The measures in this standard were calculated from detecting and counting violations of good architectural and coding practices in the source code that could result in unacceptable operational risks or excessive costs. Establishing standards for these measures at the source code level is important because they have been used in outsourcing and system development contracts without having international standards to reference. For instance, the ISO/IEC 25000 series of standards that govern software product quality provide only a small set of measures at the source code level.
A primary objective of updating these measures was to extend their applicability to embedded software, which is especially important for the growing implementation of embedded devices and the Internet of Things. Functionality that has traditionally been implemented in IT applications is now being moved to embedded chips. Since the weaknesses included in the measures specified in this document have been found to be applicable to all forms of software, embedded software is not treated separately in this specification.
État actuel : PubliéeDate de publication : 2021-03
Edition : 1
Comité technique:Technologies de l'information
Acheter cette norme
Vous avez une question?
Consulter notre FAQ
De lundi à vendredi - 09:00-12:00, 14:00-17:00 (UTC+1)
Suivez l'actualité de l'ISO
Inscrivez-vous à notre Newsletter (en anglais) pour suivre nos actualités, points de vue et informations sur nos produits.