Software quality assurance

This post is about software quality assurance.

Software testing methods

Software testing methods

  • Unit testing
  • Component
  • Integration testing
  • Regression testing
  • System testing
  • Orthogonal array testing
  • Pattern testing
  • Matrix testing

Unit testing

Unit testing focuses on individual units of code or smaller sections of code for testing.

Component testing focuses on testing individual components or modules.

Integration testing is used to validate how software modules work together.

Regression testing is performed after developers make changes to an application. It reruns a number of test cases and compares the results to baseline.

System testing is done on a complete integrated product.

Orthogonal array testing is a method for generating tests based on statistical analysis.

Pattern testing uses records of past software bugs to inform the analysis.

Matrix testing develops a matrix of all possible inputs and outputs to inform the test plan.

Fagan inspection can also be applied to software.

Types of Software Testing

  • Static (SAST)
  • Dynamic (DAST)
    • Fuzzing
  • Interactive (IAST)
  • Software Composition Analysis (SCA)
  • Use case
  • Misuse case / Abuse case testing

OWASP has an Abuse Case Cheat Sheet.

Software Testing Approaches

Shift-left testing approach involves increasing testing in early SDLC stages, compared to the traditional way where most of the testing effort is left to the final stages.

Software test automation

A test harness is a test harness is a collection of stubs and drivers configured to assist with the testing of an application or component.

Testing double

A testing double is a generic term to describe a stand-in for a real object that is created to perform tests.

Testing doubles are used mostly in unit and component tests.

Testing doubles categories:

  • Dummy
  • Stub
  • Mock
  • Fake
  • Spy

A dummy is an object or value passed around but never actually used.

A stub provides predefined answers without including any logic. It is used when the returned value is enough.

A mock is a stub that verifies an interaction.

In this context, interaction is a method call with specific arguments, a specific number of times and possibly in a specific order.

It is used when checking the behavior is more important than returning a value.

A fake is a working simplified implementation of an object . Its advantage is that it is faster or easier to implement. They are used when realistic behavior is expected.

Example of fakes: an in-memory repository instead a DB repository.

A spy is a wrapper of a real object that allows to observe calls.

In a simple mock, the test ends in the mock.

Loopback pattern or internal replacement calls back the original component.

Software Testing Frameworks

You can read about software testing frameworks on this post.

These solutions are general-purpose test software. For security-aimed source code test tools, you can read more about IT security testing frameworks on this post and Application Security Testing (AST) on this post.

Software Quality Standards

Software quality standards featured on this post:

  • ISO 33000

ISO/IEC 33000

ISO/IEC 33xxx is a family standard on process quality. It may include software development process quality.

Software Quality Models

Software quality models:

  • McCall

McCall Quality Model

McCall’s quality model is a software quality model that highlights software quality factors that reflect both the views of users and developers’ interests.

McCall’s quality model factors of production quality:

  1. Product Operation
  2. Product Revision
  3. Product Transition

Related entries

Leave a Reply

Your email address will not be published. Required fields are marked *