|
Software Testing Methods
Part:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
(Continued from previous part...)
Structural System Testing Techniques
Recovery Testing:
|
Usage
|
" Recovery is ability to restart the operation after integrity of application is lost.
" It includes reverting to a point where integrity of system is known , then reprocessing up until the point of failure.
" The time taken to recover depends upon :
the number of restart points
volume of application
training and skill of people conducting recovery activities
tools available for recovery
|
|
Objectives
|
" To ensure operations can be continued after a disaster .
" Recovery testing verifies recovery process and effectiveness of recovery process.
" Adequate back up data is preserved and kept in secure location.
" Recovery procedures are documented.
" Recovery personnel have been assigned and trained.
" Recovery tools have been developed and are available.
|
|
How to Use
|
" Procedures , methods , tools and techniques are assessed to evaluate the adequacy.
" After system is developed a failure can be introduced in the system and check whether the system can recover.
" A simulated disaster is usually performed on one aspect of application system.
" When there are no. Of failures then instead of taking care of all recovery testing should be carried out for one segment and then another i.e. structured fashion.
|
|
Who uses it
|
" System Analysts
" Testing professionals
" management personnel.
|
|
When to use
|
" When user says that the continuity of the system is needed inorder for system to perform or function properly.
" User then should estimate the losses, time span to carry out recovery testing.
|
|
Examples
|
" Loss of communication , loss of database integrity.
" Evaluate adequacy of back up data.
|
Security Testing:
|
Usage
|
" Security is a protection system that is needed for both securing the confidential information and for competitive purposes to assure third parties that their data will be protected.
" Amount of security provided depends upon risks associated with compromise or loss of information.
" Protecting the confidentiality of the information is designed to protect the resources of the organization.
" Used to check the adequacy of protective procedures and countermeasures..
|
|
Objectives
|
" To identify the defects which are very difficult to identify.
" The failures in security system operation may not be detected , resulting in a loss or compromise of information without the knowledge of that loss.
" To determine that adequate attention is paid to identify security risks.
" Determine realistic definition and enforcement of access to the system has been implemented.
" To determine that sufficient expertise exists to perform adequate security testing.
" Conducting reasonable tests to ensure that the implemented security measures function properly.
|
|
How to Use
|
" Involves a wide spectrum of conditions.
" Testing divided into physical and logical security.
" Physical security - deals with penetration by people in order to physically gather information.
" Logical Security - deals with use of computer operations / communications capabilities to improperly access information.
|
|
When to use
|
" Security testing should be used when the information and/or assets protected by the application system are of significant value to the organization.
" Should be conducted before system goes to operational status.
" Extent of testing should depend upon the security risk.
|
|
Examples
|
" Access denied
" Procedures in place
|
(Continued on next part...)
Part:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
| 