A use case in which some actors with malcious intent are causing harm to the system or to other actors.
The exit criteria that a component or system must satisfy in order to be accepted by a user, customer, or other authorized entity.
Acceptance testing is the testing done by the user or customer to establish confidence in the system. It evaluates the system’s compliance with the business requirements and verify if it is has met the required criteria.There are various forms of acceptance testing:
- User acceptance Testing
- Business acceptance Testing
- Alpha Testing
- Beta Testing
Testing to determine the ease by which users with disabilities can use a component or system.
Obtaining lists of email addresses for use in email related testing
Checking capability of the software product to provide the right or agreed results or effects with the needed degree of precision.
User or any other person or system that interacts with the test object in a specific way
The behavior produced/observed when a component or system is tested.
The capability of the software product to be adapted for different specified environments without applying actions or means other than those provided for this purpose for the software considered.
Testing carried out informally with no formal test preparation, no recognized test design technique and no expectations for results.
A methodology based on iterative incremental development, where requirements and solutions evolve through collaboration between self-organizing cross-functional teams.
Testing practice for a project using Agile software development methodologies, incorporating techniques and methods, such as extreme programming (XP), treating development as the customer of testing and emphasizing the test-first design paradigm.
A means of tracking the changes in data to facilitate better analysis
A procedure determining whether a person or a process is, in fact, who or what it is declared to be.
Permission given to a user or process to access resources.
Automation Testing is the use of special software to control the execution of tests and the comparison of actual outcomes with predicted outcomes.
A specification or software product that has been formally reviewed or agreed upon, that thereafter serves as the basis for further development, and that can be changed only through a formal change control process.
Behaviour Driven Development (BDD)
Behaviour Driven Development evolved from TDD with focus to delivery of prioritised, verifiable business value by providing a common vocabulary that reduces the gap between the technical and business sides of the project.
A superior method or innovative practice that contributes to the improved performance of an organization under given context, usually recognized as “best” by other peer organizations.
Operational testing by potential and/or existing users/customers at an external site not otherwise involved with the developers, to determine whether or not a component or system satisfies the user/customer needs and fits within the business processes.
Black Box Testing
Testing, either functional or non-functional, without reference to the internal structure of the component or system.
A network of compromised computers, called bots or robots, which is controlled by a third party and used to transmit malware or spam, or to launch attacks.
Bottom Up Testing
An incremental approach to integration testing where the lowest level components are tested first, and then used to facilitate the testing of higher level components. This process is repeated until the component at the top of the hierarchy is tested.
An input value or output value which is on the edge of an equivalence partition or at the smallest incremental distance on either side of an edge, for example the minimum or maximum value of a range.
Boundry Value Analysis
A black-box test design technique in which test cases are designed based on boundary values.
A basic block that can be selected for execution based on a program construct in which one of two or more alternative program paths is available, e.g., case, jump, go to, if-then-else.
The percentage of branches that have been exercised by a test suite. 100% branch coverage implies both 100% decision coverage and 100% statement coverage.
A device or storage area used to store data temporarily for differences in rates of data flow, time or occurrence of events, or amounts of data that can be handled by the devices or processes involved in the transfer or use of the data.
Build Verification Test
A set of automated tests which validates the integrity of each new build and verifies its key/core functionality, stability and testability. It is an industry practice when a high frequency of build releases occurs (e.g., Agile projects) and it is run on every new build before the build is released for further testing.
A publicly displayed chart that depicts the outstanding effort versus time in an iteration. It shows the status and trend of completing the tasks of the iteration. The X-axis typically represents days in the sprint, while the Y-axis is the remaining effort (usually either in ideal engineering hours or story points).
Cause Effect Diagram
A graphical representation used to organize and display the interrelationships of various possible root causes of a problem. Possible causes of a real or potential defect or failure are organized in categories and subcategories in a horizontal tree-structure, with the (potential) defect or failure as the root node.
Code Coverage is a measure used to describe the degree to which the source code of a program is tested by a particular test suite.
The degree to which a component or system has a design and/or internal structure that is difficult to understand, maintain and verify.
Testing to determine how the occurrence of two or more activities within the same interval of time, achieved either by interleaving the activities or by simultaneous execution, is handled by the component or system.
The percentage of condition outcomes that have been exercised by a test suite. 100% condition coverage requires each single condition in every decision statement to be tested as True and False.
A sequence of events (paths) in the execution through a component or system.
Control Flow Testing
An approach to structure-based testing in which test cases are designed to execute specific sequences of events. Various techniques exist for control flow testing, e.g., decision testing, condition testing, and path testing, that each have their specific approach and level of control flow coverage.
The degree, expressed as a percentage, to which a specified coverage item has been exercised by a test suite.
Cross Site Scripting
A vulnerability that allows attackers to inject malicious code into an otherwise benign website.
A representation of dynamic measurements of operational performance for some organization or activity, using metrics represented via graphs, counters, tables etc
Data Driven Testing
A scripting technique that stores test input and expected results in a table or spreadsheet, so that a single control script can execute all of the tests in the table. Data-driven testing is often used to support the application of test execution tools such as capture/playback tools.
An abstract representation of the sequence and possible changes of the state of data objects, where the state of an object is any of creation, usage, or destruction.
Data Flow Analysis
A form of static analysis based on the definition and usage of variables.
Data Flow Coverage
The percentage of definition-use pairs that have been exercised by a test suite.
Data Flow Testing
A white-box test design technique in which test cases are designed to execute definition-use pairs of variables.
Data transformation that makes it difficult for a human to recognize the original data
Database Integrity Testing
Testing the methods and processes used to access and manage the data(base), to ensure access methods, processes and data rules function as expected and that during access to the database, data is not corrupted or unexpectedly deleted, updated or created.
The process of finding, analyzing and removing the causes of failures in software.
Decision Condition Coverage
The percentage of all condition outcomes and decision outcomes that have been exercised by a test suite. 100% decision condition coverage implies both 100% condition coverage and 100% decision coverage.
The percentage of decision outcomes that have been exercised by a test suite. 100% decision coverage implies both 100% branch coverage and 100% statement coverage.
A table showing combinations of inputs and/or stimuli (causes) with their associated outputs and/or actions (effects), which can be used to design test cases.
Decision Table Testing
A black-box test design technique in which test cases are designed to execute the combinations of inputs and/or stimuli (causes) shown in a decision table.
A flaw in a component or system that can cause the component or system to fail to perform its required function, e.g., an incorrect statement or data definition. A defect, if encountered during execution, may cause a failure of the component or system.
The process of recognizing, investigating, taking action and disposing of defects. It involves recording defects, classifying them and identifying the impact.
Defect Management Tool
A tool that facilitates the recording and status tracking of defects and changes. They often have workflow-oriented facilities to track and control the allocation, correction and re-testing of defects and provide reporting facilities.
An occurrence in which one defect prevents the detection of another.
Design Based Testing
An approach to testing in which test cases are designed based on the architecture and/or detailed design of a component or system (e.g., tests of interfaces between components or systems).
Testing the quality of the documentation, e.g., user guide or installation guide.
A software component or test tool that replaces a component that takes care of the control and/or the calling of a component or system.
Elementary Comparison Testing
A black-box test design technique in which test cases are designed to execute combinations of inputs using the concept of modified condition / decision coverage.
A device, computer program, or system that accepts the same inputs and produces the same outputs as a given system.
The set of generic and specific conditions for permitting a process to go forward with a defined task, e.g., test phase. The purpose of entry criteria is to prevent a task from starting which would entail more (wasted) effort compared to the effort needed to remove the failed entry criteria.
An executable statement or process step which defines a point at which a given process is intended to begin.
A portion of an input or output domain for which the behavior of a component or system is assumed to be the same, based on the specification.
Equivalence Partition Coverage
The percentage of equivalence partitions that have been exercised by a test suite.
A black-box test design technique in which test cases are designed to execute representatives from equivalence partitions. In principle, test cases are designed to cover each partition at least once.
A test design technique where the experience of the tester is used to anticipate what defects might be present in the component or system under test as a result of errors made, and to design tests specifically to expose them.
The ability of a system or component to continue normal operation despite the presence of erroneous inputs.
A security tester using hacker techniques.
An event thrown during the execution of a program usually an error.
Behavior of a component or system in response to erroneous input, from either a human user or from another component or system, or to an internal failure.
A statement which, when compiled, is translated into object code, and which will be executed procedurally when the program is running and may perform an action on data.
A test approach in which the test suite comprises all combinations of input values and preconditions.
The set of generic and specific conditions, agreed upon with the stakeholders for permitting a process to be officially completed. The purpose of exit criteria is to prevent a task from being considered completed when there are still outstanding parts of the task which have not been finished. Exit criteria are used to report against and to plan when to stop testing.
An executable statement or process step which defines a point at which a given process is intended to cease.
An informal test design technique where the tester actively controls the design of the tests as those tests are performed and uses information gained while testing to design new and better tests.
A software engineering methodology used within Agile software development whereby core practices are programming in pairs, doing extensive code review, unit testing of all code, and simplicity and clarity in code.
A test is deemed to fail if its actual result does not match its expected result.
A test result which fails to identify the presence of a defect that is actually present in the test object.
A test result in which a defect is reported although no such defect actually exists in the test object.
Deviation of the component or system from its expected delivery, service or result.
The ratio of the number of failures of a given category to a given unit of measure, e.g., failures per unit of time, failures per number of transactions, failures per number of computer runs.
The process of intentionally adding defects to a system for the purpose of finding out whether the system can detect, and possibly recover from, a defect. Fault injection is intended to mimic failures that might occur in the field.
The capability of the software product to maintain a specified level of performance in cases of software faults (defects) or of infringement of its specified interface.
An attribute of a component or system specified or implied by requirements documentation (for example reliability, usability or design constraints).
Feature Driver Development
An iterative and incremental software development process driven from a client-valued functionality (feature) perspective. Feature-driven development is mostly used in Agile software development.
Testing based on an analysis of the specification of the functionality of a component or system.
The capability of the software product to provide functions which meet stated and implied needs when the software is used under specified conditions.
The assessment of change to the layers of development documentation, test documentation and components, in order to implement a given change to specified requirements.
The process of recognizing, investigating, taking action and disposing of incidents. It involves logging incidents, classifying them and identifying the impact.
Testing where components or systems are integrated and tested one or some at a time, until all the components or systems are integrated and tested.
Testing the installability of a software product.
Testing performed to expose defects in the interfaces and in the interactions between integrated components or systems.
An integration test type that is concerned with testing the interfaces between components or systems.
The capability of the software product to interact with one or more specified components or systems.
Iterative Development Model
A development lifecycle where a project is broken into a usually large number of iterations. An iteration is a complete development loop resulting in a release (internal or external) of an executable product, a subset of the final product under development, which grows from iteration to iteration to become the final product.
Tests aimed at showing that a component or system does not work. Negative testing is related to the tester’s attitude rather than a specific test approach or test design technique, e.g., testing with invalid input values or exceptions.
Non Functional Requirement
A requirement that does not relate to functionality, but to attributes such as reliability, efficiency, usability, maintainability and portability.
Non Functional Testing
Testing the attributes of a component or system that do not relate to functionality, e.g., reliability, efficiency, usability, maintainability and portability.
Operational Acceptance Testing
Operational testing in the acceptance test phase, typically performed in a (simulated) operational environment by operations and/or systems administration staff focusing on operational aspects, e.g., recoverability, resource-behavior, installability and technical compliance.
A software development approach whereby lines of code (production and/or test) of a component are written by two programmers sitting at a single computer. This implicitly means ongoing real-time code reviews are performed.
Two persons, e.g., two testers, a developer and a tester, or an end-user and a tester, working together to find defects. Typically, they share one computer and trade control of it while testing.
A black-box test design technique in which test cases are designed to execute all possible discrete combinations of each pair of input parameters.
The percentage of paths that have been exercised by a test suite.
A testing technique aiming to exploit security vulnerabilities (known or unknown) to gain unauthorized access.
The degree to which a system or component accomplishes its designated functions within given constraints regarding processing time and throughput rate.
Testing to determine the performance of a software product.
An attempt to acquire personal or sensitive information by masquerading as a trustworthy entity in an electronic communication.
The level of (business) importance assigned to an item, e.g., defect.
A matrix describing the participation by various roles in completing tasks or deliverables for a project or process. It is especially useful in clarifying roles and responsibilities. RACI is an acronym derived from the four key responsibilities most typically used: Responsible, Accountable, Consulted, and Informed.
A black-box test design technique where test cases are selected, possibly using a pseudo-random generation algorithm, to match an operational profile. This technique can be used for testing non-functional attributes such as reliability and performance.
Testing that dynamically responds to the system under test and test results being obtained. Typically reactive testing has a reduced planning cycle and the design and implementation test phases are not carried out until the test object is received.
A condition or capability needed by a user to solve a problem or achieve an objective that must be met or possessed by a system or system component to satisfy a contract, standard, specification, or other formally imposed document.
A meeting at the end of a project during which the project team members evaluate the project and learn lessons that can be applied to the next project.
A factor that could result in future negative consequences.
The process of assessing identified project or product risks to determine their level of risk, typically by estimating their impact and probability of occurrence (likelihood).
The process of identifying and subsequently analyzing the identified project or product risk to determine its level of risk, typically by assigning likelihood and impact ratings.
Risk Based Testing
An approach to testing to reduce the level of product risks and inform stakeholders of their status, starting in the initial stages of a project. It involves the identification of product risks and the use of risk levels to guide the test process.
The process of identifying risks using techniques such as brainstorming, checklists and failure history.
The importance of a risk as defined by its characteristics impact and likelihood. The level of risk can be used to determine the intensity of testing to be performed. A risk level can be expressed either qualitatively (e.g., high, medium, low) or quantitatively.
A source of a defect such that if it is removed, the occurrence of the defect type is decreased or removed.
Root Cause Analysis
An analysis technique aimed at identifying the root causes of defects. By directing corrective measures at root causes, it is hoped that the likelihood of defect recurrence will be minimized.
S.M.A.R.T Goal Methodology
A methodology whereby objectives are defined very specifically rather than generically. SMART is an acronym derived from the attributes of the objective to be defined: Specific, Measurable, Attainable, Relevant and Timely.
A programming language in which executable test scripts are written, used by a test execution tool (e.g., a capture/playback tool).
An iterative incremental framework for managing projects commonly used with Agile software development.
The degree of impact that a defect has on the development or operation of a component or system.
A subset of all defined/planned test cases that cover the main functionality of a component or system, to ascertaining that the most crucial functions of a program work, but not bothering with finer details.
A document that specifies, ideally in a complete, precise and verifiable manner, the requirements, design, behavior, or other characteristics of a component or system, and, often, the procedures for determining whether these provisions have been satisfied.
A security attack inserting malicious SQL statements into an entry field for execution.
Stack Trace is a report of the active stack frames at a certain point in time during the execution of a program.
An entity in a programming language, which is typically the smallest indivisible unit of execution.
The percentage of executable statements that have been exercised by a test suite.
Analysis of software development artifacts, e.g., requirements or code, carried out without execution of these software development artifacts. Static analysis is usually carried out by means of a supporting tool.
A type of performance testing conducted to evaluate a system or component at or beyond the limits of its anticipated or specified workloads, or with reduced availability of resources such as access to memory or servers.
A skeletal or special-purpose implementation of a software component, used to develop or test a component that calls or is otherwise dependent on it. It replaces a called component.
A black-box test design technique in which test cases are designed based upon the definition of the input domain and/or output domain.
The step-by-step process of reducing the security vulnerabilities of a system by applying a security policy and different layers of protection.
System Integration Testing
Testing the integration of systems and packages; testing interfaces to external organizations (e.g., Electronic Data Interchange, Internet).
The use of software to perform or support test activities, e.g., test management, test design, test execution and results checking.
Test Automation Architecture
An instantiation of the generic test automation architecture to define the architecture of a test automation solution, i.e., its layers, components, services and interfaces.
Test Automation Framework
A tool that provides an environment for test automation. It usually includes a test harness and test libraries.
Test Automation Solution
A realization/implementation of a test automation architecture, i.e., a combination of components implementing a specific test automation assignment. The components may include commercial off-the-shelf test tools, test automation frameworks, as well as test hardware.
Test Automation Strategy
A high-level plan to achieve long-term objectives of test automation under given boundary conditions.
A list of test steps to perform. It can be UI related, API calls or database queries depending on you applicationl
During the test closure phase of a test process data is collected from completed activities to consolidate experience, testware, facts and numbers. The test closure phase consists of finalizing and archiving the testware and evaluating the test process, including preparation of a test evaluation report.
Data that exists (for example, in a database) before a test is executed, and that affects or is affected by the component or system under test.
Test Driver Development
A way of developing software where the test cases are developed, and often automated, before the software is developed to run those test cases.
Test Driver Development (TDD)
Test Driver Development or TDD is the approach where automated test cases are created and executed before developing the actual application. Development involves creating the minimum amount of code to make the failed test cases pass.
The calculated approximation of a result related to various aspects of testing (e.g., effort spent, completion date, costs involved, number of test cases, etc.) which is usable even if input data may be incomplete, uncertain, or noisy.
A document describing the scope, approach, resources and schedule of intended test activities. It identifies amongst others test items, the features to be tested, the testing tasks, who will do each task, degree of tester independence, the test environment, the test design techniques and entry and exit criteria to be used, and the rationale for their choice, and any risks requiring contingency planning. It is a record of the test planning process.
A collection of test cases
A document that consists of a test design specification, test case specification and/or test procedure specification.
A high-level description of the test levels to be performed and the testing within those levels for an organization or programme (one or more projects).
A set of several test cases for a component or system under test, where the post condition of one test is often used as the precondition for the next one.
Test Summary Report
A document summarizing testing activities and results. It also contains an evaluation of the corresponding test items against exit criteria.
Three Point Estimation
A test estimation method using estimated values for the “best case”, “worst case”, and “most likely case” of the matter being estimated, to define the degree of certainty associated with the resultant estimate.
A small software program or script which performs a specific function usually automating a specific task
Top Down Testing
An incremental approach to integration testing where the component at the top of the component hierarchy is tested first, with lower level components being simulated by stubs. Tested components are then used to test lower level components. The process is repeated until the lowest level components have been tested.
The ability to identify related items in documentation and software, such as requirements with associated tests.
A two-dimensional table, which correlates two entities (e.g., requirements and test cases). The table allows tracing back and forth the links of one entity to the other, thus enabling the determination of coverage achieved and the assessment of impact of proposed changes.
Unit Testing Framework
A tool that provides an environment for unit or component testing in which a component can be tested in isolation or with suitable stubs and drivers. It also provides other support for the developer, such as debugging capabilities.
Code that cannot be reached and therefore is impossible to execute.
Testing to determine the extent to which the software product is understood, easy to learn, easy to operate and attractive to the users under specified conditions.
A sequence of transactions in a dialogue between an actor and a component or system with a tangible result, where an actor can be a user or anything that can exchange information with the system.
Use Case Testing
A black-box test design technique in which test cases are designed to execute scenarios of use cases.
User Acceptance Testing
Acceptance testing carried out by future users in a (simulated) operational environment focusing on user requirements and needs.
A high-level user or business requirement commonly used in Agile software development, typically consisting of one sentence in the everyday or business language capturing what functionality a user needs and the reason behind this, any non-functional criteria, and also includes acceptance criteria.