Software QA FYI - SQAFYI




" Structural System Testing is to verify developed system and program works
" Most effective method of Structured system Testing is " Inspection Process ".
" Objective is to -
" Ensure system design is structurally sound.
" Technology used properly.
" All the components in the system function as cohesive unit.
" The Different structural System Testing Techniques are -

1. Compliance Testing ( to process )
2. Operational Testing
3. Recovery Testing
4. Stress Testing
5. Execution Testing
6. Security Testing.

1) Compliance Testing:

Usage " To verify that application was developed in accordance to Information Technology standards, procedures and guidelines.
Objectives " To ensure compliance to methodology
" To ensure to compliance to departmental standards, procedures and guidelines.
" Help Testing professionals to comply with the methodology.
" Determining system development and maintenance methodologies are followed.
" Determining that application system documentation is complete and reasonable.
How to Use " Necessary that the documents / programs prepared for a system is reviewed (peer review).
When to use " Compliance to IT procedures, standards and guidelines depends upon the management when they desire to make these procedures and standards to be followed.
" In order to compliance with the standards and procedures the management needs to find out the degree of compliance to be adhered and then find out who the violators are.
Examples " Standards followed
" Documentation complete.

2) Operational Testing:

Usage " To verify that before application goes to production the operating procedures and staff can properly execute the application.
" Evaluation of process and execution of process .
Objectives " Determine that System can execute normally during operating the system.
" Determine completeness of documentation of computer operator.
" Evaluate that operator training is complete.
" Ensure that support mechanism has been prepared and working properly.
" Check that operators can operate the computer system properly.
How to Use " Requirements phase - operational requirements are evaluated to find that the requirements are reasonable and complete.
" Design phase - Operating procedures are created and evaluated.
" Operations testing can be carried out " In conjunction " with other tests.
When to use " Should take place before placing application system into production.
Examples " Verifying file labeling and protection functions are working properly.
" Determine system can run using document.

3) Recovery Testing:

Usage " Recovery is ability to restart the operation after integrity of application is lost.
" It includes reverting to a point where integrity of system is known , then reprocessing up until the point of failure.
" The time taken to recover depends upon :
the number of restart points
volume of application
training and skill of people conducting recovery activities
tools available for recovery
Objectives " To ensure operations can be continued after a disaster .
" Recovery testing verifies recovery process and effectiveness of recovery process.
" Adequate back up data is preserved and kept in secure location.
" Recovery procedures are documented.
" Recovery personnel have been assigned and trained.
" Recovery tools have been developed and are available.
How to Use " Procedures , methods , tools and techniques are assessed to evaluate the adequacy.
" After system is developed a failure can be introduced in the system and check whether the system can recover.
" A simulated disaster is usually performed on one aspect of application system.
" When there are no. Of failures then instead of taking care of all recovery testing should be carried out for one segment and then another i.e. structured fashion.
Who uses it " System Analysts
" Testing professionals
" management personnel.
When to use " When user says that the continuity of the system is needed inorder for system to perform or function properly.
" User then should estimate the losses, time span to carry out recovery testing.
Examples " Loss of communication , loss of database integrity.
" Evaluate adequacy of back up data.

4) Stress Testing:

Usage " To determine if the system can function when subject to large volumes.
" It includes testing of
input transactions
Internal tables
Disk Space
Out put
Computer capacity
Interaction with people.
Objectives " To simulate production environment
" Normal or above normal volumes of transactions can be processed through the transaction within expected time frame.
" Application system would be able to process larger volume of data.
" System capacity should have sufficient resources to meet expected turnaround time.
How to Use " It should simulate as closely as possible to production environment.
" Online system should be stress tested with users entering test data with normal or above normal pace.
" Batch system should be tested with huge volumes/ numbers of batches
" The test conditions should have error conditions.
" Transactions used in stress testing are obtained from following 3 sources :
Test data generators
Test transactions created by test group
Transactions which were previously used in production.
" In stress testing the system should run as it would in the production environment.
When to use " When there is uncertainty that system will work with huge volumes of data and without generating any faults.
" Attempt is made to break system with huge amount of data.
" Most commonly used technique to test for online transaction systems as other
techniques are not effective.
Examples " Sufficient disk space allocated
" Communication lines are adequate
Disadvantage " Amount of time taken to prepare for testing
" Amount of resources utilized during test execution.

5) Execution Testing:

Usage " To determine whether the system achieves the desired level of proficiency in the production status.
" Used to verify -
Response time
Turn around time
Design performance.
" Test execution can be done using the simulated system and actual system.
" The system either can be tested as a whole or in parts.
Objectives " To determine whether the system can meet the specific performance criteria
" Verify whether system make optimum use of hardware and software.
" Determining response time to online use requests
" Determining transaction processing turnaround time.
How to Use " Can be performed in any phase of SDLC
" Used to evaluate single aspect of system
" Executed in following manner -
Using h/w and s/w monitor
Simulation of functioning using simulation model
Creating quick or dirty programs to evaluate approximate performance of completed system.
When to use " Should be used early in SDLC
" Should be performed when it is known that the results can be used to make changes to the system structure.
Examples " Transaction turnaround time adequacy
" Optimum use of h/w and s/w.

6) Security Testing:

Usage " Security is a protection system that is needed for both securing the confidential information and for competitive purposes to assure third parties that their data will be protected.
" Amount of security provided depends upon risks associated with compromise or loss of information.
" Protecting the confidentiality of the information is designed to protect the resources of the organization.
" Used to check the adequacy of protective procedures and countermeasures..
Objectives " To identify the defects which are very difficult to identify.
" The failures in security system operation may not be detected , resulting in a loss or compromise of information without the knowledge of that loss.
" To determine that adequate attention is paid to identify security risks.
" Determine realistic definition and enforcement of access to the system has been implemented.
" To determine that sufficient expertise exists to perform adequate security testing.
" Conducting reasonable tests to ensure that the implemented security measures function properly.
How to Use " Involves a wide spectrum of conditions.
" Testing divided into physical and logical security.
" Physical security - deals with penetration by people in order to physically gather information.
" Logical Security - deals with use of computer operations / communications capabilities to improperly access information.
When to use " Security testing should be used when the information and/or assets protected by the application system are of significant value to the organization.
" Should be conducted before system goes to operational status.
" Extent of testing should depend upon the security risk.
Examples " Access denied " Procedures in place

Other Resource

... to read more articles, visit