Write a Blog >>
Fri 13 Nov 2020 08:30 - 08:32 at Virtual room 1 - Testing 4

Since the systematic integration of risk assessment and testing is a relevant approach to address product risks in software development and to cope with limited testing resources, current standards like ISO/IEC/IEEE 29119, ETSI EG 203 251, or the OWASP Security Testing Guide recommend a systematic integration between these two domains. The systematic combination of risk assessment and testing is known as risk-based testing, and it applies assessed risks of the software product as the guiding factor to steer all phases of a test process, i.e., test planning, design, implementation, execution, and evaluation. Risk-based testing has become quite popular, and several approaches were developed. However, the standards stay mostly abstract with regard to the concrete implementation and do often not provide concrete guidance on how to define, adapt, or assess risk-based testing approaches and tools. Because of the growing demand for risk-based testing processes by industry and the increasing number of available risk-based testing approaches, solid methodological support to define, tailor, categorize, assess, compare, and select risk-based testing approaches is required. This presentation provides a taxonomy for risk-based testing that serves as a tool to define, tailor, or assess risk-based testing approaches in general and to instantiate risk-based testing approaches for the current testing standards ISO/IEC/IEEE 29119, ETSI EG and OWASP Security Testing Guide in particular. We will demonstrate the usefulness of the taxonomy by applying it to the aforementioned standards as well as to the risk-based testing approaches SmartTesting, RACOMAT, PRISMA, and risk-based test case prioritization using fuzzy expert systems. Our taxonomy provides the methodological support to systematically identify deviations between the standards’ requirements and the individual testing approaches so that we are able to position and compare the testing approaches and discuss their potential for practical application. Considering at least the approaches that have been subject to our evaluation, we can state that there is already a good coverage of the requirements. However, there are differences between the approaches, and not all required areas of risk-based testing are fully supported. In the course of our presentation, especially practitioners will get a systematic overview of the requirements from standardization, by which techniques and procedures these requirements can be instantiated, and how risk-based testing approaches can be tailored and compared.

Fri 13 Nov

Displayed time zone: (UTC) Coordinated Universal Time change

08:30 - 09:00
08:30
2m
Talk
A Taxonomy to Assess and Tailor Risk-based Testing in Recent Testing Standards
Journal First
Juergen Grossmann Fraunhofer, Michael Felderer University of Innsbruck, Johannes Viehmann Fraunhofer FOKUS, Germany, Ina Schieferdecker Fraunhofer FOKUS & TU Berlin, Germany
08:33
1m
Talk
Detecting Optimization Bugs in Database Engines via Non-optimizing Reference Engine Construction
Research Papers
Manuel Rigger ETH Zurich, Zhendong Su ETH Zurich
DOI Pre-print Media Attached
08:35
1m
Talk
Evolutionary Improvement of Assertion Oracles
Research Papers
Valerio Terragni USI Lugano, Switzerland, Gunel Jahangirova USI Lugano, Switzerland, Paolo Tonella USI Lugano, Switzerland, Mauro Pezze USI Lugano, Switzerland
DOI
08:37
1m
Talk
Precise Learn-to-Rank Fault Localization Using Dynamic and Static Features of Target Programs
Journal First
Yunho Kim KAIST, Seokhyeon Moon KAIST, Shin Yoo Korea Advanced Institute of Science and Technology, Moonzoo Kim KAIST / VPlusLab Inc.
08:39
1m
Talk
When Does My Program Do This? Learning Circumstances of Software Behavior
Research Papers
Alexander Kampmann CISPA, Germany, Nikolas Havrikov CISPA, Germany, Ezekiel O. Soremekun CISPA, Germany, Andreas Zeller CISPA, Germany
DOI
08:41
19m
Talk
Conversations on Testing 4
Paper Presentations
Manuel Rigger ETH Zurich, Valerio Terragni USI Lugano, Switzerland, Gunel Jahangirova USI Lugano, Switzerland, Alexander Kampmann CISPA, Germany, M: Marcel Böhme Monash University, Australia