Process Quality Levels of ISO/IEC 15504, CMMI and K-Model

International Journal International Journal International Journal International Journal of Software Engineering and Its Applications of Software Engineering
and Its Applications of Software Engineering and Its Applications of Software Engineering and Its Applications
Vol. Vol. Vol. Vol. 3 33 3, No. , No. , No. , No. 1 11 1, , , , January January January January, 200 , 200 , 200 , 2009 99 9

33
1. Introduction

1.1 Background

The quality of a product depends on quality of a process is a known fact. Many industrial software
organizations have put effort to improve their software process, which based on ISO/IEC 15504,
CMMI. To improve the quality of software and their organizations software development capability
and productivity, various approaches have been tried [3][11]. Process assessment enables to identify
the process capability, and based on the resulted assessment you can expect an enhancement of the
process by identifying your process strengths, weaknesses and risks and preventing them. In this paper
we show the K-model that can easily apply small and medium sized business to process improvement
and certification in Korea. This study also compares the practices of K-model with practices of CMMI
and ISO/IEC 15504. We expect the small and light model, K-model will make software process
improvement of Korea enterprises

1.2 Overview of ISO/IEC 15504

The model consists of some major components namely: the 3 process categories, 9 groups, 48
processes and the 6 capability levels. Processes from the basic by which the software organization
produces products. Capability refers to the ability of the organization to produce these products
predictably and consistently.

Table1.TheCapabilityLevelsofISO/IEC15504 Table1.TheCapabilityLevelsofISO/IEC15504 Table1.TheCapabilityLevelsofISO/IEC15504 Table1.TheCapabilityLevelsofISO/IEC15504
Capability Level ISO/IEC 15504 Capability Level Description
Level 0
Incomplete
There is general failure to attain the purpose of the process. There are little or
no easily identifiable work products or outputs of the process.
Level 1 The purpose of the process is generally achieved. The achievement may not be
Process Quality Levels of ISO/IEC 15504, CMMI and K-model

Sun Myung Hwang
Dept. of Computer Engineering
Daejeon University, Korea
sunhwang@dju.ac.kr

Abstract

In the current marketplace, there are maturity models, standards, and guidelines that can help an
organization improve the way it does business. Software process assessment models, ISO/IEC 15504 and
CMMI provide good strategy to assess organizations software development capability. However these
models are too heavy to apply small and medium enterprise organization.
A ISO/IEC 15504(Software Process Improvement and Capability determination) and
CMMI(Capability Maturity Model Integration) can be considered as representative software process
assessment models since assessors assign ratings to indicators and metrics to measure the capability of
software processes. In this paper we show the K-model that can easily apply small and medium sized
business to process improvement and certification in Korea. This study also compares the practices of K-
model with practices of CMMI and ISO/IEC 15504. We expect the small and light model, K-model will
make software process improvement of Korea enterprises.

International Journal International Journal International Journal International Journal of Software Engineering and Its Applications of Software Engineering and Its Applications of Software Engineering and Its Applications of Software Engineering and Its Applications

34
Performed rigorously planned and tracked. There are identifiable work products for the
process, and these testify to the achievement of the purpose.
Level 2
Managed
The process delivers work products according to specified procedures and is
planned and tracked. Work products conform to specified standards and
requirements.
Level 3
Established
The process is performed and managed using a defined process based upon
good software engineering principles. Individual implementations of the
process use approved, tailored versions of standard, documented processes to
achieve the process outcomes.
Level 4
Predictable
The defined process is performed consistently in practice within defined control
limits, to achieve its defined process goals.
Level 5
Optimizing
Performance of the process is optimized to meet current and future business
needs, and the process achieves repeatability in meeting its defined business
goals.

The process attributes are defined in ISO/IEC 15504-2 and elaborated in ISO/IEC 15504-5 by process
indicators, called generic practices in earlier drafts of the evolving standard.

1.3 Overview of CMMI

CMMI describes the principles and practices underlying software process maturity and is intended
to help software organizations improve the maturity of their software processes in terms of an
evolutionary path from ad hoc, chaotic processes to mature, disciplined software processes. The
CMMI is organized into five maturity levels, described in Table 2.

Table2.CMMIMaturityLevels. Table2.CMMIMaturityLevels. Table2.CMMIMaturityLevels. Table2.CMMIMaturityLevels.
CMMI Maturity
Level
Description of Maturity Levels
CL 1:Initial
The software process is characterized as ad hoc, and occasionally even chaotic.
Few processes are defined, and success depends on individual effort and
heroics.
CL 2:Managed
Basic project management processes are established to track cost, schedule, and
functionality. The necessary process discipline is in place to repeat earlier
successes on projects with similar applications.
CL 3:Defined
The software process for both management and engineering activities is
documented, standardized, and integrated into a standard software process for
the organization. All projects use an approved, tailored version of the
organizations standard software process for developing and maintaining
software.
CL 4:
Quantitatively
Managed
Detailed measures of the software process and product quality are collected.
Both the software the software process and products are quantitatively
understood and controlled.
CL 5:Optimizing
Continuous process improvement is enabled by quantitative feedback from the
process and from piloting innovative ideas and technologies.

2. K-model

The guideline of software process quality certification consists of project and formation level,
and it developed to satisfy the investigation of software process quality capability and
improvement at the same time.

35
In case of the established foreign model, while on the other it can't reflect the environment traits
of domestic software business, the guideline of software process certification can easily apply to
the process improvement of domestic software business by compositing to be congenial to the
korea environment, and structuring the traits of essential software development and organization
management.
This guideline of software process certification leads to minimize the trial and error on the
process improvement propulsion system and to effectively propel reinforcement the process
capability by stages by not only suggesting the systematic vision for the improvement activities
of domestic software business and by but also offering the priority and direction for the real
improvement activity propulsion. Table 3 describes comparison of the process hierarchy in
ISO/IEC 15504 and CMMI.

Table3.MappingofISO/IEC15504andCMMI Table3.MappingofISO/IEC15504andCMMI Table3.MappingofISO/IEC15504andCMMI Table3.MappingofISO/IEC15504andCMMI
CL/ML
48 Processes containing BP and MP
that contribute to the achievement of
the process attribute in ISO/IEC 15504
24 Process Areas in CMMI
2 SUP.1 Documentation
SUP.2 Configuration management
SUP.3 Quality Assurance
SUP.4 Verification
SUP.5 Validation
SUP.6 Joint Review
SUP.7 Audits
SUP.8 Problem Resolution
MAN.1 Management
MAN.2 Project Management
MAN.4 Risk Management
Project Planning
Project Monitoring and Control
Supplier Agreement Management
Requirements Management
Configuration Management
Process and Product Quality Management
Measurement and Analysis
3 ORG.2.1 Process Establishment
ORG.3 Human Resource management
ORG.4 Infrastructure
ORG.6 Reuse
Organizational Process Definition
Organizational Process Focus
Organizational Training
Integrated Project Management
Risk Management
Integrated Teaming
Requirements Development
Technical Solution
Product Integration
Verification
Validation
Decision Analysis and Resolution
Organizational Environment for Integration
4 MAN.3 Quality Management
ORH.1 Organizational Alignment
ORG.2.2 Process Assessment
ORG.5 Measurement
Organizational Process Performance
Quantitative Project Management
5 ORG.2.3 Process Improvement Organizational Innovation and Deployment
Causal Analysis and Resolution


36
3. Structure of K-model

The guideline of software process quality certification has been constituted by certification degree as a
result on the base of the essential evaluation element of core activity necessary for systematic
performance to software development project.
Software business and software process capability level are to decide the certification result degree by
investigating the activities suggested as the valuation factor of the process certification guideline to the
performance activities in the course of the project development and management process.

3.1 Architecture of process assessment

The valuation factor of the process certification guideline is to suggest the structure of group,
assessment process, practice as the core activity suggested as a guideline for investigating the
performance capability of software development project and management activity.

Practice is the core guideline of valuation factor as the activity for performance in order to achieve the
special purpose. All practices sustains the low level activities for performance in order to achieve the
pertinent purpose, represents the special outcome that system performs satisfies activities of the low
level guideline. Practice is represented by the purpose and activity, the result of performance is
explained by example of outputs.

The activities of practice is to become assessment process of a bundle of practice connected to achieve
the greater purpose, and it consists of valuation factor as class structure that becomes group connected
as related factors.

Figure3 Figure3 Figure3 Figure3. . . .Thestructureofsoftwareprocessquality Thestructureofsoftwareprocessquality Thestructureofsoftwareprocessquality Thestructureofsoftwareprocessquality

The group as the highest category classification guideline of valuation factor consists of five groups,
divided by project and organization dimension extensively as a set of processes that perform to satisfy
the level of special certification. The group of project dimension consists of PM,
development(D),support(S)group. The organization dimension consists of OM and PI group.
Assessment process is the low level consisted of groups, consists of seventeen assessment processes as
a high bundle of related practice. Practice is to represent the individual outcomes that should be
performed and satisfied to achieve the special purpose.


37

Figure4 Figure4 Figure4 Figure4. .. .Thestructureofsoftwareprocessqualitycertificationguideline Thestructureofsoftwareprocessqualitycertificationguideline Thestructureofsoftwareprocessqualitycertificationguideline Thestructureofsoftwareprocessqualitycertificationguideline

3.2 Level

The certification level is the outcome of investigating the activity capability level related software
development project performance, and it consists of three stages of the primary, the superior, the
highest level. Only the superior, the highest level are endowed as a certification level.

Figure5.Thestructureof Figure5.Thestructureof Figure5.Thestructureof Figure5.Thestructureofsoftwareprocessqualitycertificationdegree softwareprocessqualitycertificationdegree softwareprocessqualitycertificationdegree softwareprocessqualitycertificationdegree

3.2.1 Initial level(level 1)

This is the necessary level of improving the process capability in the situation of the performance level
of special project, or quality, cost, the appointed date of delivery because project performances can't
operate stably, in the situation of the high probability that can't satisfy the expecting purpose regardless
of success or failure of project.

3.2.2 Good level(level 2)

The process is the capability level to successfully perform the project by developing and controling
project, to be established in the necessary project level to perform individual project,

3.2.3 Very good level(level 3)

This is the possible capability level to perform project of consistent quality level by solving the
fundamental reason of happening matters in the course of improving process of formation level through
the quantitative process management by defining process system of formation.


38

Figure6 Figure6 Figure6 Figure6. .. .Thevaluationfactorofsoftwareprocessquality Thevaluationfactorofsoftwareprocessquality Thevaluationfactorofsoftwareprocessquality Thevaluationfactorofsoftwareprocessqualitycertificationdegreelevel certificationdegreelevel certificationdegreelevel certificationdegreelevel

The certification level is differently applied to valuation factors by each certification degree as an
indicator representing the degree of activity capability level related with software development project
performance and its meaning is also different.
The superior level contains necessary management, development, supporting process group in order to
successfully achieve individual projects. The highest level contains the superior level group, necessary
formation management to the quantitative project management through the guideline process of
formation level.
According to level as an indicator representing capability level of development and management
of software, formation keeps different traits each other, the formation of superior level is to represent
the keeping of activity performance capability of project level, the formation of the highest level to
represent the keeping of activity performance capability in formation level.

certification level Characteristic
initial
level
- to perform project according to circumstances
- the level to make and use process for oneself to perform individual tasks
- Not to share similar process for each use to make and use
- repeatedly happening the trial and error in person and system not sharing the outcome
of trial aqnf error

39
good
level
- successful performance of individual project
- level interested in project performance efficiency focusing on individual projects in
project level
- to perform project by projected process in project, to share and manage the outcomes
only in team unit
- not repeatedly happening the trial and error in project team but repeatedly happening it
in system
very good
level

- to perform project securely and consistently
- level interested in consistently performing without environment change by using
experience or cases during performing each
- to develop task performance method as system guideline process in system level, to
regulate and apply the process in various ways according to various traits of each
project, to share the outcome in whole system
- prevention of repeatedly happening the trial and error in system

4. Levels and Processes of K-model

The superior level aims to the capability level of necessary project level in order to achieve success of
software development project process, and consists of project management, development, assessment
process of supporting group, and low practice of each assessment process.

Assessment process Practice Explaination
project
planning
to contain activity to draw up project plans, to establish project management plans,
to perform project, offense and defense, budget, plan related programs, dangers,
resources, data, knowledge and technology, etc. (eleven practices)
project control
to contain to take measures to confirm project progression an d advance situation, or
when problems happen, according to established plan(five practices)
partnership
management
to contain activity taking over products, to manage whether or not performing
project according to contracts that cooperation business establishs contracts and
performs project (five practices)
Group
requirement
management
to contain activity to manage requirement change and grasping client requirement
during developing process(three practices)

40
analysis
to contain activity for defining and analyzing software requirements by materializing
function requirements that system should achieve based on client requirement(three
practices)
design
to contain preparing activity for realizing system, system structure based on
requirement analysis results, detail design, test plan establish(three practices)
implementation
to contain activity related total test, unit systhesis, unit test performance to software
unit, realizing system based of design requirements (four practices)
test
to contain activity for undertaking the system after fittingly confirming the
performance in the given environment of system to perform system(two practice)
quality Assurance
to contain activity for quality valuation and management during developing
period(four practicees)
configuration
management
to contain the plan establishment of change management activity to the outputted
results, control activity, outcome management during processing project()

measurement and
analysis
As measure and analysis required for the management of outputted information
during processing project, to contain measure goal establishment, measure item
choice, data collection and management procedure, outcome analysis(four
practicees)

The highest level aims to process capability level of necessary system level to consistently perform the
project of system, and it contains assessment processes of the superior level, consists of system
management, assessment process of process improvement group, and low practice of each assessment
process.

group
Assessment
process
Practice Explanation
organization
process
management
to contain activity for application to the whole system by modulating it according to
settlement guideline and guideline, by defining the process of system, managing it as
process asset(six practices)

infra structure
management
to contain activity to manage and build the base of system for performing project and
process (three practices)

Organization
management
education
to contain activity to value and educate, and to identify the education and training
fitting for the goal of system(three practices)

41
quantitative process
management
to contain activity to achieve quality, process, result and goal of system by using
quantitative management method(six practices)
problem solution
to contain activity to achieve the outcomes by analyzing happened problems,
suggesting alternative, choosing the problem solution method through the official
valuation procedure, and performing(five practices)
Process
Improvement
process
improvement
management
to contain activity to manage the results, to perform and identify process improvement,
to evaluate the process of recent system, to define requirement and goal of system for
improvement(five practices)

5. Conclusion

The K-model, the guideline of software process certification can easily apply to the process
improvement of domestic software business by compositing to be congenial to the korea
environment, and structuring the traits of essential software development and organization
management. And It is going to lead to minimize the trial and error on the process
improvement propulsion system and to effectively propel reinforcement the process capability
by stages by not only suggesting the systematic vision for the improvement activities of
domestic software business and by but also offering the priority and direction for the real
improvement activity propulsion.

Acknowledgements

This work was supported by a grant from security engineering research center of Korea ministry of
knowledge economy.
References

[1] Pankaj Jalote, CMM in Practice, SEI Series in Software Engineering, 2000
[2] Dennis M.Ahern, Aaron Clouse, and Richard Turner, CMMI distilled, SEI Series in Software Engineering,
2001
[3] N. Fenton, S.Pfleeger, Software Metrics : A Rigorous and Practical Approach, PWS Pub., 1997
[4] M.Paulk et al, The capability Maturity Model: Guidelines for Improving the Software Process, Addison-
Wesley, 1994
[5] ISO/IEC TR 15846 Information technology Software life cycle processes Configuration Management,
1998

42
[6] ISO/IEC 12207 Information technology Software life cycle processes, 1995
[7] CC; ISO/IEC 15408 Information technology Security technology Evaluation criteria for IT security, 1999
[8] ISO 10007 Quality Management Guidelines for Configuration management, 1995
[9] CMU/SEI, CMM : Capability Maturity Model for Software, V 1.1, 1993

[10] ISO/IEC 9126-1,2,3,4 Information Technology Software Product Quality, 2000
[11] ISO/IEC 14598-1,2,3,4 Information Technology Software Product Evaluation, 1999
[12] Azuma, Software Quality Evaluation System: Quality Models Metrics and Processes International
Standards and Japanese Practice, Information and Software Technology
[13] ARC. 2000. Assessment Requirements for CMMI, Version 1.0 CMU/SEI-2000-TR-011. Software
Engineering Institute, Carnegie Mellon University, Pittsburgh: PA.
[14] El-Emam, K., Goldenson, D. 1995. SPICE: An empiricists perspective. In Proceedings of the Second IEEE
International Software Engineering Standards Symposium, 84-97.
[15] El-Emam, K., 1998, The internal consistency of the ISO/IEC 15504 software process capability scale, In
Proceedings of the 5
th
International Symposium on Software Metrics, 72-81.
[16] El-Emam, K., Jung, H.-W. 2001. An evaluation of the ISO/IEC 15504 assessment model. Journal of Systems
and Software 59(1), 23-41
[17] Jung, H.-W. 2002 Evaluation the internal consistency of SPICE process capability indictors. Submitted for
publication.
[18] KSPICE. 2001. A Guideline for KSPICE Assessment Procedure. Korea SPICE.

Process Quality Levels of ISO/IEC 15504, CMMI and K-Model

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Process Quality Levels of ISO/IEC 15504, CMMI and K-Model

Uploaded by

Copyright:

Available Formats

International Journal International Journal International Journal International Journal of Software Engineering and Its Applications of Software Engineering

You might also like