CQE-9000: Comprehensive View

 
Comprehensive View
View ID: 9000 Maturity: Preliminary
+ View Data

View Objective

This view (slice) covers all the quality components in CQE.

View Filter: true()

+ View Metrics
Formal CQE IDs (this view)Micro Elements (this view)Total Catalog
Total Elements160out of16066out of66226
Views7out of77
Quality_Characteristics41out of4141
Quality_Issues112out of112112
Practices40out of4040
Consequences26out of2626
View Components
View Components
A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
 
Accessibility
Quality Characteristic ID: 9033 Maturity: Preliminary
+ Description

Description Summary

Accessibility is a Quality_Characteristic describing the degree to which a wide variety of users can use the entity.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9174Usability
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9092Availability
Default Graph (primary)9001
 
Accountability
Quality Characteristic ID: 9053 Maturity: Preliminary
+ Description

Description Summary

Accountability is a Quality_Characteristic describing how well an entity records its actions.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
 
Accuracy
Quality Characteristic ID: 9008 Maturity: Preliminary
+ Description

Description Summary

Accuracy is a Quality_Characteristic describing how precise an entity's outputs are.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9020Completeness
Default Graph (primary)9001
 
Allocation of Memory without Associated Release
Quality Issue ID: 9112 Maturity: Preliminary
+ Description

Description Summary

The software allocates memory for a data element, but it does not release the associated memory at a later time.

Extended Description

This pattern identifies situations where a memory resource is explicitly allocated via the ManagesResource action to the storable or member data element, which is used throughout the application, along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, none of which being a memory release statement.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
ChildOf
Pr
Practice
9176Coding Practices
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-14
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-14. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Analyzability
Quality Characteristic ID: 9012 Maturity: Preliminary
+ Description

Description Summary

Analyzability is a Quality_Characteristic describing how easily an entity can be examined.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9084Understandability
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9066Legibility
Default Graph (primary)9001
ParentOf
Is
Issue
9216Source Code Element without Standard Prologue
Default Graph (primary)9001
 
Arbitrary Code Execution
Consequence ID: 9017 Maturity: Preliminary
+ Description

Description Summary

Arbitrary Code Execution may result when programming logic or conditions allow code to be executed outside of expected functional parameters.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
79Cross-site Scripting Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
134Format String Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
434File Upload Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
798Hard-Coded Credentials Usage for Remote Authentication
Default Graph (primary)9001
CanFollow
Pr
Practice
9063Authentication Practices
Default Graph (primary)9001
CanFollow
Pr
Practice
9095File Upload Control
Default Graph (primary)9001
CanFollow
Pr
Practice
9097Output Generation
Default Graph (primary)9001
CanFollow
Pr
Practice
9129Output Formatting Control
Default Graph (primary)9001
 
Architecture with Number of Horizontal Layers Outside of Expected Range
Quality Issue ID: 9007 Maturity: Preliminary
+ Description

Description Summary

The software architecture contains too many - or too few - horizontal layers.

Extended Description

This pattern identifies situations where the model of the architectural layers contains too many or too few horizontal layers, based on its number of horizontal layers (that is, excluding the vertical utility layers) that is smaller than the threshold value or greater than the threshold value. The default minimal value is 4 and the default max value is 8.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9124Layered Architectures
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9113Excessive Modification Effort
Default Graph (primary)9001
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-9
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-9. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Array Index Improper Input Neutralization
Quality Issue ID: 129 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the read or write action to access the array; none of the callable or method control element of the transformation sequence being a range check callable and method control element with regards to the array index.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9049Array Indexing
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
CanPrecede
Co
Consequence
9038Loss of Data Integrity
Default Graph (primary)9001
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCSM1ASCSM-CWE-129
CWE2.11129
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-129. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
 
Array Indexing
Practice ID: 9049 Maturity: Preliminary
+ Description

Description Summary

Array Indexing

Extended Description

Software that is unaware of array index bounds incurs the risk of corruption of relevant memory, and perhaps instructions, possibly leading to a crash, the risk of data integrity loss, and the risk of unauthorized access to sensitive data.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9022Memory Corruption
Default Graph (primary)9001
CanPrecede
Co
Consequence
9054Data Corruption
Default Graph (primary)9001
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001
ParentOf
Is
Issue
129Array Index Improper Input Neutralization
Quality Issues Organized by Practices (primary)9002
 
Authentication
Quality Characteristic ID: 9133 Maturity: Preliminary
+ Description

Description Summary

Authentication is a Quality_Characteristic describing whether an entity is what it is said to be.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
 
Authentication Practices
Practice ID: 9063 Maturity: Preliminary
+ Description

Description Summary

Authentication Practices

Extended Description

Software featuring weak authentication practices incurs the risk of exposing resources and functionality to unintended actors, possibly leading to compromised sensitive information and even the execution of arbitrary code.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9017Arbitrary Code Execution
Default Graph (primary)9001
CanPrecede
Co
Consequence
9032Exposed Resources
Default Graph (primary)9001
CanPrecede
Co
Consequence
9035Exposed Functionality
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001
CanPrecede
Co
Consequence
9189Information Disclosure
Default Graph (primary)9001
ParentOf
Is
Issue
798Hard-Coded Credentials Usage for Remote Authentication
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Availability
Quality Characteristic ID: 9092 Maturity: Preliminary
+ Description

Description Summary

Availability is a Quality_Characteristic describing the degree to which an entity will operate satisfactorily.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9033Accessibility
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
 
Broken or Risky Cryptographic Algorithm Usage
Quality Issue ID: 327 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the application uses the cryptographic deployed component while it is not part of the list of vetted cryptographic deployed components. As an example, FIPS 140-2 features a list of validated implementations.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
ChildOf
Pr
Practice
9136Cryptography
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCSM1ASCSM-CWE-327
CWE2.11327
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-327. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
 
Buffer Copy without Checking Size of Input
Quality Issue ID: 120 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where two buffer storable elements or member elements are allocated with specific sizes in the source buffer allocation statement and target buffer allocation statement, transformed within the application via transformation sequences composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, then ultimately used by the application to move the content of the first buffer onto the content of the second buffer through the move buffer statement, while the size of the first buffer is greater than the size of the second buffer.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9078Memory Management
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
CanPrecede
Co
Consequence
9022Memory Corruption
Default Graph (primary)9001
CanPrecede
Co
Consequence
9038Loss of Data Integrity
Default Graph (primary)9001
CanPrecede
Co
Consequence
9057Erroneous Behaviors
Default Graph (primary)9001
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-CWE-120
ASCSM1ASCSM-CWE-120
CWE2.11120
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-120. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-CWE-120. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Cache Maintenance
Practice ID: 9096 Maturity: Preliminary
+ Description

Description Summary

Cache Maintenance

Extended Description

Software deployed in distributed environment that does not maintain redundancy of data (such as cache) and code increases the time with which they are accessed.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9037Resource Management
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9140Increased (Access) Time
Default Graph (primary)9001
ParentOf
Is
Issue
9069Data Access Operations Outside of Expected Data Manager Component
Quality Issues Organized by Practices (primary)9002
 
Callable and Method Control Element Number of Outward Calls
Quality Issue ID: 9024 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the named callable control element or method control element has a Fan-Out value that is too large, based on its number of references to other objects within the application which exceeds the threshold value; the application determines the scope of the search for the referenced objects. Default value for threshold value is 5.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9016Modular Development
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
CanPrecede
Co
Consequence
9141Excessive Propagation of Modification Impacts
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-4
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-4. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Callable with Insufficient Behavioral Summary
Quality Issue ID: 9218 Maturity: Preliminary
+ Description

Description Summary

The code contains a callable whose signature and/or associated documentation does not sufficiently describe the callable's inputs, outputs, side effects, assumptions, or return codes.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE5.8
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Capacity/Allocation
Quality Characteristic ID: 9101 Maturity: Preliminary
+ Description

Description Summary

Capacity/Allocation is a Quality_Characteristic describing how well limited resources are managed.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9074Efficiency
Default Graph (primary)9001
 
Changeability/Modifiability
Quality Characteristic ID: 9029 Maturity: Preliminary
+ Description

Description Summary

Changeability is a Quality_Characteristic describing how easily an entity can be changed or modified.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
 
Child Class Element without Virtual Destructor unlike its Parent Class Element
Quality Issue ID: 9013 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where, with languages where custom destructors can be written, the child class element used in the 'from' association of an Extends class relation whose parent class element that is used in the 'to' association of the Extends class relation, directly or indirectly through parent and child class element, has the parent virtual destructor, that lack its own virtual destructor.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9157Inheritance and Polymorphism
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-17
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-17. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Class Element with Virtual Method Element without Virtual Destructor
Quality Issue ID: 9166 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the class element contains the virtual method element yet without declaring any virtual destructor.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9157Inheritance and Polymorphism
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-15
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-15. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Class Instance Self Destruction Control Element
Quality Issue ID: 9156 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the class element executes the control element to destroy itself. As an example of self-destruction control element in C++, the 'delete this' control element.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9176Coding Practices
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9057Erroneous Behaviors
Default Graph (primary)9001
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-7
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-7. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Class with an Excessive Inheritance Level
Quality Issue ID: 9123 Maturity: Preliminary
+ Description

Description Summary

The inheritance level of a class is excessively high, i.e., it has a large number of ancestors.

Extended Description

This pattern identifies situations where the inheritance level of the class element is considered as too large, based on its number of parent class units which exceeds the default threshold value of 7.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9157Inheritance and Polymorphism
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9113Excessive Modification Effort
Default Graph9001
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-17
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-17. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Class with Excessive Number of Child Classes
Quality Issue ID: 9165 Maturity: Preliminary
+ Description

Description Summary

A class contains an unnecessarily large number of children.

Extended Description

This pattern identifies situations where the number of children of the class element is considered as too large, based on its number of child classes which exceeds the default threshold value of 10.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9157Inheritance and Polymorphism
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9113Excessive Modification Effort
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-18
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-18. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Co-existence
Quality Characteristic ID: 9188 Maturity: Preliminary
+ Description

Description Summary

Co-existence is a Quality_Characteristic describing how well elements are shared between entities.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
 
Code Comments
Practice ID: 9089 Maturity: Preliminary
+ Description

Description Summary

Code Comments

Extended Description

Software that does not properly represent comments can cause excessive modification effort.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9113Excessive Modification Effort
Default Graph (primary)9001
ParentOf
Is
Issue
9161Excessive Volume of Commented-out Code
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Coding Practices
Practice ID: 9176 Maturity: Preliminary
+ Description

Description Summary

Coding Practices

Extended Description

Software featuring known under-efficient coding practices requires excessive computational resources.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001
ParentOf
Is
Issue
252Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
456Storable and Member Data Element Missing Initialization
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
704Incorrect Type Conversion or Cast
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9004Static Member Data Element outside of a Singleton Class Element
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9005Data Element Aggregating an Excessively Large Number of Non-Primitive Elements
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9014Creation of Immutable Text Using String Concatenation
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9062Invokable Control Element with Variadic Parameter Element
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9100Runtime Resource Management Control Element in a Component Built to Run on Application Servers
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9102Missing Serialization Control Element
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9110Serializable Data Element Containing non-Serializable Item Elements
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9112Allocation of Memory without Associated Release
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9116Data Resource Access without Use of Connection Pooling
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9138Float Type Storable and Member Data Element Comparison with Equality Operator
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9156Class Instance Self Destruction Control Element
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9182Use of Data Element without Invoking Deconstructor Method
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9193Persistent Storable Data Element without Associated Comparison Control Element
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9194Storable or Member Data Element containing Pointer Item Element without Proper Copy Control Element
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Communicativeness
Quality Characteristic ID: 9149 Maturity: Preliminary
+ Description

Description Summary

Communicativeness is a Quality_Characteristic describing how well an entity shares an idea.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9084Understandability
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9056Conciseness
Default Graph (primary)9001
 
Compilation with Insufficient Warnings or Errors
Quality Issue ID: 9228 Maturity: Preliminary
+ Description

Description Summary

The code is compiled without sufficient warnings enabled, which may prevent the detection of subtle bugs or quality issues.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CQE TeamMITREInternal CQE Team
 
Completeness
Quality Characteristic ID: 9020 Maturity: Preliminary
+ Description

Description Summary

Completeness is a Quality_Characteristic describing how thorough an entity is.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9008Accuracy
Default Graph (primary)9001
 
Compliance
Quality Characteristic ID: 9098 Maturity: Preliminary
+ Description

Description Summary

Compliance is a Quality_Characteristic describing how well an entity conforms to a defined standard.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9091Functionality
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9065Consistency
Default Graph (primary)9001
 
Comprehensive Consequences View
View ID: 9199 Maturity: Preliminary
+ View Data

View Objective

This view (slice) covers all the Consequences in CQE.

View Filter: name()='Consequence'

+ View Metrics
Formal CQE IDs (this view)Micro Elements (this view)Total Catalog
Total Elements0out of16026out of66226
Views0out of77
Quality_Characteristics0out of4141
Quality_Issues0out of112112
Practices0out of4040
Consequences26out of2626
 
Comprehensive Practices View
View ID: 9198 Maturity: Preliminary
+ View Data

View Objective

This view (slice) covers all the Practices in CQE.

View Filter: name()='Practice'

+ View Metrics
Formal CQE IDs (this view)Micro Elements (this view)Total Catalog
Total Elements0out of16040out of66226
Views0out of77
Quality_Characteristics0out of4141
Quality_Issues0out of112112
Practices40out of4040
Consequences0out of2626
 
Comprehensive Quality Characteristics View
View ID: 9196 Maturity: Preliminary
+ View Data

View Objective

This view (slice) covers all the Quality Characteristics in CQE.

View Filter: name()='Quality_Characteristic'

+ View Metrics
Formal CQE IDs (this view)Micro Elements (this view)Total Catalog
Total Elements41out of1600out of66226
Views0out of77
Quality_Characteristics41out of4141
Quality_Issues0out of112112
Practices0out of4040
Consequences0out of2626
 
Comprehensive Quality Issues View
View ID: 9197 Maturity: Preliminary
+ View Data

View Objective

This view (slice) covers all the Quality Issues in CQE.

View Filter: name()='Quality_Issue'

+ View Metrics
Formal CQE IDs (this view)Micro Elements (this view)Total Catalog
Total Elements112out of1600out of66226
Views0out of77
Quality_Characteristics0out of4141
Quality_Issues112out of112112
Practices0out of4040
Consequences0out of2626
 
Comprehensive View
View ID: 9000 Maturity: Preliminary
+ View Data

View Objective

This view (slice) covers all the quality components in CQE.

View Filter: true()

+ View Metrics
Formal CQE IDs (this view)Micro Elements (this view)Total Catalog
Total Elements160out of16066out of66226
Views7out of77
Quality_Characteristics41out of4141
Quality_Issues112out of112112
Practices40out of4040
Consequences26out of2626
 
Conciseness
Quality Characteristic ID: 9056 Maturity: Preliminary
+ Description

Description Summary

Conciseness is a Quality_Characteristic describing how briefly and accurately an idea can be conveyed.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9074Efficiency
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9149Communicativeness
Default Graph (primary)9001
 
Confidentiality
Quality Characteristic ID: 9025 Maturity: Preliminary
+ Description

Description Summary

A Quality_Characteristic describing the level of protection used to safeguard sensitive data.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
 
Consistency
Quality Characteristic ID: 9065 Maturity: Preliminary
+ Description

Description Summary

Consistency is a Quality_Characteristic describing how well an entity conforms to an undefined convention.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9098Compliance
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9099Structuredness
Default Graph (primary)9001
ParentOf
Is
Issue
9107Inconsistency Between Implementation and Documented Design
Default Graph (primary)9001
ParentOf
Is
Issue
9200Inconsistent Naming Conventions for Identifiers
Default Graph (primary)9001
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Creation of Immutable Text Using String Concatenation
Quality Issue ID: 9014 Maturity: Preliminary
+ Description

Description Summary

The software creates an immutable text string using string concatenation operations.

Extended Description

This pattern identifies situations where the named callable control element or method control element creates immutable text data elements via the string concatenation statement, which could be avoided by using text buffer data elements.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
ChildOf
Pr
Practice
9176Coding Practices
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-2
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-2. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Cross-site Scripting Improper Input Neutralization
Quality Issue ID: 79 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the user interface WritesUI action; none of the callable or method control element of the transformation sequence being a vetted sanitization control element from the list of vetted sanitization control elements.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9097Output Generation
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
CanPrecede
Co
Consequence
9017Arbitrary Code Execution
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCSM1ASCSM-CWE-79
CWE2.1179
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-79. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
 
Cryptography
Practice ID: 9136 Maturity: Preliminary
+ Description

Description Summary

Software using a broken or risky cryptographic algorithm incurs the risk of sensitive data being compromised.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001
ParentOf
Is
Issue
327Broken or Risky Cryptographic Algorithm Usage
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Data Access Constructs
Practice ID: 9105 Maturity: Preliminary
+ Description

Description Summary

Data Access Constructs

Extended Description

Software featuring known under-efficient SQL Query and Data Access constructs requires excessive computational resources.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001
ParentOf
Is
Issue
9027Excessive Data Query Operations in a Large Data Table
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9103Excessive Execution of Sequential Searches of Data Resource
Quality Issues Organized by Practices (primary)9002
ParentOf
Pr
Practice
9104Data Encapsulation
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9175Excessive Number of Indices for a Large Data Table
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9187Excessive Index Range Scan for a Data Resource
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Data Access Control Element from Outside Designated Data Manager Component
Quality Issue ID: 9159 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where named callable control element or method control element executes the data action statement although it is not part of a component identified as one of the dedicated data access components from the data access component list. The data access component can be either client-side or server-side, which means that data access components can be developed using non-SQL languages. The pattern simply identifies situations where the implementation does not follow the intended design, regardless of the design.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9076Data Integrity Management
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-10
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-10. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Data Access Operations Outside of Expected Data Manager Component
Quality Issue ID: 9069 Maturity: Preliminary
+ Description

Description Summary

The software performs data-access operations that do not use a dedicated, central data manager component.

Extended Description

This pattern identifies situations where the named callable control element or method control element executes the data action although it is not part of the central data manager identified as one of the dedicated data access components from the data access components list. The component can be either client-side either server-side, which means that not all server-side components are allowed to handle data accesses. The data access component can be either client-side either server-side, which means that data access components can be developed using non-SQL languages. The pattern simply identifies situations where the implementation does not follow the intended design, regardless of the design.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9096Cache Maintenance
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
CanPrecede
Co
Consequence
9140Increased (Access) Time
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-11
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-11. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Data Corruption
Consequence ID: 9054 Maturity: Preliminary
+ Description

Description Summary

Data Corruption may result when programming logic creates scenarios in which data is modified or removed in a manner inconsistent with expected parameters.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
22Path Traversal Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Pr
Practice
9049Array Indexing
Default Graph (primary)9001
CanFollow
Pr
Practice
9078Memory Management
Default Graph (primary)9001
CanFollow
Pr
Practice
9104Data Encapsulation
Default Graph (primary)9001
CanFollow
Is
Issue
9153Data Element Declared Public
Default Graph (primary)9001
CanFollow
Is
Issue
9181Method Containing Access of a Member Element from Another Class
Default Graph (primary)9001
CanFollow
Pr
Practice
9183File Path Control
Default Graph (primary)9001
 
Data Element Aggregating an Excessively Large Number of Non-Primitive Elements
Quality Issue ID: 9005 Maturity: Preliminary
+ Description

Description Summary

The software uses a data element that has an excessively large number of sub-elements with non-primitive data types (i.e., aggregated objects).

Extended Description

This pattern identifies situations where the data type of the storable data element aggregates storable data elements with non-primitive data types, which is considered too large because it exceeds the threshold value, which defaults to 5.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
ChildOf
Pr
Practice
9176Coding Practices
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-12
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-12. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Data Element Declared Public
Quality Issue ID: 9153 Maturity: Preliminary
+ Description

Description Summary

The software contains a data element that has been declared public.

Extended Description

This pattern identifies situations where the storable data element or member data element is declared as public through the Create action.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9104Data Encapsulation
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9054Data Corruption
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-15
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-15. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Data Encapsulation
Practice ID: 9104 Maturity: Preliminary
+ Description

Description Summary

Data Encapsulation

Extended Description

Software that does not follow the principles of data encapsulation incurs the risk of data corruption.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9105Data Access Constructs
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9054Data Corruption
Default Graph (primary)9001
ParentOf
Is
Issue
9153Data Element Declared Public
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9181Method Containing Access of a Member Element from Another Class
Quality Issues Organized by Practices (primary)9002
 
Data Integrity Management
Practice ID: 9076 Maturity: Preliminary
+ Description

Description Summary

Data Integrity Management

Extended Description

Software without consistently-enforced approach to data integrity management incurs the risk of behaving unexpectedly.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001
ParentOf
Is
Issue
9159Data Access Control Element from Outside Designated Data Manager Component
Quality Issues Organized by Practices (primary)9002
 
Data Resource Access without Use of Connection Pooling
Quality Issue ID: 9116 Maturity: Preliminary
+ Description

Description Summary

The software accesses a data resource without using a connection pooling capability.

Extended Description

This pattern identifies situations where the named callable control element or method control element executes the data resource management action not using connection pooling capability. The usage of connection pooling capability is technology dependent. As examples, connection pooling is disabled with the addition of 'Pooling=false' to the connection string with ADO.NET and the value of 'com.sun.jndi.ldap.connect.pool' environment parameter in Java.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
ChildOf
Pr
Practice
9176Coding Practices
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-13
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-13. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Deadlock
Consequence ID: 9028 Maturity: Preliminary
+ Description

Description Summary

Deadlock may result when processing is suspended while waiting on a currently locked resource to become available and unlocked. However, the lock is never released and the state remains locked.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
667Shared Resource Improper Locking
Default Graph (primary)9001
CanFollow
Is
Issue
9018Modules with Circular Dependencies
Default Graph (primary)9001
CanFollow
Is
Issue
9070Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element
Default Graph (primary)9001
CanFollow
Pr
Practice
9172State Protection
Default Graph (primary)9001
CanFollow
Pr
Practice
9178Locking
Default Graph (primary)9001
CanFollow
Is
Issue
9192Singleton Class Instance Creation without Proper Lock Element Management
Default Graph (primary)9001
 
Declaration of Catch for Generic Exception
Quality Issue ID: 396 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the named callable control element or method control element contains the catch unit which declares to catch the exception parameter whose datatype is part of the list of overly broad exception datatypes. With Java, an example is {'java.lang.Exception'}.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9010Execution Status Control
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9131Error/Exception Handling
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001
CanPrecede
Co
Consequence
9154Poisoned Data Usage
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-CWE-396
ASCSM1ASCSM-CWE-396
CWE2.11396
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-396. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-CWE-396. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Declaration of Throws for Generic Exception
Quality Issue ID: 397 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the named callable control element or method control element throws with the Throws action the exception parameter whose datatype is part of the list of overly broad exception datatypes. In Java, one example from this list is {'java.lang.Exception'}.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9010Execution Status Control
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9131Error/Exception Handling
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001
CanPrecede
Co
Consequence
9154Poisoned Data Usage
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-CWE-397
ASCSM1ASCSM-CWE-397
CWE2.11397
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-397. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-CWE-397. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Declaration of Variable with Unnecessarily Wide Scope
Quality Issue ID: 9227 Maturity: Preliminary
+ Description

Description Summary

The source code declares a variable in one scope, but the variable is only used within a narrower scope.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CQE TeamMITREInternal CQE Team
 
Default Graph
View ID: 9001 Maturity: Preliminary
+ View Data

View Objective

Default Hierarchy

+ View Metrics
Formal CQE IDs (this view)Micro Elements (this view)Total Catalog
Total Elements153out of16064out of66226
Views0out of77
Quality_Characteristics41out of4141
Quality_Issues112out of112112
Practices39out of4040
Consequences25out of2626
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
HasMember
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
HasMember
Ch
Characteristic
9115Security
Default Graph (primary)9001
HasMember
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
HasMember
Ch
Characteristic
9169Performance
Default Graph (primary)9001
 
Degraded Comprehension
Consequence ID: 9145 Maturity: Preliminary
+ Description

Description Summary

Degraded Comprehension may result when conditions are too complex, disorderly, or non-sensical to be interpreted by human understanding.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
252Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource
Default Graph (primary)9001
CanFollow
Is
Issue
396Declaration of Catch for Generic Exception
Default Graph (primary)9001
CanFollow
Is
Issue
397Declaration of Throws for Generic Exception
Default Graph (primary)9001
CanFollow
Is
Issue
9007Architecture with Number of Horizontal Layers Outside of Expected Range
Default Graph (primary)9001
CanFollow
Pr
Practice
9036Unrestricted Data Operations
Default Graph (primary)9001
CanFollow
Is
Issue
9052Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer
Default Graph (primary)9001
CanFollow
Is
Issue
9093Invokable Control Element with Signature Containing an Excessive Number of Parameters
Default Graph (primary)9001
CanFollow
Is
Issue
9108Empty Exception Block
Default Graph (primary)9001
CanFollow
Pr
Practice
9121Structured Programming
Default Graph (primary)9001
CanFollow
Is
Issue
9123Class with an Excessive Inheritance Level
Default Graph (primary)9001
CanFollow
Pr
Practice
9124Layered Architectures
Default Graph (primary)9001
CanFollow
Pr
Practice
9131Error/Exception Handling
Default Graph (primary)9001
CanFollow
Is
Issue
9134Unconditional Control Flow Transfer outside of Switch Block
Default Graph (primary)9001
CanFollow
Pr
Practice
9137Unrestricted Parameters
Default Graph (primary)9001
CanFollow
Is
Issue
9160Invokable Control Element with Excessive File or Data Access Operations
Default Graph (primary)9001
CanFollow
Is
Issue
9184Use of Same Invokable Control Element in Multiple Architectural Layers
Default Graph (primary)9001
CanFollow
Is
Issue
9185Excessive Cyclomatic Complexity Within an Invokable Control Element
Default Graph (primary)9001
CanFollow
Is
Issue
9220Excessive Use of Unconditional Branching
Default Graph (primary)9001
CanFollow
Is
Issue
9222Excessive Cyclomatic Complexity
Default Graph (primary)9001
CanFollow
Is
Issue
9223Excessive Halstead Complexity
Default Graph (primary)9001
CanFollow
Is
Issue
9224Excessive Use of Self-Modifying Code
Default Graph (primary)9001
CanFollow
Is
Issue
9225Excessively Deep Nesting
Default Graph (primary)9001
CanFollow
Is
Issue
9227Declaration of Variable with Unnecessarily Wide Scope
Default Graph (primary)9001
 
Denial of Service
Consequence ID: 9031 Maturity: Preliminary
+ Description

Description Summary

Denial of Service may result if resources are exhausted at the time which they are called upon.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
672Expired or Released Resource Usage
Default Graph (primary)9001
CanFollow
Is
Issue
772Missing Release of Resource after Effective Lifetime
Default Graph (primary)9001
 
Durability
Quality Characteristic ID: 9186 Maturity: Preliminary
+ Description

Description Summary

Durability is a Quality_Characteristic describing how well an entity survives over its lifetime.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
 
Efficiency
Quality Characteristic ID: 9074 Maturity: Preliminary
+ Description

Description Summary

Efficiency is a Quality_Characteristic describing how an entity performs in relation to the amount of energy (work) required to perform.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9055Reusability
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9056Conciseness
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9064Modularity
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9101Capacity/Allocation
Default Graph (primary)9001
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Embedded Network Configuration
Practice ID: 9068 Maturity: Preliminary
+ Description

Description Summary

Embedded Network Configuration

Extended Description

Software featuring network configuration within its own code incurs the risk of failure when the remote resource changes.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
ParentOf
Is
Issue
9042Initialization with Hard-Coded Network Resource Configuration Data
Quality Issues Organized by Practices (primary)9002
 
Empty Exception Block
Quality Issue ID: 9108 Maturity: Preliminary
+ Description

Description Summary

An invokable code block contains an exception handling block that is empty.

Extended Description

This pattern identifies situations where the exception handling block (such as a Catch and Finally block) of the named callable and method control elements does not contain any other control element.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9131Error/Exception Handling
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-1
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-1. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Erroneous Behaviors
Consequence ID: 9057 Maturity: Preliminary
+ Description

Description Summary

Unpredictable or erroneous behaviors may result when programming logic, data, or conditions interact in a way that is outside of expected functional parameters.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
120Buffer Copy without Checking Size of Input
Default Graph (primary)9001
CanFollow
Is
Issue
252Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource
Default Graph (primary)9001
CanFollow
Is
Issue
456Storable and Member Data Element Missing Initialization
Default Graph (primary)9001
CanFollow
Is
Issue
704Incorrect Type Conversion or Cast
Default Graph (primary)9001
CanFollow
Is
Issue
9062Invokable Control Element with Variadic Parameter Element
Default Graph (primary)9001
CanFollow
Is
Issue
9100Runtime Resource Management Control Element in a Component Built to Run on Application Servers
Default Graph (primary)9001
CanFollow
Is
Issue
9102Missing Serialization Control Element
Default Graph (primary)9001
CanFollow
Is
Issue
9110Serializable Data Element Containing non-Serializable Item Elements
Default Graph (primary)9001
CanFollow
Is
Issue
9138Float Type Storable and Member Data Element Comparison with Equality Operator
Default Graph (primary)9001
CanFollow
Is
Issue
9156Class Instance Self Destruction Control Element
Default Graph (primary)9001
CanFollow
Is
Issue
9193Persistent Storable Data Element without Associated Comparison Control Element
Default Graph (primary)9001
CanFollow
Is
Issue
9194Storable or Member Data Element containing Pointer Item Element without Proper Copy Control Element
Default Graph (primary)9001
 
Error/Exception Handling
Practice ID: 9131 Maturity: Preliminary
+ Description

Description Summary

Inconsistent/Incomplete Handling

Extended Description

Software without consistent and complete handling of errors and exceptions makes it impossible to accurately identify and adequately respond to unusual and unexpected situations.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9113Excessive Modification Effort
Default Graph (primary)9001
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001
ParentOf
Is
Issue
252Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
396Declaration of Catch for Generic Exception
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
397Declaration of Throws for Generic Exception
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9108Empty Exception Block
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Excessive Attack Surface
Quality Issue ID: 9226 Maturity: Preliminary
+ Description

Description Summary

The product has an attack surface whose quantitative measurement exceeds a desirable maximum.

Extended Description

Originating from software security, an "attack surface" measure typically reflects the number of input points and outpoints that can be utilized by an untrusted party, i.e. a potential attacker. In some cases, this measure may reflect other aspects of quality besides security; e.g., a product with many inputs and outputs may require a large number of tests in order to improve code coverage.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
ChildOf
Is
Issue
9221Excessive Code Complexity
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE7.9
+ References
Pratyusa Manadhata. "An Attack Surface Metric". November 2008. <http://reports-archive.adm.cs.cmu.edu/anon/2008/CMU-CS-08-152.pdf>.
Pratyusa Manadhata and Jeannette M. Wing. "Measuring a System’s Attack Surface". 2004. <http://www.cs.cmu.edu/afs/cs/usr/wing/www/publications/ManadhataWing04.pdf>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CQE TeamMITREInternal CQE Team
 
Excessive Code Complexity
Quality Issue ID: 9221 Maturity: Preliminary
+ Description

Description Summary

The code is too complex, as calculated using a well-defined, quantitative measure.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
ParentOf
Is
Issue
9222Excessive Cyclomatic Complexity
Default Graph (primary)9001
ParentOf
Is
Issue
9223Excessive Halstead Complexity
Default Graph (primary)9001
ParentOf
Is
Issue
9225Excessively Deep Nesting
Default Graph (primary)9001
ParentOf
Is
Issue
9226Excessive Attack Surface
Default Graph (primary)9001
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CQE TeamMITREInternal CQE Team
 
Excessive Cyclomatic Complexity
Quality Issue ID: 9222 Maturity: Preliminary
+ Description

Description Summary

The code contains McCabe cyclomatic complexity that exceeds a desirable maximum.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Is
Issue
9221Excessive Code Complexity
Default Graph (primary)9001
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001
ParentOf
Is
Issue
9185Excessive Cyclomatic Complexity Within an Invokable Control Element
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE7.2
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
Wikipedia. "Cyclomatic Complexity". <https://en.wikipedia.org/wiki/Cyclomatic_complexity>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Excessive Cyclomatic Complexity Within an Invokable Control Element
Quality Issue ID: 9185 Maturity: Preliminary
+ Description

Description Summary

A named callable or method control element contains control flow that exceeds the desired cyclomatic complexity.

Extended Description

This pattern identifies situations where the named callable control element or method control element has a control flow with a Cyclomatic Complexity which is greater than the default threshold value of 20.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9121Structured Programming
Quality Issues Organized by Practices (primary)9002
ChildOf
Is
Issue
9222Excessive Cyclomatic Complexity
Default Graph (primary)9001
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-11
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-11. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Excessive Data Query Operations in a Large Data Table
Quality Issue ID: 9027 Maturity: Preliminary
+ Description

Description Summary

The software performs a data query with a large number of joins and sub-queries on a large data table.

Extended Description

This pattern identifies situations where the data table is considered very large, based on its number of rows which exceeds the threshold value, and where it is accessed by the data actions which is considered to be too complex, based on its number of joins between tables which exceeds the threshold value, and its number of sub-queries which exceeds the threshold value. The default value for number of rows is 1000000. The default value for number of joins is 5. The default value for number of sub-queries is 3.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9105Data Access Constructs
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-4
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-4. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Excessive Execution of Sequential Searches of Data Resource
Quality Issue ID: 9103 Maturity: Preliminary
+ Description

Description Summary

The software contains a data query against an SQL table or view that is configured in a way that does not utilize an index and may cause sequential searches to be performed.

Extended Description

This pattern identifies situations where the syntax of the ReadsColumnSet action and the index configuration of the SQL table or SQL view causes the DBMS to run sequential searches.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9105Data Access Constructs
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-5
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-5. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Excessive Halstead Complexity
Quality Issue ID: 9223 Maturity: Preliminary
+ Description

Description Summary

The code is structured in a way that a Halstead complexity measure exceeds a desirable maximum.

Extended Description

A variety of Halstead complexity measures exist, such as program vocabulary size or volume.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Is
Issue
9221Excessive Code Complexity
Default Graph (primary)9001
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE7.2
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
Wikipedia. "Halstead complexity measures". <https://en.wikipedia.org/wiki/Halstead_complexity_measures>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Excessive Index Range Scan for a Data Resource
Quality Issue ID: 9187 Maturity: Preliminary
+ Description

Description Summary

The software contains an index range scan for a data resource, but the scan can cover a large number of rows.

Extended Description

This pattern identifies situations where the data table is considered as very large, based on its number of rows which exceeds the threshold value, and where its index is considered as too large, based on its range value which exceeds the threshold value. The default value for number of rows is 1000000 and the default value for index range is 10.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9105Data Access Constructs
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-7
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-7. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Excessive Modification Effort
Consequence ID: 9113 Maturity: Preliminary
+ Description

Description Summary

Excessive Modification Effort may result when code, documentation, or other conditions are too complex, disorderly, or non-sensical to be understood and modified in a timely or efficient manner.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
9007Architecture with Number of Horizontal Layers Outside of Expected Range
Default Graph (primary)9001
CanFollow
Is
Issue
9011Use of Redundant Code
Default Graph (primary)9001
CanFollow
Is
Issue
9052Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer
Default Graph (primary)9001
CanFollow
Is
Issue
9060Multiple Inheritance from Concrete Classes
Default Graph (primary)9001
CanFollow
Is
Issue
9079Unreachable Invokable Control Element
Default Graph (primary)9001
CanFollow
Pr
Practice
9088Reuse
Default Graph (primary)9001
CanFollow
Pr
Practice
9089Code Comments
Default Graph (primary)9001
CanFollow
Is
Issue
9123Class with an Excessive Inheritance Level
Default Graph9001
CanFollow
Pr
Practice
9124Layered Architectures
Default Graph (primary)9001
CanFollow
Pr
Practice
9131Error/Exception Handling
Default Graph (primary)9001
CanFollow
Is
Issue
9161Excessive Volume of Commented-out Code
Default Graph (primary)9001
CanFollow
Is
Issue
9165Class with Excessive Number of Child Classes
Default Graph (primary)9001
CanFollow
Is
Issue
9184Use of Same Invokable Control Element in Multiple Architectural Layers
Default Graph (primary)9001
CanFollow
Is
Issue
9225Excessively Deep Nesting
Default Graph9001
 
Excessive Number of Data Accesses using Inefficient Procedures
Quality Issue ID: 9077 Maturity: Preliminary
+ Description

Description Summary

The software does not use efficient data-processing capabilities (such as stored procedures) when accessing data.

Extended Description

This pattern identifies situations where the server-side non-stored callable control elements in the data manager resource, embeds number of data resource access, which is considered too large because it exceeds the default threshold value of 5.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9167Stored Procedures & Functions
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-9
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-9. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Excessive Number of Indices for a Large Data Table
Quality Issue ID: 9175 Maturity: Preliminary
+ Description

Description Summary

The software uses a data table that contains a large number of indices.

Extended Description

This pattern identifies situations where the data table is considered as very large, based on its number of rows which exceeds the threshold value, and is considered to have too many indices, based on its number of indices which exceeds the threshold value. The default value for number of rows is 1000000. The default value for number of indices is 3.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9105Data Access Constructs
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-6
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-6. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Excessive Platform Resource Consumption within a Loop
Quality Issue ID: 9041 Maturity: Preliminary
+ Description

Description Summary

The software contains a loop or loop condition that directly or indirectly consumes platform resources, e.g. sessions or file descriptors.

Extended Description

This pattern identifies situations where the control element, whose nature is known to cause platform resource consumption, is directly or indirectly called via the execution path, starting from within the loop body block or within the loop condition.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-8
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-8. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Excessive Propagation of Modification Impacts
Consequence ID: 9141 Maturity: Preliminary
+ Description

Description Summary

Excessive Propagation of Modification Impacts may result when modifications are used that cause complex outward dependencies, excess lines of code, or other unnecessarily complex behavior that impacts significant results downstream in the code.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Pr
Practice
9016Modular Development
Default Graph (primary)9001
CanFollow
Is
Issue
9018Modules with Circular Dependencies
Default Graph (primary)9001
CanFollow
Is
Issue
9024Callable and Method Control Element Number of Outward Calls
Default Graph (primary)9001
CanFollow
Is
Issue
9151Source Code File with Excessive Number of Lines of Code
Default Graph (primary)9001
CanFollow
Is
Issue
9190Loop Condition Value Update within the Loop
Default Graph (primary)9001
 
Excessive Reliance on Global Variables
Quality Issue ID: 9209 Maturity: Preliminary
+ Description

Description Summary

The code is structured in a way that relies too much on using or setting global variables throughout various points in the code, instead of preserving the associated information in a narrower, more local context.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE3.10
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Excessive Resource Expenditure
Consequence ID: 9039 Maturity: Preliminary
+ Description

Description Summary

Excessive Resource Expenditure may result when code does not manage or utilize resources in an efficient manner.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
9004Static Member Data Element outside of a Singleton Class Element
Default Graph (primary)9001
CanFollow
Is
Issue
9005Data Element Aggregating an Excessively Large Number of Non-Primitive Elements
Default Graph (primary)9001
CanFollow
Is
Issue
9014Creation of Immutable Text Using String Concatenation
Default Graph (primary)9001
CanFollow
Is
Issue
9027Excessive Data Query Operations in a Large Data Table
Default Graph (primary)9001
CanFollow
Is
Issue
9041Excessive Platform Resource Consumption within a Loop
Default Graph (primary)9001
CanFollow
Pr
Practice
9061Recursion
Default Graph (primary)9001
CanFollow
Is
Issue
9077Excessive Number of Data Accesses using Inefficient Procedures
Default Graph (primary)9001
CanFollow
Pr
Practice
9083Iteration Control
Default Graph (primary)9001
CanFollow
Is
Issue
9090Initialization within a Static Code Block
Default Graph (primary)9001
CanFollow
Pr
Practice
9094Resource Bounds
Default Graph (primary)9001
CanFollow
Is
Issue
9103Excessive Execution of Sequential Searches of Data Resource
Default Graph (primary)9001
CanFollow
Pr
Practice
9105Data Access Constructs
Default Graph (primary)9001
CanFollow
Is
Issue
9112Allocation of Memory without Associated Release
Default Graph (primary)9001
CanFollow
Is
Issue
9116Data Resource Access without Use of Connection Pooling
Default Graph (primary)9001
CanFollow
Is
Issue
9122Non-SQL Named Callable and Method Control Element with Excessive Number of Data Resource Access
Default Graph (primary)9001
CanFollow
Pr
Practice
9144Resource Monitoring
Default Graph (primary)9001
CanFollow
Pr
Practice
9167Stored Procedures & Functions
Default Graph (primary)9001
CanFollow
Is
Issue
9175Excessive Number of Indices for a Large Data Table
Default Graph (primary)9001
CanFollow
Pr
Practice
9176Coding Practices
Default Graph (primary)9001
CanFollow
Is
Issue
9182Use of Data Element without Invoking Deconstructor Method
Default Graph (primary)9001
CanFollow
Is
Issue
9187Excessive Index Range Scan for a Data Resource
Default Graph (primary)9001
 
Excessive Use of Hard-Coded Literals in Initialization
Quality Issue ID: 9046 Maturity: Preliminary
+ Description

Description Summary

The software initializes a data element using a hard-coded literal.

Extended Description

This pattern identifies situations where the literal value element is used to initialize the storable data element or member data element via the Write action; exceptions are simple integers and static of constant storable or member data elements.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9142Hard-Coding
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9132Reduced Adaptability
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-3
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-3. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Excessive Use of Self-Modifying Code
Quality Issue ID: 9224 Maturity: Preliminary
+ Description

Description Summary

The product uses too much self-modifying code.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE7.3
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Excessive Use of Unconditional Branching
Quality Issue ID: 9220 Maturity: Preliminary
+ Description

Description Summary

The code uses too many unconditional branches (such as "goto").
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9121Structured Programming
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE7.1
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Excessive Volume of Commented-out Code
Quality Issue ID: 9161 Maturity: Preliminary
+ Description

Description Summary

The software contains an excessive amount of code that has been commented out.

Extended Description

This pattern identifies situations where the named callable control element or method control element contains too much commented-out code items, based on the percentage of instructions in the callable or method control element that are in comments which exceeds the default threshold value of 2%.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9089Code Comments
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9113Excessive Modification Effort
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-6
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-6. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Excessively Deep Nesting
Quality Issue ID: 9225 Maturity: Preliminary
+ Description

Description Summary

The code contains a callable or other code grouping in which the nesting / branching is too deep.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Is
Issue
9221Excessive Code Complexity
Default Graph (primary)9001
CanPrecede
Co
Consequence
9113Excessive Modification Effort
Default Graph9001
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE7.9
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Execution of Arbitrary Code
Consequence ID: 9059 Maturity: Preliminary
+ Description

Description Summary

 
Execution Status Control
Practice ID: 9010 Maturity: Preliminary
+ Description

Description Summary

Execution Status Control

Extended Description

Software unaware of accurate execution status control incurs the risk of bad data being used in operations, possibly leading to a crash or other unintended behaviors.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
ParentOf
Is
Issue
252Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
396Declaration of Catch for Generic Exception
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
397Declaration of Throws for Generic Exception
Quality Issues Organized by Practices (primary)9002
 
Expired or Released Resource Usage
Quality Issue ID: 672 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the platform resource is deallocated in the manages action using its unique resource handler value which is transported throughout the application via the transport sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, then used later within the application to try and access the resource in the read or write action.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9080Resource Lifecycle
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
CanPrecede
Co
Consequence
9031Denial of Service
Default Graph (primary)9001
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCSM1ASCSM-CWE-672
CWE2.11672
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-672. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
 
Exposed Functionality
Consequence ID: 9035 Maturity: Preliminary
+ Description

Description Summary

Exposed Functionality may result when the method or logic used in code, authentication, or other software components are exposed to unintended actors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
798Hard-Coded Credentials Usage for Remote Authentication
Default Graph (primary)9001
CanFollow
Pr
Practice
9063Authentication Practices
Default Graph (primary)9001
 
Exposed Resources
Consequence ID: 9032 Maturity: Preliminary
+ Description

Description Summary

Exposed Resources may result when CPU cycles, memory, file data and other components are exposed to unintended actors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
798Hard-Coded Credentials Usage for Remote Authentication
Default Graph (primary)9001
CanFollow
Pr
Practice
9063Authentication Practices
Default Graph (primary)9001
 
Failure
Consequence ID: 9143 Maturity: Preliminary
+ Description

Description Summary

Failure is a class of Consequences that includes any number of results due to unexpected parameters, conditions or logic during code execution.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
120Buffer Copy without Checking Size of Input
Default Graph (primary)9001
CanFollow
Is
Issue
129Array Index Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
606Unchecked Input for Loop Condition
Default Graph (primary)9001
CanFollow
Is
Issue
672Expired or Released Resource Usage
Default Graph (primary)9001
CanFollow
Is
Issue
772Missing Release of Resource after Effective Lifetime
Default Graph (primary)9001
CanFollow
Is
Issue
789Uncontrolled Memory Allocation
Default Graph (primary)9001
CanFollow
Is
Issue
835Loop with Unreachable Exit Condition ('Infinite Loop')
Default Graph (primary)9001
CanFollow
Pr
Practice
9006OS Command Execution
Default Graph (primary)9001
CanFollow
Pr
Practice
9010Execution Status Control
Default Graph (primary)9001
CanFollow
Pr
Practice
9026Remote System Call Blocking
Default Graph (primary)9001
CanFollow
Is
Issue
9042Initialization with Hard-Coded Network Resource Configuration Data
Default Graph (primary)9001
CanFollow
Pr
Practice
9049Array Indexing
Default Graph (primary)9001
CanFollow
Pr
Practice
9068Embedded Network Configuration
Default Graph (primary)9001
CanFollow
Pr
Practice
9078Memory Management
Default Graph (primary)9001
CanFollow
Pr
Practice
9083Iteration Control
Default Graph (primary)9001
CanFollow
Pr
Practice
9085Numerical Conversion
Default Graph (primary)9001
CanFollow
Is
Issue
9173Synchronous Call Time-Out Absence
Default Graph (primary)9001
 
File Path Control
Practice ID: 9183 Maturity: Preliminary
+ Description

Description Summary

File Path Control

Extended Description

Software that is unaware of file path control incurs the risk of exposition of sensitive data, the risk of corruption of critical files, such as programs, libraries, or important data used in protection mechanisms.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9054Data Corruption
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001
CanPrecede
Co
Consequence
9189Information Disclosure
Default Graph (primary)9001
ParentOf
Is
Issue
22Path Traversal Improper Input Neutralization
Quality Issues Organized by Practices (primary)9002
 
File Upload Control
Practice ID: 9095 Maturity: Preliminary
+ Description

Description Summary

File Upload Control

Extended Description

Software unaware of file upload control incurs the risk of arbitrary code execution or other unexpected behaviors based on the type, extension, or other properties of the uploaded file.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9017Arbitrary Code Execution
Default Graph (primary)9001
ParentOf
Is
Issue
434File Upload Improper Input Neutralization
Quality Issues Organized by Practices (primary)9002
 
File Upload Improper Input Neutralization
Quality Issue ID: 434 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the file upload action; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control element from the list of vetted sanitization callable and method control elements.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9095File Upload Control
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
CanPrecede
Co
Consequence
9017Arbitrary Code Execution
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCSM1ASCSM-CWE-434
CWE2.11434
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-434. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
 
Float Type Storable and Member Data Element Comparison with Equality Operator
Quality Issue ID: 9138 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the floating value 1 and floating value 2 of storable or member data elements of float types, are tested for equality with regular comparison operators in the comparison control element.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9176Coding Practices
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9057Erroneous Behaviors
Default Graph (primary)9001
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-9
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-9. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Format String Improper Input Neutralization
Quality Issue ID: 134 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the formatting statement; none of the callable or method control element of the transformation sequence being a vetted sanitization control element from the list of vetted sanitization control elements.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
ChildOf
Pr
Practice
9129Output Formatting Control
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9017Arbitrary Code Execution
Default Graph (primary)9001
CanPrecede
Co
Consequence
9189Information Disclosure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCSM1ASCSM-CWE-134
CWE2.11134
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-134. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
 
Functionality
Quality Characteristic ID: 9091 Maturity: Preliminary
+ Description

Description Summary

Functionality is a Quality_Characteristic describing how well an entity performs as designed.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9048Portability
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9098Compliance
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9099Structuredness
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9119Suitability
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9128Self-Containedness
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9150Perceived Value
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9174Usability
Default Graph (primary)9001
 
Hard-Coded Credentials Usage for Remote Authentication
Quality Issue ID: 798 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where a literal value is hard-coded in the application via the Write action, transported throughout the application along the sequence composed of ActionElements with DataRelations, some of which being part of named callable and method control elements, and ultimately used in the remote resource management action; the transport sequence is composed of assignment operations as updates to the value would not be considered as hard-coded (literal) any more.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9063Authentication Practices
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
CanPrecede
Co
Consequence
9017Arbitrary Code Execution
Default Graph (primary)9001
CanPrecede
Co
Consequence
9032Exposed Resources
Default Graph (primary)9001
CanPrecede
Co
Consequence
9035Exposed Functionality
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCSM1ASCSM-CWE-798
CWE2.11798
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-798. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
 
Hard-Coding
Practice ID: 9142 Maturity: Preliminary
+ Description

Description Summary

Hard-Coding

Extended Description

Software that depends on hard-coded pieces of information within its own code reduces adaptability.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9132Reduced Adaptability
Default Graph (primary)9001
ParentOf
Is
Issue
9046Excessive Use of Hard-Coded Literals in Initialization
Quality Issues Organized by Practices (primary)9002
 
Inappropriate Comment Style
Quality Issue ID: 9214 Maturity: Preliminary
+ Description

Description Summary

The source code uses comment styles or formats that are inconsistent or do not follow expected standards for the product.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9066Legibility
Default Graph (primary)9001
ChildOf
Is
Issue
9139Inappropriate Source Code Style or Formatting
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE5.5
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Inappropriate Source Code Style or Formatting
Quality Issue ID: 9139 Maturity: Preliminary
+ Description

Description Summary

The source code does not follow desired style or formatting for indentation, white space, comments, etc.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Is
Issue
9135Insufficient Adherence to Conventions
Default Graph (primary)9001
ParentOf
Is
Issue
9214Inappropriate Comment Style
Default Graph (primary)9001
ParentOf
Is
Issue
9215Inappropriate Whitespace Style
Default Graph (primary)9001
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CQE TeamMITREInternal CQE Team
 
Inappropriate Whitespace Style
Quality Issue ID: 9215 Maturity: Preliminary
+ Description

Description Summary

The source code contains whitespace that is inconsistent across the code or does not follow expected standards for the product.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Is
Issue
9139Inappropriate Source Code Style or Formatting
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE5.10
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Incomplete Design Documentation
Quality Issue ID: 9211 Maturity: Preliminary
+ Description

Description Summary

The product's design documentation does not adequately describe control flow, data flow, system initialization, relationships between tasks, components, rationales, or other important aspects of the design.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Is
Issue
9073Incomplete Documentation
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE4.2
SQAE4.3
SQAE4.4
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Incomplete Documentation
Quality Issue ID: 9073 Maturity: Preliminary
+ Description

Description Summary

The documentation, whether on paper or in electronic form, does not contain descriptions of all the relevant elements of the product, such as its usage, structure, interfaces, design, implementation, configuration, operation, etc.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ParentOf
Is
Issue
9050Missing Design Representation Documentation
Default Graph (primary)9001
ParentOf
Is
Issue
9211Incomplete Design Documentation
Default Graph (primary)9001
ParentOf
Is
Issue
9212Incomplete I/O Documentation
Default Graph (primary)9001
ParentOf
Is
Issue
9213Incomplete Documentation of Program Execution
Default Graph (primary)9001
ParentOf
Is
Issue
9219Insufficient Documentation of Error Handling Techniques
Default Graph (primary)9001
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CQE TeamMITREInternal CQE Team
 
Incomplete Documentation of Program Execution
Quality Issue ID: 9213 Maturity: Preliminary
+ Description

Description Summary

The document does not fully define all mechanisms that are used to control or influence how product-specific programs are executed.

Extended Description

This includes environmental variables, configuration files, registry keys, command-line switches or options, or system settings.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Is
Issue
9073Incomplete Documentation
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE4.11
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Incomplete I/O Documentation
Quality Issue ID: 9212 Maturity: Preliminary
+ Description

Description Summary

The product's documentation does not adequately define inputs, outputs, or system/software interfaces.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Is
Issue
9073Incomplete Documentation
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE4.6
SQAE4.7
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Inconsistency Between Implementation and Documented Design
Quality Issue ID: 9107 Maturity: Preliminary
+ Description

Description Summary

The implementation of the product is not consistent with the design as described within the relevant documentation.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9065Consistency
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE1.2
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Inconsistent Naming Conventions for Identifiers
Quality Issue ID: 9200 Maturity: Preliminary
+ Description

Description Summary

The product's code, documentation, or other artifacts do not consistently use the same naming conventions for variables, callables, groups of related callables, I/O capabilities, data types, file names, or similar types of elements.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9065Consistency
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE1.10
SQAE1.11
SQAE1.12
SQAE1.6
SQAE1.7
SQAE1.8
SQAE1.9
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Incorrect Type Conversion or Cast
Quality Issue ID: 704 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the storable element or member element is declared with the datatype in the Create action, then updated with a value that is cast via the type cast action into the second datatype, which is incompatible with the first one.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9176Coding Practices
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9057Erroneous Behaviors
Default Graph (primary)9001
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-CWE-704
CWE2.11704
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-CWE-704. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Increased (Access) Time
Consequence ID: 9140 Maturity: Preliminary
+ Description

Description Summary

Increased Access Time may result when code runs in an inefficient manner, resources are exhausted, or any number of conditions that take more than optimal cycles to complete.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
9069Data Access Operations Outside of Expected Data Manager Component
Default Graph (primary)9001
CanFollow
Pr
Practice
9096Cache Maintenance
Default Graph (primary)9001
 
Information Disclosure
Consequence ID: 9189 Maturity: Preliminary
+ Description

Description Summary

Information Disclosure may result when sensitive data or feedback is unintentionally provided to unauthorized actors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
134Format String Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Pr
Practice
9063Authentication Practices
Default Graph (primary)9001
CanFollow
Pr
Practice
9129Output Formatting Control
Default Graph (primary)9001
CanFollow
Pr
Practice
9183File Path Control
Default Graph (primary)9001
 
Inheritance and Polymorphism
Practice ID: 9157 Maturity: Preliminary
+ Description

Description Summary

Inheritance and Polymorphism

Extended Description

Software that does not follow the principles of inheritance and polymorphism results in unexpected behaviors.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9088Reuse
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001
ParentOf
Is
Issue
9013Child Class Element without Virtual Destructor unlike its Parent Class Element
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9060Multiple Inheritance from Concrete Classes
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9087Parent Class Element with References to Child Class Element
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9123Class with an Excessive Inheritance Level
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9147Parent Class Element without Virtual Destructor Method Element
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9165Class with Excessive Number of Child Classes
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9166Class Element with Virtual Method Element without Virtual Destructor
Quality Issues Organized by Practices (primary)9002
 
Initialization Practices
Practice ID: 9170 Maturity: Preliminary
+ Description

Description Summary

Initialization Practices

Extended Description

Software featuring weak initialization practices incurs the risk of logic errors within the program, possibly leading to a security problem.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9058Security Vulnerabilities
Default Graph (primary)9001
CanPrecede
Co
Consequence
9146Math Error
Default Graph (primary)9001
ParentOf
Is
Issue
456Storable and Member Data Element Missing Initialization
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Initialization with Hard-Coded Network Resource Configuration Data
Quality Issue ID: 9042 Maturity: Preliminary
+ Description

Description Summary

The software initializes data using hard-coded values related to network configuration.

Extended Description

This pattern identifies situations where the storable data element or member data element is initialized by the Write action with the hard-coded value corresponding to network resource identifications.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9068Embedded Network Configuration
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-18
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-18. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Initialization within a Static Code Block
Quality Issue ID: 9090 Maturity: Preliminary
+ Description

Description Summary

A code block that has been declared static performs initialization of data.

Extended Description

This pattern identifies situations where a storable data element or member data element is initialized with a value in the Write action located in a block of code which is declared as static.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-1
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-1. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Insufficient Adherence to Conventions
Quality Issue ID: 9135 Maturity: Preliminary
+ Description

Description Summary

The product, architecture, source code, design, documentation, or other artifact does not follow required conventions.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ParentOf
Is
Issue
9139Inappropriate Source Code Style or Formatting
Default Graph (primary)9001
ParentOf
Is
Issue
9216Source Code Element without Standard Prologue
Default Graph (primary)9001
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CQE TeamMITREInternal CQE Team
 
Insufficient Documentation of Error Handling Techniques
Quality Issue ID: 9219 Maturity: Preliminary
+ Description

Description Summary

The documentation does not sufficiently describe the techniques that are used for error handling, exception processing, or similar mechanisms.

Extended Description

Documentation may need to cover error handling techniques at multiple layers, such as module, executable, compilable code unit, or callable.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Is
Issue
9073Incomplete Documentation
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE6.1
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Insufficient Encapsulation of Machine-Dependent Functionality
Quality Issue ID: 9206 Maturity: Preliminary
+ Description

Description Summary

The product or code uses machine-dependent functionality, but it does not sufficiently encapsulate or isolate this functionality from machine-independent functionality.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE3.3
SQAE3.6
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Insufficient Isolation of Symbolic Constant Definitions
Quality Issue ID: 9208 Maturity: Preliminary
+ Description

Description Summary

The source code uses symbolic constants, but it does not sufficiently place the definitions of these constants into a more centralized or isolated location.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE3.8
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Insufficient Isolation of System-Dependent Functions
Quality Issue ID: 9201 Maturity: Preliminary
+ Description

Description Summary

The product or code does not isolate system-dependent functionality into separate standalone modules.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE2.3
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Insufficient Use of Symbolic Constants
Quality Issue ID: 9207 Maturity: Preliminary
+ Description

Description Summary

The source code uses literal constants that may need to change or evolve over time, instead of using symbolic constants.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE3.7
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Integrity
Quality Characteristic ID: 9148 Maturity: Preliminary
+ Description

Description Summary

Integrity is a Quality_Characteristic describing whether data has been corrupted in transmission.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
 
Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer
Quality Issue ID: 9052 Maturity: Preliminary
+ Description

Description Summary

The code at one architectural layer invokes code that resides at a deeper layer than the adjacent layer, i.e., the call skips at least one layer.

Extended Description

This pattern identifies situations where the named callable and method control elements from the higher horizontal layer directly calls the named callable or method control element from the lower horizontal layer, while the lower layer is not the next lower layer to the upper layer, as defined in the model of the architectural layers; this excludes the vertical utility layers that can be referenced from any horizontal layers.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9124Layered Architectures
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9113Excessive Modification Effort
Default Graph (primary)9001
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-12
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-12. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Invokable Control Element with Excessive File or Data Access Operations
Quality Issue ID: 9160 Maturity: Preliminary
+ Description

Description Summary

A named callable or method control element contains too many operations that utilize a data manager or file resource.

Extended Description

This pattern identifies situations where the named callable and method control elements has too many control elements involving a data manager or a file resource, based on its number of such control elements, which exceeds the default threshold value of 7.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9036Unrestricted Data Operations
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-14
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-14. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Invokable Control Element with Signature Containing an Excessive Number of Parameters
Quality Issue ID: 9093 Maturity: Preliminary
+ Description

Description Summary

The software contains a named callable or method control element whose signature has an unnecessarily large number of parameters.

Extended Description

This pattern identifies situations where the named callable control element or method control element has parameters in its signature which is greater than the default threshold value of 7.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9137Unrestricted Parameters
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-13
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-13. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Invokable Control Element with Variadic Parameter Element
Quality Issue ID: 9062 Maturity: Preliminary
+ Description

Description Summary

A named-callable or method control element has a signature that supports a variable number of parameters.

Extended Description

This pattern identifies situations where the named callable control element or method control element has a variable number of parameters, due to the variadic parameter in its signature.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9176Coding Practices
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9057Erroneous Behaviors
Default Graph (primary)9001
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-8
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-8. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Iteration Control
Practice ID: 9083 Maturity: Preliminary
+ Description

Description Summary

Iteration Control

Extended Description

Software unaware of iteration control incurs the risk of unexpected consumption of resources, such as CPU cycles or memory, possibly leading to a crash or program exit due to exhaustion of resources.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9177Resource Exhaustion
Default Graph (primary)9001
ParentOf
Is
Issue
606Unchecked Input for Loop Condition
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
835Loop with Unreachable Exit Condition ('Infinite Loop')
Quality Issues Organized by Practices (primary)9002
ParentOf
Pr
Practice
9061Recursion
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Layered Architectures
Practice ID: 9124 Maturity: Preliminary
+ Description

Description Summary

Layered Architectures

Extended Description

Software that does not follow the principles of layered architectures (such as strict partitioning and strict call hierarchy) decreases comprehensibility as well as simplicity to evolve the code.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9113Excessive Modification Effort
Default Graph (primary)9001
CanPrecede
Co
Consequence
9145Degraded Comprehension
Default Graph (primary)9001
ParentOf
Is
Issue
9007Architecture with Number of Horizontal Layers Outside of Expected Range
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9052Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9184Use of Same Invokable Control Element in Multiple Architectural Layers
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Learnability
Quality Characteristic ID: 9171 Maturity: Preliminary
+ Description

Description Summary

Learnability is a Quality_Characteristic describing how easily a human can become familiar with an entity.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9174Usability
Default Graph (primary)9001
 
Legibility
Quality Characteristic ID: 9066 Maturity: Preliminary
+ Description

Description Summary

Legibility is a Quality_Characteristic describing how easily an entity can be read.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9012Analyzability
Default Graph (primary)9001
ParentOf
Is
Issue
9214Inappropriate Comment Style
Default Graph (primary)9001
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Livelock
Consequence ID: 9082 Maturity: Preliminary
+ Description

Description Summary

Livelock may result when processing is suspended while a resource's lock-state continues to change.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
9018Modules with Circular Dependencies
Default Graph (primary)9001
CanFollow
Is
Issue
9070Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element
Default Graph (primary)9001
CanFollow
Pr
Practice
9172State Protection
Default Graph (primary)9001
CanFollow
Is
Issue
9192Singleton Class Instance Creation without Proper Lock Element Management
Default Graph (primary)9001
 
Locking
Practice ID: 9178 Maturity: Preliminary
+ Description

Description Summary

Locking

Extended Description

Software featuring inconsistent locking discipline incurs the risk of deadlock.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9028Deadlock
Default Graph (primary)9001
ParentOf
Is
Issue
667Shared Resource Improper Locking
Quality Issues Organized by Practices (primary)9002
 
Loop Condition Value Update within the Loop
Quality Issue ID: 9190 Maturity: Preliminary
+ Description

Description Summary

The software uses a loop with a control flow condition based on a value that is updated within the body of the loop.

Extended Description

This pattern identifies situations where the value of the local storable data element used in the condition of the loop control flow of code is updated within the Write action located in the loop body block.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
CanPrecede
Co
Consequence
9141Excessive Propagation of Modification Impacts
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-5
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-5. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Loop with Unreachable Exit Condition ('Infinite Loop')
Quality Issue ID: 835 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the named callable control element or method control element features the execution path whose entry element is found again in the path, while it has no path whatsoever to not return to itself and exit the recursion.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9083Iteration Control
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9177Resource Exhaustion
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCSM1ASCSM-CWE-835
CWE2.11835
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-835. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
 
Loss of Data Integrity
Consequence ID: 9038 Maturity: Preliminary
+ Description

Description Summary

Loss of Data Integrity may result when accuracy and consistency of data degrades over its life-cycle, or when unexpectedly exposed to unauthorized actors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
120Buffer Copy without Checking Size of Input
Default Graph (primary)9001
CanFollow
Is
Issue
129Array Index Improper Input Neutralization
Default Graph (primary)9001
CanFollow
Is
Issue
789Uncontrolled Memory Allocation
Default Graph (primary)9001
 
Maintainability
Quality Characteristic ID: 9034 Maturity: Preliminary
+ Description

Description Summary

Maintainability is a Quality_Characteristic describing the effort required to modify an entity.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ParentOf
Is
Issue
9007Architecture with Number of Horizontal Layers Outside of Expected Range
Default Graph (primary)9001
ParentOf
Is
Issue
9011Use of Redundant Code
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9012Analyzability
Default Graph (primary)9001
ParentOf
Is
Issue
9024Callable and Method Control Element Number of Outward Calls
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9029Changeability/Modifiability
Default Graph (primary)9001
ParentOf
Is
Issue
9046Excessive Use of Hard-Coded Literals in Initialization
Default Graph (primary)9001
ParentOf
Is
Issue
9052Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9055Reusability
Default Graph (primary)9001
ParentOf
Is
Issue
9060Multiple Inheritance from Concrete Classes
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9064Modularity
Default Graph (primary)9001
ParentOf
Is
Issue
9073Incomplete Documentation
Default Graph (primary)9001
ParentOf
Is
Issue
9079Unreachable Invokable Control Element
Default Graph (primary)9001
ParentOf
Is
Issue
9093Invokable Control Element with Signature Containing an Excessive Number of Parameters
Default Graph (primary)9001
ParentOf
Is
Issue
9123Class with an Excessive Inheritance Level
Default Graph (primary)9001
ParentOf
Is
Issue
9134Unconditional Control Flow Transfer outside of Switch Block
Default Graph (primary)9001
ParentOf
Is
Issue
9135Insufficient Adherence to Conventions
Default Graph (primary)9001
ParentOf
Is
Issue
9151Source Code File with Excessive Number of Lines of Code
Default Graph (primary)9001
ParentOf
Is
Issue
9153Data Element Declared Public
Default Graph (primary)9001
ParentOf
Is
Issue
9160Invokable Control Element with Excessive File or Data Access Operations
Default Graph (primary)9001
ParentOf
Is
Issue
9161Excessive Volume of Commented-out Code
Default Graph (primary)9001
ParentOf
Is
Issue
9165Class with Excessive Number of Child Classes
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9174Usability
Default Graph (primary)9001
ParentOf
Is
Issue
9181Method Containing Access of a Member Element from Another Class
Default Graph (primary)9001
ParentOf
Is
Issue
9184Use of Same Invokable Control Element in Multiple Architectural Layers
Default Graph (primary)9001
ParentOf
Is
Issue
9185Excessive Cyclomatic Complexity Within an Invokable Control Element
Default Graph (primary)9001
ParentOf
Is
Issue
9190Loop Condition Value Update within the Loop
Default Graph (primary)9001
ParentOf
Is
Issue
9201Insufficient Isolation of System-Dependent Functions
Default Graph (primary)9001
ParentOf
Is
Issue
9202Reliance on Runtime Component in Generated Code
Default Graph (primary)9001
ParentOf
Is
Issue
9203Reliance on Machine-Dependent Data Representation
Default Graph (primary)9001
ParentOf
Is
Issue
9204Use of Platform-Dependent Third Party Components
Default Graph (primary)9001
ParentOf
Is
Issue
9205Use of Unmaintained Third Party Components
Default Graph (primary)9001
ParentOf
Is
Issue
9206Insufficient Encapsulation of Machine-Dependent Functionality
Default Graph (primary)9001
ParentOf
Is
Issue
9207Insufficient Use of Symbolic Constants
Default Graph (primary)9001
ParentOf
Is
Issue
9208Insufficient Isolation of Symbolic Constant Definitions
Default Graph (primary)9001
ParentOf
Is
Issue
9209Excessive Reliance on Global Variables
Default Graph (primary)9001
ParentOf
Is
Issue
9210Use of Same Variable for Multiple Purposes
Default Graph (primary)9001
ParentOf
Is
Issue
9217Use of Inaccurate Comments
Default Graph (primary)9001
ParentOf
Is
Issue
9218Callable with Insufficient Behavioral Summary
Default Graph (primary)9001
ParentOf
Is
Issue
9220Excessive Use of Unconditional Branching
Default Graph (primary)9001
ParentOf
Is
Issue
9221Excessive Code Complexity
Default Graph (primary)9001
ParentOf
Is
Issue
9223Excessive Halstead Complexity
Default Graph (primary)9001
ParentOf
Is
Issue
9224Excessive Use of Self-Modifying Code
Default Graph (primary)9001
ParentOf
Is
Issue
9225Excessively Deep Nesting
Default Graph (primary)9001
ParentOf
Is
Issue
9227Declaration of Variable with Unnecessarily Wide Scope
Default Graph (primary)9001
ParentOf
Is
Issue
9228Compilation with Insufficient Warnings or Errors
Default Graph (primary)9001
MemberOf
Vi
View
9001Default Graph
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM_Maintainability
 
Math Error
Consequence ID: 9146 Maturity: Preliminary
+ Description

Description Summary

A Math Error may result when incorrect parameters are supplied to a mathematical function, the programming logic is incorrect in some way, or improper implementation of algorithms cause casting errors, precision errors, or other algorithmic errors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
681Numeric Types Incorrect Conversion
Default Graph (primary)9001
CanFollow
Pr
Practice
9085Numerical Conversion
Default Graph (primary)9001
CanFollow
Pr
Practice
9170Initialization Practices
Default Graph (primary)9001
 
Maturity
Quality Characteristic ID: 9114 Maturity: Preliminary
+ Description

Description Summary

Maturity is a Quality_Characteristic describing how well an entity's behaviors can reliably and sustainably produce required outcomes.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
 
Memory Corruption
Consequence ID: 9022 Maturity: Preliminary
+ Description

Description Summary

Memory Corruption may result when array index bounds are not adhered to, or memory addresses are written to or modified directly.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
120Buffer Copy without Checking Size of Input
Default Graph (primary)9001
CanFollow
Is
Issue
789Uncontrolled Memory Allocation
Default Graph (primary)9001
CanFollow
Pr
Practice
9049Array Indexing
Default Graph (primary)9001
CanFollow
Pr
Practice
9078Memory Management
Default Graph (primary)9001
 
Memory Location Access After End of Buffer
Quality Issue ID: 788 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the value element is transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used as an index element to access a storable or member data element in the buffer Read or Write access action; none of the callable or method control element of the transformation sequence being a range check with regards to the buffer whose maximum size was defined in the buffer creation action.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9144Resource Monitoring
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9177Resource Exhaustion
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-CWE-788
CWE2.11788
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-CWE-788. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Memory Management
Practice ID: 9078 Maturity: Preliminary
+ Description

Description Summary

Memory Management

Extended Description

When software does not properly manage memory, it can consume more memory than is necessary or incur the risk of corruption of relevant memory - and perhaps instructions - possibly leading to a crash, the risk of data integrity loss, and the risk of unauthorized access to sensitive data.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9022Memory Corruption
Default Graph (primary)9001
CanPrecede
Co
Consequence
9054Data Corruption
Default Graph (primary)9001
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001
ParentOf
Is
Issue
120Buffer Copy without Checking Size of Input
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
789Uncontrolled Memory Allocation
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Method Containing Access of a Member Element from Another Class
Quality Issue ID: 9181 Maturity: Preliminary
+ Description

Description Summary

A method for a class performs an operation that directly accesses a member element from another class.

Extended Description

This pattern identifies situations where the method control element from a class element accesses the member element from another class element.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9104Data Encapsulation
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9054Data Corruption
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-16
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-16. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Missing Design Representation Documentation
Quality Issue ID: 9050 Maturity: Preliminary
+ Description

Description Summary

The documentation does not contain a representation of the product's design.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Is
Issue
9073Incomplete Documentation
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE1.1
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Missing Release of Resource after Effective Lifetime
Quality Issue ID: 772 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the platform resource is allocated and assigned a unique resource handler value via the ManagesResource action, its unique resource handler value is used throughout the application, along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, none of which being a resource release statement.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9080Resource Lifecycle
Quality Issues Organized by Practices (primary)9002
ChildOf
Pr
Practice
9094Resource Bounds
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
CanPrecede
Co
Consequence
9031Denial of Service
Default Graph (primary)9001
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001
CanPrecede
Co
Consequence
9177Resource Exhaustion
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-CWE-772
ASCSM1ASCSM-CWE-772
CWE2.11772
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-772. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-CWE-772. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Missing Serialization Control Element
Quality Issue ID: 9102 Maturity: Preliminary
+ Description

Description Summary

The software contains a serializable data element that does not have an associated serialization method.

Extended Description

This pattern identifies situations where the serializable storable element has no serialization control element in its list of control elements. In case of technologies with class and interface elements, this means situations where the serializable storable element is a class that implements a serializable interface element but does not implement a serialization method element as part of its list composed of method elements. The serializable nature of the element is technology dependent. As examples, serializable nature comes from a serializable SerializableAttribute attribute in .NET and the inheritance from the java.io.Serializable interface in Java.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9176Coding Practices
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9057Erroneous Behaviors
Default Graph (primary)9001
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-2
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-2. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Modular Development
Practice ID: 9016 Maturity: Preliminary
+ Description

Description Summary

Modularity

Extended Description

Software that does not follow the principles of modularity causes excessive propagation of modification impacts.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9141Excessive Propagation of Modification Impacts
Default Graph (primary)9001
ParentOf
Is
Issue
9018Modules with Circular Dependencies
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9024Callable and Method Control Element Number of Outward Calls
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
9151Source Code File with Excessive Number of Lines of Code
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Modularity
Quality Characteristic ID: 9064 Maturity: Preliminary
+ Description

Description Summary

Modularity is a Quality_Characteristic describing the component's ability to be decomposed and matched in other ways (loosely coupled).
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9074Efficiency
Default Graph (primary)9001
ParentOf
Is
Issue
9018Modules with Circular Dependencies
Default Graph (primary)9001
 
Modules with Circular Dependencies
Quality Issue ID: 9018 Maturity: Preliminary
+ Description

Description Summary

The software contains modules with circular dependencies.

Extended Description

This pattern identifies situations where the module has references that cycle back to itself via the module callable or data relations cycle. As an example, with Java, this pattern means cycles between packages.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9016Modular Development
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9064Modularity
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9172State Protection
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9028Deadlock
Default Graph (primary)9001
CanPrecede
Co
Consequence
9082Livelock
Default Graph (primary)9001
CanPrecede
Co
Consequence
9141Excessive Propagation of Modification Impacts
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-7
ASCRM1ASCRM-RLB-13
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-7. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-13. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Multiple Inheritance from Concrete Classes
Quality Issue ID: 9060 Maturity: Preliminary
+ Description

Description Summary

The software contains a class with inheritance from more than one concrete class.

Extended Description

This pattern identifies situations where the number of inheritance of concrete classes of the class element is considered as too large, based on its number of inheritance of concrete classes which exceeds the default threshold value of 1.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Pr
Practice
9157Inheritance and Polymorphism
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9113Excessive Modification Effort
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCMM1ASCMM-MNT-2
+ References
"Automated Source Code Maintainability Measure (ASCMM)". ASCMM-MNT-2. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCMM/1.0>.
 
Name or Reference Resolution Improper Input Neutralization
Quality Issue ID: 99 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the platform action to access a resource by its name; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control elements from the list of vetted sanitization callable and method control elements.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
ChildOf
Pr
Practice
9127Resource Identification Control
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCSM1ASCSM-CWE-99
CWE2.1199
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-99. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
 
Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element
Quality Issue ID: 9070 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the named callable control element or method control element owns unsafe non-final static storable or member data element while it operates in a multi-threaded environment.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9172State Protection
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9028Deadlock
Default Graph (primary)9001
CanPrecede
Co
Consequence
9082Livelock
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-11
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-11. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Non-repudiation
Quality Characteristic ID: 9009 Maturity: Preliminary
+ Description

Description Summary

Non-repudiation is a Quality_Characteristic describing whether data has been verified against its source.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
 
Non-SQL Named Callable and Method Control Element with Excessive Number of Data Resource Access
Quality Issue ID: 9122 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the client-side named callable and method control elements, not in any data manager resource, embeds a number of accesses to a data resource, which is considered too large because it exceeds the default threshold value of 2.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9167Stored Procedures & Functions
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM-PRF-10
+ References
"Automated Source Code Performance Efficiency Measure (ASCPEM)". ASCPEM-PRF-10. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCPEM/1.0>.
 
Numeric Types Incorrect Conversion
Quality Issue ID: 681 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the storable element or member element is declared with the numerical datatype in the Create action, then updated with a value which is cast via the type cast action into the second numerical datatype, which is incompatible with the first one.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9085Numerical Conversion
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
CanPrecede
Co
Consequence
9058Security Vulnerabilities
Default Graph (primary)9001
CanPrecede
Co
Consequence
9146Math Error
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCSM1ASCSM-CWE-681
CWE2.11681
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-681. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
 
Numerical Conversion
Practice ID: 9085 Maturity: Preliminary
+ Description

Description Summary

Numerical Conversion

Extended Description

Software featuring weak numerical conversion practices incurs the risk of using the wrong number and generating incorrect results, possibly introducing new vulnerability when related to resource allocation and security decisions.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9058Security Vulnerabilities
Default Graph (primary)9001
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9146Math Error
Default Graph (primary)9001
CanPrecede
Co
Consequence
9177Resource Exhaustion
Default Graph (primary)9001
ParentOf
Is
Issue
681Numeric Types Incorrect Conversion
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Operability
Quality Characteristic ID: 9015 Maturity: Preliminary
+ Description

Description Summary

Operability is a Quality_Characteristic describing how fit or ready an entity is for use.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9174Usability
Default Graph (primary)9001
 
OS Command Execution
Practice ID: 9006 Maturity: Preliminary
+ Description

Description Summary

OS Command Control

Extended Description

Software unaware of OS command control incurs the risk of unauthorized command execution, possibly used to disable the software, or possibly leading to unauthorized read and modify data access.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9030Unauthorized Code Execution
Default Graph (primary)9001
CanPrecede
Co
Consequence
9030Unauthorized Code Execution
Default Graph (primary)9001
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001
ParentOf
Is
Issue
78OS Command Injection Improper Input Neutralization
Quality Issues Organized by Practices (primary)9002
 
OS Command Injection Improper Input Neutralization
Quality Issue ID: 78 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the platform action to be executed by the execution environment; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control element from the list of vetted sanitization callable and method control elements.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9006OS Command Execution
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
CanPrecede
Co
Consequence
9030Unauthorized Code Execution
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCSM1ASCSM-CWE-78
CWE2.1178
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-78. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
 
Output Formatting Control
Practice ID: 9129 Maturity: Preliminary
+ Description

Description Summary

Formatting Control

Extended Description

Software that is unaware of formatting control incurs the risk of execution of arbitrary code, excessive memory or disk consumption, or the risk of information disclosure, which can severely simplify exploitation of the software.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9017Arbitrary Code Execution
Default Graph (primary)9001
CanPrecede
Co
Consequence
9058Security Vulnerabilities
Default Graph (primary)9001
CanPrecede
Co
Consequence
9189Information Disclosure
Default Graph (primary)9001
ParentOf
Is
Issue
134Format String Improper Input Neutralization
Quality Issues Organized by Practices (primary)9002
 
Output Generation
Practice ID: 9097 Maturity: Preliminary
+ Description

Description Summary

Output Generation

Extended Description

Software featuring weak output generation practices incurs the risk of arbitrary code execution, the risk of sensitive data being compromised, and many other nefarious consequences.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9017Arbitrary Code Execution
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001
ParentOf
Is
Issue
79Cross-site Scripting Improper Input Neutralization
Quality Issues Organized by Practices (primary)9002
 
Parent Class Element with References to Child Class Element
Quality Issue ID: 9087 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the parent class element that is used in the 'to' association of the Extends class relation, references the child class element used in the 'from' association of the Extends class relation, directly or indirectly through parent and child class element, with the callable or data relations. The reference statement is made directly to the child class element or to any one of its own method or member elements.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9157Inheritance and Polymorphism
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-14
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-14. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Parent Class Element without Virtual Destructor Method Element
Quality Issue ID: 9147 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where, with languages where custom destructors can be written, the parent class element of the child class element via an Extends class relation has no virtual destructor.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9157Inheritance and Polymorphism
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-16
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-16. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Path Traversal Improper Input Neutralization
Quality Issue ID: 22 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the file path creation statement; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control element from the list of vetted sanitization control elements.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9115Security
Default Graph (primary)9001
ChildOf
Pr
Practice
9183File Path Control
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9054Data Corruption
Default Graph (primary)9001
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCSM1ASCSM-CWE-22
CWE2.1122
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-22. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
 
Perceived Value
Quality Characteristic ID: 9150 Maturity: Preliminary
+ Description

Description Summary

Perceived Value is a Quality_Characteristic describing cost to benefit analysis when compared to a similar entity.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9091Functionality
Default Graph (primary)9001
 
Performance
Quality Characteristic ID: 9169 Maturity: Preliminary
+ Description

Description Summary

Performance is a Quality_Characteristic describing how an entity executes its required functions.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ParentOf
Is
Issue
9004Static Member Data Element outside of a Singleton Class Element
Default Graph (primary)9001
ParentOf
Is
Issue
9005Data Element Aggregating an Excessively Large Number of Non-Primitive Elements
Default Graph (primary)9001
ParentOf
Is
Issue
9014Creation of Immutable Text Using String Concatenation
Default Graph (primary)9001
ParentOf
Is
Issue
9027Excessive Data Query Operations in a Large Data Table
Default Graph (primary)9001
ParentOf
Is
Issue
9041Excessive Platform Resource Consumption within a Loop
Default Graph (primary)9001
ParentOf
Is
Issue
9069Data Access Operations Outside of Expected Data Manager Component
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9074Efficiency
Default Graph (primary)9001
ParentOf
Is
Issue
9077Excessive Number of Data Accesses using Inefficient Procedures
Default Graph (primary)9001
ParentOf
Is
Issue
9090Initialization within a Static Code Block
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9091Functionality
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9092Availability
Default Graph (primary)9001
ParentOf
Is
Issue
9103Excessive Execution of Sequential Searches of Data Resource
Default Graph (primary)9001
ParentOf
Is
Issue
9112Allocation of Memory without Associated Release
Default Graph (primary)9001
ParentOf
Is
Issue
9116Data Resource Access without Use of Connection Pooling
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ParentOf
Is
Issue
9122Non-SQL Named Callable and Method Control Element with Excessive Number of Data Resource Access
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9163Robustness
Default Graph (primary)9001
ParentOf
Is
Issue
9175Excessive Number of Indices for a Large Data Table
Default Graph (primary)9001
ParentOf
Is
Issue
9182Use of Data Element without Invoking Deconstructor Method
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9186Durability
Default Graph (primary)9001
ParentOf
Is
Issue
9187Excessive Index Range Scan for a Data Resource
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9188Co-existence
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9195Stability
Default Graph (primary)9001
ParentOf
Is
Issue
9221Excessive Code Complexity
Default Graph (primary)9001
MemberOf
Vi
View
9001Default Graph
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCPEM1ASCPEM_Performance_Efficiency
 
Persistent Storable Data Element without Associated Comparison Control Element
Quality Issue ID: 9193 Maturity: Preliminary
+ Description

Description Summary

The software uses a storable data element that does not have all of the associated control elements that are necessary to support comparison.

Extended Description

This pattern identifies situations where the persistent storable element has no dedicated control element aiming at handling comparison action elements from the list. In case of technologies with class elements, this means situations where the persistent storable element is a class that is made persistent while it does not implement method elements from the required comparison control element list is now composed of method elements. As an example, with Java, a required comparison control element list is {'hashCode()','equals()'} method elements.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9176Coding Practices
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9057Erroneous Behaviors
Default Graph (primary)9001
CanPrecede
Co
Consequence
9168Unexpected Behaviors
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-RLB-4
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-RLB-4. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
 
Poisoned Data Usage
Consequence ID: 9154 Maturity: Preliminary
+ Description

Description Summary

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
252Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource
Default Graph (primary)9001
CanFollow
Is
Issue
396Declaration of Catch for Generic Exception
Default Graph (primary)9001
CanFollow
Is
Issue
397Declaration of Throws for Generic Exception
Default Graph (primary)9001
 
Portability
Quality Characteristic ID: 9048 Maturity: Preliminary
+ Description

Description Summary

Portability is a Quality_Characteristic describing the effort required to adapt or translate to other environments.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9091Functionality
Default Graph (primary)9001
 
Quality Issues Organized by Practices
View ID: 9002 Maturity: Preliminary
+ View Data

View Objective

This view (graph) organizes Quality Issues based on the software practices in which they appear.

+ View Metrics
Formal CQE IDs (this view)Micro Elements (this view)Total Catalog
Total Elements76out of16040out of66226
Views0out of77
Quality_Characteristics0out of4141
Quality_Issues76out of112112
Practices40out of4040
Consequences0out of2626
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
HasMember
Pr
Practice
9016Modular Development
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9037Resource Management
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9063Authentication Practices
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9078Memory Management
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9083Iteration Control
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9085Numerical Conversion
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9088Reuse
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9089Code Comments
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9105Data Access Constructs
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9124Layered Architectures
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9131Error/Exception Handling
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9136Cryptography
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9170Initialization Practices
Quality Issues Organized by Practices (primary)9002
HasMember
Pr
Practice
9176Coding Practices
Quality Issues Organized by Practices (primary)9002
 
Recoverability
Quality Characteristic ID: 9117 Maturity: Preliminary
+ Description

Description Summary

Recoverability is a Quality_Characteristic describing how easily an entity returns to a desired state from unexpected situations.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9051Replaceability
Default Graph (primary)9001
 
Recursion
Practice ID: 9061 Maturity: Preliminary
+ Description

Description Summary

Recursion

Extended Description

Software that is unaware of recursion incurs the risk of exceeding resource and capacity limits.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9083Iteration Control
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9177Resource Exhaustion
Default Graph (primary)9001
ParentOf
Is
Issue
674Uncontrolled Recursion
Quality Issues Organized by Practices (primary)9002
 
Reduced Adaptability
Consequence ID: 9132 Maturity: Preliminary
+ Description

Description Summary

Adaptability may be reduced if variables are initialized or defined by hard-coded or set values embedded within the code.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
9046Excessive Use of Hard-Coded Literals in Initialization
Default Graph (primary)9001
CanFollow
Pr
Practice
9142Hard-Coding
Default Graph (primary)9001
 
Reliability
Quality Characteristic ID: 9120 Maturity: Preliminary
+ Description

Description Summary

Reliability is a Quality_Characteristic describing how dependably an entity performs.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9169Performance
Default Graph (primary)9001
ParentOf
Is
Issue
120Buffer Copy without Checking Size of Input
Default Graph (primary)9001
ParentOf
Is
Issue
252Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource
Default Graph (primary)9001
ParentOf
Is
Issue
396Declaration of Catch for Generic Exception
Default Graph (primary)9001
ParentOf
Is
Issue
397Declaration of Throws for Generic Exception
Default Graph (primary)9001
ParentOf
Is
Issue
456Storable and Member Data Element Missing Initialization
Default Graph (primary)9001
ParentOf
Is
Issue
674Uncontrolled Recursion
Default Graph (primary)9001
ParentOf
Is
Issue
704Incorrect Type Conversion or Cast
Default Graph (primary)9001
ParentOf
Is
Issue
772Missing Release of Resource after Effective Lifetime
Default Graph (primary)9001
ParentOf
Is
Issue
788Memory Location Access After End of Buffer
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9008Accuracy
Default Graph (primary)9001
ParentOf
Is
Issue
9013Child Class Element without Virtual Destructor unlike its Parent Class Element
Default Graph (primary)9001
ParentOf
Is
Issue
9018Modules with Circular Dependencies
Default Graph (primary)9001
ParentOf
Is
Issue
9042Initialization with Hard-Coded Network Resource Configuration Data
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9053Accountability
Default Graph (primary)9001
ParentOf
Is
Issue
9062Invokable Control Element with Variadic Parameter Element
Default Graph (primary)9001
ParentOf
Is
Issue
9070Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element
Default Graph (primary)9001
ParentOf
Is
Issue
9087Parent Class Element with References to Child Class Element
Default Graph (primary)9001
ParentOf
Is
Issue
9100Runtime Resource Management Control Element in a Component Built to Run on Application Servers
Default Graph (primary)9001
ParentOf
Is
Issue
9102Missing Serialization Control Element
Default Graph (primary)9001
ParentOf
Is
Issue
9108Empty Exception Block
Default Graph (primary)9001
ParentOf
Is
Issue
9110Serializable Data Element Containing non-Serializable Item Elements
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9114Maturity
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9117Recoverability
Default Graph (primary)9001
ParentOf
Is
Issue
9138Float Type Storable and Member Data Element Comparison with Equality Operator
Default Graph (primary)9001
ParentOf
Is
Issue
9147Parent Class Element without Virtual Destructor Method Element
Default Graph (primary)9001
ParentOf
Is
Issue
9156Class Instance Self Destruction Control Element
Default Graph (primary)9001
ParentOf
Is
Issue
9159Data Access Control Element from Outside Designated Data Manager Component
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9163Robustness
Default Graph (primary)9001
ParentOf
Is
Issue
9166Class Element with Virtual Method Element without Virtual Destructor
Default Graph (primary)9001
ParentOf
Is
Issue
9173Synchronous Call Time-Out Absence
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9188Co-existence
Default Graph (primary)9001
ParentOf
Is
Issue
9192Singleton Class Instance Creation without Proper Lock Element Management
Default Graph (primary)9001
ParentOf
Is
Issue
9193Persistent Storable Data Element without Associated Comparison Control Element
Default Graph (primary)9001
ParentOf
Is
Issue
9194Storable or Member Data Element containing Pointer Item Element without Proper Copy Control Element
Default Graph (primary)9001
ParentOf
Ch
Characteristic
9195Stability
Default Graph (primary)9001
MemberOf
Vi
View
9001Default Graph
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM_Reliability
 
Reliance on Machine-Dependent Data Representation
Quality Issue ID: 9203 Maturity: Preliminary
+ Description

Description Summary

The code uses a data representation that relies on low-level data representation or constructs that may vary across different processors, physical machines, OSes, or other physical components.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE2.7
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Reliance on Runtime Component in Generated Code
Quality Issue ID: 9202 Maturity: Preliminary
+ Description

Description Summary

The product uses automatically-generated code that cannot be executed without a specific runtime support component.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
SQAE2.6
+ References
Robert A. Martin and Lawrence H. Shafer. "Providing a Framework for Effective Software Quality Assessment". 6th Annual International Symposium of INCOSE. 1996-07-09. <https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
SQAE TeamMITREExternally Mined
 
Remote System Call Blocking
Practice ID: 9026 Maturity: Preliminary
+ Description

Description Summary

Remote System Call Blocking

Extended Description

Software featuring blocking calls to remote systems incurs the risk of its own failure when the remote systems fails to process the call correctly.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9143Failure
Default Graph (primary)9001
ParentOf
Is
Issue
9173Synchronous Call Time-Out Absence
Quality Issues Organized by Practices (primary)9002
 
Replaceability
Quality Characteristic ID: 9051 Maturity: Preliminary
+ Description

Description Summary

Replaceability is a Quality_Characteristic describing how easily an element can be exchanged in a given environment.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9117Recoverability
Default Graph (primary)9001
 
Resource Bounds
Practice ID: 9094 Maturity: Preliminary
+ Description

Description Summary

Resource Bounds

Extended Description

Software that is unaware of resource bounds or fails to monitor resources incurs the risk of exceeding resource and capacity limits.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9177Resource Exhaustion
Default Graph (primary)9001
ParentOf
Is
Issue
772Missing Release of Resource after Effective Lifetime
Quality Issues Organized by Practices (primary)9002
 
Resource Exhaustion
Consequence ID: 9177 Maturity: Preliminary
+ Description

Description Summary

Resource Exhaustion may result when a specific resource is expended and/or not replaced and remains unavailable.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanFollow
Is
Issue
606Unchecked Input for Loop Condition
Default Graph (primary)9001
CanFollow
Is
Issue
674Uncontrolled Recursion
Default Graph (primary)9001
CanFollow
Is
Issue
772Missing Release of Resource after Effective Lifetime
Default Graph (primary)9001
CanFollow
Is
Issue
788Memory Location Access After End of Buffer
Default Graph (primary)9001
CanFollow
Is
Issue
835Loop with Unreachable Exit Condition ('Infinite Loop')
Default Graph (primary)9001
CanFollow
Pr
Practice
9061Recursion
Default Graph (primary)9001
CanFollow
Pr
Practice
9080Resource Lifecycle
Default Graph (primary)9001
CanFollow
Pr
Practice
9083Iteration Control
Default Graph (primary)9001
CanFollow
Pr
Practice
9085Numerical Conversion
Default Graph (primary)9001
CanFollow
Pr
Practice
9094Resource Bounds
Default Graph (primary)9001
CanFollow
Pr
Practice
9144Resource Monitoring
Default Graph (primary)9001
 
Resource Identification Control
Practice ID: 9127 Maturity: Preliminary
+ Description

Description Summary

Resource Identification Control

Extended Description

Software unaware of resource identification control incurs the risk of unauthorized access to or modification of sensitive data and system resources, including configuration files and files containing sensitive information.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9037Resource Management
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001
ParentOf
Is
Issue
99Name or Reference Resolution Improper Input Neutralization
Quality Issues Organized by Practices (primary)9002
 
Resource Lifecycle
Practice ID: 9080 Maturity: Preliminary
+ Description

Description Summary

Resource Lifecycle

Extended Description

Software unaware of resource lifecycle incurs the risk of preventing all other processes from accessing the same type of resource.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9037Resource Management
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9177Resource Exhaustion
Default Graph (primary)9001
ParentOf
Is
Issue
672Expired or Released Resource Usage
Quality Issues Organized by Practices (primary)9002
ParentOf
Is
Issue
772Missing Release of Resource after Effective Lifetime
Quality Issues Organized by Practices (primary)9002
 
Resource Management
Practice ID: 9037 Maturity: Preliminary
+ Description

Description Summary

Resource Management
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ParentOf
Pr
Practice
9080Resource Lifecycle
Quality Issues Organized by Practices (primary)9002
ParentOf
Pr
Practice
9096Cache Maintenance
Quality Issues Organized by Practices (primary)9002
ParentOf
Pr
Practice
9127Resource Identification Control
Quality Issues Organized by Practices (primary)9002
ParentOf
Pr
Practice
9144Resource Monitoring
Quality Issues Organized by Practices (primary)9002
MemberOf
Vi
View
9002Quality Issues Organized by Practices
Quality Issues Organized by Practices (primary)9002
 
Resource Monitoring
Practice ID: 9144 Maturity: Preliminary
+ Description

Description Summary

Resource Monitoring

Extended Description

Software that is unaware of resource bounds or fails to monitor resources incurs the risk of exceeding resource and capacity limits.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice
9037Resource Management
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9039Excessive Resource Expenditure
Default Graph (primary)9001
CanPrecede
Co
Consequence
9177Resource Exhaustion
Default Graph (primary)9001
ParentOf
Is
Issue
788Memory Location Access After End of Buffer
Quality Issues Organized by Practices (primary)9002
 
Reusability
Quality Characteristic ID: 9055 Maturity: Preliminary
+ Description

Description Summary

Reusability is a Quality_Characteristic describing how efficiently an entity can be used in new applications.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
ChildOf
Ch
Characteristic
9074Efficiency
Default Graph (primary)9001
ParentOf
Pr
Practice
9088Reuse
Default Graph (primary)9001
 
Reuse
Practice ID: 9088 Maturity: Preliminary
+ Description

Description Summary

Reuse

Extended Description

Software that does not follow the principles of reuse requires more maintenance effort in order to propagate changes to all instances of duplicated code.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Char