Introduction to Software Testing and Analysis (Volume I) by V.K. Jain
Author:V.K. Jain [Jain, V.K.]
Language: eng
Format: epub
Publisher: Atlantic Publishers & Distributors Pvt Ltd
Published: 2018-07-04T23:00:00+00:00
Even fairly inoccous software can be exploited to either do something it should not or be used to break into another system. A good example is the humble Excel product. Many viruses take advantage of buffer overruns to spread themselves or use it as a gateway to the operating system and ultimately take over the users machine.
The definition above only mentions the system. However awareness of security should begin even earlier in component testing. It is at this stage many of the chinks in armour defects will be found. For example buffer overruns. Websites may find the potential for hot sql injection intrusions. The growing use of web services, with the reliance on opening individual components or sub-systems up for all to use, will make this level of testing even more crucial. Thus we can start our list of with developers or whoever is conducting unit testing.
Especially in high risk systems, analysts need to be ensuring, security, is built into the system design and processes. Additionaly testability needs to be high in this particular area.
Ideally the software though is tested by an independent test team of system testers. In the case of penetration testing, an outside consultancy is brought in to try simulate an attack. However constraints on resources mean that, independence in many cases suffers.
Testing that software is secure can take place anywhere, including the developers own site. At the other extreme is for the penetration tester or “intruder” to be sitting on a different continent using the telecoms network and internet to try and break into an online transaction site.
This type of testing is resorted to throughout the whole software development life cycle for the developing organisation and accepting customer. In addition regular security testing should be undertaken to make sure the software is still secure.
This testing can be done perhaps more than any other form, security testing is associated with risk. Thus if security is of such importance, i.e. to the police or military, then awareness and practice has to be pervasive amongst the stakeholders. If the organisation has a mature development culture and are at level 3 or above in the CMMI they should have a strategy for risk mitigation.
3.18.23 Smoke Testing
It is a simple test case suite, designed to give confidence in an integrated build of a system or sub-system. It may also be referred to as a health check or reality check.
The phrase is derived from the testing of hardware. For example a computer would be ran until it literally started smoking.
As the software is incrementally integrated, smoke testing confirms the stability of the Software Under Test (SUT).
An integrated build of software is a complex thing. Defects related to interfaces, bottlenecks and usability may only come to light at integration. Every time a build is constructed, with additional components or sub-systems, new opportunities for failure arise.
When testing at the system level, the test team needs to have confidence in the stability of the overall SUT. A successful run of the smoke test, generates this confidence.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
The Mikado Method by Ola Ellnestam Daniel Brolund(27094)
Hello! Python by Anthony Briggs(25942)
Secrets of the JavaScript Ninja by John Resig Bear Bibeault(25285)
Kotlin in Action by Dmitry Jemerov(24393)
The Well-Grounded Java Developer by Benjamin J. Evans Martijn Verburg(23591)
Dependency Injection in .NET by Mark Seemann(23311)
OCA Java SE 8 Programmer I Certification Guide by Mala Gupta(21943)
Algorithms of the Intelligent Web by Haralambos Marmanis;Dmitry Babenko(20847)
Grails in Action by Glen Smith Peter Ledbrook(19869)
Adobe Camera Raw For Digital Photographers Only by Rob Sheppard(17072)
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(16832)
Secrets of the JavaScript Ninja by John Resig & Bear Bibeault(14464)
Test-Driven iOS Development with Swift 4 by Dominik Hauser(12581)
Jquery UI in Action : Master the concepts Of Jquery UI: A Step By Step Approach by ANMOL GOYAL(11865)
A Developer's Guide to Building Resilient Cloud Applications with Azure by Hamida Rebai Trabelsi(10650)
Hit Refresh by Satya Nadella(9236)
The Kubernetes Operator Framework Book by Michael Dame(8588)
Exploring Deepfakes by Bryan Lyon and Matt Tora(8445)
Robo-Advisor with Python by Aki Ranin(8387)