ISO/IEC 29110-2:2011

INTERNATIONAL ISO/IEC
STANDARD 29110-2
First edition
2011-01-15


Software engineering — Lifecycle profiles
for Very Small Entities (VSEs) —
Part 2:
Framework and taxonomy
Ingénierie du logiciel — Profils de cycle de vie pour très petits
organismes (TPO) —
Partie 2: Cadre général et taxinomie





Reference number
ISO/IEC 29110-2:2011(E)
©
ISO/IEC 2011

---------------------- Page: 1 ----------------------
ISO/IEC 29110-2:2011(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.


COPYRIGHT PROTECTED DOCUMENT


©  ISO/IEC 2011
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland

ii © ISO/IEC 2011 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 29110-2:2011(E)
Contents Page
Foreword .v
Introduction.vi
1 Scope.1
1.1 Fields of application.1
1.2 Target audience.1
2 Conformance to standardized profiles.1
2.1 Introduction.1
2.2 General principles.2
2.2.1 Tailoring and exclusions .2
2.2.2 Extensions.2
2.2.3 Conformance to base standards .2
2.3 Conformance requirements for standardized profiles .3
2.3.1 Conformance situations .3
2.3.2 Conformance to a standardized profile.3
2.3.3 Limited conformance to the base standards included in the standardized profile.4
3 Normative references.4
4 Terms and definitions .4
5 Conventions and abbreviated terms .4
5.1 Naming, diagramming and definition conventions.4
5.2 Abbreviations.4
6 Software engineering profiles for VSEs.4
6.1 Basic concepts.4
6.2 Purpose of standardized profiles .5
6.3 Preparation of profiles .5
7 Preparing profiles of Software Engineering standards.6
7.1 Rationale for SE profiles.6
7.2 Profiling lifecycle product standards .7
7.3 Profiling lifecycle process standards.7
7.4 Relating process and product standards in profiles .7
7.5 Adding assessment specification to profiles.12
7.5.1 Process reference models.12
7.5.2 Specifying profiles with capability levels .12
7.6 Graduated profiles.12
8 The VSE profile taxonomy principles.15
8.1 VSE classification dimensions .15
8.2 Decoupling VSE classification from profile preparation.15
8.3 Graduating a profile group .15
9 Taxonomy of VSE profile groups.16
9.1 Introduction.16
9.2 The "Generic" profile group .16
9.3 Profiles within the "Generic" profile group .16
9.3.1 The Entry profile .16
9.3.2 The Basic profile.16
9.3.3 The Intermediate profile.17
9.3.4 The Advanced profile.17
10 Guidelines for the specification of VSE profiles .17
10.1 Profile tables.17
© ISO/IEC 2011 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC 29110-2:2011(E)
10.2 Profile table columns .17
10.2.1 Profile element identification and composition specification tables.17
10.2.2 Profile element relationship specification tables.18
10.2.3 Source document reference specification tables.18
Bibliography .20

Table of illustrations
Figure 1 — ISO/IEC 29110 series .vii

Table of tables
Table 1 — ISO/IEC 29110 target audience .vi
Table 2 — Example of a modelling formalism profile for lifecycle products . 8
Table 3 — Example of a correspondence profile for lifecycle products . 8
Table 4 — Example of a profile for lifecycle processes and outcomes. 9
Table 5 — Example of adding correspondence elements for lifecycle processes . 10
Table 6 — Example of a profile for lifecycle processes and output products. 10
Table 7 — Example of adding correspondence elements for lifecycle processes and products . 11
Table 8 — Standardized SE capability levels. 13
Table 9 — Example of adding capability levels (process attributes) to a lifecycle processes profile. 14
Table 10 — Example of defining profiles in terms of other profiles . 14
Table 11 — Allocating VSE characteristics to profile groups . 15
Table 12 — Graduated profile group . 15
Table 13 — The "Generic" profile group. 16


iv © ISO/IEC 2011 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC 29110-2:2011(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
ISO/IEC 29110-2 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 7, Software and systems engineering.
ISO/IEC 29110 consists of the following parts, under the general title Software engineering — Lifecycle
profiles for Very Small Entities (VSEs):
⎯ Part 1: Overview [Technical Report]
⎯ Part 2: Framework and taxonomy
⎯ Part 3: Assessment guide [Technical Report]
⎯ Part 4-1: Profile specifications: Generic profile group
⎯ Part 5-1-2: Management and engineering guide: Generic profile group: Basic profile [Technical Report]
Parts 4 and 5 can be developed to accommodate new profile specifications and management and engineering
guides as follows:
⎯ Part 4-m: Profile specifications: Profile group aaaaa
⎯ Part 5-m-n: Management and engineering guide: Profile group aaaaa: Profile bbbbb [Technical Report]
© ISO/IEC 2011 – All rights reserved v

---------------------- Page: 5 ----------------------
ISO/IEC 29110-2:2011(E)
Introduction
The software industry recognizes the value of Very Small Entities (VSEs) in contributing valuable products
and services. For the purpose of ISO/IEC 29110, a Very Small Entity (VSE) is an entity (enterprise,
organization, department or project) having up to 25 people. VSEs also develop and/or maintain software that
is used in larger systems; therefore, recognition of VSEs as suppliers of high quality software is often required.
According to the Organization for Economic Co-operation and Development (OECD) SME and
Entrepreneurship Outlook report (2005) ‘SMEs constitute the dominant form of business organisation in all
countries world-wide, accounting for over 95 % and up to 99 % of the business population depending on
country’. The challenge facing OECD governments is to provide a business environment that supports the
competitiveness of this large heterogeneous business population and that promotes a vibrant entrepreneurial
culture.
From studies and surveys conducted, it is clear that the majority of International Standards do not address the
needs of VSEs. Conformance with these standards is difficult, if not impossible. Subsequently VSEs have no,
or very limited, ways to be recognized as entities that produce quality software in their domain. Therefore,
VSEs are often cut off from some economic activities.
It has been found that VSEs find it difficult to relate International Standards to their business needs and to
justify the application of the standards to their business practices. Most VSEs can neither afford the resources,
in terms of number of employees, budget and time, nor do they see a net benefit in establishing software life
cycle processes. To rectify some of these difficulties, a set of guides has been developed according to a set of
VSE characteristics. The guides are based on subsets of appropriate standards elements, referred to as VSE
Profiles. The purpose of a VSE profile is to define a subset of International Standards relevant to the VSE
context, for example, processes and outcomes of ISO/IEC 12207 and products of ISO/IEC 15289.
ISO/IEC 29110, targeted by audience, has been developed to improve product and/or service quality, and
process performance. See Table 1. ISO/IEC 29110 is not intended to preclude the use of different life cycles,
such as waterfall, iterative, incremental, evolutionary or agile.
Table 1 — ISO/IEC 29110 target audience
ISO/IEC 29110 Title Target audience
Part 1 Overview VSEs, assessors, standards producers, tool vendors,
and methodology vendors
Part 2 Framework and taxonomy Standards producers, tool vendors and methodology
vendors. Not intended for VSEs.
Part 3 Assessment guide Assessors and VSEs
Part 4 Profile specifications Standards producers, tool vendors and methodology
vendors. Not intended for VSEs.
Part 5 Management and engineering guide VSEs

If a new profile is needed, ISO/IEC 29110-4 and ISO/IEC TR 29110-5 can be developed without impacting
existing documents and they become ISO/IEC 29110-4-m and ISO/IEC 29110-5-m-n, respectively, through
the ISO/IEC process.
ISO/IEC TR 29110-1 defines the business terms common to the VSE Profile Set of Documents. It introduces
processes, lifecycle and standardization concepts, and the ISO/IEC 29110 series. It also introduces the
characteristics and requirements of a VSE, and clarifies the rationale for VSE-specific profiles, documents,
standards and guides.
vi © ISO/IEC 2011 – All rights reserved

---------------------- Page: 6 ----------------------
ISO/IEC 29110-2:2011(E)
This part of ISO/IEC 29110 introduces the concepts for software engineering standardized profiles for VSEs,
and defines the terms common to the VSE Profile Set of Documents. It establishes the logic behind the
definition and application of standardized profiles. It specifies the elements common to all standardized
profiles (structure, conformance, assessment) and introduces the taxonomy (catalogue) of ISO/IEC 29110
profiles.
ISO/IEC TR 29110-3 defines the process assessment guidelines and compliance requirements needed to
meet the purpose of the defined VSEs Profiles. ISO/IEC TR 29110-3 also contains information that can be
useful to developers of assessment methods and assessment tools. ISO/IEC TR 29110-3 is addressed to
people who have direct relation with the assessment process, e.g. the assessor and the sponsor of the
assessment, who need guidance on ensuring that the requirements for performing an assessment have been
met.
ISO/IEC 29110-4-m provides the specification for all the profiles in one profile group that are based on
subsets of appropriate standards elements. VSE Profiles apply and are targeted to authors/providers of
guides and authors/providers of tools and other support material.
ISO/IEC TR 29110-5-m-n provides an implementation management and engineering guide for the VSE Profile
described in ISO/IEC 29110-4-m.
Figure 1 describes the ISO/IEC 29110 series and positions the parts within the framework of reference.
Overviews and guides are published as Technical Reports (TR), and profiles are published as International
Standards (IS).
29110 Overview (TR 29110-1)
29110 Profiles (IS)
Framework and Taxonomy (IS 29110-2)
Specifications of VSE Profiles (IS 29110-4)
Specification - VSE Profile Group m
Specification - VSE Profile Group m
(IS 29110-4-m)
(IS 29110-4-m)
29110 Guides (TR)
Assessment Guide (TR 29110-3)
Management and Engineering Guide (TR 29110-5)
Management and
Management and
Engineering Guide
Engineering Guide
VSE Profile m-n
VSE Profile m-n
(TR 29110-5-m-n)
(TR 29110-5-m-n)

Figure 1 — ISO/IEC 29110 series

© ISO/IEC 2011 – All rights reserved vii

---------------------- Page: 7 ----------------------
INTERNATIONAL STANDARD ISO/IEC 29110-2:2011(E)

Software engineering — Lifecycle profiles for Very Small
Entities (VSEs) —
Part 2:
Framework and taxonomy
1 Scope
1.1 Fields of application
ISO/IEC 29110 is applicable to Very Small Entities (VSEs). The life cycle processes described in
ISO/IEC 29110 are not intended to preclude or discourage their use by organizations bigger than VSEs.
However, certain issues faced by large organizations might not be covered by ISO/IEC 29110.
The life cycle processes defined in ISO/IEC 29110 can be used by VSEs when acquiring and using, as well as
when creating and supplying, a software system. They can be applied at any level in a software system’s
structure and at any stage in the lifecycle. The processes described in ISO/IEC 29110 are not intended to
preclude or discourage the use of additional processes that VSEs find useful.
This part of ISO/IEC 29110 introduces the major concepts for software engineering profiles for VSEs, and
defines the terms common to the set of documents associated with VSE profiles.
It establishes the logic behind the definition and application of profiles. It specifies the elements common to all
standardized profiles (structure, conformance, assessment) and introduces the taxonomy (catalogue) of
ISO/IEC 29110 profiles.
This part of ISO/IEC 29110 is applicable to all profiles.
1.2 Target audience
This part of ISO/IEC 29110 is targeted at authors and reviewers of standardized profiles, authors of other
parts, and authors of other VSE profiles.
2 Conformance to standardized profiles
2.1 Introduction
Conformance is specified within each profile specification document, published as ISO/IEC 29110-4-m. The
general rules for conformance to ISO/IEC 29110 profiles are outlined in 2.2 and 2.3.
© ISO/IEC 2011 – All rights reserved 1

---------------------- Page: 8 ----------------------
ISO/IEC 29110-2:2011(E)
2.2 General principles
2.2.1 Tailoring and exclusions
ISO/IEC 29110 standardized profiles are pre-tailored packages of related software engineering standards,
therefore:
⎯ Tailoring of ISO/IEC 29110 profiles is not needed nor allowed.
⎯ Partial compliance is not allowed (except in one case outlined in 2.2.3).
⎯ There are no levels of conformance.
2.2.2 Extensions
It is acceptable for an implementation to incorporate elements beyond what is defined in the specification of
the profile. However this can cause implementation interoperability problems, and could be accommodated by
defining or using a richer profile.
If a profile allows extensions, each implementation shall fully support all required elements of the profile
specification exactly as specified, and the extensions shall not contradict nor cause the non-conformance of
elements defined in the profile specification. The conformance clause of profiles that allow extensions should
include some additional, more specific, requirements, such as the following.
⎯ Extensions shall not re-define semantics for existing elements.
⎯ Extensions shall not cause standard-conforming implementations (i.e., processes that do not use the
extensions) to be performed incorrectly.
⎯ Extensions shall follow the principles and guidelines of the specification they extend, i.e., the
specifications must be extended in a standard manner (see section below).
⎯ For implementations and/or applications that contain extensions, extensions shall be clearly described in
supporting documentation and the extensions shall be marked as such within the
implementation/application.
⎯ For implementations that contain extensions, there shall be a mode under which the implementation can
be directed to produce only conformant files (documents) or to operate in a strictly conformant manner.
2.2.3 Conformance to base standards
The purpose of a standardized profile is to specify the use of sets of specifications to provide clearly defined
functionality. Hence, conformance to ISO/IEC 29110 standardized profile specifications always implies
conformance to the referenced base standards' specifications, if it is referenced in totality in the profile.
However, if only part of the base standard is referenced in the profile, the above statement is true inasmuch
as the base standard conformance clause allows for tailored and partial compliance.
The conformance requirements of an ISO/IEC 29110 standardized profile shall relate to the conformance
requirements in the base standards in the following ways.
a) Unconditional mandatory requirements in the base standards shall remain mandatory in the
ISO/IEC 29110 profile.
b) Unconditional options in base standards may remain optional or may be changed within the profile to
become:
1) mandatory;
2 © ISO/IEC 2011 – All rights reserved

---------------------- Page: 9 ----------------------
ISO/IEC 29110-2:2011(E)
2) conditional, giving rise to different statuses dependent upon some appropriate condition;
3) out of scope, if the option is not relevant to the scope of the profile – for example, functional elements
which are unused in the context of the profile;
4) prohibited, if the use of the option is to be regarded as non-conformant behaviour within the context
of the profile – this choice should only be used when really necessary, "out of scope" can often be
more appropriate.
c) If the conditions in the conditional requirements in the base standards can be fully evaluated in the
context of the profile, then these requirements become unconditional mandatory requirements or
unconditional options, or they become out of scope or prohibited. Otherwise the conditions remain
conditional, with the appropriate, possibly partially, evaluated conditions.
2.3 Conformance requirements for standardized profiles
2.3.1 Conformance situations
Conformance may be interpreted differently for various situations. The relevant situation shall be identified in
the claim of conformance.
ISO/IEC 29110 profiles can be implemented by:
⎯ developers of products that facilitate the implementation and the use of the profile within organizations –
these can be methods, courses, teaching aids, tools, forms;
⎯ organizations or projects implementing and using the processes and products prescribed by the profile.
NOTE The case where another ISO document, such as a Guide or Technical Report, complies with the profile
specification is not considered implementation conformance and subject to conformance clauses. For instance,
ISO/IEC TR 29110-5 guides comply with ISO/IEC 29110-4 profile specifications, and this is evidenced by a normative
reference to ISO/IEC 29110-4 in ISO/IEC TR 29110-5, not by a conformance clause.
2.3.2 Conformance to a standardized profile
A product that claims conformance to an ISO/IEC 29110 standardized profile shall implement all the
mandatory profile elements as identified in the profile specification ISO/IEC 29110-4-m, and the associated
properties and requirements as described in the base standards when applicable. Conformance is achieved
by demonstrating that the conforming product does not exclude, modify or contradict any of the mandatory
profile elements.
An organization that claims conformance to a ISO/IEC 29110 profile shall implement and use all the
mandatory profile elements as identified in the profile specification ISO/IEC 29110-4-m, and the associated
properties and requirements as described in the base standards when applicable. Conformance is achieved
by demonstrating that:
⎯ mandatory requirements for the lifecycle products (information items) have been satisfied using the
content of conformant lifecycle products as evidence;
⎯ mandatory requirements for the lifecycle processes have been satisfied using the outcomes and products
as evidence.
Unless otherwise noted in the standardized profile conformance clause, conformance to the profile implies
conformance to the base standards.
© ISO/IEC 2011 – All rights reserved 3

---------------------- Page: 10 ----------------------
ISO/IEC 29110-2:2011(E)
2.3.3 Limited conformance to the base standards included in the standardized profile
If an organization or a product cannot claim conformance to the profile, it can still claim conformance to the
elements of the base standard included in the profile under the following conditions.
⎯ The base standard is not totally included in the profile (if it is totally included, then the implementation
should claim conformance to the base standards).
⎯ The base standard's conformance clause allows for partial conformance and/or tailored performance.
In that case, the conformance clause shall refer only to the mandatory profile elements as identified in the
profile specification ISO/IEC 29110-4-m that
⎯ refer to the base standards in question, and
⎯ are identified as mandatory (normative) in the base standards.
3 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
ISO/IEC TR 29110-1, Software engineering — Lifecycle profiles for Very Small Entities (VSEs) — Part 1:
Overview
4 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO/IEC TR 29110-1 apply.
5 Conventions and abbreviated terms
5.1 Naming, diagramming and definition conventions
None.
5.2 Abbreviations
VSE Very Small Entity
VSEs Very Small Entities
SE Software Engineering
6 Software engineering profiles for VSEs
6.1 Basic concepts
The context of Functional Standardization is one part of the overall field of IT standardization activities
covering:
Base Standards, which define fundamentals and generalized procedures. They provide an infrastructure that
can be used by a variety of applications, each of which can make its own selection from the options offered by
them
...