Академический Документы
Профессиональный Документы
Культура Документы
LECTURE # 9
SOFTWARE TESTING - II
BLACK BOX TESTING
Email: ali.javed@uettaxila.edu.pk
Contact No: +92-51-9047747
Office hours:
Monday, 11:00AM - 01:00PM, Office # 7
An ideal test case single handedly uncovers a class of errors e.g incorrect processing of all
character data that might otherwise require many cases to be executed before the general
error is observed.
Equivalence Partitioning strives to define the test case that uncovers classes of errors, there by
reducing the total number of test cases that must be developed.
An equivalence class represents a set of valid or invalid states for input conditions.
Input, output
domain
Dr. Ali Javed
Equivalence Class Partitioning Testing
Identify equivalence classes
Fail
Example: write test case for “ if a pupil has total score >= 75, he will be
past the exam, otherwise will fail ”, using equivalence partitioning.
Conditions Valid Invalid
equivalence equivalence Test case:
class class
Total score 1. >=75 2. <75 • 1, 5
3. Null
4. String
• 2, 6
Result of the 5. Pass • 3, 7
exam 6. Fail
7. Error message • 4, 7
Minimum
Just above the minimum
A nominal value
Maximum
The term first originates from a class project at the University of Wisconsin
1988 although similar techniques have been used in the field of quality
assurance, where they are referred to as robustness testing or negative
testing.
Other studies show than an average of 22 to 54% of all client reported defects are caused by
missing cases.
In such situations each version can be tested with the same test data to ensure that all provide
identical output
Then all versions are executed in parallel with real time comparison of results to ensure
consistency
These independent versions form the basis of black box testing technique called comparison
testing or back-to-back testing
End to End Testing is usually executed after functional and system testing. It uses actual
production like data and test environment to simulate real-time settings. End-to-End testing
is also called Chain Testing
This process involves translating all native language strings to the target language and customizing the GUI
so that it is appropriate for the target market
Localization testing checks how well the build has been translated into a particular target language (e.g.,
Japanese product for Japanese user).
We should invite the local staff to help our localization testing by checking the quality of translation as well.
It occurs after unit testing and before system and validation testing.
1. The main control module is used as test driver and stubs are
substituted for all components directly subordinate to the main module.
This approach is helpful only when all or most of the modules of the same development level are
ready.
Test A,B,C, D
Top and Bottom Layer Tests can Does not test the individual subsystems
be done in parallel and their interfaces thoroughly before
integration
Example: Using automation software to simulate 500 users logging into a web site and performing end-
user activities at the same time.
Example: Typing at 120 words per minute for 3 hours into a word processor.
Recovery testing is the forced failure of the software in a variety of ways to verify that recovery
is properly performed.
While an application is running, suddenly restart the computer, and afterwards check the validness of the
application's data integrity.
While an application is receiving data from a network, unplug the connecting cable. After some time, plug
the cable back in and analyze the application's ability to continue receiving data from the point at which
the network connection disappeared.
Restart the system while a browser has a definite number of sessions. Afterwards, check that the browser is
able to recover all of them.
Re-executes some or all existing test cases to exercise code that was tested in a previous release
or previous test cycle.
Performed when previously tested code has been re-linked such as when:
The probability of changing the program correctly on the first try is only 50% if the change
involves 10 or fewer lines of code.
The probability of changing the program correctly on the first try is only 20% if the change
involves around 50 lines of code.
When testing a program to determine if a change has introduced errors in the unchanged code,
you are performing “regression testing.”
Re- test - Retesting means we testing only the certain part of an application again and not
considering how it will effect in the other part or in the whole application.
All black box test design methods apply to both progressive and regressive testing. Eventually, all
your “progressive” tests should become “regression” tests.
The Testing Group performs a lot of Regression Testing because most Landmark development
projects are adding enhancements (new functionality) to existing programs. Therefore, the existing
code (code that did not change) must be regression tested.
Example: In case of an ATM machine software, consider the various operations of ATM
like “Withdrawl Cash”, “Balance Inquiry”, “Transfer Cash” as different states, then the
defects that arise from Moving from the state of Menu selection to Withdrawl cash
appears under State Transition Testing
This testing is typically done by the software testing engineer in conjunction with the
configuration manager.
Process of installing your software could be different for different platforms. It could
be a neat GUI for windows or plain command line for Unix boxes.
Negative cases like insufficient memory, aborted installation should also be covered as
part of installation testing.
If software are distributed from Internet, test cases should be included for
Bad network speed and broken connection.
Firewall and security related.
Size and approximate time taken.
Concurrent installation/downloads
Security Scanning
It is the combination of Scanning and manual verification of the system and applications.
Risk Assessment
Is a method of analyzing and deciding the risk that depends upon the type of loss and the
possibility / probability of loss occurrence.
Risk assessment is carried out in the form of various interviews, discussions and analysis of the
same.
Security Auditing involves hands on internal inspection of Operating Systems and Applications,
often via line-by-line inspection of the code.
It combines Security Scanning, Ethical Hacking and Risk Assessments to show an overall Security
Posture of the organization.
Security Posture Assessment (SPA) is meant to establish the current baseline security of the network
and systems by discovering known vulnerabilities and weaknesses, with the intention of providing
incremental improvements to tighten the security of the network and systems.
Password Cracking
So for example a web form may work fine using Firefox. And the web form may
work fine if the user selects England as the location. But it may have an error if both
Firefox is used and England is selected. This pair causes an error where neither alone
causes an error.
Simple
Alpha Testing
Beta Testing
When custom software is built for one customer, a series of acceptance tests are conducted to
enable the customer to validate all requirements
An acceptance test can range from an informal test drive to a planned and systematically
executed series of tests
Software developers often distinguish acceptance testing by the system provider from
acceptance testing by the customer (the user or client) prior to accepting transfer of ownership.
In the case of software, acceptance testing performed by the customer is known as user
acceptance testing (UAT), end-user testing, site (acceptance) testing, or field (acceptance)
testing
In this type of testing, the users are invited at the development center where they use the
application and the developers note every particular input or action carried out by the user.
Any type of abnormal behavior of the system is noted.