ISO/IEC 5055 defines four automated source code quality measures derived from detecting and counting severe weaknesses in source code that impact key quality characteristics. ISO/IEC 5055 operationalizes internal quality at the source-code level through measurable rule violations.

These measures are intended to be language-independent and applicable across application and embedded domains. They were standardized internationally to provide a consistent basis for specifying, assessing, and contracting for internal software quality at the code level. Implementations of this standard typically provide language-specific rule sets consistent with the OMG ASCQM specification, enabling aggregation per quality characteristic.

This standard is aligned with the ISO/IEC 25010 quality model and quantifies four characteristics via rule-based detection of weaknesses defined in the OMG Automated Source Code Quality Measures (ASCQM) specification.

Quality Attributes Required or Emphasized

Attribute Relevance in ISO/IEC 5055
Reliability Counts weaknesses that could cause faults at runtime or lead to system failure, thereby degrading dependable behavior.
Security Counts weaknesses that introduce vulnerabilities exploitable by attackers, reducing protection of confidentiality, integrity, and availability.
Performance Efficiency Counts weaknesses that produce excessive resource consumption or latency under stated conditions.
Maintainability Counts weaknesses that make the code harder, riskier, or costlier to modify, test, or understand, thus impeding efficient evolution.

References

Official/Authoritative Sources

  • ISO/IEC 5055:2021 listing (ANSI Webstore): https://webstore.ansi.org/standards/iso/isoiec50552021
  • BSI Knowledge catalog entry (preview pages with foreword/scope): https://shop.bsigroup.com/products/information-technology-software-measurement-software-quality-measurement-automated-source-code-quality-measures/standard
  • OMG ASCQM — Automated Source Code Quality Measures (about page, v1.1): https://www.omg.org/spec/ASCQM/1.1/About-ASCQM
  • OMG ASCQM specification PDF (v1.1): https://www.omg.org/spec/ASCQM/1.1/PDF
  • OMG ASCQM catalog entry (latest): https://www.omg.org/spec/ASCQM/