This Article 
 Bibliographic References 
 Add to: 
Managing Standards Compliance
November/December 1999 (vol. 25 no. 6)
pp. 836-851

Abstract—Software engineering standards determine practices that “compliant” software processes shall follow. Standards generally define practices in terms of constraints that must hold for documents. The document types identified by standards include typical development products, such as user requirements, and also process-oriented documents, such as progress reviews and management reports. The degree of standards compliance can be established by checking these documents against the constraints. It is neither practical nor desirable to enforce compliance at all points in the development process. Thus, compliance must be managed rather than imposed. We outline a model of standards and compliance and illustrate it with some examples. We give a brief account of the notations and method we have developed to support the use of the model and describe a support environment we have constructed. The principal contributions of our work are: the identification of the issue of standards compliance; the development of a model of standards and support for compliance management; the development of a formal model of product state with associated notation; a powerful policy scheme that triggers checks; a flexible and scalable compliance management view.

[1] N. Barghouti and B. Krishnamurthy, "Using Event Contexts and Matching Constraints to Monitor Software Processes," Proc. 17th Int'l Conf. Software Eng.,Seattle, Washington, Apr. 1995.
[2] V.R. Basili, G. Caldiera, F. McGarry, R. Pajerski, G. Page, and S. Waligora, "The Software Engineering Laboratory: An Operational Software Experience Factory," Proc. 14th Int'l Conf. Software Eng.,Australia, pp. 370-381, 1992.
[3] D. Cohen, AP5 Manual, Oct. 1992. ftp://ftp. isi. edu/pubap5/
[4] G. Cugola, E. Di Nitto, C. Ghezzi, and M. Mantione, “How to Deal with Deviations During Process Model Enactment,” Proc. 17th Int'l Conf. Software Eng., Seattle, New York: ACM, 1995.
[5] G. Cugola, E. Di Nitto, A. Fuggetta, and C. Ghezzi, “A Framework for Formalizing Inconsistencies and Deviations in Human-Centered Systems,” ACM Trans. Software Eng. and Methodology, vol. 5, no. 3, pp. 191-230, July 1996.
[6] S. Easterbrook, A. Finkelstein, J. Kramer, and B. Nuseibeh, “Coordinating Distributed ViewPoints: The Anatomy of a Consistency Check,” Int'l J. Concurrent Eng.: Research&Applications, vol. 2, no. 3, pp. 209–222, 1994.
[7] J.E. Cook and A.L. Wolf, “Software Process Validation: Quantitatively Measuring the Correspondence of a Process to a Model,” ACM Trans. Software Eng.&Methodology, vol. 8, no. 2, pp. 147-176, 1999.
[8] M. Feather, “FLEA: Formal Language for Expressing Assumptions—Language Description,” private communication, Apr. 1997.
[9] A. Finkelstein et al., "Inconsistency Handling in Multi-Perspective Specifications," IEEE Trans. Software Eng., vol. 20, no. 8, Aug. 1994, pp. 569-578.
[10] A. Finkelstein, J. Kramer, and M. Hales, “Process Modelling: A Critical Analysis,” Integrated Software Reuse: Management and Techniques, P. Walton and N. Maiden, eds., pp. 137–148. Chapman&Hall and UNICOM, 1992.
[11] A. Finkelstein, G. Spanoudakis, and D. Till, "Managing Inconsistencies," Joint Proc. SIGSOFT'96 Workshops, pp. 172-174,San Francisco, ACM Press, Oct. 1996.
[12] D. Harel, "On Visual Formalisms," Comm. ACM, May 1988, pp. 514-530.
[13] A. Hunter and B. Nuseibeh, “Analysing Inconsistent Specifications,” Proc. Third IEEE Symp. Requirements Eng., pp. 78–86, Annapolis, Md., IEEE CS Press, 1997.
[14] IEEE, IEEE Standard for Developing Software Life Cycle Processes, pp. 1,074-1,995, IEEE CS Press, 1995.
[15] Introduction to ISO, 1997. http://www. iso. ch/infoeintro. html
[16] ISO/IEC “Quality Management and Quality Assurance Standards—Part 3: Guidelines for the Application of ISO 9001 to the Development, Supply and Maintenance of Software, ISO 9000-3,” Int'l Standardisation Organisation, 1994.
[17] ISO/IEC, “Int'l Standard, Information Technology Software Life Cycle Process, ISO 12207,” 1995.
[18] ISO/IEC, “Draft Systems Engineering Standard, ISO 15288,” 1997.
[19] ISO/IEC, “Software Process Improvement and Capability Determination,” Int'l Standardisation Organisation, 1997.
[20] B. Krishnamurthy and N.S. Barghouti, “Provence: A Process Visualization and Enactment Environment,” I. Sommerville and M. Paul, eds., Proc, Software Engineering—ESEC'93, pp. 451–465, Garmisch-Partenkirchen, Germany, Lecture Notes in Computer Science 717, Springer-Verlag, 1993.
[21] B. Krishnamurthy and D.S. Rosenblum, “Yeast: A General Purpose Event-Action System,” IEEE Trans. Software Eng., vol. 21, no. 10, Oct. 1995.
[22] U. Leonhardt et al., "Decentralized Process Modeling in a Multi-Perspective Development Environment," Proc. 17th Int'l Conf. Software Eng., ACM Press, New York, 1995, pp. 255-264.
[23] C. Mazza et al., Software Engineering Standards, Prentice Hall, Upper Saddle River, N.J., 1994.
[24] C. Montangero and L. Semini, “Applying Refinement Calculi to Software Process Modelling,” Proc. Fourth Int'l Conf. Software Process, pp. 63–74, Brighton, U.K., IEEE CS Press, 1996.
[25] Quality Systems&Software Ltd., Oxford Science Park, Oxford, U.K., “DOORS Reference Manual (V3. 0),” 1996.
[26] Rational Software Corp., Santa Clara, Calif., UML Semantics, version 1. 1 alpha r6 ed., July 1997.

Index Terms:
Software processes, software engineering standards, software development environments, compliance, consistency management.
Wolfgang Emmerich, Anthony Finkelstein, Carlo Montangero, Stefano Antonelli, Stephen Armitage, Richard Stevens, "Managing Standards Compliance," IEEE Transactions on Software Engineering, vol. 25, no. 6, pp. 836-851, Nov.-Dec. 1999, doi:10.1109/32.824413
Usage of this product signifies your acceptance of the Terms of Use.