
8 ISO/IEC/IEEE 15026 (all parts) and integrity levels .16
8.1 General .16
8.2 Risk analysis .17
9 ISO/IEC/IEEE 15026 (all parts) and the life cycle .17
9.1 General .17
9.2 Assurance activities in the life cycle .18
10 Summary .18
Bibliography .19
IEEE notices and abstract .28
© ISO/IEC 2019 – All rights reserved
© IEEE 2019 – All rights reserved iii

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
rules given in the ISO/IEC Directives, Part 2 (see www .iso .org/directives).
IEEE Standards documents are developed within the IEEE Societies and the Standards Coordinating
Committees of the IEEE Standards Association (IEEE-SA) Standards Board. The IEEE develops its
standards through a consensus development process, approved by the American National Standards
Institute, which brings together volunteers representing varied viewpoints and interests to achieve the
final product. Volunteers are not necessarily members of the Institute and serve without compensation.
While the IEEE administers the process and establishes rules to promote fairness in the consensus
development process, the IEEE does not independently evaluate, test, or verify the accuracy of any of
the information contained in its standards.
Attention is drawn to the possibility that some of the elements of this document may be the subject
of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent
rights. Details of any patent rights identified during the development of the document will be in the
Introduction and/or on the ISO list of patent declarations received (see www .iso .org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso
.org/iso/foreword .html.
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information Technology,
Subcommittee SC 7, Software and systems engineering, in cooperation with the Systems and Software
Engineering Standards Committee of the IEEE Computer Society, under the Partner Standards
Development Organization cooperation agreement between ISO and IEEE.
This first edition cancels and replaces ISO/IEC 15026-1:2013, which has been technically revised.
The main changes compared to the previous edition are as follows:
— definitions of terms introduced in ISO/IEC 15026-3:2015 are added;
— definitions of terms whose definitions are modified in ISO/IEC 15026-3:2015 are updated.
A list of all parts in the ISO/IEC/IEEE 15026 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/members .html.
© ISO/IEC 2019 – All rights reserved
iv © IEEE 2019 – All rights reserved

Introduction
Software and systems assurance and closely related fields share concepts but have different vocabularies
and perspectives. This document provides a unifying set of underlying concepts and an unambiguous
use of terminology across these various fields. It provides a basis for elaboration, discussion and
recording agreement and rationale regarding concepts and the vocabulary used uniformly across ISO/
IEC/IEEE 15026 (all parts).
This document clarifies concepts needed for understanding software and systems assurance and,
in particular, those central to the use of ISO/IEC 15026-2, ISO/IEC 15026-3 and ISO/IEC 15026-4. It
supports shared concepts, issues and terminology applicable across a range of properties, application
domains and technologies.
© ISO/IEC 2019 – All rights reserved
© IEEE 2019 – All rights reserved v

INTERNATIONAL STANDARD ISO/IEC/IEEE 15026-1:2019(E)
Systems and software engineering — Systems and software
assurance —
Part 1:
Concepts and vocabulary
1 Scope
This document defines assurance-related terms and establishes an organized set of concepts and
relationships to form a basis for shared understanding across user communities for assurance. It
provides information to users of the other parts of ISO/IEC/IEEE 15026 including the combined use
of multiple parts. The essential concept introduced by ISO/IEC/IEEE 15026 (all parts) is the statement
of claims in an assurance case and the support of those cla
...