Template for Software Configuration Management Documents, Deluxe Version 3

TEMPLATE for
SOFTWARE CONFIGURATION MANAGEMENT DOCUMENTS
VERSION 4.0

Abstract

This document contains a set of templates for software configuration management (CM) documents to aid engineers and managers to implement software configuration management processes per the requirements specified in standard ISO/IEC 12207:2008, Software life cycle processes and standard ISO/IEC 15288:2008, System life cycle processes. For software CM processes and related activities and artifacts, these standards-driven templates provide generic descriptions and instructions that, as needed, can be tailored to a specific organization’s or project’s needs.

Thirteen templates are provided. They are:

#	Template Name

1	Software Configuration Management Policy
2	Software Configuration Management Strategy
3	Software Configuration Management Organization Charts
4	Software Configuration Management Plan
5	Software Configuration Management Process
6	Software Configuration Identification Procedure
7	Software Configuration Change Control Procedure
8	Software Configuration Status Accounting Procedure
9	Software Configuration Item Check-in / Check-out Procedure
10	Software Configuration Audits and Reviews Procedure
11A	Subcontractor Software Configuration Control Procedure
11B	External Interface Configuration Control Procedure
12	Software Product Release and Delivery Procedure

In addition to the templates shown above, this document provides five different aids to help tailor the templates.

What’s New in Version 4.0
With the release of the 2008 versions of ISO/IEC 12207, Software life cycle processes and ISO/IEC 15288, System life cycle processes, we have reviewed our document and insured that our templates still meet the requirements of these standards. No changes were necessary to our templates, but we have updated our traceability section to show clearly and succinctly how 12207 and 15288 relate to one another.

Version 4.0 still contains the many illustrative diagrams introduced in Version 3.0. We believe these diagrams will continue to provide added value in the implementation and communication of CM processes.

Version 4.0 Enhancement	Description
Internal audit of this product	SEPT reviewed and insured that this document meets the requirements of the 2008 releases of ISO/IEC 12207 and ISO/IEC 15288.
Diagram added to section 1.4	This diagram illustrates the CM sections of both 12207 and 15288 and show the commonality between the two and the specializations in the 12207 standard.
Traceability matrix updated in section 1.4	The alignment of 12207 and 15288 has allowed us to create a simplified matrix mapping templates to standard requirements.

Table of Contents

What’s New in Version 4.0 ....................................................................................			4

1	Introduction ...................................................................................................		7
1.1		About Software Configuration Management ..............................	7
1.2		How to Use This Document.....................................................	8
1.3		The Software Domain...............................................................	10
1.4		Traceability to 12207 and 15288...............................................	10
1.5		Product Support ......................................................................	13
1.6		Warranties and Liability ............................................................	13

2	Software Configuration Management Templates ................................		14
2.1		Software Configuration Management Policy ...............................	16
2.2		Software Configuration Management Strategy ............................	21
2.3		Software Configuration Management Organization Charts ..........	29
2.4		Software Configuration Management Plan ................................	33
2.5		Software Configuration Management Process ...........................	44
2.6		Software Configuration Identification Procedure ........................	54
2.7		Software Configuration Change Control Procedure ......................	60
2.8		Software Configuration Status Accounting Procedure ..................	66
2.9		Software Configuration Item Check-in and Check-out Procedure ...	70
2.10		Software Configuration Audits and Reviews Procedure ...............	75
2.11		External Interfaces Procedures .................................................	79
2.12		Software Product Release and Delivery Procedure ....................	87

3.	Software Configuration Management Aids		92
3.1		Aid 1: Acronyms .....................................................................	93
3.2		Aid 2: Standards ....................................................................	98
3.3		Aid 3: Software Change Request Data Elements ......................	98
3.4		Aid 4: Software Status Accounting Data Elements ....................	99
3.5		Aid 5: Software Documentation Approval Matrix .......................	100

4.	About the Authors ...............................................................................................................		104

	List of Figures

Figure 1:	Software CM templates, and aids, and how they relate	9
Figure 2:	Standard's document sections and relationships	11
Figure 3:	12207 Software CM Requirements Clauses	12
Figure 4:	CM Policy provides high-level guidance and control	16
Figure 5:	CM Strategy is guided by policy and focuses plans and procedures	21
Figure 6:	Software CM organization within a typical large company	30
Figure 7:	CM organization within a small company	31
Figure 8:	Organization of a typical software CM group	31
Figure 9:	The configuration management process showing all its inputs and outputs	45
Figure 10:	Controlled objects and their relationships and attributes	46
Figure 11:	Conceptual hierarchy of CM policies, plans, processes, and procedures	47
Figure 12:	Change control process flow	62
Figure 13:	Check-in/Check-out used by CM processes	70
Figure 14:	The check-in/check-out process	72
Figure 15:	Product release and delivery - the final step	87

Introduction

In the past decade, the need for establishing effective software configuration management policies and procedures has grown in conjunction with the need for systems that are complex, fast, accurate, secure, and safety-critical. From simple everyday systems that track bank accounts to the complex systems in airplanes, cars, medical devices, and industrial, or military products; there is a demand for highly reliable, error-free software that either supports the development and maintenance of these systems or is an integral part of them.

This document provides a set of templates for implementing a software configuration management process the meets the requirements of ISO/IEC standard 12207:2008, Software life cycle processes and ISO/IEC standard 15288:2008, System life cycle processes. These templates are easy to use, self-explanatory, and do not require expensive training or extensive experience.

Section 1.4 of this document provides a brief discussion of the ISO/IEC 12207:2008 and ISO/IEC 15288:2008 standards and provides a mapping between their requirements and the templates that address them. Note that in most cases, this document simply refers to “12207” or “15288” without a version reference. Unless otherwise noted, all references to these standards refer to their 2008 versions.

1.1 About Software Configuration Management
The inclusion of software configuration management as a top-level process in the software life cycle has proven to be a necessary and cost effective step in producing and delivering quality products on time and within specified time and dollar limitations. Effective configuration management of a system’s software elements is accomplished by:

· Establishing a policy that requires the implementation of software configuration management.

· Defining a software configuration management strategy that drives subsequent plans and procedures.

· Establishing a scheme for software item identification.

· Identifying the controlled items and item types that are designed, developed, and delivered.

· Agreeing to a baseline configuration.

· Enabling the development of and changes to that agreed upon baseline.

· Recording the events of an item’s evolution through status accounting records.

It is imperative for companies that build software to have a clear and concise policy on software configuration management as well as the procedures to implement it. A CM policy should be established by executive level management to provide top-level guidance and constraints to lower level plans and procedures. This guidance and constraint helps insure consistency across lower level procedures including compliance with key corporate objectives.

Because software CM procedures may affect the utilization of resources across company organizations, these procedures should be reviewed and approved by an appropriate level of management in those organizations. These organizations can include Quality Management, Engineering, Testing, Project Management, and the customer (when applicable). The responsibility for defining and executing CM procedures must be clearly assigned down an organization as well as across it.

In large companies or organizations, different groups or projects may have their own unique CM requirements and resultant policies and procedures. In such cases, each organization must insure that their unique software CM plan, strategy, and procedures are aligned with higher-level CM documents.

1.2 How to Use This Document
This document is designed to aid a person, with some knowledge of software configuration management, implement a sound software CM system. Expertise in software configuration management is not required. This document provides templates and aids for software CM that can be applied to manual or automated methods and can be implemented by one or more persons depending on the scope and complexity of the project or organization. These materials are applicable to projects of all sizes, and are applicable for all types of products during their life span.

Figure 1 shows the thirteen software CM templates and five CM aids contained in this document and how they relate to one another. Note, for example, how higher level documents (organization, strategy, policy, plan) provide the overall guidance and direction for the establishment of lower level procedures.

Figure 1: Software CM templates, and aids, and how they relate.

Software CM Templates

Each subsection of Section 2 (2.1,2.3 etc) is devoted to one of the thirteen templates shown in Figure 1 . Preceding each template, which begins with a title page, is a brief overview of the area being addressed by that template. Guidance notations in the templates appear underlined and should be stripped from the implemented template. Template pages can be distinguished from other types of pages in this document by the occurrence of the word “Template” in their page header. Pages that are not part of a template do not have that word in their header.

The template serves as a framework for meeting the unique CM requirements of your organization. Thus, you will have to add text that provides the necessary detail to carry out the activities described in each template. Specific tools, data, and geographic distribution of work products and people will all affect the definition of an activity and will necessitate the tailoring of each template. The size and experience of your software staff will also affect the level of detail required. You may also have to modify text for specific domains and end-item types (embedded software, government software, classified software, etc).