标准摘要
[中文适用范围]: 本部分ISO/IEC 15026指定了完整性的概念及其对应要求的完整性级别,这些要求需要被满足以实现完整性级别。它规定了定义和使用完整性级别的方法,并涵盖了系统、软件产品及其相关外部依赖项。该标准适用于系统和软件,并供以下人员使用:a) 定义完整性级别(如行业和专业组织、标准化组织、政府机构);b) 使用完整性级别(如开发人员和维护人员、供应商和用户、系统或软件用户、评估员以及系统或软件的行政和技术支持人员)。重要的是,该标准由供应商和用户用于协议中,例如确保系统的安全、财务或其他特性。本部分不规定特定的完整性级别及其要求,也不规定如何将其与整体工程过程集成,但它提供了一个示例用法(见附录A) [外文原描述]: ISO/IEC 15026-3:2015 specifies the concept of integrity levels with corresponding integrity level requirements that are required to be met in order to show the achievement of the integrity level. It places requirements on and recommends methods for defining and using integrity levels and their corresponding integrity level requirements. It covers systems, software products, and their elements, as well as relevant external dependences. This part of ISO/IEC 15026 is applicable to systems and software and is intended for use by the following: a) definers of integrity levels such as industry and professional organizations, standards organizations, and government agencies; b) users of integrity levels such as developers and maintainers, suppliers and acquirers, system or software users, assessors of systems or software and administrative and technical support staff of systems and/or software products. One important use of integrity levels is by suppliers and acquirers in agreements; for example, to aid in assuring safety, financial, or security characteristics of a delivered system or product. ISO/IEC 15026-3:2015 does not prescribe a specific set of integrity levels or their integrity level requirements. In addition, it does not prescribe the way in which integrity level use is integrated with the overall system or software engineering life cycle processes. It does, however, provide an example of use of this part of ISO/IEC 15026 in Annex A.
英文名称Systems and software engineering - Systems and software assurance - Part 3: System integrity levels