SOFTWARE TESTING

1. What is entry and exit criteria of software testing?

A test case is a documentation which specifies input values expected output and pre-conditions
for executing the test. When to start and stop the testing of software in order to know when to
start and when to stop the testing work, it is very much important to define entry and exit
criteria for success of any project.

a) Entry Criteria: Entry criteria are the minimum set of the condition that should be
meet in order to start testing work.
i. All test hardware platforms must have been successfully installed, configured
and functioning properly.
ii. All the necessary documentation, design and requirement information should
be available.
iii. All the standard software tools including testing tools must have been
successfully installed and functioning properly.
iv. Proper test data is available.
v. The test environment such as the hardware, software and the system
administration support should be ready.
b) Exit Criteria: exit criteria are the set of condition that should be meet in order to
close particular project. Exit criteria may include
i. All the test plan may have been run.
ii. A certain level of requirement has been achieved.
iii. All the high risk areas have been fully tested.
iv. The schedule has been achieved.

2. Describe inspection under static testing

Static testing is to review the code without executing it. Formal inspection is the most
formal method in static testing. This method can detect all faults, violations and other
side effects. In this:
i. Through preparation is required before an inspection/review
ii. Enlisting multiple diverse views.
iii. Assigning specific roles to the multiple participants.
 iv. Going sequentially through the code in a structured manner.

There are four role in this.

i. Author of the code: the person who had written the code
ii. Moderator: who is expected to formally run the inspection according to the
process?
iii. Inspectors: are the people who actually provide review comments for the code.
iv. Scribe: who takes detail notes during the inspection meeting and circulates them
to the inspection team after the meeting.

The author or moderator selects review team. The inspection team assembles at the
agreed time for inspection meeting. The moderator takes the team sequentially through the
program code. If any defect is found they will classify it as minor or major. A scribe documents
the defects. For major defects the review team meets again to check whether the bugs are
resolved or not.

3. What is black box testing? List the techniques of black box testing.
The black box testing in used to demonstrate that the software functions are operational.
As the name suggests in black box testing it is tested whether the input is accepted
properly and output is correctly produced.
ADVANTAGES -
i. The black box testing focuses on fundamental aspect of system without being
concerned for internal logical structure of the software.
ii. The advantage of conducting black box testing is to uncover following types of
errors.
a. Incorrect or missing functions
b. Interface errors
c. Errors in external data structures
d. Performance errors
e. Initialization or termination errors

DIS-ADVANTAGES -

i. All the independent paths within a module cannot be tested.

ii. Logical decisions along with their true and false sides cannot be tested.
 iii. All the loops and the boundaries of these loops cannot be exercised with black
box testing.
iv. Internal data structure cannot be validated

TECHNIQUES OF BLACK BOX TESTING:

i. Requirement based testing

ii. Boundary value analysis
iii. Equivalence partitioning

4. Draw classification of white box testing. Explain any one type of white box testing in
detail.

White Box Testing

Static Testing Structured Testing

Statement/ Line
Inspection Code Functional testing Coverage

Brach Coverage
Walkthrough Code Coverage testing
Condition Coverage
Technical Code Complexity testing
Review
Function Coverage

Static testing:

It is the testing of software work product manually or with a set of tools but they are not
executed. Following are the methods to review the static testing.

a) Inspection:

It is a formal review type. This inspection is done by the trained moderator.

During inspection the documents are prepared and checked by the reviewer. A separate
preparation is carried out and the defect are found. This defect are documented in the
list and formal follow up is carried out:
  It improves product quality.
 It removes defect.
 It helps to improve the quality of document.
 It learns from the defect and prevent the similar defect.

b) Structured walkthrough:
The main objective of the static testing is to find out the defects in order to improve the
quality of the product. Benefits are:
 This provide valued added comments from reviewer with experience.
 It notifies project management team about the progress of development process.
 It saves time and money.

Participants:

a. Author: the author of document under the review.

b. Presenter: develops the agenda for the walk through and present the output.
c. Moderator: moderator facilitates walk through session to ensure that walk through
agenda is followed.
d. Reviewer: evaluate the document under test to determine if it technically accurate.
e. Scribe: is a recorder of structured walk through who records technical comments and
suggestion.

c) Technical review:
It is conducted by the technical expert and defects are found. Goals are:
 To ensure that technical consents are used correctly.
 To inform the participants about the technical content of the document.
 5. Explain V model with labelled diagram.

Requirements Presentation of acceptance test cases Acceptance test Execution

System Requirements System test cases System test Execution

Global Design Integration test Integration test Execution

cases

Detailed Design Unit test cases Unit test cases Execution

Requirements

The V model is the SDLC model where the execution process happens in the sequential
manner. It is also known as verification and validation model. V model is highly disciplined
model and next phase starts only after completion of previous phase. The V model consist of
number of phases. The verification phase are on left hand side, implementation phase at the
bottom and validation phase on right hand side.

In V model, software development life cycle based on some information that is requirement
specification, the development and testing activity is started. Based on requirement,
development team start working on design and after completion on design actual
implementation is performed. Testing team starts working on test planning, test case writing
and test scripting.

V model shows software development activities on left side and right side of model shows
testing phase which can be performed.

ADVANTAGES:

a. It is easy to understand and apply.

b. This model is time saving and quick.
c. It works well for smaller project where requirements are well understood.
d. This is highly disciplined and phase are completed one at a time.
DISADVANTAGES:

a. This model is not flexible to change.

b. This model has risk and uncertainty.
c. V model is very rigid.
d. This model not good for complex and object oriented projects.

6. With the help of example explain boundary value analysis.

Boundary value analysis is the software testing that select input data which represent boundary
values. Boundary value analysis is done to check boundary condition. Suppose you have a very
important tool at office to accept the username and the password field to work on that tool and
accept minimum 8 characters and maximum 12 characters. Then the valid range is 8 to 12.
Invalid range 13 or more than 13. Invalid range 7 or less than 7.

Example:

Integer D with input condition [-2, 10]

Test values: -2, 10, 11, -1, 0

If the input condition specifies a number values, test cases should be developed to exercise the
minimum and maximum numbers. Values just above and below this min and max should be
tested. Enumerate data E with input condition: [2, 7, 100 and 102]

Test values: 2, 102, -1, 200,7

7. Difference between quality assurance and quality control.

Quality control Quality assurance

This is an activity with the primary goal as to This is an activity with the primary goal as to
prevent the defects. identify and correct the defects.
The process is intended to provide the The process is intended to focus on quality
assurance that the quality request will be requested.
achieved.
This method is to manage the quality This method is for quality validation.
verification.
It does not involve executing of the program. During this method the program is executed.
It is a preventive technique. It is a corrective technique.
It is a protective measure. It is a reactive measure.
It involves the full software development life It involves the testing phase of software
cycle. development life cycle.
Its main goal is to prevent defects in the Its main goal is to correct the defects in the
system. It is less time consuming activity. system. Hence it is more time consuming
activity.

8. Explain static testing and dynamic testing.

Static testing tools are used during static analysis of a system. Static testing tools are used
throughout a software development life cycle e.g. tools used for verification purposes.
There are many varieties of static testing tools used by different people as per the type of
system being developed. Code complexity measurement tools can be used to measure the
complexity of a given code. Similarly, data-profiling tools can be used to optimise a
database. Code-profiling tools can be used to optimize code. Test-generators are used for
generating a test plan form code. Syntax-checking tools are used to verify correctness of
code.

Dynamic testing tools are used at different levels of testing starting from unit testing and
which may go up to system testing and performance testing. These tools are generally used
 by tester. There are many different tools used for dynamic testing. Some of the areas
covered by testing tools are:

1) Regression testing using automated tools.

2) Defect tracking and communication systems used by racking and communication.
Performance, load, stress-testing tools.

9. With the suitable example explain how basis path testing is used to derive a code.

Code complexity testing is also known as basis path testing. It is first proposed by TOM MC
Cabe. It is software matrix which measure a logical complexity. Cyclomatic complexity is
source code complexity measurement that measure number of coding errors. It is calculated by
developing a control flow graphs of code that measure number of linearly independent path
through program module

Control flow graph:

N3 N4
N1 N2

M1 M1 M1 M1

Sequence flow Decision Flow Merging Flow

Cyclomatic complexity = no. of edges – no. of nodes + 2

Example:-

If A=10 THEN

If B>C THEN

A=B

ELSE

A=C

END IF
END IF

PRINT A

PRINT B

PRINT C

Cyclomatic complexity is defined as:-

CC=E-N+2

E= number of edges

N= number of nodes

OR

CC=P+1

P=number of predicates
Example:

CC=E-N+2

= 8-7+2

=3

OR

CC=P+1

=2+1

=3

The significance of MC Cabe number measurement ensures that programs with high MC Cabe
numbers are likely to be difficult to understand and high probability of containing the defects.

10. State any four testing principles.

1. Test must be conducted to validate customer requirements:
The basic aim of testing is to find the errors test must be validate the customers
requirements.
2. Test should be well planned before starting the testing work:
The test plan can be started as soon as analysis model is completed test cases
can started as soon as design model go to its final stage hence all test can be
plan before start the actual coding.
3. Test pareto principle is applicable to software testing:
According to this principle 80% of all errors found in testing.
4. Testing should begin in the small and progress towards in the large:
Test should be start from individual unit and finally go towards complete system
as a whole.
Software is divide into small sized components called as unit software testing
always start from unit testing the units are then integrated finally the system is
tested.
 5. Accept that every testing combination path is not possible:
Each software module contents too many conditions and nested conditions
hence it is not possible to check out the result of every combination of input.

11. With the help of diagram explain client server testing.

In client server testing there are several clients communicate with the server. Multiple
users can access the system at a time and they communicate with the server. Client and
server are connected by network connection. Testing approaches of client server are –
A. Component Testing :
We have prepared test plan for testing client and server individually. When server
is tested there is need of client simulator whereas testing a client we need a server
simulator and test the network.
B. Integration Testing :
After successful testing of client server and network they are integrated and perform
system testing.
C. Performance Testing :
System performance is tested when number of clients are communicated with the
server at a time i.e. load and stress testing.
D. Concurrence Testing :
It may be possible that multiple user may access the records at a time and the
concurred testing is required to understand the behaviour of testing in this situation.

12. Explain GUI testing with suitable example.

GUI testing is a process of testing an element such as image, text and buttons to validate their
expected performance as well as their functions accurately. By testing GUI the team can
validate various graphical icons like radio button, check box, text box, list box and dialog box.

GUI testing includes how the application handles the keyboard and mouse event, how different
GUI components like menu bar, toolbar react to user input and whether it performs in desire
manner or not.

Examples:

a. Check font used in application is readable.

b. Check the alignment of the text is proper.
 c. Check that have good clarity and properly aligned.
d. Check error messages displayed correctly.

13. State the process of Bi-directional integration testing with two advantages and two
dis-advantages.
1. Bottom up testing starts from middle layer and goes upward to the top layer. For a
very big system, bottom up approach starts at a subsystem level and goes upwards.
2. Top down testing starts from the middle layer and goes downward. For a very big
system, top down approach, starts a subsystem level and goes downwards.
3. Big band approach is followed for middle layer. From this layer, bottom up approach
goes upwards and top down approach goes downwards.

ADVANTAGES:

1. This approach is useful for very large projects having several projects. When
development follows a spiral model and module itself it as large as a system.
2. Both top down and bottom up approach starts at the start of the schedule.
3. It needs more resources and big teams for performing both, methods of testing at
a time or one after the other.

DISADVANTAGES:

1. It represents very high cost

14. Describe how to perform security and performance testing.

a. Performance testing:
It is done to validate whether the output of particular program is given
within a particular time period.
We measure response time and throughput:
i. Response time:
It is a time when a request is made to the server and server
response to client.
j. Throughput:
It referees to the number of client request within a unit of time.
 b. Security testing:

Security testing is performed to verify if the application is secured on

web as data theft and unauthorized access.

During security testing, password hacking unauthorized entry into the

software network security all taken into consideration.

To conduct this test requires a highly skilled person having security:

Security testing include:

I. Test for unauthorized access to secure page should not be permitted.

II. Restricted files should not be download without appropriate access.

Security testing is divided into 3 sub test:

1. Authorization
2. Access control
3. Encryption / Decryption
1. Authorization

Verifies author identify to check he is authorized or not.

2. Access control
The rights given to user to do a system task.
3. Encryption / Decryption
Encryption is to convert actual data into secret code which may not be
understandable to the other.
Decryption is to convert secret data into actual data.

15. Explain following concept related to web based testing.

 Usability testing: The goal of usability testing is to find out the user need and
expectation. Components of usability testing are:
i. Learnability.
ii. Efficiency.
iii. Errors.
iv. Satisfaction.
 Features of usability testing are:

i. How easy it is to use to software?

ii. How easy it is to learn the software?
iii. Look and feel.
iv. Speed in interface.
 Compatibility testing: compatibility testing is based on
a. Browser compatibility: it test the web application on the different application
and check the result.
b. Operating system compatibility: make sure that your web site works correctly
for various combination of operating system such as windows and Linux.
c. Device compatibility: test your web pages on the mobile browser, application
should be compatible to various devices.

16. State and explain top down approach of integration testing with diagram.
In top-down integration top level of application is tested first and go downward till it
reach the final component of system.
It is begin by testing top level module. It need design and implementation of stub so
drivers may not be required.
Top down integration can be performed and tested in depth-first and breadth-first
manner.

a) Depth first
All modules on major control path of the design hierarchy are integrated first.
For example:

Module 1,2,6,7/8 will be integrated first. Next module 1,3,4/5 will be integrated.
 b) Breadth first
All modules directly sub-ordinate at each level across the design
hierarchy that is horizontally are integrated first.
In this example,
Module 2,3 integrated first next module 6,4,5 integrated and next
at last module 7,8 integrated.

Procedure of top-down approach:

i. Start with top or initial module in software substitute the stub for all subordinate
of top-module test the top module.
ii. After testing top module stubs are replaced one at a time with actual module for
integration.
iii. Perform testing on integrated environment.
iv. Repeat step 2 for the whole testing hierarchy.

Example:
 17. Describe the use of load testing and security testing in performance testing of facility
of online result display of MSBTE.

Static testing:

In stress testing of MSBTE online result display, the resources used will be less than the
requirement. For example provide less RAM for the server or decrease the bandwidth of the
internet connection. If the system has limited resources available, the response of the online
result system may deteriorate due to non-availability of the resources. It tries to break the page,
site or connection under test by over whelming the resources in order to find the circumstances
under when it will crash. It is also a type of load testing. It is designed to determine the
behaviour of the software under abnormal situation. In stress testing test case are designed to
execute the system in such a way that abnormal conditions.

Load testing:

When a MSBTE online result display facility is tested with a load that causes it to allocate its
resources in maximum amounts. The idea is to create an environment more demanding than
the application would experience under normal workloads. Example apply more number of hits
on the result section, try displaying multiple results in multiple browser. Load is varied from
minimum to the maximum level the system can sustain without running of resources. Load is
being increased transactions may suffer excessive delays. Load testing involves simulating real
life user load for the target application. It helps to determine how the application behaves when
multiple students hits it simultaneously to check the result

18. Explain unit testing in terms of stubs and driver.

The most common approach to unit testing requires driver and stub. Drivers and stub are special
purpose arrangement required to test units individually which can act as input to the unit and
can take output from the unit. A driver is nothing but a main program that accept test case data
and passes such data to the components.

A stub or dummy sub program uses the co-ordinate module interface, may do minimal data
manipulation and prints the verification of entry and return control to the module. Both are
software that must be written but that is not delivered with a final software.
Advantages:

c. Unit test find the problems early in the development cycle.

d. It gain basic understanding of unit interface.

Disadvantages:

a. Testing will not catch every error in the program.

b. Unit testing is initial time required to develop team.

19. How to prepare a test plan.

Writing a test is one of primary task in testing. While writing a test plan you specify the
scope and objectives for the testing. Test plan has eight steps –
a. Define objectives
b. Define test criteria
c. Planning the resources
d. Plan test environment
e. Schedule and cost
f. Analysis of product
g. Develop test strategy
h. Test deliverables

There are three types of test plan –

1) Master Test Plan :

High level test plan for project or the product
2) Testing level specific test plan :
Plan for each level of testing –
a. Unit testing
b. Integration testing
c. System testing
d. Acceptance testing
3) Testing Type Specific test plan :
Plan for major types of testing like performance and security testing.
20. Describe test reporting in detail and now to prepare test summary report.
1) Executing the test cases –Test execution has following major task
a) Follow the test procedure to execute the test cases.
b) Do the confirmation of testing or re-testing to re-execute the test that are
previously failed.
c) Test log contains information about what are test cases, order of execution
and pass or fail status of the test case
d) Comparison of actual result and the expected result.
e) In case of difference between actual and expected result defect occurrence is
reported.
f) During the execution of test cases defect database must be updated this
database becomes the communication mechanism between development team
and testing team.
g) Execution of test cases and corresponding result of execution.
2) Prepare test summary report –Test summary report template are
a) The purpose of document
b) Overview of an application
c) Testing scope
d) Matrix
e) Suggestions
f) Exit criteria
g) Conclusions
h) Abbreviations

21. Write the entity purpose and attributes of following elements of test infrastructure
management.
 Test case database
It is collection of information about the test cases.
Entity Purpose Attribute
Testcase Record all the b. Testcase id
information about the c. Name of test case
test. d. Status
 Test case product cross Provide the mapping a. Testcase id
reference between test case and b. Module id
the feature of product.
Test case run history Provide the history of a. Test case id
when test was running b. Run data
and what was the result. c. Time
d. Status of run
(pass / fail)
Test case defect cross Details of test cases a. Test case id
reference introduce to test certain b. Defect
defect detected in
product.

 Defect repository
It store all the detail of defect reported in a software.
Entity Purpose Attribute
Detail of defect It record all the a. Defect id
information about b. Defect priority
the test. c. Defect description
d. Date and time of
defect occurrence.

Details of defect test Detail of test cases a. Test case id

for the given defect. b. Defect id
Fixing details Details of the fixes a. Defect id
for given defect. b. Fix details
Communication Details of the a. Test case id
communication that b. Details of
occurs during defect communication
management.