This documentation is not maintained. Please refer to doc.castsoftware.com/technologies to find the latest updates.

Extension ID

com.castsoftware.cisq-index

Description

This extension will compute CISQ Quality Software Characteristic Measures as Business Criteria and CISQ Measure Elements as Technical Criteria. All CAST rules that are tagged with a CISQ related tag will contribute to the various CISQ Measure Elements / CISQ Quality Software Characteristic Measures thereby allowing specific grades and rule violations to be reported.

Compatibility

ProductReleaseSupported
CAST Imaging Core≥ 8.3.24(tick)

CAST Engineering Dashboard

≥ 1.5(tick)
CAST Health Dashboard≥ 1.17(tick)
CAST Security Dashboard≥ 1.18(tick)

CISQ version

VersionSupported
1.0 (December 2016)(tick)

Download and installation instructions

The extension will not be automatically downloaded and installed in CAST Imaging Console. If you need to use it, should manually install the extension.

Configuration requirements

Generate a snapshot

A new snapshot must be generated (after the extension is installed) before results can be viewed. If you do not immediately see changes in the dashboard, please consider restarting Apache Tomcat and/or emptying your browser cache.

Engineering Dashboard

Out of the box, no tiles will be provided to display data for this extension, however it is possible to create tiles manually to display Violation data using the Industry Standard/s tile plugin in v. ≥ 1.18 of the Engineering Dashboard. See Engineering Dashboard tile management for more information:

Clicking on the tile navigates to Risk investigation view and the specified Industry Standard will be selected in the Health Factor table.

Health Dashboard

Out of the box, no tiles will be provided to display data for this extension, however it is possible to create tiles manually to display Grade, Compliance, and Violation data directly from this extension using the Industry Standard/s tile plugin in v. ≥ 1.17 of the Health Dashboard. See Health Dashboard tile management for more information:

Clicking on any of these tiles will display a list of the rules that have been tagged with the specified standard as provided by the extension. Compliance percentage is also displayed in a "bubble":

Compliance grade at Application level with compliance percentage displayed in a "bubble"

Compliance grade at Portfolio level

Example for cmp.json / cmp-ISO.json

Configuration to create a "gauge" tile at portfolio level (multi-app level) to show a "parent" CISQ-Security Business Criterion tile:

{
  "id": 1234,
  "plugin": "IndustryStandards",
  "color": "black",
  "parameters": {
	"type": "CISQ",
    "title": "CISQ-Security",
    "widget": "gauge",
    "industryStandard": {
		"id": "1062166",
		"indexID": "1062100",
		"mode": "grade",
		"format": "0.00",
		"description": "CISQ-Security in grade format"
    }
  }
}

Example for app.json

Configuration to create a "number of violations" tile at application level (single app level) to show a CISQ-Security Business Criterion tile:

{
  "id": 1236,
  "plugin": "IndustryStandard",
  "color": "orange",
  "parameters": {
	"type": "CISQ",    
	"title": "CISQ-Security",
    "industryStandard": {
		"id": "1062166",
		"indexID": "1062100",
		"mode": "violations",
		"format": "0,000",
		"description": "CISQ-Security in number of violations format" 
    }
  }
}

Security Dashboard

Out of the box, no tiles will be provided to display data for this extension, however it is possible to create tiles manually to display Violation data using the Industry Standard/s tile plugin in v. ≥ 1.18 of the Security Dashboard. The tile configuration is identical to that described for the Engineering Dashboard, see Engineering Dashboard tile management for more information:

Clicking on the tile navigates to Security Dashboard - Risk Investigation and the specified Industry Standard will be selected in the Health Factor table.

What results can you expect?

Once the analysis/snapshot generation has completed, you can view the results:

Assessment Model

Various Business and Technical Criteria will be added by the extension:

CISQ-Index

IDNameType
1062100CISQ-IndexBusiness Criterion
Note that the CISQ-Index Business Criterion has all Technical Criteria listed below as contributors.

CISQ-Maintainability

IDNameType
1062101CISQ-MaintainabilityBusiness Criterion
1062110ASCMM-MNT-1Technical Criterion
1062121ASCMM-MNT-2Technical Criterion
1062123ASCMM-MNT-3Technical Criterion
1062124ASCMM-MNT-4Technical Criterion
1062125ASCMM-MNT-5Technical Criterion
1062126ASCMM-MNT-6Technical Criterion
1062127ASCMM-MNT-7Technical Criterion
1062128ASCMM-MNT-8Technical Criterion
1062129ASCMM-MNT-9Technical Criterion
1062111ASCMM-MNT-10Technical Criterion
1062112ASCMM-MNT-11Technical Criterion
1062113ASCMM-MNT-12Technical Criterion
1062114ASCMM-MNT-13Technical Criterion
1062115ASCMM-MNT-14Technical Criterion
1062116ASCMM-MNT-15Technical Criterion
1062117ASCMM-MNT-16Technical Criterion
1062118ASCMM-MNT-17Technical Criterion
1062119ASCMM-MNT-18Technical Criterion
1062120ASCMM-MNT-19Technical Criterion
1062122

ASCMM-MNT-20

Technical Criterion

CISQ-Performance-Efficiency

IDNameType
1062102CISQ-Performance-EfficiencyBusiness Criterion
1062130ASCPEM-PRF-1Technical Criterion
1062137ASCPEM-PRF-2Technical Criterion
1062138ASCPEM-PRF-3Technical Criterion
1062139ASCPEM-PRF-4Technical Criterion
1062140ASCPEM-PRF-5Technical Criterion
1062141ASCPEM-PRF-6Technical Criterion
1062142ASCPEM-PRF-7Technical Criterion
1062143ASCPEM-PRF-8Technical Criterion
1062144ASCPEM-PRF-9Technical Criterion
1062131ASCPEM-PRF-10Technical Criterion
1062132ASCPEM-PRF-11Technical Criterion
1062133ASCPEM-PRF-12Technical Criterion
1062134ASCPEM-PRF-13Technical Criterion
1062135ASCPEM-PRF-14Technical Criterion
1062136ASCPEM-PRF-15Technical Criterion

CISQ-Reliability

IDNameType
1062103CISQ-ReliabilityBusiness Criterion
1062145ASCRM-CWE-120Technical Criterion
1062146ASCRM-CWE-252-dataTechnical Criterion
1062147ASCRM-CWE-252-resourceTechnical Criterion
1062148ASCRM-CWE-396Technical Criterion
1062149ASCRM-CWE-397Technical Criterion
1062150ASCRM-CWE-456Technical Criterion
1062151ASCRM-CWE-674Technical Criterion
1062152ASCRM-CWE-704Technical Criterion
1062153ASCRM-CWE-772Technical Criterion
1062154ASCRM-CWE-788Technical Criterion
1062155ASCRM-RLB-1Technical Criterion
1062166ASCRM-RLB-2Technical Criterion
1062167ASCRM-RLB-3Technical Criterion
1062168ASCRM-RLB-4Technical Criterion
1062169ASCRM-RLB-5Technical Criterion
1062170ASCRM-RLB-6Technical Criterion
1062171ASCRM-RLB-7Technical Criterion
1062172ASCRM-RLB-8Technical Criterion
1062173ASCRM-RLB-9Technical Criterion
1062156ASCRM-RLB-10Technical Criterion
1062157ASCRM-RLB-11Technical Criterion
1062158ASCRM-RLB-12Technical Criterion
1062159ASCRM-RLB-13Technical Criterion
1062160ASCRM-RLB-14Technical Criterion
1062161ASCRM-RLB-15Technical Criterion
1062162ASCRM-RLB-16Technical Criterion
1062163ASCRM-RLB-17Technical Criterion
1062164ASCRM-RLB-18Technical Criterion
1062165ASCRM-RLB-19Technical Criterion

CISQ-Security

IDNameType
1062166CISQ-SecurityBusiness Criterion
1062177ASCSM-CWE-22Technical Criterion
1062189ASCSM-CWE-78Technical Criterion
1062191ASCSM-CWE-79Technical Criterion
1062194ASCSM-CWE-89

Technical Criterion

1062195ASCSM-CWE-99Technical Criterion
1062174ASCSM-CWE-120Technical Criterion
1062175ASCSM-CWE-129Technical Criterion
1062176ASCSM-CWE-134Technical Criterion
1062178ASCSM-CWE-252-resourceTechnical Criterion
1062179ASCSM-CWE-327Technical Criterion
1062180ASCSM-CWE-396Technical Criterion
1062181ASCSM-CWE-397Technical Criterion
1062182ASCSM-CWE-434Technical Criterion
1062183ASCSM-CWE-456Technical Criterion
1062184ASCSM-CWE-606Technical Criterion
1062185ASCSM-CWE-667Technical Criterion
1062186ASCSM-CWE-672Technical Criterion
1062187ASCSM-CWE-681Technical Criterion
1062188ASCSM-CWE-772Technical Criterion
1062190ASCSM-CWE-789Technical Criterion
1062192ASCSM-CWE-798Technical Criterion
1062193ASCSM-CWE-835Technical Criterion

Engineering Dashboard

In ≥ 1.18.0 out of the box, results are displayed in a specific interface - click the CISQ Assessment Model option to view the results:

Health Dashboard

Out of the box, no results are provided. Tiles can be configured manually as described above.

Security Dashboard

Out of the box, results are displayed in a specific interface - click the CISQ Assessment Model option (after clicking the Risk Investigation tile in the Application home page) to view the results:

Only the CISQ-Security Business Criterion will be available (due to the default filtering implemented in the Security Dashboard):

RestAPI

The RestAPI can be used to query both the Dashboard (AED) and Measurement (AAD) schemas for results, for example: