A multiple case study on risk-based testing in industry

In many development projects, testing has to be conducted under severe pressure due to limited resources and a challenging time schedule. Risk-based testing, which utilizes identified risks of the system for testing purposes, has a high potential to improve testing as it helps to optimize the allocation of resources and provides decision support for management. But for many organizations, the integration of a risk-based approach into established testing activities is a challenging task, and there are several options to do so. In this article, we analyze how risk is defined, assessed, and applied to support and improve testing activities in projects, products, and processes. We investigate these questions empirically by a multiple case study of currently applied risk-based testing activities in industry. The case study is based on three cases from different backgrounds, i.e., a test project in context of the extension of a large Web-based information system, product testing of a measurement and diagnostic equipment for the electrical power industry, as well as a test process of a system integrator of telecommunication solutions. By analyzing and comparing these different industrial cases, we draw conclusions on the state of risk-based testing and discuss possible improvements.

[1]  Byoungju Choi,et al.  A Test Case Prioritization Based on Degree of Risk Exposure and its Empirical Study , 2011, Int. J. Softw. Eng. Knowl. Eng..

[2]  Michael Felderer,et al.  Experiences and Challenges of Introducing Risk-Based Testing in an Industrial Project , 2013, SWQD.

[3]  James Bach,et al.  Heuristic Risk-Based Testing , 1999 .

[4]  Software Engineering Risk Management: A Just-in-Time Approach , 1995 .

[5]  Anas N. Al-Rabadi,et al.  A comparison of modified reconstructability analysis and Ashenhurst‐Curtis decomposition of Boolean functions , 2004 .

[6]  Ståle Amland Risk-based testing: : Risk analysis fundamentals and metrics for software testing including a financial application case study , 2000, J. Syst. Softw..

[7]  Marc-Florian Wendland,et al.  A Systematic Approach to Risk-Based Testing Using Risk-annotated Requirements Models , 2012, ICSEA 2012.

[8]  Felix Redmill,et al.  Exploring risk‐based testing and its implications , 2004, Softw. Test. Verification Reliab..

[9]  Cristine Martins Gomes de Gusmão,et al.  Risk-Based Testing: A Case Study , 2010, 2010 Seventh International Conference on Information Technology: New Generations.

[10]  Felix Redmill Theory and practice of risk‐based testing , 2005, Softw. Test. Verification Reliab..

[11]  Per Runeson,et al.  Guidelines for conducting and reporting case study research in software engineering , 2009, Empirical Software Engineering.

[12]  Ruth Breu,et al.  Integrating Manual and Automatic Risk Assessment for Risk-Based Testing , 2012, SWQD.

[13]  Joseph P. Cavano,et al.  A framework for the measurement of software quality , 1978, SIGMETRICS Perform. Evaluation Rev..

[14]  Klaus Pohl,et al.  An automated technique for risk-based test case generation and prioritization , 2008, AST '08.

[15]  Ellen Souza,et al.  Measurement and control for risk-based test cases and activities , 2009, 2009 10th Latin American Test Workshop.

[16]  Erik van Veenendaal The PRISMA Approach , 2012 .

[17]  Yanping Chen,et al.  Specification-based regression test selection with risk analysis , 2002, CASCON.

[18]  Michael Felderer,et al.  Using Defect Taxonomies to Improve the Maturity of the System Test Process: Results from an Industrial Case Study , 2013, SWQD.

[19]  R. Yin Case Study Research: Design and Methods , 1984 .

[20]  Andreas Metzger,et al.  Employing Requirements Metrics for Automating Early Risk Assessment , 2007 .