Abstract
In industry, testing has to be performed under severe pressure due to limited resources. Risk-based testing which uses risks to guide the test process is applied to allocate resources and to reduce product risks. Risk assessment, i.e., risk identification, analysis and evaluation, determines the significance of the risk values assigned to tests and therefore the quality of the overall risk-based test process. In this paper we provide a risk assessment model and its integration into an established test process. This framework is derived on the basis of best practices extracted from published risk-based testing approaches and applied to an industrial test process.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
References
Felderer, M., Schieferdecker, I.: A taxonomy of risk-based testing. STTT (2014)
Wendland, M.F., Kranz, M., Schieferdecker, I.: A systematic approach to risk-based testing using risk-annotated requirements models. In: ICSEA 2012, The Seventh International Conference on Software Engineering Advances, pp. 636–642 (2012)
ISTQB: Standard glossary of terms used in software testing, version 2.2. Technical report, ISTQB (2012)
Alam, M.M., Khan, A.I.: Risk-based testing techniques: A perspective study. International Journal of Computer Applications 65(1) (2013)
ISO: ISO/IEC 29119 Software Testing, Draft (2013)
Amland, S.: Risk-based testing: Risk analysis fundamentals and metrics for software testing including a financial application case study. Journal of Systems and Software 53(3), 287–295 (2000)
Felderer, M., Haisjackl, C., Breu, R., Motz, J.: Integrating manual and automatic risk assessment for risk-based testing. In: Biffl, S., Winkler, D., Bergsmann, J. (eds.) SWQD 2012. LNBIP, vol. 94, pp. 159–180. Springer, Heidelberg (2012)
Merriam-Webster: Merriam-Webster Online Dictionary (2009), http://www.merriam-webster.com/dictionary/risk (accessed: April 04, 2013)
Standards Australia/New Zealand: Risk Management AS/NZS 4360:2004 (2004)
McCall, J., Richards, P., Walters, G.: Factors in software quality. Technical report, NTIS, vol. 1, 2 and 3 (1997)
Bai, X., Kenett, R.S., Yu, W.: Risk assessment and adaptive group testing of semantic web services. International Journal of Software Engineering and Knowledge Engineering 22(05), 595–620 (2012)
Felderer, M., Ramler, R.: Integrating risk-based testing in industrial test processes. Software Quality Journal, 1–33 (2013) (online first)
Ray, M., Mohapatra, D.P.: Risk analysis: a guiding force in the improvement of testing. IET Software 7(1), 29–46 (2013)
Chen, Y., Probert, R.L., Sims, D.P.: Specification-based regression test selection with risk analysis. In: Proceedings of the 2002 Conference of the Centre for Advanced Studies on Collaborative Research, p. 1. IBM Press (2002)
Redmill, F.: Exploring risk-based testing and its implications. Software Testing, Verification and Reliability 14(1), 3–15 (2004)
Redmill, F.: Theory and practice of risk-based testing. Software Testing, Verification and Reliability 15(1), 3–20 (2005)
Stallbaum, H., Metzger, A.: Employing requirements metrics for automating early risk assessment. In: Proc. of MeReP 2007, Palma de Mallorca, Spain, pp. 1–12 (2007)
Stallbaum, H., Metzger, A., Pohl, K.: An automated technique for risk-based test case generation and prioritization. In: Proceedings of the 3rd International Workshop on Automation of Software Test, pp. 67–70. ACM (2008)
Souza, E., Gusmao, C., Alves, K., Venancio, J., Melo, R.: Measurement and control for risk-based test cases and activities. In: 10th Latin American Test Workshop, pp. 1–6. IEEE (2009)
Souza, E., Gusmão, C., Venâncio, J.: Risk-based testing: A case study. In: 2010 Seventh International Conference on Information Technology: New Generations (ITNG), pp. 1032–1037. IEEE (2010)
Zimmermann, F., Eschbach, R., Kloos, J., Bauer, T., et al.: Risk-based statistical testing: A refinement-based approach to the reliability analysis of safety-critical systems. In: Proceedings of the 12th European Workshop on Dependable Computing, EWDC 2009 (2009)
Kloos, J., Hussain, T., Eschbach, R.: Risk-based testing of safety-critical embedded systems driven by fault tree analysis. In: 2011 IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops (ICSTW), pp. 26–33. IEEE (2011)
Yoon, H., Choi, B.: A test case prioritization based on degree of risk exposure and its empirical study. International Journal of Software Engineering and Knowledge Engineering 21(02), 191–209 (2011)
Zech, P.: Risk-based security testing in cloud computing environments. In: 2011 IEEE Fourth International Conference on Software Testing, Verification and Validation (ICST), pp. 411–414. IEEE (2011)
Felderer, M., Ramler, R.: Experiences and challenges of introducing risk-based testing in an industrial project. In: Winkler, D., Biffl, S., Bergsmann, J. (eds.) SWQD 2013. LNBIP, vol. 133, pp. 10–29. Springer, Heidelberg (2013)
Pandian, C.R.: Applied software risk management: a guide for software project managers. CRC Press (2006)
Cavano, J., McCall, J.: A framework for the measurement of software quality. ACM SIGMETRICS Performance Evaluation Review 7(3-4), 133–139 (1978)
Haisjackl, C., Felderer, M., Breu, R.: Riscal–a risk estimation tool for software engineering purposes. In: 2013 39th EUROMICRO Conference on Software Engineering and Advanced Applications (SEAA), pp. 292–299. IEEE (2013)
Felderer, M., Ramler, R.: A multiple case study on risk-based testing in industry. STTT (2014)
McCabe, T.: A complexity measure. IEEE Transactions on Software Engineering, 308–320 (1976)
SonarSource: Sonar (2013), http://www.sonarsource.org/ (accessed: March 12, 2013)
microtool: in-Step (2013), http://www.microtool.de/inStep (accessed: November 30, 2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Felderer, M., Haisjackl, C., Pekar, V., Breu, R. (2014). A Risk Assessment Framework for Software Testing. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation. Specialized Techniques and Applications. ISoLA 2014. Lecture Notes in Computer Science, vol 8803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45231-8_21
Download citation
DOI: https://doi.org/10.1007/978-3-662-45231-8_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-45230-1
Online ISBN: 978-3-662-45231-8
eBook Packages: Computer ScienceComputer Science (R0)