1. Agile v.s. SRS
Agile Requirement Document : User Stories in product backlog or Use Case Diagram
SRS : Software Requirement Specification
Agile Requirement Document是輕量級的需求文件,適用於planning、scheduling與developing
SRS是重量級的需求文件: 用於追蹤進度之用。
Agile requirement document與SRS可以相輔相成。
2. White box Testing 白盒子測試
2.1 Generating inputs by code analysis
2.2 Generating inputs by experimentation
2.3 Mutation Testing
3. Black box Testing 黑盒子測試
3.1 Specification-based Testing
3.1.1 Testing sequential behavior by state machine
3.1.2 Category partition method
3.2 Random Testing 3.2.1 Defining Input Space
3.2.2 Adaptive Random Testing (ART) - improving effectiveness of randomness
3.2.3 Exposing Security Flaws with Fuzz-Testing
本次簡報重點Takeaways:
Agile with SRS document.
Misra C
Security Requirement- Misuse Cases
Approaches such as Concolic Testing is a better version of symbolic execution.
Search based test offers a way without the need to analyze code. But still leverage the utility of code coverage.
Mutation testing provides a new test adequacy other than code coverage and is proved to be efficient by recent study.
W method is a better tester for sequential behavior.
Custom-made Input Generator : Quick-Check – one of the leading random test frameworks.
Adaptive Random Testing (ART) improves effectiveness of randomness.
Exposing Security Flaws with Fuzz-Testing