Appendix G: Risk Analysis, FMEA, and Brainstorming

Throughout much of this book, I have talked about risks, risk identification, and using risk in testing. This appendix gives some basic risk analysis concepts. Risk analysis is a big subject with many books and classes [1,2]. I wanted to give you enough points and information to get you started, but you must understand risk associated with your product and then adapt risk analysis for each attack.

The software and systems engineering vocabulary (SEVOCAB) [3] defines risk as

(1) an uncertain event or condition that, if it occurs, has a positive or negative effect on a project’s objectives (A Guide to the Project Management Body of Knowledge (PMBOK(R) Guide)—Fourth Edition) (2) combination of ...

Get Software Test Attacks to Break Mobile and Embedded Devices now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.