Page 61 - SOFTWARE TESTING & QUALITY ASSURANCE
P. 61
Software Testing and Quality Assurance
Write the statement coverage test cases for the following program.
Void function eval (int X, int Y, int A)
{
If (X>1) and (Y=0)
then A=A/X;
if(X=2) or (A>1)
then A=A+1;
}
(Note: X=2,Y=0, A=3 (A can be any assigned value)
1. Based on statement coverage, write a simple program to print the day, date, time,
month and year.
2. Based on condition coverage, write a simple program to print the marks you
obtained in each subject and the class to which those marks belong. (If mark is
greater than 60 implies class 1, if marks greater than 50 but less than 60 implies
class 2, if marks less than 50 but above 35 implies class 3, if marks less than 35-
implies fail)
Secure Online Transactions
M
yway is a newly established company which wanted to start their online sales and hence
was involved in the development of an online e-commerce Web site. They wanted a Web
site which would facilitate online transfer of funds. Myway had outsourced its payment
processing to a third-party Internet enabled financial transaction payment firm.
The third party payment software had several customized interfaces to enable an easy payment process
between the customers and Myway’s account.
A high-level security risk analysis was conducted on the system to check the security measures of the
third party software. The assessment identified several transactions between the payment interfaces and
the application. A fraudulent transaction would have serious impact on both the customers and the
company (‘Myway’). Some customers might also face financial hardships due to the unauthorized
transactions which may deplete an account. Such situations can damage the reputation of the company.
In view of such circumstances, a white box testing was carried out on all the modules which were using
the payment interfaces. The following steps were followed:
The component interfaces were identified.
1. Trust relationship boundaries were recognized along with the component interactions.
2. The data flows between the components were monitored.
Abuse test cases (These cases describe the ways in which the application can be misused) were
developed and tested. One of the abuse test cases was to create a payments processing functionality as
an anonymous user. The trust relationship mapping and data flow showed a path where inputs from the
users were not validated or authenticated.
54 LOVELY PROFESSIONAL UNIVERSITY Contd…
