text.skipToContent text.skipToNavigation
  1. Home
  2. Science & Engineering
  3. How to Break Software: A Practical Guide to Testing

How to Break Software: A Practical Guide to Testing, 1st edition

  • James A. Whittaker

Published by Pearson (May 9th 2002) - Copyright © 2003

1st edition

Unfortunately, this item is not available in your country.

Overview

  • Uses an applied, tutorial approach to teaching software testing.
  • Demonstrates a method for testing software at the most common places that bugs appear: The User Interface, the File Systems Interface, and the Operating System Interface.
  • Teaches planning in a methodical “on-the-fly while you are testing” way.
  • Encourages automation with many repetitive and complex tasks that require good tools.
  • Contains CD with HEAT: Hostile Environment Application Tester, software that provides a mechanism to easily trip exceptions and force error code to execute. HEAT can be used to simulate a faulty network, low memory, a full hard drive and any number of other common failure scenarios. Also includes Holodeck Lite.
  • Written by a seasoned professor, trusted consultant, and standing-room-only speaker.
  • Endorsed by the directors of testing at IBM, Rational Software Corporation, and Microsoft.

Table of contents



Preface.


Dedication.


Chapter Summaries.

I. INTRODUCTION.

1. A Fault Model to Guide Software Testing.

The Purpose of Software Testing.

Understanding Software Behavior.

Understanding Software's Environment.

The Human User.

File System User.

The Operating System User.

The Software User.

Understanding Software's Capabilities.

Testing Input.

Testing Output.

Testing Data.

Testing Competition.

Summary and Conclusion.

Exercises.

References.

II. USER INTERFACE ATTACKS.

2. Testing from the User Interface: Inputs and Outputs.

Using the Fault Model to Guide Testing.

Exploring the Input Domain.

First Attack: Apply inputs that force all the error messages to occur.

Second Attack: Apply inputs that force the software to establish default values.

Third Attack: Explore allowable character sets and data types.

Fourth Attack: Overflow input buffers.

Fifth Attack: Find inputs that may interact and test various combinations of their values.

Sixth Attack: Repeat the same input or series of inputs numerous times.

Exploring Outputs.

Seventh Attack: Force different outputs to be generated for each input.

Eighth Attack: Force invalid outputs to be generated.

Ninth Attack: Force properties of an output to change.

Tenth Attack: Force the screen to refresh.

Conclusion.

Exercises.

References.
3. Testing from the User Interface: Data and Computation.

Testing Inside the Box.

Exploring Stored Data.

Eleventh Attack: Apply inputs using a variety of initial conditions.

Twelfth Attack: Force a data structure to store too many/too few values.

Thirteenth Attack: Investigate alternate ways to modify internal data constraints.

Exploring Computation and Feature Interaction.

Fifteenth Attack: Force a function to call itself recursively.

Sixteenth Attack: Force computation results to be too large or too small.

Seventeenth Attack: Find features that share data or interact poorly.

Conclusion.

Exercises.

III. SYSTEM INTERFACE ATTACKS.

4. Testing from the File System Interface.

Attacking Software from the File System Interface.

Media-based Attacks.

First Attack: Inject faults that simulate memory access problems.

Second Attack: Inject faults that simulate network problems.

Third Attack: Damage the media.

File-based Attacks.

Fourth Attack: Assign an invalid file name.

Fifth Attack: Vary file access permissions.

Sixth Attack: Vary/corrupt file contents.

Exercises.
5. Testing from the Software/OS Interface.

Attacking Software from Software Interfaces.

Record-and-Simulate Attacks.

Observe-and-Fail Attacks.

Conclusion.

Exercises.

IV. CONCLUSION.

6. Some Parting Advice.

You'll Never Know Everything.

Bug Hunts.

Friday Afternoon Bug Fests.

Conclusion.

References.

APPENDICES.

Annotated Glossary of Programming Terms.

Appendix A. Testing Exception and Error Cases Using Runtime Fault Injection.

Introduction.

A Mechanism for Runtime Fault Injection.

Fault Selection.

Conclusions.

Acknowledgments.

References.
Appendix B. Using HEAT: The Hostile Environment Application Tester.

Canned HEAT User Guide.

The Application Band.

The Monitor Band.

Fault Injection Bands and Their Functionality.

The Network Band.

Disk Storage.

Memory.
Appendix C. What is Software Testing? And Why is it so Hard?

Introduction.

The Software Testing Process.

Phase One: Modeling the Software's Environment.

Phase Two: Selecting Test Scenarios.

Phase Three: Running and Evaluating Test Scenarios.

Phase Four: Measuring Testing Progress.

Conclusion.

References.
The Software Testing Problem.

For teachers

All the material you need to teach your courses.

Discover teaching material