Developing a usage-based software certification process

The methods for certifying software quality continue to multiply Popular, p rocess-based approaches-such as ISO 9000 and SEI-CMM-make software publishe rs take oaths concerning which development standards and processes they wil l use. These approaches often require auditors to spot-check a publisher's documentation and oaths. Yet even if a certification auditor can verify the publisher's veracity, that verification alone does not guarantee high-qual ity software. Given these problems, the author proposes a certification methodology that does not employ publisher oaths and auditors. This certification method emp loys automated processes to greatly reduce liability while also eliminating the need to dispatch human auditors. The process harnesses the testing res ources of end users, drawing upon proven techniques such as the methods tha t made Linux the most popular and reliable of all Unix flavors. Totally pro duct-based, this proposed process assesses how well behaved the software is , nut the maturity of the processes used to develop the code.