Professional Documents
Culture Documents
Smartcard Document
Smartcard Document
INTRODUCTION
1.1 About the project:
As per the facility of the patients the Hospital management introduces Smart Card like one year smart card, two years smart card and lifelong smart card. So first the patient has to choose smart card according to patient requirements, depending on smart card the patient get the discount on medical bills. The patients who are willing to take the card, depending on card span, they have to pay card value to the Organization. According to the patient needs the hospital management introduce Smart Card Schemes like one year smart card, two year smart card and lifelong SmartCards. First Patient chooses the smart card according to the patient requirement, depending on Smart card patient get the discount on medical bill. Every person who is willing to take the smart cards, depending on card value, first they pay Card Value to Organization. This information is shared to all the branches of the Hospital group so that they can maintain global information of the group. If the subscriber of the Smart Card is suffering with ill health they will be given initial treatment without any consultancy charges. According to Customer Requirements the customer choose card.During the card validity period, if the customer joined the hospital, the customer get the discount of the total Hospital bill, depending on the card discount. The hospital must be tie up with the Hospital Group.If the Hospital not ties up with the Hospital Group, the patients do not get the any Discount. Customers get the discount if the card is valid.
JNDI: Java Naming and Directory Interface URL: Uniform Resource Locator UML: Unified Modelling Language JTS: Java Transaction Service ICS: Integrated Circuit Card IEEE: Institute of Electrical and Electronics Engineers DFD: Data Flow Diagram
1.1.2 Scope:
The scope of the project mainly targets on common people where the process of carrying reports and maintaining data becomes easy to the customers as well as hospital management, and the data present in the smartcard is hidden to the outside world i.e. data will be secure .
1.1.3 Objectives:
Smart cards that are to be developed should be targeted as follows:
Smart cards that are to be developed should hold up to 32 KB of data, while magnetic cards as seen earlier can hold only around 1000 bits. This allows the card-transaction participants (Card name, acquiring bank, issuing branch, etc.) to store a lot of additional information on the card. Data on a smart card sholuld be protected against unauthorized viewing. As a result of this confidential data (PIN, Passwords) can be stored on a smart card. This means, merchants do not have to go online every time to authenticate a registration.
Just one card can be used as your license to get treatment at any hospital throughout the state.
1.2
Hardware requirements:
Pentium processor RAM Capacity Hard Disk Floppy disk CD-ROM Drive KEYBOARD 233 MHZ or above 128MB 20GB 1.44 MB 32 HZ 108 Standard
Software Requirements:
Windows 95/98/NT/2000 IE Java Web Server2.0,T omcat5.0 Oracle JDBC Java(JDK), Servlets (JSDK), HTML.
2. TECHNOLOGIES USED
2.1 Java:
Java language was developed by James Gosling and his team at sun micro
systems and released formally in 1995. Its former name is oak. Java Development Kit 1.0
was released in 1996. To popularize java and is freely available on Internet.Java is loosely based on C++ syntax, and is menat to be Object-Oriented Structure of java is midway between an interpreted and a compiled language. Java programs are compiled by the java compiler into Byte Codes which are secure and portable across different
platforms. These byte codes are essentially instructions encapsulated in single type, to
what is known as ajava virtual machine (JVM) which resides instandard browser.Jvm verifies these byte codes when downloaded by the browser for integrity. Jvm s available for almost all OS. JVM converts these byte codes into machine specific instructions at runtime.
Features of Java:
polymorphism and dynamicbinding, but does not support multiple inheritance.every thing in java is an object except some primitive datatypes.
Java is portable architecture neutral that is java programs once compiled
Java is robust, secured, high performing and dynamic in nature. Java supports multithreading. There for different parts of the program can be executed at the same time.
Java Environment:
Java environment includes a large no.of tools which are part of the system known as java development kit (JDK) and hundreds of classes, methods, and interfaces grouped into packages forms part of java standard library (JSL).
Java Architecture:
Java architecture provides a portable, robust, high performing environment for development. Java provides portability by compiling the byte codes for the java virtual machine which are then interpreted on each platform by the runtime environment.
Javaalso provides stringent compile and runtime checking and automatic memory
Paradigm of Java:
Dynamic down loading applets(small application programs); Elimination of flatware phenomenon that is providing those features of a product that user needs at a time. The remaining features of a product can remain in the server. Changing economic model of the software Up-to-date software availability Supports network entire computing Supports CORBA & DCOM
2.2 HyperTextMarkupLanguage(HTML):
HTML (hyper text markup language) is a language used to create hyper text documents that have hyper links embedded in them. It consists of tags embedded in the text of a document with HTML. We can build web pages or web document s. it is basically a formatting language and not a programming language. The browser reading the document interprets mark up tags to help format the document for subsequent display to a reader. HTML is a language for describing structured documents. HTML is a platform independent. WWW (World Wide Web) pages are written using HTML. HTML tags control in part the representation of the WWW page when view with web browser. The browser interpretes HTML tags in the web document and displays it. Different browsers show data differently. Examples of browsers used to be web pages include: Netscape Internet Explorer
JDBC Architecture:
Java application calls the JDBC library. JDBC loads a driver which talks to the database. We can change database engines without changing database code.
1. Loading a database driver:In this step of the jdbc connection process, we load the driver class by calling Class.forName() with the Driver class name as an argument. Once loaded, the Driver class creates an instance of itself. A client can connect to Database Server through JDBC Driver. Since most of the Database servers support ODBC driver therefore JDBC-ODBC Bridge driver is commonly used.
Three kinds of Statements Statement: Execute simple SQL queries without parameters. Statement createStatement() Creates an SQL Statement object. Prepared Statement: Execute precompiled sql queries with or without parameters. PreparedStatementprepareStatement(String sql) returns a new PreparedStatement object. PreparedStatement objects are precompiled SQL statements. Callable Statement: Execute a call to a database stored procedure. CallableStatementprepareCall(String sql) returns a new CallableStatement object. CallableStatement objects are SQL stored procedure call statements.
4. Executing a SQL statement with the Statement object, and returning a jdbcresultSet:
Statement interface defines methods that are used to interact with database via the execution of SQL statements. The Statement class has three methods for executing statements: executeQuery(), executeUpdate(), and execute(). For a SELECT statement, the method to use is executeQuery . For statements that create or modify tables, the method to use is executeUpdate. Note: Statements that create a table, alter a table, or drop a table are all examples of DDL statements and are executed with the method executeUpdate. execute() executes an SQL statement that is written as String object. ResultSet provides access to a table of data generated by executing a Statement. The table rows are retrieved in sequence. A ResultSet maintains a cursor pointing to its current row of data. The next() method is used to successively step through the rows of the tabular results. ResultSetMetaData Interface holds information on the types and properties of the columns in a ResultSet. It is constructed from the Connection object.
JDBC driver:
The JDBC API defines the Java interfaces and classes that programmers use to connect to databases and send queries. A JDBC driver implements these interfaces and classes for a particular DBMS vendor. A Java program that uses the JDBC API loads the
10
specified driver for a particular DBMS before it actually connects to a database. The JDBC DriverManager class then sends all JDBC API calls to the loaded driver. The four types of JDBC drivers are:
JDBC-ODBC Bridge plus ODBC driver, also called Type 1. Translates JDBC API calls into Microsoft Open Database Connectivity (ODBC) calls that are then passed to the ODBC driver. The ODBC binary code must be loaded on every client computer that uses this type of driver.
Native-API, partly Java driver, also called Type 2. Converts JDBC API calls into DBMS-specific client API calls. Like the bridge driver, this type of driver requires that some binary code be loaded on each client computer.
JDBC-Net, pure Java driver, also called Type 3. Sends JDBC API calls to a middle-tier net server that translates the calls into the DBMS-specific network protocol. The translated calls are then sent to a particular DBMS.
Native-protocol, pure Java driver, also called Type 4. Converts JDBC API calls directly into the DBMS-specific network protocol without a middle tier. This allows the client applications to connect directly to the database server.
2.4 Servlets:
Servlets are server side components that provide a powerful mechanism for developing server side programs. Servlets provide component-based, platformindependent methods for building Web-based applications, without the performance limitations of CGI programs. Unlike proprietary server extension mechanisms (such as the Netscape Server API or Apache modules), servlets are server as well as platformindependent. This leaves you free to select a "best of breed" strategy for your servers, platforms, and tools. Using servlets web developers can create fast and efficient server side application which can run on any servlet enabled web server. Servlets run entirely inside the Java Virtual Machine. Since the Servlet runs at server side so it does not
11
checks the browser for compatibility. Servlets can access the entire family of Java APIs, including the JDBC API to access enterprise databases. Servlets can also access a library of HTTP-specific calls, receive all the benefits of the mature java language including portability, performance, reusability, and crash protection. Today servlets are the popular choice for building interactive web applications. Third-party servlet containers are available for Apache Web Server, Microsoft IIS, and others. Servlet containers are usually the components of web and application servers, such as BEA WebLogic Application Server, IBM WebSphere, Sun Java System Web Server, Sun Java System Application Server and others. Servlets are not designed for a specific protocols. It is different thing that they are most commonly used with the HTTP protocols Servlets uses the classes in the java packages javax.servlet and javax.servlet.http. Servlets provides a way of creating the sophisticated server side extensions in a server as they follow the standard framework and use the highly portable java language. HTTP Servlet typically used to:
Priovide dynamic content like getting the results of a database query and returning to the client.
Process and/or store the data submitted by the HTML. Manage information about the state of a stateless HTTP. e.g. an online shopping car manages request for multiple concurrent customers.
Methods in servlet:
A Generic servlet contains the following five methods:
1.init()
public void init(ServletConfigconfig) throws ServletException The init() method is called only once by the servlet container throughout the life of a servlet. By this init() method the servlet get to know that it has been placed into service.
12
The init() method does not return within a fix time set by the web server. It throws a ServletException
Parameters The init() method takes a ServletConfig object that contains the initialization parameters and servlet's configuration and throws a ServletException if an exception has occurred.
2.service()
public void service(ServletRequestreq, ServletResponse res) throws ServletException, IOException
Once the servlet starts getting the requests, the service() method is called by the servlet container to respond. The servlet services the client's request with the help of two objects. These two objects javax.servlet.ServletRequest and javax.servlet.ServletResponse are passed by the servlet container. The status code of the response always should be set for a servlet that throws or sends an error. Parameters - The service() method takesthe ServletRequestobject that contains the client's request and the objectServletResponse contains the servlet's response. The service() method throws ServletException and IOExceptionsexception.
3.getServletConfig()
public ServletConfiggetServletConfig()
This method contains parameters for initialization and startup of the servlet and returns a ServletConfig object. This object is then passed to the init method. When this interface is implemented then it stores the ServletConfig objectin order to return it. It is done by the generic class which implements this inetrface. Returns - the ServletConfig object
4.getServletInfo()
public String getServletInfo()
13
The information about the servlet is returned by this method like version, author etc. This method returns a string which should be in the form of plain text and not any kind of markup. Returns - a string that contains the information about the servlet.
5.destroy()
public void destroy() This method is called when we need to close the servlet. That is before removing a servlet instance from service, the servlet container calls the destroy() method. Once the servlet container calls the destroy() method, no service methods will be then called . That is after the exit of all the threads running in the servlet, the destroy () method is called. Hence, the servlet gets a chance to clean up all the resources like memory, threads etc which are being held.
1. Loading and Instantiation: The servlet container loads the servlet during
startup or when the first request is made. The loading of the servlet depends on the attribute <load-on-startup> of web.xml file. If the attribute <load-onstartup> has a positive value then the servlet is load with loading of the container otherwise it load when the first request comes for service. After loading of the servlet, the container creates the instances of the servlet.
2. Initialization: After creating the instances, the servlet container calls the
init() method and passes the servlet initialization parameters to the init() method. The init() must be called by the servlet container before the servlet can service any request. The initialization parameters persist untill the servlet is destroyed. The init() method is called only once throughout the life cycle of the servlet.
14
The servlet will be available for service if it is loaded successfully otherwise the servlet container unloads the servlet.
4. Destroying the Servlet: If the servlet is no longer needed for servicing any
request, the servlet container calls the destroy() method . Like the init() method this method is also called only once throughout the life cycle of the servlet. Calling the destroy() method indicates to the servlet container not to sent the any request for service and the servlet releases all the resources associated with it. Java Virtual Machine claims for the memory associated with the resources for garbage collection.
15
3. SYSTEM ANALYSIS
3.1 Introduction:
System analysis first stage according to System Development Life Cycle model.
This System Analysis is a process that starts with the analyst.Analysis is a detailed study of the various operations performed by a system and their relationships within and outside the system. One aspect of analysis is defining the boundaries of the system and determining whether or not a candidate should consider other related systems. During analysis, data is collected from the available files, decision points, and transactions handled by the present system. Logical system models and tools are used in analysis. Training, experience, and common sense are required for collection of the information needed to do the analysis.
16
Every patient will be provided with prescription with a unique identification card. All the lab repots will be personally given to the patients separately. Similarly all the scanning details, test reports all are maintained in separate records and will be provided to the specific patients when ever the patient need to go for consultations ,then he has to carry all his prescriptions, lab reports, scan reports etc to show all his disease details to the Doctor. Its very economic in multispecialty hospitals, the costs will be high for every individual sections in the Hospital Organization and the huge amount will be wasted if the patient is transferred or migrated from one location to another location. If the patient loses his prescription or any of his reports then the data present on it cannot be retrieved. Again the patient has to pay money for the details, also should give samples again to the lab directory for lab reports. So here the data is insecure.
Requirement Analysis:
Requirement Analysis is a software engineering task that bridges the gap between system level software allocation and software design. It provides the system engineer to specify software function and performance indicate softwares interface with the other system elements and establish constraints that software must meet. The basic aim of this stage is to obtain a clear picture of the needs and requirements of the end-user and also the organization. Analysis involves interaction between the clients and the analysis. Usually analysts research a problem from any questions asked and reading existing documents. The analysts have to uncover the real needs of the user even if they dont know them clearly. During analysis it is essential that a complete and consistent set of specifications emerge for the system. Here it is essential to resolve the contradictions that could emerge from information got from various parties. This is essential to ensure that the final specifications are consistent. It may be divided into 5 areas of effort. 1. 2. 3. 4.
5.
Each Requirement analysis method has a unique point of view. However all analysis methods are related by a set of operational principles. They are: The information domain of the problem must be represented and understood.
18
The functions that the software is to perform must be defined. The behavior of the software as a consequence of external events must be defined. The models that depict information function and behavior must be partitioned in a hierarchical or layered fashion. The analysis process must move from essential information to implementation detail.
Economic Feasibility:
This procedure is to determine the benefits and savings that are expected from a candidate system and compare them with costs. If benefits outweigh costs, then the decision is made to design and implement the system. Otherwise, further justification or alterations in proposed system will have to be made if it is to have a chance of being approved. This is an ongoing effort that improves in accuracy at each phase of the system life cycle.
Technical Feasibility:
Technical feasibility centers on the existing computer system (hardware, software, etc.,) and to what extent it can support the proposed addition. If the budget is a serious constraint, then the project is judged not feasible.
Operational Feasibility:
People are inherently resistant to change, and computers have been known to facilitate change. It is understandable that the introduction of a candidate system requires special effort to educate, sell, and train the staff on new ways of conducting business.
20
4. DESIGN
4.1 Module Description:
There are two modules: Chairman Branch Manager
Chairman Module:
In this System Chairman is the super User. The activity of the chairman is to create a New Branch in different locations depending on requirement. And also assign a New Branch Manager to New Branch. According to Requirements Chairman generate a New Health Card and also define Card Specifications i.e. card number, card name, Group capacity, validity, Discount, amount.Chairman has a capacity to remove a Branch Manager and also modify the card specifications.Chairman to see the reports based on the branch, state, card, and district wise. These reports helpful to improve his business. The Main Roles of the Chairman are: Create a New Branch Assign a Branch Manager Generate a new Type of Health Card Assigning of Health Card Specifications
database through project. Mainly Manager Name, Fathers name, Permanent Address, Telephone number, email address. These types of information enter into Data Base by the Chairman. After that, the Chairman gives to Manager his username and password. Managers login to system with their username and password. This type of Authentication Information will be give to Managers by Chairman. The chairman has full privileges on Managers, i.e. transfers to managers to another places, remove the Managers, if a Manager changed his phone number, then chairman has a privilege to update his details.
Card:
The Chairman defined the card specifications, i.e. Card Name, Card Number, Group Limit, Time duration, Discount, Amount. These types of speciation only defined by Chairman Card number is generated dynamically. Here Group limit specification means that maximum number of registrations per Card depending on the type of the card.Any modifications regarding to card specifications, the chairman only the person modified the card specifications. According to the requirement, the chairman generates the new cards and also defines the specifications.The chairman has a authority to delete the card or modifications of card specifications depending on requirement. The smart card value defined by the Chairman. The customer must have to pay full card amount. In future, the customer will suffer any disease, then the customer will join any Hospital belongs to Hospitals Group, the customer will get discount on total Hospital Bill.These types of smart cards are very helpful to customers. Once Customer get a smart card, then the customer get discount of any Hospital, that hospital belongs to Hospital Group. The customer registers any one of Branch, and then customer will get discount any Hospital. Here the all branches will share database.Once customers register their registration, there is no way no cancellation of their registration any circumstances.
22
2. Branch Manager: Branch Manager is the head of the Branch, assigned by the Chairman. Branch Manager taking the details from the Customers, who is willing to take the card, the main activity of the manager is to register the customer details, i.e. card name, cardholder name, age, sex, registration number, phone number, and also relation details depending cardholder.BranchManager generates reports according branch wise, district wise, state wise and also card wise. These reports are helpful to improve the branch. The Main Roles of the Branch Manager are: Taking the Enquiry details from Customers. Register the New Customers And also Register the customer Relation details Modify the Customer Details (If required)
Sub Modules: Enquiry:In this Module, Branch Manager first enters the customer details, for futher correspondence and also estimates the statics of business.
Registration:Every Branch has a one Branch Manager. Branch Manager has a Superior of the Branch. Branch manager register the customer details.
23
4.2 Architecture Design: 4.2.1 UML Diagrams: 1.1 Use Case Diagram of Chairman:
Administrator
Reports
Enquiry
BranchHead
Registration
BranchHead
Reports
24
Login
Reports
Card Created
25
1: login details Login 3: : Chairman 7: Card Created 6: Add New Type of Card
Reports
26
login
Enquiry
Registration
Reports
Logout
Logout Success
27
login
4: Enter Enquiry
Enquiry
7: Registration Successful : BranchHead 6: Request for Registration 8: Requst ing for Reports 9: Generate reports 11: Logout Success Registrat ion 10: Reques for Logout
Logout Reports
28
Table name: Branchhead Name Username password Phone Jdate Mobile Email Address Branch City Pin State Bno Varchar2(20) Varchar2(20) Varchar2(20) Number(20) Date Varchar2(20) Varchar2(20) Varchar2(20) Varchar2(20) Varchar2(20) Number(6) Varchar2(20) Number(10) Primary Key
Table name: Card Cno Cname Capacity Validity Discount Amount Number(5) Primary Key Varchar2(10) Number Varchar2(10) Number Number
AGE SEX DISTRICT DESIGNATION QUALIFICATION STATE ADDRESS PHONE NSIZE BRANCH BDATE
NUMBER VARCHAR2(10) VARCHAR2(20) VARCHAR2(20) VARCHAR2(20) VARCHAR2(20) VARCHAR2(20) NUMBER(20) NUMBER(5) VARCHAR2(20) DATE
CNO CNAME CAPACITY VALIDITY DISCOUNT AMOUNT REGNO HNAME DESIGNATION SEX PHONE BRANCH QUALIFICATION ADDRESS PIN STATE
NUMBER(5) foreign Key VARCHAR2(20) NUMBER(4) VARCHAR2(20) NUMBER(4) NUMBER(5) NUMBER(5) Primary Key VARCHAR2(20) VARCHAR2(20) VARCHAR2(10) NUMBER(10) VARCHAR2(20) VARCHAR2(20) VARCHAR2(20) NUMBER(10) VARCHAR2(20)
30
JDATE DISTRICT
DATE VARCHAR2(20)
Table name: Regdesc REGNO NAME1 SEX1 AGE1 RELATION NUMBER Foeign Key VARCHAR2(20) VARCHAR2(7) NUMBER VARCHAR2(20)
31
Chairman
Smartcard Securitysyst em
Generate Reports
32
Registration
Branch Manager
Register Relations
Generate Reports
33
Assign a Branch Manager Chairman Smart Card Health Security System Add New Health Card Generate Reports
Branch
Card Database
34
Enquiry
Enquiry
Branch Manager
Registration
Reg
Relations
RegDesc
Generate Reports
Database
35
4.4 ER Diagrams:-
Name
PASS
WORD
PHONE State PHONE State Bno Bno Name Age Sex Reg Enquiry Valid District Discount JDATE Designation Reg NO Qualification Hname State Desgination Phone BRANCH Address PHONE SEX C.NO Cname capacity
PASS
WORD
Branch Head Email Branch Head EMAIL BRANCH Branch MOBILE MOBILE JDATE JDATE ADDRESS ADDRESS Pin Pin
Branch Branch
36
NAM
Reg JDAT E STATE PIN ADDRESS QUALIFICATION REGNO HNAM E DESIG NATIO
N SEX
RegNo
Regdesc
RELATION
AGE1
SEX
BRANCH
PHON E
37
Cname Capacit y CNO Cno Validity Card Amount Cno Discount JDAT E REGNO PIN ADDRESS STATE Reg ITY
CNAME
CAPACIT Y VALID
DISCOUN
HNAME
DESIGNATI
PHONE BRANC H
SEX
38
6. IMPLEMENTATION
Install Apache Tomcat Server 6.0 with port number as 2011, username and password as
smartcard, and Java Software, and set class paths for Java as well as Apache Tomcat Server. Run Apache tomcat server with above mentioned port number, username and password,
it will take u to Home screen with two modules chairman and Branch Head. We come across two modules, chairman and branch manager. Select the module as per
the requirement, select chairman module. For the chairman to perform any action he has to be first login by providing username
and password in the login form. After successfully login, the chairman can perform three activities of Branch Head, Card and Reports. In Branch Head the Chairman can add new Branch, Modify Branch and Delete Branch.
The chairman has to fill the details of new branch and submit it. The Chairman can perform actions on card by add a new card, modifying existing card,
delete a card. The chairman has to fill all the details accordingly and submit it to all the branches. The chairman can retrieve and access the data or information stored in the reports as per
the requirements. The reports consist of details about card, state, amount, branch and district. He cannot view customer details as per amount, district and branch until the registration
and enquiry from Branch Head completes. Once Branch head enquiry completes on the customer, then Chairman can view the details. The Branch Head has to first login to perform any action. The Branch head can perform the actions of enquiry, registration and reports. For
enquiry, the manager has to fill the enquiry form and click it for details. Branch manager can perform registration by adding new registration, modifying
registration, deleting registration and relation Branch manager maintains the relation. Branch head can retrieve and access the information present in the database. All the details can be retrieved by filling form, amount details can be retrieved and
. TESTING
Introduction:
Software Testing is the process of executing a program or system with the intent of finding errors. Or, it involves any activity aimed at evaluating an attribute or capability of a program or system and determining that it meets its required results. Software is not unlike other physical processes where inputs are received and outputs are produced. Where software differs is in the manner in which it fails. Most physical systems fail in a fixed (and reasonably small) set of ways. By contrast, software can fail in many bizarre ways. Detecting all of the different failure modes for software is generally infeasible. Unlike most physical systems, most of the defects
in software are design errors, not manufacturing defects. Software does not suffer from corrosion, wear-and-tear -- generally it will not change until upgrades, or until obsolescence. So once the software is shipped, the design defects, bugs, will be buried in and remain latent until activation. Software bugs will almost always exist in any software module with moderate size: not because programmers are careless or irresponsible, but because the complexity of software is generally intractable -- and humans have only limited ability to manage complexity. It is also true that for any complex systems, design defects can never be completely ruled out. Discovering the design defects in software is equally difficult, for the same reason of complexity. Because software and any digital systems are not continuous, testing boundary values are not sufficient to guarantee correctness. All the possible values need to be tested and verified, but complete testing is infeasible. Exhaustively testing a simple program to add only two integer inputs of 32-bits (yielding 2^64 distinct test cases) would take hundreds of years, even if tests were performed at a rate of thousands per second. Obviously, for a realistic software module, the complexity can be far beyond the example mentioned here. If inputs from the real world are involved, the problem will get worse, because timing and unpredictable environmental effects and human interactions are all possible input parameters under consideration. A further complication has to do with the dynamic nature of programs. If a failure occurs during preliminary testing and the code is changed, the software may now work for a test case that it didn't work for previously. But its behavior on pre-error test cases that it
40
passed before can no longer be guaranteed. To account for this possibility, testing should be restarted. The expense of doing this is often prohibitive. Regardless of the limitations, testing is an integral part in software development. It is broadly deployed in every phase in the software development cycle. Typically, more than 50% percent of the development time is spent in testing. Testing is usually performed for the following purposes:
To improve quality:
As computers and software are used in critical applications, the outcome of a bug can be severe. Bugs can cause huge losses. Bugs in critical systems have caused airplane crashes, allowed space shuttle missions to go awry, halted trading on the stock market, and worse. Bugs can kill. Bugs can cause disasters. The so-called year 2000 (Y2K) bug has given birth to a cottage industry of consultants and programming tools dedicated to making sure the modern world doesn't come to a screeching halt on the first day of the next century. In a computerized embedded world, the quality and reliability of software is a matter of life and death. Quality means the conformance to the specified design requirement. Being correct, the minimum requirement of quality, means performing as required under specified circumstances. Debugging, a narrow view of software testing, is performed heavily to find out design defects by the programmer. The imperfection of human nature makes it almost impossible to make a moderately complex program correct the first time. Finding the problems and get them fixed, is the purpose of debugging in programming phase.
41
We cannot test quality directly, but we can test related factors to make quality visible. Quality has three sets of factors -- functionality, engineering, and adaptability. These three sets of factors can be thought of as dimensions in the software quality space. Each dimension may be broken down into its component factors and considerations at successively lower levels of detail. Table 1 illustrates some of the most frequently cited quality considerations. Good testing provides measures for all relevant factors. The importance of any particular factor varies from application to application. Any system where human lives are at stake must place extreme emphasis on reliability and integrity. In the typical business system usability and maintainability are the key factors, while for a one-time scientific program neither may be significant. Our testing, to be fully effective, must be geared to measuring each relevant factor and thus forcing quality to become tangible and visible. Tests with the purpose of validating the product works are named clean tests, or positive tests. The drawbacks are that it can only validate that the software works for the specified test cases. A finite number of tests cannot validate that the software works for all situations. On the contrary, only one failed test is sufficient enough to show that the software does not work. Dirty tests, or negative tests, refer to the tests aiming at breaking the software, or showing that it does not work. A piece of software must have sufficient exception handling capabilities to survive a significant level of dirty tests. A testable design is a design that can be easily validated, falsified and maintained. Because testing is a rigorous effort and requires significant time and cost, design for testability is also an important design rule for software development.
especially in places that human lives are at stake. Solving the software-testing problem is no easier than solving the Turing halting problem. We can never be sure that a piece of software is correct. We can never be sure that the specifications are correct. No verification system can verify every correct program. We can never be certain that a verification system is correct either.
Taxonomy:
There is a plethora of testing methods and testing techniques, serving multiple purposes in different life cycle phases. Classified by purpose, software testing can be divided into: correctness testing, performance testing, reliability testing and security testing. Classified by lifecycle phase, software testing can be classified into the following categories: requirements phase testing, design phase testing, program phase testing, evaluating test results, installation phase testing, acceptance testing and maintenance testing. By scope, software testing can be categorized as follows: unit testing, component testing, integration testing, and system testing.
Correctness testing:
Correctness is the minimum requirement of software, the essential purpose of testing. Correctness testing will need some type of oracle, to tell the right behaviour from the wrong one. The tester may or may not know the inside details of the software module under test, e.g. control flow, data flow, etc. Therefore, either a white-box point of view or black-box point of view can be taken in testing software. We must note that the black-box and white-box ideas are not limited in correctness testing only.
Black-box testing:
The black-box approach is a testing method in which test data are derived from the specified functional requirements without regard to the final program structure. [ It is also termed data-driven, input/output driven, or requirements-based testing. Because only the functionality of the software module is of concern, black-box testing also mainly refers to functional testing -- a testing method emphasized on executing the functions and examination of their input and output data. The tester treats the software under test as a black box -- only the inputs, outputs and specification are visible, and the functionality is determined by observing the outputs to
43
corresponding inputs. In testing, various inputs are exercised and the outputs are compared against specification to validate the correctness. All test cases are derived from the specification. No implementation details of the code are considered. It is obvious that the more we have covered in the input space, the more problems we will find and therefore we will be more confident about the quality of the software. Ideally we would be tempted to exhaustively test the input space. But as stated above, exhaustively testing the combinations of valid inputs will be impossible for most of the programs, let alone considering invalid inputs, timing, sequence, and resource variables. Combinatorial explosion is the major roadblock in functional testing. To make things worse, we can never be sure whether the specification is either correct or complete. Due to limitations of the language used in the specifications (usually natural language), ambiguity is often inevitable. Even if we use some type of formal or restricted language, we may still fail to write down all the possible cases in the specification. Sometimes, the specification itself becomes an intractable problem: it is not possible to specify precisely every situation that can be encountered using limited words. And people can seldom specify clearly what they want -- they usually can tell whether a prototype is, or is not, what they want after they have been finished. Specification problems contribute approximately 30 percent of all bugs in software. The research in black-box testing mainly focuses on how to maximize the effectiveness of testing with minimum cost, usually the number of test cases. It is not possible to exhaust the input space, but it is possible to exhaustively test a subset of the input space. Partitioning is one of the common techniques. If we have partitioned the input space and assume all the input values in a partition is equivalent, then we only need to test one representative value in each partition to sufficiently cover the whole input space. Domain testing partitions the input domain into regions, and consider the input values in each domain an equivalent class. Domains can be exhaustively tested and covered by selecting a representative value(s) in each domain. Boundary values are of special interest. Experience shows that test cases that explore boundary conditions have a higher payoff than test cases that do not. Boundary value analysis requires one or more boundary values selected as representative test cases. The difficulties with domain testing are that incorrect domain definitions in the specification cannot be efficiently discovered. Good partitioning
44
requires knowledge of the software structure. A good testing plan will not only contain blackbox testing, but also white-box approaches, and combinations of the two.
White-box testing:
Contrary to black-box testing, software is viewed as a white-box, or glass-box in whitebox testing, as the structure and flow of the software under test are visible to the tester. Testing plans are made according to the details of the software implementation, such as programming language, logic, and styles. Test cases are derived from the program structure. White-box testing is also called glass-box testing, logic-driven testing or design-based testing There are many techniques available in white-box testing, because the problem of intractability is eased by specific knowledge and attention on the structure of the software under test. The intention of exhausting some aspect of the software is still strong in white-box testing, and some degree of exhaustion can be achieved, such as executing each line of code at least once (statement coverage), traverse every branch statements (branch coverage), or cover all the possible combinations of true and false condition predicates (Multiple condition coverage). Control-flow testing, loop testing, and data-flow testing, all maps the corresponding flow structure of the software into a directed graph. Test cases are carefully selected based on the criterion that all the nodes or paths are covered or traversed at least once. By doing so we may discover unnecessary "dead" code -- code that is of no use, or never get executed at all, which cannot be discovered by functional testing. In mutation testing, the original program code is perturbed and many mutated programs are created, each contains one fault. Each faulty version of the program is called a mutant. Test data are selected based on the effectiveness of failing the mutants. The more mutants a test case can kill, the better the test case is considered. The problem with mutation testing is that it is too computationally expensive to use. The boundary between black-box approach and white-box approach is not clear-cut. Many testing strategies mentioned above, may not be safely classified into black-box testing or white-box testing. It is also true for transaction-flow testing, syntax testing, finite-state testing, and many other testing strategies not discussed in this text. One reason is that all the above techniques will need some knowledge of the specification of the
45
software under test. Another reason is that the idea of specification itself is broad -- it may contain any requirement including the structure, programming language, and programming style as part of the specification content. We may be reluctant to consider random testing as a testing technique. The test case selection is simple and straightforward: they are randomly chosen. Study in indicates that random testing is more cost effective for many programs. Some very subtle errors can be discovered with low cost. And it is also not inferior in coverage than other carefully designed testing techniques. One can also obtain reliability estimate using random testing results based on operational profiles. Effectively combining random testing with other testing techniques may yield more powerful and cost-effective testing strategies.
Performance testing:
Not all software systems have specifications on performance explicitly. But every system will have implicit performance requirements. The software should not take infinite time or infinite resource to execute. "Performance bugs" sometimes are used to refer to those design problems in software that cause the system performance to degrade. Performance has always been a great concern and a driving force of computer evolution. Performance evaluation of a software system usually includes: resource usage, throughput, stimulus - response time and queue lengths detailing the average or maximum number of tasks waiting to be serviced by selected resources. Typical resources that need to be considered include network bandwidth requirements, CPU cycles, disk space, disk access operations, and memory usage. The goal of performance testing can be performance bottleneck identification, performance comparison and evaluation, etc. The typical method of doing performance testing is using a benchmark -- a program, workload or trace designed to be representative of the typical system usage.
46
Reliability testing:
Software reliability refers to the probability of failure-free operation of a system. It is related to many aspects of software, including the testing process. Directly estimating software reliability by quantifying its related factors can be difficult. Testing is an effective sampling method to measure software reliability. Guided by the operational profile, software testing (usually black-box testing) can be used to obtain failure data, and an estimation model can be further used to analyze the data to estimate the present reliability and predict future reliability. Therefore, based on the estimation, the developers can decide whether to release the software, and the users can decide whether to adopt and use the software. Risk of using software can also be assessed based on reliability information advocates that the primary goal of testing should be to measure the dependability of tested software. There is agreement on the intuitive meaning of dependable software: it does not fail in unexpected or catastrophic ways. Robustness testing and stress testing are variances of reliability testing based on this simple criterion. The robustness of a software component is the degree to which it can function correctly in the presence of exceptional inputs or stressful environmental conditions. Robustness testing differs with correctness testing in the sense that the functional correctness of the software is not of concern. It only watches for robustness problems such as machine crashes, process hangs or abnormal termination. The oracle is relatively simple, therefore robustness testing can be made more portable and scalable than correctness testing. This research has drawn more and more interests recently, most of which uses commercial operating systems as their target. Stress testing, or load testing, is often used to test the whole system rather than the software alone. In such tests the software or system are exercised with or beyond the specified limits. Typical stress includes resource exhaustion, bursts of activities, and sustained high loads.
47
Security testing:
Software quality, reliability and security are tightly coupled. Flaws in software can be exploited by intruders to open security holes. With the development of the Internet, software security problems are becoming even more severe. Many critical software applications and services have integrated security measures against malicious attacks. The purpose of security testing of these systems include identifying and removing software flaws that may potentially lead to security violations, and validating the effectiveness of security measures. Simulated security attacks can be performed to find vulnerabilities.
Testing automation:
Software testing can be very costly. Automation is a good way to cut down time and cost. Software testing tools and techniques usually suffer from a lack of generic applicability and scalability. The reason is straight-forward. In order to automate the process, we have to have some ways to generate oracles from the specification, and generate test cases to test the target software against the oracles to decide their correctness. Today we still don't have a full-scale system that has achieved this goal. In general, significant amount of human intervention is still needed in testing. The degree of automation remains at the automated test script level. The problem is lessened in reliability testing and performance testing. In robustness testing, the simple specification and oracle: doesn't crash, doesn't hang suffices. Similar simple metrics can also be used in stress testing.
Alternatives to testing:
Software testing is more and more considered a problematic method toward better quality. Using testing to locate and correct software defects can be an endless process. Bugs cannot be completely ruled out. Just as the complexity barrier indicates: chances are testing and fixing problems may not necessarily improve the quality and reliability of the software.
48
Sometimes fixing a problem may introduce much more severe problems into the system, happened after bug fixes, such as the telephone outage in California and eastern seaboard in 1991. The disaster happened after changing 3 lines of code in the signalling system. In a narrower view, many testing techniques may have flaws. Coverage testing, for example Is code coverage, branch coverage in testing really related to software quality? There is no definite proof. As early as in, the so-called "human testing" -- including inspections, walkthroughs, reviews -- are suggested as possible alternatives to traditional testing methods advocates inspection as a cost-effect alternative to unit testing. The experimental results in suggests that code reading by stepwise abstraction is at least as effective as on-line functional and structural testing in terms of number and cost of faults observed. Using formal methods to "prove" the correctness of software is also an attracting research direction. But this method cannot surmount the complexity barrier either. For relatively simple software, this method works well. It does not scale well to those complex, full-fledged large software systems, which are more error-prone. In a broader view, we may start to question the utmost purpose of testing. Why do we need more effective testing methods anyway, since finding defects and removing those does not necessarily lead to better quality? An analogy of the problem is like the car manufacturing process. In the craftsmanship epoch, we make cars and hack away the problems and defects. But such methods were washed away by the tide of pipelined manufacturing and good quality engineering process, which makes the car defect-free in the manufacturing phase. This indicates that engineering the design process (such as cleanroom software engineering) to make the product have less defects may be more effective than engineering the testing process. Testing is used solely for quality monitoring and management, or, "design for testability". This is the leap for software from craftsmanship to engineering.
49
7. SCREENS
50
51
52
53
54
55
56
Fig 7.8 Chairman viewing card reports according to card, state, amount, district and branch
57
58
59
Fig 7.11 Branch head entering enquiry details of the card holder
60
61
Fig 7.13 Branch Head registering the card holder after enquiring his details
62
Fig 7.14 Branch head modifying the registration details of the card holder
63
64
Fig 7.16 Branch head viewing the details of the card holder through his card number
65
66
Fig 7.18 displaying the card holder details according to the card number
67
68
8. CONCLUSION
The main objective of the project is to automate the "Oraganization management". By using ORACLE as back-end and Java as front-end under WINDOWs environment. The efficiency of any system designed to suit an organization depends cooperation during the implementation stage and also flexibility of the system to adopt itself to the organization. This project "Smart Card" is very useful and helpful because the effiency will improve with better way of communication among Chairman-Manager, Manager- Customer. Reliable and accurate reports could be available with in a very short time, which is not possible if done manually.
69
9. BIBLIOGRAPHY
1. H.M.DIETEL.P.J.DIETEL, Java How to Program, PhL, Second Edition 2. Gray Cornett, Horstmann, CorelJava, Sunsoft Press, 1996. 3. Patrick Naughton & Herbert Schildt, Java: Reference, Tata McGraw-Hill, Macrch 1997. 4. Grady Booch, Object Oriented Analysis and Design with Applications, the Benjimin/Cummings, 1994. WEBSITES:
WWW.GOOGLE.COM
The Complete
WWW.MYBOOK.COM WWW.SCHOOLS.COM
70