Search for notes by fellow students, in your own course and all over the country.

Browse our notes for titles which look like what you need, you can preview any of the notes via a sample of the contents. After you're happy these are the notes you're after simply pop them into your shopping cart.

My Basket

Buy These Notes

You have nothing in your shopping cart yet.

Title: Software Testing
Description: It's Software testing notes. It's help to Software Engineer student.
Buy These NotesPreview

Document Preview

Extracts from the notes are below, to see the PDF you'll receive please use the links above

MSC(IT)-PART1-SEMESTER1
Software Testing Notes—Unit-1
Q1-What are safety-critical system? what are the characteristics and risk
associated with such system?
Ans:- 1-safety-critical system: A system whose failure or malfunction may result in
death or serious injury to people, or loss or severe damage to equipment, or
environmental harm
...

■ For obvious reasons, various regulations and standards often apply to safetycritical systems
...
Unlike the usual constraints on a
project, though, these are constructed specifically to increase the level of quality
rather than to enable trade-offs to enhance schedule, budget, or feature
outcomes at the expense of quality
...

■ There is typically a rigorous approach to both development and testing
...
This provides a means of demonstrating compliance
...

Q2-what are test oracles? explain with examples
Ans:-1- A test oracle is a source we use to determine the expected results of a test
...
Sometimes the oracle is the existing system
...

Sometimes it’s an individual’s specialized knowledge
...

3- Jamie feels that the code can serve as a useful partial oracle, saying it doesn’t
hurt to consider it, though he agrees with Rex that it should not serve as the sole
oracle
...

▪ Rex and his associates worked on a project to develop a banking
application to replace a legacy system
...
One
was the requirements specification, such as it was
...
They faced two challenges
...
The original concept of the
project, from the vendor’s side, was “Give the customer whatever the
customer wants,” which they then realized was a good way to go
bankrupt given the indecisive and conflicting ideas about what the system
should do among the customer’s users
...

▪ For another thing, sometimes the new system differed from the legacy
system in minor ways
...
It described situations where the
monthly payment varied by $0
...

▪ The absence of any reliable, authoritative, consistent set of oracles led to
a lot of “bug report ping-pong
...
They had high rates of false positives and negatives
...
So, you can see that the oracle
problem is not some abstract concept; it has real-world consequences
...

measurement: The process of assigning a number or category to an entity to

describe an attribute of that entity
...
You can and should apply metrics and measurements
throughout the software development lifecycle because wellestablished metrics
and measures, aligned with project goals and objectives, will enable technical
test analysts to track and report test and quality results to management in a
consistent and coherent way
...
This results in disputes over the meaning of test results
toward the end of the lifecycle
...

3-Not only must we have metrics and measurements, we also need goals
...
In fact,
when we perform assessments for our clients, we more often than not find illdefined metrics of test team effectiveness and efficiency with no goals and thus
bad and unrealistic expectations (which of course aren’t met)
...

5-There’s just about no end to what can be subjected to a metric and tracked
through measurement
...

2- Test implementation includes organizing the test cases into test procedures
(test scripts), finalizing test data and test environments , and forming a test
execution schedule to enable test case execution to begin
...

3-During test implementation, testers should finalize and confirm the order in
which manual and automated tests are to be run
...
Testers should carefully check for constraints that might require
tests to be run in particular orders
...

4- Test implementation is also concerned with the test environment(s)
...
A fit for
purpose test environment is essential: The test environment should be capable
of enabling the exposure of the defects present under test conditions, operate
normally when failures are not occurring, and adequately replicate if required
e
...
the production or end-user environment for higher levels of testing
...
Tests should be executed according to the test
procedures, though some amount of latitude may be given to the tester to
ensure coverage of additional interesting test scenarios and behaviors that are
observed during testing (any failure detected during such deviation must
describe the variations from the written test procedure that are necessary to
reproduce the failure)
...
Tests which
were run but for which results were not logged may have to be repeated to
identify the correct result, leading to inefficiency and delays
...
) Since the test object, testware, and test environments
may all be evolving, logging should identify the specific versions tested
...
what are the characteristics and risks associated with
system of system?
Ans:- Systems of systems are independent systems tied together to serve a
common purpose
...
Systems of systems projects include the
following characteristics and risks:
■ The integration of commercial off-the-shelf (COTS) software along with some
amount of custom development, often taking place over a long period
...

This organizational and lifecycle complexity can include issues of confidentiality,
company secrets, and regulations
...

■ Serious potential reliability issues due to intersystem coupling, where one
inherently weaker system creates ripple-effect failures across the entire system of
systems
...
Welldefined interfaces for testing are needed
...

1-Since, as a technical test analyst, you’ll often have access to confidential and
privileged information, ethical guidelines can help you to use that information
appropriately
...
The
phrase “best possible” means for everyone, not just you
2-The ISTQB Advanced syllabus makes it clear that the ISTQB expects certificate
holders to adhere to the following code of ethics
...
For example, if you are working on a safety-critical system and are
asked to quietly cancel some defect reports, it’s an ethical problem if you
do so
...
For example, if you know that your employer’s major
project is in trouble and you short-sell the stock and then leak information
about the project problems to the Internet, that’s a real ethical lapse—and
probably a criminal one too
...
For example, if you are working as a
consultant and you leave out important details from a test plan so that the
client has to hire you on the next project, that’s an ethical lapse
...
For example, if a project
manager asks you not to report defects in certain areas due to potential
business sponsor reactions, that’s a blow to your independence and an
ethical failure on your part if you comply
...
For example, favoring one tester over another because
you would like to establish a romantic relationship with the favored
tester’s sister is a serious lapse of managerial ethics
...
For
example, if you have a chance to explain to your child’s classmates or your
spouse’s colleagues what you do, be proud of it and explain the ways
software testing benefits society
...
For
example, it is unethical to manipulate test results to arrange the firing of a
programmer whom you detest
...
For example, attending courses,
reading books, and speaking at conferences about what you do help to
advance yourself—and the profession
...

test plan: A document describing the scope, approach, resources and schedule of
intended test activities
...
It is a record of the test planning process
...

Test Condition:- An item or event of a component or system that could be verified
by one or more test cases, e
...
, a function, transaction, feature, quality attribute,
or structural element
...
The purpose of
exit criteria is to prevent a task from being considered complete when there are
still outstanding parts of the task which have not been finished
...

Q8-what are the pre-condition for test execution? Explain
Ans:1- Before we start test execution, it’s a best practice to measure readiness
based on some predefined pre-conditions
...

2- Consider the following entry criteria, taken from an actual project:
• Bug tracking and test tracking systems are in place
...

• The operations team has configured the system test server environment,
including all target hardware components and subsystems
...

3-These were extracted from the entry criteria section of the test plan for that
project
...

4- during test execution, people will run the manual test cases via the test
procedures
...
First, we covered all of the test conditions or quality
risk items traceable to the test procedure
...


5-Finally, during execution, tools will run any existing automated tests
...
That can seem like an
unalloyed “good thing” at first
...

Q9-what are the activities of the software testing process? explain each in brief
Ans:-1-Testing is a process rather than a single activity
...
The quality and effectiveness of software
testing are primarily determined by the quality of the test processes used
...
Planning and Control
ii
...
Implementation and Execution
iv
...
Test Closure activities
Planning and Control:Test Planning : Test planning involves producing a document that describes an
overall approach and test objectives
...
Completion or exit criteria must be specified
so that we know when testing (at any stage) is complete
...

• To determine the required test resources like people, test environments etc
...

Control:This is the activity of comparing actual progress against the plan, and reporting
the status, including deviations from the plan
...

Analysis and Design
Test analysis and Test Design has the following major tasks:

• To review the test basis
...
It is a Fundamental Test
Process in which actual work is done
...

• To create test suites from the test cases for efficient test execution
...

• To log the outcome of the test execution
...

• To Compare actual results with expected result
...
It depends on
coverage of code, functionality or risk
...
Exit criteria come into picture,
when:
Maximum test cases are executed with certain pass percentage
Bug rate falls below certain level
When we achieve the deadlines
Evaluating exit criteria has the following major tasks:
• To assess if more test are needed or if the exit criteria specified should be
changed
• To write a test summary report for stakeholders
Test Closure activities:

Test closure activities are done when software is ready to be delivered
...
for
later reuse
• To handover the testware to the maintenance organization
...

Q10-explain the term strategy,test suit,test procedure
Ans:-strategy:- A test strategy is an outline that describes the testing approach of
the software developmentcycle
...

Test suit:-in software development,a test suit,less commonly known as
a’validation suite’,is a collection of test cases that are intended to be used to test
a software program to show that it has some specified set of behaviours
...

test procedure specification: A document specifying a sequence of actions for the
execution of a test
...

Q11-list all metrics to be used to control test planning and control,test analysis
and design
Ans:-1- Test Planning : Test planning involves producing a document that
describes an overall approach and test objectives
...
Completion or exit criteria must be
specified so that we know when testing (at any stage) is complete
...
It involves taking actions
necessary to meet the mission and objectives of the project
...
To measure completeness of this portion of the test process, we can
measure the following:
■ Percentage of requirements or quality (product) risks covered by test conditions
■ Percentage of test conditions covered by test cases
■ Number of defects found during test analysis and design
We can track test analysis and design tasks against a work breakdown structure,
which is useful in determining whether we are proceeding according to the
estimate and schedule
...
If the test effort occurs at multiple
locations, that test effort may be called distributed
...
If the test effort is carried out by people who are
co-located with the project team but who are not fellow employees, that test
effort may be called insourced
...
these two types of tool
are grouped together because they are variants of the type of support needed by
developers when testing individual components or units of software
...
g
...


Q2-define test estimate and discuss all the techniques used in the test estimation
...
g
...
) which is usable even if input data may be incomplete,
uncertain, or noisy
...
g
...
g
...

Q3-what is test management? Explain Test management issues for exploratory
testing
...

2-Session-based test management (SBTM) is a concept for managing exploratory
testing
...
At the end of
a single session, a report, typically called a session sheet is produced on the
activities performed
...

3- A test session can be separated into three stages:
• Session Setup: Setting up the test environment and improving the
understanding of the product
...

4-The SBTM session sheet consists of the following:
• Session charter
• Tester name(s)
• Date and time started
• Task breakdown (sessions)
• Data files
• Test notes
• Issues
• Defect
• At the end of each session the test manager holds a debriefing meeting
with the team
...

5-The agenda for debriefing session is abbreviated PROOF for the following:
• Past : What happened during the session?
• Results : What was achieved during the session?
• Outlook : What still needs to be done?
• Obstacles : What got in the way of good testing?
• Feelings : How does the tester feel about all this?
Q4-what are the benefits of Risk-Based Testing
...
It involves the identification of product risks and the use of risk levels to
guide the test process
...

• Test cases can be reduced and focused on the most critical areas
...

• A better and more focused tests and risk analysis are performed
...

• Preventive activities can be started immediately
...

• Overall test goals,strategies,and directions for testing can be focused and
continuously adjusted against problem areas
...

Q5-what are the characteristics of a good test estimation?
Ans:- 1-Test Estimation is a management activity which approximates how long a
task would take to complete
...

2-A good test should be:
1-Valid:It means that it measures what it is supposed to measure
...
A good test which measures control of grammar should have
no difficult lexical items
...
If it is given twice to same students under
the same circumstances, it will produce almost the same results
...

3- Practical:It is easy to be conducted, easy to score without wasting too
much time or effort
...

It includes items from different areas of the material assigned for the test
so as to check accurately the amount of students’ knowledge
5- Relevant:It measures reasonably well the achievement of the desired
objectives
...
It tests also appropriateness
and accuracy
...
Questions
should be progressive in difficulty to reduce stress and tension
8- Clear:Questions and instructions should be clear
...

9- Authentic:The language of the test should reflect everyday discourse
10- Appropriate for time:A good test should be appropriate in length for the
allotted time
...

Marking process should not be affected by the teacher’s personality
...

12- Economical:It makes the best use of the teacher’s limited time for preparing
and grading and it makes the best use of the pupil’s assigned time for answering
all items
...

Q6-what are the activities to be carried out for test estimate?
Ans:-1- test estimation: The calculated approximation of a result related to
various aspects of testing (e
...
, effort spent, completion date, costs involved,
number of test cases, etc
...

2- Test Estimation is a management activity which approximates how long a task
would take to complete
...

• If it not then how frequently they are going to be changed
...

• Check if required infrastructure is ready for testing or not
...

Q7-explain failure mode and effect analysis?
Ans:- 1- The failure mode and effects analysis (FMEA) and a variant including
criticality analysis (FMECA) are iterative activities, intended to analyze the effects
and criticality of failure modes within a system
...
In the following sections, only FMEA is
used but the information is applicable to the other three methods as well
...
This
includes understanding the purpose and application of these documents as well
as being able to apply their knowledge to help determine risk factors
...
g
...
3
...

5- Implementation Steps
FMEA should be scheduled as soon as preliminary information is available at a
high level, and extended to lower levels as more details become available
...

For each critical function, module or component, iteratively:
• Select a function and determine its possible failure modes, i
...
how the
function can fail
• Define the possible causes for those failures, their effects and design
mechanisms for reduction or mitigation of the failures
6- Benefits & Costs
FMEA provides the following advantages:
• Expected system failures caused by software failures or usage errors can be
revealed
• Systematic use can contribute to overall system level analysis
• Results can be used for design decisions and/or justification
• Results may be used to focus testing to specific (critical) areas of the
software
7-The following considerations must be made when applying the FMEA:
• Sequences of failures are seldom considered
• Creation of FMEA tables can be time consuming
• Independent functions may be difficult to define
• Error propagation may not easily be identified
Q8-what are the different issues in test Management? Discuss
...

2-There are four types of issues:i
...

iii
...


Test Management Issues for Systems of Systems
Test Management Issues for Safety Critical Systems
Other Test Management Issues

Test Management Issues for Exploratory Testing:1- Session-based test management (SBTM) is a concept for managing
exploratory testing
...

2- At the end of a single session, a report, typically called a session sheet is
produced on the activities performed
...

3- A test session can be separated into three stages:
• Session Setup: Setting up the test environment and improving the
understanding of the product
...

Test Management Issues for Systems of Systems:1- The following issues are associated with the test management of systems of
systems:
• Test management is more complex because the testing of the individual
systems making up the systems of systems may be conducted at different
locations, by different organizations and using different lifecycle models
...
There is often a formally defined
Quality Assurance process which may be defined in a separate quality plan
...
These processes are essential to
ensure that software deliveries are controlled, changes are introduced in a
managed way and the software baselines being tested are defined
...

• The integration testing strategy may require that simulators be constructed
...
The planning, estimating and development of
simulators is frequently managed as a separate project
...
It also requires additional focus on system integration testing and the
accompanying test basis documents, e
...
interface specifications
Test Management Issues for Safety Critical Systems:1- The following issues are associated with the test management of safetycritical systems:
• Industry-specific (domain) standards normally apply (e
...
transport
industry, medical industry, and military)
...
Refer to chapter 6 for further details
...

• To show compliance of the organizational structure and of the
development process, audits and organizational charts may suffice
...
Such lifecycles are typically sequential in nature
...
Many types of non-functional tests
are, however, associated with high costs, which must be balanced
against the risks
...

3- The following factors can influence the planning and execution of
non-functional tests:
• Stakeholder requirements
• Required tooling
• Required hardware
• Organizational factors
• Communications
• Data security
Q9-explain the term test policy,test strategy
...

test strategy: A high-level description of the test levels to be performed and the
testing within those levels for an organization or program (one or more projects)
...
It is set down, either in writing or by management
direction, laying out the overall objectives about testing that the organization
wants to achieve
...

2- In some cases, the test policy will be complementary to or a component of a
broader quality policy
...

3- Where a written test policy exists, it may be a short, high-level document that:
• Provides a definition of testing, such as building confidence that the system
works as intended and detecting defects
...

• Describes how to evaluate the effectiveness and efficiency of testing, for
example, the percentage of defects to be detected (Defect Detection
Percentage or DDP) and the relative cost of defects detected in testing as
opposed to after release
...
g
...

• Specifies activities for test process improvement, for example, application
of the Test Maturity Model or Test Process Improvement model, or
implementation of recommendations from project retrospectives
...
It may also reference a standard for testing terminology
to be used throughout the organization
...

2-The test strategy, and the process and activities described in it, should be
consistent with the test policy
...

3- As described in the Foundation Syllabus, test strategies (also called test
approaches) may be classified based on when test design begins:
• Preventative strategies design tests early to prevent defects
• Reactive strategies where test design comes after the software or system
has been produced
...


5- Different strategies may be combined
...

6- In many instances, a test strategy explains the project and product risks and
describes how the test process manages these risks
...

7- The test strategy may describe the test levels to be carried out
...
g
...

8- The test strategy may also describe the following:
• Integration procedures
• Test specification techniques
• Independence of testing (which may vary depending on level)
• Mandatory and optional standards
• Test environments
• Test automation
• Reusability of software work products and test work products
• Re-testing and regression testing
• Test control, and reporting
• Test measurements and metrics
• Incident management
• Configuration management approach of testware
Both short and long term test strategies should be defined
...
Different test strategies are suitable for different
organizations and projects
...

Q10-what is test estimation? state the factors that should be considered in test
estimation that can influence cost,effort,and duration of the test activities
Ans:-1- Test Estimation is a management activity which approximates how long a
task would take to complete
...
g
...
) which is usable even if input data may be incomplete, uncertain,
or noisy
...
These factors include (but are not limited to)
the following:
• Required level of quality of the system
• Size of the system to be tested
• Historical data from previous test projects (this may also include
benchmark data)
• Process factors, including: test strategy development or maintenance
lifecycle and process maturity; and the accuracy of the project estimate
...
g
...
), and reusable test work products
...


Unit 3
Q1-what is call graph? Where we can use the call graph and why we do we need it?
Ans:-1-A call graph(also known as a call multigraph) is a control flow graph,which
represents calling relationships between subroutines in a computer program
...
thus ,a cycle in the graph indicates recursive procedure calls
...

3-Information on calling modules can also be obtained during dynamic analysis
...

5-By merging the information obtained from call graphs during static analysis with
the information obtained during dynamic analysis, the tester can focus on
modules that are called often and/or repeatedly
...
3
...
2 Safety Critical Systems &
Complexity) they are prime candidates for detailed and extensive testing
...

Q2-Explain structured based testing techniques
Ans:-1-A structure-based test design technique, also known as white-box or codebased test techniques, is one in which the code, the data, the architecture or
system flow is used as the basis for test design, with tests derived systematically
from the structure
...

3-The technique also provides coverage criteria, which say when test derivation
can conclude
...

5-Each criterion has to be measured and associated with an objective defined by
each project or company
...

• The extent of coverage of the software can be measured for existing test
cases, and further test cases can be derived systematically to increase
coverage
...
Statement testing
ii
...
Condition determining testing

iv
...
Statement Testing:- A white-box test
design technique in which test cases are
designed to execute statements
...
Decision Testing:- : A white-box test
design technique in which test cases are
designed to execute decision outcomes
...
Condition determination Testing:- A
white-box test design technique in which
test cases are designed to execute single
condition outcomes that independently
affect a decision outcome
...
Multiple condition testing:- : A white-box
test design technique in which test cases
are designed to execute combinations of
single condition outcomes (within one
statement)
...


number of boolean operand
values shown to independently
affect the decision / total
number of boolean operands
number of boolean operand
value combinations executed /
total number of boolean
operand value combinations

Q3-Differention Equivailence partitioning and boundary value analysis
Ans:Equivailence Partitioning Analysis
Boundary Value Analysis
1 EPA is a type of Specification-Based
BVA is also a type of SpecificationTesting
Based
Testing
...
In values
...

3
Example:o
o

4

A text field permits only numeric
characters
Length must be 6-10 characters long

EPA is not a part of stress and negative testing
...

So, writing test cases for each
character once will be very
difficult so that will choose
boundary value analysis
...


5

Q4-Explain defect taxonomies and their use with example
Ans:-1- defect taxonomy: A system of (hierarchical) categories designed to be a
useful aid for reproducibly classifying defects
...

3-The tester who uses the taxonomy samples from the list, selecting a potential
problem for analysis
...
Defect
taxonomies list most common defects in the software under test
...

4-Example:-

In the category of Functional defects, there are three subcategories:
■ Specification: The functional specification—perhaps in the requirements
document or in some other document—is wrong

...

■ Test: Upon close research, we found a problem in test data, test designs, test
specifications, or somewhere else
...

■ Hardware Devices: The hardware that is part of the system or that hosts the
system fails
...

■ Software Architecture: Some fundamental design assumption proves invalid,
such as an assumption that data could be moved from one table to another or
across some network in some constant period
...

In the category of Process defects, there are five subcategories:

■ Arithmetic: The software does math wrong
...

■ Initialization: An operation fails on its first use, when there are no data in a list,
and so forth
...

■ Static Logic: Boundaries are misdefined, equivalence classes don’t include the
right members and exclude the wrong members, and so forth
...

In the category of Data defects, there are four subcategories:
■ Type: The wrong data type—whether a built-in or user-defined data type— is
used
...

■ Initial Value: A data element’s initialized value is incorrect, like a list of
quantities to purchase that defaults to zero rather than one
...

Ans:- -1-A structure-based test design technique, also known as white-box or
code-based test techniques, is one in which the code, the data, the architecture
or system flow is used as the basis for test design, with tests derived
systematically from the structure
...

3-The technique also provides coverage criteria, which say when test derivation
can conclude
...
Statement testing
ii
...
Condition determining testing
iv
...

2- EXAMPLE:-

3-Coverage Criteria:-number of statements executed / total number of
statements
4-The executable (non-comment, non-whitespace) statements are identified
...

designed to execute decision outcomes
...

5- Coverage Criteria:- Number of decision outcomes executed / total number of
decision outcomes
Q6-what is error guessing?what is exploratory testing explain
Ans:- 1-error guessing: A test design technique where the experience of the
tester is used to anticipate what defects might be present in the component or
system under test as a result of errors made and to design tests specifically to
expose them
...
Error
guessing is also useful during risk analysis to identify potential failure modes
...
Notice that this is
what might be a called a “gray-box” test since it requires the tester to have
some idea about typical programming mistakes, how those mistakes become

bugs, how those bugs manifest themselves as failures, and how we can force
failures to happen
...
The taxonomy
also provides the coverage criterion, if it is used, because we again test to the
extent appropriate for the various elements of the taxonomy
...

5-Exploratory Testing:- An informal test design technique where the tester
actively controls the design of the tests as those tests are performed and uses
information gained while testing to design new and better tests
...
Good exploratory tests are planned, interactive, and creative
...
However, exploratory testing is
inherently more reactive, more dynamic, in that most of the action with
exploratory testing has to happen during test execution
...
The results of each test, largely, determine what we test next
...
g
...

Static analysis is usually carried out by means of a supporting tool
...

3-One of the most productive ways to find defects is manual static testing, or
reviews
...

5- There are a number of static analysis techniques and these are discussed in this
section
...


2 Data Flow Analysis
Data flow analysis is a structured test technique that tests the paths between
where a variable is set to where it is subsequently used
...
In this method, test sets are
generated to achieve 100% coverage (where possible) for each of these pairs
...

3 Compliance to Coding Standards
During static analysis, compliance to coding standards can also be evaluated
...

Compliance to coding standards enables the software to be more
maintainable and testable
...

4 Generate code metrics
Code metrics can be generated during static analysis that will contribute to a
higher level of maintainability or reliability of the code
...

Q8-What is Dynamic Analysis? Discuss the benefits and limitations of Dynamic
Analysis
...
g
...


2-Dynamic analysis, where we analyze an application while it is running, usually
via some kind of instrumentation in the code
...
In some
cases, a special compiler creates the build, putting special code in that writes to a
log
...

4-Dynamic analysis is a solution to a common problem in computer programs
...

5-If a tree falls in the woods and no one hears it, does it make a sound? We don’t
know if a failure that we don’t perceive right away makes a sound, but it almost
always leaves damage behind
...

7-Benefits:• Quick and easy to get started
...

• It indentifies vulnerabilities in a runtime environment
...

• It allows for analysis of applications in which you do not have access to the
actual code
...

• It permits you to validate static code analysis findings
...

8-Limitation:• Automated tools provide a false sense of security that everything is being
addressed
...

• Automated tools are only as good as the rules they are using to scan with
...

• It is more difficult to trace the vulnerability back to the exact location in the
code,taking longer to fix the problem
...

Ans:- 1-static analysis:- Analysis of software artifacts, e
...
, requirements or
code, carried out without execution of these software development artifacts
...

2-Static analysis is any type of testing or examination that can be done
without executing the code
...
The second way to find defects that we will discuss is called static
analysis
4-Static analysis is concerned with testing without actually executing the software
under test and may relate to code or the system architecture
...

6- Advantages:• It can find weaknesses in the code at the exact location
...

• Source code can be easily understood by other or future developers
• It allows a quicker turn around for fixes
...

• Less defects in later tests
7-limitation:• It is time consuming if conducted manually
...

• There are not enough trained personnel to thoroughly conduct static code
analysis
...

• Automated tools only as good as the rules they are using to scan with
...


Q10-Differentiate among error guessing, check-list based and exploratory testing
techniques
Ans:- error guessing:1- A test design technique where the experience of the tester is used to
anticipate what defects might be present in the component or system
under test as a result of errors made and to design tests specifically to
expose them
...

Error guessing is also useful during risk analysis to identify potential failure
modes
...
These checklists are built based on a set of standards, experience, and
other considerations
...

2-The checklist is the model for testing, and the checklist is usually organized
around a theme
...
To derive tests
from a checklist, either during test execution time or during test design, you
create one to evaluate the system per the test objectives of the checklist
...

2- The tester simultaneously learns about the product and its defects, plans
the testing work to be done, designs and executes the tests, and reports
the results
...

The tester dynamically adjusts test goals during execution and prepares
only lightweight documentation
...
ISTQB deems this identical to branch
testing
...

3-Rather than looking at individual statements, this level of coverage looks at the
decisions themselves
...
No other possibilities: binary results, TRUE or FALSE
...

4-The switch statement is a complex set of decisions, often built as a table by the
compiler
...
Each atomic decision in the switch statement is still a
comparison between two values that evaluates either TRUE or FALSE
...
That means—at minimum—two test cases
must be run: one with data that cause the evaluation to resolve TRUE and a
separate test case where the data cause the decision to resolve FALSE
...

6-EXAMPLE:-

LOOP COVERAGE:7-loop is covered if in at least one test the body was executed 0times,and if
in some test the body was executed exactly once, and if in some test the
body was executed more than once
...
If
we want to completely test a loop, we would need to test it zero times (i
...
,
did not loop), one time, two times, three times, all the way up to n times
where it hits the maximum it will ever loop
...
Some loops could execute an infinite number of times; each time through the
loop creates one or more extra paths that could be tested
...

2-equivalence partitioning: A black-box test design technique in which test
cases are designed to execute representatives from equivalence partitions
...

3-the most basic of specification-based test design techniques, equivalence
partitioning
...


4-Once we’ve identified the equivalence classes, we can derive tests from
them
...
So, we can create one set of valid tests by
selecting one valid member from each equivalence partition
...

5-Visualizing equivalence partitioning

Q13-Explain decision table testing with an example
...

2-decision table testing: A black-box test design technique in which test cases are
designed to execute the combinations of inputs and/or stimuli (causes) shown in
a decision table
...
By their simple, concise structure, they make it easy for
us to design tests for those rules, usually at least one test per rule
...
This table shows the decisions
being made at an e-commerce website about whether to accept a credit card
purchase of merchandise
...
g
...
g
...
The conditions are
listed at the top left of the table, and the actions at the bottom left
...
Each rule says, in
essence, “Under this particular combination of conditions (shown at the top of
the rule), carry out this particular combination of actions (shown at the bottom of
the rule)
...
e
...

9- In other words, 2 raised to the 4th power (based on four conditions), which
results in 16columns
...
If one or more of the conditions are not rendered as Boolean, then
the number of columns will not follow this rule
...

2-The unique sequences of statements (paths) are identified
...

Frankly, in some cases we will get some of the same tests we got through
control-flow testing
...

4-path testing, we can start out with a bad idea
...
Got infinity? That’s how long it would
take for any non-trivial system
...
Every loop is a
potential black hole where each different iteration through the loop creates
more paths
...
Well, it was an idea
...

6-There are a couple ways of doing this
• LCSAJ (Linear Code Sequence and Jump testing)
• dd-path
...

8-LCSAJ: Linear Code Sequence and Jump, consists of the following three items
(conventionally identified by line numbers in a source code listing): the start of
the linear sequence of executable statements, the end of the linear sequence,
and the target line to which control-flow is transferred at the end of the linear
sequence
...

1-SPECIFICATION-BASED TESTING
2-STRUCTURE-BASED TESTING
3-EXPERIENCE-BASED TESTING
4-DEFECT-BASED TESTIG
1-SPECIFICATION-BASED TESTING:Procedure to derive and/or select test cases based on an analysis of the
specification, either functional or non-functional, of a component or system
without reference to its internal structure
...
In principle, test cases
are designed to cover each partition at least once
• BOUNDARY VALUE ANALYSIS:A black-box test design technique in which test cases are designed based on
boundary values
...


2-STRUCTURE-BASED TESTING:Procedure to derive and/or select test cases based on an analysis of the internal
structure of a component or system
...

• DECISION TESTING:

A white-box test design technique in which test cases are designed to
execute decision outcomes
...

• MULTIPLE CONDITION TESTING:
A white-box test design technique in which test cases are designed to
execute combinations of single condition outcomes (within one statemeNT)
3-EXPERIENCE-BASED TESTING:
Procedure to derive and/or select test cases based on the testers
experience, knowledge and intuition
...

• CHECKLIST BASED:
The experienced tester uses a high-level list of items to be noted, checked,
or remembered, or a set of rules or criteria against which a product has to
be verified
...
A user interface standards checklist
employed as the basis for testing an application is an example of checklistbased test
• EXPLORATORY:
An informal test design technique where the tester actively controls the
design of the tests as those tests are performed and uses information
gained while testing to design new and better tests
...

There are one type of defect-based testing
• TAXONOMIES:A system of (hierarchical) categories designed to be a useful
aid for reproducibly classifying defects
...
it is a method of selecting a small number of test cases from a nearly
infinite group of candidate test cases
...
The test basis for
functional testing is generally a requirements or specification document,
specific domain expertise or implied need
...
For example, a
functional test conducted during integration testing will test the
functionality of interfacing modules which implement a single defined
function
...
For systems of systems,
functional testing will focus primarily on end to end testing across the
integrated systems
...

• The following quality attributes are considered:
i
...
Suitability
iii
...
Functional security
v
...
Accessibility
3-ACCURACY:
• accuracy: The capability of the software product to provide the right or
agreed-upon results or effects with the needed degree of precision
...

• A good synonym for accuracy is correctness
...

Ideally, the requirements will give exact specifications for accuracy
...

• Technical test analysts often have to search for a meaningful test oracle to
determine what specifications the system is supposed to perform to
...

USABILITY:
• usability: The capability of the software to be understood, learned, used,
and attractive to the user when used under specified conditions
...

• Usability testing, naturally enough, focuses on the users
...

• Effectiveness implies that the software enables the users to achieve their
goals accurately and completely under expected usage conditions
...

• Satisfaction, in this context, is really the antonym of frustration; in other
words, a satisfied user who has effectively and efficiently reach her goals
with the system feels that the software was about as helpful as it could
have been
...
Examples
include management review, informal review, technical review, inspection, and
walkthrough
...

Q3-define defect,failure,incident logging and root cause analysis
Ans:- defect (or bug or fault or problem): A flaw in a component or system
that can cause the component or system to fail to perform its required
function, e
...
, an incorrect statement or data definition
...

error (or mistake): A human action that produces an incorrect result
...

incident (or deviation): Any event occurring that requires investigation
...
g
...

incident report (or deviation report): A document reporting on any event
that occurred (e
...
, during the testing) that requires investigation
...
By directing corrective measures at root causes, it is
hoped that the likelihood of defect recurrence will be minimized
...


Q4-Discuss the success factors for reviews
Ans:- There are a number of factors that contribute to successful reviews
...

Technical factors
• Ensure the defined process for the review type is followed correctly,
particularly for more formal types of review such as inspection
• Record the costs of reviews (including time spent) and benefits achieved
• Review early drafts or partial documents to identify patterns of defects
before they are built into the whole document
• Ensure that the documents or partial documents are review-ready before
starting a review process (i
...
apply entry criteria)
• Use organization-specific checklists of common defects
• Use more than one type of review, depending on objectives, such as
document cleanup, technical improvement, transfer of information, or
progress management
• Review or inspect documents on which important decisions will be made,
for example, inspect a proposal, contract or high level requirement before
a management review authorizing major expenditure on the project
• Sample a limited subset of a document for assessment not clean-up
• Encourage finding the most important defects: focus on content not
format
• Continuously improve the review process
Organizational factors
• Ensure managers allow adequate time to be spent on review
activities, even under deadline pressure
• Remember, time and budget spent are not in proportion to the
errors found
...

Ans:- Quality attributes for domain testing:
• Functional testing is focused on "what" the product does
...
Functional tests vary according
to the test level or phase in which they are conducted
...
At the system test level, functional tests include testing the
functionality of the application as a whole
...

• Functional testing may be performed by a dedicated tester, a domain
expert, or a developer (usually at the component level)
...
Accuracy
ii
...
Interoperability
iv
...
Usability
vi
...

accuracy testing: The process of testing to determine the accuracy of a
software product
...

• Accuracy is defined as the capability of a system to provide the provably
correct (or at least agreed-upon) results to the needed level of precision
...
Of
course, in the real world, this is often not the case
...
An
important type of testing to determine accuracy will be boundary analysis
...

suitability testing: The process of testing to determine the suitability of a
software product
...
In other words, given the problems
we need to solve, can the system solve them?
• Like accuracy, this particular quality characteristic will be shared with the
test analysts
...

• Static testing at the low-level design and code phases would be
predominately done by technical testers with domain testers being more
involved in the requirements and high-level design phases
...

interoperability testing: The process of testing to determine the
interoperability of a software product
...

• Test analysts will be concerned with the end-to-end testing of scenarios
using use cases, pairwise testing, classification trees, and other
techniques
...
This testing is
most visible during system integration and systems testing, but clearly
the foundation will have to be built before that
...

usability testing: Testing to determine the extent to which the software
product is understood, easy to learn, easy to operate, and attractive to the
users under specified conditions
...
This is why many
notable usability experts and usability test experts have a background in
psychology rather than simply being technologists or domain experts

• usability testing measures whether the users are effective, efficient, and
satisfied with the software
...

Efficiency implies that these goals can be achieved in some realistic,
reasonable period of time
...

Security:
• security: Attributes of a software product that bear on its ability to prevent
unauthorized access, whether accidental or deliberate, to programs and
data
...

• Security testing is often a prime concern for technical test analysts
...

• Typically, other types of failures have symptoms that we can find, either
through manual testing or the use of tools
...

Q6-Explain Marick’s code review check
Ans:-1- Technical test analysts are likely to be invited to code reviews
...

3-These questions are useful for many procedural and object-oriented
programming languages, though in some cases certain questions might not apply
...

■ Have we picked the right data type for the need? Can the value ever go
negative?
5- For each data item and operations on data items, Marick says we should ask
the following questions:
■ Are all strings NULL terminated? If we have shortened or lengthened a string, or
processed it in any way, did the final byte get changed?
■ Did we check every assignment to a buffer for length?
■ When using bitfields, are our manipulations (shifts, rotates, etc
...
However,
customization based on your own experience, and your organization’s needs, is
encouraged
...

Ans:- 1- Incident management is a term describing the activities of an organization
to identify, analyze, and correct hazards to prevent a future re-occurrence
...

2-These incidents within a structured organization are normally dealt with by
either an incident response team (IRT), an incident management team (IMT), or
Incident Command System (ICS)
...

3-An incident is an event that could lead to loss of, or disruption to, an
organization's operations, services or functions
...

Without effective incident management, an incident can disrupt business
operations, information security, IT systems, employees, customers, or other vital
business functions
...
Map your current classifications to IEEE 1044 classifications
...

Step 2
...
Keep in mind that conformance need not be an all-ornothing
proposition
...

Step 3
...
You’ll want to have those in your system
...
Select essential classifications for implementation
...
Define how to use these classifications
...

Step 6
...
For example,
which one is a recognition category, which one is an impact category, and so forth?
The less you have diverged from the IEEE 1044 standard in terms of naming, of
course, the easier this will be
...
Document the classifications and their use
...
If you care about IEEE compliance, this is the point to document
conformance or nonconformance with IEEE 1044
...
However,
if you are a software or testing services company and you intend to connect your
incident management system with your clients’, then IEEE compliance might
provide a common point of reference
...
Define the supporting data to collect at each step
...
Document the supporting data to be collected
...
1 standard puts steps 9 and 10 down here, we’d actually do these
in parallel with steps 1 and 5
...
Map the classifications and data to the states in your current incident,
bug, issue, or defect tracking system
...
Really, though, call it whatever you’d prefer
...
Determine and document the process for gathering classifications and
data in the incident tracking system
...
Plan for use of the information
...
We’d do this in parallel with step 2
...
Provide training to users and management
...
Managers need to know how to use the
metrics and other information from it
...

Ans:1- maintainability testing: The process of testing to determine the
maintainability of a software product
...
If not
managed, an incident can escalate into an emergency, crisis or a disaster
3-root cause analysis: An analysis technique aimed at identifying the root causes
of defects
...


Q10-Explain defect life cycle in detail
Ans: All defects have a lifecycle, although some may skip some stages
...
This
can occur in any phase of the Software Life Cycle
...
This includes such information as
the environment in which the defect was observed, the originator, the description
information, the time and the vendor (if applicable)
...
With this information, the impact is assessed by rating the
severity, project schedule impact and project cost impact
...
This step is primarily used
to find any related issues and propose solutions, which may include no action (e
...

potential defect is no longer
considered an actual defect)
...


Step 3: Action
Based on the results of the Investigation, the Action step commences
...
Regression testing and retesting, as well as progression testing must be
performed for each change
...


Step 4: Disposition
The anomaly then moves to the Disposition step where any additional data items
are recorded and the disposition classification is set to either closed, deferred,
merged or referred to another project
...
We see it all the time
...

2-It is usually not the tester’s job to apportion blame or affix fault
...
Avoid comments
that someone could take personally
...
Stick to the facts
...

4-If you do decide to make such assumptions or theories, be sure to remember
the first rule about not getting personal
...
So, when you are saying that a problem exists, it helps
to be right
...
Ask developers what information you can include in your reports to
help them out
...

6- Some testers get frustrated when “their” bugs don’t get fixed
...

7-Ideally, a bug triage or incident triage meeting occurs, involving a crossfunctional group of stakeholders, to prioritize incidents
...

8- That’s not to say that developers’ and testers’ opinions and input don’t count,
but rather that good incident management requires careful consideration of the
options for handling an incident
...

To sum it all up, good communication and relations within the team, good defect
tracking tools, and good defect triage are all important for a good incident
management process
...


Q12-Explain Maintainaility as quality attribute for domain testing
Ans:- 1-maintainability: The ease with which a software product can be modified
to correct defects, modified to meet new requirements, modified to make future
maintenance easier, or adapted to a changed environment
...

3-Maintainability refers to the ability to update, modify, reuse and test the system
...
Often pieces of systems and even whole
systems are used in new and different situations
...


5-Design problems
...
Standards and guidelines (or lack of
same) compliance
...
It’s called
static testing
...

Q13-what are the different roles during formal review process? What are their
responsibility? explain
Ans:-1-A formal review is one of the important review techniques in static
testing
...
unlike the informal review,formal
review is more structured and regulated
...
The manager allocates resources, schedules reviews, and the like
...

■ The moderator or leader: This is the chair of the review meeting
...
A review
meeting, done properly, should not be a sad or humiliating experience for the
author
...
Reviewers can play specialized roles based on their
expertise or based on some type of defect they should target
...


UNIT-5
Q1-Explain the test improvement models(CTP,TMM,TPI,TMMI,CMM,CMMI)
Ans:- Capability Maturity Model (CMM): A five-level staged framework that
describes the key elements of an effective software process
...
See also Capability Maturity Model
Integration (CMMI)
...
The
Capability Maturity Model Integration covers best practices for planning,
engineering, and managing product development and maintenance
...
See also Capability Maturity Model (CMM)
...
These include highly visible
processes, by which peers and management judge competence, and
missioncritical processes, in which performance affects the company's profits and
reputation
...

Test Maturity Model Integration (TMMi): A five-level staged framework for test
process improvement, related to the Capability Maturity Model Integration
(CMMI), that describes the key elements of an effective test process
...
These tools are most commonly used to identify

unassigned pointers; check pointer arithmetic; monitor the allocation, use and
deallocation of memory; and flag memory leaks
...
g
...
Static
analysis is usually carried out by means of a supporting tool
...

4-Static analysis tools, which automate some parts of the static testing process,
can be useful throughout the lifecycle
...
For example, a code analysis tool will flag
dangerous or insecure constructs
...

5-Static analysis tools are mainly used by programmers and technical test analysts
6-Dynamic analysis tools provide runtime information on the state of the
executing software
...
These tools
include evaluating pointer use, but perhaps memory leak detection is the most
common example
...
Since dynamic analysis tools tend to sit in memory quietly until a
failure occurs, it is often useful for testers to run it during some of their testing at
the system test level
...
These
include:
• Recognition for the job accomplished
• Approval by management
• Respect within the project team and among peers

• Adequate rewards for the work done (including salary, merit increases and
bonuses)
• There are project influences that can make these motivational tools
difficult to apply
...
The tester can do everything in his/her
power to drive the quality focus of the team, put in extra hours and effort,
and yet the product may ship before it should, due to external influences
...
This can easily be a demotivator if the tester's contribution is not
understood and measured, regardless of whether the end product is
successful
...
Unless this data is gathered and published, it is easy for a team
to become demotivated when they don't receive the recognition they feel is due
for a job well-done
...
If the
test group is not respected, these opportunities may not be available
...
In an individual project
this is most rapidly achieved by involving the tester at the conception of the
project and keeping that involvement throughout the lifecycle
...

Q4-Explain data-driven architecture
Ans:- 1-The number of scripts that we have to deal with is problematic
...
More test cases, more scripts
...
e
...


3- And the really annoying thing is that so many of our test cases tend to do
the same things, just using different data
...

4- Consider the following scenario
...
There are a lot of different scenarios that you want to
test
...

5- Manual testing this is likely to be ugly, mind-numbing, braindeadening
testing of the worst sort
...
Press OK
...
Go back
...
Press OK
...
Repeat until you
want to find a bridge to jump off
...
That is a lot of maintenance
...
Then we sequentially fill
each field with a value
...

8- If it is a negative test, we expect a specific error message
...
somewhere, defined by the system we are testing
...
This is where a new
architecture evolved
...
To be fair, so did just about every single automator who has had to
deal with this kind of scenario
...
The script may initially be captured for a single user (possibly
using a capture/replay tool) and then implemented for the specified operational

profile using the performance test tool
...

3- Performance tools generate a load by simulating large numbers of
multiple users (“virtual” users) with specific volumes of input data
...

4- A limited number of load generation tools can generate the load by
driving the application using its user interface
...
Typical metrics taken and reports
provided include:





Numbers of simulated users
Number and type of transactions generated by the simulated users
Response times to particular transaction requests made by the users
Reports based on test logs, and graphs of load against response times
...
It may, however, be appropriate to develop a specific performance
tool if technical restrictions prevent a product being used, or if the load profile
and facilities to be provided are relatively simple
...


Q6-what are the different automation architectures?
Ans:-an automation framework is a platform developed by integrating various
hardware and software resource and various tools and services based on a
qualified set of assumptions
...

Q7-explain key-word driven architecture
Ans:- 1-meta-language that allows a tester to directly automate without knowing
anything about programming
...
We’ll sneak up on it
...

3- In other words, the next keyword drop-down list is populated with only those
keywords which logically could be called based on where the previous keyword
left us (assuming that the execution actually succeeded)
...
takes two parameters, so the front end prompts for the user ID and
password to use
...

We do not assume that the tester knows the keywords, nor do we
assume that they will remember the argument number or types
...

The keywords that are loaded in the column one drop-down list at any
given time should be a subset of all the keywords, where the starting
point is the ending point of the previous keyword
...

Of course, any tester can tell you that isn’t likely to always be the case
...

8- This is where the framework comes in
...

9- This recovery is transparent to the tester
...

10- We might not have figured out the hypothetical magic wand
mentioned earlier yet, but the more intelligence automators can add to
the framework, the closer we get to it
...

11- Each keyword must be able to execute a task, as we discussed for our
manual test procedure
...

Instead of having a manual tester supply the context and reasonable
ness during execution, however, the automator supplies it by
programming a framework function to do the task
...

Q8-what are the three levels of communication for a test team?explain
Ans:- There are three levels of communication for most test teams:
■ First, we communicate, mostly internally but also with others, about the
documentation of test products
...

■ Second, we communicate feedback on reviewed documents, typically on a peer
level both inside and outside the test group
...

■ Third, we communicate as part of information gathering and dissemination
...


It can be sensitive, as when test results are not encouraging for project success
...
Effective communication
assists you in achieving your objectives as a technical test analyst, while
ineffective communication will hinder you
...
You want each communication you have, both inside and
outside the test team, to build and maintain respect for the test team
...
It’s
easy to get caught up in emotions at work, especially during test execution when
things are often stressful
...

Remember also that you want to see the quality of products and processes
improved
...


Title: Software Testing
Description: It's Software testing notes. It's help to Software Engineer student.
Buy These NotesPreview