Page tree
Skip to end of metadata
Go to start of metadata

Error rendering macro 'redirect'

Invalid URL: "CISQ - CWE - OWASP rules". Please provide a valid URL to redirect to.

Overview and objectives

This documentation contains information on the support of the OMG's Automated Source Code Measurement Standards based on the CISQ Quality Rules (See The specification for each Characteristics is available at the following locations:

The support of the OMG's Standards is described for each main technologies supported by CAST AIP, meaning that AIP Quality Rules shared between several technologies are mentioned multiple times.

It is presented in tables through the following columns:

  • OMG Characteristic
  • OMG Rule Id and Name
  • Rule Levels: See below.
  • AIP Quality Rule Id: Contains either the AIP Quality Rule Id that covers the OMG Rule, "N/A" if the OMG Rule is not applicable to the technology, or '-' if no corresponding AIP Quality Rule is currently available.
  • AIP Quality Rule Name
  • Description of coverage: Description of the coverage that is provided by the AIP Quality Rule with regards to the OMG specification.

Some OMG Rules can be implemented by defining an architecture model with the CAST Architecture Checker tool. Indications are provided on the way the model can be created.

Explanation of the Rule Levels

The levels of each rule indicate what is the scope of impact of each of the detected fault :

  • Unit level: The rule impacts only a local part of the application code, inside a given function/method/class, but will not imply correction outside it.
  • Technology level: The rule involves interactions between several components of a given language or architectural layer.
  • System level: The rule has impacts which cross boundaries between languages and/or architectural layers. For instance, it involves both the application code and the data access layer.

A given rule can belong to several levels, since it can occurs in different contexts.



  • No labels