Extension ID
com.castsoftware.cisq-index
Description
This extension will compute CISQ Quality Software Characteristic Measures as Business Criteria and CISQ Measure Elements as Technical Criteria. All CAST rules that are tagged with a CISQ related tag will contribute to the various CISQ Measure Elements / CISQ Quality Software Characteristic Measures thereby allowing specific grades and rule violations to be reported.
Compatibility
| Product | Release | Supported |
|---|---|---|
| CAST Imaging Core | ≥ 8.3.24 |  |
CAST Engineering Dashboard | ≥ 1.5 | |
| CAST Health Dashboard | ≥ 1.17 | |
| CAST Security Dashboard | ≥ 1.18 | |
CISQ version
| Version | Supported |
|---|---|
| 1.0 (December 2016) | |
Download and installation instructions
The extension will not be automatically downloaded and installed in CAST Imaging Console. If you need to use it, should manually install the extension.
Configuration requirements
Generate a snapshot
A new snapshot must be generated (after the extension is installed) before results can be viewed. If you do not immediately see changes in the dashboard, please consider restarting Apache Tomcat and/or emptying your browser cache.
Engineering Dashboard
Out of the box, no tiles will be provided to display data for this extension, however it is possible to create tiles manually to display Violation data using the Industry Standard/s tile plugin in v. ≥ 1.18 of the Engineering Dashboard. See Engineering Dashboard tile management for more information:
Clicking on the tile navigates to Risk investigation view and the specified Industry Standard will be selected in the Health Factor table.
Health Dashboard
Out of the box, no tiles will be provided to display data for this extension, however it is possible to create tiles manually to display Grade, Compliance, and Violation data directly from this extension using the Industry Standard/s tile plugin in v. ≥ 1.17 of the Health Dashboard. See Health Dashboard tile management for more information:
Clicking on any of these tiles will display a list of the rules that have been tagged with the specified standard as provided by the extension. Compliance percentage is also displayed in a "bubble":
Compliance grade at Application level with compliance percentage displayed in a "bubble"
Compliance grade at Portfolio level
Example for cmp.json / cmp-ISO.json
Configuration to create a "gauge" tile at portfolio level (multi-app level) to show a "parent" CISQ-Security Business Criterion tile:
{
"id": 1234,
"plugin": "IndustryStandards",
"color": "black",
"parameters": {
"type": "CISQ",
"title": "CISQ-Security",
"widget": "gauge",
"industryStandard": {
"id": "1062166",
"indexID": "1062100",
"mode": "grade",
"format": "0.00",
"description": "CISQ-Security in grade format"
}
}
}
Example for app.json
Configuration to create a "number of violations" tile at application level (single app level) to show a CISQ-Security Business Criterion tile:
{
"id": 1236,
"plugin": "IndustryStandard",
"color": "orange",
"parameters": {
"type": "CISQ",
"title": "CISQ-Security",
"industryStandard": {
"id": "1062166",
"indexID": "1062100",
"mode": "violations",
"format": "0,000",
"description": "CISQ-Security in number of violations format"
}
}
}
Security Dashboard
Out of the box, no tiles will be provided to display data for this extension, however it is possible to create tiles manually to display Violation data using the Industry Standard/s tile plugin in v. ≥ 1.18 of the Security Dashboard. The tile configuration is identical to that described for the Engineering Dashboard, see Engineering Dashboard tile management for more information:
Clicking on the tile navigates to Security Dashboard - Risk Investigation and the specified Industry Standard will be selected in the Health Factor table.
What results can you expect?
Once the analysis/snapshot generation has completed, you can view the results:
Assessment Model
Various Business and Technical Criteria will be added by the extension:
CISQ-Index
| ID | Name | Type |
|---|---|---|
| 1062100 | CISQ-Index | Business Criterion |
CISQ-Maintainability
| ID | Name | Type |
|---|---|---|
| 1062101 | CISQ-Maintainability | Business Criterion |
| 1062110 | ASCMM-MNT-1 | Technical Criterion |
| 1062121 | ASCMM-MNT-2 | Technical Criterion |
| 1062123 | ASCMM-MNT-3 | Technical Criterion |
| 1062124 | ASCMM-MNT-4 | Technical Criterion |
| 1062125 | ASCMM-MNT-5 | Technical Criterion |
| 1062126 | ASCMM-MNT-6 | Technical Criterion |
| 1062127 | ASCMM-MNT-7 | Technical Criterion |
| 1062128 | ASCMM-MNT-8 | Technical Criterion |
| 1062129 | ASCMM-MNT-9 | Technical Criterion |
| 1062111 | ASCMM-MNT-10 | Technical Criterion |
| 1062112 | ASCMM-MNT-11 | Technical Criterion |
| 1062113 | ASCMM-MNT-12 | Technical Criterion |
| 1062114 | ASCMM-MNT-13 | Technical Criterion |
| 1062115 | ASCMM-MNT-14 | Technical Criterion |
| 1062116 | ASCMM-MNT-15 | Technical Criterion |
| 1062117 | ASCMM-MNT-16 | Technical Criterion |
| 1062118 | ASCMM-MNT-17 | Technical Criterion |
| 1062119 | ASCMM-MNT-18 | Technical Criterion |
| 1062120 | ASCMM-MNT-19 | Technical Criterion |
| 1062122 | ASCMM-MNT-20 | Technical Criterion |
CISQ-Performance-Efficiency
| ID | Name | Type |
|---|---|---|
| 1062102 | CISQ-Performance-Efficiency | Business Criterion |
| 1062130 | ASCPEM-PRF-1 | Technical Criterion |
| 1062137 | ASCPEM-PRF-2 | Technical Criterion |
| 1062138 | ASCPEM-PRF-3 | Technical Criterion |
| 1062139 | ASCPEM-PRF-4 | Technical Criterion |
| 1062140 | ASCPEM-PRF-5 | Technical Criterion |
| 1062141 | ASCPEM-PRF-6 | Technical Criterion |
| 1062142 | ASCPEM-PRF-7 | Technical Criterion |
| 1062143 | ASCPEM-PRF-8 | Technical Criterion |
| 1062144 | ASCPEM-PRF-9 | Technical Criterion |
| 1062131 | ASCPEM-PRF-10 | Technical Criterion |
| 1062132 | ASCPEM-PRF-11 | Technical Criterion |
| 1062133 | ASCPEM-PRF-12 | Technical Criterion |
| 1062134 | ASCPEM-PRF-13 | Technical Criterion |
| 1062135 | ASCPEM-PRF-14 | Technical Criterion |
| 1062136 | ASCPEM-PRF-15 | Technical Criterion |
CISQ-Reliability
| ID | Name | Type |
|---|---|---|
| 1062103 | CISQ-Reliability | Business Criterion |
| 1062145 | ASCRM-CWE-120 | Technical Criterion |
| 1062146 | ASCRM-CWE-252-data | Technical Criterion |
| 1062147 | ASCRM-CWE-252-resource | Technical Criterion |
| 1062148 | ASCRM-CWE-396 | Technical Criterion |
| 1062149 | ASCRM-CWE-397 | Technical Criterion |
| 1062150 | ASCRM-CWE-456 | Technical Criterion |
| 1062151 | ASCRM-CWE-674 | Technical Criterion |
| 1062152 | ASCRM-CWE-704 | Technical Criterion |
| 1062153 | ASCRM-CWE-772 | Technical Criterion |
| 1062154 | ASCRM-CWE-788 | Technical Criterion |
| 1062155 | ASCRM-RLB-1 | Technical Criterion |
| 1062166 | ASCRM-RLB-2 | Technical Criterion |
| 1062167 | ASCRM-RLB-3 | Technical Criterion |
| 1062168 | ASCRM-RLB-4 | Technical Criterion |
| 1062169 | ASCRM-RLB-5 | Technical Criterion |
| 1062170 | ASCRM-RLB-6 | Technical Criterion |
| 1062171 | ASCRM-RLB-7 | Technical Criterion |
| 1062172 | ASCRM-RLB-8 | Technical Criterion |
| 1062173 | ASCRM-RLB-9 | Technical Criterion |
| 1062156 | ASCRM-RLB-10 | Technical Criterion |
| 1062157 | ASCRM-RLB-11 | Technical Criterion |
| 1062158 | ASCRM-RLB-12 | Technical Criterion |
| 1062159 | ASCRM-RLB-13 | Technical Criterion |
| 1062160 | ASCRM-RLB-14 | Technical Criterion |
| 1062161 | ASCRM-RLB-15 | Technical Criterion |
| 1062162 | ASCRM-RLB-16 | Technical Criterion |
| 1062163 | ASCRM-RLB-17 | Technical Criterion |
| 1062164 | ASCRM-RLB-18 | Technical Criterion |
| 1062165 | ASCRM-RLB-19 | Technical Criterion |
CISQ-Security
| ID | Name | Type |
|---|---|---|
| 1062166 | CISQ-Security | Business Criterion |
| 1062177 | ASCSM-CWE-22 | Technical Criterion |
| 1062189 | ASCSM-CWE-78 | Technical Criterion |
| 1062191 | ASCSM-CWE-79 | Technical Criterion |
| 1062194 | ASCSM-CWE-89 | Technical Criterion |
| 1062195 | ASCSM-CWE-99 | Technical Criterion |
| 1062174 | ASCSM-CWE-120 | Technical Criterion |
| 1062175 | ASCSM-CWE-129 | Technical Criterion |
| 1062176 | ASCSM-CWE-134 | Technical Criterion |
| 1062178 | ASCSM-CWE-252-resource | Technical Criterion |
| 1062179 | ASCSM-CWE-327 | Technical Criterion |
| 1062180 | ASCSM-CWE-396 | Technical Criterion |
| 1062181 | ASCSM-CWE-397 | Technical Criterion |
| 1062182 | ASCSM-CWE-434 | Technical Criterion |
| 1062183 | ASCSM-CWE-456 | Technical Criterion |
| 1062184 | ASCSM-CWE-606 | Technical Criterion |
| 1062185 | ASCSM-CWE-667 | Technical Criterion |
| 1062186 | ASCSM-CWE-672 | Technical Criterion |
| 1062187 | ASCSM-CWE-681 | Technical Criterion |
| 1062188 | ASCSM-CWE-772 | Technical Criterion |
| 1062190 | ASCSM-CWE-789 | Technical Criterion |
| 1062192 | ASCSM-CWE-798 | Technical Criterion |
| 1062193 | ASCSM-CWE-835 | Technical Criterion |
Engineering Dashboard
In ≥ 1.18.0 out of the box, results are displayed in a specific interface - click the CISQ Assessment Model option to view the results:
Health Dashboard
Out of the box, no results are provided. Tiles can be configured manually as described above.
Security Dashboard
Out of the box, results are displayed in a specific interface - click the CISQ Assessment Model option (after clicking the Risk Investigation tile in the Application home page) to view the results:
Only the CISQ-Security Business Criterion will be available (due to the default filtering implemented in the Security Dashboard):
RestAPI
The RestAPI can be used to query both the Dashboard (AED) and Measurement (AAD) schemas for results, for example:
