Software Products Quality Evaluation

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

ISO/IEC 25000, Series of International Standards (SQuaRE):

ISO/IEC 2500n - Quality Management Division:

  • ISO/IEC 25000:2014 – Guide to SQuaRE
  • ISO/IEC 25001:2014 – Planning and Management

ISO/IEC 2501n - Quality Model Division:

  • ISO/IEC 25010:2011 - System and software quality models
  • ISO/IEC 25011:2017
  • ISO/IEC 25012:2008

ISO/IEC 2502n - Quality Measurement Division:

  • ISO-IEC 25020:2007
  • ISO-IEC 25021:2012
  • ISO-IEC 25022:2016 - Measurement of quality in use
  • ISO-IEC 25023:2016 - Measurement of system and software product quality
  • ISO-IEC 25024:2015 - Measurement of data quality

ISO/IEC 2503n - Quality Requirements Division:

  • ISO/IEC 25030:2007

ISO/IEC 2504n - Quality Evaluation Division:

  • ISO/IEC 25040:2011
  • ISO/IEC 25041:2012 - Evaluation guide for developers, acquirers and independent evaluators
  • ISO/IEC 25045:2010

ISO/IEC 25050 to ISO/IEC 25099 - Extension division:

  • ISO-IEC 25051:2014 – Requirements for quality of Ready to Use Software Product (RUSP) and instructions for testing
  • ISO/IEC 25060:2010
  • ISO/IEC 25062:2006 - Common Industry Format (CIF) for usability test reports
  • ISO/IEC 25063:2014 - Common Industry Format (CIF) for usability: Context of use description
  • ISO/IEC 25064:2013 – Common Industry Format (CIF) for usability: User needs report
  • ISO/IEC 25065: (Under development)
  • ISO/IEC 25066:2016 - Common Industry Format (CIF) for Usability — Evaluation Report

ISO/IEC 25000 Persian Documentation Website

Introducing Some Evaluation Companies

In spain:

AQC Lab: laboratory for software product quality evaluation
ENAC (Entidad de Acreditación Nacional - Spanish accreditation body)

In iran:

Research Center for Informatics Industries is an information technology company in Iran that have hover 26 years experience ...

Research Center for Informatics Industries
Institute of Standards and Industrial Research of Iran

The Institute of Standards & Industrial Research of Iran, is the sole organization in the country that can lawfully develop and designate official standards for products. It is also the responsible body for conducting them through the endorsement of the Council of Compulsory Standards.

Software Analytics (SA)

(Quality and Security Measurement and Management Tools)

Software analytics refers to analytics specific to the domain of software systems taking into account source code, static and dynamic characteristics (e.g., software metrics) as well as related processes of their development and evolution. It aims at describing, monitoring, predicting, and improving efficiency and effectivity of software engineering throughout the software lifecycle, in particular during software development and software maintenance. Similar to other domain-specific analytics fields (e.g., business analytics), it is based on analyzing big data commonly managed, for example, by integrated development environments (IDEs) and software repositories.

Software Analytics is about gathering billions and billions of metrics from your live production software, including user clickstreams, mobile activity, end user experiences and transactions, and then making sense of those—providing you with business insights. Software analytics includes Application Performance Management, but extends to User Behavior, Business Transactions, Customer Insights and much, much more.


Kiuwan is a software as a service (SaaS) static program analysis multi-technology software for software analytics, quality and security measurement and management. Kiuwan is one of the tools in the Open Web Application Security Project (OWASP) source code analysis tools list. It was also finalist for IBM Beacon Awards 2015.


SonarQube (formerly Sonar) is an open source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells and security vulnerabilities on 20+ programming languages. SonarQube offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, comments, bugs, and security vulnerabilities. SonarQube can record metrics history and provides evolution graphs. SonarQube's provides fully automated analysis and integration with Maven, Ant, Gradle, MSBuild and continuous integration tools (Atlassian Bamboo, Jenkins, Hudson, etc.)


iPlasma was successfully used for analyzing the design of more than ten real-world, industrial systems including very large open-source systems (>1 MLOC), like Mozilla (C++, 2.56 million LOC) and Eclipse, (Java, 1.36 million LOC). iPlasma was also used during several consultancy activities for industrial partners, most of them involved in developing large software applications for telecom systems. The iPlasma environment can be downloaded from here.


NDepend is a static analysis tool for .NET managed code. The tool supports a large number of code metrics, allowing to visualize dependencies using directed graphs and dependency matrix. The tool also performs code base snapshots comparisons, and validation of architectural and quality rules. User-defined rules can be written using LINQ queries. This feature is named CQLinq. The tool also comes with a large number of predefined CQLinq code rules. Code rules can be checked automatically in Visual Studio or during continuous integration.

What can i do for you ?

Before taking part in an official evaluation and certification process, it is recommended that companies get support from expert consultants (whether in-house or external) that help them to improve their system or software products and control their quality throughout their life cycle, in order to tackle the certification process with confidence. Organizations that want to certify the quality of their systems or products can get support from experienced staff in order to assure the quality of their systems or software products.

Other related works:

  • ISO/IEC 33000, Family of standards for process assessment

  • ISO 9000, Family of quality management systems standards

  • Capability Maturity Model Integration (CMMI)

  • European Foundation for Quality Management (EFQM)

  • Total Quality Management (TQM)

  • Quamoco (Open Quality Model and Tool Support for Quality Modelling and Evaluation)

  • Software QUALity Enhancement (Squale)

  • IEEE software life cycle:

    • SQA – Software quality assurance - IEEE 730
    • SCM – Software configuration management - IEEE 828
    • STD – Software test documentation - IEEE 829
    • SRS – Software requirements specification - IEEE 830
    • V&V – Software verification and validation - IEEE 1012
    • SDD – Software design description - IEEE 1016
    • SPM – Software project management - IEEE 1058
    • SUD – Software user documentation - IEEE 1063
  • Continuous Quality Improvement (CQI)

  • International Software Testing Qualifications Board (ISTQB)

  • Software Engineering Body of Knowledge (SWEBOK)

  • Business Analysis Body of Knowledge (BABOK)

  • Project Management Body of Knowledge (PMBOK)

  • Six-Sigma - on Software Integrity Levels

  • ISO 15026 on Software Integrity Levels