Tester's Guide by shanti12

VIEWS: 910 PAGES: 28

									TESTER’S



 GUIDE
                                                                                                                         Tester’s Guide




                                               TABLE OF CONTENTS



POLICY ....................................................................................................................................3
Terms to understand .................................................................................................................3
Life Cycle of Testing Process ..................................................................................................4
Levels of Testing ......................................................................................................................4
Types of Testing .......................................................................................................................5
Testing Techniques...................................................................................................................9
Web Testing Specifics............................................................................................................13
Testing - When is a program correct? ...................................................................................17
Test Plan ..................................................................................................................................17
Test cases ................................................................................................................................19
Testing Coverage ....................................................................................................................19
What if there isn't enough time for thorough testing? ..........................................................26
Defect reporting ......................................................................................................................26
Types of Automated Tools.....................................................................................................27




 <10th October,1999>                                                                                              Page 2 of 2
                                                                             Tester’s Guide




POLICY


       We are committed to Continuous Improvement of Quality of Products and Customer
       Services by adhering to International Standards.

Terms to understand

What is software 'quality'?
Quality software is reasonably bug-free, delivered on time and within budget, meets
requirements and/or expectations, and is maintainable.
What is verification? validation?
Verification typically involves reviews and meetings to evaluate documents, plans, code,
requirements, and specifications. This can be done with checklists, issues lists,
walkthroughs, and inspection meetings. Validation typically involves actual testing and
takes place after verifications are completed.
What's an 'inspection'?
An inspection is more formalized than a 'walkthrough', typically with 3-8 people
including a moderator, reader (the author of whatever is being reviewed), and a recorder
to take notes. The subject of the inspection is typically a document such as a requirements
spec or a test plan, and the purpose is to find problems and see what's missing, not to fix
anything.
QA & testing ? Differences
Software QA involves the entire software development PROCESS - monitoring and
improving the process, making sure that any agreed-upon standards and procedures are
followed, and ensuring that problems are found and dealt with. It is oriented to
'prevention'
Testing involves operation of a system or application under controlled conditions and
evaluating the results (eg, 'if the user is in interface A of the application while using
hardware B, and does C, then D should happen'). The controlled conditions should
include both normal and abnormal conditions. Testing should intentionally attempt to



 <10th October,1999>                                                     Page 3 of 2
                                                                             Tester’s Guide


make things go wrong to determine if things happen when they shouldn't or things don't
happen when they should. It is oriented to 'detection'.
Life Cycle of Testing Process


The following are some of the steps to consider:

      Obtain requirements, functional design, and internal design specifications and
       other necessary documents
      Obtain schedule requirements
      Determine project-related personnel and their responsibilities, reporting
       requirements, required standards and processes (such as release processes, change
       processes, etc.)
      Identify application's higher-risk aspects, set priorities, and determine scope and
       limitations of tests
      Determine test approaches and methods - unit, integration, functional, system,
       load, usability tests, etc.
      Determine test environment requirements (hardware, software, communications,
       etc.)
      Determine testware requirements (record/playback tools, coverage analyzers, test
       tracking, problem/bug tracking, etc.)
      Determine test input data requirements
      Identify tasks, those responsible for tasks
      Set schedule estimates, timelines, milestones
      Determine input equivalence classes, boundary value analyses, error classes
      Prepare test plan document and have needed reviews/approvals
      Write test cases
      Have needed reviews/inspections/approvals of test cases
      Prepare test environment and testware, obtain needed user manuals/reference
       documents/configuration guides/installation guides, set up test tracking processes,
       set up logging and archiving processes, set up or obtain test input data
      Obtain and install software releases
      Perform tests
      Evaluate and report results
      Track problems/bugs and fixes
      Retest as needed
      Maintain and update test plans, test cases, test environment, and testware through
       life cycle


Levels of Testing

Unit Testing



 <10th October,1999>                                                     Page 4 of 2
                                                                              Tester’s Guide


The most 'micro' scale of testing; to test particular functions or code modules. Typically
done by the programmer and not by testers, as it requires detailed knowledge of the
internal program design and code. Not always easily done unless the application has a
well-designed architecture with tight code; may require developing test driver modules or
test harnesses.
Integration testing
Testing of combined parts of an application to determine if they function together
correctly. The 'parts' can be code modules, individual applications, client and server
applications on a network, etc. This type of testing is especially relevant to client/server
and distributed systems.
Integration can be top-down or bottom-up:
• Top-down testing starts with main and successively replaces stubs with the real
modules.
• Bottom-up testing builds larger module assemblies from primitive modules.
• Sandwich testing is mainly top-down with bottom-up integration and testing applied to
certain widely used components
Acceptance testing
Final testing based on specifications of the end-user or customer, or based on use by end-
users/customers over some limited period of time.
Types of Testing

Incremental integration testing
Continuous testing of an application as new functionality is added; requires that various
aspects of an application's functionality be independent enough to work separately before
all parts of the program are completed, or that test drivers be developed as needed; done
by programmers or by testers.
Sanity testing
Typically an initial testing effort to determine if a new software version is performing
well enough to accept it for a major testing effort. For example, if the new software is
crashing systems every 5 minutes, bogging down systems to a crawl, or destroying
databases, the software may not be in a 'sane' enough condition to warrant further testing
in its current state.

 <10th October,1999>                                                      Page 5 of 2
                                                                                 Tester’s Guide


Compatability testing
Testing how well software performs in a particular hardware/software/operating
system/network/etc. environment.
Exploratory testing
Often taken to mean a creative, informal software test that is not based on formal test
plans or test cases; testers may be learning the software as they test it.
Ad-hoc testing
Similar to exploratory testing, but often taken to mean that the testers have significant
understanding of the software before testing it.
Comparison testing
Comparing software weaknesses and strengths to competing products.
Load testing
Testing an application under heavy loads, such as testing of a web site under a range of
loads to determine at what point the system's response time degrades or fails.
System testing
Black-box type testing that is based on overall requirements specifications; covers all
combined parts of a system.
Functional testing
Black-box type testing geared to functional requirements of an application; this type of
testing should be done by testers. This doesn't mean that the programmers shouldn't
check that their code works before releasing it (which of course applies to any stage of
testing.)
Volume testing

Volume testing involves testing a software or Web application using corner cases of "task
size" or input data size. The exact volume tests performed depend on the application's
functionality, its input and output mechanisms and the technologies used to build the
application. Sample volume testing considerations include, but are not limited to:
  If the application reads text files as inputs, try feeding it both an empty text file and a
  huge (hundreds of megabytes) text file.
  If the application stores data in a database, exercise the application's functions when the


 <10th October,1999>                                                         Page 6 of 2
                                                                              Tester’s Guide


  database is empty and when the database contains an extreme amount of data.
  If the application is designed to handle 100 concurrent requests, send 100 requests
  simultaneously and then send the 101st request.
  If a Web application has a form with dozens of text fields that allow a user to enter text
  strings of unlimited length, try populating all of the fields with a large amount of text
  and submit the form.

Stress testing
Term often used interchangeably with 'load' and 'performance' testing. Also used to
describe such tests as system functional testing while under unusually heavy loads, heavy
repetition of certain actions or inputs, input of large numerical values, large complex
queries to a database system, etc.
Sociability Testing

This means that you test an application in its normal environment, along with other
standard applications, to make sure they all get along together; that is, that they don't
corrupt each other's files, they don't crash, they don't consume system resources, they
don't lock up the system, they can share the printer peacefully, etc.
Usability testing
Testing for 'user-friendliness'. Clearly this is subjective, and will depend on the targeted
end-user or customer. User interviews, surveys, video recording of user sessions, and
other techniques can be used. Programmers and testers are usually not appropriate as
usability testers.
Recovery testing
Testing how well a system recovers from crashes, hardware failures, or other catastrophic
problems.
Security testing
Testing how well the system protects against unauthorized internal or external access,
willful damage, etc; may require sophisticated testing techniques.




 <10th October,1999>                                                      Page 7 of 2
                                                                              Tester’s Guide


Performance Testing
Term often used interchangeably with 'stress' and 'load' testing. Ideally 'performance'
testing (and any other 'type' of testing) is defined in requirements documentation or QA
or Test Plans.
End-to-end testing
Similar to system testing; the 'macro' end of the test scale; involves testing of a complete
application environment in a situation that mimics real-world use, such as interacting
with a database, using network communications, or interacting with other hardware,
applications, or systems if appropriate.
Regression testing
Re-testing after fixes or modifications of the software or its environment. It can be
difficult to determine how much re-testing is needed, especially near the end of the
development cycle. Automated testing tools can be especially useful for this type of
testing.
Parallel testing
With parallel testing, users can easily choose to run batch tests or asynchronous tests
depending on the needs of their test systems. Testing multiple units in parallel increases
test throughput and lower a manufacturer's
Install/uninstall testing
Testing of full, partial, or upgrade install/uninstall processes.
Mutation testing
A method for determining if a set of test data or test cases is useful, by deliberately
introducing various code changes ('bugs') and retesting with the original test data/cases to
determine if the 'bugs' are detected. Proper implementation requires large computational
resources.
Alpha testing
Testing of an application when development is nearing completion; minor design changes
may still be made as a result of such testing. Typically done by end-users or others, not
by programmers or testers.




 <10th October,1999>                                                      Page 8 of 2
                                                                               Tester’s Guide


Beta testing
Testing when development and testing are essentially completed and final bugs and
problems need to be found before final release. Typically done by end-users or others, not
by programmers or testers.


Testing Techniques

Black Box testing
Black box testing (data driven or input/output driven) is not based on any knowledge of
internal design or code. Tests are based on requirements and functionality. Black box
testing attempts to derive sets of inputs that will fully exercise all the functional
requirements of a system. It is not an alternative to white box testing. This type of testing
attempts to find errors in the following categories:

        1.     incorrect or missing functions,
        2.     interface errors,
        3.     errors in data structures or external database access,
        4.     performance errors, and
        5.     initialization and termination errors.

    Range testing :Equivalence Testing
This method divides the input domain of a program into classes of data from which test
cases can be derived. Equivalence partitioning strives to define a test case that uncovers
classes of errors and thereby reduces the number of test cases needed. It is based on an
evaluation of equivalence classes for an input condition. An equivalence class represents
a set of valid or invalid states for input conditions.

Equivalence classes may be defined according to the following guidelines:
        1. If an input condition specifies a range, one valid and two invalid equivalence
             classes are defined.
        2. If an input condition requires a specific value, then one valid and two invalid
             equivalence classes are defined.



 <10th October,1999>                                                       Page 9 of 2
                                                                              Tester’s Guide


       3. If an input condition specifies a member of a set, then one valid and one
           invalid equivalence class are defined.
       4. If an input condition is boolean, then one valid and one invalid equivalence
           class are defined.

Testcase Design for Equivalence partitioning
        1. Good test case reduces by more than one the number of other test cases
            which must be developed
        2. Good test case covers a large set of other possible cases
        3. Classes of valid inputs
        4. Classes of invalid inputs
    Boundary testing
This method leads to a selection of test cases that exercise boundary values. It
complements equivalence partitioning since it selects test cases at the edges of a class.
Rather than focusing on input conditions solely, BVA derives test cases from the output
domain also. BVA guidelines include:

        1. For input ranges bounded by a and b, test cases should include values a and b
            and just above and just below a and b respectively.
        2. If an input condition specifies a number of values, test cases should be
            developed to exercise the minimum and maximum numbers and values just
            above and below these limits.
        3. Apply guidelines 1 and 2 to the output.
        4. If internal data structures have prescribed boundaries, a test case should be
            designed to exercise the data structure at its boundary.

Test case Design for Boundary value analysis :
Situations on, above, or below edges of input, output, and condition classes have high
probability of success
    Error Guessing
Error Guessing is the process of using intuition and past experience to fill in gaps in the
test data set. There are no rules to follow. The tester must review the test records with an
eye towards recognizing missing conditions. Two familiar examples of error prone

 <10th October,1999>                                                     Page 10 of 2
                                                                                Tester’s Guide


situations are division by zero and calculating the square root of a negative number.
Either of these will result in system errors and garbled output.
Other cases where experience has demonstrated error proneness are the processing of
variable length tables, calculation of median values for odd and even numbered
populations, cyclic master file/data base updates (improper handling of duplicate keys,
unmatched keys, etc.), overlapping storage areas, overwriting of buffers, forgetting to
initialize buffer areas, and so forth. I am sure you can think of plenty of circumstances
unique to your hardware/software environments and use of specific programming
languages.
Error Guessing is as important as Equivalence partitioning and Boundary Analysis
because it is intended to compensate for their inherent incompleteness. As Equivalence
Partitioning and Boundary Analysis complement one another, Error Guessing
complements both of these techniques.

White Box testing
White box testing (logic driven) is based on knowledge of the internal logic of an
application's code. Tests are based on coverage of code statements, branches, paths,
conditions. White box testing is a test case design method that uses the control structure
of the procedural design to derive test cases. Test cases can be derived that
        1. guarantee that all independent paths within a module have been exercised at
             least once,
        2. exercise all logical decisions on their true and false sides,
        3. execute all loops at their boundaries and within their operational bounds, and
        4. exercise internal data structures to ensure their validity.

   Path Testing
A path-coverage test allow us to exercise every transition between the program
statements (and so every statement and branch as well).

       First we construct a program graph.
       Then we enumerate all paths.
       Finally we devise the test cases.

Possible criteria:

 <10th October,1999>                                                       Page 11 of 2
                                                                                 Tester’s Guide




         1. exercise every path from entry to exit;
         2. exercise each statement at least once;
         3. Exercise each case in every branch/case.

    Condition testing
A condition test can use a combination of Comparison operators and Logical operators.
The Comparison operators compare the values of variables and this comparison produces
a boolean result. The Logical operators combine booleans to produce a single boolean
result that is the result of the condition test.
e.g. (a == b) Result is true if the value of a is the same as the value of b.
Myers: take each branch out of a condition at least once.
White and Cohen: for each relational operator e1 < e2 test all combinations of e1, e2
orderings. For a Boolean condition, test all possible inputs (!).
Branch and relational operator testing---enumerate categories of operator values.
B1 || B2: test {B1=t,B2=t}, {t,f}, {f,t}
B1 || (e2 = e3): test {t,=}, {f,=}, {t,<}, {t,>}.

     Loop Testing

         1. For single loop, zero minimum, N maximum, no excluded values:


         2. Try bypassing loop entirely.
         3. Try negative loop iteration variable.
         4. One iteration through loop.
         5. Two iterations through loop---some initialization problems can be uncovered
             only by two iterations.
         6. Typical number of cases;
         7. One less than maximum.
         8. Maximum.
         9. Try greater than maximum.

    Data Flow Testing
Def-use chains:

 <10th October,1999>                                                        Page 12 of 2
                                                                            Tester’s Guide




           1. def = definition of variable
           2. use = use of that variable;
           3. def-use chains go across control boundaries.
           4. Testing---test every def-use chain at least once.

Stubs for Testing
A Stub is a dummy procedure, module or unit that stands in for an unfinished portion of a
system
Stubs for Top-Down Testing

         4 basic types:
              o Display a trace message
              o Display parameter value(s)
              o Return a value from a table
              o Return table value selected by parameter

Drivers for Testing
Test Harness or a test driver is supporting code and data used to provide an environment
for testing part of a system in isolation.


Web Testing Specifics

Internet Software - Quality Characteristics
     Functionality - Verified content
     Reliability - Security and availability
     Efficiency - Response Times
     Usability - High user satisfaction
     Portability - Platform Independence

WWW Project Peculiarities
     Software Consists of large degree of components
     User Interface is more complex than many GUI based Client-Server applications.
     User may be unknown ( no training/ user manuals)
     Security threats come from anywhere
     User load unpredictable

Basic HTML Testing
     Check for illegal elements present

    <10th October,1999>                                                Page 13 of 2
                                                                               Tester’s Guide


     Check for illegal attributes present
     Check for tags close
     Check for the tags <HEAD>,<TITLE>,<BODY>, <DOCTYPE>
     Check that all IMG tags should have ALT tag[ALT tags must be suggestive]
     Check for consistency of fonts, colors and font size.
     Check for spelling errors in text and images.
     Check for "Non Sense" mark up

     Example for Non Sense mark up
<B>Hello</B> may be written as <B>H</B><B>ell</B><B>o</B>

Suggestions for fast loading
     Web pages weight should be reduced to lesser size as much as possible
     Don’t knock door of the Database every time. Go for the alternate.
      Example: If your web application has Reports, generate the content of the report in a
      Static HTML file in a periodic time. When the user view the report show him the
      static HTML content. No need to go to the database and retrieve the data when the
      user hits the report link.
      Cached Query - If the data which is fetched using a query only changes periodically
      Then we can cache the query for that period. This will avoid unnecessary database
      access.
     Every IMG tags must have WIDTH and HEIGHT attributes.
          IMG - Bad Example

          <B> Hello </B>
          <IMG SRC = "FAT.GIF">
          <B> World </B>

          IMG - Good Example

          <B> Hello </B>
          <IMG SRC = "FAT.GIF" WIDTH ="120" HEIGHT="150" >
          <B> World </B>

     All the photographic images must be in "jpg" format
     Computer created images must be in "gif" format
     Background image should be less than 3.5k [ the background image should be same
      for all the pages(except for functional reasons)]
     Avoid nested tables.
     Keep table text size to a minimum (e.g. less than 5000 characters)

Link Testing
     You must ensure that all the hyperlinks are valid
     This applies to both internal and external links


    <10th October,1999>                                                  Page 14 of 2
                                                                                Tester’s Guide


     Internal links shall be relative , to minimize the overhead and faults when the web site
      is moved to production environment
     External links shall be referenced to absolute URLs
     External links can change without control - So, automate regression testing
     Remember that external non- home page links are more likely to break
     Be careful at links in "What's New" sections. They are likely to become obsolete
     Check that content can be accessed by means of : Search engine, Site Map
     Check the accuracy of Search Engine results
     Check that web Site Error 404 ("Not Found") is handled by means of a user-friendly
      page

Compatibility Testing

     Check for the site behaviour across the industry standard browsers. The main issues
      involve how different the browsers handle tables, images, caching and scripting
      languages
     In cross browsers testing , check for :
             Behaviour of buttons
             Support of Java scripts
             Support of tables
             Acrobat, Real, Flash behaviour
             ActiveX control support
             Java compatibility
             Text size


               Browser    ActiveX VB                  Java Dynamic
Browser                                   JavaScript               Frames CSS 1.0 CSS 2.0
               version    controls Script            applets HTML
Internet     4.0 and
                          Enabled Enabled Enabled      Enabled Enabled Enabled Enabled Enabled
Explorer     later
Internet     3.0 and
                          Enabled Enabled Enabled      Enabled Disabled Enabled Enabled Disabled
Explorer     later
Netscape
         4.0 and          Disable
Navigato                          Disabled Enabled     Enabled Enabled Enabled Enabled Enabled
         later            d
r
Netscape
         3.0 and          Disable                                                  Disable
Navigato                          Disabled Enabled     Enabled Disabled Enabled            Disabled
         later            d                                                        d
r
Both
Internet
Explorer 4.0 and          Disable
                                  Disabled Enabled     Enabled Enabled Enabled Enabled Enabled
and      later            d
Navigato
r
Both     3.0 and          Disable Disabled Enabled     Enabled Disabled Enabled Disable Disabled


    <10th October,1999>                                                    Page 15 of 2
                                                                                 Tester’s Guide


Internet later      d                                                              d
Explorer
and
Navigato
r
Microsof
         Unavailabl Disable                           Disable          Disable Disable
t Web                       Disabled Disabled                 Disabled                 Disabled
         e          d                                 d                d       d
TV

Usability Testing
Aspects to be tested with care:
      Coherence of look and feel
      Navigational aids
      User Interactions
      Printing
With respect to
          Normal behaviour
          Destructive behaviour
          Inexperienced users

       Usability Tips

1. Define categories in terms of user goals
2. Name sections carefully
3. Think internationally
4. Identify the homepage link on every page
5. Make sure search is always available
6. Test all the browsers your audience will use
7. Differentiate visited links from unvisited links
8. Never use graphics where HTML text will do
9. Make GUI design predictable and consistent
10. Check that printed pages fit appropriately to paper pages [consider that many people
    just surf and print. Check especially the pages for which format is important. E.g.: an
    application form can either be filled on-line or printed/filled/faxed]

Portability Testing

     Check that links to URLs outside the web site must be in canonical
      form(http://www.srasys.co.in)
     Check that links to URLs into the web site must be in relative form(e.g.
      …./aaouser/images/images.gif)

Cookies Testing

What are cookies?

    <10th October,1999>                                                   Page 16 of 2
                                                                              Tester’s Guide




A "Cookie" is a small piece of information sent by the web server to store on a web
browser. So it can later be read back from the browser. This is useful for having the
browser remember some specific information.

Why must you test cookies?

     Cookies can expire
     Users can disable them in Browser

How to perform Cookies testing?

     Check the behaviour after cookies expiration
     Work with cookies disabled
     Disable cookies mid-way
     Delete web cookies mid-way
     Clear memory and disk cache mid-way


Testing - When is a program correct?

There are levels of correctness. We must determine the appropriate level of correctness
for each system because it costs more and more to reach higher levels.

      1. No syntactic errors
      2. Compiles with no error messages
      3. Runs with no error messages
      4. There exists data which gives correct output
      5. Gives correct output for required input
      6. Correct for typical test data
      7. Correct for difficult test data
      8. Proven correct using mathematical logic
      9. Obeys specifications for all valid data
      10. Obeys specifications for likely erroneous input
      11. Obeys specifications for all possible input

Test Plan

A software project test plan is a document that describes the objectives, scope, approach,
and focus of a software testing effort. The process of preparing a test plan is a useful way
to think through the efforts needed to validate the acceptability of a software product. The
completed document will help people outside the test group understand the 'why' and


    <10th October,1999>                                                  Page 17 of 2
                                                                              Tester’s Guide


'how' of product validation. It should be thorough enough to be useful but not so thorough
that no one outside the test group will read it. The following are some of the items that
might be included in a test plan, depending on the particular project:

      Title of the Project
      Identification of document including version numbers
      Revision history of document including authors, dates, approvals
      Table of Contents
      Purpose of document, intended audience
      Objective of testing effort
      Software product overview
      Relevant related document list, such as requirements, design documents, other test
       plans, etc.
      Relevant standards or legal requirements
      Traceability requirements
      Relevant naming conventions and identifier conventions
      Test organization and personnel/contact-info/responsibilities
      Assumptions and dependencies
      Project risk analysis
      Testing priorities and focus
      Scope and limitations of testing
      Test outline - a decomposition of the test approach by test type, feature,
       functionality, process, system, module, etc. as applicable
      Outline of data input equivalence classes, boundary value analysis, error classes
      Test environment - hardware, operating systems, other required software, data
       configurations, interfaces to other systems
      Test environment setup and configuration issues
      Test data setup requirements
      Database setup requirements
      Outline of system-logging/error-logging/other capabilities, and tools such as
       screen capture software, that will be used to help describe and report bugs
      Discussion of any specialized software or hardware tools that will be used by
       testers to help track the cause or source of bugs
      Test automation - justification and overview
      Test tools to be used, including versions, patches, etc.
      Test script/test code maintenance processes and version control
      Problem tracking and resolution - tools and processes
      Project test metrics to be used
      Reporting requirements and testing deliverables
      Software entrance and exit criteria
      Initial sanity testing period and criteria
      Test suspension and restart criteria
      Personnel pre-training needs
      Test site/location
      Relevant proprietary, classified, security, and licensing issues.

 <10th October,1999>                                                     Page 18 of 2
                                                                               Tester’s Guide


      Appendix - glossary, acronyms, etc.

Test cases

What's a 'test case'?
       1. A test case is a document that describes an input, action, or event and an
           expected response, to determine if a feature of an application is working
           correctly. A test case should contain particulars such as test case identifier,
           test case name, objective, test conditions/setup, input data requirements,
           steps, and expected results.
       2. Note that the process of developing test cases can help find problems in the
           requirements or design of an application, since it requires completely
           thinking through the operation of the application. For this reason, it's useful
           to prepare test cases early in the development cycle if possible.


Testing Coverage


   1. Line coverage. Test every line of code (Or Statement coverage: test every
      statement).
   2. Branch coverage. Test every line, and every branch on multi-branch lines.
   3. N-length sub-path coverage. Test every sub-path through the program of length
      N. For example, in a 10,000 line program, test every possible 10-line sequence of
      execution.
   4. Path coverage. Test every path through the program, from entry to exit. The
      number of paths is impossibly large to test.
   5. Multicondition or predicate coverage. Force every logical operand to take every
      possible value. Two different conditions within the same test may result in the
      same branch, and so branch coverage would only require the testing of one of
      them.
   6. Trigger every assertion check in the program. Use impossible data if necessary.
   7. Loop coverage. "Detect bugs that exhibit themselves only when a loop is
      executed more than once."
   8. Every module, object, component, tool, subsystem, etc. This seems obvious until
      you realize that many programs rely on off-the-shelf components. The
      programming staff doesn't have the source code to these components, so
      measuring line coverage is impossible. At a minimum (which is what is measured
      here), you need a list of all these components and test cases that exercise each one
      at least once.



<10th October,1999>                                                     Page 19 of 2
                                                                             Tester’s Guide


  9. Fuzzy decision coverage. If the program makes heuristically-based or similarity-
      based decisions, and uses comparison rules or data sets that evolve over time,
      check every rule several times over the course of training.
  10. Relational coverage. "Checks whether the subsystem has been exercised in a way
      that tends to detect off-by-one errors" such as errors caused by using < instead of
      <=. This coverage includes:
           11.
           o Every boundary on every input variable.
           o Every boundary on every output variable.
           o Every boundary on every variable used in intermediate calculations.
  12. Data coverage. At least one test case for each data item / variable / field in the
      program.
  13. Constraints among variables: Let X and Y be two variables in the program. X and
      Y constrain each other if the value of one restricts the values the other can take.
      For example, if X is a transaction date and Y is the transaction's confirmation date,
      Y can't occur before X.
  14. Each appearance of a variable. Suppose that you can enter a value for X on three
      different data entry screens, the value of X is displayed on another two screens,
      and it is printed in five reports. Change X at each data entry screen and check the
      effect everywhere else X appears.
  15. Every type of data sent to every object. A key characteristic of object-oriented
      programming is that each object can handle any type of data (integer, real, string,
      etc.) that you pass to it. So, pass every conceivable type of data to every object.
  16. Handling of every potential data conflict. For example, in an appointment
      calendaring program, what happens if the user tries to schedule two appointments
      at the same date and time?
  17. Handling of every error state. Put the program into the error state, check for
      effects on the stack, available memory, handling of keyboard input. Failure to
      handle user errors well is an important problem, partially because about 90% of
      industrial accidents are blamed on human error or risk-taking. Under the legal
      doctrine of foreseeable misuse, the manufacturer is liable in negligence if it fails
      to protect the customer from the consequences of a reasonably foreseeable misuse
      of the product.
  18. Every complexity / maintainability metric against every module, object,
      subsystem, etc. There are many such measures. Jones lists 20 of them. People
      sometimes ask whether any of these statistics are grounded in a theory of
      measurement or have practical value. But it is clear that, in practice, some
      organizations find them an effective tool for highlighting code that needs further
      investigation and might need redesign.
  19. Conformity of every module, subsystem, etc. against every corporate coding
      standard. Several companies believe that it is useful to measure characteristics of
      the code, such as total lines per module, ratio of lines of comments to lines of
      code, frequency of occurrence of certain types of statements, etc. A module that
      doesn't fall within the "normal" range might be summarily rejected (bad idea) or
      re-examined to see if there's a better way to design this part of the program.



<10th October,1999>                                                     Page 20 of 2
                                                                            Tester’s Guide


  20. Table-driven code. The table is a list of addresses or pointers or names of
      modules. In a traditional CASE statement, the program branches to one of several
      places depending on the value of an expression. In the table-driven equivalent, the
      program would branch to the place specified in, say, location 23 of the table. The
      table is probably in a separate data file that can vary from day to day or from
      installation to installation. By modifying the table, you can radically change the
      control flow of the program without recompiling or relinking the code. Some
      programs drive a great deal of their control flow this way, using several tables.
      Coverage measures? Some examples:
          21.
          o check that every expression selects the correct table element
          o check that the program correctly jumps or calls through every table
               element
          o check that every address or pointer that is available to be loaded into these
               tables is valid (no jumps to impossible places in memory, or to a routine
               whose starting address has changed)
          o check the validity of every table that is loaded at any customer site.
  22. Every interrupt. An interrupt is a special signal that causes the computer to stop
      the program in progress and branch to an interrupt handling routine. Later, the
      program restarts from where it was interrupted. Interrupts might be triggered by
      hardware events (I/O or signals from the clock that a specified interval has
      elapsed) or software (such as error traps). Generate every type of interrupt in
      every way possible to trigger that interrupt.
  23. Every interrupt at every task, module, object, or even every line. The interrupt
      handling routine might change state variables, load data, use or shut down a
      peripheral device, or affect memory in ways that could be visible to the rest of the
      program. The interrupt can happen at any time-between any two lines, or when
      any module is being executed. The program may fail if the interrupt is handled at
      a specific time. (Example: what if the program branches to handle an interrupt
      while it's in the middle of writing to the disk drive?)
  24.
      The number of test cases here is huge, but that doesn't mean you don't have to
      think about this type of testing. This is path testing through the eyes of the
      processor (which asks, "What instruction do I execute next?" and doesn't care
      whether the instruction comes from the mainline code or from an interrupt
      handler) rather than path testing through the eyes of the reader of the mainline
      code. Especially in programs that have global state variables, interrupts at
      unexpected times can lead to very odd results.
  25. Every anticipated or potential race. Imagine two events, A and B. Both will occur,
      but the program is designed under the assumption that A will always precede B.
      This sets up a race between A and B -if B ever precedes A, the program will
      probably fail. To achieve race coverage, you must identify every potential race
      condition and then find ways, using random data or systematic test case selection,
      to attempt to drive B to precede A in each case.
  26.
      Races can be subtle. Suppose that you can enter a value for a data item on two


<10th October,1999>                                                    Page 21 of 2
                                                                              Tester’s Guide


      different data entry screens. User 1 begins to edit a record, through the first
      screen. In the process, the program locks the record in Table 1. User 2 opens the
      second screen, which calls up a record in a different table, Table 2. The program
      is written to automatically update the corresponding record in the Table 1 when
      User 2 finishes data entry. Now, suppose that User 2 finishes before User 1. Table
      2 has been updated, but the attempt to synchronize Table 1 and Table 2 fails.
      What happens at the time of failure, or later if the corresponding records in Table
      1 and 2 stay out of synch?
  27. Every time-slice setting. In some systems, you can control the grain of switching
      between tasks or processes. The size of the time quantum that you choose can
      make race bugs, time-outs, interrupt-related problems, and other time-related
      problems more or less likely. Of course, coverage is an difficult problem here
      because you aren't just varying time-slice settings through every possible value.
      You also have to decide which tests to run under each setting. Given a planned set
      of test cases per setting, the coverage measure looks at the number of settings
      you've covered.
  28. Varied levels of background activity. In a multiprocessing system, tie up the
      processor with competing, irrelevant background tasks. Look for effects on races
      and interrupt handling. Similar to time-slices, your coverage analysis must specify
          29.
          o categories of levels of background activity (figure out something that
               makes sense) and
          o all timing-sensitive testing opportunities (races, interrupts, etc.).
  30. Each processor type and speed. Which processor chips do you test under? What
      tests do you run under each processor? You are looking for:
          31.
          o speed effects, like the ones you look for with background activity testing,
               and
          o consequences of processors' different memory management rules, and
          o floating point operations, and
          o any processor-version-dependent problems that you can learn about.
  32. Every opportunity for file / record / field locking.
  33. Every dependency on the locked (or unlocked) state of a file, record or field.
  34. Every opportunity for contention for devices or resources.
  35. Performance of every module / task / object. Test the performance of a module
      then retest it during the next cycle of testing. If the performance has changed
      significantly, you are either looking at the effect of a performance-significant
      redesign or at a symptom of a new bug.
  36. Free memory / available resources / available stack space at every line or on
      entry into and exit out of every module or object.
  37. Execute every line (branch, etc.) under the debug version of the operating
      system. This shows illegal or problematic calls to the operating system.
  38. Vary the location of every file. What happens if you install or move one of the
      program's component, control, initialization or data files to a different directory or
      drive or to another computer on the network?



<10th October,1999>                                                      Page 22 of 2
                                                                             Tester’s Guide


  39. Check the release disks for the presence of every file. It's amazing how often a
      file vanishes. If you ship the product on different media, check for all files on all
      media.
  40. Every embedded string in the program. Use a utility to locate embedded strings.
      Then find a way to make the program display each string.
  41. Operation of every function / feature / data handling operation under:
  42. Every program preference setting.
  43. Every character set, code page setting, or country code setting.
  44. The presence of every memory resident utility (inits, TSRs).
  45. Each operating system version.
  46. Each distinct level of multi-user operation.
  47. Each network type and version.
  48. Each level of available RAM.
  49. Each type / setting of virtual memory management.
  50. Compatibility with every previous version of the program.
  51. Ability to read every type of data available in every readable input file format. If
      a file format is subject to subtle variations (e.g. CGM) or has several sub-types
      (e.g. TIFF) or versions (e.g. dBASE), test each one.
  52. Write every type of data to every available output file format. Again, beware of
      subtle variations in file formats-if you're writing a CGM file, full coverage would
      require you to test your program's output's readability by every one of the main
      programs that read CGM files.
  53. Every typeface supplied with the product. Check all characters in all sizes and
      styles. If your program adds typefaces to a collection of fonts that are available to
      several other programs, check compatibility with the other programs (nonstandard
      typefaces will crash some programs).
  54. Every type of typeface compatible with the program. For example, you might test
      the program with (many different) TrueType and Postscript typefaces, and fixed-
      sized bitmap fonts.
  55. Every piece of clip art in the product. Test each with this program. Test each
      with other programs that should be able to read this type of art.
  56. Every sound / animation provided with the product. Play them all under different
      device (e.g. sound) drivers / devices. Check compatibility with other programs
      that should be able to play this clip-content.
  57. Every supplied (or constructible) script to drive other machines / software (e.g.
      macros) / BBS's and information services (communications scripts).
  58. All commands available in a supplied communications protocol.
  59. Recognized characteristics. For example, every speaker's voice characteristics
      (for voice recognition software) or writer's handwriting characteristics
      (handwriting recognition software) or every typeface (OCR software).
  60. Every type of keyboard and keyboard driver.
  61. Every type of pointing device and driver at every resolution level and ballistic
      setting.
  62. Every output feature with every sound card and associated drivers.
  63. Every output feature with every type of printer and associated drivers at every
      resolution level.

<10th October,1999>                                                     Page 23 of 2
                                                                           Tester’s Guide


  64. Every output feature with every type of video card and associated drivers at
      every resolution level.
  65. Every output feature with every type of terminal and associated protocols.
  66. Every output feature with every type of video monitor and monitor-specific
      drivers at every resolution level.
  67. Every color shade displayed or printed to every color output device (video card /
      monitor / printer / etc.) and associated drivers at every resolution level. And
      check the conversion to grey scale or black and white.
  68. Every color shade readable or scannable from each type of color input device at
      every resolution level.
  69. Every possible feature interaction between video card type and resolution,
      pointing device type and resolution, printer type and resolution, and memory
      level. This may seem excessively complex, but I've seen crash bugs that occur
      only under the pairing of specific printer and video drivers at a high resolution
      setting. Other crashes required pairing of a specific mouse and printer driver,
      pairing of mouse and video driver, and a combination of mouse driver plus video
      driver plus ballistic setting.
  70. Every type of CD-ROM drive, connected to every type of port (serial / parallel /
      SCSI) and associated drivers.
  71. Every type of writable disk drive / port / associated driver. Don't forget the fun
      you can have with removable drives or disks.
  72. Compatibility with every type of disk compression software. Check error
      handling for every type of disk error, such as full disk.
  73. Every voltage level from analog input devices.
  74. Every voltage level to analog output devices.
  75. Every type of modem and associated drivers.
  76. Every FAX command (send and receive operations) for every type of FAX card
      under every protocol and driver.
  77. Every type of connection of the computer to the telephone line (direct, via PBX,
      etc.; digital vs. analog connection and signaling); test every phone control
      command under every telephone control driver.
  78. Tolerance of every type of telephone line noise and regional variation
      (including variations that are out of spec) in telephone signaling (intensity,
      frequency, timing, other characteristics of ring / busy / etc. tones).
  79. Every variation in telephone dialing plans.
  80. Every possible keyboard combination. Sometimes you'll find trap doors that the
      programmer used as hotkeys to call up debugging tools; these hotkeys may crash
      a debuggerless program. Other times, you'll discover an Easter Egg (an
      undocumented, probably unauthorized, and possibly embarrassing feature). The
      broader coverage measure is every possible keyboard combination at every error
      message and every data entry point. You'll often find different bugs when
      checking different keys in response to different error messages.
  81. Recovery from every potential type of equipment failure. Full coverage includes
      each type of equipment, each driver, and each error state. For example, test the
      program's ability to recover from full disk errors on writable disks. Include
      floppies, hard drives, cartridge drives, optical drives, etc. Include the various


<10th October,1999>                                                  Page 24 of 2
                                                                              Tester’s Guide


      connections to the drive, such as IDE, SCSI, MFM, parallel port, and serial
      connections, because these will probably involve different drivers.
  82. Function equivalence. For each mathematical function, check the output against
      a known good implementation of the function in a different program. Complete
      coverage involves equivalence testing of all testable functions across all possible
      input values.
  83. Zero handling. For each mathematical function, test when every input value,
      intermediate variable, or output variable is zero or near-zero. Look for severe
      rounding errors or divide-by-zero errors.
  84. Accuracy of every graph, across the full range of graphable values. Include
      values that force shifts in the scale.
  85. Accuracy of every report. Look at the correctness of every value, the formatting
      of every page, and the correctness of the selection of records used in each report.
  86. Accuracy of every message.
  87. Accuracy of every screen.
  88. Accuracy of every word and illustration in the manual.
  89. Accuracy of every fact or statement in every data file provided with the product.
  90. Accuracy of every word and illustration in the on-line help.
  91. Every jump, search term, or other means of navigation through the on-line
      help.
  92. Check for every type of virus / worm that could ship with the program.
  93. Every possible kind of security violation of the program, or of the system while
      using the program.
  94. Check for copyright permissions for every statement, picture, sound clip, or
      other creation provided with the program.
  95. Verification of the program against every program requirement and published
      specification.
  96. Verification of the program against user scenarios. Use the program to do real
      tasks that are challenging and well-specified. For example, create key reports,
      pictures, page layouts, or other documents events to match ones that have been
      featured by competitive programs as interesting output or applications.
  97. Verification against every regulation (IRS, SEC, FDA, etc.) that applies to the
      data or procedures of the program.
  98.
      Usability tests of:
  99. Every feature / function of the program.
  100.        Every part of the manual.
  101.        Every error message.
  102.        Every on-line help topic.
  103.        Every graph or report provided by the program.
  104.
      Localizability / localization tests:
  105.        Every string. Check program's ability to display and use this string if it is
      modified by changing the length, using high or low ASCII characters, different
      capitalization rules, etc.



<10th October,1999>                                                     Page 25 of 2
                                                                              Tester’s Guide


   106.       Compatibility with text handling algorithms under other languages
      (sorting, spell checking, hyphenating, etc.)
   107.       Every date, number and measure in the program.
   108.       Hardware and drivers, operating system versions, and memory-resident
      programs that are popular in other countries.
   109.       Every input format, import format, output format, or export format that
      would be commonly used in programs that are popular in other countries.
   110.       Cross-cultural appraisal of the meaning and propriety of every string
      and graphic shipped with the program.

What if there isn't enough time for thorough testing?


Use risk analysis to determine where testing should be focused.
Since it's rarely possible to test every possible aspect of an application, every possible
combination of events, every dependency, or everything that could go wrong, risk
analysis is appropriate to most software development projects. This requires judgement
skills, common sense, and experience. (If warranted, formal methods are also available.)
Considerations can include:

      Which functionality is most important to the project's intended purpose?
      Which functionality is most visible to the user?
      Which functionality has the largest safety impact?
      Which functionality has the largest financial impact on users?
      Which aspects of the application are most important to the customer?
      Which aspects of the application can be tested early in the development cycle?
      Which parts of the code are most complex, and thus most subject to errors?
      Which parts of the application were developed in rush or panic mode?
      Which aspects of similar/related previous projects caused problems?
      Which aspects of similar/related previous projects had large maintenance
       expenses?
      Which parts of the requirements and design are unclear or poorly thought out?
      What do the developers think are the highest-risk aspects of the application?
      What kinds of problems would cause the worst publicity?
      What kinds of problems would cause the most customer service complaints?
      What kinds of tests could easily cover multiple functionalities?
      Which tests will have the best high-risk-coverage to time-required ratio?


Defect rep orting

The bug needs to be communicated and assigned to developers that can fix it. After the
problem is resolved, fixes should be re-tested, and determinations made regarding




 <10th October,1999>                                                     Page 26 of 2
                                                                             Tester’s Guide


requirements for regression testing to check that fixes didn't create problems elsewhere.
The following are items to consider in the tracking process:

      Complete information such that developers can understand the bug, get an idea of
       it's severity, and reproduce it if necessary.
      Bug identifier (number, ID, etc.)
      Current bug status (e.g., 'Open', 'Closed', etc.)
      The application name and version
      The function, module, feature, object, screen, etc. where the bug occurred
      Environment specifics, system, platform, relevant hardware specifics
      Test case name/number/identifier
      File excerpts/error messages/log file excerpts/screen shots/test tool logs that
       would be helpful in finding the cause of the problem
      Severity Level
      Tester name
      Bug reporting date
      Name of developer/group/organization the problem is assigned to
      Description of fix
      Date of fix
      Application version that contains the fix
      Verification Details

A reporting or tracking process should enable notification of appropriate personnel at
various stages.

Types of Automated Tools

           1. code analyzers - monitor code complexity, adherence to standards, etc.
           2. coverage analyzers - these tools check which parts of the code have been
               exercised by a test, and may be oriented to code statement coverage,
               condition coverage, path coverage, etc.
           3. memory analyzers - such as bounds-checkers and leak detectors.
           4. load/performance test tools - for testing client/server and web applications
               under various load levels.
           5. web test tools - to check that links are valid, HTML code usage is correct,
               client-side and
           6. server-side programs work, a web site's interactions are secure.
           7. other tools - for test case management, documentation management, bug
               reporting, and configuration management.


 <10th October,1999>                                                    Page 27 of 2
                                                                       Tester’s Guide




Condition              Case description                                 Expected result
Focus on Fax no.       Enter Valid Fax No's                             IT should accept the no entered
                       Enter Alphabets, Check for the message           IT should popup an error msg.
                       Enter Special character other than Braces,-,+    IT should display and error msg

Email - id             Enter a valid Email-id(abc@abccd.com)            IT should accept the enterd value
                       Enter Special character other than
                       Underscore, '.',Hyphen, @                        IT should popup an error msg.
                       Enter Numbers as Email id                        IT should not display any error ms
                       Enter more than one '@' symbol                   IT should popup an error msg.




 <10th October,1999>                                           Page 28 of 2

								
To top