cast metrix 640

This paper focuses on incorporating Structural Quality Metrics derived from static code analysis into outsourcing Service Level Agreements (SLAs) to build a transparent and healthy relationship with the service providers, while maintaining visibility and control over the outsourced applications to mitigate any potential risks. Content of the document may be used to build a technical addendum as part of a Master Agreement “Software Quality of Deliverables” or “Acceptance Criteria” section.

Software Structural Quality Metrics For SLAs

Companies have historically made services providers account- able for the quality of delivered products and services, primarily by incorporating metrics on project quality (schedule adherence, change management, etc.) and process quality (methodologies) into their SLAs. While it might seem obvious to hold outsourced teams accountable for the intrinsic quality of the product itself, this measure has typically been ignored in SLAs, primarily due to the lack of effective tools to measure product quality in a comprehensive way.

Static code analysis enables au- tomated, continual and objective assessment of the structural quality of applications being de- livered from service providers.
There are primarily three cat- egories of outputs, representing a combination of higher-level and lower-level structural quality metrics of software that can be incorporated into SLAs to achieve a specific business need or objec- tive: Quality Indices, Application- Specific Rules and Productivity.

Quality Indices

Static code analysis solutions parse source code and identify code patterns (rules) that could lead to potential defects. By cat- egorizing these improper code patterns into application health factors such as Security, Performance, Robustness, Changeability and Transferability, you can aggregate the results and assign a specific value to each category. Figure 1 provides an example of how rules can be aggregated to form meaningful metrics.
Ideally, you should analyze your applications for a minimum of two to three releases and use the average scores as a baseline for each of these health factors. You can then set targets to monitor the overall health of the application over time.


Read the entire article in the latest special edition of The Outsourcing Journal including the topics:

  • Application Specific Rules
  • Productivity
  • Best Practices for Incorpo- rating Structural Quality Metrics into SLAs
  • Definitions
  • Introducing Structural Quality Metrics into an SLA
  • Roles and Responsibilities
  • Measurement Process
  • Quality Model Change Manage- ment Process
  • Review and Update Thresholds and Objectives
  • Selecting the Right Static Code Analysis Platform

> Download PDF issue here for free (pages 62-67)


About the author: Jay Sappidi is a Sr. Director of CAST Research Labs at CAST and is responsible for researching industry trends in application structural quality and benchmarking services. He has over 15 years of experience focusing on product management, consulting, outsourced and off-shore application development. Prior to CAST, Jay worked at Deloitte Con-sulting as a management consultant in the Strategy and Operations group where he helped companies with their corporate, marketing, operations, and IT strategies. Jay earned his bachelor’s degree from Birla Institute of Technology and Science, Pilani, India, and an MBA from MIT Sloan School of Management.

About CAST: CAST ist Wegbereiter und Weltmarktführer auf dem Gebiet der Softwareanalyse und -messung. Mit Investitionen von mehr als 90 Millionen Dollar in Forschung und Entwicklung erarbeitete CAST eine Lösung, die dem IT-Management transparenten Einblick in Anwendungsentwicklung und Outsourcing auf der Basis objektiver, faktenbasierter Entscheidungsgrundlagen verschafft. Mehr als 250 Unternehmen weltweit vertrauen branchenübergreifend auf CAST, um Betriebsunterbrechungen zu verhindern und ITKosten zu senken. Bei führenden, global operierenden IT- Dienstleistern ist CAST fester Bestandteil des Portfolios zur Softwarebereitstellung und -wartung. CAST wurde 1990 gegründet und ist an der NYSE-Euronext notiert (Euronext: CAST). Das Unternehmen bedient Kunden auf der ganzen Welt über ein Netzwerk von Niederlassungen in Nordamerika, Europa und Indien. Weitere Informationen über CAST:

• Website: 
• Blog: 
• Twitter: 

Text und Bild: CAST

CAST Software is Knowledge Partner of the German Austrian Swiss Outsourcing Association and The Outsourcing Journal