Testing complex software is itself a complex task. Modern software has millions of lines of code and it is very difficult to ensure that developers are testing every possible path through all of that code. Test coverage analysis seeks to give developers a sense of how much of their code was evaluated during a set of tests. In this video, learn how developers compute test coverage analysis.
- [Instructor] Testing complex software…is itself a complex task.…Modern software has millions of lines…of code, and it is very difficult…to ensure the developers are testing…every possible path through all of that code.…Test coverage analysis seeks to give developers…a sense of how much of the code was evaluated…during a set of tests.…Test coverage is defined as the percentage…of a piece of software that was evaluated…during a given test set.…Now, that definition probably raises…more questions than it answers.…
What do I mean by the percentage of a piece of software?…I'm being deliberately vague here for a moment,…because there are many ways to compute test coverage,…and I'll get to them in a minute.…In general, you can compute test coverage…using a simple formula.…Divide the number of cases tested…by the total possible number of cases.…If there were 10,000 possible test cases…and your testing evaluated 9,000 of them,…you have 90% test coverage.…There are many different variables…that you can plug into that formula…
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A completed Learning Path of the series will be available once all the courses are released.
- Using security assessment tools
- Scanning for vulnerabilities
- Threat assessment techniques
- Performing penetration testing
- Reviewing monitor logs
- Performing code reviews
- Performing fuzz testing and misuse case testing
- Analyzing coverage
- Assessing disaster recovery sites and backups
- Testing BC/DR plans
- Collecting security process data and metrics
- Auditing and control management