IT organizations can use code quality standards to detect critical violations of good coding and architectural practice in software. Measure software against code quality standards at every release, e.g., measure code compliance to secure architectures, and put CISQ software quality measures into contracts with outside developers or software vendors to track to established outcomes.
CISQ submits software quality specifications to the Object Management Group® (OMG®) for approval as standards. OMG has a fast-track process to ISO to submit CISQ measures as international standards.
Published Standards Available for Use
- Automated Function Points (AFP) and Automated Enhancement Points (AEP) are standard measures for software sizing.
- Automated Quality Characteristic Measures for Security, Reliability, Performance Efficiency, and Maintainability identify critical software flaws based on well-established software engineering rules.
Automated Quality Characteristic Measures in Detail
The nonfunctional requirements of software (Security, Reliability, Performance Efficiency, and Maintainability) can be traced to the most damaging of system failures and are at the core of code quality standards and recommendations. CISQ Quality Characteristic Measures are consistent with ISO/IEC 25010 definition. The measures are designed to be automated on source code to identify critical vulnerabilities in the software that are severe enough that they need to be fixed. Combined with a sizing measure, a density metric is produced for each quality characteristic. Thresholds can be set for each characteristic.
The CISQ Quality Characteristic Measures cover eighty-six well-established software engineering rules to ensure secure, reliable, efficient and easy to maintain software. The following table shows a “snapshot” of software engineering rules contained in the measurement of each quality characteristic at the unit level and system level.
|Software Quality Characteristic||Good Coding Practices
|Good Architectural Practices
Code Quality Standards in Development Now
- Technical Debt is a measure of software cost, effort and risk due to defects remaining in code at release.
- Quality-Adjusted Productivity is a measure of development productivity that takes into account the quality of software produced.
CISQ working groups are led by Dr. Bill Curtis, Executive Director of CISQ, and author of the Capability Maturity Model. Read Dr. Bill Curtis’ biography.
For guidance on applying software quality metrics, read these whitepapers:
- How to Deliver Resilient, Secure, Efficient, and Easily Changed IT Systems in Line with CISQ Recommendations
- CISQ Recommendation Guide: Effective Software Quality Metrics for Use in ADM Service Level Agreements
To learn more or get involved as a sponsor, please contact us.
In this video Dr. Bill Curtis discusses software quality standards: