Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
ISO/IEC 25019: Quality-in-Use Model — A Comprehensive Guide to SQuaRE Quality-in-Use
ISO/IEC 25019:2023 — Systems and software engineering — SQuaRE — Quality-in-use model
1. Understanding the Quality-in-Use Model
ISO/IEC 25019:2023 defines a comprehensive quality-in-use model that extends far beyond traditional usability evaluation. Unlike earlier standards that focused primarily on direct user interaction, this model recognizes that information systems and IT services affect and influence a much broader set of stakeholders, including organizations and society at large. The standard introduces three fundamental quality characteristics: beneficialness, freedom from risk, and acceptability, each with precisely defined sub-characteristics.
When designing modern digital systems, consider all four stakeholder groups defined in ISO/IEC 25019: operators, customers, responsible organizations, and society. Each group has distinct quality concerns that must be addressed for truly successful system deployment.
The quality-in-use model marks a significant evolution from ISO/IEC 25010:2011, which primarily addressed effectiveness, efficiency, and satisfaction from a direct-user perspective. The new model expands the scope to encompass economic, environmental, societal, and health-related risks, as well as experiential and trust-related acceptability factors. This reflects the growing recognition that software quality cannot be assessed in isolation but must be understood within the broader context of use.
2. The Three Pillars of Quality-in-Use
2.1 Beneficialness
Beneficialness captures the extent of benefit resulting from system use. It comprises three sub-characteristics: usability (effectiveness, efficiency, satisfaction), accessibility (usability for people with the widest range of capabilities), and suitability (alignment of behavior with specified quality requirements). A well-designed drone delivery system, for example, must be easy for operators to control (usability), accessible from multiple locations (accessibility), and capable of successfully completing deliveries under varying conditions (suitability).
2.2 Freedom from Risk
This characteristic addresses the mitigation of potential risks across four dimensions: economic risk (financial loss, reputation damage), environmental and societal risk (ecological impact, community disruption), health risk (physical well-being), and human life risk (life-safety). The standard emphasizes that risk monitoring is as important as risk mitigation, particularly for information systems whose influence extends to broad stakeholder groups.
2.3 Acceptability
Acceptability encompasses experience (knowledge and skill accumulation over time), trustworthiness (confidence that expectations are met in verifiable ways), and compliance (adherence to rules, regulations, and laws). For AI-driven systems, trustworthiness is especially critical, requiring transparency, accountability, and verifiable behavior even when systems operate autonomously or employ machine learning.
| Quality Characteristic | Sub-Characteristics | Primary Stakeholder Concern |
|---|---|---|
| Beneficialness | Usability, Accessibility, Suitability | Achieving intended goals effectively |
| Freedom from Risk | Economic, Environmental/Societal, Health, Human Life | Mitigating negative consequences |
| Acceptability | Experience, Trustworthiness, Compliance | Building confidence and ensuring compliance |
3. Engineering Design Insights and Practical Application
From an engineering perspective, ISO/IEC 25019 provides a structured framework for specifying, measuring, evaluating, and improving quality-in-use throughout the system lifecycle. The standard emphasizes that context of use is a prerequisite for quality-in-use evaluation. When context changes, the system must adapt, and quality-in-use must be re-evaluated against the new context. This has profound implications for DevOps and continuous deployment practices.
Engineers must establish monitoring cycles that detect deviations from the initially specified context of use. Without timely feedback loops that identify context changes, systems risk failing to meet stakeholder goals, potentially causing economic or trust-related damage.
The standard provides detailed annexes with practical examples spanning electric power supply, self-driving buses, retail systems, banking, healthcare, enterprise procurement, and university lecture management. Each example demonstrates how the three quality characteristics map to operator, customer, organization, and society concerns. For instance, in a self-driving bus system, beneficialness for passengers includes ease of use and on-time performance, freedom from risk addresses fall prevention and accident avoidance, and acceptability encompasses trust in autonomous operation and regulatory compliance.
Adopting ISO/IEC 25019 early in system design helps teams identify non-functional requirements that are often overlooked. Using the stakeholder classification (operators, customers, organizations, society) as a checklist ensures comprehensive quality coverage.
4. Frequently Asked Questions
Q1: How does ISO/IEC 25019 differ from ISO/IEC 25010:2011?
A1: ISO/IEC 25019 replaces the quality-in-use model previously in ISO/IEC 25010:2011. Key changes include: (1) “beneficialness” replaces usability as the primary characteristic, with usability becoming a sub-characteristic; (2) “acceptability” is introduced as a new characteristic; (3) “context coverage” is removed as a quality characteristic and instead treated as a prerequisite; and (4) stakeholder classification is expanded to four groups.
A1: ISO/IEC 25019 replaces the quality-in-use model previously in ISO/IEC 25010:2011. Key changes include: (1) “beneficialness” replaces usability as the primary characteristic, with usability becoming a sub-characteristic; (2) “acceptability” is introduced as a new characteristic; (3) “context coverage” is removed as a quality characteristic and instead treated as a prerequisite; and (4) stakeholder classification is expanded to four groups.
Q2: Can the quality-in-use model be applied to AI and machine learning systems?
A2: Yes. The standard explicitly addresses autonomous systems and machine learning in its examples. Trustworthiness is highlighted as particularly important for AI systems, requiring transparent monitoring of system behavior even when the system operates autonomously or learns from data.
A2: Yes. The standard explicitly addresses autonomous systems and machine learning in its examples. Trustworthiness is highlighted as particularly important for AI systems, requiring transparent monitoring of system behavior even when the system operates autonomously or learns from data.
Q3: How do I measure quality-in-use characteristics?
A3: ISO/IEC 25022 provides detailed measures for quality-in-use characteristics. ISO/IEC 25020 provides the measurement framework. Engineers should establish baseline measurements in the specified context of use, then monitor deviations over time using iterative measurement cycles.
A3: ISO/IEC 25022 provides detailed measures for quality-in-use characteristics. ISO/IEC 25020 provides the measurement framework. Engineers should establish baseline measurements in the specified context of use, then monitor deviations over time using iterative measurement cycles.
Q4: Is the quality-in-use model applicable to non-ICT systems?
A4: While the model is designed primarily for information systems and IT services, its quality characteristics (beneficialness, freedom from risk, acceptability) are broadly applicable. The standard notes that these models can be applied to larger systems of systems, though embedded software systems are explicitly outside the scope.
A4: While the model is designed primarily for information systems and IT services, its quality characteristics (beneficialness, freedom from risk, acceptability) are broadly applicable. The standard notes that these models can be applied to larger systems of systems, though embedded software systems are explicitly outside the scope.
