A good example of the level of risk is the millennium bug problems from the previous millennia. This introduced a frenzy of testing, as more and more organisations became aware of the issues of the millennium bug. Especially how the change to the year 2000 could cause wholesale computer systems failure.
Computer's running older programs would be unable to recognise that it was the year 2000, instead thinking it was 1900. This could potentially stop computer systems from working, affecting the daily lives of millions. It all boiled down to how computer programs stored a date's year. Most of the business critical programs being used at the time and even still now, were written in the 1960's, 1970's and 1980's.
These computer programs used two digits to represent the year in the date. So 1990 would be represented by 90, 1991 by 91 and so on up to 1999, being represented by 99. The problem occurred when the year reached 2000, as this would be represented by 00. The computer programs would see the 00 and think it represented 1900, causing a multitude of problems in accuracy of the programs being run.
So why didn't they think of this when the programs were written in the 1960's, 1970's and 1980's and more importantly why didn't they test this?
To many at the time when these computer programs were developed, the year 2000 seemed a distant dream. As such little real thought was given to the potential impact of the date year change.
Testing is about thinking about the potential problems and trying to prepare for them.
Testing could have highlighted the risks of using two digits. This could have helped reduce the billions spent on rectifying the computer programs worldwide during the late nineties.
When the computer programs were being tested in the 1960's, 1970's and 1980's, the perceived risk of the millennium bug was low. The millennium was too far away to be considered a serious risk. Compared to the late 1990's, where the perceived risk from the failure of computer programs during the transition to the new millennia was enormous.
As such an incredible amount of resource and money was spent bringing the older computer programs to an acceptable four digit year accepting standard.Summary
Nothing can be fully and completely tested.
The level of testing done is determined by the risk of something going wrong and the issues that this would create.
Risk can be variable, something done before a certain time period may have a low risk whilst something afterwards may have a higher risk.
Testing is reducing the level of risk and not trying to completely eliminate it.