ISO/IEC 23643:2020
Software and systems engineering — Capabilities of software safety and security verification tools
This document specifies requirements for the vendors and gives guidelines for both the users and the developers of software safety and security verification tools. The users of such tools include, but are not limited to, bodies performing verification and software developers who need to be aware and pay attention to safety and/or security of software. This document guides the verification tool vendors to provide as high-quality products as possible and helps the users to understand the capabilities and characteristics of verification tools.
This document introduces use cases for software safety and security verification tools and entity relationship model related to them. This document also introduces tool categories for software safety and security verification tools and gives category specific guidance and requirements for the tool vendors and developers.
| Get this standard | Prices exclude GST | |
|---|---|---|
| PDF ( Single user document) |
$301.00 NZD
|
|
| HardCopy |
$346.00 NZD
|
|
| Networkable PDF |
Price varies
|
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 Models for software safety and security verification tools
6 Use cases of software safety and security verification tools
6.1 General
6.2 Verification for low criticality software
6.3 Verification for medium criticality software
6.4 Verification for high criticality software
7 Entity relationship chart of software safety and security verification
8 Categories, capabilities of and requirements for software safety and security verification tools
8.1 General
8.2 Categories of software safety verification tools
8.2.1 General
8.2.2 Specification and refinement tools
8.2.3 Model checking tools
8.2.4 Program analysis tools
8.2.5 Proof tools
8.2.6 Monitoring tools
8.2.7 Programming rules checkers
8.3 Categories of software security verification tools
8.3.1 General
8.3.2 Vulnerability analysis tools
8.3.3 Security modeling tools
8.3.4 Threat modeling tools
8.4 Capabilities of software safety and security verification tools
8.5 Common requirements for safety and security verification tools
8.6 Requirements for specification and refinement tools
8.7 Requirements for model checking tools
8.8 Requirements for program analysis tools
8.9 Requirements for proof tools
8.10 Requirements for monitoring tools
8.11 Requirements for programming rules checking tools
8.12 Requirements for vulnerability analysis tools
8.13 Requirements for security modeling tools
8.14 Requirements for threat modeling tools
Annex A (informative) Evaluation assurance levels of ISO/IEC 15408 common criteria
Annex B (informative) How to use this document with ISO/IEC 20741
Bibliography
Keep me up-to-date
Sign up to receive updates when there are changes to this standard
Related Information
Similar Standards
-
AS/NZS 14756:2001
Information technology - Measurement and rating of performance of computer-based software systems
-
AS/NZS 15271:1999
Guide for AS/NZS ISO/IEC 12207 (Software life cycle processes)
-
AS/NZS ISO/IEC 12207:2013
Systems and software engineering - Software life cycle processes -
AS/NZS ISO/IEC 13235.1:2006
Information technology - Open Distributed Processing - Trading function - Specification
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 Models for software safety and security verification tools
6 Use cases of software safety and security verification tools
6.1 General
6.2 Verification for low criticality software
6.3 Verification for medium criticality software
6.4 Verification for high criticality software
7 Entity relationship chart of software safety and security verification
8 Categories, capabilities of and requirements for software safety and security verification tools
8.1 General
8.2 Categories of software safety verification tools
8.2.1 General
8.2.2 Specification and refinement tools
8.2.3 Model checking tools
8.2.4 Program analysis tools
8.2.5 Proof tools
8.2.6 Monitoring tools
8.2.7 Programming rules checkers
8.3 Categories of software security verification tools
8.3.1 General
8.3.2 Vulnerability analysis tools
8.3.3 Security modeling tools
8.3.4 Threat modeling tools
8.4 Capabilities of software safety and security verification tools
8.5 Common requirements for safety and security verification tools
8.6 Requirements for specification and refinement tools
8.7 Requirements for model checking tools
8.8 Requirements for program analysis tools
8.9 Requirements for proof tools
8.10 Requirements for monitoring tools
8.11 Requirements for programming rules checking tools
8.12 Requirements for vulnerability analysis tools
8.13 Requirements for security modeling tools
8.14 Requirements for threat modeling tools
Annex A (informative) Evaluation assurance levels of ISO/IEC 15408 common criteria
Annex B (informative) How to use this document with ISO/IEC 20741
Bibliography