Skip to main content
← Back to Blog

ISO/IEC 15288: The Life-Cycle Process Standard the Whole Methodology Sits On

ISO/IEC/IEEE 15288 defines the systems-engineering life-cycle processes that nearly every domain safety standard quietly assumes. Understand its four process groups and you understand the skeleton under DO-178C, ISO 26262, IEC 62304, and the rest.

ISO/IEC/IEEE 15288 is the standard that defines the life-cycle processes for engineering a system. It is the least glamorous document in systems engineering and the most load-bearing. Almost every domain safety standard a team eventually meets, whether DO-178C in aviation, ISO 26262 in automotive, IEC 62304 in medical software, or EN 50128 in rail, quietly assumes the life-cycle discipline that 15288 spells out in general terms. Learn its structure once and the sector-specific standards stop looking like unrelated regimes and start looking like the same skeleton wearing different clothes.

The standard organizes the work of building a system into four process groups. The first is the agreement processes: acquisition and supply, the formal handshakes that define what is being built, for whom, and under what terms. The second is the organizational project-enabling processes: life-cycle model management, infrastructure, portfolio, human resource, quality, and knowledge management, the enterprise-level scaffolding that lets projects run at all. The third is the technical management processes: project planning, assessment and control, decision management, risk management, configuration management, information management, measurement, and quality assurance. The fourth is the technical processes, the ones most engineers picture when they hear systems engineering.

The technical processes are the spine of a program. They run from business and mission analysis, through stakeholder needs and requirements definition, system requirements definition, architecture definition, design definition, system analysis, implementation, integration, verification, transition, validation, operation, maintenance, and finally disposal. Read in order they describe the V-model that most engineers already carry in their heads: needs decompose down the left arm into requirements and design, and evidence climbs back up the right arm through integration, verification, and validation. 15288 does not mandate a waterfall; it defines processes that can be applied iteratively, incrementally, or in any life-cycle model the organization chooses. What it fixes is the set of activities and their outcomes, not their sequence.

The reason 15288 matters to a working program is that it makes the process groups map cleanly onto real program work. Agreement processes are your contract and statement of work. Technical management processes are the program management office and the configuration control board. Technical processes are the engineering itself. When a domain standard says a team must have a configuration management process or a requirements definition process, it is naming a 15288 process and adding domain-specific rigor on top. A program that already runs 15288-shaped processes can adopt a sector standard by tailoring, not by rebuilding, because the underlying activities are already in place.

Traceability is where 15288 turns from a taxonomy into a daily practice. The technical processes generate a chain of artifacts: stakeholder needs become system requirements, system requirements drive architecture and design, design is implemented and integrated, and verification and validation produce the evidence that the built system meets the requirements and satisfies the need. Each link in that chain is a traceability relationship the standard expects to be established and maintained. When a stakeholder need changes, the impact ripples forward through requirements, design, and verification, and the program must be able to identify and reassess everything affected. That forward-and-backward trace is the single most valuable, and most fragile, artifact 15288 asks a program to keep.

Tailoring is a first-class activity in the standard, not a workaround. 15288 explicitly expects organizations to select and adapt the processes appropriate to their project size, risk, and domain. A three-person CubeSat team and a flagship crewed spacecraft program both use 15288, but they tailor it very differently. The mistake is to treat tailoring as an excuse to skip the processes that feel like overhead. The processes 15288 defines are the ones that later become audit questions. Skipping configuration management or measurement because a program is small is precisely how a program discovers, at its first serious review, that it cannot demonstrate control over its own baseline.

The companion standard worth knowing is ISO/IEC/IEEE 12207, which does for software what 15288 does for systems, using a deliberately aligned process architecture so the two interlock. INCOSE's Systems Engineering Handbook is structured around 15288 and is the practical bridge between the abstract process definitions and how a real program applies them. A team that understands 15288 has the conceptual map that makes the handbook, and every derived domain standard, legible.

This is the layer methodology-native tooling is built to serve. When the life-cycle processes are the model, the traceability chain from stakeholder need to verification evidence is first-class data rather than a spreadsheet reconstructed before a review. Hitt Hosting SE keeps that chain live: requirements, architecture elements, design, and verification activities carry their relationships explicitly, and a change to an upstream artifact flags every downstream artifact as suspect for reassessment. The process outcomes 15288 expects a program to demonstrate become a byproduct of working inside the methodology, not a documentation exercise assembled at the end.

More from the Blog

Trade Studies: How Systems Engineers Defend the Decisions That Shape a Program

Almost every consequential decision on a program, which architecture, which supplier, which redundancy scheme, is a choice among alternatives that were never equally good. A trade study is the discipline that turns that choice from an argument won by seniority into a decision defended by evidence.

Functional Decomposition: Turning a Mission Into a System Architecture

The hardest discipline in early design is refusing to name components before you have understood functions. Functional decomposition is the systems-engineering practice that maps what a system must do before deciding what it is, and it is where a good architecture is either earned or foreclosed.

The Digital Thread: What It Actually Connects, and Why It Breaks

The digital thread is the connected chain of data that links a requirement to the design that satisfies it, the analysis that justifies it, and the verification that proves it. It is a traceability story before it is a data-format story, and that is exactly where most programs break it.

Ready to try it?

Start a free 30-day pilot and see how Hitt Hosting SE handles your mission data.

Start Your PilotSee Features