SQALE

SQALE (Software Quality Assessment based on Lifecycle Expectations) is a method to support the evaluation of a software application source code. It is a generic method, independent of the language and source code analysis tools, licensed under the Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported license. Software editors can freely use and implement the SQALE method.

The SQALE method was developed by inspearit France (formerly DNV ITGS France). It is used by many organizations for applications of any type and any size. This method is implemented by several static code analysis tools that produce the defined indices and indicators. In addition, this method allows doing the precise management of design debt for Agile software development projects.

History
The SQALE method has been developed to answer a general need for assessing the quality of source code. It is meant to answer fundamental questions such as:
 * What is the quality of the source code delivered by the developers?
 * Is the code changeable, maintainable, portable, reusable?
 * What is the design debt stored up by the project?

Standards, like ISO 9126, do not provide effective support about the manner of building a global answer. To be able to evaluate the quality of source code, the developers community needs a generic method having the following properties:
 * Objective, specific and reproducible
 * Producing indices, syntheses or/and indicators easily understandable and helping to make decisions relating to the improvement of the source code
 * Independent of the languages
 * Independent of the tools for analysis

Fundamental principles

 * 1) The quality of the source code is a non-functional requirement.
 * 2) The requirements in relation to the quality of the source code have to be formalised according to the same quality criteria as all other requirements.
 * 3) Assessing the quality of a source code is in essence assessing the distance between its state and its expected quality objective.
 * 4) The SQALE method assesses the distance to the conformity with the requirements by considering the necessary remediation cost for bringing the source code to conformity.
 * 5) The SQALE method respects the representation condition.
 * 6) The SQALE method uses addition for aggregating the remediation costs and for calculating its quality indicators.
 * 7) The SQALE method's quality model is orthogonal.
 * 8) The SQALE method's quality model takes the software's lifecycle into account.

Details
The method is based on 4 main concepts:
 * 1) The quality model
 * 2) The analysis model
 * 3) The indices
 * 4) The indicators

The quality model
The SQALE Quality Model is used for formulating and organising the non-functional requirements that relate to the code's quality. It is organised in three hierarchical levels. The first level is composed of characteristics, the second of sub-characteristics. The third level is composed of requirements that relate to the source code's internal attributes. These requirements usually depend on the software's context and language.

The analysis model
The SQALE analysis model contains on the one hand the rules that are used for normalising the measures and the controls relating to the code, and on the other hand the rules for aggregating the normalised values. The SQALE method normalises the reports resulting from the source code analysis tools by transforming them into remediation costs. To do this, either a remediation factor or a remediation function is used. The SQALE Method defines rules for aggregating the remediation costs, either in the Quality Model's tree structure, or in the hierarchy of the source code's artefacts.

The indices
All SQALE indices represent costs. These costs can be calculated in work unit, in time unit or in monetary unit. In all cases, the indices values are on a scale of ratio type. They can be handled with all the allowed operations for this type of scale. For any element of the hierarchy of the source code artefacts, the remediation cost relating to a given characteristic can be estimated by adding all remediation costs linked to the requirements of the characteristic. The indices of SQALE characteristics are the following:
 * SQALE Testability Index	: STI
 * SQALE Reliability Index	: SRI
 * SQALE Changeability Index	: SCI
 * SQALE Efficiency Index	: SEI
 * SQALE Security Index	: SSI
 * SQALE Maintainability Index	: SMI
 * SQALE Portability Index	: SPI
 * SQALE Reusability Index	: SRuI

The method also defines a global index: For any element of the hierarchy of the source code artefacts, the remediation cost relating to all the characteristics of the quality model can be estimated by adding all remediation costs linked to all the requirements of the quality model. This derived measurement is called: SQALE Quality Index: SQI For the AGILE Software Development, the SQI index correspond to the design debt (or technical debt) of the project. The method also defines index densities which allow comparing the products quality of different size (for example SQID: SQALE Quality Density Index).

The indicators
The SQALE method defines three synthesised indicators. Each user can define indicators according to his needs.

SQALE and Agile Software Development
The SQALE method is particularly devoted to the management of the design debt (or technical debt) of Agile Software Development. It allows:
 * To clearly define what creates design debt
 * To correctly estimate design debt
 * To describe this debt into various parts relating to the testability, the reliability, the changeability, the maintainability... This classification supports the analysis regarding the impact of the debt and how to define the priority actions of code refactoring.

In the requirements relating to the source code (the SQALE Quality Model), the method allows to include a minimum threshold to reach with unit testing. In the case that this threshold is not reached, the reliability index of the application is impacted.

Tools which implement the SQALE method

 * SQuORE
 * SonarQube
 * Security Reviewer Suite