Glossary - Improving the Test Process: Implementing Improvement and Change - A Study Guide for the ISTQB Expert Level Module (2014)

Improving the Test Process: Implementing Improvement and Change - A Study Guide for the ISTQB Expert Level Module (2014)

Appendix A: Glossary

This glossary provides a subset of software testing terms as defined by ISTQB [ISTQB-Glossary]. Only the terms used in the book are provided in this glossary. The ISTQB testing glossary is used as a reference document for the International Software Testing Qualification Board (ISTQB) software testing qualification scheme.

The terms in this glossary are in alphabetical order. Some terms are preferred to other, synonymous ones. In this case, the entry for the synonymous term will be a reference to the preferred term. For example, completion criteria and exit criteria are synonymous, but exit criteria is the preferred term. You will therefore find “See exit criteria” at the entry for completion criteria. You will also find cross-references that begin with “See also.” These lead to terms that are related to the entry in some way, perhaps in a broader or narrower sense.

In this glossary, references are used in two ways.

Image Square brackets without the addition of “after,” e.g., [ISO 9126], mean that the exact text of the reference is used.

Image In case a definition from a reference has been adapted to the context of the ISTQB Glossary by minor changes, the addition “after” is used, e.g., [After ISO 9126].

Finally, note that the terms that are underlined are those that are specifically identified by the “Improving the Test Process” syllabus [ISTQB-CTEL-ITP] as keywords. Definitions to these terms are also provided in the appropriate section of this book.


acceptance: See acceptance testing.

acceptance testing: Formal testing with respect to user needs, requirements, and business processes conducted to determine whether or not a system satisfies the acceptance criteria and to enable the user, customers or other authorized entity to determine whether or not to accept the system [After IEEE 610].

acting (IDEAL): The phase within the IDEAL model where the improvements are developed, put into practice, and deployed across the organization. The acting phase consists of the activities: create solution, pilot/test solution, refine solution, and implement solution. See also IDEAL.

agile manifesto: A statement on the values that underpin agile software development. The values are:

• individuals and interactions over processes and tools

• working software over comprehensive documentation

• customer collaboration over contract negotiation

• responding to change over following a plan

Agile software development: A group of software development methodologies based on iterative incremental development, where requirements and solutions evolve through collaboration between self-organizing cross-functional teams.

Agile testing: Testing practice for a project using agile software development methodologies, incorporating techniques and methods such as extreme programming (XP), treating development as the customer of testing and emphasizing the test-first design paradigm.

alpha testing: Simulated or actual operational testing by potential users/customers or an independent test team at the developer’s site but outside the development organization. Alpha testing is often employed for off-the-shelf software as a form of internal acceptance testing.

analytical testing: Testing based on a systematic analysis of product risks or requirements for example.

anomaly: Any condition that deviates from expectation based on requirements specifications, design documents, user documents, standards, etc., or from someone’s perception or experience. Anomalies may be found during, but not limited to, reviewing, testing, analysis, compilation, or use of software products or applicable documentation [IEEE 1044]. See also bug, defect, deviation, error, fault, failure, incident.

assessment report: A document summarizing the assessment results; e.g., conclusions, recommendations, and findings. See also process assessment.

assessor: A person who conducts an assessment; any member of an assessment team.

availability: The degree to which a component or system is operational and accessible when required for use. Often expressed as a percentage [IEEE 610].


balanced scorecard: A strategic tool for measuring whether the operational activities of a company are aligned with its objectives in terms of business vision and strategy. See also corporate dashboard, scorecard.

'font-size:9.0pt;font-family:"Times New Roman",serif; color:black'> The response of a component or system to a set of input values and preconditions.

best practice: A superior method or innovative practice that contributes to the improved performance of an organization under a given context, usually recognized as “best” by other peer organizations.

beta testing: Operational testing by potential and/or existing users/customers at an external site not otherwise involved with the developers to determine whether or not a component or system satisfies the user/customer needs and fits within the business processes. Beta testing is often employed as a form of external acceptance testing for off-the-shelf software in order to acquire feedback from the market.

black-box test design technique: Procedure to derive and/or select test cases based on an analysis of the specification, either functional or non-functional, of a component or system without reference to its internal structure.

bug: See defect.

bug report: See defect report.


Capability Maturity Model Integration (CMMI): A framework that describes the key elements of an effective product development and maintenance process. The Capability Maturity Model Integration covers best practices for planning, engineering and managing product development and maintenance. [Chrissis, Konrad, and Shrum 2004]

CAST: Acronym for Computer Aided Software Testing. See also test automation.

causal analysis: The analysis of defects to determine their root cause. [Chrissis, Konrad, and Shrum 2004]

cause-effect analysis: See cause-effect graphing.

cause-effect diagram: A graphical representation used to organize and display the interrelationships of various possible root causes of a problem. Possible causes of a real or potential defect or failure are organized in categories and subcategories in a horizontal tree structure, with the (potential) defect or failure as the root node. [After Juran and Godfrey 2000]

cause-effect graph: A graphical representation of inputs and/or stimuli (causes) with their associated outputs (effects), which can be used to design test cases.

cause-effect graphing: A black-box test design technique in which test cases are designed from cause-effect graphs. [BS 7925-2]

certification: The process of confirming that a component, system, or person complies with its specified requirements, e.g., by passing an exam.

change management: (1) A structured approach to transitioning individuals and organizations from a current state to a desired future state. (2) Controlled way to effect a change, or a proposed change, to a product or service. See also configuration management.

CMMI: See Capability Maturity Model Integration.

code: Computer instructions and data definitions expressed in a programming language or in a form output by an assembler, compiler, or other translator. [IEEE 610]

code coverage: An analysis method that determines which parts of the software have been executed (covered) by the test suite and which parts have not been executed—for example, statement coverage, decision coverage, or condition coverage.

codependent 'font-size:9.0pt; font-family:"Times New Roman",serif;color:black'> Excessive emotional or psychological dependence on another person, specifically in trying to change that person’s current (undesirable) behavior while supporting them in continuing that behavior. For example, in software testing, complaining about late delivery to test and yet enjoying the necessary “heroism” of working additional hours to make up time when delivery is running late, therefore reinforcing the lateness.

completion criteria: See exit criteria.

compliance: The capability of the software product to adhere to standards, conventions, or regulations in laws and similar prescriptions. [ISO 9126]

component: A minimal software item that can be tested in isolation.

component integration testing: Testing performed to expose defects in the interfaces and interaction between integrated components.

component testing: The testing of individual software components. [After IEEE 610]

configuration: The composition of a component or system as defined by the number, nature, and interconnections of its constituent parts.

configuration control: An element of configuration management consisting of the evaluation, coordination, approval or disapproval, and implementation of changes to configuration items after formal establishment of their configuration identification. [IEEE 610]

configuration item: An aggregation of hardware, software, or both that is designated for configuration management and treated as a single entity in the configuration management process. [IEEE 610]

configuration management: A discipline applying technical and administrative direction and surveillance to identify and document the functional and physical characteristics of a configuration item, control changes to those characteristics, record and report change processing and implementation status, and verify compliance with specified requirements. [IEEE 610]

consistency: The degree of uniformity, standardization, and freedom from contradiction among the documents or parts of a component or system. [IEEE 610]

content-based model: A process model providing a detailed description of good engineering practices, e.g., test practices.

continuous representation: A capability maturity model structure wherein capability levels provide a recommended order for approaching process improvement within specified process areas. [Chrissis, Konrad, and Shrum 2004]

corporate dashboard: A dashboard-style representation of the status of corporate performance data. See also balanced scorecard, dashboard.

cost of quality: The total costs incurred on quality activities and issues and often split into prevention costs, appraisal costs, internal failure costs, and external failure costs.

coverage: The degree, expressed as a percentage, to which a specified coverage item has been exercised by a test suite.

coverage tool: A tool that provides objective measures of what structural elements (e.g., statements, branches) have been exercised by a test suite.

critical success factor: An element necessary for an organization or project to achieve its mission. Critical success factors are the critical factors or activities required for ensuring the success.

Critical Testing Processes (CTP): A content-based model for test process improvement built around 12 critical processes. These include highly visible processes, by which peers and management judge competence, and mission-critical processes, in which performance affects the company’s profits and reputation. See also content-based model.

CTP: See Critical Testing Processes.


dashboard: A representation of dynamic measurements of operational performance for some organization or activity, using metrics represented via metaphors such as visual dials, counters, and other devices resembling those on the dashboard of an automobile so that the effects of events or activities can be easily understood and related to operational goals. See also corporate dashboard, scorecard.

data-driven testing: A scripting technique that stores test input and expected results in a table or spreadsheet so that a single control script can execute all of the tests in the table. Data-driven testing is often used to support the application of test execution tools such as capture/playback tools. [Fewster and Graham] See also keyword-driven testing.

debugging: The process of finding, analyzing, and removing the causes of failures in software.

decision table: A table showing combinations of inputs and/or stimuli (causes) with their associated outputs and/or actions (effects), which can be used to design test cases.

defect: A flaw in a component or system that can cause the component or system to fail to perform its required function (e.g., an incorrect statement or data definition). A defect, if encountered during execution, may cause a failure of the component or system.

defect category: See defect type.

defect density: The number of defects identified in a component or system divided by the size of the component or system (expressed in standard measurement terms, e.g., lines of code, number of classes, or function points).

Defect Detection Percentage (DDP): The number of defects found by a test phase divided by the number found by that test phase and any other means afterward.

defect management: The process of recognizing, investigating, taking action and disposing of defects. It involves recording defects, classifying them, and identifying the impact. [After IEEE 1044]

defect management tool: A tool that facilitates the recording and status tracking of defects and changes. They often have workflow-oriented facilities to track and control the allocation, correction, and re-testing of defects and provide reporting facilities.

defect report: A document reporting on any flaw in a component or system that can cause the component or system to fail to perform its required function. [After IEEE 829]

defect tracking tool: See defect management tool.

defect type: An element in a taxonomy of defects. Defect taxonomies can be identified with respect to a variety of considerations, including, but not limited to, the following:

• Phase or development activity in which the defect is created (e.g., a specification error or a coding error)

• Characterization of defects (e.g., an “off-by-one” defect)

• Incorrectness (e.g., an incorrect relational operator, a programming language syntax error, or an invalid assumption)

• Performance issues (e.g., excessive execution time, insufficient availability)

deliverable: Any (work) product that must be delivered to someone other than the (work) product’s author.

Deming cycle: An iterative four-step problem-solving process (Plan, Do, Check, Act) typically used in process improvement. [After Edwards 1986]

deviation: See incident.

diagnosing (IDEAL): The phase within the IDEAL model where it is determined where one is, relative to where one wants to be. The diagnosing phase consists of the following activities: characterize current and desired states and develop recommendations. See also IDEAL.

dynamic testing: Testing that involves the execution of the software of a component or system.


effectiveness: The capability of producing an intended result. See also efficiency.

efficiency: (1) The capability of the software product to provide appropriate performance, relative to the amount of resources used under stated conditions. [ISO 9126]

(2) The capability of a process to produce the intended outcome relative to the amount of resources used.

efficiency testing: The process of testing to determine the efficiency of a software product.

EFQM (European Foundation for Quality Management) Excellence Model: A non-prescriptive framework for an organization’s quality management system, defined and owned by the European Foundation for Quality Management, based on five ‘Enabling’ criteria (covering what an organization does), and four ‘Results’ criteria (covering what an organization achieves).

emotional intelligence: The ability, capacity, and skill to identify, assess, and manage the emotions of one’s self, of others, and of groups.

entry criteria: The set of generic and specific conditions for permitting a process to go forward with a defined task (e.g., test phase). The purpose of entry criteria is to prevent a task from starting that would entail more (wasted) effort compared to the effort needed to remove the failed entry criteria. [Gilb and Graham 1993]

equivalence class: See equivalence partition.

equivalence partition: A portion of an input or output domain for which the behavior of a component or system is assumed to be the same, based on the specification.

equivalence partitioning: A black-box test design technique in which test cases are designed to execute representatives from equivalence partitions. In principle, test cases are designed to cover each partition at least once.

error: A human action that produces an incorrect result. [After IEEE 610]

establishing (IDEAL): The phase within the IDEAL model where the specifics of how an organization will reach its destination are planned. The establishing phase consists of the activities: set priorities, develop approach, and plan actions. See also IDEAL.

evaluation: See testing.

exit criteria: The set of generic and specific conditions agreed upon with the stakeholders for permitting a process to be officially completed. The purpose of exit criteria is to prevent a task from being considered completed when there are still outstanding parts of the task that have not been finished. Exit criteria are used to report against and to plan when to stop testing. [After Gilb and Graham 1993]

expected result: The behavior predicted by the specification, or another source, of the component or system under specified conditions.

experience-based test design technique: Procedure to derive and/or select test cases based on the tester’s experience, knowledge, and intuition.

experience-based testing: Testing based on the tester’s experience, knowledge, and intuition.

exploratory testing: An informal test design technique where the tester actively controls the design of the tests as those tests are performed and uses information gained while testing to design new and better tests. [After Bach 2004]

extreme programming (XP): A software engineering methodology used within agile software development whereby core practices are programming in pairs, doing extensive code review, unit testing of all code, and simplicity and clarity in code. See also agile software development.


failure: Deviation of the component or system from its expected delivery, service, or result. [After Fenton 1991]

failure mode: The physical or functional manifestation of a failure. For example, a system in failure mode may be characterized by slow operation, incorrect outputs, or complete termination of execution. [IEEE 610]

Failure Mode and Effect Analysis (FMEA): A systematic approach to risk identification and analysis and of identifying possible modes of failure and attempting to prevent their occurrence. See also Failure Mode, Effect and Criticality Analysis (FMECA).

Failure Mode, Effect and Criticality Analysis (FMECA): An extension of FMEA, as in addition to the basic FMEA, it includes a criticality analysis, which is used to chart the probability of failure modes against the severity of their consequences. The result highlights failure modes with relatively high probability and severity of consequences, allowing remedial effort to be directed where it will produce the greatest value. See also Failure Mode and Effect Analysis (FMEA).

failure rate: The ratio of the number of failures of a given category to a given unit of measure, e.g., failures per unit of time, failures per number of transactions, failures per number of computer runs. [IEEE 610]

false-fail result: A test result in which a defect is reported although no such defect actually exists in the test object.

false-pass result: A test result that fails to identify the presence of a defect that is actually present in the test object.

false-positive result: See false-fail result.

false-negative result: See false-pass result.

fault: See defect.

Fault Tree Analysis (FTA): A technique used to analyze the causes of faults (defects). The technique visually models how logical relationships between failures, human errors, and external events can combine to cause specific faults to disclose.

fishbone diagram: See cause-effect diagram.

formal review: A review characterized by documented procedures and requirements, e.g., an inspection.

functional testing: Testing based on an analysis of the specification of the functionality of a component or system.

functionality: The capability of the software product to provide functions that meet stated and implied needs when the software is used under specified conditions. [ISO 9126]


Goal-Question-Metric: An approach to software measurement using a three-level model: conceptual level (goal), operational level (question), and quantitative level (metric).

GQM: See Goal-Question-Metric.


IDEAL: An organizational improvement model that serves as a roadmap for initiating, planning, and implementing improvement actions. The IDEAL model is named for the five phases it describes: initiating, diagnosing, establishing, acting, and learning.

impact analysis: The assessment of change to the layers of development documentation, test documentation, and components in order to implement a given change to specified requirements.

incident: Any event occurring that requires investigation. [After IEEE 1008]

incident management: The process of recognizing, investigating, taking action and disposing of incidents. It involves logging incidents, classifying them, and identifying the impact. [After IEEE 1044]

incident report: A document reporting on any event that occurred, e.g., during the testing, which requires investigation. [After IEEE 829]

independence of testing: Separation of responsibilities, which encourages the accomplishment of objective testing. [After DO-178B]

indicator: A measure that can be used to estimate or predict another measure. [ISO 14598]

initiating (IDEAL): The phase within the IDEAL model where the groundwork is laid for a successful improvement effort. The initiating phase consists of the activities: set context, build sponsorship, and charter infrastructure. See also IDEAL.

inspection: A type of peer review that relies on visual examination of documents to detect defects, e.g., violations of development standards and nonconformance to higher-level documentation. The most formal review technique and therefore always based on a documented procedure. [After IEEE 610, IEEE 1028] See also peer review.

inspection leader: See moderator.

intake test: A special instance of a smoke test used to decide if the component or system is ready for detailed and further testing. An intake test is typically carried out at the start of the test execution phase. See also smoke test.

integration: The process of combining components or systems into larger assemblies.

integration testing: Testing performed to expose defects in the interfaces and in the interactions between integrated components or systems. See also component integration testing, system integration testing.

interface testing: An integration test type that is concerned with testing the interfaces between components or systems.

interoperability: The capability of the software product to interact with one or more specified components or systems. [After ISO 9126] See also functionality.

Ishikawa diagram: See cause-effect diagram.

iterative development model: A development life cycle where a project is broken into a usually large number of iterations. An iteration is a complete development loop resulting in a release (internal or external) of an executable product, which is a subset of the final product under development and grows from iteration to iteration to become the final product.


key performance indicator: See performance indicator.

keyword-driven testing: A scripting technique that uses data files to contain not only test data and expected results but also keywords related to the application being tested. The keywords are interpreted by special supporting scripts that are called by the control script for the test. See also data-driven testing.


lead assessor: The person who leads an assessment. In some cases (for instance, with CMMI and TMMi) when formal assessments are conducted, the lead assessor must be accredited and formally trained.

learning (IDEAL): The phase within the IDEAL model where one learns from experiences and improves one’s ability to adopt new processes and technologies in the future. The learning phase consists of the activities: analyze and validate, and propose future actions. See also IDEAL.

level test plan: A test plan that typically addresses one test level. See also test plan.

life cycle model: A partitioning of the life of a product or project into phases. [Chrissis, Konrad, and Shrum 2004] See also software life cycle.


maintainability: The ease with which a software product can be modified to correct defects, modified to meet new requirements, modified to make future maintenance easier, or adapted to a changed environment. [ISO 9126]

maintenance: Modification of a software product after delivery to correct defects, to improve performance or other attributes, or to adapt the product to a modified environment. [IEEE 1219]

management review: A systematic evaluation of software acquisition, supply, development, operation, or maintenance process performed by or on behalf of management that monitors progress, determines the status of plans and schedules, confirms requirements and their system allocation, or evaluates the effectiveness of management approaches to achieve fitness for purpose. [After IEEE 610, IEEE 1028]

manufacturing-based quality: A view of quality whereby quality is measured by the degree to which a product or service conforms to its intended design and requirements. Quality arises from the process(es) used. [After Garvin 1984] See also product-based quality, transcendent-based quality, user-based quality, value-based quality.

master test plan: A test plan that typically addresses multiple test levels. See also test plan.

maturity: (1) The capability of an organization with respect to the effectiveness and efficiency of its processes and work practices. See also Capability Maturity Model Integration, Test Maturity Model integration.

(2) The capability of the software product to avoid failure as a result of defects in the software. [ISO 9126] See also reliability.

maturity level: Degree of process improvement across a predefined set of process areas in which all goals in the set are attained. [van Veenendaal and Wells 2012]

maturity model: A structured collection of elements that describe certain aspects of maturity in an organization and aid in the definition and understanding of an organization’s processes. A maturity model often provides a common language, shared vision, and framework for prioritizing improvement actions.

mean time between failures (MTBF): The arithmetic mean (average) time between failures of a system. The MTBF is typically part of a reliability growth model that assumes that the failed system is immediately repaired as a part of a defect.

mean time to repair (MTTR): The arithmetic mean (average) time a system will take to recover from any failure. This typically includes testing to ensure that the defect has been resolved.

measure: The number or category assigned to an attribute of an entity by making a measurement. [ISO 14598]

measurement: The process of assigning a number or category to an entity to describe an attribute of that entity. [ISO 14598]

measurement scale: A scale that constrains the type of data analysis that can be performed on it. [ISO 14598]

metric: A measurement scale and the method used for measurement. [ISO 14598]

milestone: A point in time in a project at which defined (intermediate) deliverables and results should be ready.

mind map: A diagram used to represent words, ideas, tasks, or other items linked to and arranged around a central keyword or idea. Mind maps are used to generate, visualize, structure, and classify ideas and as an aid in study, organization, problem solving, decision making, and writing.

mistake: See error.

model-based testing: Testing based on a model of the component or system under test, such as, for example, reliability growth models, usage models such as operational profiles, or behavioral models such as decision tables or state transition diagrams.

moderator: The leader and main person responsible for an inspection or other review process.

module: See component.

module testing: See component testing.

MTBF: See mean time between failures.

MTTR: See mean time to repair.

Myers-Briggs Type Indicator (MBTI): An indicator of psychological preference representing the different personalities and communication styles of people.


non-conformity: Non-fulfillment of a specified requirement. [ISO 9000]

non-functional testing: Testing the attributes of a component or system that do not relate to functionality, such as reliability, efficiency, usability, maintainability, and portability.


outsourced testing: Testing performed by people who are not co-located with the project team and are not fellow employees.


Pareto analysis: A statistical technique in decision-making that is used for selection of a limited number of factors that produce significant overall effect. In terms of quality improvement, a large majority of problems (80 percent) are produced by a few key causes (20 percent).

peer review: A review of a software work product by colleagues of the producer of the product for the purpose of identifying defects and improvements. Examples are inspection, technical review, and walk-through.

performance: The degree to which a system or component accomplishes its designated functions within given constraints regarding processing time and throughput rate. [After IEEE 610] See also efficiency.

performance indicator: A high-level metric of effectiveness and/or efficiency used to guide and control progressive development (e.g., lead-time slip for software development). [Chrissis, Konrad, and Shrum 2004]

performance testing: The process of testing to determine the performance of a software product. See also efficiency testing.

performance testing tool: A tool to support performance testing that usually has two main facilities: load generation and test transaction measurement. Load generation can simulate either multiple users or high volumes of input data. During execution, response time measurements are taken from selected transactions and these are logged. Performance testing tools normally provide reports based on test logs and graphs of load against response times.

portability: The ease with which the software product can be transferred from one hardware or software environment to another. [ISO 9126]

priority: The level of (business) importance assigned to an item, e.g., defect.

process: A set of interrelated activities that transform inputs into outputs. [ISO 12207]

process assessment: A disciplined evaluation of an organization’s software processes against a reference model. [After ISO/IEC 15504]

process improvement: A program of activities designed to improve the performance and maturity of the organization’s processes and the result of such a program. [Chrissis, Konrad, and Shrum 2004]

process-based model: A framework wherein processes of the same nature are classified into an overall model, e.g., a test improvement model.

product-based quality: A view of quality, wherein quality is based on a well-defined set of quality attributes. These attributes must be measured in an objective and quantitative way. Differences in the quality of products of the same type can be traced back to the way the specific quality attributes have been implemented. [After Garvin 1984] See also manufacturing-based quality, quality attribute, transcendent-based quality, user-based quality, value-based quality.

product risk: A risk directly related to the test object. See also risk.

project: A unique set of coordinated and controlled activities with start and finish dates undertaken to achieve an objective conforming to specific requirements, including the constraints of time, cost, and resources. [ISO 9000]

project retrospective: A structured way to capture lessons learned and to create specific action plans for improving on the next project or next project phase.

project risk: A risk related to management and control of the (test) project, e.g., lack of staffing, strict deadlines, changing requirements, etc. See also risk.


quality: The degree to which a component, system or process meets specified requirements and/or user/customer needs and expectations. [After IEEE 610]

quality assurance: Part of quality management focused on providing confidence that quality requirements will be fulfilled. [ISO 9000]

quality attribute: A feature or characteristic that affects an item’s quality. [IEEE 610]

quality characteristic: See quality attribute.

quality control: The operational techniques and activities, part of quality management, that are focused on fulfilling quality requirements. [After ISO 8402]

quality gate: A special milestone in a project. Quality gates are located between phases of a project that are strongly depending on the outcome of a previous phase. A quality gate includes a formal check of the documents of the previous phase.

quality management: Coordinated activities to direct and control an organization with regard to quality. Direction and control with regard to quality generally includes the establishment of the quality policy and quality objectives, quality planning, quality control, quality assurance, and quality improvement. [ISO 9000]


Rational Unified Process (RUP): A proprietary adaptable iterative software development process framework consisting of four project life cycle phases: inception, elaboration, construction, and transition.

regression-averse testing: Testing using various techniques to manage the risk of regression—for example, by designing reusable testware and by extensive automation of testing at one or more test levels.

regression testing: Testing of a previously tested program following modification to ensure that defects have not been introduced or uncovered in unchanged areas of the software as a result of the changes made. It is performed when the software or its environment is changed.

reliability: The ability of the software product to perform its required functions under stated conditions for a specified period of time or for a specified number of operations. [ISO 9126]

requirement: A condition or capability needed by a user to solve a problem or achieve an objective that must be met or possessed by a system or system component to satisfy a contract, standard, specification, or other formally imposed document. [After IEEE 610]

requirements phase: The period of time in the software lifecycle during which the requirements for a software product are defined and documented. [IEEE 610]

retesting: Testing that runs test cases that failed the last time they were run in order to verify the success of corrective actions.

retrospective meeting: A meeting at the end of a project during which the project team members evaluate the project and learn lessons that can be applied to the next project.

review: An evaluation of a product or project status to ascertain discrepancies from planned results and to recommend improvements. Examples include management review, informal review, technical review, inspection, and walk-through. [After IEEE 1028]

reviewer: The person involved in a review who identifies and describes anomalies in the product or project under review. Reviewers can be chosen to represent different viewpoints and roles in the review process.

risk: A factor that could result in future negative consequences; usually expressed as impact and likelihood.

risk analysis: The process of assessing identified risks to estimate their impact and probability of occurrence (likelihood).

risk assessment: The process of assessing a given project or product to determine its level of risk, typically by assigning likelihood and impact ratings and then aggregating those ratings into a single risk priority rating. See also product risk, project risk, risk, risk impact, risk level, risk likelihood.

risk-based testing: An approach to testing to reduce the level of product risks and inform stakeholders of their status, starting in the initial stages of a project. It involves the identification of product risks and the use of risk levels to guide the test process.

risk category: See risk type.

risk identification: The process of identifying risks using techniques such as brain-storming, checklists, and failure history.

risk impact: The damage that will be caused if a risk becomes an actual outcome or event.

risk level: The importance of a risk as defined by its characteristics impact and likelihood. The level of risk can be used to determine the intensity of testing to be performed. A risk level can be expressed either qualitatively (e.g., high, medium, low) or quantitatively.

risk likelihood: The estimated probability that a risk will become an actual outcome or event.

risk management: Systematic application of procedures and practices to the tasks of identifying, analyzing, prioritizing, and controlling risk.

risk type: A set of risks grouped by one or more common factors, such as a quality attribute, cause, location, or potential effect. A specific set of product risk types is related to the type of testing that can mitigate (control) the risk type. For example, the risk of user interactions being misunderstood can be mitigated by usability testing.

root cause: A source of a defect such that if it is removed, the occurrence of the defect type is decreased or removed. [Chrissis, Konrad, and Shrum 2004]

root cause analysis: An analysis technique aimed at identifying the root causes of defects. By directing corrective measures at root causes, it is hoped that the likelihood of defect recurrence will be minimized.

RUP: See Rational Unified Process.


safety: The capability of the software product to achieve acceptable levels of risk of harm to people, business, software, property, or the environment in a specified context of use. [ISO 9126]

safety-critical system: A system whose failure or malfunction may result in death or serious injury to people, loss or severe damage to equipment, or environmental harm.

sanity test: See smoke test.

scenario testing: See use case testing.

scorecard: A representation of summarized performance measurements representing progress toward the implementation of long-term goals. A scorecard provides static measurements of performance over or at the end of a defined interval. See also balanced scorecard, dashboard.

SCRUM: An iterative incremental framework for managing projects commonly used with agile software development. See also agile software development.

security: Attributes of software products that bear on its ability to prevent unauthorized access, whether accidental or deliberate, to programs and data. [ISO 9126] See also functionality.

severity: The degree of impact that a defect has on the development or operation of a component or system. [After IEEE 610]

SMART goal methodology: A methodology whereby objectives are defined very specifically rather than generically. SMART is an acronym derived from the attributes of the objective to be defined: Specific, Measurable, Attainable, Relevant, and Timely.

smoke test: A subset of all defined/planned test cases that cover the main functionality of a component or system to ascertain that the most crucial functions of a program work but not bothering with finer details. A daily build and smoke test is among industry best practices. See also intake test.

software: Computer programs, procedures, and possibly associated documentation and data pertaining to the operation of a computer system. [IEEE 610]

software life cycle: The period of time that begins when a software product is conceived and ends when the software is no longer available for use. The software life cycle typically includes a concept phase, requirements phase, design phase, implementation phase, test phase, installation and checkout phase, operation and maintenance phase, and sometimes, retirement phase. Note that these phases may overlap or be performed iteratively.

Software Process Improvement (SPI): A program of activities designed to improve the performance and maturity of an organization’s software processes and the results of such a program. [After Chrissis, Konrad, and Shrum 2004]

Software Usability Measurement Inventory (SUMI): A questionnaire-based usability test technique for measuring software quality from the end user’s point of view. [van Veenendaal 2010]

software quality: The totality of functionality and features of a software product that bear on its ability to satisfy stated or implied needs. [After ISO 9126] See also quality.

specification-based test design technique: See black-box test design technique.

SPI: See Software Process Improvement.

stability: The capability of the software product to avoid unexpected effects from modifications in the software. [ISO 9126] See also maintainability.

staged representation: A model structure wherein attaining the goals of a set of process areas establishes a maturity level; each level builds a foundation for subsequent levels. [Chrissis, Konrad, and Shrum 2004]

standard: Formal, possibly mandatory, set of requirements developed and used to prescribe consistent approaches to the way of working or to provide guidelines (e.g., ISO/IEC standards, IEEE standards, and organizational standards). [After Chrissis, Konrad, and Shrum 2004]

state diagram: A diagram that depicts the states that a component or system can assume and shows the events or circumstances that cause and/or result from a change from one state to another. [IEEE 610]

statement: An entity in a programming language, which is typically the smallest indivisible unit of execution.

statement coverage: The percentage of executable statements that have been exercised by a test suite.

static analysis: Analysis of software development artifacts (e.g., requirements or code) carried out without execution of these software development artifacts. Static analysis is usually carried out by means of a supporting tool.

static testing: Testing of a software development artifact (e.g., requirements, design, or code) without execution of these artifacts (e.g., reviews or static analysis).

STEP: See Systematic Test and Evaluation Process.

structural coverage: Coverage measures based on the internal structure of a component or system.

SUMI: See Software Usability Measurement Inventory.

suitability: The capability of the software product to provide an appropriate set of functions for specified tasks and user objectives. [ISO 9126] See also functionality.

system: A collection of components organized to accomplish a specific function or set of functions. [IEEE 610]

system integration testing: Testing the integration of systems and packages; testing interfaces to external organizations (e.g., Electronic Data Interchange, Internet).

system of systems: Multiple heterogeneous, distributed systems that are embedded in networks at multiple levels and in multiple interconnected domains, addressing large-scale inter-disciplinary common problems and purposes, usually without a common management structure.

system testing: The process of testing an integrated system to verify that it meets specified requirements. [Hetzel]

Systematic Test and Evaluation Process: A structured testing methodology, also used as a content-based model for improving the test process. Systematic Test and Evaluation Process (STEP) does not require that improvements occur in a specific order. See also content-based model.


technical review: A peer group discussion activity that focuses on achieving consensus on the technical approach to be taken. [Gilb and Graham 1993], [IEEE 1028] See also peer review.

test: A set of one or more test cases. [IEEE 829]

test approach: The implementation of the test strategy for a specific project. It typically includes the decisions made based on the (test) project’s goal and the risk assessment carried out, starting points regarding the test process, the test design techniques to be applied, exit criteria, and test types to be performed.

test automation: The use of software to perform or support test activities, e.g., test management, test design, test execution, and results checking.

test basis: All documents from which the requirements of a component or system can be inferred. The documentation on which the test cases are based. If a document can be amended only by way of formal amendment procedure, then the test basis is called a frozen test basis. [After Pol, Teunnissen, and van Veenendaal 2002]

test case: A set of input values, execution preconditions, expected results, and execution postconditions developed for a particular objective or test condition, such as to exercise a particular program path or to verify compliance with a specific requirement. [After IEEE 610]

test charter: A statement of test objectives, and possibly test ideas about how to test. Test charters are used in exploratory testing. See also exploratory testing.

test closure: During the test closure phase of a test process, data is collected from completed activities to consolidate experience, testware, facts, and numbers. The test closure phase consists of finalizing and archiving the testware and evaluating the test process, including preparation of a test evaluation report. See also test process.

test condition: An item or event of a component or system that could be verified by one or more test cases, e.g., a function, transaction, feature, quality attribute, or structural element.

test coverage: See coverage.

test cycle: Execution of the test process against a single identifiable release of the test object.

test data: Data that exists (for example, in a database) before a test is executed and that affects or is affected by the component or system under test.

test deliverable: Any test (work) product that must be delivered to someone other than the test (work) product’s author. See also deliverable.

test design: (1) See test design specification.

(2) The process of transforming general testing objectives into tangible test conditions and test cases.

test design specification: A document specifying the test conditions (coverage items) for a test item, the detailed test approach, and identifying the associated high-level test cases. [After IEEE 829] See also test specification.

test design technique: Procedure used to derive and/or select test cases.

test design tool: A tool that supports the test design activity by generating test inputs from a specification that may be held in a CASE tool repository (e.g., requirements management tool), from specified test conditions held in the tool itself, or from code.

test environment: An environment containing hardware, instrumentation, simulators, software tools, and other support elements needed to conduct a test. [After IEEE 610]

test estimation: The calculated approximation of a result related to various aspects of testing (e.g., effort spent, completion date, costs involved, number of test cases, etc.), which is usable even if input data may be incomplete, uncertain, or noisy.

test execution: The process of running a test on the component or system under test, producing actual result(s).

test implementation: The process of developing and prioritizing test procedures, creating test data, and, optionally, preparing test harnesses and writing automated test scripts.

test improvement plan: A plan for achieving organizational test process improvement objectives based on a thorough understanding of the current strengths and weaknesses of the organization’s test processes and test process assets. [After Chrissis, Konrad, and Shrum 2004]

test incident: See incident.

test incident report: See incident report.

test level: A group of test activities that are organized and managed together. A test level is linked to the responsibilities in a project. Examples of test levels are component test, integration test, system test, and acceptance test. [After Pol, Teunnissen, and van Veenendaal 2002]

test log: A chronological record of relevant details about the execution of tests. [IEEE 829]

test management: The planning, estimating, monitoring, and control of test activities, typically carried out by a test manager.

test management tool: A tool that provides support to the test management and control part of a test process. It often has several capabilities, such as testware management, scheduling of tests, the logging of results, progress tracking, incident management, and test reporting.

test manager: The person responsible for project management of testing activities and resources, and evaluation of a test object. The individual who directs, controls, administers, plans, and regulates the evaluation of a test object.

Test Maturity Model integration (TMMi): A five-level staged framework for test process improvement (related to the Capability Maturity Model Integration (CMMI) model) that describes the key elements of an effective test process.

test monitoring: A test management task that deals with the activities related to periodically checking the status of a test project. Reports are prepared that compare the actual activities to that which was planned. See also test management.

test object: The component or system to be tested.

test objective: A reason or purpose for designing and executing a test.

test oracle: A source to determine expected results to compare with the actual result of the software under test. An oracle may be the existing system (for a benchmark), other software, a user manual, or an individual’s specialized knowledge, but it should not be the code. [After Adrion, Branstad, and Cherniabsky]

test performance indicator: A high-level metric of effectiveness and/or efficiency used to guide and control progressive test development. Defect Detection Percentage (DDP) is an example of a test performance indicator.

test phase: A distinct set of test activities (e.g., the execution activities of a test level) collected into a manageable phase of a project. [After Gerrard and Thompson 2002]

test plan: A document describing the scope, approach, resources, and schedule of intended test activities. It identifies, among other test items, the features to be tested, the testing tasks, who will do each task, degree of tester independence, the test environment, the test design techniques, the entry and exit criteria to be used and the rationale for their choice, and any risks requiring contingency planning. It is a record of the test planning process. [After IEEE 829]

test planning: The activity of establishing or updating a test plan.

test policy: A high-level document describing the principles, approach, and major objectives of the organization regarding testing.

test procedure: See test procedure specification.

test procedure specification: A document specifying a sequence of actions for the execution of a test. Also known as test script or manual test script. [After IEEE 829] See also test specification.

test process: The fundamental test process comprises test planning and control, test analysis and design, test implementation and execution, evaluating exit criteria and reporting, and test closure activities.

Test Process Group (TPG): A collection of (test) specialists who facilitate the definition, maintenance, and improvement of the test processes used by an organization. [After Chrissis, Konrad, and Shrum 2004]

test process improvement manifesto: A statement that echoes the agile manifesto and defines the following values for improving the test process:

• flexibility over detailed processes

• best practices over templates

• deployment orientation over process orientation

• peer reviews over quality assurance (departments)

• business-driven over model-driven. [van Veenendaal 2008]

test process improver: A person implementing improvements in the test process based on a test improvement plan.

test progress report: A document summarizing testing activities and results, produced at regular intervals, to report progress of testing activities against a baseline (such as the original test plan) and to communicate risks and alternatives requiring a decision to management.

test report: See test summary report and test progress report.

test script: Commonly used to refer to a test procedure specification, especially an automated one.

test session: An uninterrupted period of time spent in executing tests. In exploratory testing, each test session is focused on a charter, but testers can also explore new opportunities or issues during a session. The tester creates and executes test cases on the fly and records their progress. See also exploratory testing.

test set: See test suite.

test specification: A document that consists of a test design specification, test case specification, and/or test procedure specification.

test stage: See test level.

test strategy: A high-level description of the test levels to be performed and the testing within those levels for an organization or program (one or more projects).

test suite: A set of several test cases for a component or system under test, where the post-condition of one test is often used as the precondition for the next one.

test summary report: A document summarizing testing activities and results. It also contains an evaluation of the corresponding test items against exit criteria. [After IEEE 829]

test technique: See test design technique.

test tool: A software product that supports one or more test activities, such as planning and control, specification, building initial files and data, test execution, and test analysis. [Pol, Teunnissen, and van Veenendaal 2002] See also CAST.

test type: A group of test activities aimed at testing a component or system focused on a specific test objective, i.e., functional test, usability test, regression test, etc. A test type may take place on one or more test levels or test phases. [After Pol, Teunnissen, and van Veenendaal 2002]

testability: The capability of the software product to enable modified software to be tested. [ISO 9126] See also maintainability.

testability review: A detailed check of the test basis to determine whether the test basis is at an adequate quality level to act as an input document for the test process. [After Pol, Teunnissen, and van Veenendaal 2002]

tester: A skilled professional who is involved in the testing of a component or system.

testing: The process consisting of all life cycle activities, both static and dynamic, concerned with planning, preparation, and evaluation of software products and related work products to determine that they satisfy specified requirements, to demonstrate that they are fit for purpose, and to detect defects.

testware: Artifacts produced during the test process required to plan, design, and execute tests, such as documentation, scripts, inputs, expected results, set-up and clear-up procedures, files, databases, environment, and any additional software or utilities used in testing. [After Fewster and Graham 1999]

TMMi: See Test Maturity Model integration.

Total Quality Management (TQM): An organization-wide management approach centered on quality, based on the participation of all members of the organization, and aiming at long-term success through customer satisfaction and benefits to all members of the organization and to society. Total Quality Management consists of planning, organizing, directing, control, and assurance. [After ISO 8402]

TPI NEXT: A continuous business-driven framework for test process improvement that describes the key elements of an effective and efficient test process.

TPG: See Test Process Group.

TQM: See Total Quality Management.

traceability: The ability to identify related items in documentation and software, such as requirements with associated tests.

transactional analysis: The analysis of transactions between people and within people’s minds; a transaction is defined as a stimulus plus a response. Transactions take place between people and between the ego states (personality segments) within one person’s mind.

transcendent-based quality: A view of quality wherein quality cannot be precisely defined but we know it when we see it or are aware of its absence when it is missing. Quality depends on the perception and affective feelings of an individual or group of individuals toward a product. [After Garvin 1984] See also manufacturing-based quality, product-based quality, user-based quality, value-based quality.


unit: See component.

unit testing: See component testing.

use case testing: A black box test design technique in which test cases are designed to execute scenarios of use cases.

user acceptance testing: See acceptance testing.

user-based quality: A view of quality wherein quality is the capacity to satisfy needs, wants, and desires of the user(s). A product or service that does not fulfill user needs is unlikely to find any users. This is a context-dependent, contingent approach to quality since different business characteristics require different qualities of a product. [After Garvin 1984] See also manufacturing-based quality, product-based quality, transcendent-based quality, value-based quality.


V-model: A framework to describe the software development life cycle activities from requirements specification to maintenance. The V-model illustrates how testing activities can be integrated into each phase of the software development life cycle.

validation: Confirmation by examination and through provision of objective evidence that the requirements for a specific intended use or application have been fulfilled. [ISO 9000]

value-based quality: A view of quality wherein quality is defined by price. A quality product or service is one that provides desired performance at an acceptable cost. Quality is determined by means of a decision process with stakeholders on tradeoffs between time, effort, and cost aspects. [After Garvin 1984] See also manufacturing-based quality, product-based quality, transcendent-based quality, user-based quality.

verification: Confirmation by examination and through provision of objective evidence that specified requirements have been fulfilled. [ISO 9000]


walk-through: A step-by-step presentation by the author of a document in order to gather information and to establish a common understanding of its content. [Freedman and Weinberg 1990], [IEEE 1028] See also peer review.

white-box test design technique: Procedure to derive and/or select test cases based on an analysis of the internal structure of a component or system.