Risk analysis: a guiding force in the improvement of testing

The authors propose a state-based risk assessment methodology at the analysis and design stage of Software Development Life Cycle. First, a method is proposed to estimate the risk for various states of a component within a scenario and then, the risk for the whole scenario is estimated. The key data needed for risk assessment are complexity and severity. An Inter-Component State-Dependence Graph is introduced to estimate the complexity for a state of a component within a system. The severity for a component within a scenario is decided based on three hazard techniques: Functional Failure Analysis, Software Failure Mode and Effect Analysis and Software Fault Tree Analysis. The risk for a scenario is estimated based on the risk of interacting components in various states within the scenario and State COllaboration TEst Model of the scenario. Finally, the system risk is estimated based on two inputs: scenarios risks and Interaction Overview Diagram of the system. The methodology is applied on a Library Management System case study. An experimental comparative analysis is performed and observed that the testing team guided by our state-based risk assessment approach achieves high test efficiency compared with it with an existing component-based risk assessment approach.