Before we discuss the functionality attributes in detail let us quickly understand different types of Quality attributes.

What are the quality attributes of a product?

Quality attributes represent a way of structuring and expressing the expectations for a product. Experts like "Test Analysts" Or "Technical Test Analysts" contribute to the quality of a product in a number of ways from the very start of the development life cycle.

The ISO 9126 standard provides a model for product quality & prescribes following quality attributes

1) Functionality
2) Usability
3) Reliability
4) Efficiency
5) Maintainability
6) Portability

The "Test analyst" is concerned with the functional and the usability quality attributes, and the "Technical Test Analyst" is concerned with the other four quality attributes.

Functionality attributes for Test Analysts:

The functionality is what the product can do. Without functionality we don셳 have a product at all. The functionality supports the users in their daily work or their leisure, as the case might be.

Functionality may be tested at almost all test levels like:

a) In component testing we can test the functionality implemented in single components;

b) In system testing we can test functionality implemented in single systems across a number of integrated components;

c) In product testing we can test functionality implemented in the entire product.

In ISO 9126 language, the quality attributes cover the existence of a set of functions and their specified properties in the product. The functions are those that satisfy stated or implied needs, from the point of view of a stated or implied set of users.

ISO 9126 breaks down the functionality attribute into the different sub-attributes given below:

1) Suitability
2) Accuracy
3) Interoperability
4) Security

1) Suitability Testing:

In suitability testing we test the requirements or needs concerned with the presence and appropriateness of a set of functions for specified tasks and user objectives. In other words we determine whether the software is suitable for helping the user execute his or her intended tasks.

It must be remembered that (software) products are never the goal in itself. They are produced to support their users in doing their real job. Suitability of a product is about how the functionality of the product supports the tasks the users are performing.

For example; an accountant셲 job is to keep accounts. This can be done entirely using pen and paper. The accountant may however use a computer system to help. When the accountant has entered the data, the system may be able to store them, calculate sums from them, and produce reports presenting the data on the screen and on paper. If the computer system does not calculate the needed sums, the suitability is lower than if it did.

Usually the largest part by far of the requirements is requirements belonging to the suitability attribute.

The basic way all software products work is to have and/or to allow entry of some data, to handle the data in appropriate ways, and to present the data and the handling results.

Suitability is often expressed in use cases, because use cases provide an excellent way of describing what the users tasks are and how the software product should support these. Suitability testing can take place at all testing levels.

2) Accuracy Testing:

In accuracy testing we test the requirements or needs concerned with the product셲 ability to provide the right or agreed upon results or effects.

A more detailed accuracy specification could concern the following:

a) Algorithmic accuracy: Calculation of a value from other values and the correctness of function representation

b) Calculation precision: Precision of calculated values

c) Time accuracy: Accuracy of time related functionality 

d) Time precision: Precision of time related functionality

Accuracy requirements are often implied. Accuracy can be tested at all testing levels, the earlier the better. Some accuracy testing may even take place as static tests of design and code.

3) Interoperability Testing:

In interoperability testing we test the requirements or needs concerned with the ability of our software system to interact with other specified systems. No software system stands alone; it will always have to interact with other systems in the intended deployment environment, such as hardware, other software systems like operating systems, database systems, browsers, and bespoken systems, external data repositories, and network facilities.

The interoperability attributes are concerned with the specifications of all the interfaces the software system has to the external world at the time of deployment. The external systems may be part of the product being produced, or already existing products that we need to interface with.

Detailed interoperability could concern the following:

a) Inbound interoperability: Ability to use output from standard, third party, or in-house products as input

b) Outbound interoperability: Ability to produce output in the format used by standard, third-party, or in-house products

c) Spawnability: Ability to activate other products

d) Activatability: Ability to be activated by other products

It can be a huge task to test the interoperability because of the sheer number of possible combinations of interfaces for a system. It is often practically and/or economically impossible to achieve full coverage of all possible combinations.

Interoperability testing usually takes place at the system integration testing level.

4) Functional Security Testing:

In security testing we test the requirements or needs concerned with the ability to deny the unwanted access & prevent deliberate attacks aimed to gain unauthorized access to some confidential piece of information, or to make unauthorized modifications to information or to the program so as to provide the attacker with some advantage or so as to deny service to legitimate users.

Detailed security could be concerning the following:

a) Activity auditability: Log facilities for activities, actors, and so forth

b) Accessability: Access control mechanisms

c) Self-protectiveness: Ability to resist deliberate attempts to violate access control mechanisms

d) Confinement: Ability to avoid accidental unauthorized access to facilities outside the application

e) Protectiveness: Ability to resist deliberate attempts to access unauthorized facilities outside the application

f) Data integrity: Protection against deliberate damage of data

g) Data privacy: Protection of data against unauthorized access

Security testing can be split into functional security testing and technical security testing. In functional security testing we test the fulfillment of security attributes that can be explicitly expressed in requirements.

Functional security testing can be performed at all testing levels, again the earlier the better, also using static test of design and code.

Share
Related Documents
  1. ISTQB Advanced Certification Webinar 2 (2126)
  2. ISTQB Advanced Certification Webinar 1 (1996)
  3. ISTQB Advanced Level (CTAL) Certification Exam Self Study E-Book (6188)
  4. ISTQB Certified Tester Advanced Level (CTAL) in detail (2108)
  5. ISTQB Advanced Level Sample Paper Test Analyst (6288)
  6. ISTQB Official CTAL Sample Questions (2012): Test Analyst (1457)
  7. ISTQB Advanced Level (CTAL) Exam Structure & Rules (v.2010) (2001)
  8. ISTQB Advanced Level Syllabus (2012) Test Manager (1494)
  9. Certified Tester Advanced Level (CTAL) Progresses (1628)
  10. ISTQB Advanced Level (CTAL) Sample Exam- Full set (10845)
  11. CTAL - Heuristic from Syllabi (1085)
  12. CTAL sample paper (ISEB Practitioner) (2979)
  13. ISTQB CTAL Advanced Level Certifications What do they mean to testers? (1241)
  14. 3 Types of ISTQB Advanced Certification (3303)
  15. CTAL Sample Paper (5097)
  16. Pre-requisite for the ISTQB Certified Tester Advanced Level (CTAL) (1296)
  17. ISTQB Advanced Level (CTAL) vs ISEB Practitioner Level (2287)
  18. ISTQB CTAL Exam scheduled in Vietnam (June) (3082)
  19. ISTQB Advanced Level (CTAL) Skills to have (818)
  20. ISTQB Advanced Level Exam Structure and Rules v2010 (710)