Skip to document
Welcome to StudocuSign in to access the best study resources
Guest user
0followers
Upload
HomeMy LibraryAsk AI
  • You don't have any recent items yet.
My Library
  • You don't have any courses yet.
  • You don't have any books yet.
  • You don't have any Studylists yet.

Test heuristics cheatsheet Document

Found this on scribd, Nice and precise test case generation technique document.
Course

Computer Science and Engineering (CSE2001)

252 Documents
Students shared 252 documents in this course
Academic year: 2013/2014
Uploaded by:
Student
Muhammad Kasim
BMS College of Engineering
0followers
1Uploads
0upvotes

Recommended for you

Comments

Please sign in or register to post comments.

Students also viewed

Related documents

Preview text

Test Heuristics Cheat Sheet

Data Type Attacks & Web Tests

Data Type Attacks

Long Name(>255 chars) ƒSpecial Characters in Name(space *? / \ | < > ,. ( ) [ ] { } ; : ‘ “! @ # $ % ^ &) ƒNon-ExistentƒAlready ExistsƒNo SpaceƒMinimal SpaceƒWrite- ProtectedƒUnavailableƒLockedƒOn Remote MachineƒCorrupted

Paths/Files

TimeoutsƒTime Difference between MachinesƒCrossing Time ZonesƒLeap Daysƒ Always Invalid Days (Feb 30, Sept 31)ƒFeb 29 in Non-Leap YearsƒDifferent Formats (June 5, 2001; 06/05/2001; 06/05/01; 06-05-01; 6/5/2001 12:34)ƒDaylight Savings ChangeoverƒReset Clock Backward or Forward

Time and Date

0 ƒ 32768 (2 15 ) ƒ 32769 (2 15 + 1) ƒ 65536 (2 16 ) ƒ 65537 (2 16 +1) ƒ 2147483648 (2 31 ) ƒ

2147483649 (2 31 + 1) ƒ 4294967296 (2 32 ) ƒ 4294967297 (2 32 + 1) ƒScientific Notation (1E-16) ƒNegativeƒFloating Point/Decimal(0) ƒWith Commas(1,234,567) ƒ European Style(1.234,89) ƒAll the Above in Calculations

Numbers

Long (255, 256, 257, 1000, 1024, 2000, 2048 or more characters) ƒAccented Chars (àáâãäåçèéêëìíîðñòôõöö, etc.) ƒAsian Chars (  ) ƒCommon Delimiters and Special Characters( “ ‘ ` | / \ , ; : & < > ^ *? Tab ) ƒLeave BlankƒSingle SpaceƒMultiple Spaces ƒLeading SpacesƒEnd-of-Line Characters(^M) ƒSQL Injection( ‘select * from customer ) ƒWith All Actions (Entering, Searching, Updating, etc.)

Strings

Web Tests

Back (watch for ‘Expired’ messages and double-posted transactions) ƒRefreshƒBookmark the URLƒSelect Bookmark when Logged OutƒHack the URL(change/remove parameters; see also Data Type Attacks ) ƒMultiple Browser Instances Open

Navigation

See also Data Type Attacks ƒHTML/JavaScript Injection (allowing the user to enter arbitrary HTML tags and JavaScript commands can lead to security vulnerabilities) ƒCheck Max Length Defined on Text Inputsƒ> 5000 Chars in TextAreas

Input

HTML Syntax Checker(validator.w3/) CSS Syntax Checker(jigsaw.w3/css-validator/)

Syntax

Preferences Javascript Off ƒCookies Off ƒSecurity High ƒResize Browser Window ƒChange Font Size

Violates Domain-Specific Rules (an ip address of 999.999.999, an email address with no “@”, an age of -1) ƒViolates Uniqueness Constraint

General

Testing Wisdom

A test is an experiment designed to reveal information or answer a specific question about the software or

system.ƒ Stakeholders have questions; testers have answers .ƒDon’t confuse speed with progress.ƒTake a

contrary approach.ƒ Observation is exploratory.ƒ The narrower the view, the wider the ignorance. ƒ Big

bugs are often found by coincidence.ƒ Bugs cluster. ƒVary sequences, configurations, and data to increase

the probability that, if there is a problem, testing will find it.ƒIt’s all about the variables.

Copyright © 2006 Quality Tree Software, Inc.

qualitytree

This cheat sheet includes ideas from Elisabeth Hendrickson, James Lyndsay, and Dale Emery

Test Heuristics Cheat Sheet

Heuristics & Frameworks

Copyright © 2006 Quality Tree Software, Inc.

Heuristics

Goldilocks Too Big, Too Small, Just Right CRUD Create, Read, Update, Delete Perform a sequence of actions involving data, verifying the data integrity at each step.

(Example: Enter → Search → Report → Export → Import → Update → View)

Follow the Data

Identify “has a” relationships (a Customer has an Invoice; an Invoice has multiple Line Items). Apply CRUD, Count, Position, and/or Selectionheuristics (Customer has 0, 1, many Invoices; Invoice has 0, 1, many Line Items; Delete last Line Item then Read; Update first Line Item; Some, None, All Line Items are taxable; Delete Customer with 0, 1, Many Invoices)

Dependencies

Boundaries Approaching the Boundary (almost too big, almost too small) , At the Boundary

Interruptions Log Off, Shut Down, Reboot, Kill Process, Disconnect, Hibernate, Timeout, Cancel

Position Beginning, Middle, End (Edit at the beginning of the line, middle of the line, end of the line)

Starvation CPU, Memory, Network, or Disk at maximum capacity

Selection Some, None, All (Some permissions, No permissions, All permissions)

Violate constraints (leave required fields blank, enter invalid combinations in dependent fields, enter duplicate IDs or names). Apply with the Input Methodheuristic.

Constraints

Multi-User Simultaneous create, update, delete from two accounts or same account logged in twice.

Varying the variables related to configuration (Screen Resolution; Network Speed, Latency, Signal Strength; Memory; Disk Availability; Count heuristic applied to any peripheral such as 0, 1, Many Monitors, Mice, or Printers)

Configurations

Sorting Alpha v. NumericƒAcross Multiple Pages

Sequences Vary Order of OperationsƒUndo/RedoƒReverseƒCombineƒInvertƒSimultaneous

Input Method Typing, Copy/Paste, Import, Drag/Drop, Various Interfaces (GUI v. API)

Frameworks

Variable Analysis Identify anything whose value can change. Variables can be obvious, subtle, or hidden.

Identify states and events/transitions, then represent them in a picture or table. Works with the Sequencesand Interruptionheuristics.

State Analysis

Map Making Identify a “base” or “home” state. Pick a direction and take one step. Return to base. Repeat.

The objects or data in the system and the ways in which the system manipulates it. Also, Adjectives (attributes) such as Visible, Identical, Verbose and Adverbs (action descriptors) such as Quickly, Slowly, Repeatedly, Precisely, Randomly. Good for creating random scenarios.

Nouns & Verbs

Inconsistencies, Absences, and Extras with respect to Internal, External – Specific, or External – Cultural reference points. (James Lyndsay, Workroom Productions)

Judgment

Users & Scenarios Use Cases, Soap Operas, Personae, Extreme Personalities

Identify any public or private interface that provides visibility or control. Provides places to provoke, monitor, and verify the system.

Touch Points

Deming’s Cycle Plan, Do, Check, Act

Observations Input/Output/Linkage (James Lyndsay, Workroom Productions)

Count 0, 1, Many (0 transactions, 1 transactions, Many simultaneous transactions)

Flow Input/Processing/Output Requirements Users/Functions/Attributes/Constraints (Gause & Weinberg Exploring Requirements )

Flood Multiple simultaneous transactions or requests flooding the queue.

qualitytree

This cheat sheet includes ideas from Elisabeth Hendrickson, James Lyndsay, and Dale Emery

Was this document helpful?

Test heuristics cheatsheet Document

Course: Computer Science and Engineering (CSE2001)

252 Documents
Students shared 252 documents in this course

University: BMS College of Engineering

Was this document helpful?
Test Heuristics Cheat Sheet
Data Type Attacks & Web Tests
Data Type Attacks
Long Name (>255 chars) Special Characters in Name (space * ? / \ | < > , . ( ) [ ] { } ; : ‘ !
@ # $ % ^ &) Non-Existent Already Exists No Space Minimal Space Write-
Protected Unavailable Locked On Remote Machine Corrupted
Paths/Files
Timeouts Time Difference between Machines Crossing Time Zones Leap Days
Always Invalid Days (Feb 30, Sept 31) Feb 29 in Non-Leap Years Different Formats
(June 5, 2001; 06/05/2001; 06/05/01; 06-05-01; 6/5/2001 12:34) Daylight Savings
Changeover Reset Clock Backward or Forward
Time and Date
032768 (215) 32769 (215 + 1) 65536 (216) 65537 (216 +1) 2147483648 (231)
2147483649 (231 + 1) 4294967296 (232) 4294967297 (232 + 1) Scientific Notation
(1E-16) Negative Floating Point/Decimal (0.0001) With Commas (1,234,567)
European Style (1.234.567,89) All the Above in Calculations
Numbers
Long (255, 256, 257, 1000, 1024, 2000, 2048 or more characters) Accented Chars
(àáâãäåçèéêëìíîðñòôõöö, etc.) Asian Chars (  ) Common Delimiters and Special
Characters ( “ ` | / \ , ; : & < > ^ * ? Tab ) Leave Blank Single Space Multiple Spaces
Leading Spaces End-of-Line Characters (^M) SQL Injection ( ‘select * from customer )
With All Actions (Entering, Searching, Updating, etc.)
Strings
Web Tests
Back (watch for ‘Expired’ messages and double-posted transactions) Refresh Bookmark
the URL Select Bookmark when Logged Out Hack the URL (change/remove
parameters; see also Data Type Attacks) Multiple Browser Instances Open
Navigation
See also Data Type Attacks HTML/JavaScript Injection (allowing the user to enter
arbitrary HTML tags and JavaScript commands can lead to security vulnerabilities) Check
Max Length Defined on Text Inputs > 5000 Chars in TextAreas
Input
HTML Syntax Checker (http://validator.w3.org/)
CSS Syntax Checker (http://jigsaw.w3.org/css-validator/)
Syntax
Javascript Off Cookies Off Security High Resize Browser Window Change Font Size
Preferences
Violates Domain-Specific Rules (an ip address of 999.999.999.999, an email address with
no “@”, an age of -1) Violates Uniqueness Constraint
General
Testing Wisdom
A test is an experiment designed to reveal information or answer a specific question about the software or
system. Stakeholders have questions; testers have answers.Don’t confuse speed with progress. Take a
contrary approach. Observation is exploratory. The narrower the view, the wider the ignorance. Big
bugs are often found by coincidence. Bugs cluster. Vary sequences, configurations, and data to increase
the probability that, if there is a problem, testing will find it. It’s all about the variables.
Copyright © 2006 Quality Tree Software, Inc.
www.qualitytree.com
This cheat sheet includes ideas from Elisabeth Hendrickson, James Lyndsay, and Dale Emery

Students also viewed

Related documents