If you want to delight your customer with great software code quality or avoid software code quality concerns of your customer, following are top 5 areas you may want to take care of:
- Functionality Suitability: Following are three different areas your software code should address:
- Correctness
- Completeness
- Appropriateness
Out of above, correctness and completeness can directly be monitored and measured using bug tracking mechanisms. And, it is responsibility of both, developers and testers to make sure that these sub characteristics are complied. Developers achieve it by writing good unit tests, and test engineers achieve it by doing various different form of testing.
From metrics perspectives, defect density is the area to look at on regular basis, if you are doing software development using agile methodologies. Defect density across multiple sprints would help you regulate the software code compliance with requirement specifications.
- Maintainability: Maintainability of your source code is another important area which technical stakeholders from customer end speaks about. It can be measured in terms of how easy can your code be changed or, in short, change ability of your code. The changeability of the code is directly related with some of the following sub-characteristics:
- Testability: Customers, generally, shows unhappiness if the code is not associated with good quality unit tests with enough coverage. There are various reasons to why developers fail to write good unit tests, the topmost being the lack of knowledge on unit testing front and secondary being the lack of enough time for writing unit tests.
- Modularity: Customers do complain on the modularity aspect of the code if they find code smells such as long classes, long methods etc.. These are code smells which directly impacts modularity of the software thereby reducing the same.
- Re-usability: Customer may complain about re-usability aspect of code if your code is found with code smells such as long classes, long methods etc. These code smells reduces cohesiveness of the code. Cohesivess is related with reusability in following manner: Higher the cohesiveness of the code, greater is the re-usability and vice-versa. Cohesiveness of the code is in turn, in some way, can be related to modularity aspect of coding. The code lower in cohesion, are found to be less modular in the sense that lower cohesion represents mixed responsibilities of software entities including class, package etc. that decreases overall modularity. In order to write highly re-usable code, one must understand object-oriented principles such as Single Responsibility Principle (SRP). SRP belongs to the famous SOLID object oriented design principles. By following the principle, one starts increasing cohesiveness of the code, and in turn, re-usability of the code.
- Usability: Usability of the source code is directly associated with some of the following:
- Readability: Code difficult to read scores low on usability aspect of the software quality characteristic. This may be attributed to lack of documentation and code smells such as long classes, long methods etc.
- Understand-ability: Customer does complain about “difficult to understand” code. This may happen primarily due to lack of documentation and also higher code complexity. The code complexity can be represented as McCabe Cyclomatic Complexity.
From software quality metrics, Usability can be measured in terms of cyclomatic complexity of the code.
- Security: Security coding violations may prove fatal for software. Most of the times, I found in my experience that customer stakeholders are themselves not very knowledgeable to assess the software code quality from security perspective. Also, the developers writing the software are also found to be lacking the concepts of security coding guidelines. The security code quality concerns are found by penetration testing of the software, and fixed accordingly. However, following are some of the facts to pay attention to avoid issues related with security code reviews:
- Adherence to Top 10 OWASP Standards: I firmly believe on 80-20 rule. Thus, out of top 10 OWASP specifications, if one does take care of two or three, it can save your day. Following are top 2 or 3 you would want to take care for sure:
- Injection
- Broken authentication and session management
- Cross-site scripting (XSS)
- Proper Validation of Input Parameters: Doing proper validation of input parameters may do lot in terms of saving your day against security hacks. Attacks like SQL injection, XSS can be avoided easily with proper validation techniques.
- Adherence to Top 10 OWASP Standards: I firmly believe on 80-20 rule. Thus, out of top 10 OWASP specifications, if one does take care of two or three, it can save your day. Following are top 2 or 3 you would want to take care for sure:
- Efficiency: This is one area which is hard to depict from the coding perspective while doing code review. However, if load/stress test is a mandate requirement for acceptance tests, make up your mind to consider the efficient aspect of the software during architecture and design phase of the project.
- Agentic Reasoning Design Patterns in AI: Examples - October 18, 2024
- LLMs for Adaptive Learning & Personalized Education - October 8, 2024
- Sparse Mixture of Experts (MoE) Models: Examples - October 6, 2024
I found it very helpful. However the differences are not too understandable for me