Software Quality Assurance Lecture #8 By: Faraz Ahmed

Contents 0 Course Outline 0 Marks Distribution 0 Fundamentals of Quality Assurance 0 Discussion 0 Reference

Static Testing 0 Uses a checklist to identify whether standards are being followed. 0 Code is not actually run for this testing. Skimming of code is done. Coding, integrating and deploying. 0 Can occur in Coding, integrating and deploying. 0 Walkthroughs and inspections are types of static testing

Static Testing 0 Usually done to check completeness (verification aspect) 0 Cost of bugs in this phase? 0 List of Static testing tools can be found in wikipedia 0 TASK #1: Show me how to use any one of the tools available for static testing.

Dynamic Testing 0 Involves actually running the software 0 Part of the validation aspect 0 Examples include Unit tests, Integration tests, System tests and acceptance tests.

Black box testing 0 Takes an external perspective of the software 0 Assumes that the complexities do not exist, and just test the system using inputs and checking the outputs.

Black box testing 0 Should make use of randomly generated inputs. 0 An input range should be provided by the developer. 0 Extreme cases should be checked. 0 Outliers should be checked for robustness. 0 Stress and crash testing should also be performed.

Black box testing 0 Also known as functional testing 0 Examples are stress testing, recovery testing and user acceptance testing. 0 Divided into two types: User required and User not required.

BB where user not required! 0 Functional Testing: the software is tested for the functional requirements. 0 Stress Testing: The application is tested against heavy load such as complex numerical values, large number of inputs, large number of queries etc.

BB where user not required! 0 Functional Testing: the software is tested for the functional requirements. 0 Stress Testing: The application is tested against heavy load such as complex numerical values, large number of inputs, large number of queries etc. while depriving the system of resources.

BB where user not required! 0 Load Testing : The application is tested against heavy loads (representative loads/ Maximum sustainable loads) or inputs such as testing of web sites in order to find out at what point the web-site/application fails or at what point its performance degrades.

BB where user not required! 0 Ad-hoc Testing: This type of testing is done without any formal Test Plan or Test Case creation. helps testers in learning the application prior starting with any other testing. 0 Usability Testing

BB where user not required! 0 Smoke Testing: is done in order to check if the application is ready for further major testing and is working properly without failing up to least expected level. 0 Recovery Testing: done in order to check how gracefully the application can recover against any type of crash or hardware failure etc.

BB where users required! 0 User Acceptance Testing: the software is handed over to the user in order to find out if the software meets the user expectations and works as it is expected to.

BB where users required! 0 Alpha Testing: the users are invited at the development center where they use the application and the developers note every particular input or action carried out by the user. Any type of abnormal behavior of the system is noted and rectified by the developers.

BB where users required! 0 Beta Testing: In this type of testing, the software is distributed as a beta version to the users and users test the application at their sites. As the users explore the software, in case if any exception/defect occurs that is reported to the developers. 0 How are the defects reported?

White box testing 0 Knowledge of how the system is implemented. 0 Analyses data flow, control flow, coding practices and exception handling. 0 Focus on security testing and looking for vulnerabilities like sql injection 0 A tester has to think like an attacker/hacker.

White box testing 0 TASK #2: What do you understand by Gray-box testing? 0 Testing techniques: 0 Data-Flow Analysis 0 Code-based fault injection 0 Abuse cases (utilizing known attack patterns) 0 Code Coverage Analysis (eliminate risks such as trojan horse)

White box testing 0 TASK #3: Explore a coverage analysis tool.

Unit Testing 0 The goal of unit testing is to isolate each part of the program and show that the individual parts are correct 0 Test driven development ?

Requirements Testing 0 If the requirements are wrong, there would be no outcome of testing the application. 0 The quality gateway: as soon as we get a requirement, we outline its possible defects and try to gauge whether they would disrupt our design. 0 Make the requirements measurable.

Quantifiable requirements 0 Make the requirement quantifiable, so that the solution can be measured. 0 Example might be the time it takes a page to load. 0 Consider the question, what would it take to not meet the requirement?

Non-Quantifiable requirements 0 We can convert these into quantifiables by going through what the client might mean from them. 0 Consider the question, what would it take to not meet the requirement?

Regression Testing 0 Regression testing : testing which seeks to uncover bugs. Regression bugs occur whenever software functionality that previously worked as desired, stops working or no longer works in the same way that was previously planned. 0 Common methods of regression testing include re- running previously run tests

Regression Testing 0 Local - changes introduce new bugs. 0 Unmasked - changes unmask previously existing bugs. 0 Remote - Changing one part breaks another part of the program

Error handling testing 0 It determines the ability of applications system to process the incorrect transactions properly 0 Errors encompass all unexpected conditions. 0 In some system approx. 50% of programming effort will be devoted to handling error condition.

Manual testing 0 To test the system more thoroughly 0 There is no alternative to it.

Quiz 0 Why doesn’t the developer do the black box testing?