Software Testing and Quality Assurance

Study Notes

Quality is the degree of excellence of something.
In IT products or services, quality is defined as "meeting the requirement of customers".
For customers, quality means required functionality is provided with user-friendly manner.
For companies, quality means product which meets customer requirements.

Cost of quality is "money spent beyond the cost of building the same product right the first time".
Cost of quality includes prevention cost, appraisal cost, internal failure cost, and external failure cost.

Quality attributes are correctness, reliability, efficiency, usability, maintainability, flexibility, portability, and scalability.
For example, in a medical system, correctness means patient medical history should be error-free.

Verification is ensuring that the output meets the input, i.e., "Did I make the product correctly?"
Validation is ensuring that the specifications meet user needs and intended users, i.e., "Did I make the correct product?"
Verification and validation are applied in parallel in SDLC.
Verification and validation planning involves identifying the V&V scope, establishing objectives, analyzing project input, selecting tools and techniques, and creating a plan.

Static testing involves manual or automated reviews of documents to catch defects early in STLC.
Documents reviewed include requirement specifications, design documents, source code, test plans, test cases, test scripts, help or user documents, and web page content.

Dynamic testing involves executing code to check for functional behavior, memory/cpu usage, and overall performance of the system.
Dynamic testing confirms that the software product works in conformance with business requirements.

V&V involvement includes requirements gathering and analysis, design, implementation, testing, installation, and maintenance phases.
In each phase, V&V activities are performed, such as determining test strategy, generating functional test conditions, and testing application systems.

Walkthroughs, reviews, and inspections are techniques used to identify defects at each stage of the development and maintenance life cycle.
Key documentation includes review logs, check sheets, test strategy and test plans, test cases and test scripts, test results logs, and defect logs.

Risk is an issue that can be avoided or mitigated.
Risks include schedule risks, budget risks, programmatic risks, operational risks, technical risks, and software development risks.
Schedule risks include wrong time estimation, poor resource tracking, and unexpected project scope expansions.
Budget risks include wrong budget estimation, cost overruns, and project scope expansions.
Programmatic risks include running out of funds, market development, changing customer product strategy, and government rule changes.
Operational risks include risk of loss due to improper process implementation, failed systems, or external events.
Technical risks include technical difficulties, complex functionalities, and changing requirements.
Software development risks include improper use of technology, inability to translate user needs, uncontrolled system access, and ineffective security practices.

Risk analysis involves forming a risk analysis team, identifying risks, estimating the magnitude of risk, and selecting testing priorities.
Risk management involves risk reduction methods and contingency planning.