Ask a software developer about the definition of software quality and the chances are, you would mostly come across different definitions focusing on different characteristics of software. One of the common answers that I have come across is in relation with performance & scalability. They say that the software is of high quality if it (the web pages in case of web application) loads with very high speed and scale appropriately without degradation in performance in case of high/peak load. Ask these developers how would they define the quality in relation with code that they write and you would mostly find details comprising of code smells etc.
Lets try and understand the software quality characteristics from ISO 25000 guidelines and relate the same with code quality. Following are the software quality characteristics that are prescribed by ISO 25000 guidelines to measure/assess the software quality in general.
- Functional Suitability: Functional suitability primarily represents the correctness and completeness of the functionality delivered by a piece of code. The functional suitability could be measured using what can be termed as “defect density” which measures the number of defects divided by the size of the release. For example, in case of Agile SCRUM model, defect density could be calculated as the number of defects divided by total points in the sprint. Thus, velocity remaining same, if defects density trends upwards, it could be assessed that software code is not creating the functionality which can be termed suitable in terms of correctness, completeness and accuracy.
- Maintainability: Maintainability represents on how easy it is to change the code. The ease of change is a function of parameters such as modularity, testability etc. Thus, code maintainability could be assessed as a function of characteristics such as modularity, testability and re-usability. One could use static analysis tools such as Sonar to measure some of the above mentioned characteristics of maintainability.
- Usability: Usability could be represented in form of readability and understandability of the code. A highly usable code shall be easy to read and understand. One of the key thing developer may require to do to achieve high usability is pay attention to code cyclomatic complexity which is represented as a number of conditional statements (if, while, for, &&, ||, switch-case ) present in the code. Higher the code complexity, greater is the chance that code would be difficult to read and understand. Another aspect that developers need to focus is naming conventions. Naming classes and methods which has some meaning makes the code easy to comprehend, read and understand.
- Efficiency: Efficiency primarily represents the performance aspect of code. Given the fact that cloud-ready application development has picked up great momentum in recent times, it becomes much more important for developers to write efficient code and load test the same, if possible. Developers would want to run profiler against their code once in a while to do the memory profiling and take appropriate measures.
- Security: Security primarily represents the security hooks that developers need to put in the code to take care of different aspects of security vulnerability. Given the fact that it is universally accepted that perimeter level application security is not enough, it is much more important for developers to pay attention to security vulnerabilities and take care of the same while designing and developing the code. The developers may require to gain knowledge in relation with different threat modeling techniques, and OWASP top 10 recommendations for security vulnerabilities.