What Should be Assumed in Defensive Programming?
- Users will make mistakes
- Inputs may be malicious
- Systems will fail at the worst time
- Use Redundant Checks + Explicitly Test Assumptions
What is Graceful Degredation?
A system can still run essential operations when at less capable environments
What are the Three Pillars of Reliable Secure Software?
- Fault Avoidance
- Fault Tolerance
- Fault Detection
What is N-version Programming?
Running N independent instances of a software with the same functionality
What is Cleanroom Software Development?
Methodology to keep defects out, not to patch them later
What are the Techniques Being Practiced in Cleanroom Software Development?
- Formal Specification
- Incremental Development with Customer Input
- Constrained Programming Options
- Static Verification
- Statistical Testing
Differentiate Static vs Dynamic Verification
- Static Verification is testing software without executing it
- Dynamic Verification is testing software with trial data
What is Verification?
Checking if a product is built in accordance to its specifications
What is Testing?
Proving software functions properly and meets user needs
What is Unit Testing?
Testing small, isolatable parts of code to ensure functionality
What is System Testing?
Testing the whole system to ensure overall functionality
What is Sub-System Testing?
Testing module and unit interaction to ensure system cohesion
What is Acceptance Testing?
Testing a system to ensure it meets user needs, requirements, and business processes
What are the Types of Testing Strategies?
- Bottom-up testing: smallest units are tested and grouped
- Top-down testing: Testing main components and sub-components
- Stress testing: Pushing a system beyond its limits
Validation vs Verification?
- Validation: checking if the deliverable is what the user requested
- Verification: checking if deliverable is built properly
What are Common Software Errors?
- Data Faults
- Control Faults
- Input/out Faults
- Interface Faults
- Interface Faults
- Storage Management Faults
- Exceptions
What is the Objective of Testing?
To find faults
What are Test Cases?
- Specific tests that are chosen to find faults
- Balance Cost vs Benefit
What are Good Sources of Test Cases?
- Developers (Know weak spots)
- Clients (Business Gaps)
- Inexperienced Users (Unexpeced Mistakes)
Why is Coverage of Inputs Important in Test Case selection?
To test all classes of input
Why is Coverage of Program Important in Test Case selection?
To test all functions of each computer program
What are the Steps of Bug Fixing?
- Isolate Bug
- Understand Bug
- Fix Bug
What is Regression Testing?
Repeating already executed tests to check if any changes have impacted the system negatively
