Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
ISO 25065:2019 — Quality Model Framework and Guide
A Meta-Framework for Constructing Domain-Specific Quality Models within the SQuaRE Ecosystem
ISO 25065:2019 provides a quality model framework and guide for the ISO/IEC 25000 SQuaRE series. It establishes the mechanisms for defining, structuring, and applying quality models for software-intensive systems. Unlike ISO 25010, which delivers a single, universal quality model, ISO 25065 offers a meta-framework that enables organizations to create tailored quality models suited to their specific domains, application types, and stakeholder concerns. This flexibility makes it one of the most versatile standards in the SQuaRE ecosystem.
ISO 25065 is best understood as the “quality model of quality models.” It defines the rules and structures for constructing domain-specific quality models, rather than prescribing a one-size-fits-all model. Use it when ISO 25010’s general model does not capture the specific quality nuances of your application domain.
Understanding ISO 25065 and the Meta-Model Approach
The core contribution of ISO 25065:2019 is its meta-model for quality models. The meta-model defines the entities, relationships, and constraints that govern how quality models are constructed. The primary entities in the meta-model include: quality characteristic, quality sub-characteristic, quality property, quality measure, and quality requirement. The relationships between these entities are governed by well-defined composition rules, ensuring that any quality model built using the framework is structurally consistent with the broader SQuaRE architecture.
The standard defines four categories of quality models. General quality models (like ISO 25010) apply across all software systems. Domain-specific quality models are tailored for particular application domains such as automotive, medical devices, or financial trading systems. Stakeholder-specific quality models focus on the quality concerns of particular stakeholder groups (e.g., operators, end-users, maintainers). Purpose-specific quality models address particular quality objectives such as safety, security, or data privacy. ISO 25065 provides guidance on how these model types can be composed and interrelated.
| Quality Model Category | Scope | Example Application | Relationship to ISO 25010 |
|---|---|---|---|
| General Model | All software systems | ISO 25010 quality model | Baseline reference model |
| Domain-Specific Model | Automotive software | ISO 26262 safety-related quality extensions | Extends with domain characteristics |
| Stakeholder-Specific Model | End-user perspective | Usability-focused quality model for consumer apps | Subset with weighted characteristics |
| Purpose-Specific Model | Data privacy compliance | GDPR-aligned privacy quality model | Adds privacy-specific sub-characteristics |
Engineering Design Insights for Quality Model Construction
From an engineering design standpoint, ISO 25065:2019 introduces the concept of quality model composability. Rather than treating quality models as monolithic artifacts, the standard advocates for constructing them from reusable components. A quality model for an automotive infotainment system, for example, might compose elements from: the ISO 25010 general model (for core software quality), ISO 26262-derived characteristics (for functional safety), and a custom usability model (for driver distraction prevention).
The composable approach to quality models, as advocated by ISO 25065, reduces the effort required to create domain-specific models by 60-70% compared to building from scratch. Organizations can maintain a library of quality model components and assemble them as needed for each project.
The standard also provides detailed guidance on quality model validation. A quality model is not merely a conceptual exercise; it must be empirically validated to ensure that its characteristics and relationships accurately reflect real-world quality phenomena. ISO 25065 recommends validation through: (1) expert review by domain specialists, (2) empirical studies correlating quality model predictions with actual measurement data, and (3) stakeholder feedback loops that refine the model over successive project cycles.
A critical design insight is the characteristic decomposition depth guideline. ISO 25065 recommends that quality models decompose characteristics to no more than three levels (characteristic, sub-characteristic, quality property) to maintain practical utility. Deeper decompositions, while academically interesting, tend to produce models that are too unwieldy for practical engineering use. The standard provides examples of appropriate decomposition boundaries for different model categories.
Practical Implementation: Building a Domain-Specific Quality Model
Implementing ISO 25065 involves a structured process. First, scoping — define the domain boundaries, stakeholder groups, and quality objectives for the model. Second, characteristic identification — select relevant characteristics from ISO 25010 and identify any additional domain-specific characteristics not covered by the general model. Third, structure definition — organize characteristics into a hierarchical structure following the meta-model rules, ensuring proper decomposition depth and relationship integrity. Fourth, measure mapping — associate each leaf-level quality property with at least one quality measure from ISO 25020 or ISO 25018. Fifth, validation — empirically test the model using representative case studies or expert review.
A common failure mode in quality model construction is characteristic overlap — where two characteristics describe the same underlying quality phenomenon, leading to double-counting in quality assessments. ISO 25065 provides explicit orthogonality guidelines to ensure that characteristics at the same hierarchical level are mutually exclusive and collectively exhaustive (MECE principle).
A particularly valuable contribution of ISO 25065 is its guidance on quality model governance. Organizations often develop multiple quality models across different business units or product lines, leading to inconsistent quality criteria and conflicting assessments. The standard recommends establishing a quality model registry that catalogs all quality models in use across the organization, their scope, their relationship to the ISO 25010 baseline, and their validation status. A governance board should review proposed new quality models or modifications to existing ones for consistency with the organizational quality framework before approval. This prevents fragmentation and ensures that quality assessments across the organization remain comparable.
Q1: How does ISO 25065 differ from ISO 25010?
A: ISO 25010 provides a single, general-purpose quality model with eight characteristics. ISO 25065 provides a meta-framework for constructing custom quality models, with rules for composition, validation, and domain-specific tailoring. They are complementary — use ISO 25010 as a starting point and ISO 25065 to adapt it to your context.
A: ISO 25010 provides a single, general-purpose quality model with eight characteristics. ISO 25065 provides a meta-framework for constructing custom quality models, with rules for composition, validation, and domain-specific tailoring. They are complementary — use ISO 25010 as a starting point and ISO 25065 to adapt it to your context.
Q2: Can ISO 25065 be used for non-software systems?
A: While designed for software-intensive systems, the meta-model approach of ISO 25065 is general enough to be applied to broader systems and services. The standard includes guidance on extending quality models to cover hardware and human factors.
A: While designed for software-intensive systems, the meta-model approach of ISO 25065 is general enough to be applied to broader systems and services. The standard includes guidance on extending quality models to cover hardware and human factors.
Q3: How do I validate a domain-specific quality model?
A: ISO 25065 recommends a combination of expert review (face validity), empirical correlation studies (construct validity), and stakeholder feedback (content validity). At minimum, the model should be reviewed by three domain experts not involved in its construction.
A: ISO 25065 recommends a combination of expert review (face validity), empirical correlation studies (construct validity), and stakeholder feedback (content validity). At minimum, the model should be reviewed by three domain experts not involved in its construction.