IT organizations can use code quality standards to detect critical violations of good coding and architectural practice in software. Measure software against code quality standards at every release, e.g., measure code compliance to secure architectures, and put CISQ software quality measures into contracts with outside developers or software vendors to track to established outcomes.
Published Standards Available for Use
- Automated Function Points (AFP) and Automated Enhancement Points (AEP) for software sizing
- Automated Quality Characteristic Measures for measuring the Security, Reliability, Performance Efficiency, and Maintainability of software
Automated Quality Characteristic Measures in Detail
The nonfunctional requirements of software (Security, Reliability, Performance Efficiency, and Maintainability) can be traced to the most damaging of security breaches and system failures and are at the core of code quality standards and recommendations. CISQ Quality Characteristic Measures are consistent with ISO/IEC 25010 definition. The measures are designed to be automated on source code to identify critical vulnerabilities in the software that are severe enough that they need to be fixed. Combined with a sizing measure, a density metric is produced for each quality characteristic. Thresholds can be set for each characteristic.
The CISQ Quality Characteristic Measures cover eighty-six well-established software engineering rules to ensure secure, reliable, efficient and easy to maintain software. The following table shows a snapshot of software engineering rules contained in the measurement of each quality characteristic at the unit level and system level.
|Software Quality Characteristic||Good Coding Practices
|Good Architectural Practices
CISQ working groups are led by Dr. Bill Curtis, Executive Director of CISQ, and author of the Capability Maturity Model. Read Dr. Bill Curtis’ biography.
For guidance on applying software quality metrics, read these whitepapers:
- How to Deliver Resilient, Secure, Efficient, and Easily Changed IT Systems in Line with CISQ Recommendations
- CISQ Recommendation Guide: Effective Software Quality Metrics for Use in ADM Service Level Agreements
In this video Dr. Bill Curtis discusses software quality standards: