iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST-TS CEN/TS 16080:2014

(Main)

Internet Content and communications filtering software and services

Internet Content and communications filtering software and services

The objective of this Technical Specification is to define a set of criteria on how Web filters shall perform and that shall give Internet users more confidence in choosing a suitable product or service in order to help protecting children online. By using a Web filter that complies with the requirements set out in this Technical Specification, a user can be confident that the product or service: a) has been specifically designed to meet the needs of parents and carers (administrators of the filter) to protect children from potentially harmful URLs on the Internet; b) has been specifically targeted to minors, and is also suited for individuals looking to protect themselves from potentially harmful URLs on the Internet; c) delivers a minimum set of features and efficacy that are sufficient to provide the required level of protection; d) comes with clear and comprehensive documentation, installation and implementation instructions and available support; e) is reasonably secure, i.e. adopts proven measures to prevent bypassing or removal of the filter itself. This Technical Specification does not cover the following technologies: f) any kind of email filtering, including: antispam filtering, antivirus analysis of emails and attachments, anthiphishing filtering; g) other Web filtering for the purpose of enterprise or adult Web usage, including: antivirus analysis of Web content, antiphishing filtering; h) the analysis and/or filtering of any other application traffic delivered over HTTP/HTTPS/FTP including for instance: instant messaging, peer to peer file (P2P) sharing, VoIP; i) the analysis and/or filtering of any other application traffic delivered over non HTTP/HTTPS/FTP protocols including for instance: newsgroups, instant messaging, peer to peer file (P2P) sharing, VoIP and social networking applications.

Software und Dienste für Filterung von Internetskommunikation und Internestsinhalt

Ziel dieser Technischen Spezifikation ist die Festlegung einer Reihe von Kriterien für die geforderte Leistung von Webfiltern, die Internetnutzern ein größeres Selbstvertrauen bei der Wahl eines geeigneten Produktes oder Dienstes zum Schutz von Kindern im Internet ermöglichen sollen.
ANMERKUNG   Ein Produkt ist ein Softwaresystem, das von seinem Administrator oder seinem Anbieter installiert wird. Ein Dienst wird ohne spezifische Installation durch den Administrator, jedoch durch direkte Bedienung des Kunden durch den Anbieter zur Verfügung gestellt. Ein Beispiel für ein solches Produkt ist ein auf einem PC installiertes Softwaresystem, und ein Beispiel für einen Dienst ist ein von einem Internetdienstanbieter bereitgestellter und einem Internetzugangsdienst hinzugefügter Internetverbindungsfilter.
Durch die Verwendung eines Webfilters, der die in dieser Technischen Spezifikation festgelegten Anforde-rungen erfüllt, kann sich ein Anwender darauf verlassen, dass das Produkt oder der Dienst:
a)   speziell für die Bedürfnisse von Eltern und Verantwortlichen (Administratoren des Filters) entwickelt wurde, um Kinder vor potentiell schädlichen URLs im Internet zu schützen;
b)   speziell auf die Zielgruppe von Minderjährigen ausgerichtet und auch für Personen geeignet ist, die sich vor potentiell schädlichen URLs im Internet schützen möchten;
c)   eine Mindestanzahl von Funktionen und eine Mindestwirksamkeit aufweist, die ausreichen, um den gefor-derten Schutz zu bieten;
d)   mit einer deutlichen und verständlichen Dokumentation sowie Installations- und Implementierungsanwei-sungen bereitgestellt wird;
e)   angemessen sicher ist, d. h. die erprobten Maßnahmen gegen eine mögliche Umgehung oder die Löschung des Filters selbst einleitet.
Die folgenden Technologien werden von der vorliegenden Technischen Spezifikation nicht abgedeckt:
f)   alle Arten von E Mail-Filtern, einschließlich: SPAM-Filter, Überwachung von E-Mails und Anhängen durch Virenscanner, Antiphishing-Filter;
g)   sonstige Webfilter für die Zwecke der Internet-Nutzung durch Unternehmen oder Erwachsene ein-schließlich: Überwachung von Webinhalten durch Virenscanner, Antiphishing-Filter;
h)   die Analyse und/oder Filterung des gesamten sonstigen über HTTP/HTTPS/FTP erfolgenden Anwen-dungsverkehrs einschließlich z. B.: Sofort-Nachrichten, Peer-to-Peer-Filesharing (gemeinsamer P2P-Dateizugriff), VoIP;
i)   die Analyse und/oder Filterung des gesamten sonstigen nicht über HTTP/HTTPS/FTP erfolgenden An-wendungsverkehrs einschließlich z. B.: Newsgruppen, Sofort-Nachrichten, Peer-to-Peer-Filesharing (gemeinsamer P2P-Dateizugriff), VoIP und Anwendungen sozialer Netzwerke.

Logiciel et services de filtrage de contenus et communications d'internet

Programska oprema in storitve za filtriranje internetne vsebine in internetnih komunikacij

General Information

Status
Published
Publication Date
02-Jan-2014
ICS
35.080 - Software
Technical Committee
I13 - Imaginarni 13
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
23-Dec-2013
Due Date
27-Feb-2014
Completion Date
03-Jan-2014
Ref Project
CEN/TS 16080:2013 - Internet Content and communications filtering software and services

Buy Standard

TS CEN/TS 16080:2014TS CEN/TS 16080:2014
PreviousNext
Technical specification
TS CEN/TS 16080:2014
English language
28 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST-TS CEN/TS 16080:2014
01-februar-2014
Programska oprema in storitve za filtriranje internetne vsebine in internetnih
komunikacij
Internet Content and communications filtering software and services
Software und Dienste für Filterung von Internetskommunikation und Internestsinhalt
Logiciel et services de filtrage de contenus et communications d'internet
Ta slovenski standard je istoveten z: CEN/TS 16080:2013
ICS:
35.080 Dokumentiranje razvoja Software development and
programske opreme in system documentation
sistemov (sistemska
dokumentacija)
SIST-TS CEN/TS 16080:2014 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST-TS CEN/TS 16080:2014

---------------------- Page: 2 ----------------------

SIST-TS CEN/TS 16080:2014


TECHNICAL SPECIFICATION
CEN/TS 16080

SPÉCIFICATION TECHNIQUE

TECHNISCHE SPEZIFIKATION
November 2013
ICS 35.080; 35.240.99
English Version
Internet Content and communications filtering software and
services
Logiciel et services de filtrage de contenus et Software und Dienste für Filterung von
communications d'internet Internetskommunikation und Internestsinhalt
This Technical Specification (CEN/TS) was approved by CEN on 7 January 2013 for provisional application.

The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to submit their
comments, particularly on the question whether the CEN/TS can be converted into a European Standard.

CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS available
promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in parallel to the CEN/TS)
until the final decision about the possible conversion of the CEN/TS into an EN is reached.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United
Kingdom.





EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2013 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TS 16080:2013: E
worldwide for CEN national Members.

---------------------- Page: 3 ----------------------

SIST-TS CEN/TS 16080:2014
CEN/TS 16080:2013 (E)
Contents Page
Foreword .4
1 Scope .6
2 Normative references .6
3 Terms, definitions and abbreviations .6
3.1 Terms and definitions .6
3.2 Abbreviations . 10
4 Web filter requirements . 10
4.1 General . 10
4.2 Requirements . 10
4.2.1 Level of protection . 10
4.2.2 Configuration . 11
4.2.3 Request of revision to categorization . 11
4.2.4 Installation and initial setup . 11
4.2.5 Monitoring and logging . 12
4.2.6 Security . 12
4.2.7 Administration . 13
4.2.8 Web filter update . 13
4.2.9 Web filter upgrade . 13
4.2.10 License expiration and renewal . 14
4.2.11 Uninstall/removal . 14
4.2.12 Usability . 14
4.2.13 Support . 14
4.2.14 Product or service description . 14
4.2.15 User documentation . 15
4.3 Recommended Functionalities . 16
Annex A (normative) Potentially harmful URL categories. 18
A.1 General . 18
A.2 Sexually explicit material (pornography) . 18
A.3 Nudity and erotic material . 18
A.4 Violence and weapons . 19
A.5 Self harm . 19
A.6 Racism, discrimination and hate material . 19
A.7 Drug taking or the promotion of drug use . 20
A.8 Promotion of criminal activity . 20
A.9 Gambling . 20
Annex B (normative) Optional URL categories . 21
B.1 General . 21
B.2 Social networking services . 21
Annex C (normative) Web filter testing procedures . 22
C.1 General . 22
C.2 Testing platform . 22
C.3 Reference blocking efficacy URL database and measure . 22
C.4 Reference overblocking rate URL database and measure . 23
C.5 Verification procedure . 24
C.6 Whitelist and blacklist . 24
C.7 Safe search activation . 24
C.8 Keyword filtering verification . 25
2

---------------------- Page: 4 ----------------------

SIST-TS CEN/TS 16080:2014
CEN/TS 16080:2013 (E)
C.9 Social networking services filtering verification . 25
C.10 Usability test . 25
C.10.1 General . 25
C.10.2 Administration interaction points . 25
C.10.3 Checklist . 26

3

---------------------- Page: 5 ----------------------

SIST-TS CEN/TS 16080:2014
CEN/TS 16080:2013 (E)
Foreword
This document (CEN/TS 16080:2013) has been prepared by Technical Committee CEN/TC 365 “Internet
Filtering”, the secretariat of which is held by AENOR.
In view of the increasing use of Internet communication technologies and the impact that these technologies
necessarily have on the general public, in January 2004, the European Commission adopted a
Communication to combat SPAM which served as a basis for the March 2004 Council Conclusions
highlighting the essential role of technical solutions and consumers empowerment.
In addition, the European Parliament and the Council agreed to a multi-annual programme, proposed by the
Commission, to promote safer use of the Internet and new online technologies.
The 4-year programme, Safer Internet Plus (2005-2008) aims at combating illegal and harmful content online.
The programme has several actions such as awareness campaigns, hot lines, interoperability issues relevant
for Internet filtering and benchmarking (SIP-BENCH project).
In view of the increasing awareness and use of filtering software and services, and worried about the lack of
objective testing and scarcity of comparatives, ANEC, the association representing consumers in
standardization and certification, commissioned a study on “The standards requirements for Internet filtering
tools” at the end of 2005. The purpose of this ANEC project was to investigate to what extent unsolicited
commercial communications (SPAM) and Internet content filters should be testable and comparable in order
to help consumer choice. Performance standards for Internet filtering products and services were identified as
helpful in both ensuring product transparency and aiding choice. The protection of consumers (and especially
children) was intended to be the main aim of the ANEC work.
CEN BT WG 194 on Internet filtering tools was set up in February 2007, upon request by ANEC, to consult
stakeholders on this issue. Participants range from European Commission representatives from DG
Information Society and Justice and Home Affairs (JAI) to national standards bodies (BSI, DIN, AFNOR and
NEN).
The CEN BT WG 194 met on 14 March 2007; no other meeting was planned.
The Report was finalized after this meeting and endorsed electronically in June 2007. As a way forward,
BT/WG 194 proposed the creation of a CEN Task Force (TF) leading to this Technical Specification with the
restricted scope of Web filters.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent rights.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the following
countries are bound to announce this Technical Specification: Austria, Belgium, Bulgaria, Croatia, Cyprus,
Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany,
Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland,
Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom.
4

---------------------- Page: 6 ----------------------

SIST-TS CEN/TS 16080:2014
CEN/TS 16080:2013 (E)
Introduction
Nearly three quarters of the population of the European Union is now using the Internet. A very large
proportion of them use the Internet for the purpose of education, work, communication and commerce.
However, even though the Internet is becoming part of everyday life, potentially harmful or illegal material
exists on the Internet.
To protect their children and themselves, Internet users are turning towards filtering product and services
besides education. However, there is no easy way for Internet users to discover which of these products and
services is best suited to their needs or, indeed, whether a filter is effective.
A Technical Specification can help Internet users to make informed choices when selecting filter tools. They
shall be able to expect a filter that complies with the standard to perform to a certain level.
The Technical Specification covers issues such as ease of use and installation, as well as filtering
performance. This can lead to an increase of confidence of the user in the filter. The users can also be
ensured, that they shall be able to install, configure and maintain (update/upgrade) the filter themselves.
5

---------------------- Page: 7 ----------------------

SIST-TS CEN/TS 16080:2014
CEN/TS 16080:2013 (E)
1 Scope
The objective of this Technical Specification is to define a set of criteria on how Web filters shall perform and
that shall give Internet users more confidence in choosing a suitable product or service in order to help
protecting children online.
NOTE A product is a software system that is installed by its administrator or its provider. A service is provided without
specific installation by the administrator, but by direct provision of the customer by the provider. An example of a product is
a software system installed on a personal computer, and an example of a service is an Internet connection filter provided
by an Internet Service Provider and added on the Internet access service.
By using a Web filter that complies with the requirements set out in this Technical Specification, a user can be
confident that the product or service:
a) has been specifically designed to meet the needs of parents and carers (administrators of the filter) to
protect children from potentially harmful URLs on the Internet;
b) has been specifically targeted to minors, and is also suited for individuals looking to protect themselves
from potentially harmful URLs on the Internet;
c) delivers a minimum set of features and efficacy that are sufficient to provide the required level of
protection;
d) comes with clear and comprehensive documentation, installation and implementation instructions and
available support;
e) is reasonably secure, i.e. adopts proven measures to prevent bypassing or removal of the filter itself.
This Technical Specification does not cover the following technologies:
f) any kind of email filtering, including: antispam filtering, antivirus analysis of emails and attachments,
anthiphishing filtering;
g) other Web filtering for the purpose of enterprise or adult Web usage, including: antivirus analysis of Web
content, antiphishing filtering;
h) the analysis and/or filtering of any other application traffic delivered over HTTP/HTTPS/FTP including for
instance: instant messaging, peer to peer file (P2P) sharing, VoIP;
i) the analysis and/or filtering of any other application traffic delivered over non HTTP/HTTPS/FTP protocols
including for instance: newsgroups, instant messaging, peer to peer file (P2P) sharing, VoIP and social
networking applications.
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are
indispensable for its application. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
EN ISO/IEC 17025, General requirements for the competence of testing and calibration laboratories (ISO/IEC
17025)
6

---------------------- Page: 8 ----------------------

SIST-TS CEN/TS 16080:2014
CEN/TS 16080:2013 (E)
3 Terms, definitions and abbreviations
3.1 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1.1
administrator
person who is responsible for the implementation, configuration and administration of the Web filter
Note 1 to entry: For the purpose of this Technical Specification, the administrator could be the parents, an educator, or the
responsible adult.
3.1.2
blacklist
list of URLs that are always blocked by a Web filter
3.1.3
block page
informative web page that is shown to the end user of the filtering service when trying to access blocked URL
3.1.4
blocking
prevention to access URL in its entirety
EXAMPLE Blocking all or some of the images on a web page or access to parts of a web page is not considered
blocking.
3.1.5
certification body
a third-party body contracted to provide certification to a customer
3.1.6
chat
communication between two or more end users over the Internet in the form of real time short messages
exchanged in virtual meeting places or chat rooms
3.1.7
content
any material, such as text, images, sound, animation or video, which can be accessed or received using the
Internet
3.1.8
default settings
the settings of the Web filter once the installation is finished assuming that installation has been performed
with no voluntary modification by the administrator
3.1.9
domain
sequence of letters and numbers separated by dots that conform the root part of a valid URL, excluding the
protocol part and the path part
EXAMPLE The domain of the URL http://www.example.com/path/to/file.html is the sequence www.example.com.
3.1.10
education material
material intended for use by both administrators and those for whom they are responsible that explains the
purpose, function and limitations of Internet filters
7

---------------------- Page: 9 ----------------------

SIST-TS CEN/TS 16080:2014
CEN/TS 16080:2013 (E)
3.1.11
efficacy
rate of URLs blocked among those belonging to a particular harmful URL category in a reference database
3.1.12
e-mail
system of sending messages (which may include text, images, sound, animation or video) over the Internet for
immediate or later retrieval
3.1.13
end user
person who is protected from potentially harmful or dangerous URLs when accessing material on the Internet
by any of the methods under the scope of this Technical Specification
3.1.14
filtering
selective blocking of URLs (e.g. web pages) against specified criteria
3.1.15
instant message
system that allows exchange of short messages and sharing of files in real time over the Internet (see also
chat), usually one-to-one
3.1.16
Internet
global interconnected network of networked computers, providing an infrastructure through which applications
such as web browsing, email, chat and instant messaging operate
3.1.17
Internet Service Provider (ISP)
provider of Internet services such as Internet connectivity and web site hosting
3.1.18
manufacturer
organization or corporation developing the product or service
3.1.19
newsgroup
area where end users can post or read comments about specific subjects
3.1.20
overblocking
prevention of access to acceptable URLs wrongly classified as belonging to any of the categories of
potentially harmful URLs described in Annex A
3.1.21
overblocking rate
rate of URLs blocked among those not belonging to a particular harmful URL category in a reference
database
3.1.22
personnel list
feature that allows the administrator of a Web filter to prevent a site not blocked by the Web filter or to
authorize a site blocked by the Web filter, regardless of the filtering mode selected
8

---------------------- Page: 10 ----------------------

SIST-TS CEN/TS 16080:2014
CEN/TS 16080:2013 (E)
3.1.23
personnal identification number
sequence of numbers that act as a password for a protected data asset or for accessing configuration option
in a computer system
3.1.24
phishing
malicious sites designed to steal personal data from end users, such as credit card numbers, passwords, etc,
by masquerading as an authentic and trustworthy site or entity
3.1.25
potentially harmful URL
a URL whose content is considered not appropriate for fruition by the end user of a Web filter because
potentially harmful, even if it is not illegal in the country where the recipient of the service lives or resides
Note 1 to entry: Annex A specifies harmful URL categories.
3.1.26
product description
information describing a product or service, designed to help potential consumers evaluate a product before
purchasing or adopting it
3.1.27
product packaging
physical wrapping of a software product, point of download for software products downloaded from the
Internet, or point of activation for services available through the Internet
3.1.28
SPAM
unsolicited or undesired electronic messages usually sent in bulk
3.1.29
reference database
a list of URLs belonging to a particular harmful URL category, together with a list of URLs that do not belong
to such category
Note 1 to entry: Annex A specifies harmful URL categories. Annex C provides with the procedure to build a reference
database for a category.
3.1.30
social networking service
a social networking service is an online site that focuses on building and reflecting of social networks or social
relations among end users, who, for example, share interests and/or activities
Note 1 to entry: Annex B provides more details of social networking services.
3.1.31
step by step instructions
instructions that are presented in a manner that details each end user or administrator action as a separate
command thus making carrying out the operation less error prone
Note 1 to entry: On their own Step by Step instructions may not necessarily explain how the product or service actually
works or what it does.
3.1.32
software product
set of computer programs, procedures, and possibly associated documentation and data
9

---------------------- Page: 11 ----------------------

SIST-TS CEN/TS 16080:2014
CEN/TS 16080:2013 (E)
3.1.33
support provider
organization that provides technical support to consumers and administrators of the Web filter
3.1.34
user documentation
set of documents, available in print or electronic form, that provides information on the installation,
configuration, use and maintenance of the Web filter
3.1.35
Web filter
software product or service designed to protect end users from potentially harmful or dangerous URLs when
accessing material on the Internet
3.1.36
Web filter support
the provision of information to the administrator in order to solve specific technical problems or clarifications to
doubts on Web filter use
3.1.37
whitelist
list of URLs that are never blocked by a Web filter
3.2 Abbreviations
E-mail
Electronic mail
FAQs Frequently Asked Questions
HTTP Hyper Text Transfer Protocol
ISP Internet Service Provider
P2P Peer to Peer
PIN Personal Identification Number
URL
Universal Resource Locator
VoIP Voice over Internet Protocol
4 Web filter requirements
4.1 General
In order to comply with this Technical Specification, manufacturers or providers of Web filters shall fulfil the
requirements described on this clause.
4.2 Requirements
4.2.1 Level of protection
The Web filter shall block access to potentially harmful URLs by default with an efficacy equals or over 0,95
for all potentially harmful URLs categories and their corresponding reference databases.
Compliance is checked using reference databases built according to C.3.
The Web filter shall not overblock access to acceptable URLs by default with an overblocking rate equals or
below 0,05 for all potentially harmful URLs categories and their corresponding reference databases.
10

---------------------- Page: 12 ----------------------

SIST-TS CEN/TS 16080:2014
CEN/TS 16080:2013 (E)
Compliance is checked using reference databases built according to C.4.
The Web filter shall provide administrators with the ability to access all URLs by temporally disabling the filter.
Compliance is checked by verification according to C.5.
The Web filter shall allow administrators to completely block access to any URL.
Compliance is checked by verification according to C.5.
The Web filter shall provide the administrator with the ability to apply the default settings of the Web filter to
specified end user accounts if applicable.
Compliance is checked by verification according to C.5.
4.2.2 Configuration
The Web filter shall provide the administrator with the possibility of configuring a whitelist.
Compliance is checked using a whitelist built according to C.6.
The Web filter shall provide the administrator with the possibility of configuring a blacklist.
Compliance is checked using a blacklist built according to C.6.
The Web filter shall provide administrators with the ability to schedule blocking and access to URLs by time of
the day and day of the week.
Compliance is checked by verification according to C.5.
4.2.3 Request of revision to categorization
The Web filter shall provide a mechanism for the administrator to request the revision of the categorization of
a URL or domain, accessible through the block page itself or the administration interface of the filter.
If requests of revision of categorization are approved, changes shall be made available within the specified
response times of the supplier (within available support times).
If requests of revision of categorization are denied, the administrator shall be notified within the specified
response times of the supplier (within available support times).
Compliance is checked by verification according to C.5.
4.2.4 Installation and initial setup
Installation or implementation shall be supported by step-by-step instructions to ensure proper
installation/implementation.
Upon installation or implementation with the default settings, the Web filter shall provide the level of protection
as specified by this Technical Specification.
When it is made available as a preinstalled application, the Web filter shall automatically provide the level of
protection as specified by this Technical Specification, or when first run, guide the administrator through step-
by-step instructions to a proper configuration in order to provide the level of protection as specified by this
Technical Specification.
11

---------------------- Page: 13 ----------------------

SIST-TS CEN/TS 16080:2014
CEN/TS 16080:2013 (E)
Where the Web filter offers the ability to configure individual end user accounts, administrators shall have the
ability to apply the default settings of the Web filter to specified accounts.
The Web filter shall, upon installation or implementation or first run if preinstalled, present the administrator
with a reminder that no Web filter can be 100 % effective or replace adult supervision.
Any known conflicts with other software or services shall be clearly stated in the installation instructions or
notified to the administrator as part of the installation.
The Web filter shall, upon installation or first run if preinstalled, provide a simple mechanism to verify the
correct operation of the filter, providing for example one or more “test” pages that are always going to be
blocked. The mechanism shall be available also after the installation process, as a means to verify that the
filter is operational.
Compliance is checked by verification according to C.5.
4.2.5 Mon
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST-TP CEN/TR 17603-40:2022(Main)
Space engineering - Software engineering handbook
CEN/TR 17603-40:2022

This Handbook provides advice, interpretations, elaborations and software engineering best practices for the implementation of the requirements specified in EN 16603-40 (based on ECSS-E-ST-40C). The handbook is intended to be applicable to both flight and ground. It has been produced to complement the EN 16603-40 Standard, in the area where space project experience has reported issues related to the applicability, the interpretation or the feasibility of the Standard. It should be read to clarify the spirit of the Standard, the intention of the authors or the industrial best practices when applying the Standard to a space project.
The Handbook is not a software engineering book addressing the technical description and respective merits of software engineering methods and tools.

  • Standard
    198 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/TR 17603-40-01:2022(Main)
Space engineering - Agile software development handbook
CEN/TR 17603-40-01:2022

This Handbook provides recommendations for the implementation of an Agile approach in space software projects complying with EN 16603-40 (based on ECSS-E-ST-40) and EN 16602-80 (based on ECSS-Q-ST-80).
This handbook is not an Agile development book, though it provides an Agile reference model based on Scrum and also covers other major Agile methods and techniques. Scrum has been selected as reference because of its widespread application in industry and its flexibility as a development framework to introduce or merge with other Agile methods and techniques. In relation to the EN 16603-40 and EN 16602-80, this handbook does not provide any tailoring of their requirements due to the use of the Agile approach, but demonstrates how compliance towards ECSS can be achieved. This handbook does not cover contractual aspects for this particular engineering approach, although it recognises that considering the approach of fixing cost and schedule and making the scope of functionalities variable, the customer and supplier need to establish specific contractual arrangements. Furthermore, it does not impose a particular finality for the use of Agile, either as a set of team values, project management process, specific techniques or supporting exploration by prototypes.

  • Technical report
    105 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/CLC/TR 17602-80-01:2021(Main)
Space product assurance - Reuse of existing software
CEN/CLC/TR 17602-80-01:2021

This handbook provides recommendations, methods and procedures that can be used for the selection and reuse of existing software in space software systems.
This handbook is applicable to all types of software of a space system, including the space segment, the launch service segment and the ground segment software (including EGSEs) whenever existing software is intended to be reused within them.
This handbook covers the following topics:
• Software reuse approach including guidelines to build the Software Reuse File
• Techniques to support completion of existing software qualification to allow its reuse in a particular project
• Tool qualification
• Risk management aspects of reusing existing software Existing software can be of any type: Purchased (or COTS), Legacy-Software, open-source software, customer-furnished items (CFI's), etc.
NOTE Special emphasis is put on guidance for the reuse of COTS software often available as-is and for which no code and documentation are often available.
Legal and contractual aspects of reuse are in principle out of scope; how ever guidelines to help in determine the
reusability of existing software from a contractual point of view is provided in [ESA/REG/002].
Any organization with the business objective of systematic reuse may need to implement the organizational reuse processes presented in [ISO12207]. These processes w ill support the identification of reusable software products and components within selected reuse domains, their classification, storage and systematic reuse within the projects of that organization, etc. But these processes are out of scope of this handbook as the handbook is centred on the specific project activities to reuse an existing software product, not part of those organizational reuse processes more oriented to ‘design for reuse’ processes.
In addition, this handbook provides guidelines to be used for the selection and analysis of tools for the development, verification and validation of the operational software.

  • Technical report
    58 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    58 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/CLC/TR 17602-80-04:2021(Main)
Space product assurance - Software metrication programme definition and implementation
CEN/CLC/TR 17602-80-04:2021

The scope of this Handbook is the software metrication as part of a space project, i.e. a space system, a subsystem including hardware and software, or ultimately a software product. It is intended to complement the EN 16602-80 (equivalent to ECSS-Q-ST-80) with specific guidelines related to use of different software metrics including their collection, analysis and reporting. Tailoring guidelines for the software metrication process are also provided to help to meet specific project requirements.
This Handbook provides recommendations, methods and procedures that can be used for the selection and application of appropriate metrics, but it does not include new requirements w ith respect to those provided by EN 16602-80 (equivalent to ECSS-ST-Q-80).
The scope of this Handbook covers the following topics:
• Specification of the goals and objectives for a metrication programme.
• Identification of criteria for selection of metrics in a specific project / environment (goal driven).
• Planning of metrication in the development life cycle.
• Interface of metrication with engineering processes.
• Data collection aspects (including use of tools).
• Approach to the analysis of the collected data.
• Feedback into the process and product based on the analysis results.
• Continuous improvement of measurement process.
• Use of metrics for process and product improvement.
This Handbook is applicable to all types of software of all major parts of a space system, including the space segment, the launch service segment and the ground segment software.

  • Technical report
    100 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    100 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/CLC/TR 17602-80-11:2021(Main)
Space product assurance - Software process assessment and improvement - Part 1: Framework
CEN/CLC/TR 17602-80-11:2021

This handbook defines methods for process assessment and improvement that may be used to meet the requirements on
process assessment and improvement of the EN16602-80 (equivalent to ECSS-Q-ST-80C) subclause 5.7. These methods constitute a clear and proven w ay of implementing those requirements. Alternative methods can be used provided that they meet the detailed instructions provided in this handbook for recognition of software process assessment schemes and results and process improvement.
This handbook provides a detailed method for the implementation of the requirements of the EN16602-80 for software process assessment and improvement. It also establishes detailed instructions for alternative methods intended to meet the same EN16602-80 requirements.
The process assessment and improvement scheme presented in this handbook is based on and conformant to the ISO/IEC 15504 International Standard. In designing this process assessment and improvement scheme the ISO/IEC 15504 exemplar process assessment model w as adopted and extended to address specific requirements.
The methods provided in this handbook can support organizations in meeting their business goals and in this context they can be tailored to suit their specific needs and requirements. How ever w hen used to claim compliance with relevant requirements in EN16602-80 only the steps and activities explicitly marked as recommended in this handbook may be omitted or modified.

  • Technical report
    122 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    122 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/CLC/TR 17602-80-03:2021(Main)
Space product assurance - Software dependability and safety
CEN/CLC/TR 17602-80-03:2021

This Handbook provides guidance on the application of the dependability and safety requirements relevant to software defined in EN 16602-80 (equivalent of ECSS-Q-ST-80).
This Handbook provides support for the selection and application of software dependability and safety methods and techniques that can be used in the development of software-intensive space systems.
This Handbook covers all of the different kinds of software for which EN 16602-80 (equivalent of ECSS-Q-ST-80) is applicable. Although the overall software dependability and safety workflow description is mainly targeted to the development of spacecraft, the described approach can be adapted to projects of different nature (e.g. launchers, ground systems).
The methods and techniques described in the scope of this Handbook are limited to assessment aspects, not including development and implementation techniques for dependability and safety (e.g. fault tolerance techniques, or development methods like coding standards, etc.).
Although dependability is a composite term, including reliability, availability and maintainability, this Handbook addresses in particular the reliability aspects. Software maintainability and availability are not covered in depth by this handbook, because the relevant methods and techniques are still undergoing improvement. Nevertheless, whenever a link can be made to either of these two characteristics, it is explicitly mentioned in the corresponding section.

  • Technical report
    43 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    43 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/CLC/TR 17602-80-12:2021(Main)
Space product assurance - Software process assessment and improvement - Part 2: Assessor instrument
CEN/CLC/TR 17602-80-12:2021

This handbook provides assessors with a number of instruments needed to perform software process capability assessments using the assessment method described in EN 17603-80-11 (equivalent to ECSS-Q-HB-80-02 Part 1). It also provides instruments that help assessors to carry out their activities when performing assessments and supporting the implementation of software process improvement initiatives using the method for process improvement described in Part 1.
The instruments provided are:
• The Process Assessment Model (PAM) required to perform assessments including process descriptions and process attribute indicators
• Conformance statement to the requirements in ISO/IEC 15504 Part 2
• A definition of the Process Reference Model (PRM) on which TR 17603-80-11 and TR 17603-80-12 (equivalent to ECSS-Q-HB-80-02 Part 1 and 2) PAM are based (defined in TR 17603-80-11)
• Detailed traces from base practices in the PAM to standard clauses and from work products to expected outputs.

  • Technical report
    129 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    129 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 19014-4:2020(Main)
Earth-moving machinery - Functional safety - Part 4: Design and evaluation of software and data transmission for safety-related parts of the control system (ISO 19014-4:2020)
EN ISO 19014-4:2020

This part of EN ISO 19014 specifies general principles for software design, test and signal transmission requirements of safety‐related parts of machine‐control systems (MCS) in earth‐moving machinery and its equipment, as defined in EN ISO 6165.

  • Standard
    48 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    43 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 4660-005:2019(Main)
Aerospace series - Modular and Open Avionics Architectures - Part 005: Software
EN 4660-005:2019

This European Standard establishes uniform requirements for design and development of software
architecture for modular avionics systems.

  • Standard
    321 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 16602-80:2019(Main)
Space product assurance - Software product assurance
EN 16602-80:2018

This Standard defines a set of software product assurance requirements to be used for the development and maintenance of software for space systems. Space systems include manned and unmanned spacecraft, launchers, payloads, experiments and their associated ground equipment and facilities. Software includes the software component of firmware.
This Standard also applies to the development or reuse of non­deliverable software which affects the quality of the deliverable product or service provided by a space system, if the service is implemented by software.
ECSS-Q-ST-80 interfaces with space engineering and management, which are addressed in the Engineering (-E) and Management (-M) branches of the ECSS System, and explains how they relate to the software product assurance processes.
This standard may be tailored for the specific characteristic and constrains of a space project in conformance with ECSS-S-ST-00.
Tailoring of this Standard to a specific business agreement or project, when software product assurance requirements are prepared, is also addressed in clause 4.3.

  • Standard
    117 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    116 pages
    English language
    sale 10% off
    e-Library read for
    1 day