Software Testing Strategies

Software Testing Testing is the process of exercising a program with the specific intent of finding errors prior to delivery to the end user.

What Testing Shows errors requirements conformance performance an indication of quality

Strategic Approach For Software Testing To perform effective testing, you should conduct effective technical reviews. By doing this, many errors will be eliminated before testing commences. Testing begins at the component level and works "outward" toward the integration of the entire computer-based system. Different testing techniques are appropriate for different software engineering approaches and at different points in time. Testing is conducted by the developer of the software and (for large projects) an independent test group. Testing and debugging are different activities, but debugging must be accommodated in any testing strategy.

V & V Verification refers to the set of tasks that ensure that software correctly implements a specific function. Validation refers to a different set of tasks that ensure that the software that has been built is traceable to customer requirements. Boehm [Boe81] states this another way: Verification: "Are we building the product right?" Validation: "Are we building the right product?"

Who Tests the Software? developer independent tester Understands the system but, will test "gently" and, is driven by "delivery" Must learn about the system, but, will attempt to break it and, is driven by quality

Testing Strategy Unit test Integration test Validation test System engineering Analysis modeling Design modeling Code generation Unit test Integration test Validation test System test

Initially, tests focus on each component individually, ensuring that it functions properly as a unit. Hence, the name unit testing. Unit testing makes heavy use of testing techniques that exercise specific paths in a component’s control structure to ensure complete coverage and maximum error detection. Next, components must be assembled or integrated to form the complete software package. Integration testing addresses the issues associated with the dual problems of verification and program construction. After the software has been integrated (constructed), a set of high- order tests is conducted. Validation criteria (established during requirements analysis) must be evaluated. Validation testing provides final assurance that software meets all informational, functional, behavioral, and performance requirements. Software, once validated, must be combined with other system elements (e.g., hardware, people, databases). System testing verifies that all elements mesh properly and that overall system function/performance is achieved. Software Testing Steps

Testing Strategy We begin by ‘testing-in-the-small’ and move toward ‘testing-in-the-large’ For conventional software The module (component) is our initial focus Integration of modules follows For OO software Our focus when “testing in the small” changes from an individual module (the conventional view) to an OO class that encompasses attributes and operations and implies communication and collaboration

Strategic Issues Tom Gilb [Gil95] argues that a software testing strategy will succeed when software testers: Specify product requirements in a quantifiable manner long before testing commences. State testing objectives explicitly. Understand the users of the software and develop a profile for each user category. Develop a testing plan that emphasizes “rapid cycle testing.” Build “robust” software that is designed to test itself Use effective technical reviews as a filter prior to testing Conduct technical reviews to assess the test strategy and test cases themselves. Develop a continuous improvement approach for the testing process.

Unit Testing module to be tested test cases results software engineer

Unit Testing Module To be Tested Interface Local data structures Boundary conditions Independent paths Error handling paths Module To be Tested Test cases

Unit Test Procedures (Contd..) Module stub driver RESULTS interface local data structures boundary conditions independent paths error handling paths test cases

Unit Test Procedures (Contd..) Because a component is not a stand-alone program, driver and/or stub software must often be developed for each unit test. driver is nothing more than a “main program” that accepts test case data, passes such data to the component (to be tested), and prints relevant results. Stubs serve to replace modules that are subordinate (invoked by) the component to be tested. A stub or “dummy subprogram” uses the subordinate module’s interface, may do minimal data manipulation, prints verification of entry, and returns control to the module undergoing testing. Drivers and stubs represent testing “overhead.” That is, both are software that must be written (formal design is not commonly applied) but that is not delivered with the final software product.

Integration Testing Strategies Options: • The “big bang” approach • An incremental construction strategy

Top Down Integration The integration process is performed in a series of five steps: The main control module is used as a test driver and stubs are substituted for all components directly subordinate to the main control module. Depending on the integration approach selected (i.e., depth or breadth first), subordinate stubs are replaced one at a time with actual components. Tests are conducted as each component is integrated. On completion of each set of tests, another stub is replaced with the real component. Regression testing (discussed later in this section) may be conducted to ensure that new errors have not been introduced.

Bottom-Up Integration A bottom-up integration strategy may be implemented with the following steps: Low-level components are combined into clusters (sometimes called builds) that perform a specific software subfunction. A driver (a control program for testing) is written to coordinate test case input and output. The cluster is tested. Drivers are removed and clusters are combined moving upward in the program structure.

Sandwich Testing Top modules are tested with stubs Worker modules are grouped into builds and integrated A B C D E F G cluster Sandwich Testing is an approach to combine top down testing with bottom up testing.  In this approach the usage of Stubs (Called Program) and Drivers (Calling Program) are used by the programmer's wherever the programs are incomplete.

Regression Testing Regression testing is the re-execution of some subset of tests that have already been conducted to ensure that changes have not propagated unintended side effects Whenever software is corrected, some aspect of the software configuration (the program, its documentation, or the data that support it) is changed. Regression testing helps to ensure that changes (due to testing or for other reasons) do not introduce unintended behavior or additional errors. Regression testing may be conducted manually, by re-executing a subset of all test cases or using automated capture/playback tools.

Smoke Testing A common approach for creating “daily builds” for product software Smoke testing steps: Software components that have been translated into code are integrated into a “build.” A build includes all data files, libraries, reusable modules, and engineered components that are required to implement one or more product functions. A series of tests is designed to expose errors that will keep the build from properly performing its function. The intent should be to uncover “show stopper” errors that have the highest likelihood of throwing the software project behind schedule. The build is integrated with other builds and the entire product (in its current form) is smoke tested daily. The integration approach may be top down or bottom up.

Smoke Testing Integration risk is minimized. McConnell [McC96] describes the smoke test in the following manner: The smoke test should exercise the entire system from end to end. It does not have to be exhaustive, but it should be capable of exposing major problems. The smoke test should be thorough enough that if the build passes, you can assume that it is stable enough to be tested more thoroughly.   Smoke testing provides a number of benefits when it is applied on complex, timecritical software projects: Integration risk is minimized. The quality of the end product is improved. Error diagnosis and correction are simplified. Progress is easier to assess.

Object-Oriented Testing Begins by evaluating the correctness and consistency of the analysis and design models Testing strategy changes The concept of the ‘unit’ broadens due to encapsulation Integration focuses on classes and their execution across a ‘thread’ or in the context of a usage scenario Validation uses conventional black box methods Test case design draws on conventional methods, but also encompasses special features

OO Testing Strategy Class testing is the equivalent of unit testing Operations within the class are tested The state behavior of the class is examined Integration applied three different strategies Thread-based testing—integrates the set of classes required to respond to one input or event Use-based testing—integrates the set of classes required to respond to one use case Cluster testing—integrates the set of classes required to demonstrate one collaboration

WebApp Testing I The content model for the WebApp is reviewed to uncover errors. The interface model is reviewed to ensure that all use cases can be accommodated. The design model for the WebApp is reviewed to uncover navigation errors. The user interface is tested to uncover errors in presentation and/or navigation mechanics. Each functional component is unit tested.

WebApp Testing II Navigation throughout the architecture is tested. The WebApp is implemented in a variety of different environmental configurations and is tested for compatibility with each configuration. Security tests are conducted in an attempt to exploit vulnerabilities in the WebApp or within its environment. Performance tests are conducted. The WebApp is tested by a controlled and monitored population of end-users. The results of their interaction with the system are evaluated for content and navigation errors, usability concerns, compatibility concerns, and WebApp reliability and performance.

Validation testing Validation testing Software validation is achieved through a series of tests that demonstrate conformity with requirements. A test plan outlines the classes of tests to be conducted, and a test procedure defines specific test cases that are designed to ensure that all functional requirements are satisfied, all behavioral characteristics are achieved, all content is accurate and properly presented, all performance requirements are attained, documentation is correct, and usability and other requirements are met (e.g., transportability, compatibility, error recovery, maintainability). Alpha testing The alpha test is conducted at the developer’s site by a representative group of end users. The software is used in a natural setting with the developer “looking over the shoulder”. Beta testing The beta test is conducted at one or more end-user sites. Unlike alpha testing, the developer generally is not present. Therefore, the beta test is a “live” application of the software in an environment that cannot be controlled by the developer.

System testing Recovery testing Security testing Stress testing Forces the software to fail in a variety of ways and verifies that recovery is properly performed Security testing Verifies that protection mechanisms built into a system will, in fact, protect it from improper penetration Stress testing Executes a system in a manner that demands resources in abnormal quantity, frequency, or volume sensitivity testing Variation of stress testing. In some situations (the most common occur in mathematical algorithms), a very small range of data contained within the bounds of valid data for a program may cause extreme and even erroneous processing or profound performance degradation. Performance testing Test the run-time performance of software within the context of an integrated system Deployment testing

Debugging: A Diagnostic Process Debugging occurs as a consequence of successful testing. That is, when a test case uncovers an error, debugging is the process that results in the removal of the error. The debugging process will usually have one of two outcomes: (1) the cause will be found and corrected or (2) the cause will not be found.

The debugging process begins with the execution of a test case. Results are assessed and a lack of correspondence between expected and actual performance is encountered. In many cases, the noncorresponding data are a symptom of an underlying cause as yet hidden. The debugging process attempts to match symptom with cause, thereby leading to error correction. The debugging process

Consequences of Bugs damage mild annoying disturbing serious extreme catastrophic infectious Bug Type Bug Categories: function-related bugs, system-related bugs, data bugs, coding bugs, design bugs, documentation bugs, standards violations, etc.

Debugging Techniques Brute force / testing Backtracking Induction Deduction

Correcting the Error Is the cause of the bug reproduced in another part of the program? In many situations, a program defect is caused by an erroneous pattern of logic that may be reproduced elsewhere. What "next bug" might be introduced by the fix I'm about to make? Before the correction is made, the source code (or, better, the design) should be evaluated to assess coupling of logic and data structures. What could we have done to prevent this bug in the first place? This question is the first step toward establishing a statistical software quality assurance approach. If you correct the process as well as the product, the bug will be removed from the current program and may be eliminated from all future programs.

Final Thoughts Think -before you act to correct Use tools to gain additional insight If you’re at an impasse, get help from someone else Once you correct the bug, use regression testing to uncover any side effects

THANKS…