Bibliography
Advanced Syllabus Referenced Standards
The following standards are mentioned in the Advanced Technical Test Analyst syllabus.
ANSI/IEEE Std 1471-2000, Recommended Practice for Architectural Description of Software-Intensive Systems.
ISO/IEC 61508, Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems.
ISO/IEC 25000:2005, Software Engineering—Software Product Quality Requirements and Evaluation (SQuaRE).
ISO/IEC 9126-1:2001, Software Engineering – Software Product Quality.
RTCA DO-178B/ED-12B, Software Considerations in Airborne Systems and Equipment Certification.
Advanced Syllabus Referenced Books
Len Bass, Paul Clements, Rick Kazman. Software Architecture in Practice (2nd edition). Addison-Wesley, 2003.
Graham Bath, Judy McKay. The Software Test Engineer’s Handbook. Rocky Nook, 2008.
Boris Beizer. Software Testing Techniques, Second Edition. International Thomson Computer Press, 1990.
Boris Beizer. Black-Box Testing. John Wiley & Sons, 1995.
Hans Buwalda. Integrated Test Design and Automation. Addison-Wesley Longman, 2001.
Lee Copeland. A Practitioner’s Guide to Software Test Design. Artech House, 2003.
Eric Gamma, Richard Helm, Ralph Johnson, and John Vlissides. Design Patterns: Elements of Reusable Object-Oriented Software. Addison-Wesley, 1994.
Paul C. Jorgensen. Software Testing, a Craftsman’s Approach, Third Edition. CRC Press, 2007.
Cem Kaner, James Bach, Bret Pettichord. Lessons Learned in Software Testing. John Wiley & Sons, 2002.
Tim Koomen, Leo van der Aalst, Bart Broekman, Michael Vroon. TMap Next for Result-Driven Testing. UTN Publishers, 2006.
Thomas J. McCabe. “A Complexity Measure.” IEEE Transactions on Software Engineering, Vol. SE-2, No. 4. December 1976. PP 308–320.
Steven Splaine, Stefan P. Jaskiel. The Web-Testing Handbook. STQE Publishing, 2001.
Mark Utting, Bruno Legeard. Practical Model-Based Testing: A Tools Approach. Morgan-Kaufmann, 2007.
Arthur H. Watson and Thomas J. McCabe, “Structured Testing: A Testing Methodology Using the Cyclomatic Complexity Metric.” NIST Special Publication 500-235. Prepared under NIST Contract 43NANB517266, September 1996.
James Whittaker and Herbert Thompson. How to Break Software Security. Pearson/Addison-Wesley, 2004.
Karl Wiegers. Peer Reviews in Software: A Practical Guide. Addison-Wesley, 2002.
Advanced Syllabus Other References
http://www.testingstandards.co.uk
http://www.nist.gov NIST National Institute of Standards and Technology
http://www.codeproject.com/KB/architecture/SWArchitectureReview.aspx
http://portal.acm.org/citation.cfm?id=308798
http://www.processimpact.com/pr_goodies.shtml
Other Referenced Books
Len Bass, Paul Clements, and Rick Kazman. Software Architecture in Practice (3rd Edition). Addison-Wesley, 2013.
Graham Bath and Judy McKay. The Software Test Engineer’s Handbook: A Study Guide for the ISTQB Test Analyst and Technical Test Analyst Advanced Level Certificates 2012. Rocky Nook, Inc., 2014.
Boris Beizer. Software Testing Techniques, Second Edition. International Thomson Computer Press, 1990.
Rex Black. Advanced Software Testing—Vol. 1: Guide to the ISTQB Advanced Certification as an Advanced Test Analyst. Rocky Nook, Inc., 2009.
Rex Black. Advanced Software Testing—Vol. 2, Second Edition. Rocky Nook, Inc., 2014.
Rex Black. Critical Testing Processes: Plan, Prepare, Perform, Perfect. Addison-Wesley, 2004.
Rex Black. Managing the Testing Process: Practical Tools and Techniques for Managing Software and Hardware Testing, Third Edition. John Wiley & Sons, 2009.
Rex Black. Pragmatic Software Testing: Becoming an Effective and Efficient Test Professional. John Wiley & Sons, 2007.
Erich Gamma, Richard Helm, Ralph Johnson, and John Vlissides. Design Patterns: Elements of Reusable Object-Oriented Software. Addison-Wesley, 1995.
Malcolm Gladwell. Outliers: The Story of Success. Little, Brown, and Company, 2008.
Capers Jones. Software Assessments, Benchmarks, and Best Practices. Addison-Wesley, 2000.
Paul Jorgensen. Software Testing: A Craftsman’s Approach, Fourth Edition. CRC Press, 2013.
Tim Koomen, Leo van der Aalst, Bart Broekman, and Michiel Vroon. TMap Next for Result-Driven Testing. UTN Publishers, 2006.
Brian Marick. The Craft of Software Testing: Subsystems Testing Including Object-Based and Object-Oriented Testing. Prentice Hall, 1994.
Ian Molyneaux. The Art of Application Performance Testing: Help for Programmers and Quality Assurance. O’Reilly Media, 2009.
Tim Riley and Adam Goucher (editors). Beautiful Testing: Leading Professionals Reveal How They Improve Software. O’Reilly, 2010.
Steven Soter and Neil deGrasse Tyson (editors). Cosmic Horizons: Astronomy At The Cutting Edge. New Press, 2001.
Y. N. Srikant and Priti Shankar. The Compiler Design Handbook: Optimizations and Machine Code Generation, Second Edition. CRC Press, 2008.
D. H. Stamatis. Failure Mode and Effect Analysis: FMEA from Theory to Execution, Second Edition. American Society for Quality. Quality Press, 2003.
Karl Wiegers. Peer Reviews in Software: A Practical Guide. Addison-Wesley, 2001.
Karl Wiegers and Joy Beatty. Software Requirements, Third Edition. Microsoft Press, 2013.
Edward Yourdon and Larry L. Constantine. Structured Design: Fundamentals of a Discipline of Computer Program and Systems Design. Prentice Hall, 1979.
Other References
The following references point to information available on the Internet. Even though these references were checked at the time of publication of this book, the authors cannot be held responsible if the references are not available anymore.
Testing in the API Economy: Top 5 Myths. Wayne Ariola and Cynthia Dunlop, 2014. A white paper available from http://www.parasoft.com/.
“Microsoft News—Microsoft Study Reveals that Regular Password Changes are Useless.” Patrick Barnard, 2010. http://microsoft-news.tmcnet.com/microsoft/articles/81726-microsoft-study-reveals-that-regular-password-changes-useless.htm.
“Advanced Risk-Based Test Results Reporting: Putting Residual Quality Risk Measurement in Motion.” Rex Black and Nagata Atsushi. http://www.rbcsus.com/images/documents/STQA-Magazine-1210.pdf.
“Engineering Quality Goes Bananas: How a ‘Dumb Monkey’ Helped One Company Automate Function Testing.” Rex Black, Daniel Derr, and Michael Tyszkiewicz. “Software Test and Performance.” January 2009. http://www.rbcsus.com/images/documents/engineering-quality-goes-bananas.pdf.
“Mission Made Possible: How one team harnessed tools and procedures to test a complex, distributed system during development.” Rex Black and Greg Kubaczkowski. http://www.rbcs-us.com/images/documents/Mission-Made-Possible.pdf.
“A Case Study in Successful Risk-Based Testing at CA.” Rex Black, Ken Young, and Peter Nash. http://www.rbcs-us.com/images/documents/A-Case-Study-in-Risk-Based-Testing.pdf.
“A Survey of Software Inspection Checklists” [Available for Purchase]. Bill Brykczynski. ACM SIGSOFT Software Engineering Notes, Volume 24, Issue 1, Jan 1999, Page 82. http://dl.acm.org/citation.cfm?id=308798.
Common Attack Pattern Enumeration and Classification. capec.mitre.org.
“A Look into Insidious Threats—The Logical Bomb.” Emmanuel Carabott. September 22, 2010. GFI Blog. http://www.gfi.com/blog/insidious-threats-logical-bomb/.
“Cyber War 2.0 – Russia v. Georgia.” Ward Carroll. 2008. DefenseTech at Military.com. http://defensetech.org/2008/08/13/cyber-war-2-0-russia-v-georgia/.
Common Vulnerabilities and Exposures. http://cve.mitre.org/.
“Hacker says to show passenger jets at risk of cyber-attack.” Jim Finkle. Reuters, Aug. 4, 2014. http://www.reuters.com/article/2014/08/04/us-cybersecurity-hackers-airplanes-idUSKBN0G40WQ20140804.
“Someday Never Comes,” from the album Mardi Gras. Written by John Fogerty and performed by Credence Clearwater Revival, 1972.
“catopen() may pose security risk for third party code.” FreeBSD, Inc., 2000. https://www.freebsd.org/security/advisories/FreeBSD-SA-00:53.catopen.asc.
API Integrity: An API Economy Must-Have. Gartner Research and Parasoft. http://alm.parasoft.com/api-testing-gartner.
The Java Language Specification: Jave SE 8 Edition. James Gosling, Bill Joy, Guy Steele, Gilad Bracha, and Alex Buckley. 03/03/2014. https://docs.oracle.com/javase/specs/jls/se8/jls8.pdf.
A Practical Tutorial on Modified Condition/Decision Coverage. Kelly J. Hayhurst, Dan S. Veerhusen, John J. Chilenski, and Leanna K. Rierson. http://shemesh.larc.nasa.gov/fm/papers/Hayhurst-2001-tm210876-MCDC.pdf.
“Don’t: the Secret of Self Control.” Jonah Lehrer. The New Yorker, May 18, 2009. http://www.newyorker.com/magazine/2009/05/18/dont-2?currentPage=1.
DoD Software Fault Patterns. Dr. Nikolai Mansourov. https://buildsecurityin.uscert.gov/sites/default/files/Mansourov-SoftwareFaultPatterns.pdf.
“A Complexity Measure.” Thomas J. McCabe. IEEE Transactions on Software Engineering, Vol. SE-2, No. 4, December 1976. http://www.literateprogramming.com/mccabe.pdf.
Performance Testing Guidance for Web Applications. J.D. Meier, Carlos Farre, Prashant Bansode, Scott Barber, and Dennis Rea for Microsoft Corporation, September 2007. http://msdn.microsoft.com/en-us/library/bb924375.aspx.
“The Magical Number Seven, Plus or Minus Two: Some Limits on Our Capacity for Processing Information.” George A. Miller. The Psychological Review, 1956, vol. 63, pp. 81-97. http://www.musanim.com/miller1956/.
Software Assurance Standard: NASA Technical Standard. National Aeronautics and Space Administration, NASA-STD-8739.8 w/Change 1, July 28, 2004. http://www.hq.nasa.gov/office/codeq/doctree/87398.pdf.
CWE—Common Weakness Enumeration. National Vulnerability Database, NIST. http://nvd.nist.gov/cwe.cfm.
Software Architecture Review Guidelines. Alexander Nowak. Sept. 12, 2007. http://www.codeproject.com/Articles/20467/Software-Architecture-Review-Guidelines
Code Review Checklist. OpenLazlo. http://wiki.openlaszlo.org/Code_Review_Checklist.
XSS (Cross Site Scripting) Prevention Cheat Sheet. OWASP.org, 04/12/2014. https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet.
“Bay Bridge bolt problem arose from quality control lapses, officials say.” Will Reisman. The Examiner, March 27, 2013. http://www.sfexaminer.com/sanfrancisco/bay-bridge-bolt-problem-arose-from-quality-control-lapses-officials-say/Content?oid=2336143.
“There really are 50 Eskimo words for ‘snow’.” David Robson. The Washington Post, January 14, 2013. http://www.washingtonpost.com/national/health-science/there-really-are-50-eskimo-words-for-snow/2013/01/14/e0e3f4e0-59a0-11e2-beee-6e38f5215402_story.html.
Microsoft Windows Security Patches. Dan B. Rolsma. http://www.sans.org/reading-room/whitepapers/windows/microsoft-windows-security-patches-273.
Fallacies of Distributed Computing Explained: (The more things change the more they stay the same). Arnon Rotem-Gal-Oz. http://www.rgoarchitects.com/Files/fallacies.pdf.
Software Verification Tools Assessment Study, DOT/FAA/AR-06/54. Viswa Santhanam, John Joseph Chilenski, Raymond Waldrop, Thomas Leavitt, and Kelly J. Hayhurst. http://www.tc.faa.gov/its/worldpac/techrpt/ar0654.pdf.
Software Architecture, Software Engineering Institute. Carnegie Mellon University. http://www.sei.cmu.edu/architecture/.
The Golden Age of APIs. SmartBear. http://www.soapui.org/The-World-Of-APITesting/the-golden-age-of-apis.html.
Writing Objectives Using Bloom’s Taxonomy. The Center for Teaching and Learning, UNC Charlotte. http://teaching.uncc.edu/learning-resources/articles-books/best-practice/goals-objectives/writing-objectives.
NIST Special Publication 500-235, Structured Testing: A Testing Methodology Using the Cyclomatic Complexity Metric. Arthur H. Watson and Thomas J. McCabe. http://www.itl.nist.gov/lab/specpubs/sp500.htm.
Goodies for Peer Reviews. Karl Wiegers. http://www.processimpact.com/pr_goodies.shtml.
“Out-of-memory problem caused Mars rover’s glitch.” Todd R. Weiss, Computerworld, Feb. 3, 2004. http://www.computerworld.com/article/2574759/data-storage-solutions/out-of-memory-problem-caused-mars-rover-sglitch.html.
“Splint (programming tool).” Wikipedia. http://en.wikipedia.org/wiki/ Splint_(programming_tool).
Referenced Standards
BS 7925/2, Software Component Testing Standard.
DO-178C, Software Considerations in Airborne Systems and Equipment Certification.