In the movie Star Wars: Episode IV—A New Hope, the Death Star was designed to be the perfect weapon, with enough firepower to destroy a thousand star systems. Yet a small, ragtag group was able to blow it up. If only Emperor Palpatine had consulted with testers, all of the Death Star’s vulnerabilities could have been found and addressed!
Michael Mak’s great comparison of quality assurance and testing could have saved the Death Star–and maybe the Dark Side really would have had cookies for everyone.
What went wrong? If only Emperor Palpatine had consulted with testers, all of the Death Star’s vulnerabilities could have been found and addressed before it went KA-BOOM!
Master Jedi James Bach assesses risk—the danger that something bad will happen—using the following model:
THREAT –> VULNERABILITY –> PROBLEM –> VICTIM
A threat is a “condition or input external to the product that, were it to occur, would trigger a problem in a vulnerable product.”
A vulnerability is “something about the product that causes or allows it to exhibit a problem, under certain conditions (also called a fault).”
A problem is “something the product does that we wish it wouldn’t do.”
A victim is “someone that experiences the impact of a problem.” A bug is not important unless it victimizes humans—or sentient alien life forms. Unfortunately, Imperial Law does not recognize the victimization of droids, even though R2-D2 makes a sad whiny whistle sound. (There, there, R2. Master Luke wouldn’t appreciate a whiny robot.)