CISQ Quality Measures (2016) - Maintainability

A category in the Common Weakness Enumeration published by The MITRE Corporation.


Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

Weaknesses in this category are related to the CISQ Quality Measures for Maintainability, as documented in 2016 with the Automated Source Code Maintainability Measure (ASCMM) Specification 1.0. Presence of these weaknesses could reduce the maintainability of the software.

Weaknesses

Architecture with Number of Horizontal Layers Outside of Expected Range

The product's architecture contains too many - or too few - horizontal layers.

Class with Excessive Number of Child Classes

A class contains an unnecessarily large number of children.

Class with Excessively Deep Inheritance

A class has an inheritance level that is too high, i.e., it has a large number of parent classes.

Critical Data Element Declared Public

The product declares a critical variable, field, or member to be public when intended security policy requires it to be private.

Dead Code

The product contains dead code, which can never be executed.

Excessive McCabe Cyclomatic Complexity

The code contains McCabe cyclomatic complexity that exceeds a desirable maximum.

Excessive Use of Hard-Coded Literals in Initialization

The product initializes a data element using a hard-coded literal that is not a simple integer or static constant element.

Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer

The code at one architectural layer invokes code that resides at a deeper layer than the adjacent layer, i.e., the invocation skips at least one layer, and t...

Invokable Control Element with Excessive File or Data Access Operations

A function or method contains too many operations that utilize a data manager or file resource.

Invokable Control Element with Excessive Volume of Commented-out Code

A function, method, procedure, etc. contains an excessive amount of code that has been commented out within its body.

Invokable Control Element with Large Number of Outward Calls

The code contains callable control elements that contain an excessively large number of references to other application objects external to the conte...

Invokable Control Element with Signature Containing an Excessive Number of Parameters

The product contains a function, subroutine, or method whose signature has an unnecessarily large number of parameters/arguments.

Loop Condition Value Update within the Loop

The product uses a loop with a control flow condition based on a value that is updated within the body of the loop.

Method Containing Access of a Member Element from Another Class

A method for a class performs an operation that directly accesses a member element from another class.

Modules with Circular Dependencies

The product contains modules in which one module has references that cycle back to itself, i.e., there are circular dependencies.

Multiple Inheritance from Concrete Classes

The product contains a class with inheritance from more than one concrete class.

Source Code File with Excessive Number of Lines of Code

A source code file has too many lines of code.

Unconditional Control Flow Transfer outside of Switch Block

The product performs unconditional control transfer (such as a "goto") in code outside of a branching structure such as a switch block.

Use of Redundant Code

The product has multiple functions, methods, procedures, macros, etc. that contain the same code.

Use of Same Invokable Control Element in Multiple Architectural Layers

The product uses the same control element across multiple architectural layers.

Concepts

CISQ Quality Measures (2016)

This view outlines the most important software quality issues as identified by the Consortium for Information & Software Quality (CISQ) Automated Quality Characteristi...

See Also

  1. Automated Source Code Maintainability Measure (ASCMM)

    Object Management Group (OMG)

  2. Automated Quality Characteristic Measures

    Consortium for Information & Software Quality (CISQ)


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.