Due to increasing market diversification and customer demand, more and more software-based products and services are customizable or are designed in the form of many different variants. This brings about new challenges for the software quality assurance processes: How shall the variability be modelled in order to make sure that all features are being tested? Is it better to test selected variants on a concrete level, or can the generic software and baseline be tested abstractly? Can knowledge-based AI techniques be used to identify and prioritize test cases? How can the quality of a generic test suite be assessed? What are appropriate coverage criteria for configurable modules? If it is impossible to test all possible variants, which products and test cases should be selected for test execution? Can security-testing methods be leveraged to an abstract level?