Book a demo
BOOK A DEMO
16.10.2025
Reading time: 5-8 minutes

How to measure code quality

Software Improvement Group

In this article​

Summary

Code quality is best understood through the lens of maintainability—the ease with which a system can be changed, improved, or fixed. Just like a well-built house is easier to renovate, a well-structured codebase supports safe, efficient development over time.

Maintainability isn’t abstract: it can be measured, benchmarked, and improved. And doing so has clear benefits—lower costs, faster delivery, better security, and more innovation capacity.

Yet, many systems today fall short. Nearly half of software systems don’t meet recommended maintainability standards, exposing organizations to unnecessary risk and cost.

Key takeaways

Maintainability is a core aspect of software quality, and is defined in the ISO/IEC 25010 standard with five sub-characteristics:

  • Analyzability – How easily can you understand what’s going on in the code?
  • Modularity – Are components separated in a way that supports independent change?
  • Modifiability – Can you make changes without breaking other parts?
  • Testability – Can changes be validated with clear, effective tests?
  • Reusability – Can components be repurposed efficiently?

Practical measurement relies on tracking specific, tangible properties of codebases—like duplication, complexity, module coupling, and code volume.

The goal isn’t just metrics, but insight. Raw data only becomes valuable when it leads to informed, strategic decisions about where to improve.

What is maintainability and why measuring it matters

In a nutshell, maintainability is how effectively and efficiently a system can be modified to improve it, correct it, or adapt it to change. At Software Improvement Group we often refer to it as ‘build quality’.

Let’s explain with an analogy.

Consider a software system to be like your home. When it’s constructed properly and has right angles, it’s simple to hang artwork, insert a window, or even expand it. There’s no need to strengthen anything or worry about uneven walls—everything is just straight and strong. The maintainability of your home reflects how straightforward it is to repair, enhance, and comprehend. This principle applies equally to your source code.

Luckily, maintainability isn’t binary, and it can be measured on a scale. And the benefits are clear. Having a high maintainability rating has proven to lower risk and cost, speed up delivery, make your systems more secure, and increase innovation capacity.

Based on these benefits, you would probably assume maintainability is a high priority for many organizations.

However, reality paints a different picture.

Our latest State of Software report shows that 44% of systems fall below our recommended maintainability rating, which needlessly increases costs, risks, and lowers productivity.

Infographic showing a 44% maintainability rating, with four out of five stars.

Maintainability in ISO/IEC 25010 (the global standard)

Before diving into what the ISO/IEC 25010 stands for and how it is related to maintainability, let’s quickly define what ISO/IEC stands for.

What is ISO/IEC?

ISO and IEC are international organizations that develop and publish standards to ensure the safety, quality, and efficiency of products, services, and systems. The International Organization for Standardization (ISO) sets standards for a wide range of industries, while the International Electrotechnical Commission (IEC) focuses specifically on electrical, electronic, and related technologies.

What are the software maintainability sub characteristics in ISO/IEC 25010?

The interesting thing here is that while the ISO 25010 standard defines maintainability with 5 sub-characteristics:

1. Analyzability

This is about how easily you can diagnose issues, identify what needs to be changed, or assess the impact of proposed changes. Basically, can you understand what’s going on in your code?

2. Modularity

Modularity is all about how well your system is broken down into discrete components that can be changed independently without affecting other parts.

3. Modifiability

This measures how effectively you can actually implement modifications without introducing defects or degrading quality.

4. Testability

This covers how well you can establish test criteria and run tests to validate that changes will work as intended.

5. Reusability

This looks at how well components or assets from your system can be used in other systems or different parts of the same system.

How Software Improvement Group measures maintainability

At Software Improvement Group, we measure maintainability using a 1–5 star model grounded in source-code facts and validated across industries. The model uses a TÜViT-certified dataset representing the global market, so scores are comparable and audit-ready.

Software Improvement Group’s TÜViT-Certified Maintainability Model

Our SIG/TÜViT Evaluation Criteria for Trusted Product Maintainability provides a certified mapping from ISO 25010’s abstract sub-characteristics to 9 measurable system properties in source code: Volume, unit size, duplication, unit complexity, module coupling, unit interfacing, component balance, component independence, and component entanglement.

This certification is validated by TÜViT.

What is TÜVIT?

TÜVIT is a renowned IT service provider and an independent testing institute for IT security and cyber security in digitalization. Because our model is certified by this independent testing authority, we can ensure that our 1-5 star ratings are objective, repeatable, and audit-ready across any technology stack.

This is a mockup image of two people looking at code on a laptop in an office setting.

The 8 key software maintainability metrics to track

To help teams focus on what to track and improve more precisely, our model maps 8 specific system properties to the 5 sub characteristics of the ISO 25010 standard for Maintainability.

Let’s take a look at each of these software maintainability metrics.

  1. Volume – Overall size of the codebase.
  2. Duplication – Amount of duplicated code.
  3. Unit size – Size of individual code units.
  4. Unit complexity – Complexity of individual units.
  5. Unit interfacing – Quality of interfaces between units.
  6. Module coupling – How tightly modules are connected.
  7. Component entanglement – How intertwined components are.
  8. Component independence – How independently components can function.

 

The image depicts a table mapping the sub-characteristics of the ISO 25010 standard for maintainability by SIG/TÜViT, associating them with eight specific system properties. The top row displays icons representing each system property: Volume, Duplication, Unit size, Unit complexity, Unit interfacing, Module coupling, Component entanglement, and Component independence. Below, the table rows list the sub-characteristics: Analyzability, Modifiability, Testability, Modularity, and Reusability, each with colored squares indicating the relevant properties they map to. The table uses a color scheme with shades of blue and purple, and the SIG and ISO logos are present to the left. Alt-text: Table mapping ISO 25010 sub-characteristics to system properties by SIG/TÜViT. Transcribed Text: ISO (logo) Volume Duplication Unit size Unit complexity Unit interfacing Module coupling Component entanglement Component independence Analyzability Modifiability Testability Modularity Reusability

From metrics to insight: benchmarking that actually guides action

Still, raw metrics can be noisy. To make them useful, it would be great if you can benchmark them against a large, comparable dataset and roll them up into evidence-based ratings your leadership team understands.

That’s where Sigrid®, our software portfolio governance platform, helps.

At SIG, we have a unique approach to software assurance and our maintainability model is vital to the actionable insights we provide. We thoroughly analyze our customers’ software portfolios by benchmarking their source code against the world’s largest code database which consists of 400+ billion lines of code across 30,000+ systems and 300+ technologies.

Explore Sigrid®, our software portfolio governance platform, to benchmark maintainability across your entire portfolio​ and pinpoint the most critical maintainability initiatives your business should pursue. 

This is a mockup of person working on a laptop displaying software metrics of the maintainability feature of Sigrid platform .

Frequently asked questions

What is maintainability in software engineering?

It’s the degree to which software can be modified effectively and efficiently to improve it, correct it, or adapt it to change. It’s measured on a scale, not a yes/no property.

How do you measure code maintainability?

Track structural metrics (modularity, duplication, complexity), testability, and change stability. Benchmark them against an external dataset, then govern improvements over time.

What’s the difference between maintainability and “build quality”?

None in practice. Build quality is our plain-English term for maintainability. It rolls up the sub-characteristics into an actionable rating your teams can use.

Why link maintainability to security?

Stronger build quality makes it easier to apply and maintain security controls and reduces change risk. In our data, systems with above-average build quality are twice as likely to meet higher security compliance levels.

Experience Sigrid live

Request your demo of the Sigrid® | Software Assurance Platform:
  • This field is for validation purposes and should be left unchanged.

Register for access to Summer Sessions

This field is for validation purposes and should be left unchanged.
Name*
Privacy*