AS/NZS 15026:1999

1 - AS/NZS 15026:1999 INFORMATION TECHNOLOGY-SYSTEM AND SOFTWARE INTEGRITY LEVELS
4 - PREFACE
5 - CONTENTS
7 - 1 Scope
7 - 2 Normative references
8 - 3 Definitions
8 - 3.1 component:
8 - 3.2 degree of confidence:
8 - 3.3 design authority:
8 - 3.4 failure:
8 - 3.5 fault isolation:
8 - 3.6 function:
8 - 3.7 initiating event:
8 - 3.8 integrity assurance authority:
8 - 3.9 integrity level:
8 - 3.10 item:
8 - 3.11 mitigating function:
8 - 3.12 risk:
8 - 3.13 risk dimension:
8 - 3.14 safety:
8 - 3.15 security:
8 - 3.16 software integrity level:
9 - 3.17 subsystem:
9 - 3.18 system:
9 - 3.19 systematic failure:
9 - 3.20 system integrity level:
9 - 3.21 threat:
9 - 4 Symbols and abbreviations
9 - 5 Software integrity levels framework
9 - 5.1 How to use this International Standard
9 - 5.2 Overview
12 - 6 System integrity level determination.
12 - 6.1 Risk analysis
13 - 6.1.1 Threat identification
13 - 6.1.2 Frequency analysis
13 - 6.1.3 Consequence analysis
13 - 6.1.4 Risk calculation
14 - 6.2 Risk evaluation
14 - 6.3 System integrity level assignment
14 - 7 Software integrity level determination
15 - 7.1 Assumptions in software integrity level determination
15 - 7.2 Reduction of software integrity level
16 - 7.3 Reducing the software integrity level of software whose failure can result in a threat
16 - 7.4 Reducing the software integrity level of software whose failure may result in lack of provision of mitigating functions
17 - 8 Software integrity requirements determination
17 - 8.1 Degree of confidence
17 - 8.2 Methods of achieving degrees of confidence in software
17 - 8.3 Association of degree of confidence in software with integrity level

Specifies requirements for the determination of system and software integrity levels for software products and systems that use software. The Standard also defines the concepts associated with integrity levels, defines the processes for determining integrity levels and software integrity requirements, and places requirements on each process. This Standard is identical with and has been reproduced from ISO/IEC 15026:1998

This International Standard introduces the concepts of software integrity levels and software integrity requirements. It defines the concepts associated with integrity levels, defines the processes for determining integrity levels and software integrity requirements, and places requirements on each process. This International Standard does not prescribe a specific set of integrity levels or software integrity requirements. These must be established either on a project by project basis, or for a specific sector and/or country. This International Standard is applicable to software only. The system integrity level and the integrity levels of the non-software components are only required in this International Standard to determine the integrity levels of the software components.This International Standard is intended for use by developers, users, procurers, and assessors of software products or systems containing software for the administrative and technical support of those products and systems.A software integrity level denotes a range of values of a software property necessary to maintain system risks within tolerable limits. For software that performs a mitigating function, the property is the reliability with which the software must perform the mitigating function. For software whose failure can lead to a system threat, the property is the limit on the frequency or probability of that failure.Software integrity requirements are requirements that must be met by the software engineering process used to develop the software, requirements that must be met by the software engineering products, and/or requirements that must be true of the software's performance over time in order to provide a degree of confidence in the software that is commensurate with the software's integrity level.This International Standard does not prescribe the way in which integrity level determination is integrated with the overall system engineering life cycle processes.

First published as AS/NZS 15026:1999.