Every software artefact has a predictable quantity of defects when it is created. When you think about it, this makes sense. For every hour a knowledge worker spends on something (code, design, requirements etc) they are likely to make a mistake or two each hour. Defect potentials in requirements are the defects that are likely to be in them when they are created. The metric for requirements defect potential that we favour is a normalised metric of defect potential per COSMIC Function Point. For example, studies by Capers Jones shows that the average defect potential in requirements vary between 1 – 2 defects per FP in requirements. Knowing this is an important starting point for finding and fixing these defects – if we now know how many requirement defects we need to find we are part of the way to fixing them.
The defect density is an indication of the concentration of defects within the requirements. Whilst you could use an indicator such as defects found per requirement or defects per use case, we recommend defects per CFP as this is a standardised and consistent metric.