Abstract
We present a technique for risk-based test procedure identification, prioritization, and selection. The technique takes a risk model in the form of a risk graph as input, and produces a list of prioritized selected test procedures as output. The technique is general in the sense that it can be used with many existing risk documentation languages and many kinds of likelihood and risk types.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Bach, J.: Heuristic risk-based testing. Software Testing and Quality Engineering Magazine 11, 9 (1999)
Bai, X., Kenett, R.S.: Risk-based adaptive group testing of semantic web services. In: Proc. of the 33rd Annual IEEE International Computer Software and Applications Conference (COMPSAC), pp. 485–490. IEEE Computer Society (2009)
Brændeland, G., Refsdal, A., Stølen, K.: Modular analysis and modelling of risk scenarios with dependencies. Journal of Systems and Software 83(10), 1995–2013 (2010)
Casado, R., Tuya, J., Younas, M.: Testing long-lived web services transactions using a risk-based approach. In: Proc. 10th International Conference on Quality Software (QSIC), pp. 337–340. IEEE Computer Society (2010)
Charniac, E.: Bayesian networks without tears: making bayesian networks more accessible to the probabilistically unsophisticated. AI Magazine 12(4), 50–63 (1991)
Chen, Y., Probert, R.L., Sims, D.P.: Specification-based regression test selection with risk analysis. In: Proc. of the 2002 Conference of the Centre for Advanced Studies on Collaborative Research, CASCON 2002, p. 1. IBM Press (2002)
Felderer, M., Haisjackl, C., Breu, R., Motz, J.: Integrating manual and automatic risk assessment for risk-based testing. In: Biffl, S., Winkler, D., Bergsmann, J. (eds.) SWQD 2012. LNBIP, vol. 94, pp. 159–180. Springer, Heidelberg (2012)
Gleirscher, M.: Hazard-based selection of test cases. In: Proc. of the 6th International Workshop on Automation of Software Test, pp. 64–70. ACM (2011)
International Electrotechnical Commission. Event Tree Analysis in Dependability Management - Part 3: Application Guide - Section 9: Risk Analysis of Technological Systems. IEC 60300 (1990)
International Electrotechnical Commission. IEC 61025 Fault Tree Analysis, FTA (1990)
Kloos, J., Hussain, T., Eschbach, R.: Risk-based testing of safety-critical embedded systems driven by fault tree analysis. In: Proc. of IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops (ICSTW), pp. 26–33. IEEE (2011)
Kumar, N., Sosale, D., Konuganti, S.N., Rathi, A.: Enabling the adoption of aspects - testing aspects: A risk model, fault model and patterns. In: Proc. of the 8th ACM International Conference on Aspect-oriented Software Development, AOSD 2009, pp. 197–206. ACM (2009)
Lund, M.S., Solhaug, B., Stølen, K.: Model Driven Risk Analysis - The CORAS Approach. Springer (2011)
Murthy, K.K., Thakkar, K.R., Laxminarayan, S.: Leveraging risk based testing in enterprise systems security validation. In: Proc. of the First International Conference on Emerging Network Intelligence, pp. 111–116. IEEE Computer Society (2009)
Redmill, F.: Exploring risk-based testing and its implications: Research articles. Softw. Test. Verif. Reliab. 14(1), 3–15 (2004)
Redmill, F.: Theory and practice of risk-based testing. Software Testing, Verification and Reliability 15(1), 3–20 (2005)
Redmill, F., Chudleigh, M.F., Catmur, J.R.: Principles underlying a guideline for applying HAZOP to programmable electronic systems. Reliability Engineering and System Safety 55(3), 283–293 (1997)
Rosenberg, L., Stapko, R., Gallo, A.: Risk-based object oriented testing. In: Proc. of the 24th Annual Software Engineering Workshop. NASA (1999)
Schneider, B.: Attack trees: modeling security threats. Dr. Dobb’s Journal of Software Tools 24(12), 21–29 (1999)
Souza, E., Gusmão, C., Venancio, J.: Risk-based testing: A case study. In: Proc. of ITNG, pp. 1032–1037. IEEE Computer Society (2010)
Souza, E., Gusmão, C., Venancio, J., Alves, K., Melo, R.: Measurement and control for risk-based test cases and activities. In: Proc. of Test Workshop (LATW 2009), pp. 1–6. IEEE (2009)
Stallbaum, H., Metzger, A., Pohl, K.: An automated technique for risk-based test case generation and prioritization. In: Proc. of the 3rd International Workshop on Automation of Software Test, pp. 67–70. ACM (2008)
Wong, W.E., Qi, Y., Cooper, K.: Source code-based software risk assessing. In: Proc. of the 2005 ACM Symposium on Applied Computing, SAC 2005, pp. 1485–1490. ACM (2005)
Zech, P., Felderer, M., Breu, R.: Towards a model based security testing approach of cloud computing environments. In: 2012 IEEE Sixth International Conference on Software Security and Reliability Companion (SERE-C), pp. 47–56. IEEE (2012)
Zech, P., Felderer, M., Breu, R.: Towards risk - driven security testing of service centric systems. In: QSIC, pp. 140–143. IEEE (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Seehusen, F. (2014). A Technique for Risk-Based Test Procedure Identification, Prioritization and Selection. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation. Specialized Techniques and Applications. ISoLA 2014. Lecture Notes in Computer Science, vol 8803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45231-8_20
Download citation
DOI: https://doi.org/10.1007/978-3-662-45231-8_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-45230-1
Online ISBN: 978-3-662-45231-8
eBook Packages: Computer ScienceComputer Science (R0)