Standards & Principles
Standards & Principles
The engineering standards and frameworks that NexoGraph is built upon.
NexoGraph is not a custom methodology — it is a structured implementation of established systems engineering standards and frameworks. The metamodel, entity types, traceability relations, and lifecycle stages are all grounded in internationally recognized specifications.
Understanding these foundations helps you see why NexoGraph is structured the way it is, and gives you confidence that the artefacts you produce are compatible with industry and regulatory expectations.
| Standard | Scope | NexoGraph role |
|---|
| MBSE | Model-Based Systems Engineering methodology | The overarching methodology NexoGraph implements — graph model as single source of truth, digital thread, traceability |
| INCOSE SE Handbook | Systems Engineering principles and process framework | Core discipline: stakeholder focus, needs-first, V&V |
| Standard | Scope | NexoGraph role |
|---|
| ISO/IEC/IEEE 15288 | System life cycle processes | Metamodel structure: root collections map to life cycle process outputs |
| ISO/IEC/IEEE 29148 | Requirements engineering processes and quality characteristics | Requirements authoring: well-formed characteristics, attribute coverage, BoMA → StNR → SyRD traceability |
| Standard | Scope | NexoGraph role |
|---|
| ISO 26262 | Functional safety — road vehicles | HARA → FSR → TSR traceability chain; ASIL allocation on requirements |
| IEC 61508 | Functional safety — E/E/PE systems (parent standard) | SIL-based safety requirements; cross-sector baseline that ISO 26262 derives from |
| ISO 21448 — SOTIF | Safety of the intended functionality — ADAS/AD | Performance-limitation-driven safety goals; ODD and triggering condition management |
| Standard | Scope | NexoGraph role |
|---|
| ISO/SAE 21434 | Automotive cybersecurity engineering | TARA-derived cybersecurity goals and requirements; CAL allocation; CSMS lifecycle |
| IEC 62443 | Industrial automation and control systems security | Security requirements for OT/IACS environments; zone, conduit, and SL model |
| ISO/IEC 27001 | Information security management systems | Annex A control requirements; ISMS scope and risk-treatment obligation tracking |
| Standard | Scope | NexoGraph role |
|---|
| ISO/IEC/IEEE 42010 | Architecture description | Stakeholder/concern/viewpoint model used by entities; concern vs requirement distinction |
| OMG SysML | Systems Modeling Language | Requirement diagram and <<deriveReqt>>/<<satisfy>>/<<verify>> relation semantics |
The MBSE methodology and INCOSE principles provide the engineering discipline. ISO 15288 structures the life cycle that the metamodel is built around. ISO 29148 governs how requirements within that life cycle are authored and qualified. The safety standards (26262, 61508, SOTIF) and security standards (21434, 62443, 27001) each contribute domain-specific requirement types and traceability obligations. ISO 42010 and SysML supply the architectural and modeling vocabulary used throughout.
