By: Roqaiya Ansari

Software Testing
What is testing?
Testing is the process of evaluating a system or its components with the intent to find that whether it
satisfies the specified requirements or not. This activity results in the actual, expected and difference
between their results. In simple words testing is executing a system in order to identify any gaps, errors or
missing requirements in contrary to the actual desire or requirements.

Who does testing?

 Software Tester
 Software Developer
 Project Lead/Manager
 End User

Difference between Testing and Debugging

Testing: It involves the identification of bug/error/defect in the software without correcting it. Normally
professionals with a Quality Assurance background are involved in the identification of bugs. Testing is
performed in the testing phase.

Debugging: It involves identifying, isolating and fixing the problems/bug. Developers who code the software
conduct debugging upon encountering an error in the code. Debugging is the part of White box or Unit
Testing. Debugging can be performed in the development phase while conducting Unit Testing or in phases
while fixing the reported bugs.

Software Testing Strategy

White Box Testing Strategy

White box testing is the detailed investigation of internal logic and structure of the code. White box testing is
also called glass testing or open box testing. In order to perform white box testing on an application, the
tester needs to possess knowledge of the internal working of the code. The tester needs to have a look
inside the source code and find out which unit/chunk of the code is behaving inappropriately.

Advantages:

 It helps in optimizing the code.

 Extra lines of code can be removed which can bring in hidden defects.
 Due to the tester's knowledge about the code, maximum coverage is attained during test scenario
writing.

Disadvantages:

 Due to the fact that a skilled tester is needed to perform white box testing, the costs are increased.
 By: Roqaiya Ansari

 Sometimes it is impossible to look into every nook and corner to find out hidden errors that may
create problems as many paths will go untested.
 It is difficult to maintain white box testing as the use of specialized tools like code analysers and
debugging tools are required.

Black Box Testing Strategy

The technique of testing without having any knowledge of the interior workings of the application is Black
Box testing. The tester is oblivious to the system architecture and does not have access to the source code.
Typically, when performing a black box test, a tester will interact with the system’s user interface by
providing inputs and examining outputs without knowing how and where the inputs are worked upon.

Advantages:

 Well suited and efficient for large code segments.

 Code Access not required.
 Clearly separates user’s perspective from the developer’s perspective through visibly defined roles.
 Large numbers of moderately skilled testers can test the application with no knowledge of
implementation, programming language or operating systems.

Disadvantages:

 Limited Coverage since only a selected number of test scenarios are actually performed.
 Inefficient testing, due to the fact that the tester only has limited knowledge about an application.
 Blind Coverage, since the tester cannot target specific code segments or error prone areas.
 The test cases are difficult to design.

Grey Box Testing

Grey Box testing is a technique to test the application with limited knowledge of the internal workings of an
application. In software testing, the term “the more you know the better” carries a lot of weight when
testing an application.

Mastering the domain of a system always gives the tester an edge over someone with limited domain
knowledge. Unlike black box testing, where the tester only tests the application’s user interface, in grey box
testing, the tester has access to design documents and the database. Having this knowledge, the tester is
able to better prepare test data and test scenarios when making the test plan.

Advantages:

 Offers combined benefits of black box and white box testing wherever possible.
 Grey box testers don’t rely on the source code; instead they rely on interface definition and
functional specifications.
 Based on the limited information available, a grey box tester can design excellent test scenarios
especially around communication protocols and data type handling.
 The test is done from the point of view of the user and not the designer.
 By: Roqaiya Ansari

Disadvantages:

 Since the access to source code is not available, the ability to go over the code and test coverage is
limited.
 The tests can be redundant if the software designer has already run a test case.
 Testing every possible input stream is unrealistic because it would take an unreasonable amount of
time; therefore, many program paths will go untested.

Comparison between the three Testing Strategy

Black Box Testing Grey Box Testing Black Box Testing

1 The Internal Workings of an Somewhat knowledge of the internal Tester has full
application are not required workings are known knowledge of the
to be known Internal workings of the
application
2 Also known as closed box Another term for grey box testing is Also known as clear box
testing, data driven testing translucent testing as the tester has testing, structural testing
and functional testing limited knowledge of the insides of or code based testing
the application
3 Performed by end users and Performed by end users and also by Normally done by testers
also by testers and testers and developers and developers
developers
4 Testing is based on external Testing is done on the basis of high Internal workings are
expectations and Internal level database diagrams and data flow fully known and the
behaviour of the application diagrams tester can design test
is unknown data accordingly
5 This is the least time Partly time consuming and exhaustive The most exhaustive and
consuming and exhaustive time consuming type of
testing
6 Not suited to algorithm Not suited to algorithm testing Suited to algorithm
testing testing
7 This can only be done by trial Data domains and Internal boundaries Data domains and
and error method can be tested, if known Internal boundaries can
be better tested

Types of Software Testing

1) Unit Testing

This type of testing is performed by the developers before the setup is handed over to the testing team to
formally execute the test cases. Unit testing is performed by the respective developers on the individual
units of source code assigned areas. The developers use test data that is separate from the test data of the
quality assurance team.

The goal of unit testing is to isolate each part of the program and show that individual parts are correct in
terms of requirements and functionality.
 By: Roqaiya Ansari

Limitations of Unit Testing:

Testing cannot catch each and every bug in an application. It is impossible to evaluate every execution path
in every software application. The same is the case with unit testing. There is a limit to the number of
scenarios and test data that the developer can use to verify the source code. So after he has exhausted all
options there is no choice but to stop unit testing and merge the code segment with other units.

2) Functional Testing

This is a type of black box testing that is based on the specifications of the software that is to be tested. The
application is tested by providing input and then the results are examined that need to conform to the
functionality it was intended for. Functional Testing of the software is conducted on a complete, integrated
system to evaluate the system's compliance with its specified requirements.

3) Integration Testing

The testing of combined parts of an application to determine if they function correctly together is
Integration testing. There are two methods of doing Integration Testing Bottom-up Integration testing and
Top-Down Integration testing.

 Bottom-up integration testing begins with unit testing, followed by tests of progressively higher-
level combinations of units called modules or builds.
 Top-Down integration testing, the highest-level modules are tested first and progressively lower-
level modules are tested after that. In a comprehensive software development environment,
bottom-up testing is usually done first, followed by top-down testing.

4) System Testing

This is the next level in the testing and tests the system as a whole. Once all the components are integrated,
the application as a whole is tested rigorously to see that it meets Quality Standards. This type of testing is
performed by a specialized testing team.

Why is System Testing so Important

 System Testing is the first step in the Software Development Life Cycle, where the application is
tested as a whole.
 The application is tested thoroughly to verify that it meets the functional and technical
specifications.
 The application is tested in an environment which is very close to the production environment
where the application will be deployed.
 System Testing enables us to test, verify and validate both the business requirements as well as the
Applications Architecture.

Usability Testing

This section includes different concepts and definitions of Usability testing from Software point of view. It is
a black box technique and is used to identify any error(s) and improvements in the Software by observing
the users through their usage and operation.
 By: Roqaiya Ansari

According to Nielsen, Usability can be defined in terms of five factors i.e. Efficiency of use, Learn-ability,
Memorability, Errors/safety, satisfaction. According to him the usability of the product will be good and the
system is usable if it possesses the above factors.

Performance Testing

It is mostly used to identify any bottlenecks or performance issues rather than finding the bugs in software.
There are different causes which contribute in lowering the performance of software:

 Network delay.
 Client side processing.
 Database transaction processing.
 Load balancing between servers.
 Data rendering.

It can be either qualitative or quantitative testing activity and can be divided into different sub types such as
Load testing and Stress testing.

Load Testing:

A process of testing the behaviour of the Software by applying maximum load in terms of Software accessing
and manipulating the large input data. It can be done at both normal and peak load conditions. This type of
testing identifies the maximum capacity of Software and its behaviour at peak time.

Most of the time, Load testing is performed with the help of automated tools such as Load Runner,
AppLoader, IBM Rational Performance Tester, Apache JMeter, Silk Performer, Visual Studio Load Test etc.

Virtual users (VUsers) are defined in the automated testing tool and the script is executed to verify the Load
testing for the Software. The quantity of users can be increased or decreased concurrently or incrementally
based upon the requirements.

Stress Testing:

This testing type includes the testing of Software behaviour under abnormal conditions. Taking away the
resources, applying load beyond the actual load limit is Stress testing.

The main intent is to test the Software by applying the load to the system and taking over the resources used
by the Software to identify the breaking point. This testing can be performed by testing different scenarios
such as:

 Shutdown or restart of Network ports randomly.

 Turning the database on or off.
 Running different processes that consume resources such as CPU, Memory, server etc.

Recovery Testing

Recovery Testing is software testing technique which verifies software’s ability to recover from failures like
software/hardware crashes, network failures etc. The purpose of Recovery Testing is to determine whether
 By: Roqaiya Ansari

software operations can be continued after disaster or integrity loss. Recovery testing involves reverting
back software to the point where integrity was known and reprocessing transactions to the failure point.

The time taken to recover depends upon:

 The number of restart points

 A volume of the applications
 Training and skills of people conducting recovery activities and tools available for recovery.

Security Testing

Security testing involves the testing of Software in order to identify any flaws ad gaps from security and
vulnerability point of view. Following are the main aspects which Security testing should ensure:

 Confidentiality.
 Integrity.
 Authentication.
 Availability.
 Authorization.
 Non-repudiation.
 Software is secure against known and unknown vulnerabilities.
 Software data is secure.
 Software is according to all security regulations.
 Input checking and validation.

Compatibility Testing

Compatibility testing is software testing which comes under the non-functional testing category, and it is
performed on an application to check its compatibility (running capability) on different platform or
environments. This testing is done only when the application becomes stable. Means simply this
compatibility test aims to check the developed software application functionality on various software,
hardware platforms, network and browser etc. This compatibility testing is very important in product
production and implementation point of view as it is performed to avoid future issues regarding
compatibility.

There are two types of compatibility testing based on version testing:

 Forward compatibility testing: When the behaviour and compatibility of a software or hardware is
checked with its newer version then it is called as forward compatibility testing.
 Backward compatibility testing: When the behaviour and compatibility of a software or hardware
is checked with its older version then it is called as backward compatibility testing.

Exploratory Testing

Exploratory Testing is a type of software testing where Test cases are not created in advance but testers
check system on the fly. They may note down ideas about what to test before test execution. The focus of
exploratory testing is more on testing as a “thinking” activity.
 By: Roqaiya Ansari

Exploratory Testing is widely used in Agile models and is all about discovery, investigation, and learning. It
emphasizes personal freedom and responsibility of the individual tester.

We will use this testing for the following aspects:

 When the requirement is missing.

 Early iteration is required.
 The testing team has the experienced testers when we have a critical application, and new testers
entered into the team.

Ad. Hoc Testing

Ad hoc Testing is an informal or unstructured software testing type that aims to break the testing process in
order to find possible defects or errors at an early possible stage. Ad hoc testing is done randomly and it is
usually an unplanned activity which does not follow any documentation and test design techniques to create
test cases.

It does not follow any structured way of testing and it is randomly done on any part of application. Main aim
of this testing is to find defects by random checking. Ad hoc testing can be achieved with the Software
testing technique called Error Guessing. Error guessing can be done by the people having enough experience
on the system to “guess” the most likely source of errors.

Monkey and Gorilla Testing

Monkey Testing is a software testing technique in which the tester enters any random inputs into the
software application without predefined test cases and checks the behaviour of the software application,
whether it crashes or not. The purpose of Monkey testing is to find the bugs and errors in the software
application using experimental techniques.

Gorilla Testing is a Software testing technique wherein a module of the program is repeatedly tested to
ensure that it is working correctly and there is no bug in that module.

A module can be tested over a hundred times, and in the same manner. So, Gorilla Testing is also known as
“Frustrating Testing”.

Smoke and Sanity Testing

Smoke Testing is a software testing technique performed post software build to verify that the critical
functionalities of software are working fine. It is executed before any detailed functional or regression tests
are executed. The main purpose of smoke testing is to reject a software application with defects so that QA
team does not waste time testing broken software application.

Sanity testing is a kind of Software Testing performed after receiving a software build, with minor changes in
code, or functionality, to ascertain that the bugs have been fixed and no further issues are introduced due to
these changes. The goal is to determine that the proposed functionality works roughly as expected. If sanity
test fails, the build is rejected to save the time and costs involved in a more rigorous testing.
 By: Roqaiya Ansari

Regression Testing

Whenever a change in a software application is made it is quite possible that other areas within the
application have been affected by this change. To verify that a fixed bug hasn’t resulted in another
functionality or business rule violation is Regression testing. The intent of Regression testing is to ensure that
a change, such as a bug fix did not result in another fault being uncovered in the application.

Why is System Testing so Important

 Minimize the gaps in testing when an application with changes made has to be tested.
 Testing the new changes to verify that the change made did not affect any other area of the
application.
 Mitigates Risks when regression testing is performed on the application.
 Test coverage is increased without compromising timelines.
 Increase speed to market the product.

Localisation Testing

Localization Testing is a software testing technique in which the behaviour of a software is tested for a
specific region, locale or culture. The purpose of doing localization testing for a software is to test
appropriate linguistic and cultural aspects for a particular locale. It is the process of customizing the software
as per the targeted language and country.

Globalisation Testing

Globalization Testing is a software testing method used to ensure that the software application can function
in any culture or locale (language, territory or code page) by testing the software functionalities using each
type of international input possible. The purpose of Globalization testing is to ensure that software can be
used internationally or worldwide. It is also called Internationalization Testing.

Levels of Testing
Low-level Testing:

 Unit Testing.
 Integration Testing.

High-level Testing:

 Functional Testing.
 System Testing.

Acceptance Testing
This is arguably the most importance type of testing as it is conducted by the Quality Assurance Team who
will gauge whether the application meets the intended specifications and satisfies the client’s requirements.
The QA team will have a set of pre written scenarios and Test Cases that will be used to test the application.
 By: Roqaiya Ansari

More ideas will be shared about the application and more tests can be performed on it to gauge its accuracy
and the reasons why the project was initiated. Acceptance tests are not only intended to point out simple
spelling mistakes, cosmetic errors or Interface gaps, but also to point out any bugs in the application that will
result in system crashers or major errors in the application. By performing acceptance tests on an application
the testing team will deduce how the application will perform in production.

Alpha Testing:

This test is the first stage of testing and will be performed amongst the teams (developer and QA teams).
Unit testing, integration testing and system testing when combined are known as alpha testing. During this
phase, the following will be tested in the application:

 Spelling Mistakes
 Broken Links
 Cloudy Directions
 The Application will be tested on machines with the lowest specification to test loading times and
any latency problems.

Beta Testing:

This test is performed after Alpha testing has been successfully performed. In beta testing a sample of the
intended audience tests the application. Beta testing is also known as pre-release testing. Beta test versions
of software are ideally distributed to a wide audience on the Web, partly to give the program a "real-world"
test and partly to provide a preview of the next release. In this phase the audience will be testing the
following:

 Users will install, run the application and send their feedback to the project team.
 Typographical errors, confusing application flow, and even crashes.
 Getting the feedback, the project team can fix the problems before releasing the software to the
actual users.
 The more issues you fix that solve real user problems, the higher the quality of your application will
be.
 Having a higher-quality application when you release to the general public will increase customer
satisfaction.

Static Testing
Static Testing is a type of software testing in which software application is tested without code execution.
Manual or automated reviews of code, requirement documents and document design are done in order to
find the errors. The main objective of static testing is to improve the quality of software applications by
finding errors in early stages of software development process.

Static Testing Techniques:

 Informal Reviews: This is one of the type of review which doesn’t follow any process to find errors in
the document. Under this technique, you just review the document and give informal comments on
it.
 By: Roqaiya Ansari

 Technical Reviews: A team consisting of your peers, review the technical specification of the
software product and checks whether it is suitable for the project. They try to find any discrepancies
in the specifications and standards followed. This review concentrates mainly on the technical
documentation related to the software such as Test Strategy, Test plan and requirement
specification documents.
 Walkthrough: The author of the work product explains the product to his team. Participants can ask
questions if any. A meeting is led by the author. Scribe makes note of review comments.
 Inspection: The main purpose is to find defects and meeting is led by a trained moderator. This
review is a formal type of review where it follows a strict process to find the defects. Reviewers have
a checklist to review the work products. They record the defect and inform the participants to rectify
those errors.
 Static code Review: This is a systematic review of the software source code without executing the
code. It checks the syntax of the code, coding standards, code optimization, etc. This is also termed
as white box testing. This review can be done at any point during development.

Dynamic Testing
Under Dynamic Testing, a code is executed. It checks for functional behaviour of software system, memory
or CPU usage and overall performance of the system. The main objective of this testing is to confirm that the
software product works in conformance with the business requirements. This testing is also called an
Execution technique or validation testing. Dynamic testing executes the software and validates the output
with the expected outcome. Dynamic testing is performed at all levels of testing and it can be either black or
white box testing.

Dynamic Testing Techniques:

 Unit Testing.
 Integration Testing.
 System Testing.

Software Maintenance
Software maintenance is a part of the Software Development Life Cycle. Its primary goal is to modify and
update software application after delivery to correct errors and to improve performance. Software is a
model of the real world. Software Maintenance is an inclusive activity that includes error corrections,
enhancement of capabilities, deletion of obsolete capabilities, and optimization.

Need for Maintenance:

 Correct errors
 Change in user requirement with time
 Changing hardware/software requirements
 To improve system efficiency
 To optimize the code to run faster
 To modify the components
 To reduce any unwanted side effects.
 By: Roqaiya Ansari

Types of Software Maintenance

1. Corrective Maintenance: Corrective maintenance aims to correct any remaining errors regardless of
where they may cause specifications, design, coding, testing, and documentation, etc.
2. Adaptive Maintenance: It contains modifying the software to match changes in the ever-changing
environment.
3. Perfective Maintenance: It is the process by which we prevent our system from being obsolete. It
involves the concept of reengineering & reverse engineering in which an old system with old
technology is re-engineered using new technology. This maintenance prevents the system from
dying out.
4. Preventive Maintenance: It defines improving processing efficiency or performance or restricting
the software to enhance changeability. This may contain enhancement of existing system
functionality, improvement in computational efficiency, etc.

CASE Tool
The set of application programs to automate software development lifecycle activities and are used by
managers in a project, engineers and analysts to build a software system is called CASE tools and the
software development cycle stages can be simplified using several tools such as design, analysis, project
management, database management, documentation, etc. and the use of these tools speeds up the project
development to obtain desired results.

Components of CASE Tool:

 Central Repository: A central repository is required by the tools to serve as a common source of
integrated and consistent information. The central place of storage consisting of specifications of
product, documents requirement, diagrams and reports and information about the management is a
central repository. The central repository also acts as a data dictionary.
 Upper: Planning, analysis, and designing of different stages of the software development life cycle
can be performed using upper case.
 Lower: Implementation, testing, and maintenance can be performed using lower case.
 Integrated: All the stages of the software development life cycle right from the gathering of
requirements for testing and documentation can be performed using integrated tools.

Reverse Engineering
Software Reverse Engineering is a process of recovering the design, requirement specifications and
functions of a product from an analysis of its code. It builds a program database and generates
information from this.
The purpose of reverse engineering is to facilitate the maintenance work by improving the
understandability of a system and to produce the necessary documents for a legacy system.

Reverse Engineering Goals:

 Cope with Complexity.

 Recover lost information.
 By: Roqaiya Ansari

 Detect side effects.

 Synthesise higher abstraction.
 Facilitate Reuse.

Re-Engineering
Software Re-engineering is a process of software development which is done to improve the
maintainability of a software system. Re-engineering is the examination and alteration of a system to
reconstitute it in a new form. This process encompasses a combination of sub-processes like reverse
engineering, forward engineering, reconstructing etc.

Objectives of Re-engineering:

 To describe a cost-effective option for system evolution.

 To describe the activities involved in the software maintenance process.
 To distinguish between software and data re-engineering and to explain the problems of data re-
engineering.