Glossary [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] activitiesA pattern of work performed together for a single purpose. An activity may use or produce work products and may be tracked by a work item. application diagramThe definition and configuration of applications that will be composed into systems for deployment. The application diagram shows the communication dependencies exposed through endpoints in a graphical layout prior to committing to code. assetThe abstract or concrete resources that a system must protect from misuse by an adversary. automated testA set of steps that a computer may run to test the functionality of the system. B backlogThe set of work items not yet closed, representing work under consideration or still to be completed. bug allotmentA chunk of development time allocated to fix bugs. An allotment is created by leaving slack in the iteration plan. bugA type of work item, recording a potential source of dissatisfaction with the product. build verification testsAlso known as smoke tests. A group of tests used to determine the health of a build at a high level. Typically these tests exercise the core functionality to help team members determine whether further testing is worthwhile. buildThe process involved in taking one or more input configuration items and processing them (building them) to create one or more output configuration items; for example, software compile and load. C changesetA logical grouping of changes. There are pending changesets, shelvesets, and committed changesets. A pending changeset is a group of changes that have been made in one enlistment but have not yet been submitted to the database for publishing and permanent record. A shelveset is a set of changes that have yet to be committed, but the entire contents of which are now located in the source control server. A committed changeset is a set of changes that have been permanently recorded in the history of the database and are available for others to see. class diagramA visual and static representation of classes and the relationships between them. code analysisChecking code for conformance to design guidelines. Code analysis goes beyond compilation to look for common coding and design errors determined by a set of guidelines. code coverageA metric used to describes the degree to which the source code of a program has been tested. Code coverage is expressed as a percentage of the lines of code tested over the total lines of code. D development taskAn assigned unit of development work usually created to build part of a scenario or quality of service requirement. The development task describes the objective of the developer in the context of an iteration. differentiating factorThe part of a scenario that determines its uniqueness from other scenarios. The goal of a differentiating factor is to prevent multiple scenarios from being created that describe the same flow through the system. DREADA ranking of the risk associated with a vulnerability or security requirement. DREAD stands for Damage potential, Reproducibility, Exploitability, Affected users, Discoverability. dynamic systems initiativeAn initiative uniting hardware, software and service vendors around a new software architecture that enables customers to harness the power of industry-standard hardware, and brings simplicity, automation and flexibility to IT operations. E entry pointAn interface that the system provides that might be used as way of gaining access to the assets or resources of a system. exploratory testingThe testing of a product without a set of tests defined in advanced. Testers performing exploratory testing take on a persona and perform the tasks that persona would perform. F feature dissatisfactionA condition where users believe that the product does not meet the expectations set by the market, competitors, previous experiences, or promises. fuzzingFuzzing supplies structured but invalid inputs to software application programming interfaces (APIs) and network interfaces so as to maximize the likelihood of detecting errors that may lead to software vulnerabilities. G goalAn objective that the persona is attempting to achieve. A system helps the persona reach these goals. I infrastructure architectureThe topology of the deployment environment including protocols, security levels, and services. This architecture provides a logical mapping to the deployment environment, such as the data center. instrumentThe process of examining the amount of time spent in each area of the code. iteration budgetThe budget used for planning the development activity for an iteration based on rough order of magnitude estimates. The iteration budget is obtained from the velocity report and is measured in ideal person days. iteration lengthThe length of the fixed period of time that comprises an iteration. The iteration length usually stays constant over the entire project. iteration planThe list of scenarios, quality of service requirements, and tasks for the upcoming iteration. iteration testsThe set of tests that are run after the build verification tests. These tests verify the functionality called for in the iteration plan. iterationA fixed period of time for scheduling tasks. An iteration is generally fixed between 2 and 6 weeks. Iterations are generally consecutively numbered and sequentially follow one another. L lifestyle snapshotA documented day in the life of a persona. A lifestyle snapshot is created by a business analyst through interactions with the users. load profileThe simulated workload for a load or stress test. The load profile can be constant or increased gradually through stepping. load test scenarioThe combination of a test mix, load profile, and simulated environment for a load or stress test. load testA test type that contains other test types and exercises them with user settings to perform a predefined load scenario. logical serverAn application server within a logical datacenter that describes a specific configuration of application hosting software, such as Internet Information Server, configured for a specific purpose such as secure front-end Web server. M manual testA text document or a Microsoft Word document listing the steps that a person follows to complete a test pass. P performance testA test that ensures that the performance quality of service requirement is met. A performance test not only checks that the functionality works but also the amount of time it takes for that functionality to complete. personaA persona describes the typical skills, abilities, needs, desires, working habits, tasks, and backgrounds of a particular set of users. A persona is fictional reality, collecting together real data describing the important characteristics of a particular user group in a fictional character. productThe system or set of components that is the goal of the software development process. project portalThe Windows SharePoint Services site used to store and present non-code work products and reports for a team project. project visionThe purpose, driving factors, and background for building the system. This goal of the vision is to align the team around a central purpose. projectSee team project. Q quality dissatisfactionThe dissatisfaction that occurs when quality of a release is poor. quality of service requirementA type of work item, recording a constraint on the system such as performance, load, stress, security mechanism, or platform. These requirements do not describe functionality but rather constraints on that functionality. queryA named set of criteria which Visual Studio Team Foundation uses to find and display work items. R releaseA build promoted for use or deployment. A release can be internal and used for further testing or external and released or deployed. reportA report produced from the metrics warehouse of Visual Studio Team Foundation. riskA type of work item, recording a possible event with an undesirable outcome. Risks must be identified, assigned, and if the impact is probable and undesirable, mitigated. roleA group of activities normally (but not always) performed by one person and often implemented with a security group. Often, one person may play multiple roles. rollout planThe plan for delivering an external release. This plan includes all of the elements that must be put in place for acceptance in the marketplace, operations, or to a customer. rough order of magnitudeA coarse-grained estimate based on initial or incomplete data. A rough order of magnitude estimate establishes a ballpark cost for a scenario or quality of service requirement. S scenarioA type of work item, recording a single path of user interaction through the system. As the persona attempts to reach a goal, the scenario records the specific steps that they take in attempting to reach that goal. security testAlso called a penetration test. These tests look for attack paths that might be used to gain access to assets. shadow applicationA term used for an application whose purpose is to describe the behavior of a system. Typically, a shadow application is used during top-down design of a system and would not normally be implemented. The endpoints on a shadow application would be migrated to other applications or systems. shelvingShelving enables you to set aside a batch of pending changes temporarily in order to work on another high priority release or to share your untested source file revisions with another user. solution architectureThe architecture of the software including its structure, entry points, trust areas, and class and component relationships stack rankAn ordering of work items for prioritization. stress testA test that determines an application's breaking points and pushes the application past its upper limits as resources are saturated. STRIDEAn acronym used to categorize different threat types. A method of categorizing threat types. These threat types include: Spoofing identity, Tampering with data, Repudiation, Information disclosure, Denial of service, and Elevation of privilege. system diagramThe depiction of a single composite system definition showing uses of either application definitions or a system definitions. Connections show the communication links configured between the applications/systems. T taskA type of work item, recording a development task or test task. team projectThe named collection of work items, code, tests, work products, metrics, etc., used by a defined team with Visual Studio Team Foundation to track a common set of related work. test approachThe test goals, coverage, techniques, and data for the project and each of the iterations. test harnessAn application that loads test adapters and owns the process that executes tests. test metric thresholdA goal for the project measured using a test metric. For example 70% unit test coverage is a test metric threshold for the development team. test metricA unit of measure for the testing. For example, unit test coverage is a test metric for the development team. test resultThe verdict from running a test. Possible verdicts are Pass, Fail, or Inconclusive. test taskAn assignment to create test cases and test a specific area of the product usually in the context of a scenario or quality of service requirement. think timeThe elapsed time between the receipt of a reply to one request and the submission of the next request. For example, if it takes about 60 seconds for a user to enter all the information required for a Web-based time-entry form, 60 seconds is the think time for this scenario. threatHow an adversary might try to affect an asset by using an entry point. A threat describes a goal of an adversary. triageThe process that is used to review newly reported or reopened bugs and assign a priority and iteration for working on them. trust levelA characterization of an external entity that interacts with the product. The trust level is often based on how the external entity is authenticated and what privileges it has. Trust levels can be associated with entry points, personas, assets, or other protected resources. U unblockedRun to completion and pass. V validation testA test that ensures that the functionality called for in a scenario or quality of service requirement works as expected. velocity reportA report that provides a measure of the rate of work accomplished per iteration unit of time, or example, iteration. velocityThe number of person days of work that have be accomplished in an iteration. The velocity is a measure of the work accomplished per iteration. vision statementA short statement outlining the project vision, describing the value proposition, the stakeholders, and the driving factors. vulnerabilityAny weakness, administrative process or act, or physical exposure that makes a computer susceptible to exploit by a threat. W work itemA database record which Visual Studio Team Foundation uses to track an assignment and state of work. work productA discrete deliverable or artifact, such as a document, spreadsheet, changeset, etc. workstreamAn activity that is composed of other activities. These are the simple building blocks of the process. They may be assigned to single or multiple roles. Z zero defect stateHaving no warnings or errors. |