Negative Testing

Aims of Negative Testing
*Negative Testing as Testing aimed at showing software does not work.
This can lead to a range of complementary and competing aims;
· Discovery of faults that result in significant failures; crashes, corruption and security breaches
· Observation and measurement of a system’s response to external problems
· Exposure of software weakness and potential for exploitation

While a fair definition, it is far from being generally accepted. ‘Negative Testing’ is a term that is re-
defined site-by-site, and sometimes even team-by-team. A common way that practice differs from the
(British Standard) definition is that it includes tests that aim to exercise the functionality that deals with
failure;
· Input validation, rejection and re-requesting functionality (human input and external systems)
· Internal data validation and rejection
· Coping with absent, slow or broken external resources
· Error-handling functionality i.e. messaging, logging, monitoring
· Recovery functionality i.e. fail-over, rollback and restoration

This paper will deal with tests designed to make the system fail, and tests that are designed to exercise functionality that deals with failure.