Risk-Based E-Business Testing ForalistingofrecenttitlesintheArtechHouseComputingLibrary, turntothebackofthisbook. Risk-Based E-Business Testing Paul Gerrard Neil Thompson Artech House Boston (cid:149) London www.artechhouse.com LibraryofCongressCataloging-in-PublicationData Gerrard,Paul. Risk-basede-businesstesting/PaulGerrard,NeilThompson. p. cm.(cid:151)(ArtechHousecomputinglibrary) Includesbibliographicalreferencesandindex. ISBN1-58053-314-0(alk.paper) 1.Electroniccommerce(cid:151)Management. 2.Riskmanagement. I.Thompson,Neil. II.Title. III.ArtechHousecomputinglibrary. HF5548.32.G468 2002 658.8(cid:146)4(cid:151)dc21 2002074496 BritishLibraryCataloguinginPublicationData Gerrard,Paul Risk-basede-businesstesting.(cid:151)(ArtechHousecomputinglibrary) 1.Computersystems(cid:151)Testing 2.Riskmanagement 3.Electronic commerce(cid:151)Computernetworks I.Title II.Thompson,Neil 005.1(cid:146)4 ISBN1-58053-314-0 CoverdesignbyIgorValdman Microsoft(cid:210) screenshotsreprintedbypermissionfromMicrosoftCorporation. Netscapebrowserwindow(cid:211) 2002NetscapeCommunicationsCorporation.Usedwithper- mission.NetscapeCommunicationshasnotauthorized,sponsored,endorsed,orapproved thispublicationandisnotresponsibleforitscontent. '2002ARTECHHOUSE,INC. 685CantonStreet Norwood,MA02062 Allrightsreserved.PrintedandboundintheUnitedStatesofAmerica.Nopartofthisbook may be reproduced or utilized in any form or by any means, electronic or mechanical, in- cludingphotocopying,recording,orbyanyinformationstorageandretrievalsystem,with- outpermissioninwritingfromthepublisher. Alltermsmentionedinthisbookthatareknowntobetrademarksorservicemarkshave been appropriately capitalized. Artech House cannot attest to the accuracy of this informa- tion.Useofaterminthisbookshouldnotberegardedasaffectingthevalidityofanytrade- markorservicemark. InternationalStandardBookNumber:1-58053-314-0 LibraryofCongressCatalogCardNumber:2002074496 10987654321 Tomyfamily:Julia,Max,andLizzie (cid:151)Paul Tothememoryofmyfather,whoservedthepublicwithinformation inthedaysbeforetheWebandknewthemeaningofquality (cid:151)Neil Toallthosetesterswhodothebestjobtheycan, butalwaysthinktheyshouldbedoingmore (cid:151)PaulandNeil Contents Preface xix Audience xxi Structure xxi TheWebSite xxv References xxv Acknowledgments xxvii PartI TheRisk-BasedTestingApproach 1 1 IntroductiontoRisk-BasedTesting 3 RiskyProjectFoundations 3 PressuresonTestingandQualityAssurance 5 TheTester(cid:146)sManifesto 6 TextbookTestingandtheRealWorld 7 TheRisksofEarlyRelease 9 WhatIsRisk? 11 AreRisksWrong? 11 TheDefinitionofRisk 12 vii viii Risk-BasedE-BusinessTesting InfluencesonOurUnderstandingofRisk 13 TheDefinitionofRiskWeUseinThisBook 14 ProductRiskandTesting 16 WhatIsaProduct? 17 WhatIsTesting? 18 References 19 2 RiskManagementandTesting 21 RiskWorkshops 22 RiskIdentification 23 RiskAnalysis 25 AssessingConsequence 25 AssessingProbability 27 DoRiskNumbersMeanAnything? 30 RiskExposure 31 RiskResponsePlanning 31 InformationBuyingandTesting 32 ProcessModelandTesting 33 RiskResolutionandMonitoring 34 SummaryofTesting(cid:146)sRiskManagementRole 34 References 35 3 Risk:ABetterLanguageforSoftwareTesting 37 DifficultQuestionsforTesters 38 HowMuchTestingIsEnough(ToPlan)? 39 WhenShouldWeStopTesting? 42 WhenIstheProductGoodEnough? 43 WhoDecides? 45 TheClassicSqueezeonTesting 47 HowGoodIsYourTesting? 47 Contents ix ADefinitionofGoodTesting 49 References 50 4 Risk-BasedTestStrategy 51 FromRiskstoTestObjectives 52 Risks,TestObjectives,andCoverage 54 TheW-ModelExtendstheV-ModelofTesting 56 MasterTestPlanning 60 FailureModeandEffectsAnalysis 60 TheRisk-BasedTestProcessMethod 61 Stage1:RiskIdentification(Columns1,2) 63 Stage2:RiskAnalysis(Columns1(cid:150)5) 64 Stage3:RiskResponse(Columns6(cid:150)15,etc.) 64 Stage4:TestScoping(Columns1,2,8(cid:150)15,etc.) 67 Stage5:TestProcessDefinition(Columns8(cid:150)15,etc.) 69 MethodGuidance 70 Aren(cid:146)ttheRiskNumbersMeaningless? 70 WhatIfParticipantsCan(cid:146)tAgree? 71 WhatIfaTestObjectiveIsUnachievable? 72 WhatIftheTestingWillCostTooMuch? 73 Shouldn(cid:146)tWeAutomaticallyIncludeSimpleTests? 73 Don(cid:146)tForgetGenericTestObjectives 74 RisksandExploratoryTesting 75 Risk-andBenefit(cid:150)BasedTestReporting 76 References 80 PartII Risk-BasedE-BusinessTesting 83 5 E-BusinessandtheConsequencesofFailure 85 E-Business,E-Commerce,andEverythingE 85 ATypicalWebExperience 86 WebSiteFailuresandTheirConsequences 88 E-BusinessMaturityandRisk 89 x Risk-BasedE-BusinessTesting WebTimeandOtherChallengestoTesters 90 RiskyProjectsandTesting 92 References 92 6 TypesofWebSiteFailures 93 WebSiteAsRetailStore 94 NoSecondChances 95 ManyoftheRisksAreOutsideYourControl 96 UnlimitedPotentialUsers 96 ManyPotentialPointsofFailure 96 YouHaveNoControloverClientPlatforms 97 YouHaveNoControloverClientConfiguration 97 WhichBrowsersDoYouSupport? 98 YourUsersMayNotHavetheRequiredPlug-Ins 99 TheContextofWebTransactionsIsaRiskArea 99 CookiesCanBeaProblem 100 NetworkConnections 100 FirewallsMayGetintheWay 101 AnyoneCanVisit 101 UsabilityIsNowaPrimeConcern 101 Localization 102 TheSequenceofPointsofFailureinaWebService 102 7 E-BusinessTestStrategy 105 SpecializedKnowledgeandE-BusinessTesting Techniques 105 TestingConsiderations 106 DeveloperTesting 106 ConsiderUsingTestDrivers 106 Configurations 108 WebConventionsandAccessibility 108 UsingaTestProcessFrameworktoBuildYour TestStrategy 110
Description: