Picture of Computer Security Handbook, 4th Edition
computersecurityhandbook.com
Home  >  Fourth Edition  >  Chapter 25
 Home
  by Author
  Fourth Edition
    Chapter 1
    Chapter 2
    Chapter 3
    Chapter 4
    Chapter 5
    Chapter 6
    Chapter 7
    Chapter 8
    Chapter 9
    Chapter 10
    Chapter 11
    Chapter 12
    Chapter 13
    Chapter 14
    Chapter 15
    Chapter 16
    Chapter 17
    Chapter 18
    Chapter 19
    Chapter 20
    Chapter 21
    Chapter 22
    Chapter 23
    Chapter 24
    Chapter 25
    Chapter 26
    Chapter 27
    Chapter 28
    Chapter 29
    Chapter 30
    Chapter 31
    Chapter 32
    Chapter 33
    Chapter 34
    Chapter 35
    Chapter 36
    Chapter 37
    Chapter 38
    Chapter 39
    Chapter 40
    Chapter 41
    Chapter 42
    Chapter 43
    Chapter 44
    Chapter 45
    Chapter 46
    Chapter 47
    Chapter 48
    Chapter 49
    Chapter 50
    Chapter 51
    Chapter 52
    Chapter 53
    Chapter 54
  by Section
  Services
  About this site
Chapter 25 –  Software Development and Quality Assurance
     Diane E. (Dione) Levine

Chapter Contents:

   25.1    Introduction
   25.2    Goals of Software Quality Assurance
   25.2.1    Uncover All of a Program's Problems
   25.2.2    Reduce the Likelihood that Defective Programs Will Enter Production
   25.2.3    Safeguard the Interests of Users
   25.2.4    Safeguard the Interests of Software Producers
   25.3    Software Development Life Cycle
   25.3.1    Phases of the Traditional Software Development Life Cycle
   25.3.1.1    Investigation
   25.3.1.2    Analysis
   25.3.1.3    Design
   25.3.1.4    Decoding and Debugging
   25.2.1.5    Testing
   25.3.1.6    Implementation
   25.3.1.7    Maintenance
   25.3.2    Classic Waterfall Model
   25.3.2.1    Analysis or Requirements Analysis
   25.3.2.2    Design
   25.3.2.3    Implementation
   25.3.2.4    Testing
   25.3.2.5    Maintenance
   25.3.3    Rapid Application Development and Joint Application Design
   25.3.4    Importance of Integrating Security at Every Phase
   25.4    Types of Software Errors
   25.4.1    Internal Design or Implementation Errors
   25.4.1.1    Initialization
   25.4.1.2    Logic Flow
   25.4.1.3    Calculation
   25.4.1.4    Boundary Condition Violations
   25.4.1.5    Parameter Passing
   25.4.1.6    Race Condition
   25.4.1.7    Load Condition
   25.4.1.8    Resource Exhaustion
   25.4.1.9    Other Sources of Error
   25.4.2    User Interface
   25.4.2.1    Functionality
   25.4.2.2    Control (Command) Structure
   25.4.2.3    Performance
   25.4.2.4    Output Format
   25.5    Designing Software Test Cases
   25.5.1    Good Tests
   25.5.2    Emphasize Boundary Conditions
   25.5.3    Check All State Transitions
   25.5.3.1    Test Every Limit
   25.5.3.2    Test for Race Conditions
   25.5.4    Use Test-Coverage Monitors
   25.5.5    Seeding
   25.5.6    Building Test Data Sets
   25.6    Before Going Into Production
   25.6.1    Regression Testing
   25.6.2    Automated Testing
   25.6.3    Tracking Bugs from Discovery to Removal
   25.7    Managing Change
   25.7.1    Change Request
   25.7.2    Tracking System
   25.7.3    Regression Testing
   25.7.4    Documentation
   25.8    Sources of Bugs and Problems
   25.8.1    Design Flaws
   28.8.2    Implementation Flaws
   25.8.3    Unauthorized Changes to Production Code
   25.8.4    Incompetent Programmers
   25.8.5    Data Corruption
   25.8.6    Hacking
   25.9    Conclusion
   25.10    Bibliography and For Further Reading

Please report problems to the webmaster at: webmaster@removethis.rlgsc.com
copyright 2002-2006, Robert Gezelter, All Rights Reserved