Why Software Testing is necessary
Software Testing is
necessary because we all make mistakes. Some of those mistakes are unimportant,
but some of them are expensive or dangerous. We need to check everything and anything we produce because
things can always go wrong – humans make
mistakes all the time.
Since we assume that our
work may have mistakes, hence we all need to check our own work. However some
mistakes come from bad assumptions and blind spots, so we might make the same
mistakes when we check our own work as we made when we did it. So we may not
notice the flaws in what we have done.
Ideally, we should
get someone else to check our work because another person is more likely to
spot the flaws.
There are several
reasons which clearly tells us as why Software Testing is important and
what are the major things that we should consider while testing of any product
or application.
Software testing is
very important because of the following reasons:
1.
Software testing is
really required to point out the defects and errors that were made during the
development phases.
2.
It’s essential since
it makes sure of the Customer’s reliability and their satisfaction in the
application.
3.
It is very important
to ensure the Quality of the product. Quality product delivered to the
customers helps in gaining their confidence.
4.
Testing is necessary
in order to provide the facilities to the customers like the delivery of high
quality product or software application which requires lower maintenance cost
and hence results into more accurate, consistent and reliable results.
5.
Testing is required
for an effective performance of software application or product.
6.
It’s important to
ensure that the application should not result into any failures because it can
be very expensive in the future or in the later stages of the development.
7.
It’s required to stay
in the business.
What is software testing?
Software Testing is the process of executing a program or system with the
intent of finding errors.
Software testing is the process used to help identify the Correctness,
Completeness, Security and Quality of the developed Computer Software
(OR)
The process of evaluating the software application or program to find the
difference between the actual results to the expected result.
Software testing has three main purposes:
- Verification
- Validation
and
- Defect
finding.
The verification process confirms that the software meets its
technical specifications and user requirements. It's a Process based
application.
The Defect is a variance between the expected and actual result. The defect's
ultimate source may be traced to a fault introduced in the specification,
design, or development (coding) phases.
Describe the difference between validation and verification
Verification is done by frequent evaluation and meetings to appraise the
documents, policy, code, requirements, and specifications. This is done with
the checklists, walkthroughs, and inspection meetings.
Validation is done during actual testing and it takes place after all the
verifications are being done.
Difference between Test case and Use case?
Use cases are prepared by business analysts from the functional requirement
analysis (FRS) according to the user requirements.
Test case are prepared by Test Engineer based on the use case. The test case is
a set procedure that guides a tester to execute a test.
Testing Methodology?
Means what kind of approach is following while testing (e.g.) functional
testing, Regression testing, Retesting, Confirmation testing.
Exploratory Testing:
With out the knowledge of requirements, testing is done by giving random
inputs.
Ad-Hoc testing:
Testing without a formal test plan or outside of a test plan.
Bug life cycle:
It has the following life cycle such as:
- New: When the bug is posted
for the first time is called new.
- Open: After the tester sends
the bug, the lead checks if it genuine then it is called as open.
- Assign: After the lead checks,
he assigns to the developer and that state is called assign.
- Test: Before the developer
releases the software with bug fixed, he changes the state of bug to
"TEST".
- Fixed: When the developer
resolved the bug the status is fixed.
- Reopen: If the bug still exists
even after the bug is fixed by the developer, the tester changes the
status to reopen.
- Closed: If the bug is no more
the status is closed.Test plan:
Test plan specifies process and scheduling of an application. Test lead
Prepares test plan document based on what to test, how to test, when to test,
whom to test. It covers the entire testing activity.
SRS:
Software requirement specification (SRS). It describes what the software will
do and how it will be expected to perform.
Requirement Traceability Matrix (RTM):
It is the mapping between customer requirements and prepared test cases. This
is used to find whether all the requirements are covered or not.
Different Levels of testing?
- Unit
Testing
- Integrated
Testing
- System
Testing
- Acceptance
Testing
Unit Testing = (Testing the
individual modules)
The testing done to a unit or to a smallest piece of software. Done to verify
if it satisfies its functional specification or its intended design structure.
The Tools used in Unit Testing are debuggers, tracers and is done by
Programmers.
Integration Testing
Testing the related modules together for its combined functionality.
System Testing
System testing of software or hardware is testing conducted on a complete,
integrated system to evaluate the system's compliance with its specified
requirements. System testing falls within the scope of black box testing, and
as such, should require no knowledge of the inner design of the code or logic.
Testing the software for the required specifications.
System integration testing
System integration testing is the process of verifying the synchronization
between two or more software systems and which can be performed after software
system collaboration is completed.
User Acceptance Testing = (It the
testing done with the intent of conforming readiness of the product and
Customer acceptance.)
Testing conducted to determine whether or not a system satisfies its acceptance
criteria and to enable the customer to determine whether or not to accept the
system. It is done against requirements and is done by actual users.
Acceptance Testing:
Formal testing conducted to determine whether or not a system satisfies its
acceptance criteria, which enables a customer to determine whether to accept
the system or not.
Compatibility testing
Compatibility testing, part of software non-functional tests, is testing
conducted on the application to evaluate the application's compatibility with
the computing environment. Computing environment may contain some or all of the
below mentioned elements:
- Computing
capacity of Hardware Platform (IBM 360, HP 9000, etc.)
- Bandwidth
handling capacity of networking hardware
- Compatibility
of peripherals (Printer, DVD drive, etc.)
- Operating
systems (MVS, UNIX, Windows, etc.)
- Database
(Oracle, Sybase, DB2, etc.)
- Other
System Software (Web server, networking/ messaging tool, etc.)
- Browser
compatibility (Firefox, Netscape, Internet Explorer, Safari, etc.)
Installation Testing
System testing conducted once again according to hardware configuration
requirements. Installation procedures may also be verified
Functional Testing
It checks that the functional specifications are correctly implemented. Can
also check if Non Functional behavior is as per expectations.
Stress testing
To evaluate a system beyond the limits of the specified requirements or system
resources (such as disk space, memory, processor utilization) to ensure the
system do not break unexpectedly
Load Testing
Load Testing, a subset of stress testing, verifies that a web site can handle a
particular number of concurrent users while maintaining acceptable response
times.
Scalability Testing is used to check whether the functionality and performance
of a system are capable to meet the volume and size change as per the
requirements.
Scalability testing can be done using load test with various software and
hardware configurations changed, where the testing environment settings
unchanged.
Regression Testing = (Testing the
application to find whether the change in code affects anywhere in the
application)
Regression Testing is "selective retesting of a system or component to
verify that modifications have not caused unintended effects". It is
repetition of tests intended to show that the software's behavior is unchanged.
It can be done at each test level.
Performance Testing
To evaluate the time taken or response time of the system to perform it's
required functions in comparison
ALPHA TESTING: Testing is
done near the completion of project.
Testing of a software product or system conducted at the developer's site by
the customer
BETA TESTING: Testing is
done after the completion of project.
Testing conducted at one or more customer sites by the end user of a delivered
software product system.
Usability Testing = (Testing the
ease with which users can learn and use a product.)
Usability testing is a technique used to evaluate a product by testing it on
users. This can be seen as an irreplaceable usability practice, since it gives
direct input on how real users use the system. This is in contrast with
usability inspection methods where experts use different methods to evaluate a
user interface without involving users.
OR
It evaluates the Human Computer Interface. Verifies for ease of use by
end-users. Verifies ease of learning the software, including user
documentation. Checks how effectively the software functions in supporting user
tasks. Checks the ability to recover from user errors.
Data Flow Testing
Selects test paths according to the location of definitions and use of
variables.
1.2.3 Loop Testing
Loops fundamental to many algorithms. Can define loops as simple, concatenated,
nested, and unstructured.
Examples:
Note that unstructured loops are not to be tested. Rather, they are redesigned.
Configuration Testing
It is used when software meant for different types of users. It also checks
that whether the software performs for all users.
Recovery Testing
It is used in verifying software restart capabilities after a
"disaster"
OR
Recovery testing is the activity of testing how well an application is able to
recover from crashes, hardware failures and other similar problems.
Examples of recovery testing:
- While
an application is running, suddenly restart the computer, and afterwards
check the validness of the application's data integrity.
- While
an application is receiving data from a network, unplug the connecting
cable. After some time, plug the cable back in and analyze the
application's ability to continue receiving data from the point at which
the network connection disappeared.
- Restart
the system while a browser has a definite number of sessions. Afterwards,
check that the browser is able to recover all of them.
Security Testing
Security testing is a process to determine that an information system protects
data and maintains functionality as intended.
OR
Security testing is the process that determines that confidential data stays
confidential
OR
Testing how well the system protects against unauthorized internal or external
access, willful damage, etc?
This process involves functional testing, penetration testing and verification.
- Test
Plan: Test Plan is a document with information
on Scope of the project, Approach, Schedule of testing activities,
Resources or Manpower required, Risk Issues, Features to be tested and not
to be tested, Test Tools and Environment Requirements.
- Test
Strategy: Test Strategy is a document prepared by
the Quality Assurance Department with the details of testing approach to
reach the Quality standards.
- Test
Scenario: Test Scenario is prepared based on the
test cases and test scripts with the sequence of execution.
- Test
Case: Test case is a document normally prepared
by the tester with the sequence of steps to test the behavior of
feature/functionality/non-functionality of the application. Test Case
document consists of Test case ID, Test Case Name, Conditions (Pre and
Post
Conditions) or Actions, Environment, Expected Results, Actual Results,
Pass/Fail. The Test cases can be broadly classified as User Interface Test
cases, Positive Test cases and Negative Test cases.
- Test
Script: Test Script is a program written to test
the functionality of the application. It is a set of system readable
instructions to automate the testing with the advantage of doing
repeatable and regression testing easily.
Test Environment: It is the Hardware and Software Environment where the
testing is going to be done. It also explains whether the software under
test interacts with Stubs and Drivers.
- Test
Procedure: Test Procedure is a document with the
detailed instruction for step by step execution of one or more test cases.
Test procedure is used in Test Scenario and Test Scripts.
- Test
Log: Test Log contains the details of test
case execution and the output information.
What is Fuzz Testing?
Fuzz testing is a Black box testing technique which uses random bad data to
attack a program and see what breaks in the application.
Fuzz testing is mostly used to,
- Set
up a correct file to enter your program
- Restore
some part of the file by using random data
- Unlock
the file with the program
- Observe
what breaks
Fuzz testing can be automated for maximum effects on large
applications. This testing improves the confidence that the application is safe
and secure.
Testing strategy:
- Black
box testing
- White
box testing
- Gray
box testing
Black box testing:
Testing of application without the knowledge of coding. Black box testing (BBT)
is also called as Functional testing.
White box testing:
Testing of application with the knowledge of coding to examine outputs.
White box testing (WBT) is also called Structural or Glass box testing.
White box testing involves looking at the structure of the code. When you know
the internal structure of a product, tests can be conducted to ensure that the
internal operations performed according to the specification. And all internal
components have been adequately exercised.
Gray box testing:
It is like monkey testing.
Static: Verifying the
documents alone.
Dynamic: Testing the
functionality.
Software testing lifecycle:
- Requirements
gathering: Collecting the project related
information.
- Analyzing: Discussing the
collected information whether the requirements can meet.
- Test
plan preparation: It specifies the entire testing activity
- Test
case preparation: It is a document which contains input and
corresponding results.
- Test
case execution: Execution of test case results to find
bugs
- Bug
Tracking: Monitoring of the bug till closed.
- Regression
testing: Testing the application to find whether
the change in code affect anywhere in the application.
WHAT IS MEAN BY DESIGNING THE APPLICATION AND TESTING THE
APPLICATION?
Designing and Testing are two different phases in a software development
process (SDLC).
- Information
Gathering
- Analysis
- Designing
- Coding
- Testing
- Implementation
and Maintenance
If u want answer in Testing terms means STLC, designing test includes
preparing Test Strategy, Test Plan and Test Case documents, and testing means
executing the test cases and generating Test Reports.
Designing the application as per the requirements Designing the application is
nothing but deriving the functional flow, alternative flow, How many modules
that we are handling, data flow etc.
Two types of designs are there:
LLD - Low Level Design Documentation : This level deals with lower level modules. The flow of
diagram handled here is data Flow Diagram. Developers handle this Level.
In this designing team will divide the total application into modules and they
will derive logic for each module.
HLD - High Level Design Documentation: This level deals with higher level modules. The flow
of diagram handled here is ER - Entity Relationship. Both Developers and
Testers handle this Level.
In this designing team will prepare functional architecture i.e. Functional
flow.
Coding: writing the source code as per the LLD to meet customer requirements.
DIFFERENCE B/W SMOKE & SANITY TESTING:
SMOKE TESTING:
- Set
of the test cases which we getting a new build when we execute the
application.
- Smoke
testing is verified whether the build is testable or not.
- Testers
can reject the application.
SANITY TESTING:
- It
is also a set of test cases which is testing major and critical
functionality of the application.
- It
is one time testing process.
What is Smoke Testing?
A quick-and-dirty test that the major functions of a piece of
software work. Originated in the hardware testing practice of turning on a new
piece of hardware for the first time and considering it a success if it does
not catch on fire.
Skim Testing:
Skim Testing A testing technique used to determine the fitness of a new build
or release.
Mutation testing: (or Mutation
analysis or Program mutation) is a method of software testing, which involves
modifying programs' source code or byte code in small ways.[1] A test suite
that does not detect and reject the mutated code is considered defective. These
so-called mutations, are based on well-defined mutation operators that either
mimic typical programming errors (such as using the wrong operator or variable
name) or force the creation of valuable tests (such as driving each expression
to zero). The purpose is to help the tester develop effective tests or locate
weaknesses in the test data used for the program or in sections of the code
that are seldom or never accessed during execution.
What is Branch Testing?
Testing in which all branches in the program source code are tested at least
once.
What is security testing
testing how well the system protects against unauthorized internal or external
access, willful damage, etc?
OR
Security testing is the process that determines that confidential data stays
confidential
How do you debug an ASP.NET Web application?
Attach the aspnet_wp.exe process to the DbgClr debugger.
What is Backus-Naur Form?
A Meta language used to formally describe the syntax of a language.
Difference between Test Efficiency Vs Test Effectiveness
I've seen that many test engineers are confused with the understanding of
Software Test Efficiency and Software Test Effectiveness. Below is the summary
of what I understand from Efficiency and Effectiveness.
Software Test Efficiency:
- It
is internal in the organization how much resources were consumed how much
of these resources were utilized.
- Software
Test Efficiency is number of test cases executed divided by unit of time
(generally per hour).
- Test
Efficiency test the amount of code and testing resources required by a
program to perform a particular function.
Here are some formulas to calculate Software Test Efficiency
(for different factors):
- Test
efficiency = (total number of defects found in unit+integration+system) /
(total number of defects found in unit+integration+system+User acceptance
testing).
- Testing
Efficiency = (No. of defects Resolved / Total No. of Defects Submitted)*
100
Software Test Effectiveness:
Software Test Effectiveness covers three aspects:
- How
much the customer's requirements are satisfied by the system.
- How
well the customer specifications are achieved by the system.
- How
much effort is put in developing the system.
Software Test Effectiveness judge the Effect of the test
environment on the application.
Here are some formulas to calculate Software Test Effectiveness (for
different factors):
- Test
effectiveness = Number of defects found divided by number of test cases
executed.
- Test
effectiveness = (total number of defects injected +total number of defect
found) / (total number of defect escaped)* 100
- Test
Effectiveness = Loss due to problems / Total resources processed by the
system
What is quality assurance?
Software QA involves the entire software development PROCESS - monitoring and
improving the process, making sure that any agreed-upon standards and
procedures are followed, and ensuring that problems are found and dealt with.
It is oriented to 'prevention'.
What is the difference between QA and testing?
Testing involves operation of a system or application under controlled
conditions and evaluating the results. It is oriented to 'detection'.
Software QA involves the entire software development PROCESS - monitoring and
improving the process, making sure that any agreed-upon standards and
procedures are followed, and ensuring that problems are found and dealt with.
It is oriented to 'prevention'.
FRONT END & BACKEND TESTING
Front end testing is testing GUI and functionality.
Back-end focuses on data stored in the database.
WHAT IS SOAK TESTING
Running a system at high load for a prolonged period of time. For example,
running several times more transactions in an entire day (or night) than would
be expected in a busy day, to identify and performance problems that appear
after a large number of transactions have been executed.
Describe the Software Development Life Cycle
It includes aspects such as initial concept, requirements analysis, functional
design, internal design, documentation planning, test planning, coding,
document preparation, integration, testing, maintenance, updates, retesting, phase-out,
and other aspects.
What is a Test bed?
Test Bed is an execution environment configured for software testing. It
consists of specific hardware, network topology, Operating System,
configuration of the product to be under test, system software and other
applications. The Test Plan for a project should be developed from the test
beds to be used.
What is a Test data?
Test Data is that run through a computer program to test the software. Test
data can be used to test the compliance with effective controls in the
software.
Why does software have bugs?
Miscommunication or no communication about the details of what an application
should or shouldn't do
Programming errors in some cases the programmers can make mistakes.
Changing requirements there are chances of the end-user not understanding the
effects of changes, or may understand and request them anyway to redesign,
rescheduling of engineers, effects of other projects, work already completed
may have to be redone or thrown out.
Time force - preparation
of software projects is difficult at best, often requiring a lot of guesswork.
When deadlines are given and the crisis comes, mistakes will be made.
What is the Difference between Bug, Error and Defect?
- Bug: It is found in the
development environment before the product is shipped to the respective
customer.
- Defect: It is found in the
product itself after it is shipped to the respective customer's
- Error: It is the Deviation
from actual and the expected value.
Difference between defect, error, bug, failure and fault
- Error: A discrepancy between a
computed, observed, or measured value or condition and the true,
specified, or theoretically correct value or condition. See: anomaly, bug, defect,
exception, and fault.
- Failure: The inability of a
system or component to perform its required functions within specified
performance requirements. See: bug, crash, exception, fault.
- Bug: A fault in a program
which causes the program to perform in an unintended or unanticipated
manner. See: anomaly, defect, error, exception, fault.
- Fault: An incorrect step,
process, or data definition in a computer program which causes the program
to perform in an unintended or unanticipated manner. See: bug, defect,
error, exception.
- Defect: Mismatch between the
requirements.
What is the difference between structural and functional
testing?
Structural testing is a "white box" testing and it is based on the
algorithm or code.
Functional testing is a "black box" (behavioral) testing where the
tester verifies the functional specification.
Describe bottom-up and top-down approaches
- Bottom-up
approach: In this approach testing is conducted
from sub module to main module, if the main module is not developed a
temporary program called DRIVERS is used to simulate the main module.
- Top-down
approach: In this approach testing is conducted
from main module to sub module. If the sub module is not developed a
temporary program called STUB is used for simulate the sub module.
What is Re- test? What is Regression Testing?
Re-test - Retesting
means we testing only the certain part of an application again and not
considering how it will effect in the other part or in the whole application.
Regression Testing - Testing the
application after a change in a module or part of the application for testing
that is the code change will affect rest of the application.
Explain Load, Performance and Stress Testing with an Example.
Load Testing and Performance Testing are commonly said as positive testing
where as Stress Testing is said to be as negative testing.
Say for example there is an application which can handle 25 simultaneous user
logins at a time. In load testing we will test the application for 25 users and
check how application is working in this stage, in performance testing we will
concentrate on the time taken to perform the operation. Where as in stress
testing, we will test with more users than 25 and the test will continue to any
number and we will check where the application is cracking.
What is UAT testing? When it is to be done?
UAT stands for 'User acceptance Testing. This testing is carried out with the
user perspective and it is usually done before the release.
- Every
System Menu should have Exit/close option.
- OK
and Cancel Buttons should exist.
- All
labels should start with capital alphabets.
- Alignment
of all controls must be same.
- All
controls must be visible.
- All
labels must not overlap
The above six are called as Microsoft six rules standard for
user Interface testing. These are very important in GUI testing.
What is Vulnerability Testing?
In computer security, the term "vulnerability is a weakness which allows
an attacker to reduce a system's Information Assurance". Vulnerability is
the intersection of three elements: a system susceptibility or flaw, attacker
access to the flaw, and attacker capability to exploit the flaw. To be
vulnerable, an attacker must have at least one applicable tool or technique
that can connect to a system weakness. In this frame, vulnerability is also
known as the attack surface.
A security risk may be classified as vulnerability. Vulnerability with one or
more known instances of working and fully-implemented attacks is classified as
an exploit. The window of vulnerability is the time from when the security hole
was introduced or manifested in deployed software, to when access was removed,
a security fix was available/deployed, or the attacker was disabled.
DIFFERENCE BETWEEN FUNCTIONAL TESTING AND GUI FUNCTIONAL TESTING?
- Functional
Testing: Testing the functionality of the
Application i.e., (suppose click on login button in login screen it goes
to next page or not)
- GUI
Functional Testing: Testing the GUI objects along with
Functionality.
GUI testing or UI testing is user interface testing. That is,
testing how the application and the user interact. This includes how the
application handles keyboard and mouse input and how it displays screen text,
images, buttons, menus, dialog boxes, icons, toolbars and more.
Functional Testing is done with the intent to identify errors related to the
functionality of the Application under test.
WHAT IS GUI TESTING?
To check whether all the functionalities are working properly or not. It is
simply we can say Look And Feel.
In Security testing, what does u mean by:
- Encryption
- Authentication
- Authorization
Encryption: Encryption is the conversion of data into a form, called a cipher text
that cannot be easily understood by unauthorized people.
Authentication: It is the process of establishing the claimed identity of an individual,
a device, an object, a system, a component or a process; that claims to be.
Authorization: It is a process of granting access rights to an individual, a device, an
object, a system, a component or a process over finite resources for a specific
period of time.
Localization testing and internationalization testing are comes into black box
testing or white box testing
