Carnegie Mellon University Notice
|
|
- Daniel Harrison
- 5 years ago
- Views:
Transcription
1 Carnegie Mellon University Notice This video and all related information and materials ( materials ) are owned by Carnegie Mellon University. These materials are provided on an as-is as available basis without any warranties and solely for your personal viewing and use. You agree that Carnegie Mellon is not liable with respect to any materials received by you as a result of viewing the video, or using referenced websites, and/or for any consequences or the use by you of such materials. By viewing, downloading, and/or using this video and related materials, you agree that you have read and agree to our terms of use ( A Taxonomy of Types 1
2 Copyright 2015 Carnegie Mellon University This material is based upon work funded and supported by the Department of Defense under Contract No. FA C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Department of Defense. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN AS-IS BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. This material has been approved for public release and unlimited distribution except as restricted below. This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at permission@sei.cmu.edu. Carnegie Mellon is registered in the U.S. Patent and Trademark Office by Carnegie Mellon University. DM A Taxonomy of Types 2
3 A Taxonomy of Types Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Donald G. Firesmith
4 Topics Relevant Challenges Goals of Presentation What is? Presentation Scope Types Conclusion A Taxonomy of Types 4
5 Relevant Challenges A Taxonomy of Types 5
6 Relevant Challenges Many testers are only aware of a minority of types of testing, let alone know how to perform them. Test managers and developers are aware of even fewer testing types. The test strategies, project test plans, and test sections of system/software development plans tend to identify only a very small number of types of testing (e.g., unit, integration, system, and acceptance testing). Not planned Not performed A Taxonomy of Types 6
7 Goals of the Presentation A Taxonomy of Types 7
8 Goals of the Presentation Make it clear that: There are many different types of testing. is a complex discipline with its own technical jargon. There is a lot of overlap between different classes of testing types. Think multiple classification (object-oriented design) or multiple inheritance (object-oriented programming). Get you to take a look at your: Test strategies and test plans and ask yourselves Are they sufficiently complete? Testers and other testing stakeholders and ask yourselves Do they need additional training in testing types. A Taxonomy of Types 8
9 Polling Question 1 How many different types of testing do you typically use on a project? O 1-5 O 6-10 O O 16+ A Taxonomy of Types 9
10 What is? A Taxonomy of Types 10
11 What is? The execution of an Object Under Test (OUT) under specific preconditions with specific stimuli so that its actual behavior can be compared with its expected or required behavior Preconditions: pretest mode, states, stored data, or external conditions Stimuli: - Calls, commands, and messages (control flows) - Data inputs (data flows) - Trigger events such as state changes and temporal events Actual Behavior: - During Test: Calls, commands, and messages (control flows) Data outputs (data flows) - Postconditions: post-test mode, states, stored data, or external conditions A Taxonomy of Types 11
12 Presentation Scope A Taxonomy of Types 12
13 Presentation Scope Verification and Validation (V&V) Methods Quality Control (QC) Static Legend Dynamic In Scope T&E Test Evaluation Other Analysis Demonstration Inspection Certification Reuse Warantee Static Analysis Dynamic Analysis Desk Checking Inspection Review Walk- Through Peer Review Formal Review A Taxonomy of Types 13
14 The Taxonomy of Types A Taxonomy of Types 14
15 Types of A type of testing is: A specific way to perform testing A class or subclass of testing Much narrower in scope than a testing paradigm There are relationships between the various types of testing. Most testers know: A lot about a few types of testing A little about some additional types of testing Very little about a sizable number of testing types A Taxonomy of Types 15
16 Polling Question 2 Have you ever seen a taxonomy of testing types (i.e., a hierarchical categorization of different ways to test)? O Yes O No O Not Sure A Taxonomy of Types 16
17 Types of What-Based Test Types (What Gets Tested) Object Under Test (OUT)-Based Test Types Domain-Based Test Types 16 Categories of Types Answering the 5W+2H Questions: What? When-Based Test Types (When Occurs) Temporal-Order-Based Test Types Lifecycle-Based Test Types Phase-Based Test Types Built-In-Test (BIT) Types When? Where? Where-Based Test Types (Why Occurs) Organization-Location-Based Test Types Physical-Location-Based Test Types Who? Why? How? How Well? Test Types Who-Based Test Types (Who Does ) Why-Based Test Types (Why Occurs) Collaboration-Based Test Types Organization-Based Test Types Role-Based Test Types Driver-Based Test Types Reason-Based Test Types These supertypes are not disjoint (think multiple inheritance)! How-Based Test Types (How is Performed Automation-Based Test Types Level-of-Scripting-Based Test Types Technique-Based Test Types How-Well-Based Test Types (Quality Verified) Quality-Characteristic-Based Test Types A Taxonomy of Types 17
18 Types of WHAT is Tested A Taxonomy of Types 18
19 What: by Object Under Test (OUT) What-Based OUT-Based Model Hardware Software System Data Center Tool/Environment A Taxonomy of Types 19
20 What: by Object Under Test (OUT) Model What-Based OUT-Based Model Requirements Model Architecture Model Design Model A Taxonomy of Types 20
21 What: by Object Under Test (OUT) Hardware What-Based OUT-Based Hardware Continuity Hardware Stress Highly Accelerated Life (HALT) HW Qualification Power-off A Taxonomy of Types 21
22 What: by Object Under Test (OUT) Software What-Based OUT-Based Software SW Unit [Component] SW Integration SW Application A Taxonomy of Types 22
23 What: by Object Under Test (OUT) System What-Based OUT-Based System Subsystem System Integration System SoS Integration SoS Hardware-in-the-Loop (HIL) Human-in-the-Loop (HIL) Processor-in-the-Loop (PIL) Software-in-the-Loop (SIL) A Taxonomy of Types 23
24 What: by Object Under Test (OUT) Data Center What-Based OUT-Based Data Center Configuration Failover and Restore Integrated System (IST) Network Traffic A Taxonomy of Types 24
25 What: by Object Under Test (OUT) Tool / Environment What-Based OUT-Based Tool/Environment Development Tool Development Environment Test Tool Test Environment A Taxonomy of Types 25
26 What: by Domain What-Based Domain-Based Domain-Independent Domain-Specific Many Types of Domain- Independent Crash Exhaust Emissions Flight Live Fire Sea Trials Wind Tunnel A Taxonomy of Types 26
27 Types of WHEN Occurs A Taxonomy of Types 27
28 When: by Temporal Order When-Based Order-Based Order-By-Direction Order-By-Component Bottom-Up Top-Down Outside-In Feature- Based Layer-Based Subsystem- Based A Taxonomy of Types 28
29 When: by Lifecycle When-Based Lifecycle-Based Waterfall Incremental Continuous (CT) At-The-End V-Model Agile DevOps A Taxonomy of Types 29
30 When: by Phase When-Based Phase-Based Developmental (DT) Acceptance (AT) Operational (OT) Many Types of Developmental Business Acceptance (BAT) Operational Effectiveness Operational Suitability Initial Operational (IOT) Follow-on Operational (FOT) Beware of Synonyms and Almost Synonyms! Customer Acceptance (CAT) Contract(ual) Acceptance (CAT) Factory Acceptance (FAT) Operational Acceptance (OAT) Production Acceptance (PAT) Regulation Acceptance (RAT) Data Center Qualification Operational (QOT) Site Acceptance (SAT) User Acceptance (UAT) A Taxonomy of Types 30
31 When: by BIT Execution Time When-Based Built-In (BIT) Power-Up Built-In (PupBIT) Interrupt-driven Built-In (IBIT) User-initiated Built-In (UBIT) Ongoing Built-In (OBIT) Periodic Built-In (PBIT) Shutdown Built-In (SBIT) Self- via Assertion Checking Self- via Prognostics and Health Management (PHM) Subsystem Self- via Heartbeat A Taxonomy of Types 31
32 Types of WHY is Being Performed A Taxonomy of Types 32
33 Why: by Driver Why-Based Driver-Based Regulatory- Compliance (tests compliance) Needs- Driven (tests why) Requirements-Driven (tests what + how-well) Architecture- Driven (tests how) Design-Driven (tests how) Validates Verifies Verifies Verifies Verifies System Complies with Laws or Regulations System Meets Stakeholder Needs System Meets System Requirements System Conforms to Architecture System Conforms to Design A Taxonomy of Types 33
34 Why: by Reason Why-Based Reason-Based Smoke Reuse Initial Retesting Regression Error Seeding COTS Open Source Legacy Partial Regression Complete Regression A Taxonomy of Types 34
35 Types of WHO Performs A Taxonomy of Types 35
36 Who: by Collaboration Who-Based Collaboration-Based Individual Group Buddy Flash Mob Pair A Taxonomy of Types 36
37 Who: by Organization Who-Based Organization-Based Development Organization Acquisition Organization Independent Test Organization Operations Organization User Organization Prime Contractor Subcontractor COTS Vendor DT Organization OT Organization A Taxonomy of Types 37
38 Polling Question 3 Who performs testing on your projects? Check all that apply. Project-internal Testers Independent Testers Developers Specialty Engineers (e.g., performance, reliability, safety, security, human factors) Quality Engineers Others A Taxonomy of Types 38
39 Who: by Role Who-Based Role-Based Developer Tester Operator User Requirements Engineer Architect Programmer Human Factors Engineer Safety Engineer Alpha Tester Embeded Tester Independent Tester Buddy Pair Database Admin Network Admin Sys Admin Beta Tester User as Tester Closed Beta Open Beta Security Engineer A Taxonomy of Types 39
40 Types of WHERE is Performed A Taxonomy of Types 40
41 Where: by Organizational Location Where-Based Organizational-Location-Based Insourced Outsourced A Taxonomy of Types 41
42 Where: by Physical Location Where-Based Physical-Location-Based Cloud Distributed Local A Taxonomy of Types 42
43 Types of HOW is Performed A Taxonomy of Types 43
44 How: by Level of Automation How-Based Level-of-Automation-Based Manual Automated - Test Script Generation - Test Data Generation - Test Script Execution - Test Report Generation Record-Playback Script-Based Data-Driven Action-Keyword Model-Based A Taxonomy of Types 44
45 How: by Level of Scripting How-Based Level-of-Scripting-Based Scripted Unscripted Exploratory Monkey A Taxonomy of Types 45
46 How: by Technique How-Based Test-Technique-Based Blackbox Graybox Whitebox Patterns- Based Experience- Based Random (Cat on the Keyboard) A Taxonomy of Types 46
47 How: by Technique - Blackbox How-Based Test-Technique-Based Blackbox Cause and Effect Combinatorial End-to-End Requirements Scenario Syntax Classification Tree Decision Table Manual Procedure Risk-Based State-Based User Interface Navigation A Taxonomy of Types 47
48 How: by Technique - Graybox How-Based Test-Technique-Based Graybox Boundary Value Equivalence Class A Taxonomy of Types 48
49 How: by Technique - Whitebox How-Based Test-Technique-Based Whitebox Data Flow Control Flow All Definitions All Uses Branch Condition Statement A Taxonomy of Types 49
50 How: by Technique - Experience- Based How-Based Test-Technique-Based Experience-Based Bug Hunt Error Guessing Exploratory Galumphing A Taxonomy of Types 50
51 How: by Technique - Random How-Based Test-Technique-Based Random (Cat on the Keyboard) Fuzz Monkey Shoe Stuck Key A Taxonomy of Types 51
52 Types of HOW WELL Object Under Test Functions A Taxonomy of Types 52
53 How Well: by Quality Characteristic How-Well-Based Quality-Characteristic-Based by Quality Characteristic Capacity Based on the associated quality characteristic and its associated quality attributes: Uncover related defects Determine level of quality Compatibility Configuration Consistency Correctness Flexibility Functionality Interoperability Performance Reliability Robustness Safety Scalability Security Usability Backwards Compatibility Infrastructure Compatibility Mobile Data Migration Internationalization Personalization A Taxonomy of Types 53
54 How Well: by Quality Capacity How-Well-Based Quality-Characteristic-Based Capacity Load Stress Volume A Taxonomy of Types 54
55 How Well: by Quality Reliability How-Well-Based Quality-Characteristic-Based Reliability Endurance (Stability) Reliability Enhancement Reliability Growth Reliability Mechanism A Taxonomy of Types 55
56 How Well: by Quality Robustness How-Well-Based Quality-Characteristic-Based Robustness Error Tolerance Fault Tolerance Failure Tolerance Environmental Tolerance Communication Error Hardware Error Human Error Software Error System Error Fault Injection Failover and Recovery Acceleration Tolerance Acoustic Tolerance Electromagnetic Compatibility (EMC) Tolerance Pressure/Leakage Tolerance Radiation Tolerance Shock/Drop Tolerance Temperature Tolerance Vacuum Tolerance Pressure Cycling Tolerance Temperature Cycling Tolerance A Taxonomy of Types 56
57 How Well: by Quality Security How-Well-Based Quality-Characteristic-Based Security Access Control Anti-Spoofing Anti-Tamper EMSEC Encryption Infrastructure Penetration Blue Team Red Team A Taxonomy of Types 57
58 How Well: by Quality Usability How-Well-Based Quality-Characteristic-Based Usability A/B Accessibility Alpha Beta Content Usage Closed Beta Open Beta (Flash) Mob A Taxonomy of Types 58
59 Conclusion A Taxonomy of Types 59
60 Conclusion Most systems require quite a few different types of testing. Most testers are not aware of the majority of the different types of testing. If you are not aware that it exists, then you don t know whether you need it. These types of testing can be organized into a taxonomy by the 5W + 2H questions. This taxonomy has several uses: Ensure the test strategy is sufficiently complete with no important type of testing overlooked. Organize testing types to make them and their relationships more understandable. Augment test training materials. Help categorize and understand limitations of testing tools. A Taxonomy of Types 60
61 A Taxonomy of Types 61
Roles and Responsibilities on DevOps Adoption
Roles and Responsibilities on DevOps Adoption Hasan Yasar Technical Manager, Adjunct Faculty Member Secure Lifecycle Solutions CERT SEI CMU Software Engineering Institute Carnegie Mellon University Pittsburgh,
More informationSoftware, Security, and Resiliency. Paul Nielsen SEI Director and CEO
Software, Security, and Resiliency Paul Nielsen SEI Director and CEO Dr. Paul D. Nielsen is the Director and CEO of Carnegie Mellon University's Software Engineering Institute. Under Dr. Nielsen s leadership,
More informationLearn Well Technocraft
-This course includes Manual Testing aspects plus basic automation testing tools. The content included in the syllabus is sufficient for clearing the ISTQB certification. Note: We have combo course and
More informationAnalyzing 24 Years of CVD
public release and unlimited distribution. Allen Householder adh@cert.org Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Copyright. All Rights Reserved. This material is
More informationARINC653 AADL Annex Update
ARINC653 AADL Annex Update Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Julien Delange AADL Meeting February 15 Report Documentation Page Form Approved OMB No. 0704-0188
More informationDefining Computer Security Incident Response Teams
Defining Computer Security Incident Response Teams Robin Ruefle January 2007 ABSTRACT: A computer security incident response team (CSIRT) is a concrete organizational entity (i.e., one or more staff) that
More informationBe Like Water: Applying Analytical Adaptability to Cyber Intelligence
SESSION ID: HUM-W01 Be Like Water: Applying Analytical Adaptability to Cyber Intelligence Jay McAllister Senior Analyst Software Engineering Institute Carnegie Mellon University @sei_etc Scuttlebutt Communications
More informationPanel: Future of Cloud Computing
Panel: Future of Cloud Computing Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Grace Lewis Advanced Mobile Systems (AMS) Initiative July 9, 2014 Mobile Device Trends Smartphones
More informationAdvancing Cyber Intelligence Practices Through the SEI s Consortium
Advancing Cyber Intelligence Practices Through the SEI s Consortium SEI Emerging Technology Center Jay McAllister Melissa Kasan Ludwick Copyright 2015 Carnegie Mellon University This material is based
More informationFive Keys to Agile Test Automation for Government Programs
Five Keys to Agile Test Automation for Government Programs Robert Binder and Suzanne Miller Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 approved for public [DISTRIBUTION
More informationFall 2014 SEI Research Review Verifying Evolving Software
Fall 2014 SEI Research Review Verifying Evolving Software Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Arie Gurfinkel October 28, 2014 Report Documentation Page Form Approved
More informationEncounter Complexes For Clustering Network Flow
Encounter Complexes For Clustering Network Flow. Leigh Metcalf, lbmetcalf@cert.org Flocon 2015 Date 2015 Carnegie Mellon University Copyright 2014 Carnegie Mellon University This material is based upon
More informationThe CERT Top 10 List for Winning the Battle Against Insider Threats
The CERT Top 10 List for Winning the Battle Against Insider Threats Dawn Cappelli CERT Insider Threat Center Software Engineering Institute Carnegie Mellon University Session ID: STAR-203 Session Classification:
More informationSituational Awareness Metrics from Flow and Other Data Sources
Situational Awareness Metrics from Flow and Other Data Sources SEI CERT NetSA 2011 Carnegie Mellon University NO WARRANTY THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY AND ITS SOFTWARE ENGINEERING INSTITUTE
More informationDesign Pattern Recovery from Malware Binaries
Design Pattern Recovery from Malware Binaries Cory F. Cohen Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Copyright 2015 Carnegie Mellon University This material is based
More informationEvaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure
Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure March 2015 Pamela Curtis Dr. Nader Mehravari Katie Stewart Cyber Risk and Resilience Management Team CERT
More informationCyber Hygiene: A Baseline Set of Practices
[DISTRIBUTION STATEMENT A] Approved for public Cyber Hygiene: A Baseline Set of Practices Matt Trevors Charles M. Wallen Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Copyright
More informationOSATE Analysis Support
OSATE Analysis Support Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Julien Delange/Peter Feiler 07/08/2013 Overview of OSATE2 Eclipse-based AADL editor Support for AADLv2.1,
More informationJulia Allen Principal Researcher, CERT Division
Improving the Security and Resilience of U.S. Postal Service Mail Products and Services Using CERT -RMM (Case Study) Julia Allen Principal Researcher, CERT Division Julia Allen is a principal researcher
More informationAutomated Provisioning of Cloud and Cloudlet Applications
Automated Provisioning of Cloud and Cloudlet Applications Secure and Assured Mobile Computing Components Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Jeff Boleng, PhD
More informationSEI/CMU Efforts on Assured Systems
Unclassified//For Official Use Only SEI/CMU Efforts on Assured Systems 15 November 2018 *** Greg Shannon CERT Division Chief Scientist Software Engineering Institute Carnegie Mellon University Pittsburgh,
More informationCyber Threat Prioritization
Cyber Threat Prioritization FSSCC Threat and Vulnerability Assessment Committee Jay McAllister Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection of information
More informationComponents and Considerations in Building an Insider Threat Program
Components and Considerations in Building an Insider Threat Program Carly Huth Insider Threat Researcher, CEWM Carly L. Huth is an insider threat researcher in the Cyber Enterprise and Workforce Management
More informationProviding Information Superiority to Small Tactical Units
Providing Information Superiority to Small Tactical Units Jeff Boleng, PhD Principal Member of the Technical Staff Software Solutions Conference 2015 November 16 18, 2015 Copyright 2015 Carnegie Mellon
More informationManual Testing. Software Development Life Cycle. Verification. Mobile Testing
10 Weeks (Weekday Batches) or 12 Weekends (Weekend batches) To become a Professional Software Tester To enable the students to become Employable Manual Testing Fundamental of Testing What is software testing?
More informationModeling the Implementation of Stated-Based System Architectures
Modeling the Implementation of Stated-Based System Architectures Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Peter H Feiler June 2009 Are Everywhere What is a state-based
More informationStandard Glossary of Terms used in Software Testing. Version 3.2. Foundation Extension - Usability Terms
Standard Glossary of Terms used in Software Testing Version 3.2 Foundation Extension - Usability Terms International Software Testing Qualifications Board Copyright Notice This document may be copied in
More informationTypes of Software Testing: Different Testing Types with Details
Types of Software Testing: Different Testing Types with Details What are the different Types of Software Testing? We, as testers are aware of the various types of Software Testing such as Functional Testing,
More informationARINC653 AADL Annex. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Julien Delange 07/08/2013
ARINC653 AADL Annex Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Julien Delange 07/08/2013 Context, Rationale ARINC653 Avionics standard Standardized API (called APEX
More informationCollaborative Autonomy with Group Autonomy for Mobile Systems (GAMS)
Collaborative Autonomy with Group Autonomy for Mobile Systems (GAMS) Presenter: (jredmondson@sei.cmu.edu) Date: August 19, 2014 Copyright 2014 Carnegie Mellon University This material is based upon work
More informationModel-Driven Verifying Compilation of Synchronous Distributed Applications
Model-Driven Verifying Compilation of Synchronous Distributed Applications Sagar Chaki, James Edmondson October 1, 2014 MODELS 14, Valencia, Spain Copyright 2014 Carnegie Mellon University This material
More informationSmart Grid Maturity Model
Smart Grid Maturity Model Austin Montgomery Software Engineering Institute Carnegie Mellon University Software Engineering Institute Carnegie Mellon University 2 SEI is a federally-funded research and
More informationVendor: The Open Group. Exam Code: OG Exam Name: TOGAF 9 Part 1. Version: Demo
Vendor: The Open Group Exam Code: OG0-091 Exam Name: TOGAF 9 Part 1 Version: Demo QUESTION 1 According to TOGAF, Which of the following are the architecture domains that are commonly accepted subsets of
More informationDenial of Service Attacks
Denial of Service Attacks CERT Division http://www.sei.cmu.edu REV-03.18.2016.0 Copyright 2017 Carnegie Mellon University. All Rights Reserved. This material is based upon work funded and supported by
More informationInformation Security Is a Business
Information Security Is a Business Continuity Issue: Are You Ready? Dr. Nader Mehravari Cyber Risk and Resilience Management Team CERT Division Software Engineering Institute Carnegie Mellon University
More informationStatic Analysis Alert Audits Lexicon And Rules David Svoboda, CERT Lori Flynn, CERT Presenter: Will Snavely, CERT
Static Analysis Alert Audits Lexicon And Rules David Svoboda, CERT Lori Flynn, CERT Presenter: Will Snavely, CERT Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 2016 Carnegie
More informationInference of Memory Bounds
Research Review 2017 Will Klieber, software security researcher Joint work with Will Snavely public release and unlimited distribution. 1 Copyright 2017 Carnegie Mellon University. All Rights Reserved.
More informationSoftware Testing. An Overview
Software Testing An Overview Software Testing Defined Software testing is the process of verifying & validating that a program or application: Meets technical specifications Meets business requirements
More informationPassive Detection of Misbehaving Name Servers
Passive Detection of Misbehaving Name Servers Based on CMU/SEI-2013-TR-010 Jonathan Spring, Leigh Metcalf netsa-contact (AT) cert.org Flocon 2014, Charleston SC 2014 Carnegie Mellon University Copyright
More informationCausal Modeling of Observational Cost Data: A Ground-Breaking use of Directed Acyclic Graphs
use Causal Modeling of Observational Cost Data: A Ground-Breaking use of Directed Acyclic Graphs Bob Stoddard Mike Konrad SEMA SEMA November 17, 2015 Public Release; Distribution is Copyright 2015 Carnegie
More informationIntegrating the Risk Management Framework (RMF) with DevOps
Integrating the Risk Management Framework (RMF) with DevOps March 2018 Timothy A. Chick Security Automation Systems Technical Manager Software Engineering Institute Carnegie Mellon University Pittsburgh,
More informationCertified Tester Foundation Level(CTFL)
Certified Tester Foundation Level(CTFL) ISTQB : International Software Testing Qualifications Board Heading: The International Software Testing Qualifications Board (ISTQB) is an internationally recognized
More informationFlow Analysis for Network Situational Awareness. Tim Shimeall January Carnegie Mellon University
Flow Analysis for Network Situational Awareness Tim Shimeall January 2010 NO WARRANTY THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY AND ITS SOFTWARE ENGINEERING INSTITUTE IS FURNISHED ON AN AS-IS" BASIS.
More informationEngineering Improvement in Software Assurance: A Landscape Framework
Engineering Improvement in Software Assurance: A Landscape Framework Lisa Brownsword (presenter) Carol C. Woody, PhD Christopher J. Alberts Andrew P. Moore Agenda Terminology and Problem Scope Modeling
More informationCurrent Threat Environment
Current Threat Environment Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213, PhD Technical Director, CERT mssherman@sei.cmu.edu 29-Aug-2014 Report Documentation Page Form
More informationWHY TEST SOFTWARE?...
2 At a glance 1 PREFACE... 3 2 AT A GLANCE... 5 3 TABLE OF CONTENTS... 9 4 INTRODUCTION... 17 5 WHY TEST SOFTWARE?... 19 5.1 WHY TEST SOFTWARE?... 19 5.2 LIMITATIONS OF TESTING... 20 5.3 ALTERNATIVE TO
More informationOpen Systems: What s Old Is New Again
Open Systems: What s Old Is New Again Tricia Oberndorf & Dr. Carol Sledge NO WARRANTY THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN AS-IS" BASIS. CARNEGIE
More informationCOTS Multicore Processors in Avionics Systems: Challenges and Solutions
COTS Multicore Processors in Avionics Systems: Challenges and Solutions Dionisio de Niz Bjorn Andersson and Lutz Wrage dionisio@sei.cmu.edu, baandersson@sei.cmu.edu, lwrage@sei.cmu.edu Report Documentation
More informationBridge Course On Software Testing
G. PULLAIAH COLLEGE OF ENGINEERING AND TECHNOLOGY Accredited by NAAC with A Grade of UGC, Approved by AICTE, New Delhi Permanently Affiliated to JNTUA, Ananthapuramu (Recognized by UGC under 2(f) and 12(B)
More informationSample Exam ISTQB Advanced Test Analyst Answer Rationale. Prepared By
Sample Exam ISTQB Advanced Test Analyst Answer Rationale Prepared By Released March 2016 TTA-1.3.1 (K2) Summarize the generic risk factors that the Technical Test Analyst typically needs to consider #1
More informationReport Writer and Security Requirements Finder: User and Admin Manuals
Report Writer and Security Requirements Finder: User and Admin Manuals Nancy R. Mead CMU MSE Studio Team Sankalp Anand Anurag Gupta Swati Priyam Yaobin Wen Walid El Baroni June 2016 SPECIAL REPORT CMU/SEI-2016-SR-002
More informationSemantic Importance Sampling for Statistical Model Checking
Semantic Importance Sampling for Statistical Model Checking Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Jeffery Hansen, Lutz Wrage, Sagar Chaki, Dionisio de Niz, Mark
More information2013 US State of Cybercrime Survey
2013 US State of Cybercrime Survey Unknown How 24 % Bad is the Insider Threat? Insiders 51% 2007-2013 Carnegie Mellon University Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting
More informationSample Question Paper. Software Testing (ETIT 414)
Sample Question Paper Software Testing (ETIT 414) Q 1 i) What is functional testing? This type of testing ignores the internal parts and focus on the output is as per requirement or not. Black-box type
More informationThree General Principles of QA. COMP 4004 Fall Notes Adapted from Dr. A. Williams
Three General Principles of QA COMP 4004 Fall 2008 Notes Adapted from Dr. A. Williams Software Quality Assurance Lec2 1 Three General Principles of QA Know what you are doing. Know what you should be doing.
More informationCloud Computing. Grace A. Lewis Research, Technology and Systems Solutions (RTSS) Program System of Systems Practice (SoSP) Initiative
Grace A. Lewis Research, Technology and Systems Solutions (RTSS) Program System of Systems Practice (SoSP) Initiative SEI Webinar November 12, 2009 Polling Question 1 How did you hear about this webinar?
More informationChapter 9. Software Testing
Chapter 9. Software Testing Table of Contents Objectives... 1 Introduction to software testing... 1 The testers... 2 The developers... 2 An independent testing team... 2 The customer... 2 Principles of
More informationSoftware Assurance Education Overview
Software Assurance Education Overview Nancy Mead June 2011 ABSTRACT: Complex software systems affect nearly every aspect of our lives, in areas such as defense, government, energy, communication, transportation,
More informationSample Exam Syllabus
ISTQB Foundation Level 2011 Syllabus Version 2.9 Release Date: December 16th, 2017. Version.2.9 Page 1 of 46 Dec 16th, 2017 Copyright 2017 (hereinafter called ISTQB ). All rights reserved. The authors
More informationResearching New Ways to Build a Cybersecurity Workforce
THE CISO ACADEMY Researching New Ways to Build a Cybersecurity Workforce Pamela D. Curtis, Summer Craze Fowler, David Tobar, and David Ulicne December 2016 Organizations across the world face the increasing
More informationVerifying Periodic Programs with Priority Inheritance Locks
Verifying Periodic Programs with Priority Inheritance Locks Sagar Chaki, Arie Gurfinkel, Ofer Strichman FMCAD, October, 03 Software Engineering Institute, CMU Technion, Israel Institute of Technology Copyright
More informationStandard Glossary of Terms Used in Software Testing. Version 3.01
Standard Glossary of Terms Used in Software Testing Version 3.01 Terms Used in the Advanced Level - Test Analyst Syllabus International Software Testing Qualifications Board Copyright International Software
More informationSE 2730 Final Review
SE 2730 Final Review 1. Introduction 1) What is software: programs, associated documentations and data 2) Three types of software products: generic, custom, semi-custom Why is semi-custom product more
More informationPrioritizing Alerts from Static Analysis with Classification Models
Prioritizing Alerts from Static Analysis with Classification Models PI: Lori Flynn, PhD Team: Will Snavely, David Svoboda, Dr. David Zubrow, Bob Stoddard, Dr. Nathan VanHoudnos, Dr. Elli Kanal, Richard
More informationEXIN BCS SIAM Foundation. Preparation Guide. Edition
EXIN BCS SIAM Foundation Preparation Guide Edition 201704 Copyright EXIN Holding B.V. and BCS, 2017. All rights reserved. EXIN is a registered trademark SIAM is a registered trademark No part of this publication
More informationSecure Agile How to make secure applications using Agile Methods Thomas Stiehm, CTO
Secure Agile How to make secure applications using Agile Methods Thomas Stiehm, CTO tom.stiehm@coveros.com 1 About Coveros Coveros helps organizations accelerate the delivery of business value through
More informationPeople tell me that testing is
Software Testing Mark Micallef mark.micallef@um.edu.mt People tell me that testing is Boring Not for developers A second class activity Not necessary because they are very good coders 1 What is quality?
More informationBasic Concepts of System Testing - A Beginners Guide.
Basic Concepts of System Testing - A Beginners Guide https://www.softwaretestingclass.com/basic-concepts-ofsystem-testing-a-beginners-guide/ 2 Overview We all agree to the fact that any system that we
More informationImproving Software Assurance 1
Improving Software Assurance 1 Carol Woody Robert J. Ellison April 2010 ABSTRACT: Software assurance objectives include reducing the likelihood of vulnerabilities such as those on a Top 25 Common Weakness
More informationTrends in Data Protection and Restoration Technologies. Mike Fishman, EMC 2 Corporation
Trends in Data Protection and Restoration Technologies Mike Fishman, EMC 2 Corporation SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA unless otherwise noted. Member
More informationTesting and Certification Procedure
A PM 101E April 2011 Guideline for the Testing and Certification Procedure of the VDE Testing and Certification Institute (VDE Institute) (For information purpose only. In any case the German version shall
More informationMySQL CLOUD SERVICE. Propel Innovation and Time-to-Market
MySQL CLOUD SERVICE Propel Innovation and Time-to-Market The #1 open source database in Oracle. Looking to drive digital transformation initiatives and deliver new modern applications? Oracle MySQL Service
More informationInvestigating APT1. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Deana Shick and Angela Horneman
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Deana Shick and Angela Horneman Copyright 2013 Carnegie Mellon University This material is based upon work funded and supported
More informationMicrosoft SharePoint Server 2013 Plan, Configure & Manage
Microsoft SharePoint Server 2013 Plan, Configure & Manage Course 20331-20332B 5 Days Instructor-led, Hands on Course Information This five day instructor-led course omits the overlap and redundancy that
More informationExamination Questions Time allowed: 1 hour 15 minutes
Swedish Software Testing Board (SSTB) International Software Testing Qualifications Board (ISTQB) Foundation Certificate in Software Testing Practice Exam Examination Questions 2011-10-10 Time allowed:
More informationStandard Glossary of Terms Used in Software Testing. Version 3.01
Standard Glossary of Terms Used in Software Testing Version 3.01 Terms Used in the Foundation Level Extension Syllabus - Agile Tester International Software Testing Qualifications Board Copyright International
More informationStandard Glossary of Terms used in Software Testing. Version 3.2. Beta - Foundation Terms
Standard Glossary of Terms used in Software Testing Version 3.2 Beta - Foundation Terms International Software Testing Qualifications Board Copyright Notice This document may be copied in its entirety,
More informationCA Automation Capabilities A Technical Look at Process and Runbook Automation. Tom Kouhsari and AJ Dennis
CA Automation Capabilities A Technical Look at Process and Runbook Automation Tom Kouhsari and AJ Dennis Terms of This Presentation This presentation was based on current information and resource allocations
More informationThe Need for Operational and Cyber Resilience in Transportation Systems
The Need for Operational and Cyber Resilience in Transportation Systems January 14, 2016 Dr. Nader Mehravari, MBCP, MBCI Cyber Risk and Resilience Management Software Engineering Institute Software Carnegie
More informationArchitectural Implications of Cloud Computing
Architectural Implications of Cloud Computing Grace Lewis Research, Technology and Systems Solutions (RTSS) Program Lewis is a senior member of the technical staff at the SEI in the Research, Technology,
More information10 Years of FloCon. Prepared for FloCon George Warnagiris - CERT/CC #GeoWarnagiris Carnegie Mellon University
10 Years of FloCon Prepared for FloCon 2014 George Warnagiris - CERT/CC gwarnagi@cert.org #GeoWarnagiris 2014 Carnegie Mellon University Disclaimer NO WARRANTY THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY
More informationAddress new markets with new services
Address new markets with new services Programs Deployment Options On-premises Private Cloud Pre-configured Private Cloud Hosted Private Cloud Hyper-V Cloud Deployment Guides Hyper-V Cloud Fast Track Hyper-V
More informationSample Exam. Certified Tester Foundation Level
Sample Exam Certified Tester Foundation Level Answer Table ASTQB Created - 2018 American Stware Testing Qualifications Board Copyright Notice This document may be copied in its entirety, or extracts made,
More information"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary
Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business
More informationAdvanced Software Engineering: Software Testing
Advanced Software Engineering: Software Testing COMP 3705(L4) Sada Narayanappa Anneliese Andrews Thomas Thelin Carina Andersson Web: http://www.megadatasys.com Assisted with templates News & Project News
More informationUsing CERT-RMM in a Software and System Assurance Context
Using CERT-RMM in a Software and System Assurance Context Julia Allen SEPG NA 2011 24 March 2011 Agenda What is the CERT Resilience Management Model (CERT-RMM)? Model Building Blocks CERT-RMM for Assurance
More information1 Visible deviation from the specification or expected behavior for end-user is called: a) an error b) a fault c) a failure d) a defect e) a mistake
Sample ISTQB examination 1 Visible deviation from the specification or expected behavior for end-user is called: a) an error b) a fault c) a failure d) a defect e) a mistake 2 Regression testing should
More informationModule 1 : Fundamentals of Testing. Section 1: Manual Testing
Section 1: Manual Testing Module 1 : Fundamentals of Testing Why is testing necessary? What is testing? Economics of Testing Black Box Testing White Box Testing Software Testing Principles Fundamental
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationStreamlined FISMA Compliance For Hosted Information Systems
Streamlined FISMA Compliance For Hosted Information Systems Faster Certification and Accreditation at a Reduced Cost IT-CNP, INC. WWW.GOVDATAHOSTING.COM WHITEPAPER :: Executive Summary Federal, State and
More informationSoftware Testing Interview Question and Answer
Software Testing Interview Question and Answer What is Software Testing? A process of analyzing a software item to detect the differences between existing and required conditions (i.e., defects) and to
More informationPharos Static Analysis Framework
Pharos Static Analysis Framework Cory F. Cohen Senior Malware Analysis Researcher cfc@cert.org [DISTRIBUTION 2017 Carnegie Mellon STATEMENT University A] This 1 [DISTRIBUTION release and unlimited STATEMENT
More informationHow Can Testing Teams Play a Key Role in DevOps Adoption?
June 3, 2016 How Can Testing Teams Play a Key Role in DevOps Adoption? Sujay Honnamane QA Director @sujayh Rameshkumar Bar Sr. Automation Architect @rameshbar 2016 Cognizant Session take away DevOps Overview
More informationMyCreditChain Terms of Use
MyCreditChain Terms of Use Date: February 1, 2018 Overview The following are the terms of an agreement between you and MYCREDITCHAIN. By accessing, or using this Web site, you acknowledge that you have
More informationIt s just software Or It s all software and it s the new normal
NSWCDD-PN-18-00055 t s just software Or t s all software and it s the new normal John Seel, Ph.D. Distinguished Engineer for Warfare s Software 540-653-4443 John.seel@navy.mil Thoughts about software We
More informationMoving From Reactive to Proactive Storage Management with an On-demand Cloud Solution
Moving From Reactive to Proactive Storage Management with an On-demand Cloud Solution The Ever-Present Storage Management Conundrum In the modern IT landscape, the storage management conundrum is as familiar
More informationQualification Specification for the Knowledge Modules that form part of the BCS Level 3 Software Development Technician Apprenticeship
Qualification Specification for the Knowledge Modules that form part of the BCS Level 3 Software Development Technician Apprenticeship Level 3 Certificate in Software Development Context and Methodologies
More informationModeling, Verifying, and Generating Software for Distributed Cyber- Physical Systems using DMPL and AADL
Modeling, Verifying, and Generating Software for Distributed Cyber- Physical Systems using DMPL and AADL Sagar Chaki, Dionisio de Niz, Joseph Seibel Software Engineering Institute Carnegie Mellon University
More informationSoftware Verification and Validation (VIMMD052) Introduction. Istvan Majzik Budapest University of Technology and Economics
Software Verification and Validation (VIMMD052) Introduction Istvan Majzik majzik@mit.bme.hu Budapest University of Technology and Economics Dept. of Measurement and Information s Budapest University of
More informationCertified Software Quality Engineer Preparation On Demand, Web-Based Course Offered by The Westfall Team
Certified Software Quality Engineer (CSQE) Preparation course is an on demand, web-based course design to be a comprehensive, in-depth review of the topics in the ASQ s Certified Software Quality Engineer
More information