Subscribe by Email


Friday, April 6, 2012

How can we reduce the risk by using a test plan?

A test plan apart from just serving the purpose of a guide for the software testing life cycle also plays a great role in the assessment of the risks associated with the development of that particular software system or application and also provides the alternatives or builds for overcoming those factors which are the root cause of the risk.

The preparation of the test plan must be based on all the risks identified during the process of risk assessment. This article is focussed up on the relation that exists between the risk and the test plan and how a risk based test plan can help reducing the overall risk.

How a risk based test plan reduce the overall risk?



- Such a test plan is effective only when a test oriented risk analysis is carried out during the software system or application development life cycle.

- With the advancing and sophisticated technology the complexity of the software systems and applications is also increasing and so does it lengthens the testing process which is quite exhaustive.

- The software testing methodologies therefore should be quite selective and should also be chosen keeping in mid the time limit and the budget of the project.

- It is often stressed by many testers that the testing should be based on the risk which is not possible until and unless the testers are well equipped with the knowledge of the risk.

- It is a wise decision of concentrating the testing more on the area which is at higher risk compared to other parts of the software system or application.

- Many researchers have made a rigorous research on the subject of risk based testing and have stated that a software system or application requires apart from the understanding of software testing, the knowledge of risk and its analysis also.

Types of Risks
There are two types of risks namely:

1. Forward Risks
These are the risks associated with the operation of the system and one of the major cause of the software failure.

2. Backward Risks
These are the risks associated with the development issues like those mentioned below:
(a) Inappropriate design
(b) Casual programming
(c) Incorrect specifications
(d) Inadequate management

Risk is thought of as a function of two components as described below:

1. The probability of occurrence of an undesirable event that is defined and
2. The degree of the severity of the consequences if the event of the system failure does occur.

In most of the cases, the consequences following the failure of the software system are related to the purpose of the software and therefore reducing the risk is not always an option.

Thus, this leads us to the conclusion that the risk must be reduced by reducing the probability of the failure of the software system which in turn can be achieved only with an efficient test plan.

Now you must be wondering can this actually happen? Yes of course.

- The software testing reduces the risks by digging out many of the bugs.

- But, the actual risk reduction is based up on the implementation of the corrected code and functions.

- The failure of software system is not systematic and hence cannot be predicted by just checking out the history.

- So for the cases like these, only the estimation of the potential consequences of the failure works via the risk based testing that acts as a single factor analysis in
such cases.

- For some it may seem like a trivial process but, it is not so and calls for a thorough examination of the system failure.

- The single factor analysis though does not produce a very correct estimate; it does help the testers in focussing their testing on the code that is buggier than the other units.


1 comment:

Haritha said...

I know that this is not a much relevant comment but I am in need of help regarding testing. Our collage project requires that we test TCP protocol implementation, once with correct implementation and once after introducing faults. Please suggest how we go about this as we don’t have a clue about setting up the test environment and various other software that need to be hooked up to the protocol code, and how to manually carry out the tests and observe results. If its not too much to ask, please also tell how to make a faulty version of protocol, some fault injection tools, may be? Thanks in advance.
P.S: We are ready to work on any kind of operating system.

Facebook activity