INTEGRITY BOOKS ONLINE: SOFTWARE TEST PLAN

INTEGRITY BOOKS ONLINE SOFTWARE TEST PLAN MARCH 27, 2012 CHRISTOPHER MORRIS

3/27/2012

Morris

INTEGRITY BOOKS ONLINE: SOFTWARE TEST PLAN

Version Number V0.1

Date 3/20/2012

Revision History Contributor Christopher John Morris

Description Added: Definitions and Objectives, Schedules, Responsibilities, Test Equipment, Goals, & Test Groups Added requirement #s to tests under section 2.1 Added requirements to test: 104, 106, & 203

V0.2

3/27/2012

Christopher John Morris

3/27/2012

Morris

INTEGRITY BOOKS ONLINE: SOFTWARE TEST PLAN

Table of Contents
PART 1 ..................................................................................................................................................................... 4 1.1 DEFINITION AND OBJECTIVES OF PHASE TESTING ...................................................................................... 4 1.2 SCHEDULES ..................................................................................................................................................................... 5 1.3 RESPONSIBILITIES ....................................................................................................................................................... 6 1.4 TEST EQUIPMENT REQUIRED ................................................................................................................................. 8 PART 2 ..................................................................................................................................................................... 9 2.1 TESTS FOR REQUIREMENTS .................................................................................................................................... 9 2.2 SCENARIO TESTING .................................................................................................................................................. 11

3/27/2012

Morris

INTEGRITY BOOKS ONLINE: SOFTWARE TEST PLAN

Part 1: 1.1 Definition and Objectives

The Web site of Integrity Books Online will first be tested on its integration of components and pages to ensure all site aspects work coherently and as expected. The objectives of this testing phase are to discover errors in various areas of the system. Tested areas include: Link efficiency: each link on the Web site should correctly lead to the corresponding destination. Component relationships: this focuses on how well components work together following system integration. Data integrity: integration can sometimes lead to data being mishandled by the system. This area will ensure that data integrity is maintained at the same level it was before integration. Security: has security changed since integration? This section will focus on how well security has been maintained and ensure security methods have not been compromised. Performance: system performance must be maintained to certify a great user experience and the system will be stress tested to ensure that remains true.

3/27/2012

Morris

INTEGRITY BOOKS ONLINE: SOFTWARE TEST PLAN

1.2 Schedules
Each of the five phases is organized into separate time schedules to effectively oversee testing and verify each phase is punctually tested. The testing schedule virtually mirrors the order of objectives listed in section 1.1: 1 2 3 Link efficiency (Completion Time: Three Days): because this is in the integration phase, links will be tested before components to ensure each page correctly interacts with one another. Component relationships (Completion Time: Three Days): components are then tested to ensure they function correctly following link interactions. Data integrity phase 1 (Completion Time: One Week): once functionality of links and components are verified, the integrity of data can be tested since data mostly functions independently from components. Security (Completion Time: One Week): data integrity must be verified before security processes because data is again verified after security procedures are maintained. Security processes change the way data is handled through various methods, such as with hashing. Data integrity phase 2 (Completion Time: One Week): once security methods are in place and verified to work correctly, data will be tested again to ensure its integrity has not been compromised following security procedures. Performance (Completion Time: Three Days): after all methods have been tested, performance benchmarks will determine the affects of integration.

3/27/2012

Morris

INTEGRITY BOOKS ONLINE: SOFTWARE TEST PLAN

1.3 Responsibilities
Testing responsibilities and their corresponding undertakings are distributed to the following departments: Development Team One Link efficiency All links must be valid and functional Links must change color after being used Links must relate to their correct destinations Links must not open new browser windows/tabs for companyrelated links (e.g. Home, Contact, etc.) Links that relate to Web sites unrelated to the company open new windows/tabs to keep users on company site Text field implementations must visually function properly Text fields must interact with database correctly Ensure correct updates occur when adjusting volumes in shopping cart After adding an item to the shopping cart, the number of items are displayed correctly regardless of which page the customer is on Efficiency of component interaction to mark performance differences after integration (=< 5s) Page loading times (=< 10s) on various browsers, listed in equipment section 1.4 Time for data to be sent to database (=< 10s) Time for data to be recorded into database after reaching server (=< 5s) Latency created through each PKI function (=< 5s ea.)

Component relationships

Performance (following all other tests)

3/27/2012

Morris

INTEGRITY BOOKS ONLINE: SOFTWARE TEST PLAN

Development Team Two Data integrity phase 1 Each text field is tested to verify data that is input into the field is identical to data saved in the database Verify that customer purchase history data is saved in the database correctly Confirm the correct primary key for each data input after saved in the database Ensure data travels encrypted using the PKI (Public Key Infrastructure) method and that each part of the PKI functions (CA, RA, RSA, digital certificate) properly Make sure that invalid customer login passwords are not accepted (Customer login requires a password of 8 characters at a minimum, one capital letter, one lowercase letter, and one number) Repeat all of the data integrity tests Verify tests return the same positive results following security implementations.

Security

Data integrity phase 2

3/27/2012

Morris

INTEGRITY BOOKS ONLINE: SOFTWARE TEST PLAN

1.4 Test Equipment Required

Section 1.4 entails all equipment related to testing each aspect of the system following integration. All equipment and software is off the shelf because the bulk of Web surfers utilize off-the-shelf computers. Hardware (Rented): Windows desktop computer o Intel Pentium 4 o 80 GB of free disk space o 1 GB of RAM Ethernet cables (Cat 5) Server (represents database & Web server) o Duo Core CPU o 80 GB of free disk space o 4 GB of RAM Software (OSs are leased for testing): Windows 7 as native OS. The following virtual machines are installed to test other operating systems: o Ubuntu 10.04 o Windows XP o Windows Vista o Mac OS X 10.7 (only version that allows virtualization) Browsers: o Internet Explorer 10 on Windows 7 o Internet Explorer 9 on Windows Vista o Internet Explorer 8 on Windows XP o Mozilla Firefox on Ubuntu 10.04 o Google Chrome and Safari on OS X 10.7 MySQL database software (Purchased)

3/27/2012

Morris

INTEGRITY BOOKS ONLINE: SOFTWARE TEST PLAN

Part 2: 2.1 Test for Requirements

The goal of testing the requirements document is to guarantee functionality of previous implementations, aside from integration tests. The following are specific tests for each requirement, with at least one test per requirement: Req #101: Luhn Algorithm (Development team one)

o Test Luhn algorithm by entering 10 real credit card numbers in external console program o Test Luhn algorithm by entering 10 credit card numbers confirmed false in external console program o Test Luhn algorithm by entering 10 credit card numbers confirmed false on actual Web site o Test Luhn algorithm by entering 10 credit card numbers confirmed false on actual Web
site Req #102: Geographic and email entries (Development team two)

o Enter all geographic and email information into corresponding fields o Verify that data that is saved correctly in the database relating to geographic and email
entries Req #103: Save customer data on server (Development team two)

o Ensure processed customer data is saved with integrity (data in correct fields)
Req #104: Ask permission to save credit card information (Development team two)

o Attempt to purchase an item to verify that the permission page is presented immediately
following the input of credit card information. Req #105: Provide search (Development team one)

o Oversee results from search engine through 10 searches of at least 5 characters o Take notes on accuracy of results and provide suggestions for improvement

3/27/2012

Morris

INTEGRITY BOOKS ONLINE: SOFTWARE TEST PLAN Req #106: Inventory listing (Development team one)

10

o Verify inventory page opens after clicking on the link o Ensure each item listed on the page is actually seen as available in the database
Req #201: Stateful inspection firewall on frontier of network (Development team two)

o Test packet filtering method on firewall by sending 10 correctly addressed packets o Test packet filtering denial by sending 10 incorrectly addressed packets o Test analytical results from firewall by reviewing the results from the 20 test packets
Req #202: Credit card disposal (Development team one)

o After a test purchase is made, search the database and Web server for credit card
information to verify it was disposed Req #203: Credit card information on invoice

o Only the last four digits of the credit card are present on the invoice o The four digits are available after the customer gives permission to save credit card information o The four digits are available after the customer denies permission to save credit card
information Req #204: HTTPS protocol (Development team two)

o Open Web site from remote host using all suggested browsers to see if the https symbol is displayed in the browsing window o Use a packet analyzer to analyze if data being send to and from the Web server is being
encrypted with the SSL protocol Req #301: Web User Interface (Customer base in controlled environment)

o User must make a purchase of 3 books from different categories, update the shopping cart
once, complete their purchase (with a provided valid credit card number), and report on experience. o Was the experience enjoyable? Why or why not? o Was the task easy? Why or why not? o Did you come across any bugs? What were they? o Did you find what you were looking for? What made it difficult or easy?

3/27/2012

Morris

INTEGRITY BOOKS ONLINE: SOFTWARE TEST PLAN

11

2.2 Scenario Testing

This section focuses on creating real-world scenarios to test how the Web site will work once released to the public. This process minimizes surprises following public release. Here is a list of test scenarios: Mobile testing: while the site is not yet created to fit mobile devices, the site will be tested on an iPhone 3GS and a Samsung Galaxy. Search engine optimization: ask a user to find the site using the Google and Yahoo! search engines. o How easy was it to find the site? o How high was it ranked in results? Login attempt: ask user to create a login account to record purchase history. o Was it easy? Why or why not? o Were they successful? If not, why? Hack site: attempt an intentional intrusion on the site by spoofing valid addressing information. o Was the attempt successful? Why or why not?

3/27/2012

Morris