Building a fuzzy test framework for security testing out of negative test generators and stress test framework. The main effort of this blueprint will focus on test data generators and validators. The generators can produce random data or pattern based data. After some runs or after every run a validation must be done if the service is still available. This can be done via tempest test cases.
Open topics for the discussion:
- Negative testing coordination of existing tests - XML suppport - Generator design for fuzzy patterns - Usage of the stress test framework
This session will include the following subject(s):
Fuzzy test framework :
Building a fuzzy test framework for security testing out of negative test generators and stress test framework.
The main effort of this blueprint will focus on test data generators and validators. The generators can produce random data or pattern based data. After some runs or after every run a validation must be done if the service is still available. This can be done via tempest test cases.
This session would be most likley a shared session between OSSG and QA.
(Session proposed by Marc Koderer)
Fututre of negative testing and next steps:
We already have a framework that supports the creation of negative test out of interface descriptions.
This session will focus on the next steps and how we can encourage people to get involved with that.
Open topics:
- Coordinate the transformation of existing tests - XML suppport? - Merging interface definitions for API validation tests