Mapping-Friendly:

CQE-9001: Default Graph

 
Default Graph
[an error occurred while processing this directive] Definition in a New Window Definition in a New Window
View ID: 9001 Maturity: Preliminary
+ View Data

View Objective

Default Hierarchy

+ View Metrics
Formal CQE IDs (this view)Micro Elements (this view)Total Catalog
Total Elements153out of16064out of66226
Views0out of77
Quality_Characteristics41out of4141
Quality_Issues112out of112112
Practices39out of4040
Consequences25out of2626
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
HasMember
Ch
Characteristic
9034Maintainability
Default Graph (primary)9001
HasMember
Ch
Characteristic
9115Security
Default Graph (primary)9001
HasMember
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
HasMember
Ch
Characteristic
9169Performance
Default Graph (primary)9001
9001 - Default Graph
+
Ch
Characteristic
Maintainability - (9034)
9001 (Default Graph) > 9034 (Maintainability)
Maintainability is a Quality_Characteristic describing the effort required to modify an entity.
+
Ch
Characteristic
Analyzability - (9012)
9001 (Default Graph) > 9034 (Maintainability) > 9012 (Analyzability)
Analyzability is a Quality_Characteristic describing how easily an entity can be examined.
+
Ch
Characteristic
Legibility - (9066)
9001 (Default Graph) > 9034 (Maintainability) > 9012 (Analyzability) > 9066 (Legibility)
Legibility is a Quality_Characteristic describing how easily an entity can be read.
*
Is
Issue
Inappropriate Comment Style - (9214)
9001 (Default Graph) > 9034 (Maintainability) > 9012 (Analyzability) > 9066 (Legibility) > 9214 (Inappropriate Comment Style)
The source code uses comment styles or formats that are inconsistent or do not follow expected standards for the product.
*
Is
Issue
Source Code Element without Standard Prologue - (9216)
9001 (Default Graph) > 9034 (Maintainability) > 9012 (Analyzability) > 9216 (Source Code Element without Standard Prologue)
The source code contains elements such as source files or callables that do not consistently follow a prologue or header that has been standardized for the project.
*
Is
Issue
Architecture with Number of Horizontal Layers Outside of Expected Range - (9007)
9001 (Default Graph) > 9034 (Maintainability) > 9007 (Architecture with Number of Horizontal Layers Outside of Expected Range)
The software architecture contains too many - or too few - horizontal layers.
*
Is
Issue
Callable and Method Control Element Number of Outward Calls - (9024)
9001 (Default Graph) > 9034 (Maintainability) > 9024 (Callable and Method Control Element Number of Outward Calls)
This pattern identifies situations where the named callable control element or method control element has a Fan-Out value that is too large, based on its number of references to other objects within the application which exceeds the threshold value; the application determines the scope of the search for the referenced objects. Default value for threshold value is 5.
*
Is
Issue
Callable with Insufficient Behavioral Summary - (9218)
9001 (Default Graph) > 9034 (Maintainability) > 9218 (Callable with Insufficient Behavioral Summary)
The code contains a callable whose signature and/or associated documentation does not sufficiently describe the callable's inputs, outputs, side effects, assumptions, or return codes.
*
Ch
Characteristic
Changeability/Modifiability - (9029)
9001 (Default Graph) > 9034 (Maintainability) > 9029 (Changeability/Modifiability)
Changeability is a Quality_Characteristic describing how easily an entity can be changed or modified.
*
Is
Issue
Class with Excessive Number of Child Classes - (9165)
9001 (Default Graph) > 9034 (Maintainability) > 9165 (Class with Excessive Number of Child Classes)
A class contains an unnecessarily large number of children.
*
Is
Issue
Class with an Excessive Inheritance Level - (9123)
9001 (Default Graph) > 9034 (Maintainability) > 9123 (Class with an Excessive Inheritance Level)
The inheritance level of a class is excessively high, i.e., it has a large number of ancestors.
*
Is
Issue
Compilation with Insufficient Warnings or Errors - (9228)
9001 (Default Graph) > 9034 (Maintainability) > 9228 (Compilation with Insufficient Warnings or Errors)
The code is compiled without sufficient warnings enabled, which may prevent the detection of subtle bugs or quality issues.
*
Is
Issue
Data Element Declared Public - (9153)
9001 (Default Graph) > 9034 (Maintainability) > 9153 (Data Element Declared Public)
The software contains a data element that has been declared public.
*
Is
Issue
Declaration of Variable with Unnecessarily Wide Scope - (9227)
9001 (Default Graph) > 9034 (Maintainability) > 9227 (Declaration of Variable with Unnecessarily Wide Scope)
The source code declares a variable in one scope, but the variable is only used within a narrower scope.
+
Is
Issue
Excessive Code Complexity - (9221)
9001 (Default Graph) > 9034 (Maintainability) > 9221 (Excessive Code Complexity)
The code is too complex, as calculated using a well-defined, quantitative measure.
*
Is
Issue
Excessive Attack Surface - (9226)
9001 (Default Graph) > 9034 (Maintainability) > 9221 (Excessive Code Complexity) > 9226 (Excessive Attack Surface)
The product has an attack surface whose quantitative measurement exceeds a desirable maximum.
+
Is
Issue
Excessive Cyclomatic Complexity - (9222)
9001 (Default Graph) > 9034 (Maintainability) > 9221 (Excessive Code Complexity) > 9222 (Excessive Cyclomatic Complexity)
The code contains McCabe cyclomatic complexity that exceeds a desirable maximum.
*
Is
Issue
Excessive Cyclomatic Complexity Within an Invokable Control Element - (9185)
9001 (Default Graph) > 9034 (Maintainability) > 9221 (Excessive Code Complexity) > 9222 (Excessive Cyclomatic Complexity) > 9185 (Excessive Cyclomatic Complexity Within an Invokable Control Element)
A named callable or method control element contains control flow that exceeds the desired cyclomatic complexity.
*
Is
Issue
Excessive Halstead Complexity - (9223)
9001 (Default Graph) > 9034 (Maintainability) > 9221 (Excessive Code Complexity) > 9223 (Excessive Halstead Complexity)
The code is structured in a way that a Halstead complexity measure exceeds a desirable maximum.
*
Is
Issue
Excessively Deep Nesting - (9225)
9001 (Default Graph) > 9034 (Maintainability) > 9221 (Excessive Code Complexity) > 9225 (Excessively Deep Nesting)
The code contains a callable or other code grouping in which the nesting / branching is too deep.
*
Is
Issue
Excessive Cyclomatic Complexity Within an Invokable Control Element - (9185)
9001 (Default Graph) > 9034 (Maintainability) > 9185 (Excessive Cyclomatic Complexity Within an Invokable Control Element)
A named callable or method control element contains control flow that exceeds the desired cyclomatic complexity.
*
Is
Issue
Excessive Halstead Complexity - (9223)
9001 (Default Graph) > 9034 (Maintainability) > 9223 (Excessive Halstead Complexity)
The code is structured in a way that a Halstead complexity measure exceeds a desirable maximum.
*
Is
Issue
Excessive Reliance on Global Variables - (9209)
9001 (Default Graph) > 9034 (Maintainability) > 9209 (Excessive Reliance on Global Variables)
The code is structured in a way that relies too much on using or setting global variables throughout various points in the code, instead of preserving the associated information in a narrower, more local context.
*
Is
Issue
Excessive Use of Hard-Coded Literals in Initialization - (9046)
9001 (Default Graph) > 9034 (Maintainability) > 9046 (Excessive Use of Hard-Coded Literals in Initialization)
The software initializes a data element using a hard-coded literal.
*
Is
Issue
Excessive Use of Self-Modifying Code - (9224)
9001 (Default Graph) > 9034 (Maintainability) > 9224 (Excessive Use of Self-Modifying Code)
The product uses too much self-modifying code.
*
Is
Issue
Excessive Use of Unconditional Branching - (9220)
9001 (Default Graph) > 9034 (Maintainability) > 9220 (Excessive Use of Unconditional Branching)
The code uses too many unconditional branches (such as "goto").
*
Is
Issue
Excessive Volume of Commented-out Code - (9161)
9001 (Default Graph) > 9034 (Maintainability) > 9161 (Excessive Volume of Commented-out Code)
The software contains an excessive amount of code that has been commented out.
*
Is
Issue
Excessively Deep Nesting - (9225)
9001 (Default Graph) > 9034 (Maintainability) > 9225 (Excessively Deep Nesting)
The code contains a callable or other code grouping in which the nesting / branching is too deep.
+
Is
Issue
Incomplete Documentation - (9073)
9001 (Default Graph) > 9034 (Maintainability) > 9073 (Incomplete Documentation)
The documentation, whether on paper or in electronic form, does not contain descriptions of all the relevant elements of the product, such as its usage, structure, interfaces, design, implementation, configuration, operation, etc.
*
Is
Issue
Incomplete Design Documentation - (9211)
9001 (Default Graph) > 9034 (Maintainability) > 9073 (Incomplete Documentation) > 9211 (Incomplete Design Documentation)
The product's design documentation does not adequately describe control flow, data flow, system initialization, relationships between tasks, components, rationales, or other important aspects of the design.
*
Is
Issue
Incomplete Documentation of Program Execution - (9213)
9001 (Default Graph) > 9034 (Maintainability) > 9073 (Incomplete Documentation) > 9213 (Incomplete Documentation of Program Execution)
The document does not fully define all mechanisms that are used to control or influence how product-specific programs are executed.
*
Is
Issue
Incomplete I/O Documentation - (9212)
9001 (Default Graph) > 9034 (Maintainability) > 9073 (Incomplete Documentation) > 9212 (Incomplete I/O Documentation)
The product's documentation does not adequately define inputs, outputs, or system/software interfaces.
*
Is
Issue
Insufficient Documentation of Error Handling Techniques - (9219)
9001 (Default Graph) > 9034 (Maintainability) > 9073 (Incomplete Documentation) > 9219 (Insufficient Documentation of Error Handling Techniques)
The documentation does not sufficiently describe the techniques that are used for error handling, exception processing, or similar mechanisms.
*
Is
Issue
Missing Design Representation Documentation - (9050)
9001 (Default Graph) > 9034 (Maintainability) > 9073 (Incomplete Documentation) > 9050 (Missing Design Representation Documentation)
The documentation does not contain a representation of the product's design.
+
Is
Issue
Insufficient Adherence to Conventions - (9135)
9001 (Default Graph) > 9034 (Maintainability) > 9135 (Insufficient Adherence to Conventions)
The product, architecture, source code, design, documentation, or other artifact does not follow required conventions.
+
Is
Issue
Inappropriate Source Code Style or Formatting - (9139)
9001 (Default Graph) > 9034 (Maintainability) > 9135 (Insufficient Adherence to Conventions) > 9139 (Inappropriate Source Code Style or Formatting)
The source code does not follow desired style or formatting for indentation, white space, comments, etc.
*
Is
Issue
Inappropriate Comment Style - (9214)
9001 (Default Graph) > 9034 (Maintainability) > 9135 (Insufficient Adherence to Conventions) > 9139 (Inappropriate Source Code Style or Formatting) > 9214 (Inappropriate Comment Style)
The source code uses comment styles or formats that are inconsistent or do not follow expected standards for the product.
*
Is
Issue
Inappropriate Whitespace Style - (9215)
9001 (Default Graph) > 9034 (Maintainability) > 9135 (Insufficient Adherence to Conventions) > 9139 (Inappropriate Source Code Style or Formatting) > 9215 (Inappropriate Whitespace Style)
The source code contains whitespace that is inconsistent across the code or does not follow expected standards for the product.
*
Is
Issue
Source Code Element without Standard Prologue - (9216)
9001 (Default Graph) > 9034 (Maintainability) > 9135 (Insufficient Adherence to Conventions) > 9216 (Source Code Element without Standard Prologue)
The source code contains elements such as source files or callables that do not consistently follow a prologue or header that has been standardized for the project.
*
Is
Issue
Insufficient Encapsulation of Machine-Dependent Functionality - (9206)
9001 (Default Graph) > 9034 (Maintainability) > 9206 (Insufficient Encapsulation of Machine-Dependent Functionality)
The product or code uses machine-dependent functionality, but it does not sufficiently encapsulate or isolate this functionality from machine-independent functionality.
*
Is
Issue
Insufficient Isolation of Symbolic Constant Definitions - (9208)
9001 (Default Graph) > 9034 (Maintainability) > 9208 (Insufficient Isolation of Symbolic Constant Definitions)
The source code uses symbolic constants, but it does not sufficiently place the definitions of these constants into a more centralized or isolated location.
*
Is
Issue
Insufficient Isolation of System-Dependent Functions - (9201)
9001 (Default Graph) > 9034 (Maintainability) > 9201 (Insufficient Isolation of System-Dependent Functions)
The product or code does not isolate system-dependent functionality into separate standalone modules.
*
Is
Issue
Insufficient Use of Symbolic Constants - (9207)
9001 (Default Graph) > 9034 (Maintainability) > 9207 (Insufficient Use of Symbolic Constants)
The source code uses literal constants that may need to change or evolve over time, instead of using symbolic constants.
*
Is
Issue
Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer - (9052)
9001 (Default Graph) > 9034 (Maintainability) > 9052 (Invocation of a Control Element at an Unnecessarily Deep Horizontal Layer)
The code at one architectural layer invokes code that resides at a deeper layer than the adjacent layer, i.e., the call skips at least one layer.
*
Is
Issue
Invokable Control Element with Excessive File or Data Access Operations - (9160)
9001 (Default Graph) > 9034 (Maintainability) > 9160 (Invokable Control Element with Excessive File or Data Access Operations)
A named callable or method control element contains too many operations that utilize a data manager or file resource.
*
Is
Issue
Invokable Control Element with Signature Containing an Excessive Number of Parameters - (9093)
9001 (Default Graph) > 9034 (Maintainability) > 9093 (Invokable Control Element with Signature Containing an Excessive Number of Parameters)
The software contains a named callable or method control element whose signature has an unnecessarily large number of parameters.
*
Is
Issue
Loop Condition Value Update within the Loop - (9190)
9001 (Default Graph) > 9034 (Maintainability) > 9190 (Loop Condition Value Update within the Loop)
The software uses a loop with a control flow condition based on a value that is updated within the body of the loop.
*
Is
Issue
Method Containing Access of a Member Element from Another Class - (9181)
9001 (Default Graph) > 9034 (Maintainability) > 9181 (Method Containing Access of a Member Element from Another Class)
A method for a class performs an operation that directly accesses a member element from another class.
+
Ch
Characteristic
Modularity - (9064)
9001 (Default Graph) > 9034 (Maintainability) > 9064 (Modularity)
Modularity is a Quality_Characteristic describing the component's ability to be decomposed and matched in other ways (loosely coupled).
*
Is
Issue
Modules with Circular Dependencies - (9018)
9001 (Default Graph) > 9034 (Maintainability) > 9064 (Modularity) > 9018 (Modules with Circular Dependencies)
The software contains modules with circular dependencies.
*
Is
Issue
Multiple Inheritance from Concrete Classes - (9060)
9001 (Default Graph) > 9034 (Maintainability) > 9060 (Multiple Inheritance from Concrete Classes)
The software contains a class with inheritance from more than one concrete class.
*
Is
Issue
Reliance on Machine-Dependent Data Representation - (9203)
9001 (Default Graph) > 9034 (Maintainability) > 9203 (Reliance on Machine-Dependent Data Representation)
The code uses a data representation that relies on low-level data representation or constructs that may vary across different processors, physical machines, OSes, or other physical components.
*
Is
Issue
Reliance on Runtime Component in Generated Code - (9202)
9001 (Default Graph) > 9034 (Maintainability) > 9202 (Reliance on Runtime Component in Generated Code)
The product uses automatically-generated code that cannot be executed without a specific runtime support component.
+
Ch
Characteristic
Reusability - (9055)
9001 (Default Graph) > 9034 (Maintainability) > 9055 (Reusability)
Reusability is a Quality_Characteristic describing how efficiently an entity can be used in new applications.
*
Pr
Practice
Reuse - (9088)
9001 (Default Graph) > 9034 (Maintainability) > 9055 (Reusability) > 9088 (Reuse)
Reuse
*
Is
Issue
Source Code File with Excessive Number of Lines of Code - (9151)
9001 (Default Graph) > 9034 (Maintainability) > 9151 (Source Code File with Excessive Number of Lines of Code)
A source code file has too many lines of code.
*
Is
Issue
Unconditional Control Flow Transfer outside of Switch Block - (9134)
9001 (Default Graph) > 9034 (Maintainability) > 9134 (Unconditional Control Flow Transfer outside of Switch Block)
The software performs unconditional control transfer (such as a "goto") in code outside of a branching structure such as a switch block.
*
Is
Issue
Unreachable Invokable Control Element - (9079)
9001 (Default Graph) > 9034 (Maintainability) > 9079 (Unreachable Invokable Control Element)
The software contains a named callable or method control element that is not reachable by other code, i.e. is dead code.
+
Ch
Characteristic
Usability - (9174)
9001 (Default Graph) > 9034 (Maintainability) > 9174 (Usability)
Usability is a Quality_Characteristic describing how much effort is needed to learn, operate, and interpret outputs of an entity.
+
Ch
Characteristic
Accessibility - (9033)
9001 (Default Graph) > 9034 (Maintainability) > 9174 (Usability) > 9033 (Accessibility)
Accessibility is a Quality_Characteristic describing the degree to which a wide variety of users can use the entity.
*
Ch
Characteristic
Availability - (9092)
9001 (Default Graph) > 9034 (Maintainability) > 9174 (Usability) > 9033 (Accessibility) > 9092 (Availability)
Availability is a Quality_Characteristic describing the degree to which an entity will operate satisfactorily.
*
Ch
Characteristic
Learnability - (9171)
9001 (Default Graph) > 9034 (Maintainability) > 9174 (Usability) > 9171 (Learnability)
Learnability is a Quality_Characteristic describing how easily a human can become familiar with an entity.
*
Ch
Characteristic
Operability - (9015)
9001 (Default Graph) > 9034 (Maintainability) > 9174 (Usability) > 9015 (Operability)
Operability is a Quality_Characteristic describing how fit or ready an entity is for use.
+
Ch
Characteristic
Understandability - (9084)
9001 (Default Graph) > 9034 (Maintainability) > 9174 (Usability) > 9084 (Understandability)
Understandability is a Quality_Characteristic describing how easily an entity can be comprehended.
+
Ch
Characteristic
Analyzability - (9012)
9001 (Default Graph) > 9034 (Maintainability) > 9174 (Usability) > 9084 (Understandability) > 9012 (Analyzability)
Analyzability is a Quality_Characteristic describing how easily an entity can be examined.
+
Ch
Characteristic
Legibility - (9066)
9001 (Default Graph) > 9034 (Maintainability) > 9174 (Usability) > 9084 (Understandability) > 9012 (Analyzability) > 9066 (Legibility)
Legibility is a Quality_Characteristic describing how easily an entity can be read.
*
Is
Issue
Inappropriate Comment Style - (9214)
9001 (Default Graph) > 9034 (Maintainability) > 9174 (Usability) > 9084 (Understandability) > 9012 (Analyzability) > 9066 (Legibility) > 9214 (Inappropriate Comment Style)
The source code uses comment styles or formats that are inconsistent or do not follow expected standards for the product.
*
Is
Issue
Source Code Element without Standard Prologue - (9216)
9001 (Default Graph) > 9034 (Maintainability) > 9174 (Usability) > 9084 (Understandability) > 9012 (Analyzability) > 9216 (Source Code Element without Standard Prologue)
The source code contains elements such as source files or callables that do not consistently follow a prologue or header that has been standardized for the project.
+
Ch
Characteristic
Communicativeness - (9149)
9001 (Default Graph) > 9034 (Maintainability) > 9174 (Usability) > 9084 (Understandability) > 9149 (Communicativeness)
Communicativeness is a Quality_Characteristic describing how well an entity shares an idea.
*
Ch
Characteristic
Conciseness - (9056)
9001 (Default Graph) > 9034 (Maintainability) > 9174 (Usability) > 9084 (Understandability) > 9149 (Communicativeness) > 9056 (Conciseness)
Conciseness is a Quality_Characteristic describing how briefly and accurately an idea can be conveyed.
*
Is
Issue
Use of Inaccurate Comments - (9217)
9001 (Default Graph) > 9034 (Maintainability) > 9217 (Use of Inaccurate Comments)
The source code contains comments that do not accurately describe or explain aspects of the portion of the code with which the comment is associated.
*
Is
Issue
Use of Platform-Dependent Third Party Components - (9204)
9001 (Default Graph) > 9034 (Maintainability) > 9204 (Use of Platform-Dependent Third Party Components)
The product relies on third-party software components that do not provide equivalent functionality across all desirable platforms.
*
Is
Issue
Use of Redundant Code - (9011)
9001 (Default Graph) > 9034 (Maintainability) > 9011 (Use of Redundant Code)
The software has two or more invokable control elements that contain the same code.
*
Is
Issue
Use of Same Invokable Control Element in Multiple Architectural Layers - (9184)
9001 (Default Graph) > 9034 (Maintainability) > 9184 (Use of Same Invokable Control Element in Multiple Architectural Layers)
The software uses the same control element across multiple architectural layers.
*
Is
Issue
Use of Same Variable for Multiple Purposes - (9210)
9001 (Default Graph) > 9034 (Maintainability) > 9210 (Use of Same Variable for Multiple Purposes)
The code contains a callable, block, or other code element in which the same variable is used to control more than one unique task or store more than one instance of data.
*
Is
Issue
Use of Unmaintained Third Party Components - (9205)
9001 (Default Graph) > 9034 (Maintainability) > 9205 (Use of Unmaintained Third Party Components)
The product relies on third-party components that are not actively supported or maintained by the original developer or a trusted proxy for the original developer.
+
Ch
Characteristic
Performance - (9169)
9001 (Default Graph) > 9169 (Performance)
Performance is a Quality_Characteristic describing how an entity executes its required functions.
*
Is
Issue
Allocation of Memory without Associated Release - (9112)
9001 (Default Graph) > 9169 (Performance) > 9112 (Allocation of Memory without Associated Release)
The software allocates memory for a data element, but it does not release the associated memory at a later time.
*
Ch
Characteristic
Availability - (9092)
9001 (Default Graph) > 9169 (Performance) > 9092 (Availability)
Availability is a Quality_Characteristic describing the degree to which an entity will operate satisfactorily.
*
Ch
Characteristic
Co-existence - (9188)
9001 (Default Graph) > 9169 (Performance) > 9188 (Co-existence)
Co-existence is a Quality_Characteristic describing how well elements are shared between entities.
*
Is
Issue
Creation of Immutable Text Using String Concatenation - (9014)
9001 (Default Graph) > 9169 (Performance) > 9014 (Creation of Immutable Text Using String Concatenation)
The software creates an immutable text string using string concatenation operations.
*
Is
Issue
Data Access Operations Outside of Expected Data Manager Component - (9069)
9001 (Default Graph) > 9169 (Performance) > 9069 (Data Access Operations Outside of Expected Data Manager Component)
The software performs data-access operations that do not use a dedicated, central data manager component.
*
Is
Issue
Data Element Aggregating an Excessively Large Number of Non-Primitive Elements - (9005)
9001 (Default Graph) > 9169 (Performance) > 9005 (Data Element Aggregating an Excessively Large Number of Non-Primitive Elements)
The software uses a data element that has an excessively large number of sub-elements with non-primitive data types (i.e., aggregated objects).
*
Is
Issue
Data Resource Access without Use of Connection Pooling - (9116)
9001 (Default Graph) > 9169 (Performance) > 9116 (Data Resource Access without Use of Connection Pooling)
The software accesses a data resource without using a connection pooling capability.
*
Ch
Characteristic
Durability - (9186)
9001 (Default Graph) > 9169 (Performance) > 9186 (Durability)
Durability is a Quality_Characteristic describing how well an entity survives over its lifetime.
+
Ch
Characteristic
Efficiency - (9074)
9001 (Default Graph) > 9169 (Performance) > 9074 (Efficiency)
Efficiency is a Quality_Characteristic describing how an entity performs in relation to the amount of energy (work) required to perform.
*
Ch
Characteristic
Capacity/Allocation - (9101)
9001 (Default Graph) > 9169 (Performance) > 9074 (Efficiency) > 9101 (Capacity/Allocation)
Capacity/Allocation is a Quality_Characteristic describing how well limited resources are managed.
*
Ch
Characteristic
Conciseness - (9056)
9001 (Default Graph) > 9169 (Performance) > 9074 (Efficiency) > 9056 (Conciseness)
Conciseness is a Quality_Characteristic describing how briefly and accurately an idea can be conveyed.
+
Ch
Characteristic
Modularity - (9064)
9001 (Default Graph) > 9169 (Performance) > 9074 (Efficiency) > 9064 (Modularity)
Modularity is a Quality_Characteristic describing the component's ability to be decomposed and matched in other ways (loosely coupled).
*
Is
Issue
Modules with Circular Dependencies - (9018)
9001 (Default Graph) > 9169 (Performance) > 9074 (Efficiency) > 9064 (Modularity) > 9018 (Modules with Circular Dependencies)
The software contains modules with circular dependencies.
+
Ch
Characteristic
Reusability - (9055)
9001 (Default Graph) > 9169 (Performance) > 9074 (Efficiency) > 9055 (Reusability)
Reusability is a Quality_Characteristic describing how efficiently an entity can be used in new applications.
*
Pr
Practice
Reuse - (9088)
9001 (Default Graph) > 9169 (Performance) > 9074 (Efficiency) > 9055 (Reusability) > 9088 (Reuse)
Reuse
+
Is
Issue
Excessive Code Complexity - (9221)
9001 (Default Graph) > 9169 (Performance) > 9221 (Excessive Code Complexity)
The code is too complex, as calculated using a well-defined, quantitative measure.
*
Is
Issue
Excessive Attack Surface - (9226)
9001 (Default Graph) > 9169 (Performance) > 9221 (Excessive Code Complexity) > 9226 (Excessive Attack Surface)
The product has an attack surface whose quantitative measurement exceeds a desirable maximum.
+
Is
Issue
Excessive Cyclomatic Complexity - (9222)
9001 (Default Graph) > 9169 (Performance) > 9221 (Excessive Code Complexity) > 9222 (Excessive Cyclomatic Complexity)
The code contains McCabe cyclomatic complexity that exceeds a desirable maximum.
*
Is
Issue
Excessive Cyclomatic Complexity Within an Invokable Control Element - (9185)
9001 (Default Graph) > 9169 (Performance) > 9221 (Excessive Code Complexity) > 9222 (Excessive Cyclomatic Complexity) > 9185 (Excessive Cyclomatic Complexity Within an Invokable Control Element)
A named callable or method control element contains control flow that exceeds the desired cyclomatic complexity.
*
Is
Issue
Excessive Halstead Complexity - (9223)
9001 (Default Graph) > 9169 (Performance) > 9221 (Excessive Code Complexity) > 9223 (Excessive Halstead Complexity)
The code is structured in a way that a Halstead complexity measure exceeds a desirable maximum.
*
Is
Issue
Excessively Deep Nesting - (9225)
9001 (Default Graph) > 9169 (Performance) > 9221 (Excessive Code Complexity) > 9225 (Excessively Deep Nesting)
The code contains a callable or other code grouping in which the nesting / branching is too deep.
*
Is
Issue
Excessive Data Query Operations in a Large Data Table - (9027)
9001 (Default Graph) > 9169 (Performance) > 9027 (Excessive Data Query Operations in a Large Data Table)
The software performs a data query with a large number of joins and sub-queries on a large data table.
*
Is
Issue
Excessive Execution of Sequential Searches of Data Resource - (9103)
9001 (Default Graph) > 9169 (Performance) > 9103 (Excessive Execution of Sequential Searches of Data Resource)
The software contains a data query against an SQL table or view that is configured in a way that does not utilize an index and may cause sequential searches to be performed.
*
Is
Issue
Excessive Index Range Scan for a Data Resource - (9187)
9001 (Default Graph) > 9169 (Performance) > 9187 (Excessive Index Range Scan for a Data Resource)
The software contains an index range scan for a data resource, but the scan can cover a large number of rows.
*
Is
Issue
Excessive Number of Data Accesses using Inefficient Procedures - (9077)
9001 (Default Graph) > 9169 (Performance) > 9077 (Excessive Number of Data Accesses using Inefficient Procedures)
The software does not use efficient data-processing capabilities (such as stored procedures) when accessing data.
*
Is
Issue
Excessive Number of Indices for a Large Data Table - (9175)
9001 (Default Graph) > 9169 (Performance) > 9175 (Excessive Number of Indices for a Large Data Table)
The software uses a data table that contains a large number of indices.
*
Is
Issue
Excessive Platform Resource Consumption within a Loop - (9041)
9001 (Default Graph) > 9169 (Performance) > 9041 (Excessive Platform Resource Consumption within a Loop)
The software contains a loop or loop condition that directly or indirectly consumes platform resources, e.g. sessions or file descriptors.
+
Ch
Characteristic
Functionality - (9091)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality)
Functionality is a Quality_Characteristic describing how well an entity performs as designed.
+
Ch
Characteristic
Compliance - (9098)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9098 (Compliance)
Compliance is a Quality_Characteristic describing how well an entity conforms to a defined standard.
+
Ch
Characteristic
Consistency - (9065)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9098 (Compliance) > 9065 (Consistency)
Consistency is a Quality_Characteristic describing how well an entity conforms to an undefined convention.
*
Is
Issue
Inconsistency Between Implementation and Documented Design - (9107)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9098 (Compliance) > 9065 (Consistency) > 9107 (Inconsistency Between Implementation and Documented Design)
The implementation of the product is not consistent with the design as described within the relevant documentation.
*
Is
Issue
Inconsistent Naming Conventions for Identifiers - (9200)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9098 (Compliance) > 9065 (Consistency) > 9200 (Inconsistent Naming Conventions for Identifiers)
The product's code, documentation, or other artifacts do not consistently use the same naming conventions for variables, callables, groups of related callables, I/O capabilities, data types, file names, or similar types of elements.
*
Ch
Characteristic
Perceived Value - (9150)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9150 (Perceived Value)
Perceived Value is a Quality_Characteristic describing cost to benefit analysis when compared to a similar entity.
*
Ch
Characteristic
Portability - (9048)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9048 (Portability)
Portability is a Quality_Characteristic describing the effort required to adapt or translate to other environments.
+
Ch
Characteristic
Security - (9115)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security)
A Quality_Characteristic describing safeguarding sensitive data from unintended actors.
*
Is
Issue
Array Index Improper Input Neutralization - (129)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 129 (Array Index Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the read or write action to access the array; none of the callable or method control element of the transformation sequence being a range check callable and method control element with regards to the array index.
*
Ch
Characteristic
Authentication - (9133)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9133 (Authentication)
Authentication is a Quality_Characteristic describing whether an entity is what it is said to be.
*
Is
Issue
Broken or Risky Cryptographic Algorithm Usage - (327)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 327 (Broken or Risky Cryptographic Algorithm Usage)
This pattern identifies situations where the application uses the cryptographic deployed component while it is not part of the list of vetted cryptographic deployed components. As an example, FIPS 140-2 features a list of validated implementations.
*
Is
Issue
Buffer Copy without Checking Size of Input - (120)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 120 (Buffer Copy without Checking Size of Input)
This pattern identifies situations where two buffer storable elements or member elements are allocated with specific sizes in the source buffer allocation statement and target buffer allocation statement, transformed within the application via transformation sequences composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, then ultimately used by the application to move the content of the first buffer onto the content of the second buffer through the move buffer statement, while the size of the first buffer is greater than the size of the second buffer.
+
Ch
Characteristic
Compliance - (9098)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9098 (Compliance)
Compliance is a Quality_Characteristic describing how well an entity conforms to a defined standard.
+
Ch
Characteristic
Consistency - (9065)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9098 (Compliance) > 9065 (Consistency)
Consistency is a Quality_Characteristic describing how well an entity conforms to an undefined convention.
*
Is
Issue
Inconsistency Between Implementation and Documented Design - (9107)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9098 (Compliance) > 9065 (Consistency) > 9107 (Inconsistency Between Implementation and Documented Design)
The implementation of the product is not consistent with the design as described within the relevant documentation.
*
Is
Issue
Inconsistent Naming Conventions for Identifiers - (9200)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9098 (Compliance) > 9065 (Consistency) > 9200 (Inconsistent Naming Conventions for Identifiers)
The product's code, documentation, or other artifacts do not consistently use the same naming conventions for variables, callables, groups of related callables, I/O capabilities, data types, file names, or similar types of elements.
*
Ch
Characteristic
Confidentiality - (9025)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9025 (Confidentiality)
A Quality_Characteristic describing the level of protection used to safeguard sensitive data.
*
Is
Issue
Cross-site Scripting Improper Input Neutralization - (79)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 79 (Cross-site Scripting Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the user interface WritesUI action; none of the callable or method control element of the transformation sequence being a vetted sanitization control element from the list of vetted sanitization control elements.
*
Is
Issue
Declaration of Catch for Generic Exception - (396)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 396 (Declaration of Catch for Generic Exception)
This pattern identifies situations where the named callable control element or method control element contains the catch unit which declares to catch the exception parameter whose datatype is part of the list of overly broad exception datatypes. With Java, an example is {'java.lang.Exception'}.
*
Is
Issue
Declaration of Throws for Generic Exception - (397)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 397 (Declaration of Throws for Generic Exception)
This pattern identifies situations where the named callable control element or method control element throws with the Throws action the exception parameter whose datatype is part of the list of overly broad exception datatypes. In Java, one example from this list is {'java.lang.Exception'}.
*
Is
Issue
Excessive Attack Surface - (9226)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9226 (Excessive Attack Surface)
The product has an attack surface whose quantitative measurement exceeds a desirable maximum.
*
Is
Issue
Expired or Released Resource Usage - (672)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 672 (Expired or Released Resource Usage)
This pattern identifies situations where the platform resource is deallocated in the manages action using its unique resource handler value which is transported throughout the application via the transport sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, then used later within the application to try and access the resource in the read or write action.
*
Is
Issue
File Upload Improper Input Neutralization - (434)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 434 (File Upload Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the file upload action; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control element from the list of vetted sanitization callable and method control elements.
*
Is
Issue
Format String Improper Input Neutralization - (134)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 134 (Format String Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the formatting statement; none of the callable or method control element of the transformation sequence being a vetted sanitization control element from the list of vetted sanitization control elements.
*
Is
Issue
Hard-Coded Credentials Usage for Remote Authentication - (798)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 798 (Hard-Coded Credentials Usage for Remote Authentication)
This pattern identifies situations where a literal value is hard-coded in the application via the Write action, transported throughout the application along the sequence composed of ActionElements with DataRelations, some of which being part of named callable and method control elements, and ultimately used in the remote resource management action; the transport sequence is composed of assignment operations as updates to the value would not be considered as hard-coded (literal) any more.
*
Ch
Characteristic
Integrity - (9148)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9148 (Integrity)
Integrity is a Quality_Characteristic describing whether data has been corrupted in transmission.
*
Is
Issue
Loop with Unreachable Exit Condition ('Infinite Loop') - (835)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 835 (Loop with Unreachable Exit Condition ('Infinite Loop'))
This pattern identifies situations where the named callable control element or method control element features the execution path whose entry element is found again in the path, while it has no path whatsoever to not return to itself and exit the recursion.
*
Is
Issue
Missing Release of Resource after Effective Lifetime - (772)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 772 (Missing Release of Resource after Effective Lifetime)
This pattern identifies situations where the platform resource is allocated and assigned a unique resource handler value via the ManagesResource action, its unique resource handler value is used throughout the application, along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, none of which being a resource release statement.
*
Is
Issue
Name or Reference Resolution Improper Input Neutralization - (99)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 99 (Name or Reference Resolution Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the platform action to access a resource by its name; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control elements from the list of vetted sanitization callable and method control elements.
*
Ch
Characteristic
Non-repudiation - (9009)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9009 (Non-repudiation)
Non-repudiation is a Quality_Characteristic describing whether data has been verified against its source.
*
Is
Issue
Numeric Types Incorrect Conversion - (681)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 681 (Numeric Types Incorrect Conversion)
This pattern identifies situations where the storable element or member element is declared with the numerical datatype in the Create action, then updated with a value which is cast via the type cast action into the second numerical datatype, which is incompatible with the first one.
*
Is
Issue
OS Command Injection Improper Input Neutralization - (78)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 78 (OS Command Injection Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the platform action to be executed by the execution environment; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control element from the list of vetted sanitization callable and method control elements.
*
Is
Issue
Path Traversal Improper Input Neutralization - (22)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 22 (Path Traversal Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the file path creation statement; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control element from the list of vetted sanitization control elements.
*
Is
Issue
SQL Injection Improper Input Neutralization - (89)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 89 (SQL Injection Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the SQL compilation statement; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control elements from the list of vetted sanitization control elements.
*
Is
Issue
Shared Resource Improper Locking - (667)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 667 (Shared Resource Improper Locking)
This pattern identifies situations where the shared storable data element or member data element, declared with the Create action, is accessed outside a critical section of the application via the Read or Write action. The critical nature of the section is technology and platform dependent. As examples, in C/C++, critical nature comes from the use of 'mtx_lock' and 'mtx_unlock' from the 'threads.h' standard C language API, or from the use of 'pthread_mutex_lock' and 'pthread_mutex_unlock' from the 'pthreads.h' C/C++ POSIX API, or from the use of 'EnterCriticalSection' and 'LeaveCriticalSection' from the 'windows.h' C/C++ Win32 API. As other examples, in Java, critical nature comes from the use of the 'synchronized' keyword, and in C#, critical nature comes from the use of the 'lock' keyword.
*
Is
Issue
Storable and Member Data Element Missing Initialization - (456)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 456 (Storable and Member Data Element Missing Initialization)
The software contains a storable or member data element that is not initialized before it is used.
+
Ch
Characteristic
Structuredness - (9099)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9099 (Structuredness)
Structuredness is a Quality_Characteristic describing how well an entity conforms to a given arrangement or partition.
+
Ch
Characteristic
Consistency - (9065)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9099 (Structuredness) > 9065 (Consistency)
Consistency is a Quality_Characteristic describing how well an entity conforms to an undefined convention.
*
Is
Issue
Inconsistency Between Implementation and Documented Design - (9107)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9099 (Structuredness) > 9065 (Consistency) > 9107 (Inconsistency Between Implementation and Documented Design)
The implementation of the product is not consistent with the design as described within the relevant documentation.
*
Is
Issue
Inconsistent Naming Conventions for Identifiers - (9200)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 9099 (Structuredness) > 9065 (Consistency) > 9200 (Inconsistent Naming Conventions for Identifiers)
The product's code, documentation, or other artifacts do not consistently use the same naming conventions for variables, callables, groups of related callables, I/O capabilities, data types, file names, or similar types of elements.
*
Is
Issue
Unchecked Input for Loop Condition - (606)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 606 (Unchecked Input for Loop Condition)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the loop condition statement; none of the callable or method control element of the transformation sequence being a range check control element
*
Is
Issue
Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource - (252)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 252 (Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource)
A named callable control element or method control element performs an action that reads, writes, or manages access to a data or platform resource, but it does not check the return parameter from the action.
*
Is
Issue
Uncontrolled Memory Allocation - (789)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9115 (Security) > 789 (Uncontrolled Memory Allocation)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used as an index element to access a storable or member data element in the buffer Read or Write access action; none of the callable or method control element of the transformation sequence being a range check with regards to the 'Buffer' buffer that whose maximum size was defined in the buffer creation action.
*
Ch
Characteristic
Self-Containedness - (9128)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9128 (Self-Containedness)
Self-Containedness is a Quality_Characteristic describing how well an element operates independently.
+
Ch
Characteristic
Structuredness - (9099)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9099 (Structuredness)
Structuredness is a Quality_Characteristic describing how well an entity conforms to a given arrangement or partition.
+
Ch
Characteristic
Consistency - (9065)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9099 (Structuredness) > 9065 (Consistency)
Consistency is a Quality_Characteristic describing how well an entity conforms to an undefined convention.
*
Is
Issue
Inconsistency Between Implementation and Documented Design - (9107)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9099 (Structuredness) > 9065 (Consistency) > 9107 (Inconsistency Between Implementation and Documented Design)
The implementation of the product is not consistent with the design as described within the relevant documentation.
*
Is
Issue
Inconsistent Naming Conventions for Identifiers - (9200)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9099 (Structuredness) > 9065 (Consistency) > 9200 (Inconsistent Naming Conventions for Identifiers)
The product's code, documentation, or other artifacts do not consistently use the same naming conventions for variables, callables, groups of related callables, I/O capabilities, data types, file names, or similar types of elements.
*
Ch
Characteristic
Suitability - (9119)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9119 (Suitability)
Suitability is a Quality_Characteristic describing how well an entity meets objectives and requirements for a situation.
+
Ch
Characteristic
Usability - (9174)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9174 (Usability)
Usability is a Quality_Characteristic describing how much effort is needed to learn, operate, and interpret outputs of an entity.
+
Ch
Characteristic
Accessibility - (9033)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9174 (Usability) > 9033 (Accessibility)
Accessibility is a Quality_Characteristic describing the degree to which a wide variety of users can use the entity.
*
Ch
Characteristic
Availability - (9092)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9174 (Usability) > 9033 (Accessibility) > 9092 (Availability)
Availability is a Quality_Characteristic describing the degree to which an entity will operate satisfactorily.
*
Ch
Characteristic
Learnability - (9171)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9174 (Usability) > 9171 (Learnability)
Learnability is a Quality_Characteristic describing how easily a human can become familiar with an entity.
*
Ch
Characteristic
Operability - (9015)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9174 (Usability) > 9015 (Operability)
Operability is a Quality_Characteristic describing how fit or ready an entity is for use.
+
Ch
Characteristic
Understandability - (9084)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9174 (Usability) > 9084 (Understandability)
Understandability is a Quality_Characteristic describing how easily an entity can be comprehended.
+
Ch
Characteristic
Analyzability - (9012)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9174 (Usability) > 9084 (Understandability) > 9012 (Analyzability)
Analyzability is a Quality_Characteristic describing how easily an entity can be examined.
+
Ch
Characteristic
Legibility - (9066)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9174 (Usability) > 9084 (Understandability) > 9012 (Analyzability) > 9066 (Legibility)
Legibility is a Quality_Characteristic describing how easily an entity can be read.
*
Is
Issue
Inappropriate Comment Style - (9214)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9174 (Usability) > 9084 (Understandability) > 9012 (Analyzability) > 9066 (Legibility) > 9214 (Inappropriate Comment Style)
The source code uses comment styles or formats that are inconsistent or do not follow expected standards for the product.
*
Is
Issue
Source Code Element without Standard Prologue - (9216)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9174 (Usability) > 9084 (Understandability) > 9012 (Analyzability) > 9216 (Source Code Element without Standard Prologue)
The source code contains elements such as source files or callables that do not consistently follow a prologue or header that has been standardized for the project.
+
Ch
Characteristic
Communicativeness - (9149)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9174 (Usability) > 9084 (Understandability) > 9149 (Communicativeness)
Communicativeness is a Quality_Characteristic describing how well an entity shares an idea.
*
Ch
Characteristic
Conciseness - (9056)
9001 (Default Graph) > 9169 (Performance) > 9091 (Functionality) > 9174 (Usability) > 9084 (Understandability) > 9149 (Communicativeness) > 9056 (Conciseness)
Conciseness is a Quality_Characteristic describing how briefly and accurately an idea can be conveyed.
*
Is
Issue
Initialization within a Static Code Block - (9090)
9001 (Default Graph) > 9169 (Performance) > 9090 (Initialization within a Static Code Block)
A code block that has been declared static performs initialization of data.
*
Is
Issue
Non-SQL Named Callable and Method Control Element with Excessive Number of Data Resource Access - (9122)
9001 (Default Graph) > 9169 (Performance) > 9122 (Non-SQL Named Callable and Method Control Element with Excessive Number of Data Resource Access)
This pattern identifies situations where the client-side named callable and method control elements, not in any data manager resource, embeds a number of accesses to a data resource, which is considered too large because it exceeds the default threshold value of 2.
+
Ch
Characteristic
Reliability - (9120)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability)
Reliability is a Quality_Characteristic describing how dependably an entity performs.
*
Ch
Characteristic
Accountability - (9053)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9053 (Accountability)
Accountability is a Quality_Characteristic describing how well an entity records its actions.
+
Ch
Characteristic
Accuracy - (9008)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9008 (Accuracy)
Accuracy is a Quality_Characteristic describing how precise an entity's outputs are.
*
Ch
Characteristic
Completeness - (9020)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9008 (Accuracy) > 9020 (Completeness)
Completeness is a Quality_Characteristic describing how thorough an entity is.
*
Is
Issue
Buffer Copy without Checking Size of Input - (120)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 120 (Buffer Copy without Checking Size of Input)
This pattern identifies situations where two buffer storable elements or member elements are allocated with specific sizes in the source buffer allocation statement and target buffer allocation statement, transformed within the application via transformation sequences composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, then ultimately used by the application to move the content of the first buffer onto the content of the second buffer through the move buffer statement, while the size of the first buffer is greater than the size of the second buffer.
*
Is
Issue
Child Class Element without Virtual Destructor unlike its Parent Class Element - (9013)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9013 (Child Class Element without Virtual Destructor unlike its Parent Class Element)
This pattern identifies situations where, with languages where custom destructors can be written, the child class element used in the 'from' association of an Extends class relation whose parent class element that is used in the 'to' association of the Extends class relation, directly or indirectly through parent and child class element, has the parent virtual destructor, that lack its own virtual destructor.
*
Is
Issue
Class Element with Virtual Method Element without Virtual Destructor - (9166)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9166 (Class Element with Virtual Method Element without Virtual Destructor)
This pattern identifies situations where the class element contains the virtual method element yet without declaring any virtual destructor.
*
Is
Issue
Class Instance Self Destruction Control Element - (9156)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9156 (Class Instance Self Destruction Control Element)
This pattern identifies situations where the class element executes the control element to destroy itself. As an example of self-destruction control element in C++, the 'delete this' control element.
*
Ch
Characteristic
Co-existence - (9188)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9188 (Co-existence)
Co-existence is a Quality_Characteristic describing how well elements are shared between entities.
*
Is
Issue
Data Access Control Element from Outside Designated Data Manager Component - (9159)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9159 (Data Access Control Element from Outside Designated Data Manager Component)
This pattern identifies situations where named callable control element or method control element executes the data action statement although it is not part of a component identified as one of the dedicated data access components from the data access component list. The data access component can be either client-side or server-side, which means that data access components can be developed using non-SQL languages. The pattern simply identifies situations where the implementation does not follow the intended design, regardless of the design.
*
Is
Issue
Declaration of Catch for Generic Exception - (396)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 396 (Declaration of Catch for Generic Exception)
This pattern identifies situations where the named callable control element or method control element contains the catch unit which declares to catch the exception parameter whose datatype is part of the list of overly broad exception datatypes. With Java, an example is {'java.lang.Exception'}.
*
Is
Issue
Declaration of Throws for Generic Exception - (397)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 397 (Declaration of Throws for Generic Exception)
This pattern identifies situations where the named callable control element or method control element throws with the Throws action the exception parameter whose datatype is part of the list of overly broad exception datatypes. In Java, one example from this list is {'java.lang.Exception'}.
*
Is
Issue
Empty Exception Block - (9108)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9108 (Empty Exception Block)
An invokable code block contains an exception handling block that is empty.
*
Is
Issue
Float Type Storable and Member Data Element Comparison with Equality Operator - (9138)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9138 (Float Type Storable and Member Data Element Comparison with Equality Operator)
This pattern identifies situations where the floating value 1 and floating value 2 of storable or member data elements of float types, are tested for equality with regular comparison operators in the comparison control element.
*
Is
Issue
Incorrect Type Conversion or Cast - (704)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 704 (Incorrect Type Conversion or Cast)
This pattern identifies situations where the storable element or member element is declared with the datatype in the Create action, then updated with a value that is cast via the type cast action into the second datatype, which is incompatible with the first one.
*
Is
Issue
Initialization with Hard-Coded Network Resource Configuration Data - (9042)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9042 (Initialization with Hard-Coded Network Resource Configuration Data)
The software initializes data using hard-coded values related to network configuration.
*
Is
Issue
Invokable Control Element with Variadic Parameter Element - (9062)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9062 (Invokable Control Element with Variadic Parameter Element)
A named-callable or method control element has a signature that supports a variable number of parameters.
*
Ch
Characteristic
Maturity - (9114)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9114 (Maturity)
Maturity is a Quality_Characteristic describing how well an entity's behaviors can reliably and sustainably produce required outcomes.
*
Is
Issue
Memory Location Access After End of Buffer - (788)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 788 (Memory Location Access After End of Buffer)
This pattern identifies situations where the value element is transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used as an index element to access a storable or member data element in the buffer Read or Write access action; none of the callable or method control element of the transformation sequence being a range check with regards to the buffer whose maximum size was defined in the buffer creation action.
*
Is
Issue
Missing Release of Resource after Effective Lifetime - (772)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 772 (Missing Release of Resource after Effective Lifetime)
This pattern identifies situations where the platform resource is allocated and assigned a unique resource handler value via the ManagesResource action, its unique resource handler value is used throughout the application, along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, none of which being a resource release statement.
*
Is
Issue
Missing Serialization Control Element - (9102)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9102 (Missing Serialization Control Element)
The software contains a serializable data element that does not have an associated serialization method.
*
Is
Issue
Modules with Circular Dependencies - (9018)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9018 (Modules with Circular Dependencies)
The software contains modules with circular dependencies.
*
Is
Issue
Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element - (9070)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9070 (Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element)
This pattern identifies situations where the named callable control element or method control element owns unsafe non-final static storable or member data element while it operates in a multi-threaded environment.
*
Is
Issue
Parent Class Element with References to Child Class Element - (9087)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9087 (Parent Class Element with References to Child Class Element)
This pattern identifies situations where the parent class element that is used in the 'to' association of the Extends class relation, references the child class element used in the 'from' association of the Extends class relation, directly or indirectly through parent and child class element, with the callable or data relations. The reference statement is made directly to the child class element or to any one of its own method or member elements.
*
Is
Issue
Parent Class Element without Virtual Destructor Method Element - (9147)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9147 (Parent Class Element without Virtual Destructor Method Element)
This pattern identifies situations where, with languages where custom destructors can be written, the parent class element of the child class element via an Extends class relation has no virtual destructor.
*
Is
Issue
Persistent Storable Data Element without Associated Comparison Control Element - (9193)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9193 (Persistent Storable Data Element without Associated Comparison Control Element)
The software uses a storable data element that does not have all of the associated control elements that are necessary to support comparison.
+
Ch
Characteristic
Recoverability - (9117)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9117 (Recoverability)
Recoverability is a Quality_Characteristic describing how easily an entity returns to a desired state from unexpected situations.
*
Ch
Characteristic
Replaceability - (9051)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9117 (Recoverability) > 9051 (Replaceability)
Replaceability is a Quality_Characteristic describing how easily an element can be exchanged in a given environment.
*
Ch
Characteristic
Robustness - (9163)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9163 (Robustness)
Robustness is a Quality_Characteristic describing how well an entity can perform given unexpected situations.
*
Is
Issue
Runtime Resource Management Control Element in a Component Built to Run on Application Servers - (9100)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9100 (Runtime Resource Management Control Element in a Component Built to Run on Application Servers)
This pattern identifies situations where the application uses deployed component from the platform deployed component list, yet uses control elements from the list of low-level resource management API.
*
Is
Issue
Serializable Data Element Containing non-Serializable Item Elements - (9110)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9110 (Serializable Data Element Containing non-Serializable Item Elements)
The software contains a serializable, storable data element, but the data element contains item elements that are not serializable.
*
Is
Issue
Singleton Class Instance Creation without Proper Lock Element Management - (9192)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9192 (Singleton Class Instance Creation without Proper Lock Element Management)
This pattern identifies situations where the singleton class element, that is, a class element that can be used only once in the 'to' association of a Create action, is instantiated with the Creates action element without any prior locking mechanism activation.
*
Ch
Characteristic
Stability - (9195)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9195 (Stability)
Stability is a Quality_Characteristic describing how well an entity can reliably perform over a period of time.
*
Is
Issue
Storable and Member Data Element Missing Initialization - (456)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 456 (Storable and Member Data Element Missing Initialization)
The software contains a storable or member data element that is not initialized before it is used.
*
Is
Issue
Storable or Member Data Element containing Pointer Item Element without Proper Copy Control Element - (9194)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9194 (Storable or Member Data Element containing Pointer Item Element without Proper Copy Control Element)
This pattern identifies situations where the storable data element or member data element contains the child pointer data element but has no dedicated copy operation or copy constructor element.
*
Is
Issue
Synchronous Call Time-Out Absence - (9173)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 9173 (Synchronous Call Time-Out Absence)
This pattern identifies situations where the synchronous call instruction is initiated but the time-out argument is not set or set to infinite time.
*
Is
Issue
Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource - (252)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 252 (Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource)
A named callable control element or method control element performs an action that reads, writes, or manages access to a data or platform resource, but it does not check the return parameter from the action.
*
Is
Issue
Uncontrolled Recursion - (674)
9001 (Default Graph) > 9169 (Performance) > 9120 (Reliability) > 674 (Uncontrolled Recursion)
This pattern identifies situations where the named callable control element or method control element features the recursive execution path.
*
Ch
Characteristic
Robustness - (9163)
9001 (Default Graph) > 9169 (Performance) > 9163 (Robustness)
Robustness is a Quality_Characteristic describing how well an entity can perform given unexpected situations.
*
Ch
Characteristic
Stability - (9195)
9001 (Default Graph) > 9169 (Performance) > 9195 (Stability)
Stability is a Quality_Characteristic describing how well an entity can reliably perform over a period of time.
*
Is
Issue
Static Member Data Element outside of a Singleton Class Element - (9004)
9001 (Default Graph) > 9169 (Performance) > 9004 (Static Member Data Element outside of a Singleton Class Element)
This pattern identifies situations where the static member element is declared as static but its parent class element is not a singleton class, that is, a class element that can be used only once in the 'to' association of a Create action; it does not take into account final static fields.
*
Is
Issue
Use of Data Element without Invoking Deconstructor Method - (9182)
9001 (Default Graph) > 9169 (Performance) > 9182 (Use of Data Element without Invoking Deconstructor Method)
The software accesses a data element but does not later invoke its associated finalize method.
+
Ch
Characteristic
Reliability - (9120)
9001 (Default Graph) > 9120 (Reliability)
Reliability is a Quality_Characteristic describing how dependably an entity performs.
*
Ch
Characteristic
Accountability - (9053)
9001 (Default Graph) > 9120 (Reliability) > 9053 (Accountability)
Accountability is a Quality_Characteristic describing how well an entity records its actions.
+
Ch
Characteristic
Accuracy - (9008)
9001 (Default Graph) > 9120 (Reliability) > 9008 (Accuracy)
Accuracy is a Quality_Characteristic describing how precise an entity's outputs are.
*
Ch
Characteristic
Completeness - (9020)
9001 (Default Graph) > 9120 (Reliability) > 9008 (Accuracy) > 9020 (Completeness)
Completeness is a Quality_Characteristic describing how thorough an entity is.
*
Is
Issue
Buffer Copy without Checking Size of Input - (120)
9001 (Default Graph) > 9120 (Reliability) > 120 (Buffer Copy without Checking Size of Input)
This pattern identifies situations where two buffer storable elements or member elements are allocated with specific sizes in the source buffer allocation statement and target buffer allocation statement, transformed within the application via transformation sequences composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, then ultimately used by the application to move the content of the first buffer onto the content of the second buffer through the move buffer statement, while the size of the first buffer is greater than the size of the second buffer.
*
Is
Issue
Child Class Element without Virtual Destructor unlike its Parent Class Element - (9013)
9001 (Default Graph) > 9120 (Reliability) > 9013 (Child Class Element without Virtual Destructor unlike its Parent Class Element)
This pattern identifies situations where, with languages where custom destructors can be written, the child class element used in the 'from' association of an Extends class relation whose parent class element that is used in the 'to' association of the Extends class relation, directly or indirectly through parent and child class element, has the parent virtual destructor, that lack its own virtual destructor.
*
Is
Issue
Class Element with Virtual Method Element without Virtual Destructor - (9166)
9001 (Default Graph) > 9120 (Reliability) > 9166 (Class Element with Virtual Method Element without Virtual Destructor)
This pattern identifies situations where the class element contains the virtual method element yet without declaring any virtual destructor.
*
Is
Issue
Class Instance Self Destruction Control Element - (9156)
9001 (Default Graph) > 9120 (Reliability) > 9156 (Class Instance Self Destruction Control Element)
This pattern identifies situations where the class element executes the control element to destroy itself. As an example of self-destruction control element in C++, the 'delete this' control element.
*
Ch
Characteristic
Co-existence - (9188)
9001 (Default Graph) > 9120 (Reliability) > 9188 (Co-existence)
Co-existence is a Quality_Characteristic describing how well elements are shared between entities.
*
Is
Issue
Data Access Control Element from Outside Designated Data Manager Component - (9159)
9001 (Default Graph) > 9120 (Reliability) > 9159 (Data Access Control Element from Outside Designated Data Manager Component)
This pattern identifies situations where named callable control element or method control element executes the data action statement although it is not part of a component identified as one of the dedicated data access components from the data access component list. The data access component can be either client-side or server-side, which means that data access components can be developed using non-SQL languages. The pattern simply identifies situations where the implementation does not follow the intended design, regardless of the design.
*
Is
Issue
Declaration of Catch for Generic Exception - (396)
9001 (Default Graph) > 9120 (Reliability) > 396 (Declaration of Catch for Generic Exception)
This pattern identifies situations where the named callable control element or method control element contains the catch unit which declares to catch the exception parameter whose datatype is part of the list of overly broad exception datatypes. With Java, an example is {'java.lang.Exception'}.
*
Is
Issue
Declaration of Throws for Generic Exception - (397)
9001 (Default Graph) > 9120 (Reliability) > 397 (Declaration of Throws for Generic Exception)
This pattern identifies situations where the named callable control element or method control element throws with the Throws action the exception parameter whose datatype is part of the list of overly broad exception datatypes. In Java, one example from this list is {'java.lang.Exception'}.
*
Is
Issue
Empty Exception Block - (9108)
9001 (Default Graph) > 9120 (Reliability) > 9108 (Empty Exception Block)
An invokable code block contains an exception handling block that is empty.
*
Is
Issue
Float Type Storable and Member Data Element Comparison with Equality Operator - (9138)
9001 (Default Graph) > 9120 (Reliability) > 9138 (Float Type Storable and Member Data Element Comparison with Equality Operator)
This pattern identifies situations where the floating value 1 and floating value 2 of storable or member data elements of float types, are tested for equality with regular comparison operators in the comparison control element.
*
Is
Issue
Incorrect Type Conversion or Cast - (704)
9001 (Default Graph) > 9120 (Reliability) > 704 (Incorrect Type Conversion or Cast)
This pattern identifies situations where the storable element or member element is declared with the datatype in the Create action, then updated with a value that is cast via the type cast action into the second datatype, which is incompatible with the first one.
*
Is
Issue
Initialization with Hard-Coded Network Resource Configuration Data - (9042)
9001 (Default Graph) > 9120 (Reliability) > 9042 (Initialization with Hard-Coded Network Resource Configuration Data)
The software initializes data using hard-coded values related to network configuration.
*
Is
Issue
Invokable Control Element with Variadic Parameter Element - (9062)
9001 (Default Graph) > 9120 (Reliability) > 9062 (Invokable Control Element with Variadic Parameter Element)
A named-callable or method control element has a signature that supports a variable number of parameters.
*
Ch
Characteristic
Maturity - (9114)
9001 (Default Graph) > 9120 (Reliability) > 9114 (Maturity)
Maturity is a Quality_Characteristic describing how well an entity's behaviors can reliably and sustainably produce required outcomes.
*
Is
Issue
Memory Location Access After End of Buffer - (788)
9001 (Default Graph) > 9120 (Reliability) > 788 (Memory Location Access After End of Buffer)
This pattern identifies situations where the value element is transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used as an index element to access a storable or member data element in the buffer Read or Write access action; none of the callable or method control element of the transformation sequence being a range check with regards to the buffer whose maximum size was defined in the buffer creation action.
*
Is
Issue
Missing Release of Resource after Effective Lifetime - (772)
9001 (Default Graph) > 9120 (Reliability) > 772 (Missing Release of Resource after Effective Lifetime)
This pattern identifies situations where the platform resource is allocated and assigned a unique resource handler value via the ManagesResource action, its unique resource handler value is used throughout the application, along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, none of which being a resource release statement.
*
Is
Issue
Missing Serialization Control Element - (9102)
9001 (Default Graph) > 9120 (Reliability) > 9102 (Missing Serialization Control Element)
The software contains a serializable data element that does not have an associated serialization method.
*
Is
Issue
Modules with Circular Dependencies - (9018)
9001 (Default Graph) > 9120 (Reliability) > 9018 (Modules with Circular Dependencies)
The software contains modules with circular dependencies.
*
Is
Issue
Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element - (9070)
9001 (Default Graph) > 9120 (Reliability) > 9070 (Named Callable and Method Control Element in Multi-Thread Context with non-Final Static Storable or Member Element)
This pattern identifies situations where the named callable control element or method control element owns unsafe non-final static storable or member data element while it operates in a multi-threaded environment.
*
Is
Issue
Parent Class Element with References to Child Class Element - (9087)
9001 (Default Graph) > 9120 (Reliability) > 9087 (Parent Class Element with References to Child Class Element)
This pattern identifies situations where the parent class element that is used in the 'to' association of the Extends class relation, references the child class element used in the 'from' association of the Extends class relation, directly or indirectly through parent and child class element, with the callable or data relations. The reference statement is made directly to the child class element or to any one of its own method or member elements.
*
Is
Issue
Parent Class Element without Virtual Destructor Method Element - (9147)
9001 (Default Graph) > 9120 (Reliability) > 9147 (Parent Class Element without Virtual Destructor Method Element)
This pattern identifies situations where, with languages where custom destructors can be written, the parent class element of the child class element via an Extends class relation has no virtual destructor.
*
Is
Issue
Persistent Storable Data Element without Associated Comparison Control Element - (9193)
9001 (Default Graph) > 9120 (Reliability) > 9193 (Persistent Storable Data Element without Associated Comparison Control Element)
The software uses a storable data element that does not have all of the associated control elements that are necessary to support comparison.
+
Ch
Characteristic
Recoverability - (9117)
9001 (Default Graph) > 9120 (Reliability) > 9117 (Recoverability)
Recoverability is a Quality_Characteristic describing how easily an entity returns to a desired state from unexpected situations.
*
Ch
Characteristic
Replaceability - (9051)
9001 (Default Graph) > 9120 (Reliability) > 9117 (Recoverability) > 9051 (Replaceability)
Replaceability is a Quality_Characteristic describing how easily an element can be exchanged in a given environment.
*
Ch
Characteristic
Robustness - (9163)
9001 (Default Graph) > 9120 (Reliability) > 9163 (Robustness)
Robustness is a Quality_Characteristic describing how well an entity can perform given unexpected situations.
*
Is
Issue
Runtime Resource Management Control Element in a Component Built to Run on Application Servers - (9100)
9001 (Default Graph) > 9120 (Reliability) > 9100 (Runtime Resource Management Control Element in a Component Built to Run on Application Servers)
This pattern identifies situations where the application uses deployed component from the platform deployed component list, yet uses control elements from the list of low-level resource management API.
*
Is
Issue
Serializable Data Element Containing non-Serializable Item Elements - (9110)
9001 (Default Graph) > 9120 (Reliability) > 9110 (Serializable Data Element Containing non-Serializable Item Elements)
The software contains a serializable, storable data element, but the data element contains item elements that are not serializable.
*
Is
Issue
Singleton Class Instance Creation without Proper Lock Element Management - (9192)
9001 (Default Graph) > 9120 (Reliability) > 9192 (Singleton Class Instance Creation without Proper Lock Element Management)
This pattern identifies situations where the singleton class element, that is, a class element that can be used only once in the 'to' association of a Create action, is instantiated with the Creates action element without any prior locking mechanism activation.
*
Ch
Characteristic
Stability - (9195)
9001 (Default Graph) > 9120 (Reliability) > 9195 (Stability)
Stability is a Quality_Characteristic describing how well an entity can reliably perform over a period of time.
*
Is
Issue
Storable and Member Data Element Missing Initialization - (456)
9001 (Default Graph) > 9120 (Reliability) > 456 (Storable and Member Data Element Missing Initialization)
The software contains a storable or member data element that is not initialized before it is used.
*
Is
Issue
Storable or Member Data Element containing Pointer Item Element without Proper Copy Control Element - (9194)
9001 (Default Graph) > 9120 (Reliability) > 9194 (Storable or Member Data Element containing Pointer Item Element without Proper Copy Control Element)
This pattern identifies situations where the storable data element or member data element contains the child pointer data element but has no dedicated copy operation or copy constructor element.
*
Is
Issue
Synchronous Call Time-Out Absence - (9173)
9001 (Default Graph) > 9120 (Reliability) > 9173 (Synchronous Call Time-Out Absence)
This pattern identifies situations where the synchronous call instruction is initiated but the time-out argument is not set or set to infinite time.
*
Is
Issue
Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource - (252)
9001 (Default Graph) > 9120 (Reliability) > 252 (Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource)
A named callable control element or method control element performs an action that reads, writes, or manages access to a data or platform resource, but it does not check the return parameter from the action.
*
Is
Issue
Uncontrolled Recursion - (674)
9001 (Default Graph) > 9120 (Reliability) > 674 (Uncontrolled Recursion)
This pattern identifies situations where the named callable control element or method control element features the recursive execution path.
+
Ch
Characteristic
Security - (9115)
9001 (Default Graph) > 9115 (Security)
A Quality_Characteristic describing safeguarding sensitive data from unintended actors.
*
Is
Issue
Array Index Improper Input Neutralization - (129)
9001 (Default Graph) > 9115 (Security) > 129 (Array Index Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the read or write action to access the array; none of the callable or method control element of the transformation sequence being a range check callable and method control element with regards to the array index.
*
Ch
Characteristic
Authentication - (9133)
9001 (Default Graph) > 9115 (Security) > 9133 (Authentication)
Authentication is a Quality_Characteristic describing whether an entity is what it is said to be.
*
Is
Issue
Broken or Risky Cryptographic Algorithm Usage - (327)
9001 (Default Graph) > 9115 (Security) > 327 (Broken or Risky Cryptographic Algorithm Usage)
This pattern identifies situations where the application uses the cryptographic deployed component while it is not part of the list of vetted cryptographic deployed components. As an example, FIPS 140-2 features a list of validated implementations.
*
Is
Issue
Buffer Copy without Checking Size of Input - (120)
9001 (Default Graph) > 9115 (Security) > 120 (Buffer Copy without Checking Size of Input)
This pattern identifies situations where two buffer storable elements or member elements are allocated with specific sizes in the source buffer allocation statement and target buffer allocation statement, transformed within the application via transformation sequences composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, then ultimately used by the application to move the content of the first buffer onto the content of the second buffer through the move buffer statement, while the size of the first buffer is greater than the size of the second buffer.
+
Ch
Characteristic
Compliance - (9098)
9001 (Default Graph) > 9115 (Security) > 9098 (Compliance)
Compliance is a Quality_Characteristic describing how well an entity conforms to a defined standard.
+
Ch
Characteristic
Consistency - (9065)
9001 (Default Graph) > 9115 (Security) > 9098 (Compliance) > 9065 (Consistency)
Consistency is a Quality_Characteristic describing how well an entity conforms to an undefined convention.
*
Is
Issue
Inconsistency Between Implementation and Documented Design - (9107)
9001 (Default Graph) > 9115 (Security) > 9098 (Compliance) > 9065 (Consistency) > 9107 (Inconsistency Between Implementation and Documented Design)
The implementation of the product is not consistent with the design as described within the relevant documentation.
*
Is
Issue
Inconsistent Naming Conventions for Identifiers - (9200)
9001 (Default Graph) > 9115 (Security) > 9098 (Compliance) > 9065 (Consistency) > 9200 (Inconsistent Naming Conventions for Identifiers)
The product's code, documentation, or other artifacts do not consistently use the same naming conventions for variables, callables, groups of related callables, I/O capabilities, data types, file names, or similar types of elements.
*
Ch
Characteristic
Confidentiality - (9025)
9001 (Default Graph) > 9115 (Security) > 9025 (Confidentiality)
A Quality_Characteristic describing the level of protection used to safeguard sensitive data.
*
Is
Issue
Cross-site Scripting Improper Input Neutralization - (79)
9001 (Default Graph) > 9115 (Security) > 79 (Cross-site Scripting Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the user interface WritesUI action; none of the callable or method control element of the transformation sequence being a vetted sanitization control element from the list of vetted sanitization control elements.
*
Is
Issue
Declaration of Catch for Generic Exception - (396)
9001 (Default Graph) > 9115 (Security) > 396 (Declaration of Catch for Generic Exception)
This pattern identifies situations where the named callable control element or method control element contains the catch unit which declares to catch the exception parameter whose datatype is part of the list of overly broad exception datatypes. With Java, an example is {'java.lang.Exception'}.
*
Is
Issue
Declaration of Throws for Generic Exception - (397)
9001 (Default Graph) > 9115 (Security) > 397 (Declaration of Throws for Generic Exception)
This pattern identifies situations where the named callable control element or method control element throws with the Throws action the exception parameter whose datatype is part of the list of overly broad exception datatypes. In Java, one example from this list is {'java.lang.Exception'}.
*
Is
Issue
Excessive Attack Surface - (9226)
9001 (Default Graph) > 9115 (Security) > 9226 (Excessive Attack Surface)
The product has an attack surface whose quantitative measurement exceeds a desirable maximum.
*
Is
Issue
Expired or Released Resource Usage - (672)
9001 (Default Graph) > 9115 (Security) > 672 (Expired or Released Resource Usage)
This pattern identifies situations where the platform resource is deallocated in the manages action using its unique resource handler value which is transported throughout the application via the transport sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, then used later within the application to try and access the resource in the read or write action.
*
Is
Issue
File Upload Improper Input Neutralization - (434)
9001 (Default Graph) > 9115 (Security) > 434 (File Upload Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the file upload action; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control element from the list of vetted sanitization callable and method control elements.
*
Is
Issue
Format String Improper Input Neutralization - (134)
9001 (Default Graph) > 9115 (Security) > 134 (Format String Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the formatting statement; none of the callable or method control element of the transformation sequence being a vetted sanitization control element from the list of vetted sanitization control elements.
*
Is
Issue
Hard-Coded Credentials Usage for Remote Authentication - (798)
9001 (Default Graph) > 9115 (Security) > 798 (Hard-Coded Credentials Usage for Remote Authentication)
This pattern identifies situations where a literal value is hard-coded in the application via the Write action, transported throughout the application along the sequence composed of ActionElements with DataRelations, some of which being part of named callable and method control elements, and ultimately used in the remote resource management action; the transport sequence is composed of assignment operations as updates to the value would not be considered as hard-coded (literal) any more.
*
Ch
Characteristic
Integrity - (9148)
9001 (Default Graph) > 9115 (Security) > 9148 (Integrity)
Integrity is a Quality_Characteristic describing whether data has been corrupted in transmission.
*
Is
Issue
Loop with Unreachable Exit Condition ('Infinite Loop') - (835)
9001 (Default Graph) > 9115 (Security) > 835 (Loop with Unreachable Exit Condition ('Infinite Loop'))
This pattern identifies situations where the named callable control element or method control element features the execution path whose entry element is found again in the path, while it has no path whatsoever to not return to itself and exit the recursion.
*
Is
Issue
Missing Release of Resource after Effective Lifetime - (772)
9001 (Default Graph) > 9115 (Security) > 772 (Missing Release of Resource after Effective Lifetime)
This pattern identifies situations where the platform resource is allocated and assigned a unique resource handler value via the ManagesResource action, its unique resource handler value is used throughout the application, along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, none of which being a resource release statement.
*
Is
Issue
Name or Reference Resolution Improper Input Neutralization - (99)
9001 (Default Graph) > 9115 (Security) > 99 (Name or Reference Resolution Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the platform action to access a resource by its name; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control elements from the list of vetted sanitization callable and method control elements.
*
Ch
Characteristic
Non-repudiation - (9009)
9001 (Default Graph) > 9115 (Security) > 9009 (Non-repudiation)
Non-repudiation is a Quality_Characteristic describing whether data has been verified against its source.
*
Is
Issue
Numeric Types Incorrect Conversion - (681)
9001 (Default Graph) > 9115 (Security) > 681 (Numeric Types Incorrect Conversion)
This pattern identifies situations where the storable element or member element is declared with the numerical datatype in the Create action, then updated with a value which is cast via the type cast action into the second numerical datatype, which is incompatible with the first one.
*
Is
Issue
OS Command Injection Improper Input Neutralization - (78)
9001 (Default Graph) > 9115 (Security) > 78 (OS Command Injection Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the platform action to be executed by the execution environment; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control element from the list of vetted sanitization callable and method control elements.
*
Is
Issue
Path Traversal Improper Input Neutralization - (22)
9001 (Default Graph) > 9115 (Security) > 22 (Path Traversal Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the file path creation statement; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control element from the list of vetted sanitization control elements.
*
Is
Issue
SQL Injection Improper Input Neutralization - (89)
9001 (Default Graph) > 9115 (Security) > 89 (SQL Injection Improper Input Neutralization)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the SQL compilation statement; none of the callable or method control element of the transformation sequence being a vetted sanitization callable and method control elements from the list of vetted sanitization control elements.
*
Is
Issue
Shared Resource Improper Locking - (667)
9001 (Default Graph) > 9115 (Security) > 667 (Shared Resource Improper Locking)
This pattern identifies situations where the shared storable data element or member data element, declared with the Create action, is accessed outside a critical section of the application via the Read or Write action. The critical nature of the section is technology and platform dependent. As examples, in C/C++, critical nature comes from the use of 'mtx_lock' and 'mtx_unlock' from the 'threads.h' standard C language API, or from the use of 'pthread_mutex_lock' and 'pthread_mutex_unlock' from the 'pthreads.h' C/C++ POSIX API, or from the use of 'EnterCriticalSection' and 'LeaveCriticalSection' from the 'windows.h' C/C++ Win32 API. As other examples, in Java, critical nature comes from the use of the 'synchronized' keyword, and in C#, critical nature comes from the use of the 'lock' keyword.
*
Is
Issue
Storable and Member Data Element Missing Initialization - (456)
9001 (Default Graph) > 9115 (Security) > 456 (Storable and Member Data Element Missing Initialization)
The software contains a storable or member data element that is not initialized before it is used.
+
Ch
Characteristic
Structuredness - (9099)
9001 (Default Graph) > 9115 (Security) > 9099 (Structuredness)
Structuredness is a Quality_Characteristic describing how well an entity conforms to a given arrangement or partition.
+
Ch
Characteristic
Consistency - (9065)
9001 (Default Graph) > 9115 (Security) > 9099 (Structuredness) > 9065 (Consistency)
Consistency is a Quality_Characteristic describing how well an entity conforms to an undefined convention.
*
Is
Issue
Inconsistency Between Implementation and Documented Design - (9107)
9001 (Default Graph) > 9115 (Security) > 9099 (Structuredness) > 9065 (Consistency) > 9107 (Inconsistency Between Implementation and Documented Design)
The implementation of the product is not consistent with the design as described within the relevant documentation.
*
Is
Issue
Inconsistent Naming Conventions for Identifiers - (9200)
9001 (Default Graph) > 9115 (Security) > 9099 (Structuredness) > 9065 (Consistency) > 9200 (Inconsistent Naming Conventions for Identifiers)
The product's code, documentation, or other artifacts do not consistently use the same naming conventions for variables, callables, groups of related callables, I/O capabilities, data types, file names, or similar types of elements.
*
Is
Issue
Unchecked Input for Loop Condition - (606)
9001 (Default Graph) > 9115 (Security) > 606 (Unchecked Input for Loop Condition)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used in the loop condition statement; none of the callable or method control element of the transformation sequence being a range check control element
*
Is
Issue
Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource - (252)
9001 (Default Graph) > 9115 (Security) > 252 (Unchecked Return Parameter Value of Invokable Control Element with Read, Write, and Manage Access to Platform or Data Resource)
A named callable control element or method control element performs an action that reads, writes, or manages access to a data or platform resource, but it does not check the return parameter from the action.
*
Is
Issue
Uncontrolled Memory Allocation - (789)
9001 (Default Graph) > 9115 (Security) > 789 (Uncontrolled Memory Allocation)
This pattern identifies situations where an external value is entered into the application through the user interface ReadsUI action, transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used as an index element to access a storable or member data element in the buffer Read or Write access action; none of the callable or method control element of the transformation sequence being a range check with regards to the 'Buffer' buffer that whose maximum size was defined in the buffer creation action.
Page Last Updated or Reviewed: October 01, 2017