- How well is the product protected against unauthorized use or intrusion?
- Authentication: the ways in which the system verifies that a user is who he says he is.
- Authorization: the rights that are granted to authenticated users at varying privilege levels.
- Privacy: the ways in which customer or employee data is protected from unauthorized people.
- Security holes: the ways in which the system cannot enforce security (e.g. social engineering vulnerabilities)
- How appealing is the product?
- Aesthetics: the product appeals to the senses.
- Uniqueness: the product is new or special in some way.
- Necessity: the product possesses the capabilities that users expect from it.
- Usefulness: the product solves a problem that matters, and solves it well.
- Entrancement: users get hooked, have fun, are fully engaged when using the product.
- Image: the product projects the desired impression of quality.
- How easy is it for a real user to use the product?
- Learnability: the operation of the product can be rapidly mastered by the intended user.
- Operability: the product can be operated with minimum effort and fuss.
- Accessibility: the product meets relevant accessibility standards and works with O/S accessibility features.
- Will it work well and resist failure in all required situations?
- Identify data and resources related to those subsystems and functions
- Select or generate challenging data, or resource constraint conditions to test with: e.g., large or complex data structures, high loads, long test runs, many test cases, low memory conditions.
- Look for sub....
- Resource Usage: the product doesn’t unnecessarily hog memory, storage, or other system resources
- Robustness: the product continues to function over time without degradation, under reasonable conditions.
- Error handling: the product resists failure in the case of errors, is graceful when it fails, and recovers readily
- Safety: the product will not fail in such a way as to harm life or property.
- Data backup
- Verify every claim
- Identify reference materials that include claims about the product (implicit or explicit). Consider SLAs, EULAs, advertisements, specifications, help text, manuals, etc.
- Analyze individual claims, and clarify vague claims.
- Verify that each claim about the product is true.
- If you’re testing from an explicit specification, expect it and the product to be brought into alignment.
- Do we get the business we need? Do the users?
- Divide and conquer the data
- Look for any data processed by the product. Look at outputs as well as inputs.
- Decide which particular data to test with. Consider things like boundary values, typical values, convenient values, invalid values, or best representatives.
- Consider combinations of data worth testing together.
- Data Integrity: the data in the system is protected from loss or corruption
- Test what it can do
- Identify things that the product can do (functions and sub-functions)
- Determine how you’d know if a function was capable of working.
- Test each function, one at a time.
- See that each function does what it’s supposed to do and not what it isn’t supposed to do.
- How well does it work with external components & configurations?
- Application Compatibility: the product works in conjunction with other software products.
- Operating System Compatibility: the product works with a particular operating system.
- Hardware Compatibility: the product works with particular hardware components and configurations
- Backward Compatibility: the products works with earlier versions of itself.
- How speedy and responsive is it?
- Speed of page load
- Responses per UI object, per function
- CPU, Memory
- How easily can it be installed onto its target platform(s)?
- System requirements: Does the product recognize if some necessary component is missing or insufficient?
- Configuration: What parts of the system are affected by installation? Where are files and resources stored?
- Uninstallation: When the product is uninstalled, is it removed cleanly?
- Upgrades/patches: Can new modules or versions be added easily? Do they respect the existing configuration?
- Administration: Is installation a process that is handled by special personnel, or on a special schedule?
System Process Tests
- Things the user is not aware of
- Network Traffic: efficient, not errors
- Server side: file handle, watchdog
- Configuration tests
- Logs tests
- Cloud Tests
- How does it look like?
- Product looks as designed
- Buttons at the same level
- Tab test
- Windows different sizes
- What happens in other countries?
- UI and function with the different languages
- Hour differences
- User Manual
- Integration, API