Title : Unit Value of a Test Case

Introduction: At Asynchrony we’ve had to learn to crawl, walk, and run over and over as technologies and our customers have changed throughout the course of the development of the Mobile Field Kit (MFK), one of our government projects. Our project is complex with many moving parts; it’s got multiple technical stacks, changing customers, lots of unusual equipment, lots of developers, and, with this being a software development company, we have had a good number of developers who have cycled in and out of the project team. We feel we have proven ourselves at being really good at changing and adapting. The success of this project has been due in large part to its ability to remain flexible, continuing to meet our customer needs as they evolve, and the creation and achievement of high quality processes. With all these moving pieces, how do we assure we are creating a high quality product and advocating for quality throughout our processes? We are able to do so because of our ability to combine the best traditional testing practices with unconventional quality processes to help our users succeed in their missions. Title: Software Testing and Cyber Security Authors: Robin Poston and Nicole Samson Abstract: In December 2013, Target Stores’ systems were breached with over 40 million customer credit cards and other personal information reaching the hands of cyber-criminals. If Target had performed more exhaustive testing of their enterprise systems, it is possible they could have caught and fixed some or all of the vulnerabilities that led to the intrusion. What we learn from Target’s loss is that all companies should be testing for security vulnerabilities. As security breaches become more frequent, it becomes increasingly important to protect data systems and ensure they stay continuously protected. Yet, how do we know when our systems are protected? More importantly, how do we effectively test system security? By thoroughly testing the security of the system, we can potentially prevent security breaches from infiltrating our systems. Initially, we conducted a review of the scholarly and best practices literature to address these questions. Through the review, we created an initial draft of a comprehensive matrix, which we call the Security Testing Coverage Matrix, illustrating which test procedures may help with early identification of security vulnerabilities. The goal is to identify potential security weaknesses that may be fixed prior to being breached. The Matrix will then be presented to a panel of experts who will offer feedback for further refinement. The Matrix is useful to security and testing experts in the field who may utilize the Matrix in making testing coverage decisions about new and existing system tests to prevent data breaches. This Matrix is offered to help organizations formulate a comprehensive cyber security test plan. In December 2013, Target Stores’ systems were breached with over 40 million customer credit cards and other personal information reaching the hands of cyber-criminals. If Target had performed more exhaustive testing of their enterprise systems, it is possible they could have caught and fixed some or all of the vulnerabilities that led to the intrusion. What we learn from Target’s loss is that all companies should be testing for security vulnerabilities. As security breaches become more frequent, it becomes increasingly important to protect data systems and ensure they stay continuously protected. Yet, how do we know when our systems are protected? More importantly, how do we effectively test system security? By thoroughly testing the security of the system, we can potentially prevent security breaches from infiltrating our systems. Initially, we conducted a review of the scholarly and best practices literature to address these questions. Through the review, we created an initial draft of a comprehensive matrix, which we call the Security Testing Coverage Matrix, illustrating which test procedures may help with early identification of security vulnerabilities. The goal is to identify potential security weaknesses that may be fixed prior to being breached. The Matrix will then be presented to a panel of experts who will offer feedback for further refinement. The Matrix is useful to security and testing experts in the field who may utilize the Matrix in making testing coverage decisions about new and existing system tests to prevent data breaches. This Matrix is offered to help organizations formulate a comprehensive cyber security test plan. Title: Formal Methods and Optimization of Software Test Cases Authors: Rodrigo Silva-Lugo Abstract: A comprehensive approach to software test case optimization is proposed, including a review of optimization techniques, and their application to three problems: generation of test cases, selection of the test cases, and prioritization of the execution of test cases.