Software Testing Papers Library
Software Quality: Static Code Analysis and dynamic Tests – Complementary Procedures for Quality Assurance
Lambertz, Klaus
To ensure good software quality, during software development two complementary procedures are used: Static Code Analysis and Dynamic Tests associated with Code Coverage measurements. This paper shows the advantages
and limitations of both methods and explains why Static and Dynamic Tests are complementary and both necessary to guarantee high quality software.© 2024 Download
Quality, Safety and Security: Testing of Medical Software
Lambertz, Klaus
Medical software comprises numerous products that improve both diagnostics and therapy. As in other areas, software is becoming increasingly important. At the same time, however, this digitalization also brings
with it new risks such as malfunctions and attacks by attackers, which must be minimized by ensuring the best possible software quality. Manufacturers are therefore faced with the challenge of developing their
products to a very high quality, in compliance with the law and at low cost. © 2023 Download
First Aid for Old Code
Lambertz, Klaus
In addition to the international standard IEC 62304 – medical device software – software life cycle processes, a new Medical Device Regulation (MDR) valid since May 2021 came into force in the European Union.
It is not the first time that quality assurance for medical device software has come into focus. IEC 62304, MDR and other standards stipulate that manufacturer must ensure quality assurance throughout the
entire life cycle of a product. In the case of current systems, this is generally hardly problematic. The situation is quite different when new functions are to be added to older devices: who in the company still
knows the code or where to find the - hopefully existing - documentation? Although the IEC 62304 and MDR only affect the medical sector, the issue is nonetheless known in other industries as well.
© 2022 Download
Measuring Code Coverage for Embedded Software
Lambertz, Klaus
For a long time already, embedded software is used for critical applications where safety is highly important. As nowadays, embedded devices are often clients which are connected with other devices on the Internet
of Things (IoT), security aspects need to be considered as well. This means that the quality of embedded devices is extremely important - both from a security point of view and from a functional safety point of view.
For safe and reliable embedded devices, testing is an indispensable part of quality assurance. It is not without reason that the standards for safety-critical software development set precise requirements for test
methods and test coverage. As a rule, the more critical the application, the higher are the requirement concerning the code coverage. © 2022 Download
Nine Tips for the right Code Coverage Measurement
Lambertz, Klaus
Measuring code coverage is increasingly important for embedded systems but requires some experience. This is because there are a few hurdles to overcome, especially with small targets. However, with the right
approaches and suitable tools, measuring test coverage is possible without excessive effort. Nine practical tips help you get started. © 2022
Download
10 Criteria for selecting a Code Coverage Tool
Lambertz, Klaus
Particularly in safety-critical software development, industry standards prescribe precise requirements for code coverage, so that products cannot be certified here without proof of sufficient test coverage.
But also in other development projects, companies increasingly attach great importance to software quality and measure code coverage. Various code coverage analyzers are available on the market for measuring
code coverage. They differ significantly in terms of handling and quality. For this reason, we show ten basic criteria for selecting a code coverage tool.
© 2021 Download
Static Code Analysis and Dynamic Testing: Complementary Techniques for your Software Quality
Lüdtke, Royd
Increased recall campaigns, delayed deliveries, difficulties in delivering the promised functions on time: software quality is not evident. The development of good software is only possible through consistent action,
adherence to standards and the use of mature test and quality assurance tools. Bad software leads to monetary losses and deterioration of the corporate image. Embedded software is even more critical, as it is mostly
used in safety-critical applications. Here, software errors can endanger human lives and must therefore be avoided at all costs. To ensure quality, both static code analysis procedures and the testing of executable
software during dynamic analysis (including unit tests) are necessary. As each of the two approaches uncovers only a part of the existing defects, both complementary methods are necessary.
© 2021 Download
How Imagix 4D supports the Understanding of Software based on Source Code
Baltzer, Jan-David
This work will show how Imagix 4D improves the processof exploring and understanding unfamiliar source code. An introductioninto why and where such a process is required will be followed by adescription of the
methods Imagix 4D introduces to support such sourcecode analysis. ©2019 Download
Static Analysis: Detect bottlenecks - Identify problems with the Cache Usage
Lüdtke, Royd
The use of the cache has a considerable impact on the overall system performance, even with small targets. This efficiency plays an important role, in particular in regard to real-time applications. Possibilities
for optimisation should already be found in a very early phase of the software development lifecycle. The sooner the bottleneck is recognised, the easier and cheaper it can then also be removed. A procedure is
suited for this task, which actually should be established in every development team: Static code analysis. With its use, it is possible to root out problems involving the cache usage and to remove them.
© 2019 Download
Code Coverage on Embedded Devices: Code Coverage on small Targets
Lambertz, Klaus
Even on embedded devices, software has to be tested sufficiently before the product can be launched on the market. However, such a monitoring in the testing progress, required by many safety standards, is not quite
trivial at this point. Often, target resources are limited and memory and processor could easily reach their boundaries. But with some creativity it is even possible to capture and proof Code Coverage in the
embedded area. © 2018 Download
Testwell CTC++: Code Coverage for safety-critical Embedded Systems
Fischer, Daniel
Software for embedded systems is often used in safety-critical systems. In this area malfunctions could lead to accidents or damages of high magnitude and even to loss of lives. Therefore, security standards such
as the DO178-C (aviation), the ISO 26262 (automotive) or the EN 50128 (railway) demands harsh proff of code coverage. In dependency to the ciritcality, a suitable level of code coverage has to be applied.
© 2013 Download
Fuzzing
Basáez, Daniel
Fuzzing is a technique for Testing, and is very effective for finding security vulnerabilities in software. It was used in several applications like Unix systems, GUI applications under Windows and Apple
MacOS. ... it is often used to improve the programming of everything, because it can reach parts of code, in some cases, that other testing tools never reach, this concept of testing is still used nowadays
and his creator is still doing research over this. Fuzzing is a method that inserts unexpected data into input. In this paper some approaches are discussed and also some applications and some tools are showed.
© 2009 Download
Functionality and Design of the CMock framework
Raffeiner, Simon
Development cycles in the embedded world have not changed fundamentally for many years now. Even though the principles of agility, test-driven development and extreme programming have been adapted to embedded
development in the last ten years, the advantages of unit testing and mocking are widely ignored. The problem mainly arises from the misconception among developers that code written for embedded platforms without
an operating system is hard to test because of the missing interaction possibilities with the system, and that space constraints make the use of frameworks impossible. Most developers focus on system testing
instead. This paper shows how the CMock1 mocking framework can be used in conjunction with the Unity2 unit test framework to implement White-Box-Tests for embedded system software written in the C programming
language. © 2009 Download
Classic Algorithms for Pairwise Testing
Rothmann, Andreas
This paper gives an overview on the most important classic algorithms for pairwise testing. All algorithms use combinatorial strategies to find a test set, which covers pairwise combinations of system parameters
(for example system settings or inputs from the user). The idea of pairwise testing is already 20 years old but for the last five years its popularity has been rising extremely. The reason is that testers have to
face more complex software projects with the same time target. © 2008 Download