[GTALUG] ISO QA - it really is a war story

Russell rreiter91 at gmail.com
Sat Jul 29 08:37:49 EDT 2017 

I really like Hughs war stories. They are full of gentle good humor and I always learn something interesting and usefull.

Standardization in individual industries has existed for a very long time however, ISO is a military tool. It was established in order to ensure that quality assurance abstracts are enforced. If whatever is provided under military contracts, extends beyond sic sigma indicators, there are consequences. 

Sic sigma, not to be confused with Six Sigma as co-opted by Motorola, ensures that the widget is as described and operational within the norms of standard deviation.

Motorola couldn't name their own process sic sigma, as the military holds the patent. Motorola made up some bafflegab around their own military involvement with yattadadada, in six parts, and ran with it. 

If you file a patent with a government patent office, it is firstly vetted by the military establishment. They can deny the patent to you and use the information you provided themselves. Or they can fund you and take your rights, whichever is easier. The military holds up the patent process.

In essence all technology is military technology, even if it is designed and built by civilians for civilian use.

No one can patent a construct, even though they had done all the research and initial product development, untill it is vetted by MI.

Under military driven ISO, civilian organizations do advertise their "certified" ISO QA contsructs starting at number 9000, first published in 1987. This is what causes the confusion between adoption of a standards process and a manufactures certification of the same process. 

On a personal note, 1987 was around the time I worked in building during the day and for after work, I bought a book on 6809 assembler and the assembly language rom cart for my girlfriend's TRS 80. I have been a hacker since then. Prior to that all I had done was read discarded IBM manuals I picked up at various job sites etc.

For troubleshooting systems integration, I abstract the OSI model under ISO this way.

SAP is a Standardly Applied Protocol.
SOP is a Standard Operating Procedure.
FORM is the First Order of Reliability Methods.
SORM is the Second Order of Reliability Methods.

This is sufficient for my own purposes. For penetration testing there is a THFM, Third Heuristic First Movement

<begin_spooky_Roswell_music>

 but the data is fuzzy on that and the jury is still out  ... there ... somewhere ...  

</begin_spooky_Roswell_music>
;-)

-- 
Russell
Sent by K-9 Mail

More information about the talk mailing list