This glossary is consistent with the British Standard BS7925-1 Glossary of Testing Terminology



Acceptance Criteria

A set of targets to be met by a test stage to plan when to stop testing.

Acceptance Testing

Formal testing conducted to enable a user, customer, or other authorized
entity to determine whether to accept a system (or, less commonly, a
component or sub-system where external suppliers are involved).


The ease by which users with disabilities can use a system.

Ad Hoc Testing

Unplanned, undocumented testing.

Alpha Testing

Simulated or actual operational testing at an in-house site not otherwise
involved with the software developers.


An application embedded in a Web page, written in Java.

Application System Testing

The process of testing an integrated system to verify that it meets
specified requirements.

Attacker (Hacker, Cracker)

An individual or organization that threatens the security of your web


A measure of the time a system is up and running. Normally expressed as a

Backup And Recovery Testing

Testing of the procedures used to make backups and perform recovery from


A document that describes the behaviour of a system: a requirement,
specification or design to test against. Strictly, the specific version
(and date) of each such document that is to be used.


The combination of input values and preconditions and the required response
for a function of a system.

Beta Testing

Operational testing at an external site not otherwise involved with the
software developers.

Black Box Testing (Functional Testing)

Test case selection that is based on an analysis of the specification of
software without reference to its internal structure.

Boundary Value Analysis

A test case design technique in which test cases are designed to include
boundary values.

Browser Page Testing

Testing of the functionality available within a web page that does not
exercise server-based components.

Browser Syntax Compatibility Checking

Verification (normally automated) that HTML is compatible with a browser

Business Integration Testing

Tests that provide confirmation that the systems, processes and people work
as an integrated whole to meet an organization’s objectives.

Business Object

A real world entity of interest to business users.

Business Volumes

Quantities of business transactions used to size a database or plan a
performance test.

Candidate Risk

A potential risk identified and added to the risk register, not yet

Cardinal Business Objectives

A principle (business) aim of a project.

Cascading Style Sheet

A separate file on a web server containing reusable style definitions,
referenced by a Web page.

Common Gateway Interface

The mechanism that enables a web page to invoke functionality residing on a
web server and to receive output from it.

Cognitive Walkthrough

A detailed review of a sequence of steps that an interface requires a user
to perform in order to accomplish some task.

Collaborative Usability Inspection

A systematic examination of a finished product, design or prototype from
the point of view of its usability by intended end users.

Compatibility Tests

Testing whether the system is compatible with other systems with which it
should communicate.


A minimal software item for which a separate specification is available.

Component (Unit) Testing

The testing of individual software components.


A Boolean expression containing no Boolean operators. For instance, A<B is
a condition but A and B is not.

Configuration Testing

Tests that aim to demonstrate that Web applications will operate correctly
on a range of client hardware, operating system and browser combinations.

Content Checking

Checking of the content of Web pages for accuracy, completeness,
consistency and correct spelling.

Context Testing

Test whether weird paths through the application and irregular network
connectivity do not disturb the workings of a web site.

Continuous Testing

Continuity of testing and monitoring of systems into production.

Control Flow Graph

The diagrammatic representation of the possible alternative control flow
paths through software.


Small amounts of data stored by a browser on the users hard drive at the
invitation of a web site.


The degree, to which a test case suite has exercised a specified coverage
item, expressed as a percentage.

Cascading Style Sheet

A separate file on a web server containing reusable style definitions,
referenced by a Web page.

Distributed Denial of Service Attack

Where an attacker makes us of other sites to amplify their attack on your


The process of finding and removing the causes of failures in software.

Denial of Service Attack

Attempt by an attacker to disrupt or disable your web service.

Dynamic Testing

Testing that involves the dynamic execution of tests of software.


The conduct of business on the Internet.


The buying and selling of goods and services on the Internet.

Equivalence Class/Partition

A portion of the component's input or output domains for which the
component's behaviour is assumed to be the same from the component's


A human action that produces an incorrect result.

Error Guessing

A test case design technique where the experience of the tester is used to
postulate what faults might occur, and to design tests specifically to
expose them.

Expected Outcome

The behaviour predicted by the specification of an object under specified

Exploratory Testing

Test design and test execution at the same time; a systematic approach to
error guessing.


A private network that uses the Internet to securely share part of a
business's information or operations with suppliers, vendors, partners,
customers, or other businesses.

Extreme Programming

A pragmatic approach to program development that emphasizes business
results first and takes an incremental, get-something-started approach to
building the product, using continual testing and revision.

Failover Testing

Tests that aim to verify that designed-in recovery features maintain the
service end-users when failures occur.


Deviation of the software from its expected delivery or service.

Failure Mode

A way in which a system can fail (that gives cause for concern).

Failure Mode and Effects Analysis

A systematic way of identifying modes of failure and preventing their

Fault (Bug, Defect)

A manifestation of an error in software. A fault, if encountered may cause
a failure.

Fault Tree Analysis

A method used to analyze the cause of hazards.


A firewall is a set of related programs, located at a network gateway
server that protects the resources of a private network from users from
other networks.


Software that is offered at no cost.

Good Enough

A set of criteria for deeming a product or system as acceptable. It
acknowledges that products need not be “perfect” at the moment of release.


A state or set of conditions of a system that, together with other
conditions in its environment will lead to a failure.

Heuristic Evaluation

A systematic examination of a user interface to judge its compliance with
recognized usability principles (the "heuristics").

HTML Validation

An automated inspection of HTML code to verify it meets the requirements of
the HTML Standard.


An unplanned event occurring during testing that has a bearing on the
success of the test. Most commonly raised when a test result fails to meet


A group review quality improvement process for written material.


The insertion of additional code into the program in order to collect
information about program behaviour during its execution.


The process of combining components into larger assemblies.

Integration Testing

Testing performed to expose faults in the interfaces and in the interaction
between integrated components within a system (as distinct from Large Scale
Integration Testing, which is between systems).


A private network using Internet technology contained within an enterprise
to share information and computing resources between employees.


JavaScript is an interpreted programming or script language used in
server-based components or within the HTML of web pages.

Large Scale Integration Testing

Testing of the interfaces between systems and the consistency of use of
data shared by or transferred between those systems and the business
process that use those systems.

Link Checking

Verification that the links in HTML web pages reference the correct objects
and those objects can be loaded.

Load Balancing

Software features that distribute the load between servers according to
pre-defined rules.

Load Generation

The use of automated tools to simulate a user community executing

Load Profile

The specification of a load that a system might experience in production.

Localization (Testing)

Verification that a system’s user interface and functionality has been
successfully translated to another region’s language.

Master Test Plan

A document describing the overall approach, process and policies for the
testing in a project.

Non-Functional Testing

Testing of those requirements that do not relate to functionality e.g.
performance, usability, and reliability.

Object Load And Timing

Tests that measure the time taken to load an object on a web page.

Object Lifecycle

The series of transformations of data that describes a real world entity
across systems.

Penetration Test

An attempt to subvert the security countermeasures of a system to
demonstrate that they effective.


A programming language often used to write CGI programs most often on Unix
or Linux based web servers.

Performance Testing

Testing conducted to evaluate the compliance of a system or component with
specified performance requirements.


A basic Internet program that lets you verify that a particular IP address
exists and can accept requests.

Post-Deployment Monitoring

Automated monitoring of a web service to detect failures in production.

Process Risk

Risks relating to the internal management of a project.

Product (Work Product, Deliverable)

A deliverable from any stage or activity of a project.

Product Risk

Risks that relate to shortcomings in the work products of a project.

Project Risk

Risks that relate to the external dependencies and influences of a project.

Regression Testing

Retesting of a previously tested program following modification to ensure
that faults have not been introduced or uncovered as a result of the
changes made.

Reliability Testing

Tests that verify that a product or system can deliver its service for an
extended period without failure.

Resource Monitoring

The use of software tools to monitor the usage of resources in a system.

Response Time

The time it takes a system to return control to a user after they have
initiated some activity on the system.


Repeating previously run tests, usually to test that faults have been
implemented correctly. The term is sometimes used to include Regression
testing, which has a more specific meaning.


A threat to one or more of the cardinal objectives of a project that has an
uncertain probability.

Risk Analysis

The process of assessing the relevance, consequence and probability of a

Risk Based Testing

Testing oriented towards providing information about product risks.

Risk Consequence (Loss, Impact)

The potential loss or impact if a risk materializes.

Risk Identification

The process of identifying the risks of concern to a project.

Risk Management

The process of identification, assessment, response, monitoring and control
of risk.

Risk Register

The document or database that records all the risks of concern.

Risk Response

The planned activity intended to address a risk.

Risk Probability (Likelihood)

The probability that a risk will materialize.

Root Cause

The ultimate cause of a failure traced back through the series of events
that lead to the failure.


The measure of a system’s ability to be upgraded to accommodate increased

Script Kiddie

An immature but dangerous exploiter of security holes on the Internet.

Scripting Language

In the context of test tools, the programming language used by a test tool
in its test scripts.

Security Assessment

A review of a site’s hardware and software configuration to identify
security vulnerabilities.

Security Audit

(Typically) an audit of corporate security policies and how well a site or
organization adheres to them.

Security Testing

Testing whether a system meets its specified security objectives.

Security Vulnerability

A bug in a software product or shortcoming in a system’s configuration that
could be exploited by a security attacker.


Choosing a set of input values to force the execution of software to take a
given path.

Server Based-Component Testing

Testing of the components that reside on (typically web) servers.

Service Testing

Testing of a systems performance, reliability, failover capabilities and
management procedures.


Software distributed free on a trial basis with the understanding that the
user may need or want to pay for it later.

Soak Test

Tests of a system for an extended period to find (what are usually) obscure

Static Analysis

Analysis of a program carried out without executing the program.

Static Testing

Tests of products that are human readable such as requirements,
specifications, designs or code using inspection and review techniques or
automated tools.

Stress Testing

Testing conducted to evaluate a system or component at or beyond the limits
of its specified requirements.

Structural Testing (White Box, Glass Box testing)

Test case selection that is based on an analysis of the internal structure
of software.

Sub-System Testing

Dynamic testing of components and sub-systems prior to system testing
(normally performed by developers).

System Testing

(see Application System Testing)

Systems Integration Testing

Testing of the interfaces between systems and the consistency of use of
data shared by or transferred between those systems.


A test is a controlled exercise having (potentially) several objectives
including detection of faults, risk measurement, confidence building etc.

Test Case

A set of inputs, execution preconditions, and expected outcomes developed
for a particular objective, such as to exercise a particular program path
or to verify compliance with a specific requirement.

Test Case Design Technique

A method used to derive or select test cases.

Test Design

Activity following Test planning but before Test scripts are produced. Also
deliverable, comprising a set of Test cases.

Test Effectiveness

An assessment of the potential ease by which a failure mode (risk) can be
thoroughly tested.

Test Execution Tool (Test Running, Capture-Replay Tool)

A test tool that records test input as it is sent to the software under
test. The input cases stored can then be used to reproduce the test at a
later time.

Test Harness

A testing tool that comprises a test driver and a test comparator.

Test Objective

A high level definition of the purpose of some tests (usually to address a
specified risk or failure mode).

Test Priority Number

The product of three risk scores (consequence x probability x test

Test Script (Procedure)

A document providing detailed instructions for the execution of one or more
test cases.

Test Stage

A set of test activities collected into a manageable phase of a project.

Tool Host

The host machine upon which a test tool is installed.

Transaction Analysis

An analysis of the transactions that trigger flows of data through
integrated systems for the purpose of designing large-scale integration

Transaction Flow Testing

The use of transaction flow-graphs to structure tests through a system or
collection of systems.

Transaction Flow-graph

A diagram representing the flow of control and data through integrated

Transaction Link Testing

Tests that aim to verify the integration of the complete end-to-end
functionality of a browser interface through to back-end systems.

Transaction Verification

Tests that aim to ensure that the correct server-based component is invoked
and that the parameters passed to the component are correct for a
forms-based transaction.

Unit Testing

(See Component Testing)

Usability Testing

Testing the ease with which users can learn and use a product.


Diagrammatic layout showing baselines and the stages of testing which test
against them.

Visual Browser Validation

Visual checks that the appearance and behaviour of web pages is consistent
across different browsers.


VBScript is an interpreted programming or script language used in
server-based components, in particular, Active Server Pages.

Web Accessibility Testing

Automated analysis of web page HTML to ensure it meets defined
accessibility guidelines.

White Box Testing

(See Structural Testing)