Ontology Summit 2013: Ontology Evaluation Across the Ontology Lifecyle Track B: Extrinsic Aspects of Ontology Evaluation

Similar documents
Types of Software Testing: Different Testing Types with Details

Bridge Course On Software Testing

Lecture 15 Software Testing

Department of Electrical & Computer Engineering, University of Calgary. B.H. Far

Software Testing Interview Question and Answer

Testing Objectives. Successful testing: discovers previously unknown errors

Part 5. Verification and Validation

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING CS SOFTWARE ENGINEERING

VETRI VINAYAHA COLLEGE OF ENGINEERING AND TECHNOLOGY DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

Verification and Validation. Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 22 Slide 1

Software Testing CS 408

Chapter 10. Testing and Quality Assurance

Test design techniques

Darshan Institute of Engineering & Technology for Diploma Studies

Software Testing. Software Testing. in the textbook. Chapter 8. Verification and Validation. Verification Techniques

WHY TEST SOFTWARE?...

International Journal of Computer Engineering and Applications, Volume XII, Special Issue, September 18, ISSN SOFTWARE TESTING

Overview. State-of-the-Art. Relative cost of error correction. CS 619 Introduction to OO Design and Development. Testing.

1 Visible deviation from the specification or expected behavior for end-user is called: a) an error b) a fault c) a failure d) a defect e) a mistake

Sample Question Paper. Software Testing (ETIT 414)

Sample Exam. Certified Tester Foundation Level

Chapter 8 Software Testing. Chapter 8 Software testing

DreamFactory Security Guide

People tell me that testing is

International Journal of Computer Engineering and Applications, Volume XII, Special Issue, April- ICITDA 18,

PEACHTECH PEACH API SECURITY AUTOMATING API SECURITY TESTING. Peach.tech

Higher-order Testing. Stuart Anderson. Stuart Anderson Higher-order Testing c 2011

Topic: Software Verification, Validation and Testing Software Engineering. Faculty of Computing Universiti Teknologi Malaysia

TestBase's Patented Slice Feature is an Answer to Db2 Testing Challenges

Chap 2. Introduction to Software Testing

CSC 261/461 Database Systems Lecture 20. Spring 2017 MW 3:25 pm 4:40 pm January 18 May 3 Dewey 1101

Examination Questions Time allowed: 1 hour 15 minutes

Chapter 9 Quality and Change Management

Pearson Education 2007 Chapter 9 (RASD 3/e)

Testing: Test design and testing process

No Source Code. EEC 521: Software Engineering. Specification-Based Testing. Advantages

Verification and Validation. Assuring that a software system meets a user s needs. Verification vs Validation. The V & V Process

Software Testing. Massimo Felici IF

Software testing. Ian Sommerville 2006 Software Engineering, 8th edition. Chapter 23 Slide 1

Computational Systems COMP1209

Software Quality Engineering: Testing, Quality Assurance, and Quantifiable Improvement

Black Box Testing. EEC 521: Software Engineering. Specification-Based Testing. No Source Code. Software Testing

Software Testing. Software Testing. in the textbook. Chapter 8. Verification and Validation. Verification and Validation: Goals

Sample Exam ISTQB Advanced Test Analyst Answer Rationale. Prepared By

Terminology. There are many different types of errors and different ways how we can deal with them.

Dataworks Development, Inc. P.O. Box 174 Mountlake Terrace, WA (425) fax (425)

Introduction to Software Engineering

Chapter 11, Testing. Using UML, Patterns, and Java. Object-Oriented Software Engineering

Darshan Institute of Engineering & Technology Unit : 9

QUIZ #5 - Solutions (5pts each)

) Intel)(TX)memory):) Transac'onal) Synchroniza'on) Extensions)(TSX))) Transac'ons)

Software Testing and Maintenance

Modern Systems Analysis and Design. Third Edition. Jeffrey A. Hoffer Joey F. George Joseph S. Valacich. Chapter 17 System Implementation

Software Development. Software Testing: Verification and Validation. Verification and Validation (V&V) Verification. Validation

Software Testing. Software Testing

Fundamentals of Information Systems Security Lesson 5 Auditing, Testing, and Monitoring

UNIT 1-SOFTWARE PROCESS AND PROJECT MANAGEMENT

Computer Science and Software Engineering University of Wisconsin - Platteville 9-Software Testing, Verification and Validation

It is primarily checking of the code and/or manually reviewing the code or document to find errors This type of testing can be used by the developer

Chapter 9. Software Testing

Testing. Unit, integration, regression, validation, system. OO Testing techniques Application of traditional techniques to OO software

The testing process. Component testing. System testing

Best Practices Process & Technology. Sachin Dhiman, Senior Technical Consultant, LDRA

Scott Meder Senior Regional Sales Manager

Shree.Datta Polytechnic College,Dattanagar, Shirol. Class Test- I

Feasibility of Testing to Code. Feasibility of Testing to Code. Feasibility of Testing to Code. Feasibility of Testing to Code (contd)

Software Quality Assurance. David Janzen

Three General Principles of QA. COMP 4004 Fall Notes Adapted from Dr. A. Williams

18-642: Testing Overview

Testing Theory. Agenda - What will you learn today? A Software Life-cycle Model Which part will we talk about today? Theory Lecture Plan

PowerVault MD3 Storage Array Enterprise % Availability

Comparison Study of Software Testing Methods and Levels- A Review

Testing with Soap UI. Tomaš Maconko

) Intel)(TX)memory):) Transac'onal) Synchroniza'on) Extensions)(TSX))) Transac'ons)

October/November 2009

Verification, Testing, and Bugs

SECURITY TESTING PROCESS IN SDLC

Chapter 3: Dynamic Testing Techniques

Sample Exam Syllabus

Test Design Techniques ISTQB (International Software Testing Qualifications Board)

CSE 403: Software Engineering, Fall courses.cs.washington.edu/courses/cse403/16au/ Unit Testing. Emina Torlak

Software Testing Fundamentals. Software Testing Techniques. Information Flow in Testing. Testing Objectives

Databricks Delta: Bringing Unprecedented Reliability and Performance to Cloud Data Lakes

Software Engineering Theory. Lena Buffoni (slides by Kristian Sandahl/Mariam Kamkar) Department of Computer and Information Science

Digitized Engineering Notebook

Software Engineering (CSC 4350/6350) Rao Casturi

Verification and Validation. Verification and validation

Tools for Security Testing

Announcements. R3 - There will be Presentations

Software Testing TEST CASE SELECTION AND ADEQUECY TEST EXECUTION

MySQL for Developers Ed 3

Modern Methods in Software Engineering. Testing.

MONIKA HEINER.

Real Application Testing Certified for SAP

Software Testing. 1. Testing is the process of demonstrating that errors are not present.

Cursul Aprilie

Four Essential Steps for Removing Risk and Downtime from Your POWER9 Migration

IBM DB2 11 DBA for z/os Certification Review Guide Exam 312

UNIT-4 Black Box & White Box Testing

RECOVERY CHAPTER 21,23 (6/E) CHAPTER 17,19 (5/E)

Transcription:

Ontology Summit 2013: Ontology Evaluation Across the Ontology Lifecyle Track B: Extrinsic Aspects of Ontology Evaluation Black Box Testing Paradigm in the TCPC #014168-PA Mary Balboni, Doug Toppin, Thanh-Van Tran Intelligence and Information Systems (IIS) Raytheon Dulles 24 January 2013 Track B: Ontology Evaluation Across the Ontology 1

u Where does Black Box Testing apply in the? u How does it apply to large database systems? u How do we validate using Black Box Testing? u How well can we measure the completeness and goodness of this testing? u Modern Databases and Black Box Behavior / Functionality Testing u Some Black Box Tests u What are reusable methods that could be used for ontologies? (assuming the paradigm that ontologies exist in the black box similar to how DBs exist in a black box) u What are any security concerns? 2

White Box Testing aka Structural or Glass Box Testing Verification : are we building the software right? Black Box Testing aka Functional or Behavioral Testing Validation : are we building the right software? Code Modules Statements Branches Paths Conditions Requirements Functionality Does it behave as expected in all system conditions 3

u Where does Black Box Testing apply in the? White Box Customer Environment Unit Test Black Box Functional Acceptance Integration System BETA Ad Hoc Code / Low Level Design High Level Design Requirements 24 January 2013 Track B: Ontology Evaluation Across the Ontology 4

u How does it apply to large database systems? n Knowing what data you put in and what the expected results should be n Not testing if the database is storing the input in the appropriate tables in the database n Database testing is the act of validating the contents, schema, and functionality within a database n If caching is involved testing must include cache control/ expiration tests 24 January 2013 Track B: Ontology Evaluation Across the Ontology 5

u How do we validate using Black Box Testing? n Test using a replica of the original database (sandboxes) n Create database tests based on either rebuilding the existing database or starting with a new creation of the database and related schema n Identify Test Data n Develop Tests based on System requirements n Once the tests are ready, execute and check the results 24 January 2013 Track B: Ontology Evaluation Across the Ontology 6

u How do we validate using Black Box Testing? n INCLUDE tests for error conditions and degraded mode operations n INCLUDE load and capacity testing, this is critical for systems that provide services to a larger enterprise n USE HELPFUL TOOL: Facilitated in an SOA environment by tools such as SOAPUI which can discover WSDLs (xml) and provide a test platform n If multiple subsystems accessing the database then concurrency and sharing testing should be included 24 January 2013 Track B: Ontology Evaluation Across the Ontology 7

Black Box Testing Paradigm in the u How Well Can We Measure the Completeness and Goodness of this Testing? n n Predicting Latent Defects left in system after system testing is complete (tools like SEER, SWEEP, based on Rayleigh-like curve1) Industry standard is in the range: o 30 to 85 defects per 1K of code during development o ½ to 3 defects per 1K of code latent in the delivered product Metrics and Models in Software Quality Engineering By Stephen H. Kan 1 24 January 2013 Track B: Ontology Evaluation Across the Ontology 8

u How Well Can We Measure the Completeness and Goodness of this Testing? n Defect Injection / Defect Seeding Technique How effective are the testers and what kinds of things they miss? The Process of adding known defects to the existing ones is called Defect Seeding. The Idea is while detecting the known bugs unknown bugs might be detected Sample Scenario: 1. Go find your friendly local development team 2. Ask them politely to insert 10-100 bugs throughout the code. 3. Test as normal 4. Go back to your friendly local development team and show them what you found 5. Compare lists 6. Ask your friendly local development team to fix all the bugs they inserted before shipping, please. 24 January 2013 Track B: Ontology Evaluation Across the Ontology 9

u Modern Databases and Black Box Behavior / Functionality Testing n Modern DBs (NoSQL, document style, Hadoop) may not have established best practices nor has institutional knowledge been developed thus increasing a security risk factor n Security related aspects may be dependent on externally configured factors such as access to host/files 24 January 2013 Track B: Ontology Evaluation Across the Ontology 10

u Black Box Tests n Validate Data Quality by Testing Data Rules Equivalence Partitioning - Suppose system asks for a number between 100 and 999 inclusive. This gives three equivalence classes of input: less that 100 ; 100 to 999 ; greater than 999 We thus test the system against characteristic values from each equivalence class. Example: 50 (invalid), 500 (valid), 1500 (invalid). Boundary Analysis - Arises from the fact that most program fail at input boundaries. Suppose system asks for a number between 100 and 999 inclusive. The boundaries are 100 and 999. We therefore test for values: 99 100 101 998 999 1000 Lower Boundary Upper Boundary 24 January 2013 Track B: Ontology Evaluation Across the Ontology 11

u Black Box Tests n Validate Data Quality by Testing Data Rules Column Domain the Flavor column has allowable values of Chocolate, Vanilla, and Strawberry. Column Default - the default value is Strawberry. Value Existence the value of StartDate must be less than EndDate when EndDate is provided Size Rules - a code in a column must always be two characters in length or a value in a VARCHAR column must be at least five characters in length Automated tests can run continuously in the background checking data consistency 24 January 2013 Track B: Ontology Evaluation Across the Ontology 12

u Black Box Tests n Validate Data Integrity using Create Read Update and Delete (CRUD) logic C: Create When user Save any new transaction, Create operation is performed. R: Retrieve When user Search or View any saved transaction, Retrieve operation is performed. U: Update when user Edit or Modify an existing record, the Update operation of DB is performed. D: Delete when user Remove any record from the system, Delete operation of DB is performed. 24 January 2013 Track B: Ontology Evaluation Across the Ontology 13

u Black Box Tests n Validate Relationships Referential Integrity (RI) aka Business Logic (constraints, triggers, procedures) Referential Integrity, relational constraints, triggers and stored procedures. So, using these and many other features offered by DBs, developers implement the business logic on DB level. Tester must ensure that the implemented business logic is correct and works accurately. Would not go into database and check values of triggers, procedures, views or tables which would be white box texting but would test by expected results from business logic/rules 24 January 2013 Track B: Ontology Evaluation Across the Ontology 14

u Black Box Tests n Validate Performance Characteristics of Database Access and Object / Relational (O/R) Mapping User s actions upon the DB should be executed within needed/required time ranges Load / Stress Testing testing under heavy loads, repetition of certain actions, inputs beyond the limits DB impacts in this area Configuration of memory and processing resources of the computer running the DB Impacted by DB maintenance, defrags that increase efficiency in accessing data Timing of transaction log backups that interrupt database activity 24 January 2013 Track B: Ontology Evaluation Across the Ontology 15

u Black Box Tests n Ensure ACID Properties of Database Transactions ACID properties of DB Transactions refer to the Atomicity, Consistency, Isolation and Durability. Proper testing of these four properties must be done during the DB testing activity. This area demands more rigorous, thorough and keen testing when the database is distributed. Atomicity: a series of DB operations either All occur or Nothing occurs Consistency: ensuring that any transaction will bring the DB from one valid state to another, database follows defined rules Isolation: Ensuring that the concurrent execution of transactions results in a system state that could have been obtained if transactions are executed serially Durability: once a transaction is committed it will remain so despite crashes, errors or loss of power 24 January 2013 Track B: Ontology Evaluation Across the Ontology 16

u What are reusable methods that could be used for ontologies? (assuming the paradigm that ontologies exist in the black box similar to how DBs exist in a black box) n Defining Requirements for Each of the Following n Validating Each of the Following Data Rules Data Referential Integrity Relationships Performance Characteristics Properties of Transactions 24 January 2013 Track B: Ontology Evaluation Across the Ontology 17

u What are any security concerns? u u u Black Box testing alone is not a suitable alternative for security activities throughout the software development life cycle. Black Box testing is very effective in validating system design assumptions, discovering vulnerabilities and implementation issues that may lead to security vulnerabilities Black box tests can; o help development and security personnel identify implementation errors that were not discovered during code reviews, unit tests, or security white box tests o Discover potential security issues resulting from boundary conditions that were difficult to identify and understand during the design and implementation phases o Uncover security issues resulting from incorrect product builds (e.g., old or missing modules/files) o Detect security issues that arise as a result of interaction with underlying environment (e.g., improper configuration files, unhardened OS and applications) 24 January 2013 Track B: Ontology Evaluation Across the Ontology 18

u Testing for Security u u u u u Fuzzing: random character generation testing by injection random data at the interfaces Syntax testing: tests based on the syntactic spec of an applications input values Exploratory Testing and Fault Injection: useful to perform tests without having specific expectations of outcome helps spot anomalies Data Analysis: process of trying to understand a program s internals by examining the data it generates may go beyond observations and go into influencing the program s behavior as well = from security POV, test is to see whether an attacker could do the same thing Monitoring Program Behaviour: referred to as Observability to examine the behavior of the program under test and asking whether this observed behavior is symptomatic of a vulnerability in the system 24 January 2013 Track B: Ontology Evaluation Across the Ontology 19

Bios of Authors u Mary Balboni Over 30 years in engineering, worked through many lifecycles of large systems u Doug Toppin Over 30 years in engineering, with recent experience with large scale backend commercial / industry internet provider u Thanh-Van Tran Over 25 years in Database and software engineering, Certified DBA, experience with large scale database systems 24 January 2013 Track B: Ontology Evaluation Across the Ontology 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback