7.0 软件配置管理流程 SOFTWARE CONFIGURATION MANAGEMENT PROCESS
本节讨论软件配置管理 (SCM) 过程的目标和活动。 SCM 流程按照软件计划流程(参见 4)和软件配置管理计划(参见 11.4)的定义进行应用。 SCM 过程的输出记录在软件配置管理记录(见 11.18)或其他软件生命周期数据中。This section discusses the objectives and activities of the software configuration management (SCM) process. The SCM process is applied as defined by the software planning process (see 4) and the Software Configuration Management Plan (see 11.4). Outputs of the SCM process are recorded in Software Configuration Management Records (see 11.18) or in other software life cycle data.
SCM 流程与其他软件生命周期流程协作,有助于:The SCM process, working in cooperation with the other software life cycle processes, assists in:
a. 在整个软件生命周期中提供定义和受控的软件配置。Providing a defined and controlled configuration of the software throughout the software life cycle.
b. 提供复制后可执行目标码和参数数据项文件(如果有)一致性的能力,以用于软件制造或在需要调查或修改时重新生成它。Providing the ability to consistently replicate the Executable Object Code and Parameter Data Item Files, if any, for software manufacture or to regenerate it in case of a need for investigation or modification.
c. 在软件生命周期中提供对流程输入和输出的控制,确保流程活动的一致性和可重复性。Providing control of process inputs and outputs during the software life cycle that ensures consistency and repeatability of process activities.
d. 通过控制配置项和建立基线,提供审查、评估状态和变更控制的已知点。Providing a known point for review, assessing status, and change control by control of configuration items and the establishment of baselines.
e. 提供控制措施,确保问题得到关注,变更得到记录、批准和实施。Providing controls that ensure problems receive attention and changes are recorded, approved, and implemented.
f. 通过控制软件生命周期过程的输出提供软件批准的证据。Providing evidence of approval of the software by control of the outputs of the software life cycle processes.
g. 评估软件产品是否符合要求。Assessing the software product compliance with requirements.
h. 确保配置项目的安全物理归档、恢复和控制得到维护。Ensuring that secure physical archiving, recovery, and control are maintained for the configuration items.
7.1 软件配置管理流程目标 Software Configuration Management Process Objectives
SCM 流程的目标是:The SCM process objectives are:
a. 每个配置项及其后续版本都被明确标记,从而为配置项的控制和参考奠定了基础。Each configuration item and its successive versions are labeled unambiguously so that a basis is established for the control and reference of configuration items.
b. 基线是为进一步的软件生命周期过程活动而定义的,并允许配置项的引用、控制和跟踪。Baselines are defined for further software life cycle process activity and allow reference to, control of, and traceability between, configuration items.
c. 问题报告过程记录过程不符合软件计划和标准的情况,记录软件生命周期过程输出的缺陷,记录软件产品的异常行为,并确保这些问题的解决。The problem reporting process records process non-compliance with software plans and standards, records deficiencies of outputs of software life cycle processes, records anomalous behavior of software products, and ensures resolution of these problems.
d. 变更控制可以在整个软件生命周期中记录、评估、解决和批准变更。Change control provides for recording, evaluation, resolution, and approval of changes throughout the software life cycle.
e. 变更审查确保问题和变更得到评估、批准或拒绝,批准的变更得到实施,并通过在软件规划过程中定义的问题报告和变更控制方法向受影响的流程提供反馈。Change review ensures problems and changes are assessed, approved, or disapproved, approved changes are implemented, and feedback is provided to affected processes through problem reporting and change control methods defined during the software planning process.
f. 状态统计为软件生命周期过程的配置管理提供有关配置识别、基线、问题报告和变更控制的数据。Status accounting provides data for the configuration management of software life cycle processes with respect to configuration identification, baselines, Problem Reports, and change control.
g. 归档和检索确保在需要复制、重新生成、重新测试或修改软件产品的情况下可以检索与软件产品相关的软件生命周期数据。 发布活动的目标是确保仅使用经过授权的软件,尤其是软件制造,此外还要确保其存档和可检索。Archival and retrieval ensures that the software life cycle data associated with the software product can be retrieved in case of a need to duplicate, regenerate, retest or modify the software product. The objective of the release activity is to ensure that only authorized software is used, especially for software manufacturing, in addition to being archived and retrievable.
h. 软件加载控制确保可执行目标代码和参数数据项文件(如果有)被加载到具有适当保护措施的系统或设备中。Software load control ensures that the Executable Object Code and Parameter Data Item Files, if any, are loaded into the system or equipment with appropriate safeguards.
i. 软件生命周期环境控制确保用于生成软件的工具是可识别的、受控的和可检索的。Software life cycle environment control ensures that the tools used to produce the software are identified, controlled, and retrievable.
SCM 的目标与软件级别无关。 然而,根据应用于数据的 SCM 控制,可能存在两类软件生命周期数据(参见 7.3)。The objectives for SCM are independent of software level. However, two categories of software life cycle data may exist based on the SCM controls applied to the data (see 7.3).
附件 A 的表 A-8 总结了 SCM 流程的目标和输出。
Table A-8 of Annex A is a summary of the objectives and outputs of the SCM process.
7.2 软件配置管理流程活动Software Configuration Management Process Activities
SCM过程包括配置标识、变更控制、基线建立和软件产品归档等活动,包括相关的软件生命周期数据。 SCM过程并不会在软件产品获得认证机构批准时停止,而是持续到系统或设备的整个使用寿命期间。 如果软件生命周期活动将由供应商执行,那么配置管理活动应该应用于供应商。
The SCM process includes the activities of configuration identification, change control, baseline establishment, and archiving of the software product, including the related software life cycle data. The SCM process does not stop when the software product is approved by the certification authority, but continues throughout the service life of the system or equipment. If software life cycle activities will be performed by a supplier, then configuration management activities should be applied to the supplier.
7.2.1 配置标识Configuration Identification
活动包括:Activities include:
a. 应为软件生命周期数据建立配置标识。Configuration identification should be established for the software life cycle data.
b. 应该为每个配置项、每个单独控制配置项的组件以及构成软件产品的配置项的组合建立配置标识。Configuration identification should be established for each configuration item, for each separately controlled component of a configuration item, and for combinations of configuration items that comprise a software product.
c. 配置项应在实施变更控制和可追溯性分析之前进行配置标识。Configuration items should be configuration identified prior to the implementation of change control and traceability analysis.
d. 配置项应该是在该项被其他软件生命周期过程使用、被其他软件生命周期数据引用或用于软件制造或软件加载之前标识的配置。A configuration item should be configuration identified before that item is used by other software life cycle processes, referenced by other software life cycle data, or used for software manufacture or software loading.
e. 如果软件产品标识无法通过物理检查(例如,零件号牌检查)确定,则可执行目标码和参数数据项文件(如果有)应包含可由系统其他部分访问的配置标识或 设备。 这可能适用于现场可加载软件。If the software product identification cannot be determined by physical examination (for example, part number plate examination), then the Executable Object Code and Parameter Data Item Files, if any, should contain configuration identification that can be accessed by other parts of the system or equipment. This may be applicable to field-loadable software.
7.2.2 基线和可追溯性 Baselines and Traceability
活动包括:Activities include:
a.应当为用于可信认证的配置项目建立基线。 可以建立中间基线来帮助控制软件生命周期过程活动。Baselines should be established for configuration items used for certification credit. Intermediate baselines may be established to aid in controlling software life cycle process activities.
b. 应为软件产品建立软件产品基线,并在软件配置索引中进行定义(见 11.16)。A software product baseline should be established for the software product and defined in the Software Configuration Index (see 11.16).
注意:用户可修改的软件不包含在软件产品基线中,但其相关的保护和边界组件除外。 因此,可以对用户可修改的软件进行修改,而不影响软件产品基线的配置标识。Note: User-modifiable software is not included in the software product baseline, except for its associated protection and boundary components. Therefore, modifications may be made to user-modifiable software without affecting the configuration identification of the software product baseline.
c. 应在受控软件库(无论是物理库、电子库还是其他库)中建立基线,以确保其完整性。 一旦建立了基线,就应该防止它发生变化。Baselines should be established in controlled software libraries, whether physical, electronic, or other, to ensure their integrity. Once a baseline is established, it should be protected from change.
d. 应遵循变更控制活动,从已建立的基线中制定派生基线。Change control activities should be followed to develop a derivative baseline from an established baseline.
e. 如果为软件生命周期过程活动或与先前基线的开发相关的数据寻求可信认证,则基线应该可追溯到其派生的基线。A baseline should be traceable to the baseline from which it was derived, if certification credit is sought for software life cycle process activities or data associated with the development of the previous baseline.
f. 如果为软件生命周期过程活动或与先前配置项的开发相关的数据寻求可信认证,则配置项应可追溯到其派生的配置项。A configuration item should be traceable to the configuration item from which it was derived, if certification credit is sought for software life cycle process activities or data associated with the development of the previous configuration item.
g. 基线或配置项应该可追溯至它所识别的输出或与其关联的流程。A baseline or configuration item should be traceable either to the output it identifies or to the process with which it is associated.
7.2.3 问题报告、跟踪和纠正措施 Problem Reporting, Tracking, and Corrective Action
活动包括:Activities include:
a. 应准备一份问题报告,描述流程不符合计划、输出缺陷或软件异常行为,以及所采取的纠正措施,如第 11.17 节中所定义。A Problem Report should be prepared that describes the process non-compliance with plans, output deficiency, or software anomalous behavior, and the corrective action taken, as defined in section 11.17.
注:软件生命周期过程和软件产品问题可能记录在单独的问题报告系统中。
Note: Software life cycle process and software product problems may be recorded in separate problem reporting systems.
b. 问题报告应提供受影响的配置项的配置标识或受影响的流程活动的定义、问题报告的状态报告以及问题报告的批准和关闭。Problem reporting should provide for configuration identification of affected configuration item(s) or definition of affected process activities, status reporting of Problem Reports, and approval and closure of Problem Reports.
c. 需要对软件产品或软件生命周期过程的输出采取纠正措施的问题报告应调用变更控制活动。Problem Reports that require corrective action of the software product or outputs of software life cycle processes should invoke the change control activity.
7.2.4 变更控制 Change Control
活动包括:Activities include:
a. 变更控制应通过提供针对变更的保护来保持配置项和基线的完整性。Change control should preserve the integrity of the configuration items and baselines by providing protection against their change.
b. 变更控制应确保对配置项的任何更改都需要更改其配置标识。Change control should ensure that any change to a configuration item requires a change to its configuration identification.
c. 应记录、批准和跟踪对基线和变更控制下的配置项进行的更改以产生派生基线。 问题报告与变更控制相关,因为报告问题的解决可能会导致配置项或基线发生更改。Changes to baselines and to configuration items under change control to produce derivative baselines should be recorded, approved, and tracked. Problem reporting is related to change control, since resolution of a reported problem may result in changes to configuration items or baselines.
注:人们普遍认为,早期实施变更控制有助于软件生命周期过程活动的控制和管理。
Note: It is generally recognized that early implementation of change control assists the control and management of software life cycle process activities.
d. 软件变更应追溯到其起源,并且软件生命周期过程从变更影响其输出的点开始重复。 例如,在硬件/软件集成中发现的错误(被证明是由不正确的设计引起的)应该导致设计更正、代码更正以及相关集成过程活动的重复。Software changes should be traced to their origin and the software life cycle processes repeated from the point at which the change affects their outputs. For example, an error discovered at hardware/software integration, that is shown to result from an incorrect design, should result in design correction, code correction, and repetition of the associated integral process activities.
e. 在整个变更活动中,应更新受变更影响的软件生命周期数据,并应维护变更控制活动的记录。 变更控制活动由变更审核活动辅助。Throughout the change activity, software life cycle data affected by the change should be updated and records should be maintained for the change control activity. The change control activity is aided by the change review activity.
7.2.5 变更评审 Change Review
活动包括: Activities include:
a. 评估问题或提议的变更对系统需求的影响。 应向系统流程(包括系统安全评估流程)提供反馈,并且应对系统流程的任何响应进行评估。Assessment of the impact of the problem or proposed change on system requirements. Feedback should be provided to the system processes, including the system safety assessment process, and any responses from the system processes should be assessed.
b. 评估问题或提议的更改对软件生命周期数据的影响,确定要进行的更改和要采取的操作。Assessment of the impact of the problem or proposed change on software life cycle data identifying changes to be made and actions to be taken.
c. 确认受影响的配置项已进行配置标识。Confirmation that affected configuration items are configuration identified.
d. 向受影响的流程反馈问题报告或变更影响和决策。Feedback of Problem Report or change impact and decisions to affected processes.
7.2.6 配置状态统计 Configuration Status Accounting
活动包括: Activities include:
a. 报告配置项标识、基线标识、问题报告状态、更改历史记录和发布状态。Reporting on configuration item identification, baseline identification, Problem Report status, change history, and release status.
b. 定义要维护的数据以及记录和报告该数据状态的方法。Definition of the data to be maintained and the means of recording and reporting status of this data.
7.2.7 归档、检索和发布 Archive, Retrieval, and Release
活动包括: Activities include:
a. 与软件产品相关的软件生命周期数据应该可以从批准的来源(例如,开发组织或公司的档案)中检索。Software life cycle data associated with the software product should be retrievable from the approved source (for example, an archive at the developing organization or company).
b. 应建立程序来确保所存储数据的完整性,无论存储介质如何,方法如下:Procedures should be established to ensure the integrity of the stored data, regardless of medium of storage, by:
1. 确保不会进行未经授权的更改。Ensuring that no unauthorized changes can be made.
2. 选择可最大程度减少再生错误或损坏的存储介质。Selecting storage media that minimize regeneration errors or deterioration.
3. 防止数据随着时间的推移丢失或损坏。 根据所使用的存储介质,这可能包括定期使用介质或刷新存档数据。Preventing loss or corruption of data over time. Depending on the storage media used, this may include periodically exercising the media or refreshing the archived data.
4. 将备份副本存储在物理上独立的档案中,以最大限度地降低发生灾难时丢失的风险。Storing duplicate copies in physically separate archives that minimize the risk of loss in the event of a disaster.
c. 应核查复制过程,以产生准确的副本,并且应存在确保可执行目标码和参数数据项文件(如果有)无差错复制的程序。The duplication process should be verified to produce accurate copies, and procedures should exist that ensure error-free copying of the Executable Object Code and Parameter Data Item Files, if any
d. 配置项应在用于软件制造之前被识别和发布,并应建立其发布权限。 至少,应发布加载到机载系统或设备中的软件产品的组件。 这包括可执行目标码和参数数据项文件(如果有),并且还可能包括用于软件加载的相关介质。Configuration items should be identified and released prior to use for software manufacture and the authority for their release should be established. As a minimum, the components of the software product loaded into the airborne system or equipment should be released. This includes the Executable Object Code and Parameter Data Item Files, if any, and may also include associated media for software loading.
注:通常还需要发布定义加载到机载系统或设备中的批准软件的数据。 该数据的定义不在本文档的讨论范围内,但可能包括软件配置索引。
Note: Release is generally also required for the data that defines the approved software for loading into the airborne system or equipment. Definition of that data is outside the scope of this document, but may include the Software Configuration Index.
e. 应建立数据保留程序以满足适航要求并允许软件修改。Data retention procedures should be established to satisfy airworthiness requirements and enable software modifications.
注意:其他数据保留注意事项可能包括业务需求和未来认证机构审查等项目,这些项目超出了本文档的范围。
Note: Additional data retention considerations may include items such as business needs and future certification authority reviews, which are outside the scope of this document.
7.3 数据控制类别 Data Control Categories
软件生命周期数据可以分配给两个配置管理控制类别之一:控制类别 1 (CC1) 和控制类别 2 (CC2)。 表 7-1 定义了与每个控制类别相关的 SCM 流程活动集,其中 ● 表示适用于该类别的软件生命周期数据的最少活动。 CC2 活动是 CC1 活动的子集。Software life cycle data can be assigned to one of two configuration management control categories: Control Category 1 (CC1) and Control Category 2 (CC2). Table 7-1 defines the set of SCM process activities associated with each control category, where ● indicates the minimum activities that apply for software life cycle data of that category. CC2 activities are a subset of the CC1 activities.
附件 A 表按软件级别规定了软件生命周期数据项的控制类别。The Annex A tables specify the control category by software level for the software life cycle data items.
表 7-1 与 CC1 和 CC2 数据相关的 SCM 流程活动
Table 7-1 SCM Process Activities Associated with CC1 and CC2 Data
| SCM活动流程 SCM Process Activity | 引用 Reference | CC1 | CC2 |
| 配置标识Configuration Identification | ● | ● | |
| 基线 Baselines | 7.2.2.b 7.2.2.c 7.2.2.d 7.2.2.e | ● | |
| 可追溯性Traceability | 7.2.2.f 7.2.2.g | ● | ● |
| 问题报告Problem Reporting | ● | ||
| 变更控制 - 完整性和可识别性 Change Control - integrity and identification | 7.2.4.b | ● | ● |
| 变更控制 - 跟踪 Change Control - tracking | 7.2.4.c 7.2.4.d 7.2.4.e | ● | |
| 变更评审 Change Review | ● | ||
| 配置状态统计 Configuration Status Accounting | ● | ||
| 恢复Retrieval | ● | ● | |
| 防止未经授权的更改 Protection against Unauthorized Changes | 7.2.7.b.1 | ● | ● |
| 介质选择、刷新、复制 Media Selection, Refreshing, Duplication | 7.2.7.b.2 7.2.7.b.3 7.2.7.b.4 7.2.7.c | ● | |
| 发布 Release | 7.2.7.d | ● | |
| 数据保留 Data Retention | 7.2.7.e | ● | ● |
7.4 软件加载控制 Software Load Control
软件加载控制是指将编程指令和数据从主存储设备传输到系统或设备的过程。 例如,方法可包括(须经认证机构批准)安装工厂预编程存储设备或使用现场加载设备对系统或设备进行“原位”重新编程。 无论使用哪种方法,软件加载控制应包括:Software load control refers to the process by which programmed instructions and data are transferred from a master memory device into the system or equipment. For example, methods may include (subject to approval by the certification authority) the installation of factory pre-programmed memory devices or “in situ” re-programming of the system or equipment using a field loading device. Whichever method is used, software load control should include:
a. 部件编号和介质识别程序,用于识别要批准加载到机载系统或设备中的软件配置。Procedures for part numbering and media identification that identify software configurations that are intended to be approved for loading into the airborne system or equipment.
b. 无论软件是作为最终产品交付还是安装在机载系统或设备中交付,都应保存记录以确认软件与机载系统或设备硬件的兼容性。Whether the software is delivered as an end item or is delivered installed in the airborne system or equipment, records should be kept that confirm software compatibility with the airborne system or equipment hardware.
7.5 软件生命周期环境控制 Software Life Cycle Environment Control
软件生命周期环境工具由软件规划过程定义,并在软件生命周期环境配置索引(见 11.15)中标识。The software life cycle environment tools are defined by the software planning process and identified in the Software Life Cycle Environment Configuration Index (see 11.15).
活动包括:Activities include:
a. 应该为用于开发、控制、构建、验证和加载软件的工具的可执行目标码或等效工具建立配置标识。Configuration identification should be established for the Executable Object Code, or equivalent, of the tools used to develop, control, build, verify, and load the software.
b. 根据第 12.2.3 节提供的指导,用于控制合格工具的 SCM 过程应符合与控制类别 1 或控制类别 2 数据(见 7.3)相关的目标。The SCM process for controlling qualified tools should comply with the objectives associated with Control Category 1 or Control Category 2 data (see 7.3), according to the guidance provided by section 12.2.3.
c. 除非第 7.5b 节适用,否则用于控制用于构建和加载软件的工具(例如编译器、汇编器和链接编辑器)的可执行目标代码或等效工具的 SCM 过程至少应符合与控制类别 2 相关的目标数据,。Unless section 7.5b applies, the SCM process for controlling the Executable Object Code, or equivalent, for tools used to build and load the software (for example, compilers, assemblers, and linkage editors) should comply with the objectives associated with Control Category 2 data, as a minimum.
2011
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
