How to Break Software takes a very applied and non-rigid approach to teaching how to test software for common bugs. It is a departure from conventional testing in which testers prepare a written test plan and then use it as a script when testing the software. Instead of relying on a rigid plan, it should be intelligence, insight, experience and a “nose for where the bugs are hiding” that guide testers. This book helps testers develop this insight.
The techniques presented in this book not only allow testers to go off-script, they encourage them to do so. Don't blindly follow a document that may be out of date and that was written before the product was even testable. Instead, use your head! Open your eyes! Think a little, test a little and then think a little more.
- Uses an applied, tutorial approach to teaching software testing.
- Demonstrates a method for testing software at the most common places that bugs appear: The User Interface, the File Systems Interface, and the Operating System Interface.
- Teaches planning in a methodical “on-the-fly while you are testing” way.
- Encourages automation with many repetitive and complex tasks that require good tools.
- Contains CD with HEAT: Hostile Environment Application Tester, software that provides a mechanism to easily trip exceptions and force error code to execute. HEAT can be used to simulate a faulty network, low memory, a full hard drive and any number of other common failure scenarios. Also includes Holodeck Lite.
- Written by a seasoned professor, trusted consultant, and standing-room-only speaker.
- Endorsed by the directors of testing at IBM, Rational Software Corporation, and Microsoft.
Table of Contents
I. INTRODUCTION. 1. A Fault Model to Guide Software Testing.
The Purpose of Software Testing.
Understanding Software Behavior.
Understanding Software's Environment.
The Human User.
File System User.
The Operating System User.
The Software User.
Understanding Software's Capabilities.
Summary and Conclusion.
II. USER INTERFACE ATTACKS. 2. Testing from the User Interface: Inputs and Outputs.
Using the Fault Model to Guide Testing.
Exploring the Input Domain.
First Attack: Apply inputs that force all the error messages to occur.
Second Attack: Apply inputs that force the software to establish default values.
Third Attack: Explore allowable character sets and data types.
Fourth Attack: Overflow input buffers.
Fifth Attack: Find inputs that may interact and test various combinations of their values.
Sixth Attack: Repeat the same input or series of inputs numerous times.
Seventh Attack: Force different outputs to be generated for each input.
Eighth Attack: Force invalid outputs to be generated.
Ninth Attack: Force properties of an output to change.
Tenth Attack: Force the screen to refresh.
References.3. Testing from the User Interface: Data and Computation.
Testing Inside the Box.
Exploring Stored Data.
Eleventh Attack: Apply inputs using a variety of initial conditions.
Twelfth Attack: Force a data structure to store too many/too few values.
Thirteenth Attack: Investigate alternate ways to modify internal data constraints.
Exploring Computation and Feature Interaction.
Fifteenth Attack: Force a function to call itself recursively.
Sixteenth Attack: Force computation results to be too large or too small.
Seventeenth Attack: Find features that share data or interact poorly.
III. SYSTEM INTERFACE ATTACKS. 4. Testing from the File System Interface.
Attacking Software from the File System Interface.
First Attack: Inject faults that simulate memory access problems.
Second Attack: Inject faults that simulate network problems.
Third Attack: Damage the media.
Fourth Attack: Assign an invalid file name.
Fifth Attack: Vary file access permissions.
Sixth Attack: Vary/corrupt file contents.
Exercises.5. Testing from the Software/OS Interface.
Attacking Software from Software Interfaces.
IV. CONCLUSION. 6. Some Parting Advice.
You'll Never Know Everything.
Friday Afternoon Bug Fests.
APPENDICES. Annotated Glossary of Programming Terms. Appendix A. Testing Exception and Error Cases Using Runtime Fault Injection.
A Mechanism for Runtime Fault Injection.
References.Appendix B. Using HEAT: The Hostile Environment Application Tester.
Canned HEAT User Guide.
The Application Band.
The Monitor Band.
Fault Injection Bands and Their Functionality.
The Network Band.
Memory.Appendix C. What is Software Testing? And Why is it so Hard?
The Software Testing Process.
Phase One: Modeling the Software's Environment.
Phase Two: Selecting Test Scenarios.
Phase Three: Running and Evaluating Test Scenarios.
Phase Four: Measuring Testing Progress.
References.The Software Testing Problem.
James A. Whittaker is a well-known speaker and consultant, as well as seasoned professor.