White-box testing.pptx
- 2. WHAT IS WHITE-BOX TESTING? White box testing is a software testing technique that tests a system’s internal design, source code structure, data structures used, and working details. Its primary objective is to improve the software’s design, input-output flow, usability, and security. It is also called transparent testing, structural testing, and glass box testing. Implementing this testing technique requires testers to know the system’s code, architecture, and implementation details. Using this knowledge, they create test cases and execute them to verify the system’s correctness at the code level. Hence, it is also known as code-based testing. Generally, developers perform white box testing. They have complete knowledge of the software’s source code and internal workings. However, in some cases, quality assurance (QA) professionals and testers who understand complex code can also do it. This testing technique is called ‘White Box’ because developers or testers peek into a system’s internal workings from its outer shell. It applies to the first three levels of software testing – unit testing and integration testing. Unit testing validates each software module independently. Subsequently, integration testing combines unit-tested modules logically and tests their interaction or communication.
- 3. FEATURES Access to the Source Code: White box testing provides access to the software’s source code. This helps validate individual functions and modules. Code Coverage Analysis: Code coverage is a metric that determines the amount of code executed during testing. White box testing analyzes code coverage and uncovers untested source code areas. Detecting Logical Errors: It helps identify logical errors like infinite loops and incorrect conditional statements. Code Optimization: It detects performance issues, areas of code that need to be improved, and other issues. Developers or testers work to fix these issues and optimize the source code. Security Testing: Developers or testers can access the software’s source code and know its internal workings. Hence, they can identify security vulnerabilities.
- 4. WHAT TO VERIFY IN WHITE BOX TESTING? White box testing in software testing evaluates the software’s source code to verify the following parameters: 1. Internal security vulnerabilities. 2. Each object, function, and statement of the source code individually. 3. The functionality of conditional loops. 4. Broken, incomplete, and poorly structured code paths. 5. The input and output flow. In short, this testing technique validates a software’s working flow. It involves providing a set of inputs and comparing the expected and actual outputs. If the actual output does not match the expected one, it results in an error or bug.
- 5. HOW TO PERFORM WHITE BOX TESTING? Generally, developers or testers validate applications using this software testing technique in two steps: Analyze the Source Code – Understanding and analyzing an application’s source code is an elementary step. Testers or developers, whoever is performing testing, should have detailed knowledge of an application’s internal workings and the source code structure. In addition, they should consider implementing secure coding practices by keeping security as a primary factor. This will help them create effective test cases to uncover potential security vulnerabilities and ensure the maximum percentage of test coverage. Create and Execute Test Cases – Testers or developers create and execute multiple small test cases to test the application’s single process. This ensures that the source code has a proper flow and structure. Well, this step requires extremely detailed knowledge of the source code. Hence developers usually carry it out.
- 6. WHITE BOX TESTING EXAMPLE
- 7. WHITE BOX TESTING TECHNIQUES 1. Statement Coverage This technique requires traversing and testing each statement in the source code at least once. As a result, the entire source code gets exercised. The statement coverage determines the percentage of the source code a specific set of test cases exercises. The formula for statement coverage is: Statement Coverage = (Number of Statements Executed / Total Number of Statements) * 100
- 8. WHITE BOX TESTING TECHNIQUES 2. Decision Coverage/Branch Coverage The best example of a branch (decision point) in programming is the ‘if’ statement. It has two branches – True and False. The branch coverage technique ensures that each branch in the source is executed at least once. Branch coverage implies the percentage of branches or decision points executed during testing. Branch Coverage = (Number of executed branches / Total number of branches) * 100%
- 9. WHITE BOX TESTING TECHNIQUES 3. Condition Coverage Condition testing involves testing the individual conditions for both TRUE and FALSE outcomes. So, getting 100% condition coverage requires exercising each condition for both TRUE and FALSE results. For n conditions, we will have 2n test scripts. The primary aim of condition coverage is to determine the output of each condition in the source code. However, it tests only those conditions with logical operands whose outcome is either true or false.
- 10. WHITE BOX TESTING TECHNIQUES 4. Multiple Condition Testing It aims to test all the possible combinations of every condition in a branch. Let us understand this with an example. Consider the following code: if (A||B) print C The test cases for the above code will be: A=TRUE, B=TRUE A=TRUE, B=FALSE A=FALSE, B=TRUE A=FALSE, B=FALSE
- 11. WHITE BOX TESTING TECHNIQUES 5. Path Testing Path testing ensures that all possible paths in the source code are executed at least once. It involves creating a control flow graph using the source code or flowchart. Later, it determines the Cyclomatic complexity, which refers to independent paths. So, testers create minimal test cases for such independent paths. Path Coverage = (Number paths exercised / Total Number of paths in the program) x 100 %
- 12. WHITE BOX TESTING TECHNIQUES 6. Loop Testing Loops are common programming constructs and are used in most large programs. Testing loops is essential, as there are high chances of errors occurring at the start or end of loops. Hence, performing loop testing uncovers bugs or errors in any specific loop. The primary error encountered in loops is wrong indexes.
- 13. TYPES OF WHITE BOX TESTING Unit Testing: This is the first level of software testing. It tests an application’s every module, called a unit, individually for its correctness. It ensures that each component functions as expected. Integration Testing: This comes after integration testing. It combines unit-tested components logically and validates the interaction between them. It aims to uncover any errors in the interaction of components. White Box Penetration Testing: Testers have complete access to an application’s source code and network, IP, and server data, including passwords and maps. The primary goal of penetration testing is to uncover areas of the source code with security vulnerabilities. White Box Mutation Testing: As the name suggests, mutation testing depends on alterations. Testers perform minute modifications to the source code to check whether the execution of test cases on it uncovers any bugs. If test cases pass, it indicates an error in the source code. However, if test cases fail, the source code is error-free.