Professional Documents
Culture Documents
Notes SQA
Notes SQA
Software testing is a process of executing a program or application with the intent of finding the
software bugs.
Static Testing: It can test and find defects without executing code. Static Testing is done
during verification process. This testing includes reviewing of the documents and static analysis.
For example: reviewing, walkthrough, inspection, etc.
Dynamic Testing: In dynamic testing the software code is executed to demonstrate the result of
running tests. It’s done during validation process. For example: unit testing, integration testing,
system testing, etc.
Software Testing is necessary because we all make mistakes. Some of those mistakes are
unimportant, but some of them are expensive or dangerous we need to check that everything is
correct and working fine. – humans make mistakes all the time.
Buggy:
While testing software application if we found large number of defects then that application is called
Buggy.
The cost of defects can be measured by the impact of the defects and when we find them. Earlier
the defect is found lesser is the cost of defect. For example if error is found in the requirement
specifications then it is somewhat cheap to fix it. The correction to the requirement specification
can be done and then it can be re-issued. In the same way when defect or error is found in the
design then the design can be corrected and it can be re-issued. But if the error is not caught in
the specifications and is not found till the user acceptance then the cost to fix those errors or
defects will be way too expensive.
Priority of a defect is related to how quickly a bug should be fixed and deployed to live servers.
High Priority & High Severity: An error which occurs on the basic functionality of the
application and will not allow the user to use the system. (E.g. A site maintaining the student
details, on saving record if it, doesn’t allow to save the record then this is high priority and high
severity bug.)
High Priority & Low Severity: The spelling mistakes that happens on the cover page or
heading or title of an application.(logo color wrong)
High Severity & Low Priority: An error which occurs on the functionality of the application
(for which there is no workaround) and will not allow the user to use the system but on click of
link which is rarely used by the end user.(feature which is rarely used doesn’t work)
Low Priority and Low Severity: Any cosmetic or spelling issues which is within a paragraph or
in the report (Not on cover page, heading, title).
1) Testing shows presence of defects: Testing can show the defects are present, but cannot
prove that there are no defects. Even after testing the application or product thoroughly we
cannot say that the product is 100% defect free. Testing always reduces the number of
undiscovered defects remaining in the software but even if no defects are found, it is not a proof
of correctness.
3) Early testing: In the software development life cycle testing activities should start as early as
possible and should be focused on defined objectives.
4) Defect clustering: A small number of modules contain most of the defects discovered during
pre-release testing.
5) Pesticide paradox: If the same kinds of tests are repeated again and again, eventually the
same set of test cases will no longer be able to find any new bugs. To overcome this “Pesticide
Paradox”, it is really very important to review the test cases regularly and new and different tests
need to be written to exercise different parts of the software or system to potentially find more
defects.
6) Testing is context dependent: Testing is basically context dependent. Different kinds of sites
are tested differently. For example, safety – critical software is tested differently from an e-
commerce site.
7) Absence – of – errors fallacy: If the system built is unusable and does not fulfill the user’s
needs and expectations then finding and fixing defects does not help.
Independent testing in the Software testing is generally where the testing is completely
outsourced and testers work as an individual dedicated unit. Testers will have the complete
independence of testing with almost negligible interference of Developers or Business. This
helps the testers to test freely and raise as many issues as possible without hesitation
Advantages:
1. Testers raise issues freely and raise as many as possible which in the other way improves
the Quality of the product.
2. Developers will have negligible interference in the issues raised which will force them to
work hard.
Disadvantages:
1. There is scope for increase in Invalid issues count as the developers and testers have
minimal communication.
2. Applications having complex architecture are difficult to test as there is minimum
communication between developers and testers.
Verification Validation
1. Verification is a static practice of 1. Validation is a dynamic mechanism of
verifying documents, design, code and validating and testing the actual product.
program.
2. It does not involve executing the code. 2. It always involves executing the code.
3. It is human based checking of 3. It is computer based execution of
documents and files. program.
4. Verification uses methods like 4. Validation uses methods like black box
inspections, reviews, walkthroughs, and (functional) testing, gray box testing, and
Desk-checking etc. white box (structural) testing etc.
6. It can catch errors that validation cannot 6. It can catch errors that verification cannot
catch. It is low level exercise. catch. It is High Level Exercise.
1. Initial: The organization is characterized by an adhoc set of activities. The processes aren't defined
and success depends on individual effort.
2. Repeatable: In this level some processes are repeatable, possibly with consistent results.
3. Defined: In this level, we define all processes are documented for both management and engineering
activities, and standards.
4. Managed: Detailed measures of each process are defined and product quality data is routinely
collected. Both process and products are quantitatively understood and controlled.
STLC:
Phase Activity Deliverables Necessity
You review the software
Requirements/ ‘Review Defect’ Reports
requirements/ design (Well, Curiosity
Design Review
if they exist.)
Once you have gathered a Test Plan
general idea of what needs Test Estimation
Test Planning Farsightedness
to be tested, you ‘plan’ for Test Schedule
the tests.
Component testing: It is also called as module testing. The basic difference between the unit
testing and component testing is in unit testing the developers test their piece of code but in
component testing the whole component is tested. For example, in a student record application
there are two modules one which will save the records of the students and other module is to
upload the results of the students. Both the modules are developed separately and when they are
tested one by one then we call this as a component or module testing.
Integration testing: Integration testing is done when two modules are integrated, in order to test
the behavior and functionality of both the modules after integration. Below are few types of
integration testing?
Component integration testing: This testing is basically done to ensure that the code should not
break after integrating the two modules.
System testing – System Testing (ST) is a black box testing technique performed to evaluate the
complete system and system's compliance against specified requirements. In System testing, the
functionalities of the system are tested from an end-to-end perspective.
Acceptance testing: Acceptance testing is basically done to ensure that the requirements of the
specification are met.
Alpha testing: Alpha testing is done at the developers site. It is done at the end of the
development process
Beta testing: Beta testing is done at the customers site. It is done just before the launch of the
product.
Confirmation testing or re-testing: When a test fails because of the defect then that defect is reported
and a new version of the software is expected that has had the defect fixed. In this case we need to
execute the test again to confirm that whether the defect got actually fixed or not.
Regression Testing: When any modification or changes are done to the application or even when any
small change is done to the code then it can bring unexpected issues. Along with the new changes it
becomes very important to test whether the existing functionality is intact or not. This can be achieved
by doing the regression testing.
In equivalence partitioning we identify inputs which are treated by the system in the same way and
produce the same results. You can see from the following figure applications TC1 and TC2 give the same
results (i.e., TC3 and TC4 both give the same result, Result2). In short, we have two redundant test
cases. By applying equivalence partitioning we minimize the redundant test cases.
Decision Table Testing is a good way to deal with a combination of inputs, which produce
different results. It helps reduce test effort in verifying each and every combinations of test data,
at the same time ensuring complete coverage
Example: To understand the importance of Decision Table Making we will see an example, let's
consider the behavior of Flight Button for different combinations of Fly From & Fly To.
The Error guessing is a technique where the experienced and good testers are encouraged to think of
situations in which the software may not be able to cope. Some people seem to be naturally good at
testing and others are good testers because they have a lot of experience either as a tester or working with
a particular system and so are able to find out its weaknesses.
Exploratory testing is about exploring, finding out about the software, what it
does, what it doesn’t do, what works and what doesn’t work. The tester is constantly making decisions
about what to test next and where to spend the (limited) time.
Code Coverage is a measurement of how many lines/blocks/arcs of your code are executed while
the automated tests are running.
Smoke testing is a wide approach where all areas of the software application are tested without
getting into too deep. However, a sanity software testing is a narrow regression testing with a
focus on one or a small set of areas of functionality of the software application.
Formula:
Bug (defect) Age = Bug Fix Date – Bug Detection Date
Quality Assurance (QA): QA refers to the planned and systematic way of monitoring the quality of
process which is followed to produce a quality product. QA tracks the outcomes and adjusts the process to
meet the expectation.
Quality Control (QC): Concern with the quality of the product. QC finds the defects and suggests
improvements. The process set by QA is implemented by QC. The QC is the responsibility of the tester.
Software Testing: is the process of ensuring that product which is developed by the developer meets the
user requirement. The motive to perform testing is to find the bugs and make sure that they get fixed.
A good time to start the QA is from the beginning of the project startup. This will lead to plan
the process which will make sure that product coming out meets the customer quality
expectation. QA also plays a major role in the communication between teams. It gives time to
step up the testing environment. The testing phase starts after the test plans are written, reviewed
and approved.
Test Ware:
The testware is:
1. Different purpose
2. Different metrics for quality and
3. Different users
RELEASE: is a number given to installable software that is handed over to customer by the
developer or tester.
The information of build, release and version are displayed in software help page. Using this
build and release customer can let the customer team know which release version build that are
using.
The reasons for choosing automation testing over manual testing are following:
Data Driven is an automation testing part in which test input or output values, these values are
read from data files. It is performed when the values are changing by the time. The different data
files may include data pools, csv files, Excel files. The data is then loaded into variables in
recorded or manually coded scripts. For data driven testing we use Parameterzing and Regular
expression Technique.
Ex: To evaluate login functionality, we use different user name and password combinations,
variables are used to access different username and password. The list of username and password
are stored in a data table or excel sheet.
What are test driver and test stub and why we need them?
- The Stub is called from the software component to be tested. It is used in top down approach.
- The driver calls a component to be tested. It is used in bottom up approach.
- Both test stub and test driver are dummy software components.
- Suppose we want to test the interface between modules A and B and we have developed only module
A. So we cannot test module A but if a dummy module is prepare, using that we can test module A.
- Now module B cannot send or receive data from module A directly so, in these cases we have to
transfer data from one module to another module by some external features. This external feature used
is called Driver.
1. To have a signed, sealed, and delivered document, where the document contains details about the
testing methodology, test plan, and test cases.
2. Test strategy document tells us how the software product will be tested.
3. Test strategy document helps to review the test plan with the project team members.
4. It describes the roles, responsibilities and the resources required for the test and schedule.
5. When we create a test strategy document, we have to put into writing any testing issues requiring
resolution.
6. The test strategy is decided first, before lower level decisions are made on the test plan, test design,
and other testing issues.
A good code is code that works. The good code must not contain the defect or bug and is readable by
other developers and easily maintainable. Organizations have coding standards all developers should
follow, and also every programmer and software engineer has different ideas about what is best and
what are too many or too few rules. We need to keep in mind that excessive use of rules can decrease
both productivity and creativity. Peer reviews and code analysis tools can be used to check for problems
and enforce standards.
- Error Guessing: The tester has to guess what fault might occur and to design the tests to represent
them.
- Equivalence Class Partitioning: The input domain data is divided into different equivalence data
classes; take few valid values with 2 invalid values. This is used to reduce the total number of test cases
to a finite set of testable test cases.
- Boundary value analysis: Boundary value analysis testing technique is used to identify errors at
boundaries rather than finding those exist in center of input domain. Boundary value analysis is a next
part of Equivalence.
What are the differences between test strategy and test plan?
The differences between these two are described below:
- Test plan is prepared by the Test Lead whereas Test Strategy is prepared by the company
management.
- Test strategy defines: methods and coverage criteria to be covered test completion criteria,
prioritization of the test whereas Test plan is a document describing the scope, approach, resources and
schedule of intended test activities.
Specification-driven testing: means to test the functionality of software according to the user
requirements. In this, tester inputs multiple data and monitors the outputs from, the test object. In this
testing tester evaluate the showstopper bugs which break the major functionality of the application.
This type of testing requires test plan and test.
How do you decide you have tested enough?
The principle of testing says that exhaustive testing is impossible. i.e. testing everything is not feasible.
We cannot test till all the defects are debugged and removed, it is simply impossible. We have to stop
testing and ship the software. We can decide when to stop is testing based on following points:
Functional testing basically deals with the functional aspect of the application. This technique
tests that the system is behaving as per the requirement and specification.
These are directly linked with customer requirement. We validate the test cases against the
specified requirement and make the test pass or failed accordingly.
Nonfunctional testing – on the other hand tests the Nonfunctional aspect of the application. It
tests NOT the requirement, but the environmental factors like performance, load and stress.
Negative testing is a technique which validates that the system behaves gracefully in case of any
invalid inputs.
For example, in case user enters any invalid data in a text box, system should display a proper
message instead of technical message which the user does not understands.
Negative testing is different from positive testing in a way that positive testing validates that our
system works as expected and compares the test results with the expected results.
1. Verify that the login screen is having option to enter username and password with submit
button and option of forgot password
2. Verify that user is able to login with valid username and password
3. Verify that user is not able to login with invalid username and password
4. Verify that validation message gets displayed in case user leaves username or password
field as blank
5. Verify that validation message is displayed in case user exceeds the character limit of the
user name and password fields
6. Verify that there is reset button to clear the field's text
7. Verify if there is checkbox with label "remember password" in the login page
8. Verify that the password is in encrypted form when entered
9. Verify that there is limit on the total number of unsuccessful attempts
10. For security point of view, in case of in correct credentials user is displayed the message
like "incorrect username or password" instead of exact message pointing at the field that
is incorrect. As message like "incorrect username" will aid hacker in bruteforcing the
fields one by one
11. Verify the timeout of the login session
12. Verify if the password can be copy-pasted or not
13. Verify that once logged in, clicking back button doesn't logout user
14. Verify if SQL Injection attacks works on login page
15. Verify if XSS vulnerability work on login page
1. Wrong: The requirements have been implemented incorrectly. This defect is a variance
from the given specification.
2. Missing: There was a requirement given by the customer and it was not done.
3. Extra: A requirement incorporated into the product that was not given by the end
customer.
For instance, you can define entry criteria that the customer should provide the requirement
document or acceptance plan. If this entry criteria is not met then you will not start the project.
On the other end, you can also define exit criteria for your project. For instance, one of the
common exit criteria in projects is that the customer has successfully executed the acceptance
test plan.
A masked defect is an existing defect that hasn't yet caused a failure just because another defect
has prevented that part of the code from being executed.
What is coverage and what are the different types of coverage techniques?
Coverage is a measurement used in software testing to describe the degree to which the source
code is tested. There are three basic types of coverage techniques as shown in the following
figure:
Statement coverage: This coverage ensures that each line of source code has been
executed and tested.
Decision coverage: This coverage ensures that every decision (true/false) in the source
code has been executed and tested.
Path coverage: In this coverage we ensure that every possible route through a given part
of code is executed and tested.
Ans. Agile Testing is a practice that a QA follows in a dynamic environment where testing
requirements keep changing according to the customer needs. It is done parallel to the
development activity where testing team receives frequent small codes from the development
team for testing.
Ans. Burn-up and burn-down charts are used to keep track the progress of the project.
Burn-up charts represent how much work has been completed in any project whereas Burn-down
chart represents the remaining work in a project.
Ans. There are mainly three roles that a Scrum team have:
1. Project Owner – who has the responsibility of managing product backlog. Works with
end users and customers and provide proper requirement to the team to build the proper
product.
2. Scrum Master – who works with scrum team to make sure each sprint gets complete on
time. Scrum master ensure proper work flow to the team.
3. Scrum Team – Each member in the team should be self-organized, dedicated and
responsible for high quality of the work.
Ans. Product backlog is maintained by the project owner which contains every feature and
requirement of the product.
Sprint backlog can be treated as subset of product backlog which contains features and
requirements related to that particular sprint only.
Ans. Velocity is a metric that is calculated by addition of all efforts estimates associated with
user stories completed in a iteration. It predicts how much work Agile can complete in a sprint
and how much time will require to complete a project.
Q#6. Explain the difference between traditional Waterfall model and Agile testing?
Ans. Agile testing is done parallel to the development activity whereas in traditional waterfall
model testing is done at the end of the development.
As done in parallel, agile testing is done on small features whereas in waterfall model testing is
done on whole application.
Ans. Pair programming is a technique in which two programmer works as team in which one
programmer writes code and other one reviews that code. They both can switch their roles.
Benefits:
1. Improved code quality: As second partner reviews the code simultaneously, it reduces the
chances of mistake.
2. Knowledge transfer is easy: One experience partner can teach other partner about the
techniques and codes.
Ans. Modification of the code without changing its functionality to improve the performance is
called re-factoring.
Q#9. Explain the Iterative and Incremental Development in Agile?
Ans. Iterative Development: Software is developed and delivered to customer and based on the
feedback again developed in cycles or release and sprints. Say in Release 1 software is developed
in 5 sprints and delivered to customer. Now customer wants some changes, then development
team plan for 2nd release which can be completed in some sprints and so on.
Ans. This question is to test the analytical capability of the candidate. Answer can be-
Work with PO to understand the exact requirement to update test cases. Also understand the risk
in changing the requirement. Apart from this one should be able to write generic test plan and
test cases. Don’t go for the automation until requirements are finalized.
Ans. A small code which mimics a specific component in the system and can replace it. Its
output is same as the component it replaces.
Ans.
Ans. Task board is dash board which shows progress of the project. It contains:
1. User Story: which has the actual business requirement?
2. To Do: Tasks that can be worked on.
3. In Progress: Tasks in progress.
4. To Verify: Tasks pending for verification or testing
5. Done: Completed tasks.
Ans. It is Test-first development technique in which we add a test first before we write a
complete production code. Next we run the test and based on the result re factor the code to
fulfill the test requirement.
Ans. QA can provide a value addition by thinking differently about the various scenarios to test a
story. They can provide quick feedback to the developers whether new functionality is working
fine or not.
Ans. It is a software development model which is combination of scrum and kanban. Scrum ban
is considered for maintenance projects in which there are frequent changes or unexpected user
stories. It can reduce the minimum completion time for user stories.
Ans. Application Binary Interface or ABI defines an interface for complied application programs
or we can say it describes the low level interface between an application and the operating
system.
Ans. It can be defined as pre step to the first sprint. Activities like setting development
environment, preparing backlog etc. needs to be done before starting of the first sprint and can be
treated as Sprint zero.
Ans. There may be some technical issues or design problem in the project which needs to be
resolved first. To provide the solution of these problem “Spikes” are created. Spikes are of two
types- Functional and Technical.
Ans. The purpose of a tracer bullet is to examine how an end-to-end process will work and
examine feasibility.
Ans. If capacity is measured as a percentage of a 40 hours weeks then completed story points
* team capacity
Ans: mobile applications need to be downloaded on your system but web applications can be
use without downloading on your system with browser and internet connection.
Mobile applications are platform dependent but web applications are not.
Mobile applications need access to gallery or contacts but in web applications not.
There is need to update mobile applications but web application update automatically.
Q#27: what is inspection and walk-through?
inspection:
it is usually led by a trained moderator.
document under inspection is prepared and checked thoroughly before meeting
by reviewers, using rules and checklists.
example; concrete pouring in building.
helps author to improve quality of document.
remove defects efficiently as early as possible.
improve product quality by producing documents with a high level of quality.
The ripple effect metric shows what impact changes to software will have on the rest of the
system. ... The computation of ripple effect is based on the effect that a change to a single
variable will have on the rest of a program; it provides a measure of the program's complexity.