Skip to main content
SpringerLink
Log in

A Risk Assessment Framework for Software Testing

  • Conference paper
Leveraging Applications of Formal Methods, Verification and Validation. Specialized Techniques and Applications (ISoLA 2014)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 8803))

Abstract

In industry, testing has to be performed under severe pressure due to limited resources. Risk-based testing which uses risks to guide the test process is applied to allocate resources and to reduce product risks. Risk assessment, i.e., risk identification, analysis and evaluation, determines the significance of the risk values assigned to tests and therefore the quality of the overall risk-based test process. In this paper we provide a risk assessment model and its integration into an established test process. This framework is derived on the basis of best practices extracted from published risk-based testing approaches and applied to an industrial test process.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Felderer, M., Schieferdecker, I.: A taxonomy of risk-based testing. STTT (2014)

    Google Scholar 

  2. Wendland, M.F., Kranz, M., Schieferdecker, I.: A systematic approach to risk-based testing using risk-annotated requirements models. In: ICSEA 2012, The Seventh International Conference on Software Engineering Advances, pp. 636–642 (2012)

    Google Scholar 

  3. ISTQB: Standard glossary of terms used in software testing, version 2.2. Technical report, ISTQB (2012)

    Google Scholar 

  4. Alam, M.M., Khan, A.I.: Risk-based testing techniques: A perspective study. International Journal of Computer Applications 65(1) (2013)

    Google Scholar 

  5. ISO: ISO/IEC 29119 Software Testing, Draft (2013)

    Google Scholar 

  6. Amland, S.: Risk-based testing: Risk analysis fundamentals and metrics for software testing including a financial application case study. Journal of Systems and Software 53(3), 287–295 (2000)

    Article  Google Scholar 

  7. Felderer, M., Haisjackl, C., Breu, R., Motz, J.: Integrating manual and automatic risk assessment for risk-based testing. In: Biffl, S., Winkler, D., Bergsmann, J. (eds.) SWQD 2012. LNBIP, vol. 94, pp. 159–180. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  8. Merriam-Webster: Merriam-Webster Online Dictionary (2009), http://www.merriam-webster.com/dictionary/risk (accessed: April 04, 2013)

  9. Standards Australia/New Zealand: Risk Management AS/NZS 4360:2004 (2004)

    Google Scholar 

  10. McCall, J., Richards, P., Walters, G.: Factors in software quality. Technical report, NTIS, vol. 1, 2 and 3 (1997)

    Google Scholar 

  11. Bai, X., Kenett, R.S., Yu, W.: Risk assessment and adaptive group testing of semantic web services. International Journal of Software Engineering and Knowledge Engineering 22(05), 595–620 (2012)

    Article  Google Scholar 

  12. Felderer, M., Ramler, R.: Integrating risk-based testing in industrial test processes. Software Quality Journal, 1–33 (2013) (online first)

    Google Scholar 

  13. Ray, M., Mohapatra, D.P.: Risk analysis: a guiding force in the improvement of testing. IET Software 7(1), 29–46 (2013)

    Article  Google Scholar 

  14. Chen, Y., Probert, R.L., Sims, D.P.: Specification-based regression test selection with risk analysis. In: Proceedings of the 2002 Conference of the Centre for Advanced Studies on Collaborative Research, p. 1. IBM Press (2002)

    Google Scholar 

  15. Redmill, F.: Exploring risk-based testing and its implications. Software Testing, Verification and Reliability 14(1), 3–15 (2004)

    Article  Google Scholar 

  16. Redmill, F.: Theory and practice of risk-based testing. Software Testing, Verification and Reliability 15(1), 3–20 (2005)

    Article  Google Scholar 

  17. Stallbaum, H., Metzger, A.: Employing requirements metrics for automating early risk assessment. In: Proc. of MeReP 2007, Palma de Mallorca, Spain, pp. 1–12 (2007)

    Google Scholar 

  18. Stallbaum, H., Metzger, A., Pohl, K.: An automated technique for risk-based test case generation and prioritization. In: Proceedings of the 3rd International Workshop on Automation of Software Test, pp. 67–70. ACM (2008)

    Google Scholar 

  19. Souza, E., Gusmao, C., Alves, K., Venancio, J., Melo, R.: Measurement and control for risk-based test cases and activities. In: 10th Latin American Test Workshop, pp. 1–6. IEEE (2009)

    Google Scholar 

  20. Souza, E., Gusmão, C., Venâncio, J.: Risk-based testing: A case study. In: 2010 Seventh International Conference on Information Technology: New Generations (ITNG), pp. 1032–1037. IEEE (2010)

    Google Scholar 

  21. Zimmermann, F., Eschbach, R., Kloos, J., Bauer, T., et al.: Risk-based statistical testing: A refinement-based approach to the reliability analysis of safety-critical systems. In: Proceedings of the 12th European Workshop on Dependable Computing, EWDC 2009 (2009)

    Google Scholar 

  22. Kloos, J., Hussain, T., Eschbach, R.: Risk-based testing of safety-critical embedded systems driven by fault tree analysis. In: 2011 IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops (ICSTW), pp. 26–33. IEEE (2011)

    Google Scholar 

  23. Yoon, H., Choi, B.: A test case prioritization based on degree of risk exposure and its empirical study. International Journal of Software Engineering and Knowledge Engineering 21(02), 191–209 (2011)

    Article  Google Scholar 

  24. Zech, P.: Risk-based security testing in cloud computing environments. In: 2011 IEEE Fourth International Conference on Software Testing, Verification and Validation (ICST), pp. 411–414. IEEE (2011)

    Google Scholar 

  25. Felderer, M., Ramler, R.: Experiences and challenges of introducing risk-based testing in an industrial project. In: Winkler, D., Biffl, S., Bergsmann, J. (eds.) SWQD 2013. LNBIP, vol. 133, pp. 10–29. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  26. Pandian, C.R.: Applied software risk management: a guide for software project managers. CRC Press (2006)

    Google Scholar 

  27. Cavano, J., McCall, J.: A framework for the measurement of software quality. ACM SIGMETRICS Performance Evaluation Review 7(3-4), 133–139 (1978)

    Article  Google Scholar 

  28. Haisjackl, C., Felderer, M., Breu, R.: Riscal–a risk estimation tool for software engineering purposes. In: 2013 39th EUROMICRO Conference on Software Engineering and Advanced Applications (SEAA), pp. 292–299. IEEE (2013)

    Google Scholar 

  29. Felderer, M., Ramler, R.: A multiple case study on risk-based testing in industry. STTT (2014)

    Google Scholar 

  30. McCabe, T.: A complexity measure. IEEE Transactions on Software Engineering, 308–320 (1976)

    Google Scholar 

  31. SonarSource: Sonar (2013), http://www.sonarsource.org/ (accessed: March 12, 2013)

  32. microtool: in-Step (2013), http://www.microtool.de/inStep (accessed: November 30, 2013)

Download references

Author information

Authors and Affiliations

  1. Institute of Computer Science, University of Innsbruck, Austria

    Michael Felderer, Christian Haisjackl, Viktor Pekar & Ruth Breu

Authors
  1. Michael Felderer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christian Haisjackl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Viktor Pekar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ruth Breu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Limerick, Ireland

    Tiziana Margaria

  2. TU Dortmund, Germany

    Bernhard Steffen

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Felderer, M., Haisjackl, C., Pekar, V., Breu, R. (2014). A Risk Assessment Framework for Software Testing. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation. Specialized Techniques and Applications. ISoLA 2014. Lecture Notes in Computer Science, vol 8803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45231-8_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-45231-8_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-45230-1

  • Online ISBN: 978-3-662-45231-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation