Introduction to Software Testing Chapter 1 A Talk in 3 Parts Dan Fleck Jeff Offutt Information & Software Engineering SWE 437 Software Testing www.ise.gmu.edu/~offutt/

A Talk in 3 Parts Why do we test ? What should we do during testing ? How do we get to “the future of testing” ? We are in the middle of a revolution in how software is tested Research is finally meeting practice © Jeff Offutt, 2005-2007

Cost of Testing You’re going to spend about half of your development budget on testing, whether you want to or not. In real-world usage, testing is the principle post-design activity Restricting early testing usually increases cost Extensive hardware-software integration requires more testing Got here 10/30/2008 © Jeff Offutt, 2005-2007

Part 1 : Why Test? If you don’t know why you’re conducting a test, it won’t be very helpful. Written test objectives and requirements are rare How much testing is enough? Common objective – spend the budget … If you don’t know ‘why’ you are conducing a specific test you can’t effectively test © Jeff Offutt, 2005-2007

Why Test? If you don’t start planning for the test at the time the functional requirements are formed, you’ll never know why you’re conducting the test. “The software shall be easily maintainable” Threshold reliability requirements? Requirements definition teams should include testers! © Jeff Offutt, 2005-2007

What are some of the costs of NOT testing? Cost of Not Testing Program Managers often say: “Testing is too expensive.” Not testing is even more expensive Planning for testing after development is prohibitively expensive What are some of the costs of NOT testing? © Jeff Offutt, 2005-2007

Caveat: Impact of New Tools and Techniques Naw - I already don’t plow as good as I know how... They’re teaching a new way of plowing over at the Grange tonight - you going? “Knowing is not enough, we must apply. Willing is not enough, we must do.” Goethe © Jeff Offutt, 2005-2007

Testing in the 21st Century We are going through a time of change Software Defines Behavior network routers financial networks telephone switching networks other infrastructure Embedded Control Applications airplanes spaceships air traffic control systems watches ovens remote controllers Safety critical, real-time software And of course … web apps must be highly reliable! Testing ideas have matured enough to be used in practice PDAs memory seats DVD players garage door openers cell phones average house has 50 processors in it… new cars aprox 100 what we test is changing, and how we test is changing © Jeff Offutt, 2005-2007

Part 2 : What ? But … what should we do ? © Jeff Offutt, 2005-2007

Important Terms Validation & Verification Verification: The process of determining whether the products of a given phase of the software development process fulfill the requirements established during the previous phase (Are we building the product right) Validation : The process of evaluating software at the end of software development to ensure compliance with intended usage (Are we building the right product) IV&V stands for “independent verification and validation” © Jeff Offutt, 2005-2007

Test Engineer & Test Managers Test Engineer : An IT professional who is in charge of one or more technical test activities designing test inputs producing test values running test scripts analyzing results reporting results to developers and managers Test Manager : In charge of one or more test engineers sets test policies and processes interacts with other managers on the project otherwise helps the engineers do their work © Jeff Offutt, 2005-2007

Static and Dynamic Testing Static Testing : Testing without executing the program. This include software inspections and some forms of analyses. Dynamic Testing : Testing by executing the program with real inputs © Jeff Offutt, 2005-2007

Testing Results Dynamic testing can only reveal the presence of failures, not their absence The only validation for non-functional requirements is the software must be executed to see how it behaves Both static and dynamic testing should be used to provide full V&V coverage © Jeff Offutt, 2005-2007

Software Faults, Errors & Failures Software Fault : A static defect in the software Software Error : An incorrect internal state that is the manifestation of some fault Software Failure : External, incorrect behavior with respect to the requirements or other description of the expected behavior Doctor’s patients come in with failures (symptoms)… Doctor must determine the fault (root cause). To find the fault Dr orders tests “glucose, blood” to find errors (or insonstent states) Faults in software are design mistakes and will always exist © Jeff Offutt, 2005-2007

Software Faults, Errors & Failures public static int numZero (int[] x) { // Effects: if x == null throw NullPointerException // else return the number of occurrences of 0 in x int count = 0; for (int i = 1; i < x.length; i++) { if (x[i] == 0) { count++; } } return count; Input [1, 2, 0]  Output is 1 Input [0, 1, 2, 0]  Output is 1 Input [1, 2, 0] - Output is 1 fault, error (i initial state incorrectly 1, not 0)--- no failure Input [0, 1, 2]  output is 0 fault, error, failure © Jeff Offutt, 2005-2007

Testing & Debugging Testing : Finding inputs that cause the software to fail Debugging : The process of finding a fault given a failure © Jeff Offutt, 2005-2007

Three conditions necessary for a failure to be observed Fault & Failure Model Three conditions necessary for a failure to be observed Reachability : The location or locations in the program that contain the fault must be reached Infection : The state of the program must be incorrect Propagation : The infected state must propagate to cause some output of the program to be incorrect © Jeff Offutt, 2005-2007

Some more terminology used in testing… © Jeff Offutt, 2005-2007

Test Case Test Case Values : The values that directly satisfy one test requirement Expected Results : The result that will be produced when executing the test if the program satisfies its intended behavior TTH Class got here © Jeff Offutt, 2005-2007

Observability and Controllability Software Observability : How easy it is to observe the behavior of a program in terms of its outputs, effects on the environment and other hardware and software components Software that affects hardware devices, databases, or remote files have low observability Software Controllability : How easy it is to provide a program with the needed inputs, in terms of values, operations, and behaviors Easy to control software with inputs from keyboards Inputs from hardware sensors or distributed software is harder Data abstraction reduces controllability and observability How do we make software more observable? How about more controlable? © Jeff Offutt, 2005-2007

Top-Down and Bottom-Up Testing Top-Down Testing : Test the main procedure, then go down through procedures it calls, and so on Bottom-Up Testing : Test the leaves in the tree (procedures that make no calls), and move up to the root. Each procedure is not tested until all of its children have been tested © Jeff Offutt, 2005-2007

White-box and Black-box Testing Black-box testing : Deriving tests from external descriptions of the software, including specifications, requirements, and design White-box testing : Deriving tests from the source code internals of the software, specifically including branches, individual conditions, and statements From the code we develop tests --- white box From the requirements we develop tests – black box From the design we develop tests --- unclear This view is really out of date. The more general question is: from what level of abstraction to we derive tests? © Jeff Offutt, 2005-2007

Changing Notions of Testing Old view of testing is of testing at specific software development phases Unit, module, integration, system … New view is in terms of structures and criteria Graphs, logical expressions, syntax, input space Got here Nov 10, 2009 © Jeff Offutt, 2005-2007

Changing Notions of Testing V-model of development Old view of testing is of testing at specific software development phases © Jeff Offutt, 2005-2007

Old : Testing at Different Levels System testing: Test the overall functionality of the system Acceptance testing: Is the software acceptable to the user? main Class P Module testing: Test each class, file, module or component Integration testing: Test how modules interact with each other Class A method mA1() method mA2() Class B method mB1() method mB2() Unit testing: Test each unit (method) individually © Jeff Offutt, 2005-2007

New : Test Coverage Criteria A tester’s job is simple : Define a model of the software, then find ways to cover it Test Requirements: Specific things that must be satisfied or covered during testing Test Criterion: A collection of rules and a process that define test requirements Criterion are a recipe to create test requirements Example: pick all colors of jelly bean, criteria is all flavors must be tested, test requirements then are: test grape, test orange, test strawberry Testing researchers have defined dozens of criteria, but they are all really just a few criteria on four types of structures … © Jeff Offutt, 2005-2007

Example Given a bag of jelly beans, test it. Test Coverage Criteria: Test every flavor Using the criteria we develop Test Requirements ( must test grape, orange, cherry…) Using those requirements we create test cases: Select a jelly bean until you get a grape one. Eat it. Select a jelly bean until you get a cherry one. Eat it. … Idea: the criteria if fully satisfied will fully test our system Got here Mar 23, 2010 © Jeff Offutt, 2005-2007

Lets give it a shot I have a Java application that accepts 3 inputs which are the lengths of sides of a triangle. The program then outputs the type of triangle: equilateral, isosceles, scalene Write a set of test cases to attempt to cover the software. We’ll then test it. A test case simply looks like: 5 5 5 # That would test an equilateral case Is this a white box or black box test you’re writing? Note to self: The code is the softwaretestingtriangle netbeans project. Got here: 11/04/2008 © Jeff Offutt, 2005-2007

Fleck: Coverage Criteria Example Use tools to support testing Netbeans has a code coverage plug-in (other IDEs certainly will also) Given a coverage criteria: cover every line of code, lets score your test case set. Given known code (white box), what would you change about your test set? See softwaretestingtriangle project. © Jeff Offutt, 2005-2007

New : Criteria Based on Structures Structures : Four ways to model software Graphs Logical Expressions Input Domain Characterization Syntactic Structures (not X or not Y) and A and B A: {0, 1, >1} B: {600, 700, 800} C: {swe, cs, isa, infs} if (x > y) z = x - y; else z = 2 * x; © Jeff Offutt, 2005-2007

1. Graph Coverage – Structural 6 5 3 2 1 7 4 Node (Statement) Cover every node 12567 1343567 Edge (Branch) Cover every edge 12567 1343567 1357 Path Cover every path 12567 1257 13567 1357 1343567 134357 … This graph may represent statements & branches methods & calls components & signals states and transitions © Jeff Offutt, 2005-2007

1. Graph Coverage – Data Flow This graph contains: defs: nodes & edges where variables get values uses: nodes & edges where values are accessed def = {x, y} def = {a , m} def = {a} def = {m} 6 5 3 2 1 7 4 use = {x} use = {a} use = {y} use = {m} Defs & Uses Pairs (x, 1, (1,2)), (x, 1, (1,3)) (y, 1, 4), (y, 1, 6) (a, 2, (5,6)), (a, 2, (5,7)), (a, 3, (5,6)), (a, 3, (5,7)), (m, 4, 7), (m, 6, 7) All Defs Every def used once 1, 2, 5, 6, 7 1, 3, 4, 3, 5, 7 All Uses Every def “reaches” every use 1, 2, 5, 6, 7 1, 2, 5, 7 1, 3, 5, 6, 7 1, 3, 5, 7 1, 3, 4, 3, 5,7 Def/Use pairs: (x, 1, (1,2)) – means X is defined in 1 and used on transition 1->2 (y,1,4) – means y is defined in 1 and used at node 4 © Jeff Offutt, 2005-2007

( (a > b) or G ) and (x < y) 2. Logical Expressions ( (a > b) or G ) and (x < y) Transitions Logical Expressions Program Decision Statements Software Specifications © Jeff Offutt, 2005-2007

( (a > b) or G ) and (x < y) 2. Logical Expressions ( (a > b) or G ) and (x < y) Predicate Coverage : Each predicate must be true and false ( (a>b) or G ) and (x < y) = True, False Clause Coverage : Each clause must be true and false (a > b) = True, False G = True, False (x < y) = True, False Combinatorial Coverage : Various combinations of clauses Active Clause Coverage: Each clause must determine the predicate’s result © Jeff Offutt, 2005-2007

2. Logic – Active Clause Coverage ( (a > b) or G ) and (x < y) 1 T F T 2 F F T With these values for G and (x<y), (a>b) determines the value of the predicate duplicate 3 F T T 4 F F T 5 T T T 6 T T F © Jeff Offutt, 2005-2007

3. Input Domain Characterization Describe the input domain of the software Identify inputs, parameters, or other categorization Partition each input into finite sets of representative values Choose combinations of values System level Number of students { 0, 1, >1 } Level of course { 600, 700, 800 } Major { swe, cs, isa, infs } Unit level Parameters F (int X, int Y) Possible values X: { <0, 0, 1, 2, >2 }, Y : { 10, 20, 30 } Tests F (-5, 10), F (0, 20), F (1, 30), F (2, 10), F (5, 20) Course run this semester? as an indep study? or cancelled Equivalence Partition in the Pressman book © Jeff Offutt, 2005-2007

Input Domain Characterization (Equivalence Partitioning) Given a program that tells you what game to play, given a number of people available: Spades (card game) - 1-3 players Hearts (card game) - 1-3 players Settlers of Cataan - 4 - 10 players Taboo - > 10 players Apples to Apples - > 10 players © Jeff Offutt, 2005-2007

Input Domain Characterization (Equivalence Partitioning) 3 11 4 7 10 < 4 Between 4 and 10 > 10 Number of input values 9999 100000 10000 50000 99999 geenerally problems exist at the boundaries… test the boundaries. < 10000 Between 10000 and 99999 > 99999 © Jeff Offutt, 2005-2007

4. Syntactic Structures Based on a grammar, or other syntactic definition Primary example is mutation testing Induce small changes to the program: mutants Find tests that cause the mutant programs to fail: killing mutants Failure is defined as different output from the original program Check the output of useful tests on the original program Example program and mutants if (x > y) if (x >= y) z = x - y;  z = x + y;  z = x – m; else z = 2 * x; if (x > y) z = x - y; else z = 2 * x; In step 4 the tests should all pass… and you know you have covered your whole program try it with your mujava demo. © Jeff Offutt, 2005-2007

Lets Try It… Note to self….See javacode/MuJava and homework/Mujava Description of mutation operators http://cs.gmu.edu/~offutt/mujava/mutopsClass.pdf http://cs.gmu.edu/~offutt/mujava/mutopsMethod.pdf © Jeff Offutt, 2005-2007

Coverage Given a set of test requirements TR for coverage criterion C, a test set T satisfies C coverage if and only if for every test requirement tr in TR, there is at least one test t in T such that t satisfies tr Infeasible test requirements : test requirements that cannot be satisfied No test case values exist that meet the test requirements Dead code Detection of infeasible test requirements is formally undecidable for most test criteria © Jeff Offutt, 2005-2007

Coverage Example Execute Node 1, Execute Node 2, Exceute Node … Coverage Criteria: test every node Test Requirements: Execute Node 1, Execute Node 2, Exceute Node … Test Set: Test Case 1: 1,2,5,6,7 Test Case 2: 1,3,4,3,5,7 6 5 3 2 1 7 4 Criteria give you a recipe for test requirements © Jeff Offutt, 2005-2007

Two Ways to Use Test Criteria Directly generate test values to satisfy the criterion often assumed by the research community most obvious way to use criteria. Very hard without automated tools Generate test values externally and measure against the criterion usually favored by industry sometimes misleading if tests do not reach 100% coverage, what does that mean? © Jeff Offutt, 2005-2007

How to use Coverage Criteria (Direct method) Define your representation of the system as one of the four models Graph Logical Expression Input Domain Syntactic Structure Determine your criteria What rule will you use (some examples.. There are many more!) We will cover every edge in the graph We will verify each boolean clause as true and false We will verify one value in each input partition (equivalence class) Using that criteria, determine the set of Test Requirements you need to satisfy your criteria Must cover graph edge (2,5), (1,6), (4,1), … Create the test cases that satisfy your test criteria © Jeff Offutt, 2005-2007

Example – Direct Method Model model PickSideKick.java as a graph. A block of statements should be modelled as a If there is a decision point, break off into two blocks Generate some mutants Write test cases that kill the mutants Example: stmt 1; stmt 2; if x==1 stmt 3 stmt 4 else stmt 5 stmt 6 B x == 1 A E C I would avoid step 3 if I was you © Jeff Offutt, 2005-2007

Example – PickSideKick Mutants Line 72: if (currentPowers == null && currentPowers.length == 0) { Line 78: if (age++ > 18) Line 88: (needClaws() && afraidOfLoudNoises()) Line 100: return "Lois Lane”+”Lois Lane”; Line 124: for (int i=10; i<10000; i++) { Line 127: return !true; You can’t do it… I don’t even know why you’re trying! © Jeff Offutt, 2005-2007

Generators and Recognizers Generator : A procedure that automatically generates values to satisfy a criterion Recognizer : A procedure that decides whether a given set of test values satisfies a criterion Both problems are provably undecidable for most criteria It is possible to recognize whether test cases satisfy a criterion far more often than it is possible to generate tests that satisfy the criterion Coverage analysis tools are quite plentiful Got here: Mar 24, 2010 (Early class)– need to make sure to go back and cover direct generation versus verification Recognizers are undecideable only because of infeasible rqmts. © Jeff Offutt, 2005-2007

Some Tools Static Analysis Tools Unit Testing Coverage Analysis Tool FindBugs - Finds MANY categories of bugs Checkstyle - coding standard violations PMD - Maybe a lot more, but seems to be mainly unused variables, also cut-n-paste code. Jamit - Java Access Modifier Inference Tool - find tighter access modifiers UPDATE Spring2010: SQE: A nice integration with Netbeans: http://kenai.com/projects/sqe/pages/Home http://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis Unit Testing Junit – see UnitTesting Slides Coverage Analysis Tool Netbeans Plugins - Unit Tests Code Coverage Plugin Mutation Testers http://www.mutationtest.net/twiki/bin/view/Resources/WebHome Got here Mar 25, 2010 (late class) © Jeff Offutt, 2005-2007

Unit Testing See unit testing slides © Jeff Offutt, 2005-2007

Test Coverage Criteria Traditional software testing is expensive and labor-intensive Formal coverage criteria are used to decide which test inputs to use More likely that the tester will find problems Greater assurance that the software is of high quality and reliability A goal or stopping rule for testing Criteria makes testing more efficient and effective Got here Nov 19, 2009 --- night class But how do we start to apply these ideas in practice? © Jeff Offutt, 2005-2007

Static Verification Don’t forget about static verification using people! Automated static inspection tools are very effective as an aid to inspections - they are a supplement to but not a replacement for human inspections. Formal or informal inspections (peer reviews) Semi-formal approach to document reviews Intended explicitly for defect detection (not correction). Defects may be logical errors, anomalies in the code that might indicate an erroneous condition (e.g. an uninitialised variable) or non-compliance with standards. © Jeff Offutt, 2005-2007

Now we know what and why … Part 3 : How ? Now we know what and why … How do we get there ? © Jeff Offutt, 2005-2007

Testing Levels Based on Test Process Maturity Level 0 : There's no difference between testing and debugging Level 1 : The purpose of testing is to show correctness Level 2 : The purpose of testing is to show that the software doesn't work Level 3 : The purpose of testing is not to prove anything specific, but to reduce the risk of using the software Level 4 : Testing is a mental discipline that helps all IT professionals develop higher quality software © Jeff Offutt, 2005-2007

This is what we teach undergraduate CS majors Level 0 Thinking Testing is the same as debugging Does not distinguish between incorrect behavior and mistakes in the program Does not help develop software that is reliable or safe This is what we teach undergraduate CS majors before CS 421  © Jeff Offutt, 2005-2007

This is what hardware engineers often expect Level 1 Thinking Purpose is to show correctness Correctness is impossible to achieve What do we know if no failures? Good software or bad tests? Test engineers have no: Strict goal Real stopping rule Formal test technique Test managers are powerless This is what hardware engineers often expect © Jeff Offutt, 2005-2007

Level 2 Thinking This describes most software companies. Purpose is to show failures Looking for failures is a negative activity Puts testers and developers into an adversarial relationship What if there are no failures? This describes most software companies. How can we move to a team approach ?? © Jeff Offutt, 2005-2007

This describes a few “enlightened” software companies Level 3 Thinking Testing can only show the presence of failures Whenever we use software, we incur some risk Risk may be small and consequences unimportant Risk may be great and the consequences catastrophic Testers and developers work together to reduce risk This describes a few “enlightened” software companies © Jeff Offutt, 2005-2007

Level 4 Thinking This is the way “traditional” engineering works A mental discipline that increases quality Testing is only one way to increase quality Primary responsibility to measure and improve software quality Their expertise should help the developers Like spell checkers… spell checkers best use is to teach us how to spell… every error found is an opportunity to learn to spell better. Testers expertise can help train the developers how to be better developers by finding places to increase quality. This is the way “traditional” engineering works © Jeff Offutt, 2005-2007

Summary More testing saves money Testing is no longer an “art form” Planning for testing saves lots of money Testing is no longer an “art form” Engineers have a tool box of test criteria When testers become engineers, the product gets better The developers get better Automated tools can help a lot, but don’t do the whole job © Jeff Offutt, 2005-2007

Introduction to Software Testing Chapter 1 A Talk in 3 Parts Jeff Offutt Software Testing and Maintenance
SWE 437 http://cs.gmu.edu/~offutt/classes/437/ www.ise.gmu.edu/~offutt/

Test Cases Unit and System Test Cases Lets have a look… © Jeff Offutt, 2005-2007