The code at one architectural layer invokes code that resides
at a deeper layer than the adjacent layer, i.e., the invocation skips at least one
layer, and the invoked code is not part of a vertical utility layer that can be referenced from any horizontal layer.
Modes of Introduction:
Other: Reduce Maintainability
The software contains a class with inheritance from more than
one concrete class.
Modes of Introduction:
Other: Reduce Maintainability
A named-callable or method control element has a signature that
supports a variable (variadic) number of parameters or arguments.
Modes of Introduction:
Other: Reduce Reliability
The software uses a dedicated, central data manager component as required by design, but it contains code that performs data-access operations that do not use this data manager.
Modes of Introduction:
Other: Reduce Performance
The code contains a function or method that
operates in a multi-threaded environment but owns an unsafe non-final
static storable or member data element.
Modes of Introduction:
Other: Reduce Reliability
The product does not contain sufficient
technical or engineering documentation (whether on paper or
in electronic form) that contains descriptions of all the
relevant software/hardware elements of the product, such as
its usage, structure, architectural components, interfaces, design, implementation,
configuration, operation, etc.
Modes of Introduction:
– Architecture and Design
Other: Varies by Context, Hide Activities, Reduce Reliability, Quality Degradation, Reduce Maintainability
Without a method of verification, one cannot be sure that everything only functions as expected.
Phase: Documentation, Architecture and Design
Description:
Ensure that design documentation is detailed enough to allow for post-manufacturing verification.
When an application does not use an input validation framework such as the Struts Validator, there is a greater risk of introducing weaknesses related to insufficient input validation.
Modes of Introduction:
– Implementation
Integrity: Unexpected State
Phase: Architecture and Design
Description:
Use an input validation framework such as Struts.
Phase: Architecture and Design
Description:
Use an input validation framework such as Struts.
Phase: Implementation
Description:
Phase: Implementation
Description:
The software performs too many data queries without using efficient data processing functionality such as stored procedures.
Modes of Introduction:
Other: Reduce Performance
The software does not sufficiently hide the internal representation and implementation details of data or methods, which might allow external components or modules to modify data unexpectedly, invoke unexpected functionality, or introduce dependencies that the programmer did not intend.
Modes of Introduction:
The code has a parent class that contains references to a child class, its methods, or its members.
Modes of Introduction:
Other: Reduce Reliability