Fact-checked by Grok 2 weeks ago

Software testing

Software testing is the process consisting of all life cycle activities, both static and dynamic, concerned with planning, preparation, and evaluation of software products and related work products to determine that they satisfy specified requirements, to demonstrate that they are implemented correctly, and to help detect defects. This practice is essential in software engineering to ensure product quality, reduce risks associated with software failure, and verify that the software meets user needs and performs as intended. According to international standards, software testing plays a critical role in quality management by identifying defects early, thereby lowering development costs and enhancing reliability across the software development lifecycle. Software testing encompasses two primary forms: static testing, which involves reviewing software artifacts such as requirements, design documents, and code without execution to find defects and ensure completeness; and dynamic testing, which requires executing the software with test cases to observe behavior and compare it against expected outcomes. These approaches are applied at various test levels, including component (unit) testing to verify individual modules, integration testing to check interactions between components, system testing to evaluate the complete integrated system against requirements, and acceptance testing to confirm readiness for operational use by end-users or stakeholders. The process is guided by fundamental principles, such as testing showing the presence of defects (not their absence), exhaustive testing being impossible, and early testing saving both time and money. In modern software development, testing integrates with methodologies like Agile and DevOps, where continuous testing supports rapid iterations and automated tools enhance efficiency. Despite advancements, challenges persist, including the ad hoc nature of some testing practices and the need for skilled professionals to address complex systems. Overall, software testing remains a cornerstone of delivering high-quality, dependable software products.

Fundamentals

Definition and Scope

Software testing is defined as the process of evaluating a test item by learning about it through experimentation, which includes to some extent the planning, preparation, execution, and reporting of all test activities, test analyses, and test designs. More precisely, it consists of a set of activities aimed at discovering defects and evaluating the quality of software work products, such as code, documentation, or configurations. This process helps verify that the software meets specified requirements and identifies discrepancies between expected and actual behavior. The scope of software testing extends across the entire software development lifecycle (SDLC), from requirements analysis through design, implementation, deployment, and maintenance. It includes static activities, like reviewing requirements or code without execution, and dynamic activities, such as running the software to observe outputs. Within this scope, testing focuses on defect detection to prevent failures, risk reduction by prioritizing high-impact areas, and overall quality improvement by ensuring conformance to standards and user needs. Key concepts in software testing include defects, also known as bugs, which are flaws in a component or system that can cause it to fail to perform its required function, such as an incorrect data definition or logical error. Requirements traceability refers to the ability to link requirements to their origins, related design elements, and test cases, ensuring that all specified needs are addressed and verified. Software testing integrates into the SDLC by aligning test activities with development phases, adapting to models like waterfall or agile to provide continuous validation. Testing is distinct from debugging, as the former identifies and reports failures or defects without resolving them, while the latter involves analyzing and removing the root causes of those issues, typically performed by developers. This separation ensures that testing remains an independent evaluation process, free from bias in fault correction.

Objectives and Benefits

The primary objectives of software testing include detecting defects in the software, verifying that it satisfies specified requirements, and evaluating its overall quality to ensure reliable operation. By systematically executing the software under controlled conditions, testing identifies bugs that could lead to failures, thereby reducing potential risks associated with deployment. Another key goal is achieving adequate code coverage, which measures the extent to which the source code is exercised during testing, helping to confirm that critical parts of the program have been validated. These objectives collectively aim to mitigate risks by uncovering issues early in the development lifecycle, preventing them from escalating into costly production problems. Software testing yields significant benefits, such as enhanced software quality through the identification and resolution of defects, leading to more robust and dependable systems. It improves user satisfaction by delivering products that perform as expected, minimizing unexpected errors that could erode trust. Additionally, testing ensures compliance with industry standards and regulatory requirements, which is essential in sectors like healthcare and finance where failures can have legal or safety implications. By preventing defects from reaching production, it avoids downtime, data loss, and reputational damage, ultimately contributing to more efficient maintenance and longer system longevity. Code coverage serves as a quantitative measure of testing thoroughness, indicating the proportion of the codebase exercised by test cases. Common metrics include statement coverage, which tracks the percentage of executable statements executed; branch coverage, which assesses the execution of decision points like if-else branches; and path coverage, which evaluates the completeness of execution paths through the code. These metrics are calculated using basic formulas, such as for statement coverage: \text{Statement Coverage} = \left( \frac{\text{Number of executed statements}}{\text{Total number of statements}} \right) \times 100\% Similar formulas apply to branch and path coverage, replacing the numerator and denominator accordingly to reflect executed branches or paths versus totals. While higher coverage correlates with greater confidence in software reliability, it is not a guarantee of defect-free code, as it does not assess the quality of the tests themselves. Achieving comprehensive objectives like high code coverage involves trade-offs between thoroughness and practical constraints such as time and cost. Extensive testing increases defect detection but demands more resources, potentially delaying release schedules or inflating budgets. Developers must balance these factors by prioritizing critical paths and risks, ensuring that testing efforts yield sufficient benefits without exhaustive coverage that may not justify the additional expense.

Historical Development

Early Origins

The origins of software testing trace back to the pre-1950s era, when computing was dominated by hardware-centric approaches drawn from electrical engineering practices. Early electronic computers, such as the ENIAC completed in 1945, required extensive validation of physical circuits, wiring panels, and vacuum tube configurations to ensure operational reliability, mirroring techniques used in testing electrical systems like relay networks and analog devices. These methods involved manual inspections and trial runs to detect faults in hardware interconnections, as software was not yet distinct but embedded in plugboard setups and switch settings. Alan Turing's 1949 report, "Checking a Large Routine," marked an early theoretical shift by proposing systematic verification procedures for computational processes, including postmortem analysis and automated checks, to confirm program correctness beyond mere hardware functionality. In the 1950s and 1960s, software testing emerged more distinctly amid the first programmable computers, though it remained largely ad-hoc and intertwined with debugging. The symbolic "first bug" incident occurred on September 9, 1947, when a team working on the Harvard Mark II computer discovered a moth trapped in a relay, causing a malfunction; the insect was taped into the logbook with the notation "First actual case of bug being found," highlighting the era's reliance on physical troubleshooting. Projects like ENIAC and the UNIVAC I (delivered in 1951) employed informal testing through iterative manual executions, punched-card validations, and operator-led simulations to identify errors in calculations and data flows, often without predefined test cases. These practices focused on demonstrating functionality for military and scientific applications, such as ballistic computations, rather than comprehensive validation. Key figures like Grace Hopper played pivotal roles in advancing error detection during this period. As part of the Harvard Mark II team, Hopper contributed to diagnosing and resolving faults, later advocating for reusable subroutines and compilers to reduce manual error-prone coding, which indirectly supported more reliable testing. Her experiences underscored the need for diagnostic tools in early computing environments. Initial challenges in software testing stemmed from the absence of formal methodologies, with practitioners relying heavily on manual checks, visual inspections, and exhaustive trial-and-error to isolate issues in rudimentary code or configurations. This approach was labor-intensive and prone to oversight, as there was little separation between development, debugging, and verification, leading to prolonged cycles for even simple programs.

Modern Evolution

The late 1970s and 1980s marked the transition from ad-hoc debugging to structured software testing approaches, driven by the growing complexity of software systems and the need for standardized practices. In 1979, the IEEE Technical Committee on Software Engineering initiated work on a standard for software test documentation, which laid the groundwork for formalizing test processes and artifacts. This effort culminated in the publication of IEEE Standard 829-1983, the first comprehensive guideline for software test documentation, specifying formats for test plans, designs, cases, procedures, logs, and reports to ensure consistency and traceability in testing activities. Concurrently, the rise of structured programming paradigms in the 1970s emphasized modular code design, fostering early concepts of unit testing as a method to verify individual components in isolation, thereby improving code reliability and maintainability. The 1990s and early 2000s saw significant advancements in testing practices, spurred by external pressures and methodological shifts. The Y2K crisis, a widespread concern over date-handling flaws in legacy systems, prompted unprecedented global investments in software remediation and rigorous testing, with billions spent on compliance efforts that highlighted the critical role of thorough validation in averting potential failures. This era also witnessed the emergence of automated testing tools, evolving from basic record-and-playback mechanisms in the 1980s to more sophisticated script-based frameworks in the 1990s, enabling repeatable execution of tests for graphical user interfaces and APIs. The 2001 Agile Manifesto further transformed testing by advocating for iterative development and continuous feedback, integrating testing directly into sprints rather than as a post-development phase, which emphasized collaboration between developers and testers to deliver working software frequently. From the 2010s onward, software testing evolved in tandem with broader DevOps practices, emphasizing speed, automation, and integration. The adoption of continuous integration/continuous delivery (CI/CD) pipelines became central to DevOps workflows, automating build, test, and deployment processes to enable rapid iterations and early defect detection, with tools like Jenkins and GitLab CI facilitating this shift starting around 2010. Cloud-based testing platforms, such as BrowserStack and Sauce Labs, gained prominence during this period, allowing scalable, on-demand execution of tests across diverse devices and environments without local infrastructure, which accelerated adoption in the 2010s and 2020s by reducing costs and enabling parallel testing at scale. In the 2020s, artificial intelligence and machine learning have revolutionized test generation, with tools like GitHub Copilot leveraging large language models to automatically suggest and create unit tests, integration tests, and even debugging code based on natural language prompts or existing implementations, thereby enhancing test coverage and developer productivity. These innovations continue to integrate testing more seamlessly into the software lifecycle, adapting to the demands of cloud-native and AI-driven applications as of 2025.

Economics

Cost Factors

Software testing incurs both direct and indirect costs that can significantly impact project budgets. Direct costs encompass the tangible expenses directly attributable to testing activities, while indirect costs arise from broader consequences such as inefficiencies and downstream effects. These costs are influenced by various project-specific factors, and understanding them is essential for effective resource allocation in software development. Direct costs primarily include personnel expenses, which form the largest portion of testing budgets. Testing personnel, such as quality assurance engineers and testers, typically command annual salaries ranging from $90,000 to $105,000 as of 2025, with labor accounting for the majority of testing expenditures across sectors. Infrastructure costs involve hardware for test environments and software licenses for testing tools, often comprising a notable share of pre-release expenses alongside external services from consultants. Training for testers on methodologies and tools adds to these direct outlays, ensuring competency but increasing upfront investments. Tools, such as automated testing suites, represent another direct expense, with their acquisition and maintenance contributing to overall testing infrastructure needs. Indirect costs stem from opportunity losses and rework due to inadequate or delayed testing. Delayed releases in competitive markets can result in revenue shortfalls and market share erosion, as seen in cases where product introduction lags lead to substantial financial penalties. Rework from late defect detection amplifies expenses; for instance, fixing bugs post-release can cost significantly more than addressing them during requirements analysis. These indirect burdens often exceed direct testing outlays, particularly in complex systems where undetected defects propagate. Several factors influence the magnitude of testing costs, including project size and complexity, which can cause expenses to escalate nonlinearly as scale increases. Testing scope also plays a key role, with total testing typically consuming 15-40% of development costs depending on rigor and methodology. A basic cost model for testing breaks down as the product of effort hours and hourly rates for personnel, plus fixed costs for tools and infrastructure, providing a foundational framework for estimation.

Return on Investment

The return on investment (ROI) in software testing quantifies the financial value derived from testing activities by comparing the net benefits against the associated costs, often expressed through the formula ROI = (benefits - costs) / costs × 100%. Benefits primarily arise from defect prevention and early detection, which reduce downstream expenses such as rework and production fixes. Empirical data indicate that investing in testing, particularly automation, can yield positive ROI through cost savings over project cycles. A core benefit of software testing lies in avoiding the escalating costs of defect remediation, where fixing issues during requirements or design phases costs approximately 1 unit, while addressing them in production can escalate to 100 units or more due to factors like system downtime and user impact. This 1:10:100 cost progression, derived from studies of software development lifecycles, underscores how testing shifts defect resolution to earlier, less expensive stages, potentially saving organizations millions in large-scale projects. Beyond immediate savings, software testing delivers sustained financial returns by bolstering organizational reputation, averting regulatory penalties in sectors like healthcare and finance—where non-compliance can incur fines exceeding $1 million per incident—and enhancing customer retention rates through dependable product performance. Such outcomes stem from reduced public outages and improved trust, as evidenced in enterprise surveys linking quality assurance to higher market share and revenue stability. Key metrics for evaluating ROI include the defect leakage rate, computed as (number of defects found post-release / total defects identified) × 100, which ideally remains below 5% to signify robust testing coverage and minimal escaped issues. Additionally, the cost of quality (CoQ) model breaks down expenditures into prevention costs (e.g., training and process design), appraisal costs (e.g., execution and tools), and failure costs (internal rework and external liabilities), with high-ROI strategies emphasizing prevention and appraisal to cap failure costs at under 20% of total CoQ. As of 2025, test automation has been shown to reduce overall testing costs by 20-50% in many projects.

Testing Processes

Roles and Teamwork

Software testing teams typically comprise several core roles, each contributing to the overall quality assurance process. The test manager is responsible for planning, coordinating, and overseeing testing activities, including resource allocation, risk assessment, and reporting progress to stakeholders to ensure alignment with project objectives. Test analysts focus on designing test cases, analyzing requirements, and identifying potential defects based on specifications and user needs. Test engineers handle the execution of tests, documenting results, and verifying fixes, often employing tools for automation and manual verification. Developers play a key role in unit testing, creating initial tests for their code and collaborating on defect resolution to maintain code quality from the outset. Team structures in software testing vary by organization and project demands, with two primary models: dedicated quality assurance (QA) teams that operate independently to provide objective oversight, and embedded teams integrated within development groups for closer alignment and faster feedback. Dedicated QA teams offer specialized expertise and independence, reducing developer bias, while embedded structures promote agility and shared responsibility but may risk conflicts of interest. Collaboration across these structures is facilitated by tools such as Jira, which enables issue tracking, test case management, and real-time progress sharing among testers, developers, and stakeholders. Effective teamwork in software testing emphasizes cross-functional communication to bridge gaps between roles and ensure comprehensive coverage. Shift-left testing, a principle advocating early involvement of testing in the development lifecycle, encourages testers to engage during requirements gathering and design phases, enabling defect detection before coding and reducing downstream costs. This approach fosters collaboration by integrating quality practices from project inception, promoting a shared ownership of quality among all team members. Despite these benefits, software testing teams face challenges such as skill gaps, where team members may lack expertise in emerging areas like automation or security testing, necessitating targeted training. Role overlaps, particularly in smaller teams, can lead to duplicated efforts or unclear accountability, complicating coordination and efficiency. Addressing these requires clear role definitions and ongoing professional development to sustain effective collaboration.

Methodologies

Software testing methodologies describe the integration of testing activities within broader software development lifecycles, ensuring quality assurance aligns with project constraints and goals. Traditional approaches emphasize sequential execution, while modern paradigms promote iterative and automated practices to accelerate delivery and reduce risks. These methodologies adapt testing to varying degrees of flexibility, from rigid phase-based models to continuous, collaborative processes. In the Waterfall model, testing occurs in dedicated sequential phases following requirements analysis, design, and implementation, typically culminating in verification and validation before deployment. This structure allows for comprehensive documentation and clear milestones but often results in late defect detection, as issues accumulate undetected until the testing phase, potentially increasing remediation costs. Despite these drawbacks, Waterfall remains suitable for projects with stable requirements and regulatory needs, where upfront planning minimizes changes. Agile methodologies, including Scrum, integrate testing iteratively within short sprints—time-boxed periods of 1-4 weeks—enabling continuous feedback and adaptation to evolving requirements. In Scrum, testing contributes to the Definition of Done for each sprint's increment, ensuring potentially shippable product elements through practices like Test-Driven Development (TDD), where developers write failing tests before code implementation to drive functionality, and Behavior-Driven Development (BDD), which uses natural language scenarios to align testing with user behaviors. These approaches foster collaboration among cross-functional teams, reducing silos and enhancing early defect resolution via frequent reviews. DevOps extends Agile by emphasizing automated testing within continuous integration/continuous delivery (CI/CD) pipelines, where tests execute automatically on code commits to enable frequent, reliable releases. This shift supports shift-left testing, embedding verification early in development, and promotes infrastructure as code for reproducible environments. As of 2025, trends like GitOps are gaining prominence in DevOps testing, using Git repositories as the single source of truth for declarative configurations, with automated tools reconciling changes to ensure consistent test deployments and rollbacks. A typical software testing process, adaptable across methodologies, includes high-level steps: planning and control to define objectives and resources; analysis and design to identify test conditions and create specifications; implementation and execution to prepare and run tests; evaluating exit criteria with reporting to assess coverage and outcomes; and test closure activities to collect data on test completion, archive testware and documentation, and capture lessons learned. In Waterfall, these steps occur sequentially post-development; in Agile/Scrum, they iterate per sprint with team involvement; and in DevOps, automation streamlines execution for ongoing cycles.

Testing Classifications

By Development Level

Software testing classified by development level organizes activities according to the stages of the software development lifecycle, starting with isolated components and progressing to the complete, deployed system. This approach ensures defects are identified and resolved early, reducing costs and risks as development advances. The primary levels include unit testing, integration testing, system testing, and acceptance testing, each building on the previous to verify increasing scopes of functionality. Unit testing, also known as component testing, focuses on verifying the functionality of individual software components or modules in isolation from the rest of the system. Developers typically perform this level using test harnesses or frameworks to simulate dependencies, such as mocks and stubs, which replace external elements to isolate the unit under test. Mocks record interactions for verification of behavior, while stubs provide predefined responses to calls without asserting outcomes. This isolation allows for rapid feedback on code correctness before integration. Integration testing examines the interactions and interfaces between integrated units or components to detect defects in data flow and control issues that emerge only when modules combine. It employs strategies such as top-down, where higher-level modules are tested first using stubs for lower ones; bottom-up, starting with lower-level modules and using drivers for upper ones; or big-bang, integrating all at once. Component integration testing targets internal module interactions, while system integration testing verifies connections with external systems, often requiring environments mimicking production. These approaches ensure seamless collaboration across the application's architecture. System testing evaluates the entire integrated system against specified requirements, assessing both functional and non-functional aspects in an environment resembling production. Conducted after integration, it verifies end-to-end behavior, including workflows and quality attributes like usability or security, to confirm the system meets overall objectives. This level uncovers issues in system-wide interactions that lower-level tests might miss. Acceptance testing validates whether the system fulfills user needs and business requirements, demonstrating readiness for deployment. Performed by end-users or stakeholders, it includes variants like alpha testing, conducted internally by developers or testers in a controlled environment to simulate operational use; and beta testing, involving external users in real-world settings to identify usability issues. Other forms encompass user acceptance testing for business fit, operational acceptance for supportability, contractual for agreement compliance, and regulatory for legal standards. This final validation ensures stakeholder satisfaction before release. The progression across these levels follows the testing pyramid model, where unit tests form the broad base with the highest number due to their speed and low cost, tapering to fewer integration and system tests, and the narrow top of acceptance tests that are more comprehensive but resource-intensive. This structure promotes efficient coverage, with automated unit tests enabling frequent execution and manual acceptance tests reserved for critical validation.

By Technique

Software testing techniques are categorized by their execution methods and the extent of knowledge regarding the system's internal structure, enabling testers to select approaches suited to specific verification needs. These classifications emphasize how tests are conducted—whether without code execution or during runtime—and the degree to which internal details inform test design. This distinction allows for complementary strategies that address different aspects of software quality, from early defect detection to behavioral validation. Static testing encompasses methods that analyze software artifacts without running the code, focusing on prevention of defects through inspection. According to the International Software Testing Qualifications Board (ISTQB), static testing is defined as testing that does not involve the execution of a test item. Primary techniques include reviews and inspections, such as formal code reviews where developers collaboratively examine source code for logical errors, adherence to standards, and potential vulnerabilities prior to integration. These activities, often guided by checklists, identify issues like incomplete requirements or inconsistent documentation early in development, thereby reducing downstream rework costs by up to 100 times compared to post-execution fixes. In contrast, dynamic testing requires executing the software to evaluate its runtime behavior under controlled conditions. The ISTQB defines dynamic testing as testing that involves the execution of the test item. Some approaches further distinguish dynamic testing into passive (monitoring system operation without direct intervention, such as logging performance during normal use to detect anomalies) and active (actively stimulating the system with inputs to verify responses, like simulating user interactions to confirm functionality) variants. This execution-based approach is crucial for uncovering defects that manifest only during operation, such as race conditions or resource leaks. Dynamic techniques are further delineated by the tester's visibility into internals: black-box, white-box, and grey-box. Black-box testing treats the system as opaque, emphasizing functional conformance to specifications without regard to implementation details. The ISTQB describes black-box testing as testing based on an analysis of the specification of the component or system. Core methods include equivalence partitioning, a black-box technique that divides input domains into equivalence classes where the software is expected to exhibit uniform behavior, with tests selecting one representative value per class to optimize coverage. Boundary value analysis extends this by targeting values at partition edges (e.g., minimum, maximum, and adjacent points), as defects frequently cluster there—for instance, testing ages 17, 18, 19, and 65 for an age-validation field ranging 18–65. White-box testing, conversely, leverages knowledge of the code's structure to ensure comprehensive path traversal. Per the ISTQB, white-box testing is testing based on an analysis of the internal structure of the component or system. Prominent metrics are statement coverage, which measures the proportion of executable statements invoked by tests (e.g., aiming for 100% to verify all lines run at least once), and branch coverage (or decision coverage), which requires testing both true and false outcomes of control structures like if-statements to confirm logical branches. For example, in a conditional block, tests must execute both the if-true and if-false paths to achieve full branch coverage, revealing issues like unhandled edge decisions. Grey-box testing bridges these by incorporating partial internal knowledge, such as architecture diagrams or database schemas, while still executing the system. In the ISTQB Security Test Engineer syllabus, grey-box testing is characterized as a methodology assuming some knowledge of the internal structure and implementation details of the assessment object. It proves valuable in web application security testing, where testers use limited source insights to craft penetration tests targeting vulnerabilities like SQL injection at integration points, balancing efficiency with realism. Additional techniques transcend traditional structure-based categories, emphasizing flexibility or relational properties. Exploratory testing adopts an unscripted, adaptive style where testers simultaneously design, execute, and learn from tests in real-time. The ISTQB defines exploratory testing as a test approach in which tests are dynamically designed and executed based on the tester's knowledge, exploration of a test item, and previous test results. This contrasts with scripted (or preset) testing, which adheres to predefined sequences of steps documented in test scripts for reproducibility. Exploratory methods excel in ambiguous requirements scenarios, such as agile sprints, by uncovering unanticipated defects through intuitive probing. Property-based and metamorphic testing prioritize abstract input-output relations over scripted assertions, ideal for oracle-challenged domains like numerical computations. Property-based testing requires specifying invariant properties (e.g., "reversing a list twice yields the original") that must hold for randomly generated inputs, with tools auto-generating thousands of cases to falsify them; this paradigm originated with QuickCheck for Haskell. Metamorphic testing builds on this by defining metamorphic relations—transformations of inputs where output relations are predictable (e.g., sorting a permuted list yields the same result)—to detect inconsistencies without exact oracles. Introduced by Chen et al. in 1998, it has been applied to verify compilers and machine learning models, with surveys confirming its efficacy in revealing faults in over 50% more cases than traditional methods in oracle-absent settings. These techniques foster robust validation by focusing on behavioral invariants rather than exhaustive enumeration.

By Objective

Software testing can be classified by objective to focus on the specific aspects of the system under verification, such as its functional behavior, non-functional attributes, or specialized capabilities. This classification emphasizes the goals of testing, like ensuring requirements are met or quality characteristics are achieved, rather than the techniques or development stages involved. Functional testing verifies that the software fulfills specified requirements by evaluating its behavior against expected inputs and outputs. It checks the completeness, correctness, and appropriateness of system functions, such as confirming that a login feature processes credentials as defined in the requirements. Regression testing, a subset of functional testing, re-executes previous tests after code changes to confirm no unintended defects are introduced, ensuring system stability post-modifications. Smoke testing performs basic checks to verify major features operate without crashing, serving as an initial gate before deeper testing, while sanity testing conducts quick validations of specific functionalities after fixes to determine if further comprehensive testing is warranted. Non-functional testing assesses quality attributes beyond core functionality, drawing from standards like ISO/IEC 25010 to evaluate characteristics such as performance efficiency, usability, accessibility, and security. Performance testing measures system responsiveness under various conditions, including load testing to simulate peak usage and assess metrics like response time, and stress testing to identify breaking points beyond normal capacity. Usability testing evaluates how intuitively users interact with the software, applying heuristics to check navigation and task completion ease. Accessibility testing ensures the software is usable by people with disabilities, adhering to Web Content Accessibility Guidelines (WCAG) 2.2, which outline principles like perceivability, operability, understandability, and robustness through success criteria at levels A, AA, and AAA. Security testing identifies vulnerabilities to protect against threats, often guided by the OWASP Top 10, a consensus list of critical web application risks including broken access control, injection, and cryptographic failures, using methods like vulnerability scans and penetration testing. Specialized testing addresses niche objectives to validate specific system behaviors or environments. Compatibility testing confirms the software operates correctly across diverse platforms, devices, and browsers, ensuring interoperability in heterogeneous setups. Internationalization and localization testing verify adaptability to different languages, regions, and cultural formats, such as date handling or text rendering, to support global deployment. Installation testing evaluates the deployment process, checking that the software installs, configures, and uninstalls without issues on target operating systems. Destructive testing intentionally pushes the system to failure to uncover limits and recovery mechanisms, such as overloading resources to observe crash handling. A/B testing compares two variants of a feature to determine which performs better in terms of user engagement or conversion, often used in iterative development. Conformance testing checks adherence to external standards or regulations, like ISO norms, to ensure regulatory compliance. Output comparison testing matches actual results against expected ones to verify accuracy, commonly applied in data processing validation. VCR testing, involving recorded interactions (e.g., HTTP requests via tools like cassettes), replays predefined scenarios for reliable integration checks without external dependencies. Concurrent testing examines multi-user scenarios to ensure stability under simultaneous access, detecting issues like race conditions. Continuous testing integrates automated tests into continuous integration/continuous delivery (CI/CD) pipelines to provide rapid feedback throughout the development lifecycle, enabling frequent validation of builds and deployments. It shifts testing left by executing suites like unit, integration, and end-to-end tests automatically with every code commit, reducing defect accumulation and supporting agile practices. Development testing occurs ongoing in the development environment, where developers perform early defect detection through practices like unit testing to guide coding and prevent issues from propagating. This approach synchronizes testing with development activities, fostering a defect-prevention mindset from the outset.

Testing Artifacts

Planning Documents

Planning documents in software testing serve as foundational artifacts that outline the strategy, scope, and organization of testing efforts to align with overall project objectives and ensure comprehensive coverage of requirements. These documents provide a structured framework for coordinating resources, schedules, and risks, facilitating communication among stakeholders and enabling traceability from requirements to test activities. By defining clear processes upfront, they help mitigate uncertainties and support efficient execution of testing phases. Note that traditional documentation standards like IEEE 829-2008 have been superseded by the ISO/IEC/IEEE 29119 series, with ISO/IEC/IEEE 29119-3:2021 providing current templates for test documentation. The test plan is a core planning document that prescribes the scope, approach, resources, and schedule for testing activities. Per ISO/IEC/IEEE 29119-3:2021, the test plan includes an identifier, test items specifying the software components under test, including features to be verified. It details the approach by outlining testing methods, such as manual or automated techniques, and includes references to standards or tools used. Additionally, the test plan addresses responsibilities, assigning roles for test execution and review, and outlines training needs for the team. Suspension criteria define conditions under which testing halts, such as critical defects, with resumption requirements specifying steps to restart. A traceability matrix is a tabular artifact that links requirements to corresponding test cases, ensuring complete coverage and verifying that all specified functionalities are tested. It maps each requirement to design elements, code, and tests, allowing teams to track changes and assess impact during development iterations. In software testing, the matrix typically includes columns for requirement ID, description, associated test cases, and status, helping to identify gaps in coverage early. This tool supports bidirectional traceability, from requirements forward to tests and backward from defects to origins, as emphasized in object-oriented verification practices. Test design documents refine the high-level test approach by specifying features, attributes, and test identification for detailed coverage. Per ISO/IEC/IEEE 29119-3:2021, a test design specification includes input and output specifications for each test item, along with pass/fail criteria based on expected results. It incorporates risk analysis to prioritize testing efforts on high-risk areas, such as complex algorithms or security features, and outlines the stimulus for test execution, like user inputs or environmental conditions. This document groups related test items to streamline design and ensures alignment with the overall test plan strategy. Entry and exit criteria are essential components that define prerequisites for initiating testing phases and conditions for completion, ensuring quality gates are met before progression. Entry criteria might require approved requirements documents and a stable build, while exit criteria could include achieving 95% test coverage or resolving high-severity defects, as outlined in ISO/IEC/IEEE 29119-3:2021-compliant plans. These criteria prevent premature testing starts and avoid incomplete phases, promoting disciplined progression. The defect management process in planning documents establishes protocols for identifying, logging, tracking, and resolving anomalies discovered during testing. It specifies tools for defect reporting, severity classifications (e.g., critical, major, minor), and workflows for triage and assignment, integrated with the test plan's responsibilities section. According to ISO/IEC/IEEE 29119-1:2022, this process includes prevention strategies, such as root cause analysis from prior defects, to improve future testing efficiency and overall software quality.

Execution Elements

Execution elements in software testing encompass the practical components and artifacts employed during the actual performance of tests, enabling the verification of software behavior against specified requirements. These elements include test cases, scripts, suites, fixtures, data, and runs, which collectively facilitate structured, repeatable, and traceable testing activities. They form the operational backbone of testing, translating high-level plans into executable actions and capturing outcomes for analysis. A test case consists of a set of input values, execution preconditions, expected results, and postconditions designed to achieve a specific testing objective, such as exercising a particular code path or confirming adherence to a requirement. According to ISO/IEC/IEEE 29119-3:2021, a test case specification includes identifiers, objectives, inputs, outputs, environmental needs, procedural requirements, dependencies, pass/fail criteria, and rationale to ensure comprehensive coverage of test items. Test cases can be manual, requiring human intervention to apply inputs and observe outputs, or serve as the basis for automation. A test script provides detailed, step-by-step instructions for executing one or more test cases, often in a scripting language to enable automation. In the ISTQB glossary, it is defined as a test procedure specification, especially an automated one. For instance, in web application testing, tools like Selenium allow test scripts to be written in languages such as Python or Java, simulating user interactions like clicking buttons or entering form data via code commands. ISO/IEC/IEEE 29119-3:2021 describes test procedure specifications as sequences of actions for setup, execution, measurement, and wrap-up, including inputs, outputs, and tracing to requirements. Scripts ensure consistency and efficiency, particularly in regression testing where repeated executions are necessary. A test suite is a collection of test cases or scripts organized for execution in a particular sequence or context, often grouped by functionality, module, or priority to streamline testing efforts. The ISTQB defines it as a set of several test cases for a component or system under test, where the postcondition of one may serve as the precondition for the next. Synonyms include test set or test case suite. Suites enable modular testing, allowing selective runs—for example, a regression suite might include all critical path tests—while supporting integration with continuous integration pipelines for automated deployment validation. Test fixtures and data refer to the preparatory elements that establish the necessary conditions for test execution, including setup data, environmental configurations, and supporting structures. A test fixture comprises preconditions or minimal environmental components like hardware, software, data, and settings required to enable a test, commonly used in unit testing frameworks such as JUnit. Test data is predefined information, such as database entries or input files, that influences or is altered by the software under test. A related concept, the test harness, provides the runtime environment with stubs and drivers to simulate dependencies, ensuring isolated and controlled execution. These elements minimize variability, as seen in unit testing frameworks like JUnit, where fixtures initialize objects before each test to maintain independence. A test run represents a single instance of executing a test, suite, or procedure against a specific version of the software, generating logs and results for evaluation. ISTQB describes it as the execution of a test on a particular version of the test object. The test execution process involves running the tests to produce actual results, while the test log—a chronological record of details like procedures performed, environmental conditions, observed outcomes, and anomalies—documents the run. Under ISO/IEC/IEEE 29119-3:2021, the test log captures event entries, results, and discrepancies, serving as evidence of compliance or deviation. Incident reports may arise from runs to detail anomalies, their impacts, and resolutions, facilitating defect tracking.

Quality Assurance

Verification and Validation

Verification and validation (V&V) are essential disciplines in software engineering that ensure the quality and reliability of software products by confirming adherence to specifications and alignment with user expectations. According to IEEE Std 1012-2024, verification determines whether the development products of a given activity conform to the requirements of that activity, while validation confirms whether the software satisfies its intended use and user needs. This distinction, popularized by Barry Boehm, can be summarized as verification asking, "Are we building the product right?" and validation asking, "Are we building the right product?" Verification focuses on the correctness of the development process through static techniques that examine artifacts without executing the software. Common methods include reviews, walkthroughs, and inspections, which identify defects early in the lifecycle. Walkthroughs involve informal peer discussions led by the author to gather feedback on design or code, fostering understanding and error detection. Inspections, formalized by Michael Fagan in 1976, are rigorous, structured peer reviews of documents or code using checklists to systematically uncover issues, often reducing defects by up to 80% in applied cases. Validation, in contrast, evaluates the software's fitness for purpose by assessing its behavior against user requirements, typically through dynamic techniques like execution-based testing. This ensures the final product meets stakeholder needs in real-world scenarios, bridging the gap between specified features and practical utility. V&V processes are integrated throughout software lifecycle models, such as the V-model introduced by Boehm, where verification activities occur during the downward development phases (e.g., requirements to implementation via static analysis), and validation occurs during the upward integration and testing phases (e.g., dynamic testing to confirm end-to-end functionality). This structured approach ensures continuous quality checks aligned with project phases. Software quality assurance (SQA) encompasses V&V as part of broader processes to establish and maintain quality standards, including planning, process control, and audits to verify compliance with defined procedures. IEEE Std 730-2014 outlines SQA requirements for software projects, emphasizing audits to assess adherence to plans and detect deviations early. These mechanisms collectively support reliable software delivery by embedding quality into every stage.

Metrics and Standards

Software testing employs various quantitative metrics to evaluate the effectiveness, efficiency, and quality of testing processes, enabling teams to assess progress, identify risks, and improve software reliability. Defect density, a fundamental metric, measures the number of defects per thousand lines of code (KLOC), calculated as \frac{\text{Number of defects}}{\text{Size of software in KLOC}}, providing insight into code quality and testing thoroughness. Test coverage, which quantifies the proportion of code, branches, or requirements exercised by tests (e.g., statement coverage as a percentage), helps ensure comprehensive validation but must be balanced with other metrics to avoid false confidence. Pass/fail rates track the percentage of test cases that succeed or fail upon execution, with the pass rate computed as \frac{\text{Number of passed tests}}{\text{Total executed tests}} \times 100; high pass rates (e.g., above 95%) signal stable builds, while failures prompt immediate investigation. Defect escape rate, or leakage, represents the percentage of defects undetected during testing that reach production, defined as \frac{\text{Defects found post-release}}{\text{Total defects}} \times 100, highlighting gaps in test design and helping prioritize risk-based testing strategies. International standards guide the application of these metrics within structured testing frameworks. The ISO/IEC/IEEE 29119 series, particularly Part 1 (2022), establishes general concepts and processes for software testing, emphasizing traceable metrics like coverage and defect tracking to support consistent, auditable practices across organizations and projects. For accessibility testing, the Web Content Accessibility Guidelines (WCAG) 2.2, published by the W3C in 2023 and approved as ISO/IEC 40500:2025, outlines 87 testable success criteria under four principles (perceivable, operable, understandable, robust), enabling metrics such as conformance levels (A, AA, AAA) to measure inclusivity in web-based software. Professional certifications validate expertise in applying these metrics and standards. The International Software Testing Qualifications Board (ISTQB) offers tiered certifications, including the Foundation Level (CTFL) for core concepts and advanced levels for specialized skills, benefiting professionals by standardizing terminology, enhancing career mobility, and fostering global collaboration among over 1 million certified individuals. Similarly, the Certified Software Tester (CSTE) from PeopleCert (formerly QAI) focuses on testing principles and project management, while the Certified Software Quality Analyst (CSQA) emphasizes quality assurance processes; both provide skill validation, demonstrating competency in metrics-driven evaluation and improving employability in rigorous QA roles. By 2025, software testing metrics have evolved to incorporate AI-driven measures, addressing modern challenges in automated environments. Test flakiness rates, which quantify non-deterministic test failures (e.g., as a percentage of total runs), are increasingly analyzed using AI pipelines to triage logs and predict instability, reducing maintenance overhead and enhancing reliability in continuous integration pipelines. This shift integrates machine learning for proactive defect prediction, complementing traditional metrics to support agile and DevOps workflows.

Challenges

Controversies

One prominent debate in software testing centers on the misconception that testing can prove the absence of defects in a program. In reality, testing primarily demonstrates the presence of bugs when they are encountered, but it cannot exhaustively verify correctness due to the infinite possible inputs and states in complex software systems. This principle was articulated by Edsger W. Dijkstra in his 1970 notes, emphasizing that program testing serves to reveal errors rather than certify bug-free operation, a view that underscores the limitations of empirical validation in software engineering. Another ongoing controversy involves over-reliance on test automation, which some argue diminishes the role of exploratory testing essential for uncovering unanticipated issues. Automated tests excel at repetitive validation of predefined scenarios but often fail to adapt to evolving requirements or human intuition-driven discovery, leading to incomplete coverage if manual exploration is sidelined. A systematic review of 25 studies and a survey of 115 practitioners found that while automation offers efficiency gains, 80% of respondents rejected the idea that it could fully replace manual testing, highlighting risks like false positives and overlooked edge cases when automation is prioritized excessively. Ethical concerns have intensified in the 2020s with the integration of AI into testing tools, particularly biases arising from underrepresented data in training sets. AI-driven test case generation and defect prediction can perpetuate systemic inequalities if datasets lack diversity, such as insufficient representation of edge cases from varied user demographics or global contexts, resulting in skewed test priorities that miss critical vulnerabilities for certain populations. For instance, biases in regression test selection tools may favor patterns from dominant data sources, exacerbating fairness issues in software validation, as identified in a 2025 analysis of AI ethics in test automation. Resource allocation between testing and development remains a contentious issue, with testing often underfunded relative to coding efforts despite evidence of its long-term value. Industry surveys indicate that quality engineering budgets typically comprise only 20-30% of development expenditures, yet inadequate funding leads to rushed testing phases and higher post-release costs from defects. This tension arises from perceptions that testing is a non-strategic overhead, prompting debates on integrating QA earlier in agile processes to justify greater investment without expanding overall budgets. Historically, the Y2K remediation efforts exemplified critiques of over-testing and hype in the late 1990s. While necessary fixes addressed date-handling flaws, expenditures exceeded $300 billion globally, with detractors arguing that widespread testing and compliance audits were disproportionate to the actual risks, as most legacy systems were remediated preemptively without major incidents on January 1, 2000. Post-event analyses labeled much of the response as an overreaction driven by fear and litigation risks, though it arguably elevated software quality standards industry-wide.

Emerging Trends

Artificial intelligence and machine learning are revolutionizing software testing by enabling automated test case generation and predictive defect analysis. AI-driven tools leverage generative models to create diverse test scenarios from requirements or code, reducing manual effort and improving coverage in complex systems. For instance, advancements in large language models have facilitated the automatic synthesis of test scripts that adapt to evolving software architectures, as demonstrated in studies showing efficiency gains in test automation pipelines. Predictive analytics, powered by machine learning algorithms, forecast potential defects by analyzing historical data, code metrics, and runtime behaviors, allowing teams to prioritize high-risk areas early in development. Tools like Testim utilize AI for self-healing tests that dynamically adjust to UI changes, while Applitools employs visual AI to detect anomalies in user interfaces with near-human accuracy, incorporating 2024 enhancements in neural network training for faster execution. The shift-left approach, integrated with DevSecOps practices, emphasizes incorporating security testing into continuous integration/continuous deployment (CI/CD) pipelines from the outset. This paradigm moves vulnerability scans and compliance checks upstream, enabling developers to address issues during coding rather than post-deployment, which has been shown to reduce remediation costs by 30-50% in enterprise environments. In DevSecOps, automated tools embed static application security testing (SAST) and dynamic analysis directly into IDEs and build processes, fostering a culture of shared responsibility for security. Recent implementations, such as those using infrastructure-as-code for secure pipeline configurations, have accelerated release cycles while maintaining robust threat modeling. Cloud and edge computing are driving new testing paradigms for scalable IoT and microservices architectures, with a growing focus on sustainability metrics. Testing in cloud environments now prioritizes elasticity and fault tolerance across distributed systems, using containerized setups to simulate real-world loads for microservices. Edge testing addresses latency-sensitive IoT deployments by validating data processing at the network periphery, ensuring reliability in bandwidth-constrained scenarios. Sustainability considerations include energy-efficient test execution, where optimized cloud resource allocation during testing phases can reduce carbon footprints, aligning with green software engineering principles. Tools for these environments emphasize automated orchestration to handle hybrid cloud-edge workflows. Emerging areas like quantum-safe testing, low-code/no-code platform validation, and blockchain smart contract verification are addressing gaps in traditional methodologies. Quantum-safe testing involves evaluating cryptographic implementations against potential quantum attacks, with frameworks adopting post-quantum algorithms such as lattice-based signatures to secure software ecosystems. For low-code and no-code platforms, testing focuses on generated code quality and integration points, using AI-assisted oracles to verify citizen-developed applications without deep programming knowledge. Blockchain smart contract verification employs formal methods and fuzzing techniques to detect reentrancy vulnerabilities, with 2025 advancements in automated auditing tools for exploit detection. Key challenges in these trends include ensuring test data privacy under regulations like GDPR and managing non-deterministic behaviors in AI systems. Privacy-compliant testing requires synthetic data generation and differential privacy techniques to anonymize sensitive information, preventing re-identification risks during AI model training. For non-deterministic AI, testing strategies incorporate probabilistic assertions and robustness checks to validate outputs across multiple runs, addressing variability in generative models. These practices are critical for compliant deployment in regulated sectors.

References

  1. [1]
    ISO/IEC/IEEE 29119-1:2022
    ### Summary of ISO/IEC/IEEE 29119-1:2022
  2. [2]
    https://ieeexplore.ieee.org/document/9627426
  3. [3]
    ISTQB - Test Levels - Get Software Service
    The different test levels are: Unit(component) testing; Integration testing; System testing; Acceptance testing. We will look at these test levels in detail in ...
  4. [4]
    ISTQB Foundation Level - Seven Testing Principles - ASTQB
    Testing reduces the probability of undiscovered defects remaining in the software but, even if no defects are found, testing is not a proof of correctness.
  5. [5]
    Research on software testing techniques and software automation ...
    Software Testing is a process, which involves, executing of a software program/application and finding all errors or bugs in that program/application so ...
  6. [6]
    https://ieeexplore.ieee.org/document/4221614
  7. [7]
    Software testing | Proceedings of the International Conference and ...
    Feb 26, 2010 · Testing is more than just debugging. The purpose of testing can be quality assurance, verification and validation, or reliability estimation.Missing: objectives | Show results with:objectives
  8. [8]
    The Goal of Software Testing - Communications of the ACM
    May 30, 2018 · This goal helps testers rid the program of enough bugs for it to run smoothly after launch.
  9. [9]
    An Automated Approach to Estimating Code Coverage Measures ...
    ... code paths and estimates three different code coverage criteria: method coverage, statement coverage, and branch coverage. ... Metrics · More Like This.
  10. [10]
    Quantifying the benefits of software testing: an experience report ...
    The results clearly show a positive impact of systematic testing on timeliness, reliability and documentation, underlining also the importance of anticipating ...
  11. [11]
    A Review on Tools, Mechanics, Benefits, and Challenges of ...
    The objective of software testing is ensuring the quality and reliability of software; it is therefore a crucial activity, especially in modern software ...
  12. [12]
    Benefits and limitations of automated software testing - IEEE Xplore
    The survey showed that benefits of test automation were related to test reusability, repeatability, test coverage and effort saved in test executions.Missing: scholarly | Show results with:scholarly
  13. [13]
    Planning to Guide LLM for Code Coverage Prediction
    Statement coverage concentrates on the number of individual state- ments covered. Another code coverage type is branch coverage, commonly known as decision ...<|separator|>
  14. [14]
    Is branch coverage a good measure of testing effectiveness?
    Many educators currently use code coverage metrics to assess student-written software tests. While test adequacy criteria such as statement or branch coverage ...
  15. [15]
    https://ieeexplore.ieee.org/document/5477091/
  16. [16]
    BERT: BEhavioral Regression Testing - ACM Digital Library
    Because generating tests for real programs is expensive, developers build test suites by finding acceptable tradeoffs between cost and thoroughness of the tests ...Missing: trade- offs
  17. [17]
    [PDF] Engineering "The Miracle of the ENIAC" - tomandmaria.com
    By 6 April, implementation of a. "79 order code" was complete. A lengthy period of testing and debugging followed, full of "intermittents," "transients," and ...
  18. [18]
    https://www.academia.edu/82517100/Debugging_the_ENIAC
  19. [19]
    [PDF] A large routine
    It is not widely known, but already in June 1949∗ Alan Turing had the main concepts that still are the basis for the best approach to program verification ...
  20. [20]
    September 9: First Instance of Actual Computer Bug Being Found
    On September 9, 1947, a team of computer scientists and engineers reported a moth caught between the relay contacts of the Harvard Mark II computer.
  21. [21]
    [PDF] 50 Years of Army Computing From ENIAC to MSRC - DTIC
    They were testing on the ENIAC because they were planning to put the ... 1940 to early 1950 was a time much different from the world today. Today, I ...<|separator|>
  22. [22]
    [PDF] Debugging the ENIAC [Scanning Our Past] - Semantic Scholar
    The ENIAC served as a national computing resource from its completion in late 1945s until its retirement in 1955 and was used for a wide variety of ...
  23. [23]
    Quantifying Success: Measuring ROI in Test Automation
    Nov 23, 2023 · Findings: By presenting real-world case studies and examples, this paper effectively demonstrates the practical application of ROI measurement ...
  24. [24]
    https://www.techradar.com/pro/sluggish-software-delivery-is-an-executive-level-risk
  25. [25]
    A survey on software test automation return on investment, in ...
    Dec 17, 2021 · The paper presents a survey and analysis to understand the ROI of test automation from industry test professionals from both product and ...
  26. [26]
    A systematic literature review of software quality cost research
    The main goal of this systematic literature review on software quality costs was to structure existing work in this field and to guide researchers to promising ...
  27. [27]
    Extraction Cost of Quality and Testing in Software Project
    This paper aim to extract the cost of quality and testing from the total cost of the software project based on Salleh and Primandaria model. The result shows ...
  28. [28]
    [PDF] IMPACT OF SOFTWARE TESTING METRICS ON ... - iaeme
    Defect. Leakage is the Metric which is used to identify the efficiency of the QA testing i.e., how many defects are missed / slipped during the QA testing.
  29. [29]
    https://ieeexplore.ieee.org/document/9423967
  30. [30]
    How to foster testing team collaboration with Jira - Atlassian
    Sep 21, 2016 · Jira makes this communication easier by helping agile teams organize issues, assign work, and follow the progress of each software iteration.
  31. [31]
    Shift-Left – Testing, Approach, & Strategy - New Relic
    Apr 28, 2025 · Shift left is a methodology used to proactively address or prevent issues and solve problems earlier in the product lifecycle.What is shift left? · Shift left approach: Why it matters · Benefits of shift left testing
  32. [32]
    Top 12 Software Testing Challenges of November 2025
    Aug 8, 2025 · Skill Gaps and Training Shortfalls​​ Most challenges faced in QA teams is their struggle to find people experienced in modern testing practices, ...Missing: overlaps | Show results with:overlaps
  33. [33]
    20 Challenges Every QA Faces and How to Solve Them
    1. Last-Minute Changes to Requirements · 2. Inadequate information on user stories · 3. Inadequate Experience with Test Automation · 4. Inadequate collaboration ...
  34. [34]
    None
    Summary of each segment:
  35. [35]
    static testing - ISTQB Glossary
    static testing. Version 4. Testing that does not involve the execution of a test item. See also. dynamic testingstatic analysisreview. Used in Syllabi.
  36. [36]
    dynamic testing - ISTQB Glossary
    Testing that involves the execution of the test item. References. After ISO 29119-1. See also. static testing. Used in Syllabi. Foundation - v4.0. Advanced Test ...
  37. [37]
    Differences between Active Testing and Passive Testing
    Jun 11, 2025 · Active testing involves directly interacting with the system, while passive testing focuses on observing the system without interference.
  38. [38]
    black-box testing - ISTQB Glossary
    ### Extracted Definition and Related Terms
  39. [39]
    equivalence partitioning - ISTQB Glossary
    A black-box test technique in which test conditions are equivalence partitions exercised by one representative member of each partition.Missing: definition | Show results with:definition
  40. [40]
    https://glossary.istqb.org/en_US/term/boundary-value-analysis
  41. [41]
    white-box testing - ISTQB Glossary
    Testing based on an analysis of the internal structure of the component or system. Synonyms. clear-box testing, code-based testing, glass-box testing ...
  42. [42]
    https://glossary.istqb.org/en_US/term/branch-coverage
  43. [43]
    None
    Summary of each segment:
  44. [44]
    Gray Box Testing | Veracode
    Gray box testing combines white and black box testing, where testers have a partial understanding of the application's internal structure.
  45. [45]
    exploratory testing - ISTQB Glossary
    ### Extracted Definition and Related Terms
  46. [46]
    Scripted Testing - ISTQB Glossary
    Scripted Testing. Testing (manual or automated) that follows a test script. Present in sylabi. Advanced Test Analyst 2012 Expert ...Missing: adaptive | Show results with:adaptive
  47. [47]
    [PDF] A Lightweight Tool for Random Testing of Haskell Programs
    In this paper we describe a tool, QuickCheck, which we have developed for testing Haskell programs. Functional programs are well suited to automatic testing. It ...
  48. [48]
    [PDF] A New Approach for Generating Next Test Cases y
    In this paper, we have proposed a new approach for generating test cases called Metamorphic Testing. This approach aims at uncovering those errors which are ...
  49. [49]
    A Survey on Metamorphic Testing | IEEE Journals & Magazine
    Feb 29, 2016 · This article provides a comprehensive survey on metamorphic testing ... Sergio Segura ; Gordon Fraser; Ana B. Sanchez; Antonio Ruiz-Cortés.
  50. [50]
    https://www.iso.org/standard/88189.html
  51. [51]
    Web Content Accessibility Guidelines (WCAG) 2.1 - W3C
    May 6, 2025 · Web Content Accessibility Guidelines (WCAG) 2.1 covers a wide range of recommendations for making Web content more accessible.Understanding WCAG · Translations of W3C standards · User Agent Accessibility
  52. [52]
    OWASP Top 10:2025 RC1
    About OWASP · A01 Broken Access Control · A02 Cryptographic Failures · A03 Injection · A04 Insecure Design · A05 Security Misconfiguration · A06 Vulnerable and ...A01 Broken Access Control · How to use the OWASP Top... · A03 Injection
  53. [53]
    https://www.iso.org/standard/83059.html
  54. [54]
    What is CI/CD? - Red Hat
    Jun 10, 2025 · CI/CD, which stands for continuous integration and continuous delivery/deployment, aims to streamline and accelerate the software development lifecycle.Why is CI/CD important? · Continuous integration · CI/CD, DevOps, and platform...
  55. [55]
    What Is Development Testing (DevTest)? - NetApp
    Development testing (DevTest) is an approach in software development that aims to bring the development and testing phases closer together.
  56. [56]
    [PDF] Standard Glossary of Terms used in Software Testing Version 3.1 All ...
    A document specifying a set of test cases (objective, inputs, test actions, expected results, and execution preconditions) for a test item. test charter. See ...Missing: fixture | Show results with:fixture
  57. [57]
    [PDF] IEEE Std 829-2008, IEEE Standard for Software and System Test ...
    Feb 4, 2015 · Both the types of test documentation and the content topics within each documentation type need to be selected based on the testing tasks ...
  58. [58]
    Write your first Selenium script
    Step-by-step instructions for constructing a Selenium script.
  59. [59]
    IEEE 1012-2024 - IEEE SA
    Aug 22, 2025 · IEEE 1012-2024 is a standard for system, software, and hardware verification and validation, determining if products meet requirements and ...
  60. [60]
    IEEE 730-2014 - IEEE SA
    Requirements for initiating, planning, controlling, and executing the Software Quality Assurance processes of a software development or maintenance project
  61. [61]
    Metrics for functional testing - DevOps Guidance
    Defect density: The number of defects identified per unit of code, typically per thousand lines of code (KLOC). · Test pass rate: The percentage of test cases ...Missing: rates | Show results with:rates
  62. [62]
    1633-2016 - IEEE Recommended Practice on Software Reliability
    Insufficient relevant content. The provided content (https://ieeexplore.ieee.org/document/7827907) only includes a title and metadata ("1633-2016 - IEEE Recommended Practice on Software Reliability | IEEE Standard | IEEE Xplore") without accessible full text or specific details on software testing metrics like defect density, test coverage, or reliability measures. No definitions or usage information is available.
  63. [63]
    Understanding Software Testing Metrics - PractiTest
    Introduction. The fundamental activity of software testing is measurement, such as knowing how many tests have passed compared to how many tests have failed.
  64. [64]
    DevOps Metrics and KPIs: A Multivocal Literature Review
    Apr 25, 2024 · Defect Escape Rate. Definition: The percentage of defects that are not caught during testing and are discovered in production. This can be ...
  65. [65]
    Web Content Accessibility Guidelines (WCAG) 2.2 - W3C
    Dec 12, 2024 · Web Content Accessibility Guidelines (WCAG) 2.2 covers a wide range of recommendations for making web content more accessible.How to Meet WCAG (Quickref... · Success Criterion 1.3.1 · WCAG22 historyMissing: 2025 | Show results with:2025
  66. [66]
    International Software Testing Qualifications Board (ISTQB)
    The ISTQB® Certified Tester Foundation Level (CTFL) certification is the cornerstone of essential testing knowledge that can be applied to real-world scenarios.Istqb acceptance testing logo · Istqb usability testing logo · Performance Testing
  67. [67]
    (PDF) AI-Assisted Triage of Flaky Test Failures from System Logs
    Oct 6, 2025 · PDF | This study presents a practical and reproducible pipeline for managing flaky test failures directly from CI logs.
  68. [68]
    Benefits and limitations of automated software testing
    The goal of the practitioner survey was to determine whether the benefits and limitations are of relevance for the software industry at large. A. Conduct.Missing: objectives | Show results with:objectives
  69. [69]
    Ethical challenges and software test automation
    Jul 22, 2025 · (AI) in software testing. Complex ethical challenges arise while applying AI and automation in the different stages of software testing such ...
  70. [70]
    [PDF] World Quality Report I 2024-25 - Capgemini
    Hence, it's no surprise that intelligent product validation is gaining significance, with 21% of testing budgets now allocated to these smart technologies.
  71. [71]
    U.S., Firms Overreacted to Y2K Fix, Critics Say - Los Angeles Times
    Jan 2, 2000 · Trial attorneys saw a potential gold mine in litigation against faulty software and some experts warned that companies might spend more fending ...Missing: testing critique industry
  72. [72]
    Y2K, the Bad: Fear, hype and the blame game | Reuters
    Dec 29, 2009 · "Immediately after Y2K, spending on mainframe and critical systems seemed to fall away," observes McGill. While his company made money selling ...
  73. [73]
    (PDF) Automated Test Case Generation and Defect Prediction
    Nov 2, 2024 · This paper explores the integration of AI-driven testing automation, which significantly reduces manual effort and increases the efficiency of testing phases ...
  74. [74]
    Next-Generation Software Testing: AI-Powered Test Automation
    Predictive analysis: Why? Predicting defects before they occur helps prevent costly failures and improves software reliability. How far have we come? AI models ...
  75. [75]
    Next-Generation Software Testing: AI-Powered Test Automation
    Jun 10, 2025 · Predictive analysis: Why? Pre- dicting defects before they occur helps prevent costly failures and improves software reliabil- ity. How far have ...
  76. [76]
    9 Software Testing Trends in 2025 - TestRail
    Jul 10, 2025 · 9 Software testing trends for 2025 · 1. Adoption of shift-left testing · 2. Collaboration with data scientists · 3. Improved QA strategy: alignment ...
  77. [77]
    Software Testing in 2025: Tools, Trends, and Techniques for the ...
    Apr 3, 2025 · In 2025, tools like Testim.io and Diffblue Cover are using AI and machine learning to generate test cases, spot high-risk areas, and even fix ...Software Testing In 2025... · Ai-Powered Testing: Your... · Cybersecurity Testing: Code...
  78. [78]
    Shift-Left Security: Integrate SAST Into DevSecOps Pipeline
    CI/CD static code analysis adds automated security, validation and authentication to the DevOps pipeline by testing code before release. With application code ...
  79. [79]
    What is Shift Left? Security, Testing & More Explained | CrowdStrike
    Nov 26, 2024 · Shifting left in the context of DevSecOps means implementing testing and security into the earliest phases of the application development process.
  80. [80]
    Shift Left Security Today: Adoption Trends & How To Shift Security Left
    Mar 27, 2025 · For example, embedding automated security controls and testing capabilities into the CI/CD pipeline will be a key trend for shift-left security ...
  81. [81]
    What is IoT Testing, Different Approaches, and Trends to Look in 2025
    IoT Testing dives into the world of connected devices. This involves E2E testing of the IoT ecosystem and ensures multistage validation. Read to know more!
  82. [82]
    Optimizing IoT Protocols for Edge Microservices - DreamFactory Blog
    Aug 6, 2025 · By 2025, data centers are projected to consume 33% of global ICT electricity. Making smart protocol choices today is a step toward a more ...
  83. [83]
    [PDF] Microservices and IoT Architectures: Convergence and Application ...
    Oct 6, 2025 · Cloud–edge microservices architecture and service orchestration: An integral solution for a real-world deployment experience, Internet of ...<|separator|>
  84. [84]
    [PDF] Technology Trends Outlook 2025 - McKinsey
    Jul 1, 2025 · Our annual tech trends report highlights the latest technology breakthroughs, talent trends, use cases, and their potential impact on companies ...
  85. [85]
    Quantum-Safe Cryptography Standards: Forging an Unbreakable ...
    Jul 15, 2025 · Ethereum is testing ML-DSA for quantum-resistant smart contracts, with pilots in 2025. Software Supply Chain: ML-DSA prevents “slopsquatting ...
  86. [86]
    https://medium.com/predict/a-complete-guide-to-smart-contract-audits-for-blockchain-startups-in-2025-3fca108990e8
  87. [87]
    Emerging Software Development Trends in 2025 | Charter Global
    Nov 29, 2024 · Explore the key software development trends for 2025, including AI-powered code generation, low-code platforms, blockchain innovations, and more ...
  88. [88]
    A Complete Guide to Smart Contract Audits for Blockchain Startups ...
    May 25, 2025 · A smart contract audit is a thorough review of your contract's code to catch any bugs, security risks, or logic flaws before it goes live.
  89. [89]
    TechDispatch #2/2025 - Human Oversight of Automated Decision ...
    Sep 23, 2025 · It is important to emphasize that ADM systems can also be implemented without AI, using predefined rules, deterministic algorithms, or ...
  90. [90]
    Engineering GDPR compliance in the age of agentic AI - IAPP
    Oct 8, 2025 · Swap one-time privacy reviews for continuous governance. Start with a predeployment set of controls that test AI agents against synthetic and ...
  91. [91]
    10 Essential Practices for Testing AI Systems in 2025 - Testmo
    Sep 12, 2025 · How to test non-deterministic systems like AI: Start by integrating AI-powered tools into your testing stack. Use LLMs to generate prompt ...
  92. [92]
    New quality engineering playbook for generative AI - QualiZeal
    Oct 29, 2025 · Non-determinism of AI systems can turn into a serious business risk in industries and workflows where objectivity is paramount.