Why you and your organisation should care about code quality
Code quality is defined as a set of characteristics of a piece of code, generally related to the code’s reliability, maintainability and security. Most of these characteristics do not directly relate to what the code does, but they do strongly influence how an end-user perceives the code.
Not prioritizing code quality can lead to several problems within a software product:
In the table below we find the three most important quality characteristics of the ISO25010 for Software Product Quality, with their sub-characteristics.
| Reliability | Maintainability | Security |
|---|---|---|
| Availability | Modularity | Confidentiality |
| Fault tolerance | Reusability | Integrity |
| Recoverability | Analyzeability | Non-repudiation |
| Faultlessness | Modifiability | Accountability |
| Testability | Authenticity | |
| Resistance |
The ISO 25010 provides us with a great starting point. Unfortunately, the standard does not specify how to measure these characteristics and their sub-characteristics in practice. It also does not provide any scales or models to determine whether code is of a sufficient level of quality for a given purpose.
Luckily, there are plenty of tools out there that can measure sub-sets of the ISO25010. When these tools are combined in the correct way, they paint a clear picture on whether code quality is high or not. For example, some tools can help with automatically checking coding standards, tools that help keep code complexity in check, and tools that help prevent code duplication. Combine the results of these tools and you can get interesting insights on how maintainable your code is.
When it comes to monitoring and improving code quality, we generally define different levels of code quality maturity within an organization. You can find a full overview of the levels, and what action to take to make your organization more code quality mature here.
High code quality is not just a nice-to-have for engineers but positvely affects the entire organization. Features can be developed faster and engineers are happier due to more maintainable code. Increased reliability leads to fewer crashes in the field and happier customers. Improved insight into security vulnerabilities allows engineers to act accordingly. These factors lead to a high-performance development organization. Take TomTom for example: they saw their developer productivity almost triple after implementing a code quality framework.
To get started with code quality, there are many different solutions to choose from. If you are working in a small organization, we would always recommend starting with a tool like SonarQube. These tools allow for basic measuring of code quality metrics like duplication, complexity and code coverage. For larger organizations, we often see that off-the-shelf solutions cannot handle very complex development landscapes very well, and customization would be needed. For those situations, we would recommend taking a look at our TiCS Framework which we can customize according to every organization’s needs.
Code quality is related to aspects of the code that do not influence the functionality of the code, but do have an impact on the way your end-user experiences your software product. Aspects like reliability, maintainability and security are important. But it’s not only your end-user who benefits: integrating code quality into your processes also enables your development organization to be more productive. If you’re interested in how we measure code quality, you can request a free, on-prem Proof-of-Concept for one of your organization’s projects.