Software Quality Attributes: ISO 25010 Quality Model

Published on December 15, 2025 | 10-12 min read | Manual Testing & QA
WhatsApp Us

Software Quality Attributes: A Beginner's Guide to the ISO 25010 Quality Model

What makes a software application "good"? Is it the number of features, its speed, or how rarely it crashes? For decades, software teams struggled to answer this question objectively. The result was often miscommunication, missed expectations, and buggy releases. This is where software quality attributes and formal quality models come in—they provide a shared language and a clear framework for defining what "quality" actually means for your project. The ISO 25010 standard offers the most widely recognized modern framework for this purpose. In this guide, we'll demystify the ISO 25010 quality model, explain its core quality characteristics, and show you how this theory translates into real-world testing practice.

Key Takeaway: The ISO/IEC 25010 standard defines a set of eight software quality characteristics (and 31 sub-characteristics) that together provide a comprehensive model for specifying, evaluating, and testing the non-functional aspects of a product. It moves quality discussions from subjective opinion to measurable criteria.

What is the ISO 25010 Quality Model?

ISO/IEC 25010, titled "Systems and software engineering — Systems and software Quality Requirements and Evaluation (SQuaRE) — Quality model," is an international standard. It replaces the older ISO 9126 standard, reflecting the evolution of software systems, including security and compatibility concerns. Think of it as a detailed checklist or a multi-dimensional map of software quality.

Its primary goal is to help stakeholders—developers, testers, product owners, and business analysts—agree on the specific quality requirements for a system. Instead of saying "the app must be reliable," you can specify it needs to have "a fault tolerance that handles X concurrent user failures without data loss" and "a maturity level that ensures 99.9% uptime." This precision is crucial for effective testing and development.

How this topic is covered in ISTQB Foundation Level

The ISTQB Foundation Level syllabus explicitly references quality models like ISO 25010 as a foundational concept. It teaches that testing is not just about finding defects but also about providing information about the quality level of the software, measured against these defined characteristics. Understanding this model helps testers design better test cases that go beyond simple functional checks.

How this is applied in real projects (beyond ISTQB theory)

In practice, a project team will select the most relevant characteristics from ISO 25010 during the requirements phase. For a banking app, security and reliability are paramount. For a social media app, usability and performance efficiency might take priority. Test managers then derive specific, measurable test conditions and scenarios from these chosen attributes. For instance, performance testing load scenarios are directly derived from the Efficiency characteristic.

Breaking Down the Core Quality Characteristics

The ISO 25010 model is structured around eight high-level quality characteristics. Let's explore the five most critical ones for beginners, with a focus on how manual testers can evaluate them.

1. Functional Suitability

This characteristic answers the question: "Does the software do what it's supposed to do?" It's the most direct link to functional testing.

  • Functional Completeness: Are all the specified functions and features present? (e.g., Does the "Checkout" process include all steps: cart review, address, payment, confirmation?).
  • Functional Correctness: Does each function provide the correct results with the needed degree of precision? (e.g., Does the tax calculator apply the correct rate?).
  • Functional Appropriateness: Do the functions help the user accomplish their tasks effectively? (e.g., Is the "Export to PDF" function located in a logical place within the report menu?).

Manual Testing Context: Testing Functional Suitability is the core of manual test case execution. You follow requirement documents to verify completeness and use equivalence partitioning and boundary value analysis to verify correctness.

2. Reliability

This defines the capability of the software to maintain a specified level of performance under stated conditions over time. In simple terms: can users trust it?

  • Maturity: The system's ability to avoid failures as a result of defects. (Tested via stability testing over long sessions).
  • Availability: The degree to which the system is operational and accessible when required for use. (Often measured as uptime percentage).
  • Fault Tolerance: The system's ability to maintain specified performance in cases of software faults or infringement of its interface. (e.g., What happens if the database connection drops? Does the app show a graceful error or crash?).
  • Recoverability: The capability to re-establish a specified level of performance and recover affected data after a failure.

Manual Testing Context: A manual tester can probe reliability by intentionally creating "unhappy paths." Disable your Wi-Fi during a data sync, force-close the app during a save operation, or input massive amounts of data to see if the system degrades gracefully or catastrophically fails.

3. Usability

This characteristic focuses on the user's effort required to learn and operate the system. A functionally perfect app that is confusing to use is a poor-quality app.

  • Appropriateness Recognizability: Can users recognize if the software is appropriate for their needs? (Clear value proposition on landing pages).
  • Learnability: How easy is it for users to accomplish basic tasks the first time they encounter the design? (Tested with new user walkthroughs).
  • Operability: How easy is it for users to achieve their goals? This includes clear navigation, intuitive UI, and helpful error messages.
  • User Error Protection: Does the system protect users from making errors? (e.g., Confirmations before delete actions, input validation).
  • User Interface Aesthetics: Does the interface design please and satisfy user interaction?

Manual Testing Context: Usability testing is a prime area for manual exploration. Testers act as user advocates, asking: "Is this button label clear?" "How many clicks to complete this task?" "Is the error message helpful or cryptic?" Heuristic evaluations using Nielsen's principles are a common manual technique.

Understanding these quality attributes in theory is one thing; learning how to systematically design test cases to evaluate them is another. Our ISTQB-aligned Manual Testing Course bridges this gap, teaching you how to translate characteristics like Usability and Reliability into concrete, executable test scenarios that go beyond the textbook.

4. Efficiency

Efficiency is about the relationship between the level of performance of the software and the amount of resources used under stated conditions. Resources include time, CPU, memory, network bandwidth, etc.

  • Time Behaviour: How fast does the system respond and complete tasks? (Response times, throughput).
  • Resource Utilization: What amount and type of resources are consumed to perform its functions? (CPU load, RAM usage, battery drain on mobile).
  • Capacity: The maximum limits of a product or system parameter. (e.g., Maximum number of concurrent users, largest file upload size).

Manual Testing Context: While deep performance testing requires tools, manual testers can identify obvious efficiency red flags. Does the app feel sluggish when scrolling? Does opening a large report take an unreasonably long time? Does the laptop fan spin loudly during normal use? These subjective observations are valuable initial tests for the Efficiency characteristic.

5. Maintainability

This characteristic concerns the ease with which developers can modify the software to correct defects, improve performance, or adapt to a changed environment. While it seems developer-focused, testers are key stakeholders.

  • Modularity: Is the system composed of discrete components? This reduces the risk of a change in one component affecting others.
  • Reusability:** Can an asset (code, design, test case) be used in more than one system or in building other assets?
  • Analysability:** How easy is it to diagnose deficiencies or identify parts to be modified? (Good logging helps testers and devs).
  • Modifiability:** How easily can a change be implemented without introducing defects? (Impacts regression testing scope).
  • Testability:** How easily can test criteria be established and tests be performed? This is directly influenced by how the software is built.
    •

Manual Testing Context: Testers influence and assess maintainability. Writing clear, modular bug reports with detailed steps and logs improves "Analysability." Advocating for testable requirements (e.g., "The system shall log all login attempts") improves "Testability." A system that is hard to maintain will lead to longer release cycles and more regression bugs.

Why the ISO 25010 Model Matters for Your Testing Career

Moving from a bug-finder to a quality analyst requires a shift in mindset. The ISO 25010 quality model provides the vocabulary for this shift. It allows you to:

  1. Communicate Effectively: Discuss quality with developers, managers, and clients using a standardized framework.
  2. Design Comprehensive Tests: Ensure your test strategy covers more than just "does it work?" but also "how well does it work under stress, for a new user, over time?"
  3. Prioritize Testing Efforts: If the product's key quality attribute is reliability, you'll prioritize long-duration stability testing over, say, exhaustive UI aesthetic testing.
  4. Excel in ISTQB Exams: A solid grasp of quality models is a direct requirement for the ISTQB Foundation Level certification.

Mastering the theory of quality characteristics is the first step. The next, more critical step is learning how to apply them across the entire software lifecycle—from web front-ends to mobile apps and backend APIs. A comprehensive approach is covered in our Manual & Full-Stack Automation Testing course, which shows you how quality attributes guide testing at every layer of a modern application.

Implementing the Model: A Practical Example

Let's take a simple "User Login" feature and see how different quality characteristics generate different test ideas:

  • Functional Suitability: Does login succeed with valid credentials and fail with invalid ones? (Correctness).
  • Reliability: Can you login 1000 times in a row without failure? (Maturity). What happens if the authentication server is down? (Fault Tolerance).
  • Usability: Is the password field masked? Is there a "Forgot Password?" link? Is the error message helpful? ("Invalid password" vs. "The email or password you entered is incorrect").
  • Efficiency: How long does login take under normal load? Under peak load? (Time Behaviour).
  • Maintainability: Are login-related logs clear for debugging a failed login issue? (Analysability).

This single feature can be tested from multiple quality perspectives, leading to a much more robust evaluation.

Frequently Asked Questions (FAQs) on Software Quality Attributes

Q1: Is ISO 25010 just for testers, or do developers need to know it too?
It's crucial for the entire team. Developers use it to understand the non-functional requirements they must code for (e.g., "the response time must be under 2 seconds"). Product owners use it to define what "quality" means for the release. Testers use it to evaluate if those requirements are met. Shared understanding prevents gaps.
Q2: Do I have to test for ALL characteristics in every project?
No. Part of the model's value is in prioritization. A prototype may focus only on Functional Suitability. A medical device firmware will prioritize Reliability and Security above all else. The project stakeholders decide which characteristics are "in scope" based on business and user needs.
Q3: How is ISO 25010 different from the old ISO 9126?
ISO 25010 added Security as a top-level characteristic (it was a sub-characteristic under Functionality in 9126). It also added Compatibility (co-existence and interoperability) and re-organized some sub-characteristics to better reflect modern software concerns like user error protection and capacity.
Q4: I'm a manual tester. How can I test something like "Maintainability" or "Efficiency"?
For Maintainability, you test its symptoms: Are bug reports easy to write and reproduce? Is the code/configuration documented? For Efficiency, you perform basic smoke tests for performance: does the app feel fast? You also verify resource-related requirements (e.g., "The app shall not use more than 200MB of RAM"). Deep-dive testing requires tools, but your initial observations are vital.
Q5: Are "quality attributes" the same as "non-functional requirements"?
Very closely related. Think of quality attributes as the categories (like Reliability). Non-functional requirements (NFRs) are the specific, measurable requirements derived from those categories (e.g., "System availability shall be 99.95%"). ISO 25010 provides the taxonomy to help you define good NFRs.
Q6: Where can I see the full list of 8 characteristics and 31 sub-characteristics?
The full ISO 25010 standard is a paid document. However, its structure is widely published in software engineering textbooks, the ISTQB syllabus, and reputable online educational resources. The eight characteristics are: Functional Suitability, Performance Efficiency, Compatibility, Usability, Reliability, Security, Maintainability, and Portability.
Q7: How important is this for the ISTQB Foundation Level exam?
Extremely important. The "Fundamentals of Testing" chapter introduces software quality and the role of testing in achieving it, explicitly mentioning standards-based quality models. You will likely get questions testing your understanding of the basic quality characteristics and their relationship to testing objectives.
Q8: Can a product be high quality if it's missing a feature users want?
From the ISO 25010 perspective, that would be a failure in the "Functional Completeness" sub-characteristic of Functional Suitability. So, no. A core part of quality is delivering the required functionality. A very fast, secure, and usable app that doesn't solve the user's core problem is not a high-quality product for that user.

Conclusion: From Theory to Practice

The ISO 25010 quality model is more than an academic standard; it's a practical toolkit for building better software. By understanding quality characteristics like Functional Suitability, Reliability, Usability, Efficiency, and Maintainability, you equip yourself to think critically about software beyond just "pass/fail" functional checks. This mindset is what separates a task-oriented tester from a true quality engineering professional.

Ready to Master Manual Testing?

Transform your career with our comprehensive manual testing courses. Learn from industry experts with live 1:1 mentorship.

Manual Testing Fundamentals → Full-Stack Automation →