Skip to main content

Product/Solution/Code Quality Certification System

1. Overview

Quality Certification aggregates every signal from your build - artifact scores, code checks, security scans, peer benchmarks - into a single, verifiable certificate that proves your delivery meets professional standards. Instead of scattered metrics that clients can question, you get an ISO 25010-mapped certificate with percentile rankings, adversarial AI validation, and a tamper-evident audit trail that stands up to investor and client scrutiny.

2. Step-by-Step Guide

For Admins generating certificates:
  1. Navigate to the completed job - Ensure your job has finished implementation with artifacts (BRS, FRS, FSD, TSD, Spec) and code submissions in place.
  2. Request certification - Call the certification API with your job ID. Choose synchronous mode (results in 60 seconds) or async mode (full pipeline with adversarial AI, returns in minutes).
  3. Review the certificate - The system returns an overall grade (0-100), 8 dimension scores (Functional Completeness, Reliability, Security, Performance, Maintainability, Usability, Testability, Documentation), and your percentile rank against all completed platform jobs.
  4. Check peer comparison - If 20+ jobs exist on the platform, you’ll see where this delivery ranks. Jobs in the same ICP category get cohort-specific percentiles if 10+ similar jobs exist.
  5. Examine adversarial findings - The Red Team/Blue Team/Auditor pass identifies quality gaps the static analysis missed. Review findings and decide whether to address before client handoff.
  6. Verify calibration status - Confirm the certificate shows CALIBRATION_PASSED. This proves the scoring system rejected 10 known-bad configurations, so your passing score is meaningful.
  7. Download outputs - Get the JSON certificate for system integration and the markdown report for client review. The markdown includes executive summary, ISO 25010 compliance table, methodology disclosure, and full audit trail.
  8. Share with stakeholders - Send the markdown report to clients, investors, or quality auditors. The hash-chained audit trail makes the certificate tamper-evident.
Checking peer statistics:
  1. Access peer stats endpoint - View score distributions across all completed platform jobs to understand baseline quality levels.
  2. Filter by dimension - See how jobs typically score on Security vs. Maintainability to contextualize your results.

3. Common Questions

Q: How does the system calculate my percentile rank?
A: The system compares your overall score to all completed jobs with available quality data. If 20+ jobs exist, you get a percentile with Wilson confidence interval. If your ICP category has 10+ jobs, you also get a cohort-specific percentile showing how you compare to similar projects. Q: What happens if calibration fails?
A: Calibration runs 10 known-bad configurations through the scorer. If any incorrectly pass, the certificate is marked CALIBRATION_FAILED and flagged. This means the scoring system drifted and your score may not be reliable. Contact support - the system needs recalibration before certificates can be trusted. Q: Can I skip the adversarial AI check to get results faster?
A: Yes. Set skipAdversarial: true when requesting certification. You’ll get results in under 10 seconds with static analysis and peer assessment only. Use this for internal checkpoints; run the full pipeline before client delivery. Q: What if I don’t have all artifacts - will certification still work?
A: Yes, but your scores will be lower. The system applies the evidence-or-zero rule: any check without specific evidence scores 0 points plus a penalty. Missing a BRS or FRS certificate will tank your Functional Completeness dimension. Q: How do I verify the audit trail wasn’t tampered with?
A: Each audit entry includes a SHA-256 hash linking to the previous entry. To verify: compute the hash of each entry’s content plus the previous hash. If any entry was modified, all subsequent hashes will fail validation.

4. Troubleshooting

Issue: Non-admin user gets 403 Forbidden when requesting certification
Solution: Certification endpoints require admin privileges. Only admins can generate quality certificates. If you need a certificate, ask your account admin to run certification and share the markdown report with you. Issue: Peer assessment shows “Insufficient peer data” instead of a percentile
Solution: Percentile ranking requires 20+ completed jobs platform-wide (or 10+ in your ICP cohort). Early-stage platform instances won’t have enough data. The certificate is still valid - you just don’t have a peer comparison yet. Issue: Certificate generation times out or returns 500 error
Solution: Long-running certifications (especially with adversarial AI) can exceed synchronous timeout limits. Switch to async mode by using the async endpoint. You’ll get a job ID immediately and can poll for status. The full pipeline typically completes in 3-5 minutes. Issue: Scores seem too low even though code passed all checks
Solution: The scoring system uses asymmetric weighting - missing signals penalize more than present signals reward. Check which artifacts are missing (BRS, FRS, FSD, TSD, Spec certificates). Even one missing document can drop your score 15-20 points. Ensure all artifacts are confirmed before requesting certification. Security Certification System - Runs parallel to Quality Certification but focuses exclusively on security controls, vulnerability scans, and threat modeling. Security scores feed into the Quality Certificate’s Security dimension, so running both gives you the most complete picture. Planning Review - Quality Certification evaluates what you built. Planning Review evaluates what you planned to build. Use Planning Review to catch scope and feasibility issues before implementation, then use Quality Certification to prove you delivered what you promised. Data Room - Store your Quality Certificate markdown report in your Data Room alongside investor decks and financial projections. Investors expect to see quality evidence during due diligence. The certificate’s ISO 25010 compliance table and peer percentile ranking strengthen your technical credibility.