Standard glossary of terms used in Software Testing
Version 2.1 (dd. April 1st, 2010)
Produced by the ‘Glossary Working Party’
International Software Testing Qualifications Board
Editor : Erik van Veenendaal (The Netherlands)
This document may be copied in its entirety, or extracts made, if the source is acknowledged.
Table of Content
4. Normative references
A | B | C | D | E | F | G | H | I | K | L | M | N | O | P | Q | R | S | T | U | V | W
Annex A (Informative)
Annex B (Method of commenting on this glossary)
IDEAL: An organizational improvement model that serves as a roadmap for initiating,
planning, and implementing improvement actions. The IDEAL model is named for the five
phases it describes: initiating, diagnosing, establishing, acting, and learning impact
analysis: The assessment of change to the layers of development documentation, test documentation and components, in order to implement a given change to specified
impact analysis: The assessment of change to the layers of development documentation, test documentation and components, in order to implement a given change to specified requirements.
incident: Any event occurring that requires investigation. [After IEEE 1008]
incident logging: Recording the details of any incident that occurred, e.g. during testing.
incident management: The process of recognizing, investigating, taking action and disposing of incidents. It involves logging incidents, classifying them and identifying the impact. [After IEEE 1044]
incident management tool: A tool that facilitates the recording and status tracking of incidents. They often have workflow-oriented facilities to track and control the allocation, correction and re-testing of incidents and provide reporting facilities. See also defect management tool.
incident report: A document reporting on any event that occurred, e.g. during the testing, which requires investigation. [After IEEE 829]
incremental development model: A development life cycle where a project is broken into a series of increments, each of which delivers a portion of the functionality in the overall project requirements. The requirements are prioritized and delivered in priority order in the appropriate increment. In some (but not all) versions of this life cycle model, each subproject follows a ‘mini V-model’ with its own design, coding and testing phases.
incremental testing: Testing where components or systems are integrated and tested one or some at a time, until all the components or systems are integrated and tested.
independence of testing: Separation of responsibilities, which encourages the accomplishment of objective testing. [After DO-178b]
indicator: A measure that can be used to estimate or predict another measure. [ISO 14598]
infeasible path: A path that cannot be exercised by any set of possible input values.
informal review: A review not based on a formal (documented) procedure.
initiating (IDEAL): The phase within the IDEAL model where the groundwork is laid for a successful improvement effort. The initiating phase consists of the activities: set context,build sponsorship and charter infrastructure. See also IDEAL.
input: A variable (whether stored within a component or outside) that is read by a component.
input domain: The set from which valid input values can be selected. See also domain.
input value: An instance of an input. See also input.
inspection: A type of peer review that relies on visual examination of documents to detect defects, e.g. violations of development standards and non-conformance to higher level documentation. The most formal review technique and therefore always based on a documented procedure. [After IEEE 610, IEEE 1028] See also peer review.
inspection leader: See moderator.
inspector: See reviewer.
installability: The capability of the software product to be installed in a specified environment [ISO 9126]. See also portability.
installability testing: The process of testing the installability of a software product. See also portability testing.
installation guide: Supplied instructions on any suitable media, which guides the installer through the installation process. This may be a manual guide, step-by-step procedure, installation wizard, or any other similar process description.
installation wizard: Supplied software on any suitable media, which leads the installer through the installation process. It normally runs the installation process, provides feedback on installation results, and prompts for options.
instrumentation: The insertion of additional code into the program in order to collect information about program behavior during execution, e.g. for measuring code coverage.
instrumenter: A software tool used to carry out instrumentation.
intake test: A special instance of a smoke test to decide if the component or system is ready for detailed and further testing. An intake test is typically carried out at the start of the test execution phase. See also smoke test.
integration: The process of combining components or systems into larger assemblies.
integration testing: Testing performed to expose defects in the interfaces and in the interactions between integrated components or systems. See also component integration testing, system integration testing.
integration testing in the large: See system integration testing.
integration testing in the small: See component integration testing.
interface testing: An integration test type that is concerned with testing the interfaces between components or systems.
interoperability: The capability of the software product to interact with one or more specified components or systems. [After ISO 9126] See also functionality.
interoperability testing: The process of testing to determine the interoperability of a software product. See also functionality testing.
invalid testing: Testing using input values that should be rejected by the component or system. See also error tolerance, negative testing.
Ishikawa diagram: See cause-effect diagram
isolation testing: Testing of individual components in isolation from surrounding components, with surrounding components being simulated by stubs and drivers, if needed.
item transmittal report: See release note.
iterative development model: A development life cycle where a project is broken into a usually large number of iterations. An iteration is a complete development loop resulting in a release (internal or external) of an executable product, a subset of the final product under development, which grows from iteration to iteration to become the final product.
key performance indicator: See performance indicator.
keyword driven testing: A scripting technique that uses data files to contain not only test data and expected results, but also keywords related to the application being tested. The keywords are interpreted by special supporting scripts that are called by the control script for the test. See also data driven testing.
LCSAJ: A Linear Code Sequence And Jump, consisting of the following three items (conventionally identified by line numbers in a source code listing): the start of the linear sequence of executable statements, the end of the linear sequence, and the target line to which control flow is transferred at the end of the linear sequence.
LCSAJ coverage: The percentage of LCSAJs of a component that have been exercised by a test suite. 100% LCSAJ coverage implies 100% decision coverage.
LCSAJ testing: A white box test design technique in which test cases are designed to execute LCSAJs.
lead assessor: The person who leads an assessment. In some cases, for instance CMMi and TMMi when formal assessments are conducted, the lead-assessor must be accredited and formally trained.
learning (IDEAL): The phase within the IDEAL model where one learns from experiences and improves one’s ability to adopt new processes and technologies in the future. The learning phase consists of the activities: analyze and validate, and propose future actions. See also IDEAL.
lifecycle model: A partitioning of the life of a product or project into phases. [CMMI] See also software lifecycle.
learnability: The capability of the software product to enable the user to learn its application. [ISO 9126] See also usabilit.
level test plan: A test plan that typically addresses one test level. See also test plan.
link testing: See component integration testing.
load profile: A specification of the activity which a component or system being tested may experience in production. A load profile consists of a designated number of virtual users who process a defined set of transactions in a specified time period and according to a predefined operational profile. See also operational profile.
load testing: A type of performance testing conducted to evaluate the behavior of a component or system with increasing load, e.g. numbers of parallel users and/or numbers of transactions, to determine what load can be handled by the component or system. See also performance testing, stress testing.
load testing tool: See performance testing tool.
logic-coverage testing: See white box testing. [Myers]
logic-driven testing: See white box testing.
logical test case: See high level test case.
low level test case: A test case with concrete (implementation level) values for input data and expected results. Logical operators from high level test cases are replaced by actual values that correspond to the objectives of the logical operators. See also high level test case.
maintenance: Modification of a software product after delivery to correct defects, to improve performance or other attributes, or to adapt the product to a modified environment. [IEEE 1219]
maintenance testing: Testing the changes to an operational system or the impact of a changed environment to an operational system.
maintainability: The ease with which a software product can be modified to correct defects, modified to meet new requirements, modified to make future maintenance easier, or adapted to a changed environment. [ISO 9126]
maintainability testing: The process of testing to determine the maintainability of a software product.
management review: A systematic evaluation of software acquisition, supply, development, operation, or maintenance process, performed by or on behalf of management that monitors progress, determines the status of plans and schedules, confirms requirements and their system allocation, or evaluates the effectiveness of management approaches to achieve fitness for purpose. [After IEEE 610, IEEE 1028]
manufacturing-based quality: A view of quality, whereby quality is measured by the degree to which a product or service conforms to its intended design and requirements. Quality arises from the process(es) used. [After Garvin] See also product-based quality, transcendent-based quality, user-based quality, value-based quality.
master test plan: A test plan that typically addresses multiple test levels. See also test plan.
maturity: (1) The capability of an organization with respect to the effectiveness and efficiency of its processes and work practices. See also Capability Maturity Model, Test Maturity Model. (2)The capability of the software product to avoid failure as a result of defects in the software. [ISO 9126] See also reliability.
maturity level: Degree of process improvement across a predefined set of process areas in which all goals in the set are attained. [TMMi]
maturity model: A structured collection of elements that describe certain aspects of maturity in an organization, and aid in the definition and understanding of an organization's processes. A maturity model often provides a common language, shared vision and framework for prioritizing improvement actions.
Mean Time Between Failures: The arithmetic mean (average) time between failures of a system. The MTBF is typically part of a reliability growth model that assumes the failed system is immediately repaired, as a part of a defect fixing process. See also reliability growth model.
Mean Time To Repair: The arithmetic mean (average) time a system will take to recover from any failure. This typically includes testing to insure that the defect has been resolved.
measure: The number or category assigned to an attribute of an entity by making a measurement. [ISO 14598]
measurement: The process of assigning a number or category to an entity to describe an attribute of that entity. [ISO 14598]
measurement scale: A scale that constrains the type of data analysis that can be performed on it. [ISO 14598]
memory leak: A memory access failure due to a defect in a program's dynamic store allocation logic that causes it to fail to release memory after it has finished using it, eventually causing the program and/or other concurrent processes to fail due to lack of memory.
metric: A measurement scale and the method used for measurement. [ISO 14598]
migration testing: See conversion testing.
milestone: A point in time in a project at which defined (intermediate) deliverables and results should be ready.
mind-map: A diagram used to represent words, ideas, tasks, or other items linked to and arranged around a central key word or idea. Mind maps are used to generate, visualize, structure, and classify ideas, and as an aid in study, organization, problem solving, decision making, and writing.
mistake: See error.
modeling tool: A tool that supports the creation, amendment and verification of models of the software or system [Graham].
moderator: The leader and main person responsible for an inspection or other review process.
modified condition decision coverage: See condition determination coverage.
modified condition decision testing: See condition determination testing.
modified multiple condition coverage: See condition determination coverage.
modified multiple condition testing: See condition determination testing.
module: See component.
module testing: See component testing.
monitor: A software tool or hardware device that runs concurrently with the component or system under test and supervises, records and/or analyses the behavior of the component or system. [After IEEE 610]
monitoring tool: See monitor.
monkey testing:Testing by means of a random selection from a large range of inputs and by randomly pushing buttons, ignorant of how the product is being used.
MTBF: See Mean Time Between Failures.
MTTR: See Mean Time To Repair.
multiple condition: See compound condition.
multiple condition coverage: The percentage of combinations of all single condition outcomes within one statement that have been exercised by a test suite. 100% multiple condition coverage implies 100% condition determination coverage.
multiple condition testing: A white box test design technique in which test cases are designed to execute combinations of single condition outcomes (within one statement).
mutation analysis: A method to determine test suite thoroughness by measuring the extent to which a test suite can discriminate the program from slight variants (mutants) of the program.
mutation testing: See back-to-back testing.
N-switch coverage: The percentage of sequences of N+1 transitions that have been exercised by a test suite. [Chow]
N-switch testing: A form of state transition testing in which test cases are designed to execute all valid sequences of N+1 transitions. [Chow] See also state transition testing.
negative testing: Tests aimed at showing that a component or system does not work. Negative testing is related to the testers’ attitude rather than a specific test approach or test design technique, e.g. testing with invalid input values or exceptions. [After Beizer].
non-conformity: Non fulfillment of a specified requirement. [ISO 9000]
non-functional requirement: A requirement that does not relate to functionality, but to attributes such as reliability, efficiency, usability, maintainability and portability.
non-functional testing: Testing the attributes of a component or system that do not relate to functionality, e.g. reliability, efficiency, usability, maintainability and portability.
non-functional test design techniques: Procedure to derive and/or select test cases for non-functional testing based on an analysis of the specification of a component or system without reference to its internal structure. See also black box test design technique.
off-the-shelf software: A software product that is developed for the general market, i.e. for a large number of customers, and that is delivered to many customers in identical format.
operability: The capability of the software product to enable the user to operate and control it. [ISO 9126] See also usability.
operational acceptance testing: Operational testing in the acceptance test phase, typically performed in a (simulated) operational environment by operations and/or systems administration staff focusing on operational aspects, e.g. recoverability, resource-behavior, installability and technical compliance. See also operational testing.
operational environment: Hardware and software products installed at users’ or customers’ sites where the component or system under test will be used. The software may include operating systems, database management systems, and other applications.
operational profile: The representation of a distinct set of tasks performed by the component or system, possibly based on user behavior when interacting with the component or system, and their probabilities of occurrence. A task is logical rather that physical and can be executed over several machines or be executed in non-contiguous time segments.
operational profile testing: Statistical testing using a model of system operations (short duration tasks) and their probability of typical use. [Musa]
operational testing: Testing conducted to evaluate a component or system in its operational environment. [IEEE 610]
oracle: See test oracle.
orthogonal array: A 2-dimensional array constructed with special mathematical properties, such that choosing any two columns in the array provides every pair combination of each number in the array.
orthogonal array testing: A systematic way of testing all-pair combinations of variables using orthogonal arrays. It significantly reduces the number of all combinations of variables to test all pair combinations. See also pairwise testing.
outcome: See result.
output: A variable (whether stored within a component or outside) that is written by a component.
output domain: The set from which valid output values can be selected. See also domain.
output value: An instance of an output. See also output.
pair programming: A software development approach whereby lines of code (production and/or test) of a component are written by two programmers sitting at a single computer. This implicitly means ongoing real-time code reviews are performed.
pair testing: Two persons, e.g. two testers, a developer and a tester, or an end-user and a tester, working together to find defects. Typically, they share one computer and trade control of it while testing.
pairwise testing: A black box test design technique in which test cases are designed to execute all possible discrete combinations of each pair of input parameters. See also orthogonal array testing.
Pareto analysis: A statistical technique in decision making that is used for selection of a limited number of factors that produce significant overall effect. In terms of quality improvement, a large majority of problems (80%) are produced by a few key causes (20%).
partition testing: See equivalence partitioning. [Beizer]
pass: A test is deemed to pass if its actual result matches its expected result.
pass/fail criteria: Decision rules used to determine whether a test item (function) or feature has passed or failed a test. [IEEE 829]
path: A sequence of events, e.g. executable statements, of a component or system from an entry point to an exit point.
path coverage: The percentage of paths that have been exercised by a test suite. 100% path coverage implies 100% LCSAJ coverage.
path sensitizing: Choosing a set of input values to force the execution of a given path.
path testing: A white box test design technique in which test cases are designed to execute paths.
peer review: A review of a software work product by colleagues of the producer of the product for the purpose of identifying defects and improvements. Examples are inspection, technical review and walkthrough.
performance: The degree to which a system or component accomplishes its designated functions within given constraints regarding processing time and throughput rate. [After IEEE 610] See also efficiency.
performance indicator: A high level metric of effectiveness and/or efficiency used to guide and control progressive development, e.g. lead-time slip for software development. [CMMI]
performance profiling: Definition of user profiles in performance, load and/or stress testing. Profiles should reflect anticipated or actual usage based on an operational profile of a component or system, and hence the expected workload. See also load profile, operational profile.
performance testing: The process of testing to determine the performance of a software product. See also efficiency testing.
performance testing tool: A tool to support performance testing that usually has two main facilities: load generation and test transaction measurement. Load generation can simulate either multiple users or high volumes of input data. During execution, response time measurements are taken from selected transactions and these are logged. Performance testing tools normally provide reports based on test logs and graphs of load against response times.
phase test plan: A test plan that typically addresses one test phase. See also test plan.
pointer: A data item that specifies the location of another data item; for example, a data item that specifies the address of the next employee record to be processed. [IEEE 610]
portability: The ease with which the software product can be transferred from one hardware or software environment to another. [ISO 9126]
portability testing: The process of testing to determine the portability of a software product.
post condition: Environmental and state conditions that must be fulfilled after the execution of a test or test procedure.
post-execution comparison: Comparison of actual and expected results, performed after the software has finished running.
post-project meeting: See retrospective meeting.
precondition: Environmental and state conditions that must be fulfilled before the component or system can be executed with a particular test or test procedure.
predicted outcome: See expected result.
pretest: See intake test.
priority: The level of (business) importance assigned to an item, e.g. defect.
procedure testing: Testing aimed at ensuring that the component or system can operate in conjunction with new or existing users’ business procedures or operational procedures.
probe effect: The effect on the component or system by the measurement instrument when the component or system is being measured, e.g. by a performance testing tool or monitor. For example performance may be slightly worse when performance testing tools are being used.
problem: See defect.
problem management: See defect management.
problem report: See defect report.
process: A set of interrelated activities, which transform inputs into outputs. [ISO 12207]
process assessment: A disciplined evaluation of an organization’s software processes against a reference model. [after ISO 15504]
process cycle test: A black box test design technique in which test cases are designed to execute business procedures and processes. [TMap] See also procedure testing.
process improvement: A program of activities designed to improve the performance and maturity of the organization’s processes, and the result of such a program. [CMMI]
process model: A framework wherein processes of the same nature are classified into a overall model, e.g. a test improvement model.
product-based quality: A view of quality, wherein quality is based on a well-defined set of quality attributes. These attributes must be measured in an objective and quantitative way. Differences in the quality of products of the same type can be traced back to the way the specific quality attributes have been implemented. [After Garvin] See also manufacturing based quality, quality attribute, transcendent-based quality, user-based quality, valuebased quality.
production acceptance testing: See operational acceptance testing.
product risk: A risk directly related to the test object. See also risk.
project: A project is a unique set of coordinated and controlled activities with start and finish dates undertaken to achieve an objective conforming to specific requirements, including the constraints of time, cost and resources. [ISO 9000]
project retrospective: A structured way to capture lessons learned and to create specific action plans for improving on the next project or next project phase.
project risk: A risk related to management and control of the (test) project, e.g. lack of staffing, strict deadlines, changing requirements, etc. See also risk.
program instrumenter: See instrumenter.
program testing: See component testing.
project test plan: See master test plan.
pseudo-random: A series which appears to be random but is in fact generated according to some prearranged sequence.
qualification: The process of demonstrating the ability to fulfill specified requirements. Note the term ‘qualified’ is used to designate the corresponding status. [ISO 9000]
quality: The degree to which a component, system or process meets specified requirements and/or user/customer needs and expectations. [After IEEE 610]
quality assurance: Part of quality management focused on providing confidence that quality requirements will be fulfilled. [ISO 9000]
quality attribute: A feature or characteristic that affects an item’s quality. [IEEE 610]
quality characteristic: See quality attribute.
quality gate: A special milestone in a project. Quality gates are located between those phases of a project strongly depending on the outcome of a previous phase. A quality gate includes a formal check of the documents of the previous phase.
quality management: Coordinated activities to direct and control an organization with regard to quality. Direction and control with regard to quality generally includes the establishment of the quality policy and quality objectives, quality planning, quality control, quality assurance and quality improvement. [ISO 9000]
random testing: A black box test design technique where test cases are selected, possibly using a pseudo-random generation algorithm, to match an operational profile. This technique can be used for testing non-functional attributes such as reliability and performance.
Rational Unified Process: A proprietary adaptable iterative software development process framework consisting of four project lifecycle phases: inception, elaboration, construction and transition.
recorder: See scribe.
record/playback tool: See capture/playback tool.
recoverability: The capability of the software product to re-establish a specified level of performance and recover the data directly affected in case of failure. [ISO 9126] See also reliability.
recoverability testing: The process of testing to determine the recoverability of a software product. See also reliability testing.
recovery testing: See recoverability testing.
regression testing: Testing of a previously tested program following modification to ensure that defects have not been introduced or uncovered in unchanged areas of the software, as a result of the changes made. It is performed when the software or its environment is changed.
regulation testing: See compliance testing.
release note: A document identifying test items, their configuration, current status and other delivery information delivered by development to testing, and possibly other stakeholders, at the start of a test execution phase. [After IEEE 829]
reliability: The ability of the software product to perform its required functions under stated conditions for a specified period of time, or for a specified number of operations. [ISO 9126]
reliability growth model: A model that shows the growth in reliability over time during continuous testing of a component or system as a result of the removal of defects that result in reliability failures.
reliability testing: The process of testing to determine the reliability of a software product.
replaceability: The capability of the software product to be used in place of another specified software product for the same purpose in the same environment. [ISO 9126] See also portability.
requirement: A condition or capability needed by a user to solve a problem or achieve an objective that must be met or possessed by a system or system component to satisfy a contract, standard, specification, or other formally imposed document. [After IEEE 610]
requirements-based testing: An approach to testing in which test cases are designed based on test objectives and test conditions derived from requirements, e.g. tests that exercise specific functions or probe non-functional attributes such as reliability or usability.
requirements management tool: A tool that supports the recording of requirements, requirements attributes (e.g. priority, knowledge responsible) and annotation, and facilitates traceability through layers of requirements and requirements change management. Some requirements management tools also provide facilities for static analysis, such as consistency checking and violations to pre-defined requirements rules.
requirements phase: The period of time in the software life cycle during which the requirements for a software product are defined and documented. [IEEE 610]
resource utilization: The capability of the software product to use appropriate amounts and types of resources, for example the amounts of main and secondary memory used by the program and the sizes of required temporary or overflow files, when the software performs its function under stated conditions. [After ISO 9126] See also efficiency.
resource utilization testing: The process of testing to determine the resource-utilization of a software product. See also efficiency testing.
result: The consequence/outcome of the execution of a test. It includes outputs to screens, changes to data, reports, and communication messages sent out. See also actual result, expected result.
resumption criteria: The testing activities that must be repeated when testing is re-started after a suspension. [After IEEE 829]
re-testing: Testing that runs test cases that failed the last time they were run, in order to verify the success of corrective actions.
retrospective meeting: A meeting at the end of a project during which the project team members evaluate the project and learn lessons that can be applied to the next project.
review: An evaluation of a product or project status to ascertain discrepancies from planned results and to recommend improvements. Examples include management review, informal review, technical review, inspection, and walkthrough. [After IEEE 1028]
reviewer: The person involved in the review that identifies and describes anomalies in the product or project under review. Reviewers can be chosen to represent different viewpoints and roles in the review process.
review tool: A tool that provides support to the review process. Typical features include review planning and tracking support, communication support, collaborative reviews and a repository for collecting and reporting of metrics.
risk: A factor that could result in future negative consequences; usually expressed as impact and likelihood.
risk analysis: The process of assessing identified risks to estimate their impact and probability of occurrence (likelihood).
risk-based testing: An approach to testing to reduce the level of product risks and inform stakeholders of their status, starting in the initial stages of a project. It involves the identification of product risks and the use of risk levels to guide the test process.
risk category: See risk type.
risk control: The process through which decisions are reached and protective measures are implemented for reducing risks to, or maintaining risks within, specified levels.
risk identification: The process of identifying risks using techniques such as brainstorming, checklists and failure history.
risk level: The importance of a risk as defined by its characteristics impact and likelihood. The level of risk can be used to determine the intensity of testing to be performed. A risk level can be expressed either qualitatively (e.g. high, medium, low) or quantitatively.
risk management: Systematic application of procedures and practices to the tasks of identifying, analyzing, prioritizing, and controlling risk.
risk mitigation: See risk control.
risk type: A set of risks grouped by one or more common factors such as a quality attribute, cause, location, or potential effect of risk;. A specific set of product risk types is related to the type of testing that can mitigate (control) that risk type. For example the risk of userinteractions being misunderstood can be mitigated by usability testing.
robustness: The degree to which a component or system can function correctly in the presence of invalid inputs or stressful environmental conditions. [IEEE 610] See also error-tolerance, fault-tolerance.
robustness testing: Testing to determine the robustness of the software product.
root cause: A source of a defect such that if it is removed, the occurrence of the defect type is decreased or removed. [CMMI]
root cause analysis: An analysis technique aimed at identifying the root causes of defects. By directing corrective measures at root causes, it is hoped that the likelihood of defect recurrence will be minimized.
RUP: See Rational Unified Process.
safety: The capability of the software product to achieve acceptable levels of risk of harm to people, business, software, property or the environment in a specified context of use. [ISO 9126]
safety critical system: A system whose failure or malfunction may result in death or serious injury to people, or loss or severe damage to equipment, or environmental harm.
safety testing: Testing to determine the safety of a software product.
sanity test: See smoke test.
scalability: The capability of the software product to be upgraded to accommodate increased loads. [After Gerrard]
scalability testing: Testing to determine the scalability of the software product.
scenario testing: See use case testing.
scorecard: A representation of summarized performance measurements representing progress towards the implementation of long-term goals. A scorecard provides static measurements of performance over or at the end of a defined interval. See also balanced scorecard, dashboard.
SCRUM: An iterative incremental framework for managing projects commonly used with agile software development. See also agile software development.
scribe: The person who records each defect mentioned and any suggestions for process improvement during a review meeting, on a logging form. The scribe should ensure that the logging form is readable and understandable.
scripted testing: Test execution carried out by following a previously documented sequence of tests.
scripting language: A programming language in which executable test scripts are written, used by a test execution tool (e.g. a capture/playback tool).
security: Attributes of software products that bear on its ability to prevent unauthorized access, whether accidental or deliberate, to programs and data. [ISO 9126] See also functionality.
security testing: Testing to determine the security of the software product. See also functionality testing.
security testing tool: A tool that provides support for testing security characteristics and vulnerabilities.
security tool: A tool that supports operational security.
serviceability testing: See maintainability testing.
session-based test management: A method for measuring and managing session-based testing, e.g. exploratory testing.
session-based testing: An approach to testing in which test activities are planned as uninterrupted sessions of test design and execution, often used in conjunction with exploratory testing.
severity: The degree of impact that a defect has on the development or operation of a component or system. [After IEEE 610]
simulation: The representation of selected behavioral characteristics of one physical or abstract system by another system. [ISO 2382/1]
simulator: A device, computer program or system used during testing, which behaves or operates like a given system when provided with a set of controlled inputs. [After IEEE 610, DO178b] See also emulator.
site acceptance testing: Acceptance testing by users/customers at their site, to determine whether or not a component or system satisfies the user/customer needs and fits within the business processes, normally including hardware as well as software.
smoke test: A subset of all defined/planned test cases that cover the main functionality of a component or system, to ascertaining that the most crucial functions of a program work, but not bothering with finer details. A daily build and smoke test is among industry best practices. See also intake test.
software: Computer programs, procedures, and possibly associated documentation and data pertaining to the operation of a computer system. [IEEE 610]
software attack: See attack.
Software Failure Mode and Effect Analysis (SFMEA):See Failure Mode and Effect Analysis (FMEA).
Software Failure Mode Effect, and Criticality Analysis (SFMECA): See Failure Mode,Effects, and Criticality Analysis (FMECA).
Software Fault Tree Analysis (SFTA): See Fault Tree Analysis (FTA).
software feature: See feature.
software life cycle: The period of time that begins when a software product is conceived and ends when the software is no longer available for use. The software life cycle typically includes a concept phase, requirements phase, design phase, implementation phase, test phase, installation and checkout phase, operation and maintenance phase, and sometimes, retirement phase. Note these phases may overlap or be performed iteratively.
Software Process Improvement: A program of activities designed to improve the performance and maturity of the organization’s software processes and the results of such a program. [After CMMI]
software product characteristic: See quality attribute.
software quality: The totality of functionality and features of a software product that bear on its ability to satisfy stated or implied needs. [After ISO 9126]
software quality characteristic: See quality attribute.
software test incident: See incident.
software test incident report: See incident report.
Software Usability Measurement Inventory (SUMI): A questionnaire based usability test technique to evaluate the usability, e.g. user-satisfaction, of a component or system. [Veenendaal]
source statement: See statement.
specification: A document that specifies, ideally in a complete, precise and verifiable manner, the requirements, design, behavior, or other characteristics of a component or system, and, often, the procedures for determining whether these provisions have been satisfied. [After IEEE 610]
specification-based testing: See black box testing.
specification-based technique: See black box test design technique.
specification-based test design technique: See black box test design technique.
specified input: An input for which the specification predicts a result.
SPI: See Sofware Process Improvement.
stability: The capability of the software product to avoid unexpected effects from modifications in the software. [ISO 9126] See also maintainability.
staged representation: A model structure wherein attaining the goals of a set of process areas establishes a maturity level; each level builds a foundation for subsequent levels. [CMMI]
standard: Formal, possibly mandatory, set of requirements developed and used to prescribe consistent approaches to the way of working or to provide guidelines (e.g., ISO/IEC standards, IEEE standards, and organizational standards). [After CMMI]
STEP: See Systematic Test and Evaluation Process.
standard software: See off-the-shelf software.
standards testing: See compliance testing.
state diagram: A diagram that depicts the states that a component or system can assume, and shows the events or circumstances that cause and/or result from a change from one state to another. [IEEE 610]
state table: A grid showing the resulting transitions for each state combined with each possible event, showing both valid and invalid transitions.
state transition: A transition between two states of a component or system.
state transition testing: A black box test design technique in which test cases are designed to execute valid and invalid state transitions. See also N-switch testing.
statement: An entity in a programming language, which is typically the smallest indivisible unit of execution.
statement coverage: The percentage of executable statements that have been exercised by a test suite.
statement testing: A white box test design technique in which test cases are designed to execute statements.
static analysis: Analysis of software artifacts, e.g. requirements or code, carried out without execution of these software development artifacts. Static analysis is usually carried out by means of a supporting tool.
static analysis tool: See static analyzer.
static analyzer: A tool that carries out static analysis.
static code analysis: Analysis of source code carried out without execution of that software.
static code analyzer: A tool that carries out static code analysis. The tool checks source code, for certain properties such as conformance to coding standards, quality metrics or data flow anomalies.
static testing: Testing of a component or system at specification or implementation level without execution of that software, e.g. reviews or static code analysis.
statistical testing: A test design technique in which a model of the statistical distribution of the input is used to construct representative test cases. See also operational profile testing.
status accounting: An element of configuration management, consisting of the recording and reporting of information needed to manage a configuration effectively. This information includes a listing of the approved configuration identification, the status of proposed changes to the configuration, and the implementation status of the approved changes. [IEEE 610]
storage: See resource utilization.
storage testing: See resource utilization testing.
stress testing: A type of performance testing conducted to evaluate a system or component at or beyond the limits of its anticipated or specified work loads, or with reduced availability of resources such as access to memory or servers. [After IEEE 610] See also performance testing, load testing.
stress testing tool: A tool that supports stress testing.
structure based testing: See white-box testing.
structure-based technique: See white box test design technique.
structural coverage: Coverage measures based on the internal structure of a component or system.
structural test design technique: See white box test design technique.
structural testing: See white box testing.
structure-based test design technique: See white box test design technique.
structured walkthrough: See walkthrough.
stub: A skeletal or special-purpose implementation of a software component, used to develop or test a component that calls or is otherwise dependent on it. It replaces a called component. [After IEEE 610]
subpath: A sequence of executable statements within a component.
suitability: The capability of the software product to provide an appropriate set of functions for specified tasks and user objectives. [ISO 9126] See also functionality.
suitability testing: The process of testing to determine the suitability of a software product
suspension criteria: The criteria used to (temporarily) stop all or a portion of the testing activities on the test items. [After IEEE 829]
syntax testing: A black box test design technique in which test cases are designed based upon the definition of the input domain and/or output domain.
system: A collection of components organized to accomplish a specific function or set of functions. [IEEE 610]
system of systems:Multiple heterogeneous, distributed systems that are embedded in networks at multiple levels and in multiple interconnected domains, addressing large-scale inter-disciplinary common problems and purposes, usually without a common management structure.
system integration testing: Testing the integration of systems and packages; testing interfaces to external organizations (e.g. Electronic Data Interchange, Internet).
system testing: The process of testing an integrated system to verify that it meets specified requirements. [Hetzel]
Systematic Test and Evaluation Process: A structured testing methodology, also used as a content-based model for improving the testing process. Systematic Test and Evaluation Process (STEP) does not require that improvements occur in a specific order. See also content-based model.