Terms and definitions

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

computer hardware

All or part of the physical components of an information system. (Leveraged from 'hardware' definition in ISO/IEC 2382:2015 Information technology — Vocabulary https://www.iso.org/standard/63598.html)

computer program

Combination of computer instructions and data definitions that enable computer hardware to perform computational or control functions. (From ISO/IEC/IEEE 24765:2017 Systems and software engineering — Vocabulary https://www.iso.org/standard/71952.html)

firmware

Computer programs and data stored in hardware - typically in read-only memory (ROM) or programmable read-only memory (PROM) - such that the programs and data cannot be dynamically written or modified during execution of the programs. (From https://csrc.nist.gov/glossary/term/firmware, from CNSSI 4009-2015, leveraged from IETF RFC 4949 Ver 2 at https://datatracker.ietf.org/doc/rfc4949/)

hardware

The material physical components of a system. (From https://csrc.nist.gov/glossary/term/hardware, from CNSSI 4009-2015)

information system

An organized assembly of computing and communication resources and procedures -- i.e., equipment and services, together with their supporting infrastructure, facilities, and personnel -- that create, collect, record, process, store, transport, retrieve, display, disseminate, control, or dispose of information to accomplish a specified set of functions. (From https://csrc.nist.gov/glossary/term/information_system, from CNSSI 4009-2015, leveraged from IETF RFC 4949 Ver 2 at https://datatracker.ietf.org/doc/rfc4949/)

persona

Representation of a type of user that includes a concise summary of the characteristics of the user that is most informative to the design or illustrative of specific user requirements

Note 1 to entry: A persona typically includes behavior patterns, goals, skills, attitudes, and environment, with a few fictional personal details to make the persona a realistic character.

(From ISO/IEC 25063:2014 Systems and software engineering — Systems and software product Quality Requirements and Evaluation (SQuaRE) Common Industry Format (CIF) for usability: Context of use description)

profile

A scope of usage for SPDX targeting support for particular use cases and scenarios (e.g., software, licensing, security, etc.). A profile identifies which particular SPDX namespaces, classes, and properties it leverages, along with any custom constraints unique to its use.

software

Computer programs (which are stored in and executed by computer hardware) and associated data (which also is stored in the hardware) that may be dynamically written or modified during execution. (From https://csrc.nist.gov/glossary/term/software, from CNSSI 4009-2015, from IETF RFC 4949 Ver 2 at https://datatracker.ietf.org/doc/rfc4949/)

stakeholder

Individual or organization having a right, share, claim, or interest in a system or in its possession of characteristics that meet their needs and expectations. (From https://csrc.nist.gov/glossary/term/stakeholder, from NIST SP 800-160v1r1 from ISO/IEC/IEEE 15288:2015)

system

Any organized assembly of resources and procedures united and regulated by interaction or interdependence to accomplish a set of specific functions. Note: Systems also include specialized systems such as industrial/process controls systems, telephone switching and private branch exchange (PBX) systems, and environmental control systems. (From https://csrc.nist.gov/glossary/term/system, from CNSSI 4009-2015)