SlideShare a Scribd company logo

Cots testing

Download as PPT, PDF
Prabhat Goel
Prabhat Goel
Education
1 of 77
COTS Testing
Diff. With in-house components  Interface (pre and post conditions) are not clearly specified.  No Arch. and code.  Black boxes to component user. Why use COTS
Why COTS Testing  Failure of Ariane5. • explosion resulted from insufficiently tested software reused from the Ariane 4 launcher.
COTS Evaluation and selection
Why rigorous evaluation of COTS?  Large number of alternative products.  Multiple stakeholders.  Large number of Quality criteria.  Compatibility with other products.
Why evaluation difficult  Large number of evaluation criteria.  Different opinions are usually encountered among different stakeholders.  Evaluation criteria are not easily measurable at evaluation time.  Gathering relevant info. is prohibitively expensive.  COTS market is changing fast, evaluation must be performed several times during lifecycle.  Evaluation deals with uncertainty info.
AHP Technique  Originally designed for economic and political science domains.  Requires a pair wise comparison of alternatives and pair wise weighting of selection criteria.  Enables consistency analysis of comparisons and weights, making possible to assess quality of gathered info.
AHP Technique (contd.)  Allows alternatives to be measured on a ratio scale,we can determine how much better an alternative compared to other.  Practically usable if number of alternatives and criteria are sufficiently low, because comparisons are made by experts.
Selection in practice Follows three stages  Informal screening for a set of requirements using selection thresholds.  More systematic evaluation using AHP process.  Detailed Information gathering involves testing, prototyping and reading technical documents.
State of the art in COTS testing
How to provide information to user  Component meta-data approach.  Retro-components approach.  Component test bench approach.  Built-in test approach.  Component+ approach.  STECC strategy.
Component meta-data approach Component Binary code Call graphs, Testing info. done by provider Metadata
Component metadata (contd.) Component functionality Meta Metadata req server DB Metadata
Retro-components approach Component functionality Meta Metadata req and test data server DB Metadata
Component test bench approach  A set of test cases called test operation is associated with each interface of a component.  A test operation defines the necessary steps for testing a specific method.  The concrete test inputs and expected test output packaged in a test operation.
Built-in test approach. Component Functionality Test case Tester generator
Built-in test approach(contd.) Normal mode. Maintenance mode. Functionality Functionality Test case Tester generator
Built-in test approach(contd.) Base Component Inheritance Derived Component
Component+ approach Tester Built-in testing enabled component Test case generator Functionality Handler Test executor Failure Recovery mech.s Interface
Disadv. of BIT and component+  Static nature.  Generally do not ensure that tests are conducted as required by the component user  The component provider makes some assumptions concerning the requirements of the component user, which again might be wrong or inaccurate.
STECC strategy query functionality Metadata Meta Req. Server DB Tester Metadata Test generator
Levels of Testing  Unit Testing.  Integration Testing.  System Testing
Types of testing  Functionality Testing .  Reliability Testing.  Robustness Testing.  Performance Testing.  Load Testing.  Stress Testing.  Stability Testing.  Security Testing.
Certifying COTS When considering a candidate component, developers need to ask three key questions:  Does component C fill the developer’s needs?  Is the quality of component C high enough?  What impact will component C have on system S?
Certifying COTS(contd.)
CERTIFICATION TECHNIQUES  Black-box component testing.  System-level fault injection.  Operational system testing.  Software Wrapping.  Interface propagation Analysis.
Black box Testing  To understand the behavior of a component, various inputs are executed and outputs are analyzed.  To catch all types of errors all possible combinations of input values should be executed.  To make testing feasible, test cases are selected randomly from test case space.
Black box test reduction using Input-output Analysis  Random Testing is not complete.  To perform complete functional testing, number of test cases can be reduced by Input-output Analysis.
How to find I/O relationships  By static analysis or execution analysis of program.
Fault Injection request Fault Fault Component simulation simulation tool tool Exceptions, Erroneous No response or malicious input
Operational System Testing  complements system-level fault injection.  System is operated with random inputs (valid and invalid inputs)  Provides more accurate assessment of COTS quality.  To ensure that a component is a good match for the system.
Software Wrapping Input wrapper Output wrapper Input Component output
Instrumentation configuration file
Interface propagation Analysis COTS COTS Fault Injector Component 1 Component 2  Modify input, call correct method.  Call correct method, modify output.  Call perturbed function.
Fault Injection used for  Robustness Testing.  Error propagation Analysis.  Reliability Testing.  Security Testing.
Robustness Testing
COTS testing for OS failures COTS Operating Wrapper component System
Ballista approach  Based on fault injection technique.  Test cases are generated using parameter types of an interface.  Independent of internal functionality.  Testing is not complete.
Test value Data Base
Test value Data Base(contd.)  Integer data type: 0, 1, -1, MAXINT, -MAXINT, selected powers of two, powers of two minus one, and powers of two plus one.  Float data type: 0, 1, -1, +/-DBL_MIN, +/- DBL_MAX, pi, and e.  Pointer data type: NULL, -1 (cast to a pointer), pointer to free’d memory, and pointers to malloc’ed buffers of various powers of two in size.
Test value Data Base(contd.)  String data type (based on the pointer base type): includes NULL, -1 (cast to a pointer), pointer to an empty string, a string as large as a virtual memory page, a string 64K bytes in length.  File descriptor (based on integer base type): includes -1;MAXINT; and various descriptors: to a file open for reading, to a file open for writing, to a file whose offset is set to end of file, to an empty file, and to a file deleted after the file descriptor was assigned.
Test case generation  All combinations of values for the parameter types are generated.  Number of test cases generated are product of number of parameters and test base for that type.
Error propagation analysis  Interface Propagation Analysis is used by injecting faults at one component.  This is done at component integration level.  A known faulty input is injected using fault injector into the system.  Components effected by this input are observed (how they handle the faulty input).
Performance Testing
Middleware  Application’s execution and Middleware cannot be divorced in any meaningful way.  In order to predict the performance of application component, performance of its middleware should be analyzed.
Performance prediction Methodology Application’s performance prediction is three step process.  Obtaining Technology performance.  Analyzing Architecture specific behavioral characteristics.  Analyzing Application specific behavioral characteristics.
Technology performance profile
Technology performance profile (contd.)
Technology performance profile (contd.)
Architecture behavior Identity Application
Effect of database access thru Middleware Container Session bean DB Entity bean  The performance of the entity bean architecture is less than 50% of the performance of the session bean only Architecture.
Effect of Server Thread  The performance increases from 2 threads to 32 threads, stabilizes around 32 to 64 threads, and gradually decreases as more threads are added due to contention.
The Effect of Client Request Load.  Client response time increases with concurrent client request rate due to contention for server threads.
Effect of Database Contention  Effect of database contention leads to performance that is between 20% and 49%.
Optimal Number of threads
Load Testing
Load Testing  It is just Performance testing under various loads.  Performance is measured as Connections per second (CPS), throughput in bytes per second, and round trip time (RTT) .
Load Test Application Load test App Ethernet Web System Under Test server App DB server server
Testing strategy Load tests will be conducted in three phases. 1. Consumption of server resources as a function of the volume of incoming requests will be measured. 2. Response time for sequential requests will be measured. 3. Response time for concurrent client request load will be measured.
Security Testing
Security Risks with COTS  Component design.  Component procurement.  Component integration.  System maintenance.
Component Design  Inadvertently flawed component design.  Intentionally flawed component design.  Excessive component functionality.  Open or widely spread component design.  Insufficient or incorrect documentation.
Component integration Mismatch between product security levels. Ex. UNIX and CORBA security integration. System maintenance  Insecure updating.  Unexpected side effects.  Maintenance backdoors.
Privacy Data Base Risks
Risks revealed  Trojan horse in client.  Information leaking to swap file.  DBMS log files.  DBMS ordering of records.
Piracy avoidance techniques  Hardware and software tokens.  Dynamic Decryption of Code.  Watermarking.  Code Partitioning.
Regression testing for COTS
I-BACCI process 1. Decomposing the binary file of the component; and filtering trivial information. 2. Comparison the code sections between the two versions. 3. Identification of glue code functions. 4. Identification of change propagation in other components/system. 5. Selection of test cases to cover only the affected glue code functions (functions in firewall).
Black box understanding of COTS
Methods for understanding  Binary reverse Engg.  Interface probing.  Partial automation of interface probing.
Binary reverse Engg.  Derives the design structure (call graph, control graph) from binary code.  Source code can also be partially extracted using decompilation.  Decompiled source code will have no comments and variable names will not be meaningful.  Licenses forbid decompilation back to source code.
Interface probing  System Developer designs a set of test cases, executes, and analyzes outputs.  Done in an iterative manner.
Disadvantages  A large number of test cases have to be generated and analyzed.  Some properties may require significant probing which may be tedious,labor intensive, expensive.  Developers miss certain limitations and make incorrect assumptions.
Partial Automation of interface probing  Based on interface probing.  Test cases are generated based on scenarios.  Testing is done in three phases 1. Scenario description phase. 2. Search space specification phase. 3. Test case generation phase.

Recommended

Off the-shelf components (cots)
Off the-shelf components (cots)Off the-shelf components (cots)
Off the-shelf components (cots)Himanshu
 
Softwareproject planning
Softwareproject planningSoftwareproject planning
Softwareproject planningsaurabhshertukde
 
Object oriented testing
Object oriented testingObject oriented testing
Object oriented testingHaris Jamil
 
Object Oriented Testing(OOT) presentation slides
Object Oriented Testing(OOT) presentation slidesObject Oriented Testing(OOT) presentation slides
Object Oriented Testing(OOT) presentation slidesPunjab University
 
Testing strategies -2
Testing strategies -2Testing strategies -2
Testing strategies -2Divya Tiwari
 
Software testing basic
Software testing basicSoftware testing basic
Software testing basicRohit Singh
 
Ppt19
Ppt19Ppt19
Ppt19raj732723
 
Research issues in object oriented software testing
Research issues in object oriented software testingResearch issues in object oriented software testing
Research issues in object oriented software testingAnshul Vinayak
 

Recommended

Off the-shelf components (cots)
Off the-shelf components (cots)Off the-shelf components (cots)
Off the-shelf components (cots)Himanshu
 
Softwareproject planning
Softwareproject planningSoftwareproject planning
Softwareproject planningsaurabhshertukde
 
Object oriented testing
Object oriented testingObject oriented testing
Object oriented testingHaris Jamil
 
Object Oriented Testing(OOT) presentation slides
Object Oriented Testing(OOT) presentation slidesObject Oriented Testing(OOT) presentation slides
Object Oriented Testing(OOT) presentation slidesPunjab University
 
Testing strategies -2
Testing strategies -2Testing strategies -2
Testing strategies -2Divya Tiwari
 
Software testing basic
Software testing basicSoftware testing basic
Software testing basicRohit Singh
 
Ppt19
Ppt19Ppt19
Ppt19raj732723
 
Research issues in object oriented software testing
Research issues in object oriented software testingResearch issues in object oriented software testing
Research issues in object oriented software testingAnshul Vinayak
 
Structural and functional testing
Structural and functional testingStructural and functional testing
Structural and functional testingHimanshu
 
Practical Software Testing Tools
Practical Software Testing ToolsPractical Software Testing Tools
Practical Software Testing ToolsDr Ganesh Iyer
 
Testing and types of Testing
Testing and types of TestingTesting and types of Testing
Testing and types of TestingMunaam Munawar
 
Testing Object-Oriented Systems: Lessons Learned
Testing Object-Oriented Systems: Lessons LearnedTesting Object-Oriented Systems: Lessons Learned
Testing Object-Oriented Systems: Lessons LearnedBob Binder
 
Testing Concepts and Manual Testing
Testing Concepts and Manual TestingTesting Concepts and Manual Testing
Testing Concepts and Manual TestingMurageppa-QA
 
SECh1920
SECh1920SECh1920
SECh1920Joe Christensen
 
Testing terms & definitions
Testing terms & definitionsTesting terms & definitions
Testing terms & definitionsSachin MK
 
Software testing strategies
Software testing strategiesSoftware testing strategies
Software testing strategiesKrishna Sujeer
 
Software testing methods
Software testing methodsSoftware testing methods
Software testing methodsHoma Pourmohammadi
 
Software testing tools and its taxonomy
Software testing tools and its taxonomySoftware testing tools and its taxonomy
Software testing tools and its taxonomyHimanshu
 
Software coding & testing, software engineering
Software coding & testing, software engineeringSoftware coding & testing, software engineering
Software coding & testing, software engineeringRupesh Vaishnav
 
Glossary of Testing Terms and Concepts
Glossary of Testing Terms and ConceptsGlossary of Testing Terms and Concepts
Glossary of Testing Terms and Conceptsmqamarhayat
 
Chapter 3 - Performance Testing in the Software Lifecycle
Chapter 3 - Performance Testing in the Software LifecycleChapter 3 - Performance Testing in the Software Lifecycle
Chapter 3 - Performance Testing in the Software LifecycleNeeraj Kumar Singh
 
Software engineering- system testing
Software engineering- system testingSoftware engineering- system testing
Software engineering- system testingTejas Mhaske
 
documentation-testing.ppt
documentation-testing.pptdocumentation-testing.ppt
documentation-testing.pptGaurav Nigam
 
Intro to Software Engineering - Software Testing
Intro to Software Engineering - Software TestingIntro to Software Engineering - Software Testing
Intro to Software Engineering - Software TestingRadu_Negulescu
 
Software testing
Software testingSoftware testing
Software testingRavi Dasari
 
Software quality and testing (func. & non func.)
Software quality and testing (func. & non func.)Software quality and testing (func. & non func.)
Software quality and testing (func. & non func.)Pragya G
 
Software Testing Life Cycle Unit-3
Software Testing Life Cycle Unit-3Software Testing Life Cycle Unit-3
Software Testing Life Cycle Unit-3Raj vardhan
 
Software coding and testing
Software coding and testingSoftware coding and testing
Software coding and testingSandeep Kumar Nayak
 
Oracle 11gr2 on_rhel6_0 - Document from Red Hat Inc
Oracle 11gr2 on_rhel6_0 - Document from Red Hat IncOracle 11gr2 on_rhel6_0 - Document from Red Hat Inc
Oracle 11gr2 on_rhel6_0 - Document from Red Hat IncFilipe Miranda
 
Domain name system
Domain name systemDomain name system
Domain name systemRahul Baghla
 

More Related Content

What's hot

Structural and functional testing
Structural and functional testingStructural and functional testing
Structural and functional testingHimanshu
 
Practical Software Testing Tools
Practical Software Testing ToolsPractical Software Testing Tools
Practical Software Testing ToolsDr Ganesh Iyer
 
Testing and types of Testing
Testing and types of TestingTesting and types of Testing
Testing and types of TestingMunaam Munawar
 
Testing Object-Oriented Systems: Lessons Learned
Testing Object-Oriented Systems: Lessons LearnedTesting Object-Oriented Systems: Lessons Learned
Testing Object-Oriented Systems: Lessons LearnedBob Binder
 
Testing Concepts and Manual Testing
Testing Concepts and Manual TestingTesting Concepts and Manual Testing
Testing Concepts and Manual TestingMurageppa-QA
 
Testing terms & definitions
Testing terms & definitionsTesting terms & definitions
Testing terms & definitionsSachin MK
 
Software testing strategies
Software testing strategiesSoftware testing strategies
Software testing strategiesKrishna Sujeer
 
Software testing tools and its taxonomy
Software testing tools and its taxonomySoftware testing tools and its taxonomy
Software testing tools and its taxonomyHimanshu
 
Software coding & testing, software engineering
Software coding & testing, software engineeringSoftware coding & testing, software engineering
Software coding & testing, software engineeringRupesh Vaishnav
 
Glossary of Testing Terms and Concepts
Glossary of Testing Terms and ConceptsGlossary of Testing Terms and Concepts
Glossary of Testing Terms and Conceptsmqamarhayat
 
Chapter 3 - Performance Testing in the Software Lifecycle
Chapter 3 - Performance Testing in the Software LifecycleChapter 3 - Performance Testing in the Software Lifecycle
Chapter 3 - Performance Testing in the Software LifecycleNeeraj Kumar Singh
 
Software engineering- system testing
Software engineering- system testingSoftware engineering- system testing
Software engineering- system testingTejas Mhaske
 
documentation-testing.ppt
documentation-testing.pptdocumentation-testing.ppt
documentation-testing.pptGaurav Nigam
 
Intro to Software Engineering - Software Testing
Intro to Software Engineering - Software TestingIntro to Software Engineering - Software Testing
Intro to Software Engineering - Software TestingRadu_Negulescu
 
Software testing
Software testingSoftware testing
Software testingRavi Dasari
 
Software quality and testing (func. & non func.)
Software quality and testing (func. & non func.)Software quality and testing (func. & non func.)
Software quality and testing (func. & non func.)Pragya G
 
Software Testing Life Cycle Unit-3
Software Testing Life Cycle Unit-3Software Testing Life Cycle Unit-3
Software Testing Life Cycle Unit-3Raj vardhan
 

What's hot (20)

Structural and functional testing
Structural and functional testingStructural and functional testing
Structural and functional testing
 
Practical Software Testing Tools
Practical Software Testing ToolsPractical Software Testing Tools
Practical Software Testing Tools
 
Testing and types of Testing
Testing and types of TestingTesting and types of Testing
Testing and types of Testing
 
Testing Object-Oriented Systems: Lessons Learned
Testing Object-Oriented Systems: Lessons LearnedTesting Object-Oriented Systems: Lessons Learned
Testing Object-Oriented Systems: Lessons Learned
 
Testing Concepts and Manual Testing
Testing Concepts and Manual TestingTesting Concepts and Manual Testing
Testing Concepts and Manual Testing
 
SECh1920
SECh1920SECh1920
SECh1920
 
Testing terms & definitions
Testing terms & definitionsTesting terms & definitions
Testing terms & definitions
 
Software testing strategies
Software testing strategiesSoftware testing strategies
Software testing strategies
 
Software testing methods
Software testing methodsSoftware testing methods
Software testing methods
 
Software testing tools and its taxonomy
Software testing tools and its taxonomySoftware testing tools and its taxonomy
Software testing tools and its taxonomy
 
Software coding & testing, software engineering
Software coding & testing, software engineeringSoftware coding & testing, software engineering
Software coding & testing, software engineering
 
Glossary of Testing Terms and Concepts
Glossary of Testing Terms and ConceptsGlossary of Testing Terms and Concepts
Glossary of Testing Terms and Concepts
 
Chapter 3 - Performance Testing in the Software Lifecycle
Chapter 3 - Performance Testing in the Software LifecycleChapter 3 - Performance Testing in the Software Lifecycle
Chapter 3 - Performance Testing in the Software Lifecycle
 
Software engineering- system testing
Software engineering- system testingSoftware engineering- system testing
Software engineering- system testing
 
documentation-testing.ppt
documentation-testing.pptdocumentation-testing.ppt
documentation-testing.ppt
 
Intro to Software Engineering - Software Testing
Intro to Software Engineering - Software TestingIntro to Software Engineering - Software Testing
Intro to Software Engineering - Software Testing
 
Software testing
Software testingSoftware testing
Software testing
 
Software quality and testing (func. & non func.)
Software quality and testing (func. & non func.)Software quality and testing (func. & non func.)
Software quality and testing (func. & non func.)
 
Software Testing Life Cycle Unit-3
Software Testing Life Cycle Unit-3Software Testing Life Cycle Unit-3
Software Testing Life Cycle Unit-3
 
Software coding and testing
Software coding and testingSoftware coding and testing
Software coding and testing
 

Viewers also liked

Oracle 11gr2 on_rhel6_0 - Document from Red Hat Inc
Oracle 11gr2 on_rhel6_0 - Document from Red Hat IncOracle 11gr2 on_rhel6_0 - Document from Red Hat Inc
Oracle 11gr2 on_rhel6_0 - Document from Red Hat IncFilipe Miranda
 
Domain name system
Domain name systemDomain name system
Domain name systemRahul Baghla
 
L12 programmable+logic+devices+(pld)
L12 programmable+logic+devices+(pld)L12 programmable+logic+devices+(pld)
L12 programmable+logic+devices+(pld)NAGASAI547
 
FACE-ing Reality: Maintaining our Military Edge in the Modern World
FACE-ing Reality: Maintaining our Military Edge in the Modern WorldFACE-ing Reality: Maintaining our Military Edge in the Modern World
FACE-ing Reality: Maintaining our Military Edge in the Modern WorldReal-Time Innovations (RTI)
 
Embedded systems
Embedded systemsEmbedded systems
Embedded systemskondalarao7
 
Domain name system
Domain name systemDomain name system
Domain name systemDiwaker Pant
 
Building Multi-Site and Multi-OpenStack Cloud with OpenStack Cascading
Building Multi-Site and Multi-OpenStack Cloud with OpenStack CascadingBuilding Multi-Site and Multi-OpenStack Cloud with OpenStack Cascading
Building Multi-Site and Multi-OpenStack Cloud with OpenStack CascadingJoe Huang
 
Designing Secure Cisco Data Centers
Designing Secure Cisco Data CentersDesigning Secure Cisco Data Centers
Designing Secure Cisco Data CentersCisco Russia
 
Domain Name System DNS
Domain Name System DNSDomain Name System DNS
Domain Name System DNSAkshay Tiwari
 
DNS - Domain Name System
DNS - Domain Name SystemDNS - Domain Name System
DNS - Domain Name SystemPeter R. Egli
 
ppt on embedded system
ppt on embedded systemppt on embedded system
ppt on embedded systemmanish katara
 
[OpenStack Day in Korea 2015] Track 3-2 - Huawei Cloud Computing Powered by O...
[OpenStack Day in Korea 2015] Track 3-2 - Huawei Cloud Computing Powered by O...[OpenStack Day in Korea 2015] Track 3-2 - Huawei Cloud Computing Powered by O...
[OpenStack Day in Korea 2015] Track 3-2 - Huawei Cloud Computing Powered by O...OpenStack Korea Community
 

Viewers also liked (20)

Oracle 11gr2 on_rhel6_0 - Document from Red Hat Inc
Oracle 11gr2 on_rhel6_0 - Document from Red Hat IncOracle 11gr2 on_rhel6_0 - Document from Red Hat Inc
Oracle 11gr2 on_rhel6_0 - Document from Red Hat Inc
 
Domain name system
Domain name systemDomain name system
Domain name system
 
Endianness
EndiannessEndianness
Endianness
 
Cots integration
Cots integrationCots integration
Cots integration
 
L12 programmable+logic+devices+(pld)
L12 programmable+logic+devices+(pld)L12 programmable+logic+devices+(pld)
L12 programmable+logic+devices+(pld)
 
FACE-ing Reality: Maintaining our Military Edge in the Modern World
FACE-ing Reality: Maintaining our Military Edge in the Modern WorldFACE-ing Reality: Maintaining our Military Edge in the Modern World
FACE-ing Reality: Maintaining our Military Edge in the Modern World
 
Embedded systems
Embedded systemsEmbedded systems
Embedded systems
 
ASIC
ASICASIC
ASIC
 
E.s unit 6
E.s unit 6E.s unit 6
E.s unit 6
 
Compilers
CompilersCompilers
Compilers
 
Domain name system
Domain name systemDomain name system
Domain name system
 
Building Multi-Site and Multi-OpenStack Cloud with OpenStack Cascading
Building Multi-Site and Multi-OpenStack Cloud with OpenStack CascadingBuilding Multi-Site and Multi-OpenStack Cloud with OpenStack Cascading
Building Multi-Site and Multi-OpenStack Cloud with OpenStack Cascading
 
Designing Secure Cisco Data Centers
Designing Secure Cisco Data CentersDesigning Secure Cisco Data Centers
Designing Secure Cisco Data Centers
 
RTOS - Real Time Operating Systems
RTOS - Real Time Operating SystemsRTOS - Real Time Operating Systems
RTOS - Real Time Operating Systems
 
Domain Name System DNS
Domain Name System DNSDomain Name System DNS
Domain Name System DNS
 
Lil endian.ppt
Lil endian.pptLil endian.ppt
Lil endian.ppt
 
DNS - Domain Name System
DNS - Domain Name SystemDNS - Domain Name System
DNS - Domain Name System
 
ppt on embedded system
ppt on embedded systemppt on embedded system
ppt on embedded system
 
Embedded System Basics
Embedded System BasicsEmbedded System Basics
Embedded System Basics
 
[OpenStack Day in Korea 2015] Track 3-2 - Huawei Cloud Computing Powered by O...
[OpenStack Day in Korea 2015] Track 3-2 - Huawei Cloud Computing Powered by O...[OpenStack Day in Korea 2015] Track 3-2 - Huawei Cloud Computing Powered by O...
[OpenStack Day in Korea 2015] Track 3-2 - Huawei Cloud Computing Powered by O...
 

Similar to Cots testing

Software testing
Software testingSoftware testing
Software testingEng Ibrahem
 
Chapter 3 SOFTWARE TESTING PROCESS
Chapter 3 SOFTWARE TESTING PROCESSChapter 3 SOFTWARE TESTING PROCESS
Chapter 3 SOFTWARE TESTING PROCESSst. michael
 
Softwar tetesting basic
Softwar tetesting basicSoftwar tetesting basic
Softwar tetesting basicparekhjigarh
 
Basic software-testing-concepts
Basic software-testing-conceptsBasic software-testing-concepts
Basic software-testing-conceptsmedsherb
 
Testing and Mocking Object - The Art of Mocking.
Testing and Mocking Object - The Art of Mocking.Testing and Mocking Object - The Art of Mocking.
Testing and Mocking Object - The Art of Mocking.Deepak Singhvi
 
Test Process
Test ProcessTest Process
Test Processtokarthik
 
Software Testing
Software TestingSoftware Testing
Software TestingKiran Kumar
 
Testing in Software Engineering.docx
Testing in Software Engineering.docxTesting in Software Engineering.docx
Testing in Software Engineering.docx8759000398
 
Database Unit Testing Made Easy with VSTS
Database Unit Testing Made Easy with VSTSDatabase Unit Testing Made Easy with VSTS
Database Unit Testing Made Easy with VSTSSanil Mhatre
 
Performancetestingjmeter 131210111657-phpapp02
Performancetestingjmeter 131210111657-phpapp02Performancetestingjmeter 131210111657-phpapp02
Performancetestingjmeter 131210111657-phpapp02Nitish Bhardwaj
 
Basic Engineering Design (Part 6): Test and Evaluate
Basic Engineering Design (Part 6): Test and EvaluateBasic Engineering Design (Part 6): Test and Evaluate
Basic Engineering Design (Part 6): Test and EvaluateDenise Wilson
 
Chapter 8 - Software Testing.ppt
Chapter 8 - Software Testing.pptChapter 8 - Software Testing.ppt
Chapter 8 - Software Testing.pptGentaSahuri2
 

Similar to Cots testing (20)

Software testing
Software testingSoftware testing
Software testing
 
Chapter 3 SOFTWARE TESTING PROCESS
Chapter 3 SOFTWARE TESTING PROCESSChapter 3 SOFTWARE TESTING PROCESS
Chapter 3 SOFTWARE TESTING PROCESS
 
Testing
TestingTesting
Testing
 
Testing
TestingTesting
Testing
 
Softwar tetesting basic
Softwar tetesting basicSoftwar tetesting basic
Softwar tetesting basic
 
Basic software-testing-concepts
Basic software-testing-conceptsBasic software-testing-concepts
Basic software-testing-concepts
 
Blackbox
BlackboxBlackbox
Blackbox
 
Testing and Mocking Object - The Art of Mocking.
Testing and Mocking Object - The Art of Mocking.Testing and Mocking Object - The Art of Mocking.
Testing and Mocking Object - The Art of Mocking.
 
Test Process
Test ProcessTest Process
Test Process
 
Software Testing
Software TestingSoftware Testing
Software Testing
 
Ch23
Ch23Ch23
Ch23
 
Testing in Software Engineering.docx
Testing in Software Engineering.docxTesting in Software Engineering.docx
Testing in Software Engineering.docx
 
Slides chapters 13-14
Slides chapters 13-14Slides chapters 13-14
Slides chapters 13-14
 
Software testing (2)
Software testing (2)Software testing (2)
Software testing (2)
 
Software testing ppt
Software testing pptSoftware testing ppt
Software testing ppt
 
Database Unit Testing Made Easy with VSTS
Database Unit Testing Made Easy with VSTSDatabase Unit Testing Made Easy with VSTS
Database Unit Testing Made Easy with VSTS
 
Performancetestingjmeter 131210111657-phpapp02
Performancetestingjmeter 131210111657-phpapp02Performancetestingjmeter 131210111657-phpapp02
Performancetestingjmeter 131210111657-phpapp02
 
Basic Engineering Design (Part 6): Test and Evaluate
Basic Engineering Design (Part 6): Test and EvaluateBasic Engineering Design (Part 6): Test and Evaluate
Basic Engineering Design (Part 6): Test and Evaluate
 
Chapter 8 - Software Testing.ppt
Chapter 8 - Software Testing.pptChapter 8 - Software Testing.ppt
Chapter 8 - Software Testing.ppt
 
Software Testing
Software TestingSoftware Testing
Software Testing
 

Recently uploaded

Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxAmanpreet Kaur
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Association for Project Management
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentationcamerronhm
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701bronxfugly43
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxheathfieldcps1
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...ZurliaSoop
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseAnaAcapella
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 

Recently uploaded (20)

Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 

Cots testing

  • 2. Diff. With in-house components  Interface (pre and post conditions) are not clearly specified.  No Arch. and code.  Black boxes to component user. Why use COTS
  • 3. Why COTS Testing  Failure of Ariane5. • explosion resulted from insufficiently tested software reused from the Ariane 4 launcher.
  • 5. Why rigorous evaluation of COTS?  Large number of alternative products.  Multiple stakeholders.  Large number of Quality criteria.  Compatibility with other products.
  • 6. Why evaluation difficult  Large number of evaluation criteria.  Different opinions are usually encountered among different stakeholders.  Evaluation criteria are not easily measurable at evaluation time.  Gathering relevant info. is prohibitively expensive.  COTS market is changing fast, evaluation must be performed several times during lifecycle.  Evaluation deals with uncertainty info.
  • 7. AHP Technique  Originally designed for economic and political science domains.  Requires a pair wise comparison of alternatives and pair wise weighting of selection criteria.  Enables consistency analysis of comparisons and weights, making possible to assess quality of gathered info.
  • 8. AHP Technique (contd.)  Allows alternatives to be measured on a ratio scale,we can determine how much better an alternative compared to other.  Practically usable if number of alternatives and criteria are sufficiently low, because comparisons are made by experts.
  • 9. Selection in practice Follows three stages  Informal screening for a set of requirements using selection thresholds.  More systematic evaluation using AHP process.  Detailed Information gathering involves testing, prototyping and reading technical documents.
  • 10. State of the art in COTS testing
  • 11. How to provide information to user  Component meta-data approach.  Retro-components approach.  Component test bench approach.  Built-in test approach.  Component+ approach.  STECC strategy.
  • 12. Component meta-data approach Component Binary code Call graphs, Testing info. done by provider Metadata
  • 13. Component metadata (contd.) Component functionality Meta Metadata req server DB Metadata
  • 14. Retro-components approach Component functionality Meta Metadata req and test data server DB Metadata
  • 15. Component test bench approach  A set of test cases called test operation is associated with each interface of a component.  A test operation defines the necessary steps for testing a specific method.  The concrete test inputs and expected test output packaged in a test operation.
  • 16. Built-in test approach. Component Functionality Test case Tester generator
  • 17. Built-in test approach(contd.) Normal mode. Maintenance mode. Functionality Functionality Test case Tester generator
  • 18. Built-in test approach(contd.) Base Component Inheritance Derived Component
  • 19. Component+ approach Tester Built-in testing enabled component Test case generator Functionality Handler Test executor Failure Recovery mech.s Interface
  • 20. Disadv. of BIT and component+  Static nature.  Generally do not ensure that tests are conducted as required by the component user  The component provider makes some assumptions concerning the requirements of the component user, which again might be wrong or inaccurate.
  • 21. STECC strategy query functionality Metadata Meta Req. Server DB Tester Metadata Test generator
  • 22. Levels of Testing  Unit Testing.  Integration Testing.  System Testing
  • 23. Types of testing  Functionality Testing .  Reliability Testing.  Robustness Testing.  Performance Testing.  Load Testing.  Stress Testing.  Stability Testing.  Security Testing.
  • 24. Certifying COTS When considering a candidate component, developers need to ask three key questions:  Does component C fill the developer’s needs?  Is the quality of component C high enough?  What impact will component C have on system S?
  • 26. CERTIFICATION TECHNIQUES  Black-box component testing.  System-level fault injection.  Operational system testing.  Software Wrapping.  Interface propagation Analysis.
  • 27. Black box Testing  To understand the behavior of a component, various inputs are executed and outputs are analyzed.  To catch all types of errors all possible combinations of input values should be executed.  To make testing feasible, test cases are selected randomly from test case space.
  • 28. Black box test reduction using Input-output Analysis  Random Testing is not complete.  To perform complete functional testing, number of test cases can be reduced by Input-output Analysis.
  • 29.
  • 30.
  • 31. How to find I/O relationships  By static analysis or execution analysis of program.
  • 32. Fault Injection request Fault Fault Component simulation simulation tool tool Exceptions, Erroneous No response or malicious input
  • 33. Operational System Testing  complements system-level fault injection.  System is operated with random inputs (valid and invalid inputs)  Provides more accurate assessment of COTS quality.  To ensure that a component is a good match for the system.
  • 34. Software Wrapping Input wrapper Output wrapper Input Component output
  • 35.
  • 37. Interface propagation Analysis COTS COTS Fault Injector Component 1 Component 2  Modify input, call correct method.  Call correct method, modify output.  Call perturbed function.
  • 38. Fault Injection used for  Robustness Testing.  Error propagation Analysis.  Reliability Testing.  Security Testing.
  • 40. COTS testing for OS failures COTS Operating Wrapper component System
  • 41. Ballista approach  Based on fault injection technique.  Test cases are generated using parameter types of an interface.  Independent of internal functionality.  Testing is not complete.
  • 43. Test value Data Base(contd.)  Integer data type: 0, 1, -1, MAXINT, -MAXINT, selected powers of two, powers of two minus one, and powers of two plus one.  Float data type: 0, 1, -1, +/-DBL_MIN, +/- DBL_MAX, pi, and e.  Pointer data type: NULL, -1 (cast to a pointer), pointer to free’d memory, and pointers to malloc’ed buffers of various powers of two in size.
  • 44. Test value Data Base(contd.)  String data type (based on the pointer base type): includes NULL, -1 (cast to a pointer), pointer to an empty string, a string as large as a virtual memory page, a string 64K bytes in length.  File descriptor (based on integer base type): includes -1;MAXINT; and various descriptors: to a file open for reading, to a file open for writing, to a file whose offset is set to end of file, to an empty file, and to a file deleted after the file descriptor was assigned.
  • 45. Test case generation  All combinations of values for the parameter types are generated.  Number of test cases generated are product of number of parameters and test base for that type.
  • 46. Error propagation analysis  Interface Propagation Analysis is used by injecting faults at one component.  This is done at component integration level.  A known faulty input is injected using fault injector into the system.  Components effected by this input are observed (how they handle the faulty input).
  • 48. Middleware  Application’s execution and Middleware cannot be divorced in any meaningful way.  In order to predict the performance of application component, performance of its middleware should be analyzed.
  • 49. Performance prediction Methodology Application’s performance prediction is three step process.  Obtaining Technology performance.  Analyzing Architecture specific behavioral characteristics.  Analyzing Application specific behavioral characteristics.
  • 51. Technology performance profile (contd.)
  • 52. Technology performance profile (contd.)
  • 54. Effect of database access thru Middleware Container Session bean DB Entity bean  The performance of the entity bean architecture is less than 50% of the performance of the session bean only Architecture.
  • 55. Effect of Server Thread  The performance increases from 2 threads to 32 threads, stabilizes around 32 to 64 threads, and gradually decreases as more threads are added due to contention.
  • 56. The Effect of Client Request Load.  Client response time increases with concurrent client request rate due to contention for server threads.
  • 57. Effect of Database Contention  Effect of database contention leads to performance that is between 20% and 49%.
  • 58. Optimal Number of threads
  • 60. Load Testing  It is just Performance testing under various loads.  Performance is measured as Connections per second (CPS), throughput in bytes per second, and round trip time (RTT) .
  • 61. Load Test Application Load test App Ethernet Web System Under Test server App DB server server
  • 62. Testing strategy Load tests will be conducted in three phases. 1. Consumption of server resources as a function of the volume of incoming requests will be measured. 2. Response time for sequential requests will be measured. 3. Response time for concurrent client request load will be measured.
  • 64. Security Risks with COTS  Component design.  Component procurement.  Component integration.  System maintenance.
  • 65. Component Design  Inadvertently flawed component design.  Intentionally flawed component design.  Excessive component functionality.  Open or widely spread component design.  Insufficient or incorrect documentation.
  • 66. Component integration Mismatch between product security levels. Ex. UNIX and CORBA security integration. System maintenance  Insecure updating.  Unexpected side effects.  Maintenance backdoors.
  • 68. Risks revealed  Trojan horse in client.  Information leaking to swap file.  DBMS log files.  DBMS ordering of records.
  • 69. Piracy avoidance techniques  Hardware and software tokens.  Dynamic Decryption of Code.  Watermarking.  Code Partitioning.
  • 71. I-BACCI process 1. Decomposing the binary file of the component; and filtering trivial information. 2. Comparison the code sections between the two versions. 3. Identification of glue code functions. 4. Identification of change propagation in other components/system. 5. Selection of test cases to cover only the affected glue code functions (functions in firewall).
  • 73. Methods for understanding  Binary reverse Engg.  Interface probing.  Partial automation of interface probing.
  • 74. Binary reverse Engg.  Derives the design structure (call graph, control graph) from binary code.  Source code can also be partially extracted using decompilation.  Decompiled source code will have no comments and variable names will not be meaningful.  Licenses forbid decompilation back to source code.
  • 75. Interface probing  System Developer designs a set of test cases, executes, and analyzes outputs.  Done in an iterative manner.
  • 76. Disadvantages  A large number of test cases have to be generated and analyzed.  Some properties may require significant probing which may be tedious,labor intensive, expensive.  Developers miss certain limitations and make incorrect assumptions.
  • 77. Partial Automation of interface probing  Based on interface probing.  Test cases are generated based on scenarios.  Testing is done in three phases 1. Scenario description phase. 2. Search space specification phase. 3. Test case generation phase.