Winter 2012 Bachelor of Science in Information Technology (BScIT)Semester 6 BT0056 Software Testing and Quality Assurance 2 Credits (Book

ok ID: B0649) Assignment Set (30 Marks)

Answer all questions 5 x 6 = 30 1. Explain the origin of the defect distribution in a typical software development life cycle. Discovering the unexpected is more important than confirming the known. In software development, the unexpected one relates to defects. These defects when unattended would cause failure to the product and risk to the users. The increasing dependency of society on software and the crucial consequences that a failure can cause requires the need to find out the defects at the origin itself. The defect framework is based on analyzing the defects that had emerged from various stages of software development like Requirements, Design, Coding, Testing and Timeline (defects due to lack of time during development). Software testing is a critical element of software quality assurance and represents the ultimate process to ensure the correctness of the product. The quality product always enhances the customer confidence in using the product thereby increases the business economics. In other words, a good quality product means zero defects, which is derived from a better quality process in testing. The definition of testing is not well understood. People use a totally incorrect definition of the word testing, and that this is the primary cause for poor program testing. Examples of these definitions are such statements as Testing is the process of demonstrating that errors are not present, The purpose of testing is to show that a program performs its intended functions correctly, and Testing is the process of establishing confidence that a program does what it is supposed to do. Testing the product means adding value to it, which means raising the quality or reliability of the program. Raising the reliability of the product means finding and removing errors. Hence one should not test a product to show that it works; rather, one should start with the assumption that the program contains errors and then test the program to find as many errors as possible. Thus a more appropriate definition is: Testing is the process of executing a program with the intent of finding errors. Purpose of Testing To show the software works: It is known as demonstration-oriented To show the software doesnt work: It is known as destruction-oriented To minimize the risk of not working up to an acceptable level: it is known as evaluation-oriented Need for Testing Defects can exist in the software, as it is developed by human beings who can make mistakes during the development of software. However, it is the primary duty of a software vendor to ensure that software delivered does not have defects and the customers day-to-day operations do not get affected. This can be achieved by rigorously testing the software. The most common origin of software bugs is due to:

Poor understanding and incomplete requirements Unrealistic schedule Fast changes in requirements Too many assumptions and complacency 2.1 Deficiency in Requirements: We accept that testing the software is an integral part of building a system. However, if the software is based on inaccurate requirements then, despite well-written code, the software will be unsatisfactory. Instead of limiting our testing to code, we should start testing as soon as we start work on the requirements for a product. The aim of this work is to find requirements-related defects as early as they can be identified and hence prevent them from being incorporated in the design and implementation. 2.2 Design Flaws: The design should be perfect for software development. It is observed that many projects fail due to poor design. It may be architectural design, conceptual design, database design etc. Much software has been developed, installed and passed to maintenance with a faulty design. The faulty design should be detected and corrected in order to have high customer satisfaction. 2.3 Defective Coding Process: It is observed that many applications reach the final stages without unit testing; review of unit test cases, etc. Due to the lack of these processes, the application is released with uncovered defects, which could have been rectified at an early stage if proper coding processes were in place. If such an application is given to the customer, it will be returned for proper recertification and revalidation. This proves to be costly for the customer as well as the organization. 2.4 Delinquency in Testing: The end of phase reviews or inspection is the key to removal of defects for the development phases; however, for testing phases the testing by itself is the key. When the defects identified by testing are not dealt correctly, it may cause new defect injections. 2.5 Duration Slippage: Software is developed to automate a set of business processes, but the requirements change so frequently that the project gets far behind schedule and the output of the system becomes unreliable. Periodically, the developer is pulled off the project in order to incorporate all the requirements, which makes them fall even further behind the schedule. Due to this busy schedule, there may be many defects in the application. 2. Explain the concept of quality. In SQA, software process specialists and auditors are concerned for the software development process rather than just the artifacts such as documentation, code and systems. They examine and change the software engineering process itself to reduce the number of faults that end up in the delivered software: the so-called "defect rate". What constitutes an "acceptable defect rate" depends on the nature of the software. A flight simulator video game would have much higher defect tolerance than software for an actual airplane. Although there are close links with SQA,

testing departments often exist independently, and there may be no SQA function in some companies. Software testing is a task intended to detect defects in software by contrasting a computer program's expected results with its actual results for a given set of inputs. By contrast, QA (quality assurance) is the implementation of policies and procedures intended to prevent defects from occurring in the first place. Software quality assurance (SQA) consists of a means of monitoring the software engineering processes and methods used to ensure quality. The methods by which this is accomplished are many and varied, and may include ensuring conformance to one or more standards, such as ISO 9000 or a model such as CMMI. 3. Explain the contents of SQA plan. SQA encompasses the entire software development process, which includes processes such as requirements definition, software design, coding, source code control, code reviews, change management, configuration management, testing, release management, and product integration. SQA is organized into goals, commitments, abilities, activities, measurements, and verifications. Planning is one of the most important aspects of Software Quality Assurance. The entire operation of the SQA team depends on how well their planning is done. In smaller businesses, planning might not really dictate the flow of SQA but in larger businesses, SQA Planning takes on center stage. Without it, each component or department that works on the application will be affected and will never function. In gist, SQA Planning tackles almost every aspect of SQAs operation. Through planning, each member and even non-member of the SQA team is clearly defined. The reason for this is very simple: when everyone knows their role and boundaries, there is no overlapping of responsibilities and everyone could concentrate on their roles. But SQA Planning is not only a document that tells who gets to do the specific task. The stages in are also detailed. The whole SQA team will be very busy once the actual testing starts but with SQA, everyones work is clearly laid out. Through planning, the actual state of the application testing is known. Again in smaller businesses, the planning maybe limited to the phase of the application testing but when outlined for corporations, the scenario changes and only through planning that everyone will know where they are and where they are going in terms of SQA. SQA Planning is not just a simple document where objectives are written and stages are clearly stated. Because of the need to standardize software development ensuring the limitation of error, a scientific approach is recommended in developing an SQA plan. Certain standards such as IEEE Std 730 or 983. SQA Plan Content

An SQA Plan is detailed description of the project and its approach for testing. Going with the standards, an SQA Plan is divided into four sections: Software Quality Assurance Plan for Software Requirements; Software Quality Assurance Plan for Architectural Design; Software Quality Assurance Plan for Detailed Design and Production and; Software Quality Assurance Plan for Transfer In the first phase, the SQA team should write in detail the activities related for software requirements. In this stage, the team will be creating steps and stages on how they will analyze the software requirements. They could refer to additional documents to ensure the plan works out. The second stage of SQA Plan or the SQAP for AD (Architectural Design) the team should analyze in detail the preparation of the development team for detailed build-up. This stage is a rough representation of the program but it still has to go through rigorous scrutiny before it reaches the next stage. The third phase which tackles the quality assurance plan for detailed design and actual product is probably the longest among phases. The SQA team should write in detail the tools and approach they will be using to ensure that the produced application is written according to plan. The team should also start planning on the transfer phase as well. The last stage is the QA plan for transfer of technology to the operations. The SQA team should write their plan on how they will monitor the transfer of technology such as training and support. 4. Explain different methods available in white box testing with examples. White box testing is a significant security testing method that testers use to ascertain whether the codes follow the intended or planned design. This test also validates implemented security functionalities and discovers existing vulnerabilities in the system. This test combines principles from two different areas of testing: traditional white box testing techniques and security testing. Unlocking White Box Testing Secrets White box testing has offshoots of many other testing procedures that will compliment the main test with their wonderful features. In essence, white box testing uses six different types of testing, namely, beta, regression, unit, acceptance, function or system, and integration. Here are some details about how these tests work in combination with the white box testing. Unit testing This test is perhaps the most significant test that help you to make the application better. In essence, units are the components that are difficult to break into two or more components. It is quite important to conduct unit testing to ensure that individual units of hardware and software are tested before the particular unit is integrated with other components.

Once the unit is already integrated, it is very difficult to find out where the error is coming from, and thus, the software engineers need to look into every single unit that are within the code base. More than 65% of all errors are found during unit testing. Integration testing This test will be helpful to check how different units of both the hardware and software interact and converse with each other and whether any errors occur during this conversation. In this case, the test cases used are specifically designed to test whether the interfaces of each unit are working together properly. Regression testing This test simply repeats similar tests that had already been conducted in the past. Nevertheless, this is a very important process, because it is used to validate whether the components are still working. In addition, regression testing will also uncover loopholes and vulnerabilities in the system, so you can ensure that the components are still complying with the standards those were set by the developers. 5. Explain the use of SCM process.