Endnotes

Endnotes 1. Cem Kaner, James Bach, and Bret Pettichord, Lessons Learned in Software Testing (New York: Wiley, 2002), 1. 2. The root of many of these is IEEE STD 8291983. 3. For example, Beck 2000, op. cit. 4. Adapted from Brian Marick, "Classic Testing Mistakes," 1997, available at http://www.testing.com/writings/classic/mistakes.pdf. 5. Originally called context-driven testing by Kaner, Bach, and Pettichord (257), I've included it as part of the Value-Up Paradigm. 6. [Kaner 2003] "Cem Kaner on Scenario Testing," STQE Magazine, September/October 2003, 22, available at www.stickyminds.com. For a detailed view of Kaner's course on this subject, see http://www.testingeducation.org/BBST/ScenarioTesting.html 7. James A. Whittaker and Herbert H. Thompson, How to Break Software Security: Effective Techniques for Security Testing (Boston: Addison-Wesley, 2004). Whittaker and Thompson have identified 19 attack patterns that are standard approaches to hacking systems. 8. Boris Beizer, Software Testing Techniques (Boston: International Thomson Computer Press, 1990), 535. 9. James Bach has written extensively on the heuristics for defining when our software is good enough for its purpose. See http://www.satisfice.com/articles.shtml for a collection of his essays. 10. Cem Kaner, private email. Malcolm Gladwell, The Tipping Point (Little Brown & Co., 2000), 141, has popularized the discussion, based on Mayor Giulini's use in New York City. The statistical evidence supporting the theory is disputable; see Steven D. Levitt and Stephen J. Dubner, Freakonomics: A Rogue Economist Explores the Hidden Side of Everything (New York: HarperCollins, 2005). Nonetheless, the psychological argument that communities, including software teams, can become habituated to conditions of disrepair is widely consistent with experience. 11. Kaner, Bach, and Pettichord 2002, 18. 12. Hans Buwalda, "Soap Opera Testing," Better Software, February 2004, 3037, available at www.stickyminds.com. 13. Boris Beizer, Software Testing Techniques (Boston: International Thomson Computer Press, 1990), 9. 14. For a classic discussion of the risks of bad automation, see James Bach, "Test Automation Snake Oil," originally published in Windows Tech Journal (November 1996), available at http://www.satisfice.com/articles/test_automation_snake_oil.pdf.