IEEE 1028-2008 PDF
This standard provides minimum acceptable requirements for systematic software reviews, where “systematic” includes the following attributes: — Team participation — Documented results of the review — Documented procedures for conducting the review Reviews that do not meet the requirements of this standard are considered to be non-systematic reviews. The standard is not intended to discourage or prohibit the use of non-systematic reviews. The definitions, requirements, and procedures for the following five types of reviews are included within this standard: a) Management reviews b) Technical reviews c) Inspections d) Walk-throughs e) Audits This standard does not establish the need to conduct specific reviews; that need is defined by other software engineering standards or by local procedures. This standard provides definitions, requirements, and procedures that are applicable to the reviews of software development products throughout the software life cycle. Users of this standard shall specify where and when this standard applies and any intended deviations from this standard. This standard may be used with other software engineering standards that determine the products to be reviewed, the timing of reviews, and the necessity of reviews.
This standard is closely aligned with IEEE Std 1012-2004 [B6], but it can also be used with IEEE Std 1074-2006 [B11], IEEE Std 730-2002 [B2], IEEE Std 12207-2008 [B15], and other standards. A useful model is to consider IEEE Std 1028-2008 as a subroutine to the other standards. Thus, if IEEE Std 1012-2004 [B6] were used to carry out the verification and validation process, the procedure in IEEE Std 1012-2004 [B6] could be followed until such time as instructions to carry out a specific review are encountered. At that point, IEEE Std 1028-2008 would be “called” to carry out the review, using the specific review type described herein. Once the review has been completed, IEEE Std 1012-2004 [B6] would be “returned to” for disposition of the results of the review and any additional action required by IEEE Std 1012-2004 [B6]. This standard may also be used as a stand-alone definition of software review and audit procedures. In this case, local management must determine the events that precede and follow the actual software reviews and audits. In this model, requirements and quality attributes for the software product are “parameter inputs” to the review and are imposed by the “caller.” When the review is finished, the review outputs are “returned” to the “caller” for action. Review outputs typically include anomaly lists and action item lists; the resolution of the anomalies and action items are the responsibility of the “caller.”
The purpose of this standard is to define systematic reviews and audits applicable to software acquisition, supply, development, operation, and maintenance. This standard describes how to carry out a review. Other standards or local management define the context within which a review is performed, and the use made of the results of the review. Software reviews can be used in support of the objectives of project management, system engineering (for example, functional allocation between hardware and software), verification and validation, configuration management, quality assurance and auditing. Different types of reviews reflect differences in the goals of each review type. Systematic reviews are described by their defined procedures, scope, and objectives.
Revision Standard – Inactive-Reserved. Five types of software reviews and audits, together with procedures required for the execution of each type, are defined in this standard. This standard is concerned only with the reviews and audits; procedures for determining the necessity of a review or audit are not defined, and the disposition of the results of the review or audit is not specified. Types included are management reviews, technical reviews, inspections, walk-throughs, and audits.