Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Pierre Guillemin
on 18 March 2024


As Canonical approaches its 20th anniversary, we have proven our proficiency in managing a resilient software supply chain. But in the pursuit of excellence, we are always looking to set new standards in software development and embrace cutting-edge quality management practices. This enables us to meet current technological landscape needs. It also paves the way for future innovation, motivating us (as ever) to make open source a key driving force across all industries. In this article I will explore how combining the openness and transparency inherent in open source principles with the right quality management frameworks enables us to lay new foundations for the software-defined industries of tomorrow. 

Open source adoption is growing and with it, regulation

The presence of open source software components in regulated industries has accelerated dramatically in the past couple of years and can be found everywhere, from the smallest industrial component to the largest ship in the world. Such a broad application domain brings additional complexity and heightened expectations that we address the evolving need for quality requirements. While language-specific standards were ways to address guidelines in a relatively simple world, this is not enough anymore. Instead, we need to adopt quality models that are not just a compliance requirement, but effectively a way to evaluate the produced engineering components. 

While these types of models are often developed in the context of regulated domains in specific industries, they can provide insights that are impactful across a broad range of applications. For instance, ISO 25010, a quality model that is the cornerstone of a product quality evaluation system, is a great framework to help engineers understand the strengths and weaknesses of specific artefacts using static code analysis. By using an objective, reproducible and independent quality model that follows ISO 25010 standard, Canonical can meet the expectations of a broad spectrum of industries and enable the opportunities that open source software brings. 

Adding independent quality indicators

TIOBE is supporting Canonical in getting an independent overview of its code quality by checking the reliability, security and maintainability of its software sources. The measurements are based on ISO 25010 and follow a strict procedure defined by TIOBE’s Quality Indicator (TQI). TIOBE provides real-time data integrated in programming environments and separate dashboards and makes use of best-in-class third party code checkers for Canonical.

Paul Jansen, CEO of TIOBE states: “We are thrilled to contribute to the success of Canonical. After having checked the code quality of a lot of Canonical’s projects in our independent and regulated way, it is clear that Canonical is scoring far above the average of the 8,000+ commercial projects we measure every day”.

At Canonical, we believe that Quality Management (QM) is an essential pillar in the development of open source software. That is why we added TQI as one additional control point across our software development lifecycle process. In most industries, the expectations towards innovation but also quality attributes, including the ones highlighted by TIOBE Quality Indicator, are very high. The integration of open source software with industry-recognised quality models marks a paramount step towards achieving excellence and leading to the production of superior software solutions.

Addressing quality management requirements in automotive

A prime example of the advantages of independent quality indicators can be seen in the automotive industry. This sector, with its high demands for safety and technological innovation, presents unique challenges that require impeccable quality and robust software solutions. As vehicles become increasingly software-defined, integrating open source software with industry-recognised quality models becomes not just beneficial but essential. Quality management works as a driving force – not just ensuring the reliability and safety of vehicles – but also the key building block for generating trust in open source within the automotive industry. 

As Canonical’s Automotive Sector Lead, Bertrand Boisseau, explains: “The results of the collaboration with TIOBE are crucial, especially in the realm of Software Defined Vehicles (SDVs), where the abstraction and decoupling of software and hardware development cycles is key. The TIOBE TiCS framework supports our R&D efforts related to automotive, enabling us to go beyond the expectations of this demanding ecosystem”. 

Conclusion

Our approach is designed to address the inherent complexity of modern software stacks, which are by nature heterogeneous. We make use of quality models like ISO 25010 as accelerators to enhance our quality management processes. At Canonical, these models are instrumental in enriching our continuous improvement practices with measurable data, while also aligning with the expectations of the broader enterprise landscape, particularly when combined with the openness and transparency open source software provides. 

If you have embarked on a similar journey to measure quality management in your organisation, I would love to hear about your experience. If you’re eager to join our mission in advancing precision engineering, please explore our openings starting with the Technical Manager Automotive and Industrial as well as our Lead Development Lifecycle Engineer positions. Stay tuned to follow our journey towards engineering excellence and connect with me on LinkedIn.

Related posts


João Hellmeister
20 January 2025

A comprehensive guide to NIS2 Compliance: Part 3 – Setting the roadmap and demonstrating NIS2 compliance.

Ubuntu Article

In this third and final part of the series, I’ll provide some tips on how to set up your roadmap and effectively demonstrate compliance without overburdening your teams.  If you’re just joining the fun now, in our two previous editions we covered who NIS2 applies to and what requirements it sets out. Be sure to ...


Gabriel Aguiar Noury
20 January 2025

Bringing 12-year LTS to 32-bit Arm processors as CRA comes into force

IoT Article

With the release of Ubuntu 24.04 LTS (Noble Numbat) and Ubuntu Core 24, Canonical introduced a 12-year Long Term Support commitment for 32-bit Arm® processors, addressing the critical time_t overflow issue, commonly known as the “Year 2038 problem.” These processors, essential for critical IoT devices requiring a smaller DRAM footprint an ...


João Hellmeister
17 January 2025

A comprehensive guide to NIS2 Compliance: Part 2 – Understanding NIS2 requirements

Ubuntu Article

In my previous blog, we ran through what NIS2 is and who it applies to. In this second part of the series, I’ll break down the main requirements you’ll find in NIS2 and help translate them into actionable and practical measures you can take to achieve NIS2 compliance. Join me in this post and start understanding what NIS2 is all about. ...