What’s Needed to Get Your Code Quality Match ISO Standard 25010

The article relates software quality characteristics defined by ISO 25010 standard (SQUARE) with code quality and, recommends on what could be done by the developers to write the code matching the ISO quality standards. SQUARE stands for Software QUAlity Requirements and Evaluation (SQUARE). Please feel free to comment and add further points in any of the sections pertaining to quality characteristics listed later below.

As per ISO 25010 (SQUARE) standards, Software quality can be defined, managed and measured in terms of following two broad categories:

  • Quality in Use: Relates to the outcome of human interaction with the software
  • Product Quality: Relates to the static & dynamic properties of the software

In this article, we shall look into the aspect of code quality from the perspective of “Product Quality” mentioned above.

According to ISO 25010 (SQUARE) standards, following are 8 different characteristics defined as part of Product quality:

  1. Functional Suitability
  2. Maintainability
  3. Usability
  4. Performance Efficiency
  5. Security
  6. Reliability
  7. Compatibility
  8. Portability

 

Functional Suitability

Functional Suitability is mainly related with determining suitability of functionality in the context of business requirements vis-à-vis software application. In relation with functional suitability, following are three different characteristics (as specified by ISO 25010) that developers would want to focus upon while analyzing the requirements and, make sure that their code could be traced to achieve below objectives to attain high score in the quality attribute of functional suitability:

  • Functional completeness: Measures whether functionality is complete (all use cases) as per the business requirements
  • Functional correctness: : Ensures whether functionality is accurate as per the business requirements
  • Functional appropriateness: Checks whether functionality is appropriate

What’s needed to be done by developers?

To be able to achieve objectives of having one’s code address above three concerns (primarily completeness and correctness), developers need to work well with business analysts. You may ask for traceability metrics just to make sure that your piece of code has matched all the business requirements. In other words, they need to make business analysts their friends who would help them validate if the functionality delivered with code matches requirement of above three concerns.

In addition to business analysts, developers may also need to work well with QA just to make sure that there are enough test cases to test the code against the business requirements that code is trying to address.

Maintainability

Maintainability is related with ease with which code could be changed and maintained. In relation with maintainability, developers need to be aware of following key design/code characteristics (as per ISO 25010) and make sure that their design and code addresses them:

  • Modularity
  • Reusability/Cohesiveness
  • Testability

What’s needed to be done by developers?

To take care of above areas of concerns, one may do some of the following:

  • Apply object-oriented principles such as SOLID (primarily, Single Responsibility Principle (SRP)) to take care of concerns such as reusability & modularity while doing both, design and coding.
  • Focus on writing unit tests and achieve as high coverage as possible to ensure the testability.
  • Pay attention to code smells such as long classes, long methods as they might violate the SRP thereby making the code less cohesive and hence, less reusable.
  • Emphasize upon above-mentioned code smells when doing code reviews.
  • Plan to use static code analysis tools such as Sonar which points out about the testability, cohesiveness (LCOM) etc.
Usability

Usability related to ease with which code can be read, understood, learnt and work/develop. In relation with usability, following characteristics (as per ISO 25010) need to be focused upon:

  • Readability/Recognizability
  • Learnability
  • Operability

What’s needed to be done by developers?
To achieve above objectives, developers may need to focus upon some of the following while doing design and coding:

  • Document the code appropriately which makes it easy to understand the code
  • Pay attention to the cyclomatic complexity (McCabe) of code as it may impact readability of the code.
  • Pay attention to code smells such as long conditionals, long method, long class which make the code difficult to comprehend
  • Emphasize upon above-mentioned when doing code reviews
  • Plan to use static code analysis tools such as Sonar which points out about the aspects such as documentation, and code complexity.

 

Performance Efficiency

Performance efficiency is related with time and resource utilization by a piece of code at the runtime. In relation with performance efficiency, following are two key characteristics that need to be focused upon:

  • Time behavior
  • Resource utilization
  • Capacity

What’s needed to be done by developers?
To achieve above objectives, developers may need to focus upon some of the following techniques while doing design and coding:

  • Using right kind of data structure (ArrayList, LinkedList, Maps etc)
  • Consider right algorithms for processing the data
  • Consider data caching
  • Consider data-loading techniques on UI & Server side
  • Make sure that there are test cases (load testing) to test the above aspects.
Security

Security relates to following three characteristics that need to be addresses while doing design and coding:

  • Confidentiality (C )
  • Integrity (I )
  • Authenticity (A )
  • Non-repudiation
  • Accountability

What’s needed to be done by developers?

To take care of above areas of concerns, one may do some of the following:

  • Pay attention to three AAAs (Authentication, Authorization & Access Control) for taking care of CIA attributes
  • Pay attention to OWASP vulnerabilities’ recommendation and focus on doing input validation to take care of issues related with CIA
  • Learn the techniques/tools around threat modeling and try to model the threat during the design phase of the project implementation.
  • Pay attention to requirements that need auditing (Non-repudiation)
  • Make sure that there are test cases (security testing) to test the above aspects.
Reliability

Reliability relates to how reliable the code (system) is from the perspective of following characteristics:

  • Fault-tolerance
  • Availability
  • Recoverability/Resilience

What’s needed to be done by developers?

The above requirements mostly match the concerns of architects. However, developers may still do the following to play his part and make the system highly reliable:

  • Exception handling

 

[adsenseyu1]

Ajitesh Kumar

Ajitesh Kumar

I have been recently working in the area of Data analytics including Data Science and Machine Learning / Deep Learning. I am also passionate about different technologies including programming languages such as Java/JEE, Javascript, Python, R, Julia, etc, and technologies such as Blockchain, mobile computing, cloud-native technologies, application security, cloud computing platforms, big data, etc. I would love to connect with you on Linkedin. Check out my latest book titled as First Principles Thinking: Building winning products using first principles thinking.
Posted in ISO Standards, Software Quality. Tagged with , , , .