Test Functional Component

id EAID EA571C73 4AA9 4eb9 A615 97F4CAD04E92
Figure 1. Test Functional Component Model


The Test functional component plans, orchestrates, and executes tests (including reviews) that ensure the Product Release will meet stakeholder expectations, and support all the Requirements at the agreed service levels. Using the Test functional component, Defect data objects are created to be consumed by the Defect functional component. Tests Cases are designed, planned, and executed, covering both manual and automated testing.

The Test functional component covers all verifications, validations, and test activities to ensure the product meets the Requirements and specifications (as part of the Product Design) including non-functional requirements and adherence to policies and standards.

Issues and exceptions found during testing are recorded as Defect data objects, which are consumed by the Defect functional component.

Various tests are planned and executed across the different environments, including:

  • Unit testing

  • Peer reviews

  • Code quality testing (to verify the conformance of the code to policies and coding standards)

  • Performance and stress testing

  • User Interface (UI) testing

  • Functional testing

  • Usability testing

  • Security and compliance testing covering various security tests such as Static and Dynamic Application Security Testing (referred to as SAST and DAST) to validate compliance to security requirements and policies, as well as vulnerability scanning

  • Testing of operations functions, including backup/restore, monitoring, logging, and Runbooks (e.g., used for diagnostics and remediation)

  • Business process testing (testing an end-to-end business process)

  • Mobile testing (for the different mobile platforms)

  • API and integration testing

  • Regression testing

  • Continuity testing (e.g., tests the disaster recovery/continuity plan)

  • Monkey testing (tests the product by providing random inputs and checking the behavior)

  • User Acceptance Testing (UAT)

  • Continuity (and failover) test

The Test functional component should support different test methods, including TDD in which each Product Backlog Item begins with writing a test (instead of writing a test after the code has been written). Test Cases can be created through use-cases and user stories to cover the requirements and exception conditions.

The Test functional component supports the Integrate value stream.

Functional Criteria

The Test functional component:

  • Shall maintain the test strategy and Test Plans

  • Shall link Test Cases to one or more Test Plans

  • Shall leverage the Product Backlog functional component to plan and develop Test Cases, both manual and automated tests

  • Shall manage the automated Test Cases in the Source Control functional component

  • Shall ensure traceability between tests and Requirements

  • Shall plan and execute tests that ensure the Product Release will support the Requirements at the agreed service levels

  • Shall plan and execute tests to ensure non-functional requirements are addressed

  • Shall create Defect data objects that are consumed by the Defect functional component

  • Shall log all test runs and capture the test results (including test logs)

  • Shall include abuse cases to be tested for the product; misuse and abuse cases describe how users could potentially misuse or exploit the weaknesses of controls in software features

  • Shall execute tests such as:

    • Unit tests

    • Code quality scanning

    • Functionality tests

    • Security tests (static and dynamic application security and infrastructure security testing)

    • Vulnerability scanning

    • Penetration tests

    • Performance and stress tests

    • Business process tests

    • Regression tests

    • Integration tests

  • Shall create Defects found during testing which are consumed by the Defect functional component

  • Shall define and manage representative test data for all data sets needed to execute the Test Cases

  • Shall provide test execution reports per tested Requirements and/or Product Backlog Items

  • Shall track all executed Test Cases (as part of a Product Release)

  • Shall test operations activities as well, such as monitoring, request fulfillment, etc.

  • Shall be the system of record (authoritative source) for all Test Cases (and associated test data)

  • Shall manage the lifecycle of Test Cases

  • Shall calculate test coverage of a new Build Package and Product Release

  • Shall measure and report upon code quality and compliance to coding standards

  • Shall scan all builds against potential vulnerabilities (e.g., third-party libraries and open-source components)

  • Shall create automated test scripts, including unit testing and scripts for security testing that follow a formal software security assurance methodology

  • Shall run security tests on core code to identify existing security issues at the start of the development cycle so that the assessment of scope/requirements set/scheduled can be scheduled early for existing services that are undergoing change