Introduction to Software Testing Chapter 9.3 Challenges in Testing Software Test Criteria and the Future of Testing Paul Ammann & Jeff Offutt

2 Chapter 9 Outline 1.Testing for Emergent Properties: Safety and Security 2.Software Testability 3.Test Criteria and the Future of Software Testing Test Criteria and the Future of Software Testing Introduction to Software Testing (Ch 9.2) © Ammann & Offutt

3 Testing in the 1980s and 1990s Software engineering was very different – Low quality software was normal and expected – The cost of building better software outweighed the benefits Software was smaller – Most software was bundled, shrink-wrapped, contracted – Industry became dominated by one monopolistic vendor About a dozen books – A few broad survey books, one or two on testing, design, requirements, etc In the early 1980s, one semester course was enough to learn most of the knowledge in software engineering Safety critical software was a tiny part of the industry Testing, especially high-end testing, simply was not very important Introduction to Software Testing (Ch 9.2) © Ammann & Offutt

4 Cost of Late Testing Requirements Test Planning Design Review Development Unit Testing Functional Testing System Testing Production Cost per Fault 1X 5X10X50X $6K$13K$20K$101K$363K$252K Current State Fault Discovery 20%13%6%20%5%36% 10% Fault Origination 40%50% Planning & Requirements DesignDevelopmentTestingUAT Deploy to Production Source – Software Engineering Institute; Carnegie Mellon University; Handbook CMU/SEI-96-HB-002; page Introduction to Software Testing (Ch 9.2) © Ammann & Offutt

5 Testing in the 21st Century The field has dramatically changed Today’s software market : – is much bigger – is more competitive – has more users – used in more places The web offers a new deployment platform – Very competitive and very available to more users Enterprise applications means bigger programs and more users Embedded software is now ubiquitous … check your pockets ! Paradoxically, free software increases our expectations ! Security has now become essential … Introduction to Software Testing (Ch 9.2) © Ammann & Offutt

6 Problems Leading to Security Vulnerabilities 1980 : Security was mostly about math – Cryptography 1990 : Security was mostly about protecting the database 2000 : Security was mostly about bullet-proofing the network Today : Most security vulnerabilities are a result of faults in the software Software testing is fast becoming essential to an essential problem in the software industry Software Security Introduction to Software Testing (Ch 9.2) © Ammann & Offutt

7 Testing Research 1980s : Criteria and algorithms for unit testing 1990s : Test criteria for other technologies and “levels” 2000s : More automation for test criteria and more technologies 2010s : Practical solutions to industry problems A major point of this book is that we have enough criteria Test criteria are uniform across different software artifacts – A graph is a graph is a graph … – 36 criteria on 4 structures So are we done with testing research ? – Can I retire now … Introduction to Software Testing (Ch 9.2) © Ammann & Offutt

8 Testing Research – Are We Done ? We need more work on how to test modern technologies – The ideas in chapter 7 are still developing – OO, web, GUIs, real-time, embedded, … – How to create the structures and how to adapt the criteria ? Which criteria to use when ? – Cost / benefit tradeoffs among criteria are not known Which structure should be used when ? Technology transition to industry – How best to automate the testing research ideas ? – How to insert new testing techniques into the development process ? – How to effectively and efficiently balance research theory with practical needs ? No ! Introduction to Software Testing (Ch 9.2) © Ammann & Offutt

9 Testing Research – Going Forward Automatic test data generation is one of the hardest problems – But also the core of testing – getting values to satisfy criteria – Research started in the 1970s – major advances in the 1980s, 1990s and 2000s – Still very little help from industry-quality tools Testability, reliability, and other related areas are wide open We know a lot about testing new software – much less about regression testing or testing evolving software – Which happens to account for most of the effort in industry … Research in software testing is increasing – Currently lots of funding in Europe and Asia – from both government and industry sources – New, well attended venues (eg ICST) Introduction to Software Testing (Ch 9.2) © Ammann & Offutt

Future of Software Testing 1. Increased specialization in testing teams will lead to more efficient and effective testing 2. Testing and QA teams will have more technical expertise 3. Developers will have more knowledge about testing and motivation to test better 4. Agile processes puts testing first—putting pressure on both testers and developers to test better 5. Testing and security are starting to merge 10 Introduction to Software Testing (Ch 9.2) © Ammann & Offutt

11 Summary We have entered a golden age for software testing With more attention from – Industry – Research – Education … Finally we have the knowledge, resources, and motivation to make testing a technical discipline Introduction to Software Testing (Ch 9.2) © Ammann & Offutt