National university of Modern Languages

Course: Software Testing

Submitted By: Sir Husnain
Submitted To: M.Shariq
Dated: 11/03/2023
 1 INTRODUCTION
1.1 PURPOSE OF THE DOCUMENT
[Provide the purpose of the Document. This document should be tailored to fit a
particular project’s needs.]
The document documents and tracks the necessary information required to
effectively define the approach to be used in the testing of the project’s product.
The document is created during the Planning Phase of the project. Its intended
audience is the project manager, project team, and testing team. Some portions of
this document may on occasion be shared with the client/user and other
stakeholder whose input/approval into the testing process is needed.
2 FUNCTIONAL REQUIREMEN TESTING
2.1 TEST RISKS / ISSUES
[Describe the risks associated with product testing or provide a reference to a
document location where it is stored. Also outline appropriate mitigation strategies
and contingency plans.]
Our product is an online shopping store the product of different store in one so the main
issue are

The risks and issues associated with testing such as security vulnerabilities, performance
issues, compatibility challenges, payment gateway integration problems, data integrity
concerns, user experience issues, and regulatory compliance requirements.

To mitigate these risks, it's essential to implement robust security measures, conduct
thorough performance testing, ensure compatibility across devices and browsers,
thoroughly test payment gateway integrations, implement data validation mechanisms,
improve user experience through usability testing, and maintain regulatory compliance
through regular audits.

Contingency plans should include maintaining backup systems, establishing clear

communication protocols, allocating resources for customer support, forming an
emergency response team, and developing a business continuity plan to ensure minimal
disruption to operations in the event of unforeseen events or disasters.
2.2 ITEMS TO BE TESTED / NOT TESTED
[Describe the items/features/functions to be tested that are within the scope of this
test plan. Include a description of how they will be tested, when, by whom, and to
what quality standards. Also include a description of those items agreed not to be
tested.]
 Item to Test Test Description Test Date
Log in with email If your email and password are 2-FEB-2024
verified then login otherwise
login failed.
Connect with store Your system should connect 15-Feb-2024
with the store
Payment The customer payment should 1st March 2024
be associated with the store
from where they buy the
product

2.3 TEST APPROACH(S)

[Describe the overall testing approach to be used to test the project’s product.
Provide an outline of any planned tests.]
Black-box and white-box testing are both valuable testing methodologies applied in the
context of an e-commerce store to ensure its quality, reliability, and security. Here's how
they are typically used:

1. Black-box Testing:

- Functional Testing: Black-box testing focuses on verifying the functionality of the e-

commerce store from the perspective of an external user, without knowledge of the internal
code structure. Testers interact with the system through its interfaces, inputs, and outputs to
validate that it behaves as expected.

- User Experience Testing: Black-box testing is crucial for assessing the user experience
of the e-commerce store. Testers evaluate the intuitiveness of the user interface, navigation
flow, and overall usability to ensure a seamless and satisfying shopping experience for
customers.

- Security Testing: Black-box testing helps identify security vulnerabilities by probing

the system for potential weaknesses from an external perspective. Testers simulate various
attack scenarios, such as SQL injection, cross-site scripting (XSS), and unauthorized
access attempts, to assess the robustness of security measures.

- Regression Testing: Black-box testing is utilized for regression testing to validate that
new updates or changes do not introduce regressions in existing functionality. Testers
execute predefined test cases to ensure that core functionalities continue to work as
expected after each update.
 2. White-box Testing:

- Code Coverage: White-box testing involves examining the internal structure and logic
of the e-commerce store's code. Testers analyze source code, algorithms, and system
architecture to ensure comprehensive code coverage and identify potential areas of
improvement.

- Performance Optimization: White-box testing is beneficial for optimizing performance

by identifying and addressing inefficiencies in the code. Testers can pinpoint bottlenecks
and resource-intensive operations, allowing developers to optimize critical areas for
improved speed and scalability.

- Security Enhancement: White-box testing helps strengthen security measures by

identifying vulnerabilities at the code level. Testers scrutinize the implementation of
authentication mechanisms, data encryption algorithms, and input validation routines to
mitigate potential security risks.

- Integration Testing: White-box testing is used to ensure seamless integration between

different components and modules of the e-commerce store. Testers verify that data flows
correctly between subsystems, APIs, and databases, ensuring interoperability and
consistency across the entire system.

2.4 TEST REGULATORY / MANDATE CRITERIA

Test Regulatory / Mandate Criteria and Pass/Fail Determination Summary for an E-
commerce Store:

Regulatory / Mandate Criteria:

- Comply with data protection regulations (e.g., GDPR, CCPA).
- Adhere to PCI DSS standards for handling credit card transactions.
- Meet accessibility standards like WCAG.
- Ensure compliance with consumer protection laws.
- Verify adherence to regulations governing digital transactions.

Pass/Fail Determination:
- Functional Requirements: Pass if core functionalities meet requirements; fail if there are
critical defects.
 - Performance Metrics: Pass if predefined performance metrics are met; fail if performance
degrades under load.
- Security Compliance: Pass with minimal vulnerabilities and adherence to security
standards; fail if critical security issues arise.
- Accessibility Standards: Pass if accessible to users with disabilities; fail if accessibility
barriers hinder access.
- Regulatory Compliance: Pass if compliant with relevant regulations; fail if significant
compliance issues are identified.
- User Acceptance Criteria: Pass if stakeholders and users are satisfied with usability and
functionality; fail if significant usability issues persist.

By ensuring compliance with these criteria and clear pass/fail determinations, the e-
commerce store can meet legal requirements and provide a high-quality user experience.
2.5 TEST ENTRY / EXIT CRITERIA
[Describe the entry and exit criteria used to start testing and determine when to
stop testing.]
Test Entry Criteria for an E-commerce Store:

1. Requirements Availability: Finalized business requirements, functional specifications,

and design documents.
2. Test Environment Readiness: Configured test environment including servers, databases,
and necessary software.
3. Test Data Preparation: Relevant test data such as product information and user accounts
prepared for testing.
4. Test Plan Approval: Approved test plan outlining objectives, scope, and schedule.
5. Test Case Creation: Developed test cases covering functional, performance, security,
and other testing types.
6. Test Tool Setup: Configured testing tools or frameworks for automated testing and
performance monitoring.

Test Exit Criteria for an E-commerce Store:

1. Completion of Test Execution: Execution of all planned test cases including functional,
performance, security, and regression tests.
2. Defect Closure: Resolution and verification of all identified defects, especially critical
ones affecting core functionalities.
 3. Test Coverage Achieved: Achieved predefined targets for testing coverage including
functional, code, and requirements coverage.
4. Performance Targets Met: Performance metrics meeting predefined thresholds under
various load conditions.
5. Security Compliance: Confirmation of compliance with security standards such as PCI
DSS and GDPR, with critical vulnerabilities mitigated or documented.
6. User Acceptance: Approval of the e-commerce store based on usability, functionality,
and overall satisfaction from stakeholders.
7. Regression Testing: Confirmation that new updates or changes have not introduced
regressions in existing functionality with all regression test cases passing.
8. Documentation Completeness: Finalized test artifacts including plans, cases, reports, and
defect logs.
9. Approval for Release: Stakeholder approval for the e-commerce store's release to
production.

Adhering to these entry and exit criteria ensures effective management of the testing
process and the achievement of all necessary testing objectives for the e-commerce store.

2.6 TEST DELIVERABLES

[Describe the deliverables that will result from the testing process (documents,
reports, charts, etc.).]
1. Test Plan: Details testing approach, objectives, scope, schedule, and responsibilities.
2. Test Cases: Comprehensive tests covering functional, performance, and security aspects.
3. Test Data: Relevant datasets including product info, user accounts, and transaction
scenarios.
4. Test Environment Setup Documentation: Instructions for configuring the testing
environment.
5. Test Scripts (for Automated Testing): Scripts for automated regression, functional, and
performance testing.
6. Test Execution Reports: Detailed summaries of test execution, including status and
progress.
7. Defect Reports: Documentation of identified defects with resolution status and severity.
8. Performance Test Reports: Outlining performance metrics and any identified
bottlenecks.
9. Security Test Reports: Summarizing security vulnerabilities found and recommended
mitigations.
 10. User Acceptance Test (UAT) Reports: Summaries of UAT results and stakeholder
feedback.
11. Regression Test Reports: Confirming absence of new regressions in existing
functionality.
12. Documentation Updates: Revisions to test plans, cases, and matrices based on testing
outcomes.
13. Final Test Summary Report: Comprehensive overview of testing efforts, findings, and
recommendations.

These deliverables offer stakeholders insights into the e-commerce store's quality,
reliability, and security, aiding informed decision-making and project success.

2.7 TEST SUSPENSION / RESUMPTION CRITERIA

2.8 TEST PASS / FAIL CRITERIA

[Describe the suspension criteria that may be used to suspend all or portions of
testing. Also describe the resumption criteria that may be used to resume testing.]

Pass Criteria:

1. Functional Requirements: All core functionalities operate without critical defects.

2. Performance Targets: Response times, page load times, and transaction processing meet
predefined thresholds.
3. Security Compliance: Compliance with standards like PCI DSS and GDPR, with no
critical vulnerabilities.
4. User Experience (UX): Intuitive interface, smooth navigation, and efficient checkout
process.
5. Compatibility Across Devices/Browsers: Consistent functionality across different
platforms.
6. Regression Testing: No introduction of new defects or regressions.

Fail Criteria:

1. Critical Defects: Unresolved critical defects impacting core functionalities.

 2. Performance Degradation: Metrics fall below acceptable thresholds under load.
3. Security Vulnerabilities: Critical security vulnerabilities compromise data integrity.
4. Poor User Experience: Usability issues hindering user satisfaction.
5. Compatibility Issues: Rendering errors or broken functionality across devices/browsers.
6. Regression Failures: New defects or regressions introduced by recent changes.

Clear pass/fail criteria enable stakeholders to gauge the readiness of the e-commerce store
objectively.
2.9 TEST ENVIRONMENTAL / STAFFING / TRAINING NEEDS
[Describe any specific requirements needed for the testing to be performed
(hardware/software, staffing, skills training, etc).)]

Test Environment Requirements:

1. Servers: Hardware for hosting the e-commerce application, including web servers,
database servers, and potentially load balancers.
2. Software: Web servers (e.g., Apache, Nginx), database systems (e.g., MySQL,
PostgreSQL), and necessary third-party dependencies.
3. Testing Tools: Functional (e.g., Selenium), performance (e.g., Apache JMeter), security
(e.g., OWASP ZAP), and collaboration tools (e.g., JIRA).

Staffing Requirements:

1. Testers: Skilled in various testing techniques and knowledgeable about e-commerce

processes and standards.
2. Test Leads / Managers: Responsible for planning, coordinating, and overseeing testing
activities.
3. Developers / Engineers: Collaboration for defect resolution, test automation, and system
optimization.

Training Needs:

1. Technical Training: Familiarization with e-commerce platform, testing tools, and

relevant technologies.
2. Domain Knowledge: Understanding of e-commerce business processes, user behavior,
and industry standards.
3. Tool Training: Proficiency in using testing tools and frameworks for efficient testing
practices.

By addressing these needs, the testing team can effectively evaluate the e-commerce store's
quality, performance, and security, ensuring its successful deployment and operation.