Supplement of security-related parts of ISO/IEC TR 15504

Sang Ho Kim, Choon Seong Leem, Tai Hoon Kim, Jae Sung Kim

Research output: Contribution to journalArticle

2 Citations (Scopus)


ISO/IEC TR 15504, the Software Process Improvement Capability Determination (SPICE), provides a framework for the assessment of software processes. This framework can be used by organizations involved in planning, monitoring, controlling, and improving the acquisition, supply, development, operation, evolution and support of software. But, in the ISO/IEC TR 15504, considerations for security are relatively poor to others. For example, the considerations for security related to software development and developer are lacked. In this paper we propose a process related to security by comparing ISO/IEC TR 15504 to ISO/IEC 21827 and ISO/IEC 15408. The proposed scheme may be contributed to the improvement of security for IT product or system.

Original languageEnglish
Pages (from-to)1084-1089
Number of pages6
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Publication statusPublished - 2003 Dec 1

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Supplement of security-related parts of ISO/IEC TR 15504'. Together they form a unique fingerprint.

  • Cite this