IT:AD:ISO 25010
* See also:
Summary
ISO/IEC 25010:2011 was issued in 2011 and replaces IT:AD:ISO 9126, which in turn was derived from earlier work on IT:AD:FURPS on defining and classifying Requirements for software.
Notes
Part of IT:AD:SQuaRE, it has 8 characteristics, compared to IT:AD:ISO 9126's 6, and IT:AD:FURPS's 5:
- Functional: (used to be Functionality in IT:AD:ISO 9126).
- Completeness:
- Stakeholder Functionality:
- Public User functionality: functionality required by clients
- Business functionality: functionality required by Business Users to provide services to clients (Read/Write/Approve/Logical Delete)
- Business support functionality: functionality required by Business Support Specialists (Business Role allocation)
- Application support functionality: functionality required by Support Specialists (System role allocation, Backup management).
- Infrastructure support functionality: functionality required by Infrastructure Specialists, monitoring the platform
- Obligations:
- Legal:
- Openness: adhering to open data directives
- Security: adhering to data classification requirements
- Privacy: adhering to national privacy laws
- Archiving: adhering to archiving directives
- Standards:
- Security: adhering to national recommendations
- Accessibility: by all members of the public, including the by visually impaired
- Usability: by all members of the public, from the devices they most use
- API Interfaces: adhering to web API standards
- Correctness ← renamed from Accuracy in IT:AD:ISO 9126
- Appropriateness ← renamed from Functional appropriateness in IT:AD:ISO 9126. Ref: ISO 9241-110
- Validation:
- Documentation:
- Performance efficiency ← renamed from Efficiency, in IT:AD:ISO 9126 and IT:AD:FURPS
- Time behavior
- Resource Utilization
- Capacity ←- new
- Compatibility ← new
- Co-Existence ← moved from Portability in IT:AD:ISO 9126
- Interoperability ← moved from Functionality in IT:AD:ISO 9126
- Usability
- Appropriateness recognizability ← renamed from Understandability
- Learnability
- Operability
- User Error Protection ← new
- User Interface Aesthetics ← renamed from Attractiveness
- Accessibility ← new
- Reliability
- Maturity
- Availability ← new
- Fault Tolerance
- [Recoverability]
- Security ← new
- Confidentiality ← new
- Integrity ← new
- Non-Repudiation ← new
- Accountability ← new
- Authenticity ← new (identity can be proved to be the one claimed)
* Maintainability
- Modularity ← new
- Reusability ← new
- Analysability
- Modifiability ← new amalgamation of older Reusability, Changeability, Stability in IT:AD:ISO 9126
- Testability
* Portability
- Adaptability
- Installability
- Replaceability
Issues
Classifying Requirements has always been hard. Although we're closer with this system, the system still has issues.
- where's Recoverability? I'll put it under Reliability for now. But maybe it was intended for being under Maintainability. Or was it Stability?
- Where should one put Diagnostic Tracing?
- Most security requirements combine Integrity and Confidentiality. It's hard to know which one to put a requirement in.
- Where does Compliance go? Or was it intended to go under System Functional? (But Web Standards is Interoperability…)
- Where does Documentation go? SAD? Operations Manual? Deployment Manual? etc.
- Where does Validation go? It's the basis of Conformance/Normalization/Data-Quality…all of which I can't place in the above categories.
- Where should requirements such as “Use UTC” and “Use Data Conventions” go? Is that Maintainability? Or other?