ISO/IEC/IEEE 12207:2017 - Systems and Software Engineering — Software Life Cycle Processes

ISO/IEC/IEEE 12207 establishes a comprehensive framework for software life cycle processes, providing a common language and structure for software development, operation, and maintenance activities. This standard

  • defines processes, activities, and tasks that apply during the acquisition, development, operation, maintenance, and disposal of software systems,
  • serves as the foundation for software process improvement, project management, and quality assurance across the software lifecycle
  • provides a process architecture that supports various software development methodologies, from traditional waterfall to agile and iterative approaches, while ensuring systematic management of software quality attributes.

Software Life Cycle Process Framework

The standard organizes software lifecycle activities into several key process categories:

Process Category Description
Agreement Processes Processes for establishing agreements between organizations, including acquisition, supply, and customer-supplier agreements.
Organizational Project-Enabling Processes Processes that provide resources and infrastructure for project execution, including life cycle model management, infrastructure management, and human resource management.
Technical Management Processes Processes for managing technical aspects of projects, including project planning, assessment, control, decision management, risk management, and configuration management.
Technical Processes Core technical processes for system/software development including stakeholder requirements definition, requirements analysis, architectural design, implementation, integration, verification, validation, operation, maintenance, and disposal.

Quality Attributes Emphasized by the Standard

The standard directly supports quality achievement through systematic process management:

Quality Attribute Relevance in ISO/IEC/IEEE 12207
Process Quality Systematic framework for defining, implementing, and improving software lifecycle processes to ensure consistent quality outcomes.
Traceability Requirements for maintaining traceability between lifecycle artifacts, decisions, and deliverables throughout the software lifecycle.
Maintainability Explicit processes for software maintenance, including corrective, adaptive, perfective, and preventive maintenance activities.
Reliability Verification and validation processes ensure software meets reliability requirements through systematic testing and quality assurance.
Configuration Management Comprehensive configuration management processes for controlling changes and maintaining software integrity.
Risk Management Systematic risk management processes for identifying, analyzing, evaluating, and treating software project risks.
Quality Assurance Quality assurance processes embedded throughout the lifecycle to ensure adherence to standards and achievement of quality objectives.
Documentation Systematic documentation processes ensuring comprehensive recording of decisions, designs, and deliverables.
Verification Systematic verification processes to confirm that software products meet their specified requirements.
Validation Validation processes to ensure software meets stakeholder needs and intended use in operational environment.

Process Architecture and Structure

Agreement Processes

  • Acquisition Process: Systematic approach to acquiring software systems and services
  • Supply Process: Framework for supplying software products and services to customers
  • Customer-Supplier Agreement: Establishment and management of customer-supplier relationships

Organizational Project-Enabling Processes

  • Life Cycle Model Management: Selection and tailoring of appropriate lifecycle models
  • Infrastructure Management: Providing and maintaining infrastructure for software development
  • Human Resource Management: Ensuring adequate skills and competencies for software projects
  • Quality Management: Establishing and maintaining quality management systems

Technical Management Processes

  • Project Planning: Systematic planning of software development projects
  • Project Assessment and Control: Monitoring and controlling project execution
  • Decision Management: Systematic decision-making processes throughout the lifecycle
  • Risk Management: Identification, analysis, and mitigation of project risks
  • Configuration Management: Control of changes to software configurations
  • Information Management: Management of information and knowledge throughout the lifecycle

Technical Processes

  • Stakeholder Requirements Definition: Elicitation and definition of stakeholder needs
  • Requirements Analysis: Analysis and specification of software requirements
  • Architecture Design: Design of software system architecture and components
  • Implementation: Realization of software components according to design specifications
  • Integration: Assembly of software components into integrated systems
  • Verification: Confirmation that software products meet specified requirements
  • Validation: Confirmation that software meets stakeholder needs and intended use
  • Operation: Deployment and operation of software in its intended environment
  • Maintenance: Evolution and support of software throughout its operational life
  • Disposal: Retirement and disposal of software systems

Process Tailoring and Adaptation

Lifecycle Model Flexibility

  • Support for various development methodologies (waterfall, iterative, agile, DevOps)
  • Process tailoring based on project characteristics, organizational needs, and domain requirements
  • Scalability from small projects to large, complex software systems
  • Integration with other standards and frameworks (CMMI, SPICE, agile practices)

Quality Integration

  • Integration with ISO/IEC 25010 quality model for systematic quality planning
  • Alignment with ISO/IEC 27001 for security management in software development
  • Support for safety-critical development (integration with IEC 61508, ISO 26262)
  • Compliance framework for regulatory and contractual requirements

Implementation Benefits

Process Improvement

  • Systematic approach to software process assessment and improvement
  • Common terminology and framework for process communication and benchmarking
  • Foundation for process maturity models and capability assessment
  • Support for organizational learning and knowledge management

Project Management

  • Structured approach to software project planning, execution, and control
  • Risk management integration throughout the software lifecycle
  • Clear roles, responsibilities, and accountabilities for all lifecycle activities
  • Systematic approach to stakeholder management and communication

Quality Assurance

  • Embedded quality processes throughout the software lifecycle
  • Systematic verification and validation of software products
  • Traceability and configuration management for quality control
  • Continuous improvement through measurement and analysis

References

Official Standards Sources

Implementation Guidance and Best Practices

Academic and Industry Research

Tools and Assessment Frameworks