Shulou(Shulou.com)06/03 Report--

1. Definition:

The test method is single, regardless of the key level of the test point, and the strict level is the same.

Second, the period of occurrence

It could happen at any time.

Third, trap performance

The test plan documentation contains only generic, template test guidelines, not appropriate, system-specific information.

All tests use the same approach, not based on the type of requirements or the type of system being verified.

Critical systems or components in terms of mission, security, and confidentiality are no more stringent and comprehensive than other sub-critical components.

There are only general techniques for testing functional requirements, and there are no specialized types of test descriptions that validate quality requirements (availability, capacity, performance, reliability, robustness, security, confidentiality, ease of use requirements).

IV. Negative consequences

Mission, security and other key components have not been fully tested.

There are no specific tests to verify that the system or software has an adequate level of important quality characteristics and attributes. If there is no * test or ease of use test.

There are not enough resources to fully test all software, and limited resources are misused on low-priority software rather than testing more critical components.

Some Bug did not find it and entered the deployed system through testing.

The system does not meet non-functional requirements (i.e. data, interface, and quality requirements, as well as architecture, design, implementation, or configuration constraints)

The system is not sufficiently secure or confidential.

Fifth, reasons

The test process requirements for critical and non-critical components are not distinguished.

The test plan template and content or format standards are incomplete, and the impact of task and security criticality on testing is not considered.

No engineering quality requirements (security and security)

Testers are not familiar with the impact of security and confidentiality on testing. (the high stringent level of the test requires identification and certification)

There is poor communication between testers and security personnel.

VI. Suggestions

Preparation stage

Train software developers and testers, considering the need to include project-specific, professional test information.

Serve as templates for test plans and development documents (processes, guides, etc.) to meet the needs of project and system-specific information.

Enable Pha

Update the template or format content standards for development, test, and process documentation to address the type, integrity, and rigor of the required tests.

Execution phase

Do this in the development test plan documentation:

Test type differences or integrity and rigour of procedures and tasks, security-critical relationships.

Test quality requirements and professional engineering testing methods and techniques.

More complete and rigorous testing than sub-critical components or systems.

Verification phase

Determine whether the integrity, type, and rigor of the test:

Consider in the system development and test plan

Critical correlation of a system or subsystem

Sufficient, based on the criticality of the system or subsystem under test.

VII. Related Bug

The test priority is insufficient and the test communication is insufficient.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.