Subscribe by Email


Friday, March 30, 2012

What is the entry and exit criterion for integration testing?

Integration testing as we know is the second main software testing methodology in the software testing life cycle or STLC after unit testing. It is succeeded by the system testing and system integration testing substantially.

Like for every other testing methodology, a software system or application can undergo testing only after passing some pre- defined entry criteria and for exiting the testing phase also it needs to pass some pre- defined exit criteria in integration.

This article is focussed up on the entry and exit criterion for the integration testing. But, let us brief up ourselves with the concepts of integration testing so that it becomes easy for us to define with the entry and exit criteria defined for integration testing.

About Integration Testing


- Integration testing is sometimes abbreviated as I & T i.e., integration and testing.

- Integration testing has been named so because it involves the integration of the software system or application modules before carrying out the testing on them.

- Thus, we can say that the it is contrary to the unit testing since here it involves the testing of the system modules as groups of two or more modules rather than carrying out testing on them as individual modules like in the case of unit testing.

- Integration testing is often carried out after the unit testing but before the validation testing.

- Only those individual system modules which have passed the unit testing with successful grades can be considered as a valid input for the test cases created for the integration testing.

- Though, in some cases there might be some exception if error present in any individual module can only be rectified in the later stages of the testing cycle.

- When the groups or aggregates of the modules pass the integration testing, then only they can be moved further for the system testing and system integration testing.

- The reliability requirements, performance requirements and the functional requirements that have been specified for the major design items are what are tested by the integration testing.

- By major design items, here we mean the group of units or modules or assemblages.

- These assemblages or groups of units are put together via their interfaces by implementing the black box testing techniques and the faults and errors are simulated according to the proper defined parameters and the input data values.

- The inter process communication occurring as a result of the integration between the several unit groups is also tested apart from just testing the above mentioned requirements.

- The implementation of these small sub systems takes place through the interface of the input.

- A verified base is prepared on which the various assemblages are placed which is then used as a support to the integration testing test cases for the testing of the other assemblages.

- This approach has been termed as the “building block approach”. Integration testing can be implemented via any of the below mentioned approaches:
1. Big bang approach
2. Usage model testing
3. Top down approach
4. Bottom up approach
5. Sandwich testing

Entry criteria for Integration testing


- The system units or modules needed for the integration must be ready to be integrated.
- Unit testing must have been completed and closed.
- All the issues discovered during the unit testing must have been addressed and closed.
- The test scripts for the integration testing should be ready.
- The testing should be commenced as per the schedule and the plan.
- The test environment should be ready.

Exit criteria for Integration testing


- Issues discovered during the integration testing must be addressed, fixed and closed..
- 10 percent of the benchmark as decided by the QA people is supposed to be allowed for the issues that outstand.
- All the test cases must be executed and passed.
- Transition meeting should be signed off.


What is the entry and exit criterion for regression testing?

Regression testing is a very common software testing methodology and its importance is not hidden from us. Regression testing forms a part of software testing life cycle of every software system or application and project is finalised before running it at least once under the regression testing.

Like the other software testing methodologies the regression has also defined some entry and exit criteria for itself that a software system or application needs to fulfill satisfactorily to undergo regression testing.

But first we will state a brief discussion regarding the regression testing since then it will be easy for us to recognize the entry and exit criteria for the regression testing.

About Regression Testing


- Regression testing is just like the validation testing and is aimed at providing a repeatable and consistent validation of all the changes that have been made to the software system or application under its development or after its completion or after being modified.

- There are chances that at the fixation of a defect new faults and errors might be introduced in to the code of the software system or application that may cause further problems in the functioning of the software system or application.

- An uncertainty is introduced up to some level regarding the ability of the software system or application to make repetition of everything that went right till the encounter of the point of failure.

- To put it simply we can say that the regression testing is nothing but the retesting of the whole software system or application or a selected part of it that has underwent some changes or has been modified for assuring that the encountered fault does not re- occur and none of the previously properly working components of the system like features and functions do not fail as the affect of the introduced modifications.

How to conduct regression testing?


There are many options for conducting regression testing.

- It can either be conducted at the end of the development process of the software system or application.
- It can also be carried out in parallel with the substantial completion of the other software testing methodologies in different phases of the software testing life cycle.

Importance of Regression Testing


- In general, the regression testing is thought of as a quality check tool which controls the quality of the software system or application in regard to the changes made to that particular software system or application and ensures that it does not affects the working of the other previously working components.

- One extremely important point to be noted is that the regression testing is not about testing whether the discovered bugs and errors have been fixed or not but it is all about testing the software system or application up to the point at which the system is not affected by the changes made to fix the bugs.

Entry and Exit criterion for Regression testing



Now we list some of the entry criteria that an application needs to satisfy for undergoing regression testing:
1. The documentation of the defect or the bug is ready and the defect or the bug is repetitive.
2. For the purpose of the identification and tracking of the regression testing efforts, a defect tracking record or a change control has been opened.
3. The creation, review and approval of the tests that are specific to the defect have been done.

There is an only one exit criterion for the regression testing which is that the software system or application should not show any negative result i.e., malfunctioning of any component that was previously working alright before any new changes were introduced to the software system or application for fixing the bug.


Thursday, March 29, 2012

What are different types of integration testing?

Most of us are familiar with the concept of the integration testing but, still let use brief up ourselves before we move on to the types of the integration testing. Integration testing is nothing but to integrate first and then test. It is often abbreviated to I&T. There are 3 primary phases in any software testing process:


1. 1st phase: Unit testing
2. 2nd phase: Integration testing
3. 3rd phase: Validation testing


About Integration Testing


- Integration testing is carried out after the completion of 1st phase i.e., unit testing.

- Integration testing involves the integration of the various software modules together and then subjecting them to testing.

- Each of the modules integrated in a group during the integration have passed the unit testing successfully.

- The modules which don’t pass the unit testing cannot be further processed for the integration testing.

- After the modules pass even the integration testing, they are carried forward for the system testing and later to system integration testing.

- The integration testing aims at the verification of the features, functionalities, reliability, performance and requirements specified for the assemblages or design items of that particular software system or application that is currently under the test.

- The exercising of these assemblages is done with the help of the black box testing techniques.

- Any error or bug occurring during the integration process is simulated using the proper input data values or parameters.

- Apart from testing just the integration of the software modules, the inter- process communication and the sub systems are also tested via their interface.

- Special test cases are designed to carry out the integration testing.

- The integration testing follows the approach of the “building block”.

Different Types of Integration Testing


Now let us see what all are the different types of integration testing.

1. Non incremental integration testing or Big bang integration testing

- This approach to integration testing involves the coupling of the individual developed modules so as to form a proper and complete component of a software system or application.

- After this the integrated component is subjected to the integration testing.

- Among all the types of integration testing, the big bang integration testing methodology proves to be the most effective methodology for saving one’s precious time.

- But, the condition here is that the test cases must be well developed without any errors and their outcomes must be recorded without any mistakes.

- If any discrepancy or error leaks in the results of the test cases, then the whole integration process can turn out to be more complex rather than becoming easy.

- This in turn will act as a hindrance in the way of achieving the goals.

- Big bang type integration testing has got another type called “usage model testing”. This has an added advantage that it can be used for the hardware also rather than juts for software integration testing.

2. Incremental Integration Testing

This type is further divided in to three sub- types:

(a) Bottom up integration testing

- This approach involves the testing of the components at the lowest levels first and then succeeding to the higher level components.
- This process continues till the all the higher level components have been tested.
- This approach is effective when it comes to rooting out the bugs.

(b) Top down Integration Testing

- This approach involves the testing of the integrated modules at the top of the hierarchy model and then the lower level components are tested.
- This approach is effective when it comings to find a missing branch.

(c) Sandwich Integration Testing
- This approach is the resultant of the combination of both the top down and bottom approaches of the integration testing.


How is Graphical User Interface (GUI) testing done?

The term GUI testing is a self justifying term and states that it is a testing that tests the graphical user interface of the software system or application against its specifications and requirements mentioned in the specifications documents.

This article is all about the testing of some of the aspects of a graphical user interface. All the aspects of a graphical user interface are tested using a whole lot of testing techniques.

The test cases are generated by a test designer who has all the knowledge about the application and the tests are designed as such that they cover all the functionality of the system.

1. Steps for Testing of the Text Box
- Firstly, the requirements of the text box are identified and the default values of the text box and the button are tested without any text in the text box.

- The second step is the checking of the NULL condition in which it is checked that whether or not a text of NULL value can be saved.

- Thirdly, the space condition is checked which ensures that a text box can save a space character.

- Fourth, the boundary value condition is checked in which the minimum and maximum text holding value of the text box is tested.

2. Steps for Testing of the Radio Buttons

- Radio buttons are the buttons that are used in making a selection in the lists that contains options that mutually exclusive and only one option has to be selected.

- In the radio button testing it is tested that whether or not clicking on one of the options deselects the other one.

3. Steps for Testing of the Command Buttons

- The working of the command button i.e., whether or not it is following the command which has been evoked. The execution of the command is also tested.

4. steps for Testing of the Aesthetic Conditions

Aesthetic conditions regarding the colour of the background, resizing of the screen, color of the field prompts, font of the text, spelling of the prompts etc are tested using appropriate testing methodologies.

5. Testing of the validation conditions
This testing tests the validation process of the GUI using various white box testing techniques.

6. Steps for Testing of the Usability Conditions

- Usability conditions of the GUI of the applications are tested by the users since a direct input is obtained from the users and is focussed up on the capacity of the product to match with the standards specified by the user.

- Usability refers to the ease of use of any software artefact and it gives a measure of the ease with which the interaction between the user and the application takes place.

- Testing the usability conditions often helps the developers to understand the needs of the customers and helps in focussing the whole development process towards the needs of the customers.

- The rate of the sales and the task completion increases and the number of enquiries in the call center is also reduced.

- Usability is also an effective technique to increase the experience of the end user making it easier to understand and more intuitive.

- The usability testing can also be carried out by the expert evaluators instead of making users do that. The below mentioned aspects are tested:
(a) Performance
(b) User friendliness
(c) Efficiency
(d) Visual design
(e) Consistency

7. Steps for Testing of Data Integrity Conditions

- This era is marked by the increasing demands for the accountability and mobility and thus data integrity conditions need to be tested.

- This is done by using different white box testing techniques for different conditions.

8. Steps for Testing of the Data field checks and Alpha field checks

It is tested whether or not the data fields accept the data of their specified type.


Wednesday, March 28, 2012

What should a test plan test?

It is common tendency of us to chalk out a plan before we start doing any task! Why do we make plans? Simply because we don’t want our process or task to go astray. We want to keep a track of the processes and make sure that they are being guided in to the right direction and also most of the errors and faults are avoided.

Same philosophy holds hundred percent true for the software testing life cycle also. It also requires a test plan to prevent itself from going astray and slip out of track! To say it scientifically, we mean that a test plan is required for determining whether the software system or application meets the specifications and requirements listed for it or not?

WHAT SHOULD A TEST PLAN DO?


- A test plan is prepared by the test engineers after struggling with all the requirements of the testing phase and the software and after assessing all the risks associated with the project.

- As a normal plan would do i.e., test plan details out a systematic approach to the accomplishment of a certain task, so does a test plan with the only difference being the task.

- For the test plan the task is the successful completion of a particular software testing.

- A test plan gives a detailed approach of all the processes or activities to be undertaken during the testing.

- A test plan marks the work flow of the software testing mechanism.

- A test plan states the strategy to be followed to make the software testing successful or in other words we can say that it provides a means to check whether or not the software system or application meets all the requirements and specifications as mentioned by the client or the customer in the documentation.

ITEMS OF A TEST PLAN


A typical test plan has to have one or more of the below mentioned items according to the norms and responsibilities levied on the organization:

(a) Compliance test or design verification
- This is the first step in the testing process and involves the development of the smaller units or modules of the software system or application after they have been approved by the senior developers or testers.
- In this the objectives of the software system are established and defined. But, it is not defined how that system will be designed or achieved.
- It also involves the generation of user requirements documentation.

(b)Production test or manufacturing
This step is executed when the software product is being assembled and for the purposes of controlling the quality.

(c) Commissioning test or acceptance
This step is carried out before the final product is released to the client or the users.

(d) Repair test
It can be performed any time during the service life of the software.

(e) Regression test

WHAT ITEMS ARE COVERED IN A TEST PLAN VIA IEEE 829 STANDARD?


IEEE has laid down what all the items are to be covered by a test plan via the 829 standard for software test documentation:
1. Test plan identifier
2. Background
3. Introduction
4. Assumptions
5. Test items
6. Features to be tested: Functionalities and requirements that have to be tested.
7. Features not to be tested: Functionalities and requirements that don’t have to be tested with reasons.
8. Approach: description of the data flow, live execution, simulation and philosophy behind it.
9. Item pass/fail criteria: expected outcomes and tolerances.
10.Suspension criteria and resumption criteria: description of the check points.
11.Test deliverables
12.Testing tasks
13.Environmental needs
14.Responsibilities
15.Staffing and training needs
16.Schedule
17.Risks and contingencies
18.Approvals

One cannot expect the two cycles namely the STLC or software testing life cycle and the SDLC or software development life cycle to succeed without a test plan.


Tuesday, March 27, 2012

Explain the concepts of (Institute of Electrical and Electronics Engineers) IEEE 829 standard?

The contributions in the field of electrical and electronics engineering by the IEEE or the institute of electrical and electronics engineers are not hidden from the world. The institute has its official head quarters situated in the city of New York.

It emerged as a non profit organization and since then is comprised of professionals from the fields of electrical and electronics engineering. The main aim of the association has always been to continually make excellent technological advancements in the field of electrical and electronics engineering.

ABOUT IEEE & IEEE 829


- IEEE currently has been reported to have around 40,00,00 members world wide and across 160 plus countries.

- Around 45 percent of the member population is from other countries besides United States.

- The history of the IEEE dates back to the 19s. IEEE was started as a non profit association in the New York City in the year of 1963.

- It was formed as a resultant the merging of 2 great individual non- profit institutes of that time namely the American Institute of electrical engineers (AIEE) and the institute of radio engineers (IRE).

- AIEE and IRE were formed in 1884 and 1912 respectively and in 1963 they merged together to give rise a new association i.e., institute of electrical and electronics engineers.

- Since then, IEEE has given so many standards for many fields like electrical, electronics and software testing etc.

- One such standard given in the field of software testing is “IEEE 829 – 1998” often called as “829 standard for software test documentation”.

- This standard has been designed especially for the documentation of the whole software testing process.

- It specifies what all documents are to be included in the currently defined 8 stages of the software testing cycle.

- Each stage has been stated with its individual document specifications.

- The IEEE 829 – 1998 standard just not specifies the documents to be produced but also lays down their formats.

But, it does not give any clear answer for whether or not all of the specified documents should be produced? Not only this, it also does not states what all content is to be included in these documents.

WHAT DOCUMENTS ARE PRODUCED?


As per the standard, the below mentioned documents are to be produced:

1. Test plan
The document that gives the management features of the testing cycle and includes:
(a) How the testing will be carried out?
(b) System under test or SUT configurations
(c) Who will carry out the testing?
(d) Estimated time
(e) Test coverage and quality level of the testing

2. Test design specification
The document listing all the detailed conditions as well as results and passing criteria.

3. Test case specification
The document specifying the input data for test cases.

4. Test procedure specification
The document having detailed description on how to run each and every specified test case and also describes the set up conditions and the steps to follow.

5. Test item transmittal report
The document giving the reports of one stage of the testing cycle after its completion.

6. Test log
The document maintaining the records of the test cases i.e., their title, executor, and final status i.e., pass or fail.

7. Test incident report
The document detailing the observations of the test cases that didn’t pass. It gives the causes of the failures of the test case and the expectations. The failure of a test case is often treated as an incident rather than a fault.

8. Test summary
The document providing a brief report of the whole testing cycle and also covers up the aspects that were not covered up in any of the above listed documents like software quality, quality of the testing efforts etc.


What is evolutionary requirements analysis?

Requirements analysis is of many types depending up on which development process or methodology is being followed. This article has been written about a type of requirements analysis known as “evolutionary requirements analysis”. But, before going on to the main discussion we will first brief up ourselves with the concepts of a general requirements analysis.

WHAT IS REQUIREMENTS ANALYSIS?


- Requirements analysis is a means of encompassing the tasks that are used in the determination of the conditions and the needs of the new software system or application under development.

- Even the various requirements of the stake holders that conflict with each are taken in to account in the requirements analysis.

- The stake holders here can be either the users or the beneficiaries.

- Requirements analysis actually fall under the category of the requirements engineering but it is a common and frequent requirement of all the other branches of the engineering.

- It encompasses with the below mentioned activities:
1. Eliciting
2. Analyzing
3. Documenting
4. Validating
5. Management of the software system

- With a proper requirements analysis only a proper base version of the software system or application can be created which other wise would be an impossible job.

- For a requirement of the software system or application to be taken in to consideration under the requirements analysis it should possess the below mentioned characteristics:
1. It should have been documented.
2. It should be actionable and active.
3. It should be measurable.
4. It should be traceable by the testing methodologies
5. It can be related to the identified business opportunities, activities or needs.
6. It should have been sufficiently defined with details for the designing of the software system or application.

If we see concept wise, three major activities are involved in any requirements analysis which are:

1. Eliciting Requirements
This activity is involved with the identification of the various kinds of requirements that have been derived from several sources like:
(a) Business process documentation,
(b) Project documentation
(c) Project charter,
(d) Interviews of the stake holders,
(e) User stories and so on.
This step is often known as the “requirements gathering”.

2. Analyzing Requirements
This step is involved with the determination of the level of correctness of the stated requirements in the requirements list on the grounds of the following factors:
(a) Clarity
(b) Completeness
(c) Consistency
(d) Unambiguity
(e) Resolution of any apparent conflicts and so on.

3. Recording Requirements
This step is involved with the documentation of the requirements in various forms like:
(a) Summary list
(b) Natural language documents
(c) User stories
(d) Use cases
(e) Process specifications and so on.

EVOLUTIONARY REQUIREMENTS ANALYSIS


- Requirements analysis is quite a time consuming as well as an arduous process for which many types of psychological skills have to be exercised.

- With the new environment, changing of the requirements and the stake holders is obvious, and so it becomes extremely important to keep the requirements updated by identifying the needs of the stake holders.

- It should also be determined that up to what level did the stake holders understood the implications of the program.

- The evolutionary requirements analysis is often abbreviated to “ERA”.

- As the term itself states, the evolutionary computing techniques are used in the automatic selection of the machine and human agents in the model of the software system so as to match the requirements which are non functional.

- The aspects such as the performance, reliability and cost of many different software systems are analyzed via the execution of the model variants along with the scenarios.

- Out of all, the software systems which perform better are selected in order to obtain an optimal solution.


Monday, March 26, 2012

What is the difference between quality assurance and testing?

Quality assurance and testing are the processes that together keep up a control on the quality check of the software system or application. These two processes when implemented together ensure that maximum quality of the software system or application is maintained as much close as possible to the 100 percent.

There is no such software or application that can boast to have 100 percent customer satisfying quality. Well this article is focussed up on these two processes only and the differences between the two. We are discussing differences here because most of the people often confuse between the two.

QUALITY ASSURANCE

- The term “quality assurance” is a self justifying.

- By the term only we can make out that it must be some systematic and planned activities that are to be implemented in a quality system so that a check over its quality requirements is maintained.

- It involves the following processes:
1. Systematic measurement of the quality of the software system or application.
2. Comparison of the quality of the software system or application with the pre- defined quality standards.
3. Monitoring of the processes.
4. An associated feedback for conferring the error prevention.

- A typical quality assurance process also keeps a quality check on the quality of the tools, assemblages, equipments, testing environment, production, development and management processes that are involved with the process of the software testing.

- The quality of a software system or application product is defined by the clients or the customers rather than having a whole society do it.

- One thing that one should always keep in mind that the quality of a software system or application cannot be defined by quality adjectives like poor and good since the quality of one of the aspects of the system could be high and in some other aspect it could be low.

PRINCIPLES OF QUALITY ASSURANCE
The whole process of the quality assurance is guided by the two following principles:

1. Fit for purpose:
The software product is deemed to fulfil the purpose for which it has been made and
2. Right first time:
The mistakes encountered for the first time should be completely eliminated.

TESTING PROCESSES EMPLOYED IN SOFTWARE TESTING & QUALITY ASSURANCE
Below we are mentioning the testing processes that are employed for both the software testing as well as the quality assurance:

1. Testing approaches:
(a) White box testing
(b) Black box testing
(c) Grey box testing
(d) Visual testing

2. Testing levels:
(a) test target:
(i) unit testing
(ii) Integration testing
(iii) System testing
(b) Objectives:
(i) regression testing
(ii) User acceptance testing
(iii) Alpha and beta testing

3. Non functional testing:
(a) Performance testing
(b) Usability testing
(c) Security testing
(d) Internationalization and localization
(e) Destructive testing

4. Testing processes:
(a) waterfall model or CMMI
(b) Extreme or agile development model
(c) Sample testing cycle

5. Automated testing using tools and measurements

In fact both the processes are just the same but with a different perspective i.e., the software testing is aimed at eliminating the bugs out of the software system and the quality assurance takes in to consideration the overall quality of the software system.

In contrast to the quality assurance, software testing is the way to implement the quality assurance i.e., it provides the clients or the customers with the information regarding the quality of the software system or application. The testing is done to make sure of the following points:


1. The product meets the specified requirements.
2. Works as intended.
3. Is implemented with the same characteristics.


The software testing can be implemented at any point of time in the development process unlike the quality assurance that should be implemented right from the beginning to ensure maximum quality.


Saturday, March 24, 2012

What are different kinds of soft skills to be a successful tester / test manager?

Soft skill can be defined as a sociological term that plays a very important role in the success and personality development of an individual and can be related to his/ her following aspects:

1. Emotional intelligence quotient
2. Personality traits
3. Communication
4. Languages
5. Social graces
6. Friendliness
7. Attitude (whether pessimistic or optimistic) and
8. Personal habits and so on.

Why Soft Skills important?

- Soft skills in a way complement the IQ i.e., intelligence quotient of a person.

- IQ is included in the hard skills of a person.

- All these skills form an essential part of the occupational requirements for a job.

- A tester or test manager also needs to incorporate all these attributes in himself/ herself in order to be successful and enhance his interactions with the fellow team members, career prospects and also the job performance.

- The soft skills of a tester/ test manager can be related to his/ her ability of interacting effectively with the clients, customers and co workers.

- The soft skills of each and every individual combined together contribute to the success of the organization which can’t be ignored.

- This is the reason why the soft skills are being focussed up on as equally as the hard skills.

Soft skills are considered to be as the behavioural competencies and are more commonly known as the interpersonal skills and include:
1. Conflict resolution
2. Conflict negotiation
3. Communication skills
4. Creative problem solving
5. Selling skills
6. Strategic thing
7. Influencing skills
8. Team building etc.

Another Soft Skill

- Ability to participate actively in the group discussions is also an essential soft skill that companies seek in the testers and test managers.
- It is often the first criteria for the selection.
- Good communication and group discussion skills are the must software skills for the testers.
- The best thing about the soft skills is that they are honed for the professional needs but they eventually affect ones personal life in all the aspects.

So instead of just honing the technical skills, the testers require to focus up on building up their soft skills. But here we do not mean to say that the hard skills should be undermined. A tester cannot survive his job if he is not good at his technical skills. You need to strike a balance between both the hard and soft skills to make yourself a successful tester.

Some Important Soft Skills
Here are some important soft skills:

1. Discipline and perseverance
These two soft skills are psychological tools to persevere and make your efforts more productive. It increases the quality of your work and helps you focus well.

2. Reading skills
Reading skill may sound odd here but its importance will be realised as you deal on with the large amount of specifications and information every day. Testers have to deal with large chunks of information and a hell lot of documentations every day and so honing this soft skill becomes apparently necessary.

3. Negative thinking
Now you must be wondering what this is for. Well, negative thinking though works badly for the real aspects of life but it really helps a lot in testing while using tactics like negative testing, exploratory testing, fault injection techniques etc, since in such testing techniques, the tester to consider all the things by which the program can be affected.

4. Communication and interpersonal skills

5. Time management skills
These are needed since you need to make most of your time.

6. Effort prioritization
This is needed to assign importance to the tasks so that you an finish up all of them efficiently without messing up.

7. Attitude


Friday, March 23, 2012

Multiple Condition Coverage is a white box testing technique - Explain?

There are so many types of the code coverage and the multiple condition coverage is also one of them and that is what has been discussed all about in this article.

What is code Coverage?

Code coverage as we all know is a process that aims at the following purposes:

- Creation of the additional test cases for increasing the coverage.
- Looking up for such areas of the software system or application code that have not been exercised by any of the test cases.
- Determination of the quantitative measure of the extent of the code coverage which can be thought of as an indirect measure of the software quality.
- Identification of the redundant test cases which does not affect the code coverage.

The whole process is a time consuming one and thus is helped by an automating tool called the code coverage analyzer.

What is Multiple Condition Coverage?

- Multiple condition coverage is a modification of the condition coverage type of the code coverage.

- As the term “multiple condition coverage” itself suggests that it implements almost all the possible combinations of the conditions in order to check whether those possible combinations do occur in the execution of the test cases or not.

- A large number of the test cases are required for carrying out a full multiple condition coverage of a decision and these are supplied by the truth tables of the logical operators obtained for that particular decision.

- The multiple condition coverage offers an added advantage in the languages such as C, C++, Java and so on which have short circuit operators which is that it helps in implementing a thorough testing.

- It in turn makes the multiple condition coverage in such languages very similar to the condition coverage.

Disadvantage of Multiple Condition Coverage

But, one should not think that the multiple condition coverage is void of any disadvantages.

- It does have one which is that the deciding up on the minimum number of test cases required for the coverage proves to be very difficult job.

- The problem worsens as the complexity of the boolean expressions implemented in the decisions increases.

- Another disadvantage adds to the problem of the test case designer which is that the minimum number of the test cases required for the coverage varies substantially from condition to condition having the similar level of complexity.

Lets take an example:

For example, in a decision, first condition may require 5 test cases while the second one may require 11 test cases and both the conditions are having the same number of operators and operands.

In contrast to the condition coverage that includes the decision coverage also, the multiple condition coverage does not include any decision coverage.

Now what about the languages like Pascal and visual basic that do not have short circuit operators? For such languages the multiple condition coverage is implemented in the form of the path coverage for logical expressions.

One point to be noted here is that the advantages and disadvantages remain the same in the path coverage form also since in the path coverage the number of each additional logical operator is doubled the number of the required test cases.

Multiple condition coverage takes in to consideration two or more conditions and then makes them in to a group and then they are tested. "Since the multiple condition coverage requires a very detailed knowledge of the software system or application’s code in order to understand all the decision aiming statements in that and in turn decide for the minimum requirement of the test cases, therefore it has been categorized under the white box testing techniques."


Thursday, March 22, 2012

Loop testing is a white box testing technique - Explain?

Loop testing is also one of the white box testing techniques and thus requires a very deep knowledge about the software system or application. Loop testing methodology has been designed exclusively for the checking of the validation of the iterative constructs which are nothing but the loops.

Types of Loop Constructs
These loop constructs are 4 types as mentioned below:
1. Unstructured loops
2. Simple loops
3. Nested loops and
4. Concatenated loops

Tests applied to different Loop Constructs
Now we shall define some of the tests that can be applied to the above mentioned types of loop constructs under the context of the loop testing:

1. For unstructured loops only one thing is possible which is that they should be redesigned in order to form a structured construct and then can be tested accordingly.

2. For simple loops a number of allowable passes through them is specified first and then the following tests are applied:

(a) Skipping of the entire loop.
(b) Making only one pass through the loop.
(c) Making two passes through the loop.
(d) Making “p” passes through the loop where p is the maximum number of passes.
(e) Making “n-1”, “n”, “n+1” passes through the loop.

3. For nested loops simply the testing approach of the simple loops is extended but, the number of the test cases increases geometrically as per the number of the nested loops and the level of nesting. Usually the following steps are followed:

(a) The inner most loop is the starting point for the testing.
(b) All other loops are set to minimum possible values.
(c) Simple loop tests are conducted for the inner most loop and the outer loops or the nesting loops are kept in their minimum values only till the testing of the inner most loop is complete.
(d) For the excluded values more tests are added.
(e) Now once the testing of the inner most loop is complete, this loop including all the other nested loops are set to typical values and the testing moves outwards. The other nesting loops are held with their minimum values.
(f) The testing in this manner continues until and unless all the loops have been tested.

4. For concatenated loops also the approach that has been defined for the testing of the simple loops can be used but only if the either loops are independent of each other i.e., if the loop counter for one of concatenated loop is 1 and it is used as the executing value for the other loop, then the two loops are said to be dependent on each other and hence the simple loop approach cannot be followed for them.

More about Loop Testing

- It has been observed so many times that most of the semantic bugs preside over the loops.

- It becomes difficult for the path testing also to commence since there are so many paths generated via a loop and an infected loop leads to infected paths which makes even further difficult to track the bug.

- Some of testers believe that it is just enough to test the loop only two times but this is not a good practice.

- A loop should be tested at the following three instances:
a) At the entry of the loop
b) During the execution of the loop and
c) At the exit of the loop

- Loop testing is aimed at testing a resource multiple numbers of times by executing it under a loop and this whole process is controlled by a diagnostic controller.

- However, one rule has been defined for the loop testing which is that the user can interact only at the entry and exit of the loop and nowhere in between.


Wednesday, March 21, 2012

Data flow testing is a white box testing technique - Explain?

A program is said to be in active state whenever there is some data flow in the program. Without having the data flowing around the whole program, it would not have been possible for the software systems or application to do any thing.

Hence, we conclude that data flow is an extremely important aspect of any program since it is what that keeps a program going on. This data flow also needs to be tested like any other aspect of the software system or application and therefore, this whole article is dedicated to the cause of the data flow testing.

What is Data Flow Testing?

- Data flow testing technique has been categorized under the white box testing techniques since the tester needs to have an in depth knowledge of the whole software system or application.

- Data flow testing cannot be carried out without a control flow graph since without that graph the data flow testing won’t be able to explore any of the unreasonable or unexpected things i.e., anomalies that can influence the data of the software system or application.

- Taking these anomalies in to consideration, it helps in defining the strategies for the selection of the test paths that play a great role in filling up the gaps between the branch testing or statement testing and the complete path testing.

- Data flow testing implements a whole lot of testing strategies chosen in the above mentioned way for exploring the events regarding the use of the data that occurs in a sequential way.

- It is a way determining that whether or not every data object has been initialized before it used and whether or not all the data objects are used at least once during the execution of the program.

Classification of Data types
The data objects have been classified in to various types based up on their use:

- Defined, created and initialized data objects denoted by d.
- Killed, undefined and released data objects denoted by k.
- Used data objects in predicates, calculations etc, denoted by u.

Critical Elements for Data Flow Testing

- The critical elements for the data flow testing are the arrays and the pointers.

- These elements should not be under estimated since they may fail to include some DU pairs and also they should not be over estimated since then unfeasible test obligations might be introduced.

- The under estimation is preferable over the over estimation since over estimation is causes more expense to the organization.

- Data flow testing is also aimed at distinguishing between the important and not so important paths.

- During the data flow testing many a times pragmatic compromises are needed to make since there exist so many unpredictable properties and exponential blow up of the paths.

Anomaly Detection under Data Flow Testing

There are various types of anomaly detection that are carried under the data flow testing:

1. Static anomaly detection
This analysis is carried out on the source code of the software program without the actual execution.

2. Dynamic anomaly detection
This is just the opposite of the static testing i.e., it is carried out on a running program.

3. Anomaly detection via compilers
Such detection are possible due to the static analysis. Certain compilers like the optimizing compilers can even detect the dead variables. The static analysis itself is incapable of detecting the dead variables since they are unreachable and thus unsolvable in the general case.

Other factors:
There are several other factors that play a great role in the data flow testing and they are:
1. Data flow modelling based on control flow graph
2. Simple path segments
3. Loop free path segments
4. DU path segments
5. Def – use associations
6. Definition clear paths
7. Data flow testing strategies


Cause-Effect Graphing is a black box testing - Explain?

So many testing techniques have been categorized under the black box testing and the cause effect graphing is one of them and that is what the whole article is all about.

- A directed graph created for the purpose of mapping of the set of causes to a set of effects is nothing but a cause effect graph.
- The causes mapped in the graph are merely the input to a software system or application and the effects can be thought of as the corresponding outputs.
- The right of the cause effect graph houses all the effects with their corresponding nodes and the left side shelters all the causes and along with their corresponding nodes.
- A graph representing causes and effects in such a way is said to be a typical cause effect graph.
- It may also make use of certain intermediate nodes for the representation of the relation between the input and the output using the logical operators like AND, OR etc.
- The constraints can be effectively added to the effects and causes in the graph and these represented as the labelled edges using a dashed line along with the symbol of the constraint.

Constraint Symbols for the Causes:
1. E – exclusive
2. OaOO – one and only one
3. I – at least one

- The first constraint is used to state that at any instant any two causes (say cause 1 and cause 2) cannot be true simultaneously.
- The second constraint i.e., the inclusive constraint is used to state that at least one of the two or more numbers of causes must be true.
- The third constraint “one and only one” is used to state that the only one among all the constraints can be true.

Constraints for the Effects

1. R – requires
2. M – mask

- These are the only two valid constraints for the effects.
- The first one states that if one of the causes is true, then it implies that the other one also must be true and it also states that only one of the two constraints can be true and other can be false.
- The second constraint i.e., the mask constraint states just the opposite of the first constraint i.e., if one of the effects is true, then the other must be false.

"One point to be noted here is that the mask constraint only relates to the effects rather than relating to the causes like other constraints."

The direction of the graph is represented as shown below:
Causes -> Intermediate nodes -> Effects

Normal Forms of Cause Effect Graph

The cause effect graph is always rearranged in such a way that at any point between any input and output there lays only one node. Two normal forms of the cause effect graph have been identified:

- Conjunctive normal form
- Disjunctive normal form

When is Cause Effect Graphing performed?

One of the main purposes of the cause effect graph is the generation of the reduced decision table. The cause effect graphing is performed after the following tasks have been completed:

1. All the requirements have been reviewed to check out for any ambiguity.
2. All the requirements have been reviewed for their content.
3. It has been ensured that the requirements are complete and correct.

Cause effect graphing is basically used for hardware testing, but now it has been adopted for the use in the software testing.

It takes in to consideration only the desired external behaviour of the system and therefore it has been categorized as a black box testing technique and only selects the test cases that represent a logical relation between the causes and effects for the production of the test cases.


Tuesday, March 20, 2012

Basis Path Testing is a white box testing technique - Explain?

As we all know in a typical software system or application, there exist so many possible paths between the entry and exit of the paths and the number of such potential paths is doubled by every decision that comes in the way.

On top of this every case statements adds to the number of the potential paths by multiplying the number of cases with the number of potential paths and this is further incremented by the loops which multiply all the different possible iteration values with the number of potential paths.

So you see with so many paths all over, a single unit of the code makes it extremely difficult to provide a 100 percent coverage to that unit. This can be illustrated by the following example:

- Consider a software program consisting a straight line code having only a single loop that is to be executed 50 times.
- For such a code we can easily make out that it will have 50 paths.
- Like all the other processes, the testing also does not have any unlimited amount of resources.
- There are a limited number of people to perform testing, limited resources, time, efforts and equipment to make up to the successful testing in a stipulated period of time.
- The testing processes always face a challenge of covering all the possible paths without going out of the specified limits.
- But this seems like very difficult to be achieved!

"This all can be possibly achieved if all the redundancy is eliminated from the source code to the maximum extent that is possible and at the same time, adequate coverage must be maintained."

How was basis path testing developed?

- Basis path testing was developed as a hybrid between the two testings namely the path testing and the branch testing.

- The path testing is the testing methodology that has been defined to execute paths all over a computer program whether all or selected and the branch testing is the testing methodology that has been defined for the execution of all the outcomes of every decision in a software source code.

- It can be thought of as a testing methodology that tests every branch and also all the independent paths throughout the software program.

- A path can be a sequence of statements or instructions to the system that starts at one junction and ends at the other and in between it may encounter several other junctions.

- An independent path is a bit different from the normal path in the way that it introduces a new set of processing statements or conditions.

What steps are involved in basis path testing?

It is a path that takes in to account only the paths with the linear combination of the iterations and in no other way. The following steps are involved in the basis path testing:

1. Drawing out of the control flow graph
2. Calculation of the cyclomatic complexity
3. A basis set of paths is chosen
4. Generation of the test cases for the execution of each and every path in the code

Benefits of Basis Path Testing

1. It clearly defines the number of the independent paths and the number of the test cases required.
2. It executes every statement at least once.
3. It executes every condition for both outcomes i.e., true and false at least once.
4. It pays attention to the logic of the program.
5. It facilitates the arbitrary test case design in contrast to the analytical test case design.

Basis path testing is a white box testing technique since one requires an in-depth knowledge of the program.


How is password cracking done?

Password as we all know is some secret string of some characters that is typically used for the authentication purpose and as a means of identity proof.

WHAT IS PASSWORD?

- Password is way through which you access your some accounts and resources.
- A password is not meant for the other except the account holder.
- Passwords have been in use since ancient history and of course the password theft or cracking also!
- Nowadays passwords are more known for their use in the log in process to various systems like an operated system, ATMs, cell phones, email accounts and so on.
- It is not necessary that a password should be some meaningful word; rather it can be anything silly that is probably difficult to be guessed by the others.
- There are many types of passwords like passphrase (password formed by more than one word), PIN (personal identification number, numerical password).
- Passwords are again very much vulnerable since they are not as secure as their cryptographic counterparts i.e., protocols.
- These days password theft, password spoofing etc is quite common.

FACTORS AFFECTING THE SECURITY OF PASSWORD

Before we explain to how a password is cracked, you should know what all the factors affect the security of a password.

- Any password protected system is provided protection against the viruses, Trojans etc.
- Physical security measures like shoulder surfing are also implemented.
- Many a times less extreme measures are also used like:
1. Side channel attack
2. Extortion and
3. Rubber hose cryptanalysis

HOW SECURITY OF PASSWORD PROTECTED SYSTEM IS DETERMINED?

- The security of a password protected system is often determined by the rate at which the attacker or hacker can guess the password.

- To overcome this threat a “time out” of a few seconds can be implemented or a fixed number of chances should be given to type in the correct password.

- Many of the computer systems are now implementing these techniques.

- In some systems the cryptographic hash of the password gets stored which makes the password accessible to an attacker.

- The attacker can obtain the actual password from this hash password value.
- Passwords with high guessing rates are commonly used for cryptographic keys generation process.

HOW PASSWORD CRACKING IS DONE?

- Password cracking is recovering of the passwords from the stored or transmitted data in a computer system.
- There are many approaches developed to crack a password:

1. Guessing
This is perhaps the most common approach and does not require any special skills.

2. Changing the password
This method is second on the list of password cracking methodologies. When a user forgets his/ her password, the system allows the changing of the password following an authentication process.

3. Brute force cracking
This type of cracking involves trying every possible password till the right one is achieved.

4. Dictionary attacks
This method is also very much common and involves trying of the candidate passwords using a cracking dictionary.

5. Pattern checking
6. Word list substitution

PURPOSE FOR PASSWORD CRACKING

- The purpose for the cracking of password can be a positive one, for example, the user of a particular account might have forgotten his password and could not access his account.
- The purpose for the cracking of password can be negative one i.e., for gaining unauthorized access to a computer system, mischief purposes etc.

Time taken to crack a password is directly proportional to the strength of its character set or bits.
- The complex a password, the longer it will take to crack it.
- In some password cracking processes, the system is made to generate the similar types of passwords.
- Such passwords are called candidate passwords.
- Password cracking rate depends on the availability of the hash and the limitations of the software authentication.


Monday, March 19, 2012

Explain the concepts of password cracking?

Password cracking is one of important and most sought after concepts under the category of computer security and crypt analysis. Password cracking is such a term that is self explanatory i.e., we can make out from the term itself that it is all about recovering the passwords.

The passwords can be recovered from the data that is transmitted and stored by a computer system or network. Till date many approaches have been formulated for the cracking of passwords.

APPROACH FOR PASSWORD CRACKING

- The most common approach which is still so much in use is repeated guessing of the password till one gets the right one.

- Nowadays passwords are more known for their use in the log in process to various systems like an operated system, ATMs, cell phones, email accounts and so on.

- It is not necessary that a password should be some meaningful word; rather it can be anything silly that is probably difficult to be guessed by the others.

- There are many types of passwords like passphrase (password formed by more than one word), PIN (personal identification number, numerical password).

- Passwords are again very much vulnerable since they are not as secure as their cryptographic counterparts i.e., protocols.

- These days password theft, password spoofing etc is quite common.

FACTORS AFFECTING THE SECURITY OF PASSWORD

- Any password protected system is provided protection against the viruses, Trojans etc.

- Physical security measures like shoulder surfing are also implemented.

- Less extreme measures are still so very in use namely Side channel attack,
Extortion and, Rubber hose crypt-analysis.

- It is not necessary that password cracking has always a bad reason behind it.

- There can also be some reasonable and genuine causes for cracking a password.

- The password cracking process usually takes much time depending up on the strength of its bits.

- The measure of the strength of the bits of a password give an indication about the information entropy of it.

- Many of the computer systems are now implementing these techniques.

- In some systems the cryptographic hash of the password gets stored which makes the password accessible to an attacker.

- The attacker can obtain the actual password from this hash password value.

- Passwords with high guessing rates are commonly used for cryptographic keys generation process.

HOW PASSWORD CRACKING IS DONE?

- To say it simply the password cracking is recovering of the passwords from the stored or transmitted data in a computer system.

- Passwords whether easy to remember or hard to guess always have a problem associated with them.

- The password which may seem easy to remember to the user often might also be easy
for an attacker to crack.

- On the other hand a difficult password is a contributing factor in reducing the security of the system since it has to be physically written and stored somewhere.

- In such cases the user tends to use the same password for a long time or to reset it again and again in case he/ she forgets it.

- All this stuff makes a system vulnerable and calls for more stringent security checks for password.

- There are several measures to increase the password strength like using a mixture of both lower case and upper case alphabets, numbers and special characters.

- But such kinds of measures only make the memorisation of these passwords more difficult.

- The best measure here to avoid such memory traps can be to design a personal algorithm for the generation of obscure passwords whenever you plan to change your password.


Sunday, March 18, 2012

Explain the concepts of fuzz test technique?

WHAT IS FUZZ TESTING?

- Fuzz testing is the formal name for fuzzing which as we know is another software testing technique that involves playing with the software system or application using all types of possible invalid input test data.

- By the invalid input test data we mean it can be either unexpected data or random data i.e., any other type of test data other than the specified input data type.

- It is not necessary that the fuzz testing should always be automated; it can also be semi automatic though keeping the whole process fully automated consumes less time and effort.

- Semi automatic process is used only when there is manual interference required in the testing.

- After feeding the invalid input data to the software system or application, the behavior of the system is monitored for any exceptions like hanging, crashing or failing of the code assertions that are built in and also check for any memory leaks.

From the above discussions we can easily make out that the fuzz testing has been developed for testing of the security related issues of the software system or application. Till now two types of fuzz testing have been identified namely:

1. Mutation based testing
2. Generation based testing

CONCEPTS OF FUZZ TESTING

- Fuzz testing was developed to complement the negative testing and syntax testing.

- Both of the above types of the fuzz testing can be either employed as white box testing technique or black box testing technique or as a mix of the two techniques i.e., grey box testing.

- Whatever technique may be used, it is focussed up on the common target i.e., network protocols, file formats and so on.

- Though these two are the usually targeted elements, almost any type of input test data for the program can be subjected to the fuzz testing.

- The most common types of input data include:
1. Sequence of API calls
2. Environment variables
3. Mouse events
4. Keyboard events etc.

- Apart from just testing the input test data types, even some elements like shared memory, contents of a data base, interleaving of threads etc can also be tested by the fuzz test.

- But, usually the input that is able to cross the trust boundary of the security of the software system or application is targeted.

- Among all other approaches to fuzz testing, the one which is mostly preferred is the black box approach.

- This approach is mostly employed for the testing of large software projects having a budget for the development of the testing tools.

- Fuzz testing is included in the class of the software testing techniques that offer a high benefit – to – cost ratio.

- Like other software testing techniques, fuzz testing also has a drawback which is that it is able to develop only a sample of the behavior of the software system.

- In some rare cases, if the software passes the fuzz test, it merely indicates that only a part of the software system can effectively handle the unexpected input data types without any problem.

- This tells us that fuzz testing can be considered as an overall quality assurance factor and not merely just a bug finding tool.

- Fuzz testing is also not to be taken as a substitute neither for the formal methods nor for the exhaustive testing.

- It also gives us a gross measurement of the reliability of the software.

- Based on the results of the fuzz testing, it can be decided that which part needs a partial rewrite, static analysis or code audits.


Friday, March 16, 2012

What causes browser display differences?

Most of the time while browsing the same over many browsers you might have noticed considerable differences between the displays across the various browsers. These differences cause a lot of annoyance to the users.

There are various reasons why there occur differences across the different browsers. This article is focussed up on such browser display differences and errors as well as suggestions to avoid them.

ABOUT WEB BROWSER DISPLAY DIFFERENCES


- Earlier it was quite difficult and time consuming task to compare the web sites displays under many different browsers but nowadays several tools have been developed that have proven to be quite effective in testing the appearance of a web site on various browsers.

- These tools help in checking out the differences by taking the snap shots of the web site across the various browsers and then comparing them.

- You can even have the snap shots of your web page under different computers and screen resolutions.

- An HTML tool box is incorporated in these tools which tell whether the differences have occurred due to the incompatibility of the HTML code used in the web site or are they because of the browser incompatibility.

- The HTML tool box in some of the tools has also the capability for repairing off the code errors in just a few clicks.

Some of the most common factors that causes browser display differences are:
1. Browser bugs
2. Browser incompatibility
3. HTML errors
4. Different font sizes
5. Different computer types
6. Different screen sizes
7. Different versions of the browsers

RARE CASES
- In some very rare cases, the problem of differences might also occur due to certain features of a web site that have been exclusively designed for certain browsers and are not meant for others.

- Usually a web site is developed so that all of its features are accessible by all the web sites.

- For example, the web site for downloading Google chrome extensions and tools has been designed exclusively for the Google chrome browser.

- Though this web site can be viewed in any other browser but, one cannot download extensions through that browser.

STEPS FOR ELIMINATING DISPLAY DIFFERENCES ARE:



There are several steps that one can take for eliminating such differences:
1. Avoiding using cutting edge HTML as far as possible.
2. Set some goals for your web site.
3. Always check for the browsers incompatibilities.
4. Follow the trial and error debugging method.
5. Never forget to validate your web pages.

WHAT WEB BROWSERS ACTUALLY DO?


- They translate the web site code in to the formatted web pages.

- Every individual web browser has its own way of translating the web pages.

- This can be compared to the following example: you give a sentence written in German to a few people and ask them to translate it in to English. Checking the results, you will observe that all of them though have translated the sentence but their ways of translation are different i.e., the have used different words and grammar composition.

- Though the rules and standards for using HTML have been stated by the World Wide Web consortium, web site designers have their own way of implementing it.

- There is a fact that you should know which is that there is no such an effective browser that supports the hundred percent of the HTML, though there are certain browsers that come a little far away than their counterparts.

- If your browser does not supports a part of the code, it is sure to affect the display of your web site.

- This problem is further exaggerated by the HTML extensions that are specific to certain browsers.

- Such problems have forced the designers to put a label on their web site stating on which browser their web site can be viewed.


What are three main purposes of software testing?

It is a world wide established fact that the software testing has proved all the way very effective in improving the satisfaction of the clients and customers by delivering them a software product that is quite free of defects, errors and bugs.

Only the stable, error free and reliable software systems and applications are accepted in to the business. There is no place for the unstable and buggy software systems.

WHAT HAPPENS IF TESTING IS NOT DONE PROPERLY?


- There is a substantial increase in the chances of the failure of a software system or application if it is not tested or tested only up to a small extent.

- This in turn increases the rates of wastage of time as well as one’s precious efforts.

- The rework and rewrites and their maintenance cost the organization so much and also annoys the customers and clients.

- If a software system fails, it only gives an indication towards the inadequacy of the efficiency of the system and a lack of testing.

- The failure of the software systems or applications can cost too much in certain cases where very sensitive and critical matters are dependent on the working of the software.

- Software testing has been scientifically defined as a process that deals with the verification and validation of the software system or application.

- It ensures whether or not the system meets all the requirements specifications that have been used all along its development cycle to guide its designing and makes sure that the software system or application is working as expected by the makers.

THREE MAIN PURPOSES OF SOFTWARE TESTING


Three main purposes of the software testing have been laid down as mentioned below:

1. Verification
This purpose deals with the verification of the development process of the software system or application and ensures that the software is being developed or built in the right way.

2. Validation
This is all about making sure that the right software artefact is being produced.

3. Defect finding verification
This is for the purpose of ensuring that the software system or application that is being built, meets the technical specifications and requirements stated for it by the customer or the clients. It also checks out for the variation of the defect range between the actual outcome and the expected outcome.

BENEFITS OF SOFTWARE TESTING


- Software testing has very well taken up the responsibility for ensuring that the software system or application meets the business requirements as specified for it and thus whether or not works as expected.

- The compatibility of the software system or application with a range of different platforms is also evaluated and the performance rating is given.

- Whether the software system or application should be released or not, is determined on the basis of the results of the software testing.

- Software testing has a whole lot of benefits, the greatest ones being the saving of the time and efforts which are indeed very priceless commodities.

- Defects, bugs and errors if detected earlier eat up less time and money and reduce development time and also if the application or system is kept error free in the beginning itself, then less problems will be faced in the future development phases.

Software failures as mentioned above can give rise to life threatening issues to the:

- People (for example, control system failure resulting in a plane crash, life support system failure in hospitals causing deaths)

- Environment (for example, a software failure causes the harmful radiations and chemicals to be released in to the environment and thus affecting the whole eco system)

- Companies (for example, some times the software might do the bill incorrectly due to some discrepancy in it causing the company a great money loss) and so on.


Thursday, March 15, 2012

What are different kind of browser bugs?

It is a universal fact that every thing in this world is infected with some discrepancies. So does it hold well for the web browsers! This article is here to discuss about the bugs associated with the web browsers.

Till date so many bugs of the web browsers like Mozilla, internet explorer, Netscape, opera and so on have been discovered. Let us check out some of the prominent errors:

Multiple browsers bugs


Bugs discovered under this category are:

(a) Font variant ligatures are not implemented by most of the bugs. The font module level 3 of the CSS defines the property of the font variant ligatures to specify the use of ligatures. Till now no such browser has been developed that supports this property fully.

(b) Font weight is not implemented consistently by the browsers. This font weight property of CSS lays down the specifications regarding the numeric values and key words.

(c) Data tables are not managed properly by the browsers. Most of the table properties are not supported by the browsers.

(d) Layout affected by outlining property.

(e) Styling legend tags

(f) Bugs in Mozilla Firefox
Styling is not applied and problems have been experienced with the horizontal scroll bar.

(g) Bugs in Internet Explorer
When the cursor is hovered over some elements, they did not work properly with the forms; the left origin of the positioning coordinates is incorrectly set.

(h) Bugs in Opera
&rsquo and &isquo entities were not recognizable by the opera, but this was later fixed in the 8th version.

(i) Bugs in Safari
These crashes were reported when : hover :: after was used.

(j) The borders separating the head and the body sections are often placed incorrectly by the opera.

(k) Multi-column ordered list remembering.

(l) Backgrounds show through invisible tables.

(m) Buttons with images cannot be aligned with those having only text.

(n) In some browsers even the fixed elements align along with the adjacent elements.

WHAT CHALLENGES ARE FACED WHILE DEVELOPING A WEBSITE

- When you start developing or designing your web sites choose carefully between the CSS and HTML.

- Don’t go for such an advance version of the languages because if you did then you may run in to the problems with the incompatibility of the browser.

- There is so much of competition going around the whole software market.

- The browser developers are releasing new browsers at very fast pace without even testing them properly which then becomes a headache for the web site designers.

- The new languages being used today like HTML 5 and CSS 3 are now gaining very much popularity though they are pretty much complex then their preceding versions.

- Number of features to be implemented is quite huge which is the major cause of the bugs.

- Whenever you come across a bug, do not forget to report it since it may be so very rare that nobody else would have stumbled up on it.

- One thing you should always remember is to keep the problem in the reduced form as much as possible.

- For doing this you an simply make up a copy of the code and from that remove the java script or CSS files one by one and ultimately you’ll come at a point when the problem will go away.

- Now you add that file and remove the others from the ones that you did previously.

- If you find that the bug is now going away even after removing all the files then it is likely that the bug lies in HTML coding.

- Now after you know that which aspect houses the problem, you need to locate that file or code.


What we can do to avoid browser incompatibility?

Malfunctioning of the web sites across various browsers has become a topic of utter annoyance.

Why it happens so that your web site functions perfectly well on one browser and at the same time fails to perform well in some other browser?
Why it appears to be missing some thing while it appears as proper on other browsers?


The root cause of all such errors and differences is the browser incompatibility.

WHAT IS BROWSER INCOMPATIBILITY & TOOLS FOR DETECTING BROWSER INCOMPATIBILITY

- There are various tools that can help you across detecting the browser incompatibility.

- Such tools check for the browser incompatibility by comparing the various snap shots of the web site operating under various web browsers.

- Different browsers and different browser versions all add up to the browser incompatibility.

- Browser incompatibility though cannot be eradicated fully; it can be at least reduced to a certain extent.

- Though the browser is only to be blamed for its incompatibility, the measures to reduce or avoid it can be taken from both sides.

- It can be done by improving either the standards of the browser or by taking care of the web site.

- If the web site in its design and code is good, incompatibility will be noticed less.

WHY INCOMPATIBILITY ARISES?

- It arises either because of the incompatibility of the web browser or because of the problems in the web site itself.

- So you need to focus on the design an implementation of your web site rather than bogging up yourself with the browser issues.

- Employing cutting edge HTML can also run you in to the incompatibility problems as the HTML standards usually are a way step ahead of what is supported by the web browsers.

- Till now, no such browser has been developed that will take in to consideration 100 percent HTML.

- No doubt there are certain browsers that are a bit close to this value than the others.

- Using latest versions and standards of the HTML is always not a good choice. So be wise when you choose the version of HTML for designing up your web site.

- Another fact to be kept in mind is that not all the web browsers are equally efficient in translating the HTML code in to formatted web sites.

- There are some browsers that may leave certain parts of the HTML code because they are not able to execute it and again you will have trouble with your browser compatibility.

- Also all the web browsers do not translate a web page in the same manner and don’t give the same results.

- Before you start building up your web site, check out the compatibility of the different browsers so that you will have an idea what all formats and standards they support and you can build your site according and simultaneously avoiding a bug deal of incompatibility.

- After you have finished developing your web site, have your pages validated. If you are getting errors in your web site try out the trail and error debugging method.

Though the World Wide Web consortium has specified the standards for using HTML, you can very well invent your own and design your web site accordingly. But this has a disadvantage that the browser may reject the parts that cannot be executed and the appearance and functioning of your web site will be affected.

The basic difference between the two versions of a browser lies in the support they provide for the HTML. But on top of all it would be better if you pay attention to the browser compatibility while designing your web site. This will prevent you from running in to future issues regarding the incompatibility of the browser.


Wednesday, March 14, 2012

What are major activities in database testing?

Before going to the main topic i.e., the major activities that are carried out in data base testing, we will first have an insight on what is data base testing actually.

WHAT IS DATABASE TESTING?

- Data base testing as it suggests itself, it is the testing of the data or values retrieved from the data base of that software system or application under testing.

- The retrieved data should match exactly with the data mentioned in the records of the data base.

- Data base testing is not an easy thing to carry out.

- It calls for a great need of expertise in reading the data base record tables, writing procedures and queries for the data base.

- Data base testing works well with all sorts of application softwares be it any application written either in SQL or Oracle languages.

- But normally, data base testing finds it way in the testing of applications that work with all sorts of sensitive data like finance, banking or health insurances etc.

- Such applications require extensive data base testing since any error in the retrieved data can cause the users lot to suffer.

MAJOR ACTIVITIES OF DATABASE TESTING
Now we are going to discuss about the working of the data base testing or what all are the major activities taking place in a data base testing.

- A lot of understanding and knowledge of the software system or application under the testing is required i.e., the tester needs to know all about the type of data base being used by the software system or application.

- All the existing data tables in the application data base are figured out.

- All the possible queries are written for the figured out tables to be executed.

- All the tables are tested individually for the verification and validation of the data contained in them.

- For complex data bases the queries are obtained from the developer and the functionalities are tested.

- The data base of a software system or application is indeed its back bone and needs to be tested thoroughly.

- In a data base testing not only the data base undergoes testing, but also the features and functionality of the software system or application.

- As if this is not enough, all the actions taking place like deletion or addition are also tested.

- The added values or data are checked against the records of the data base i.e., whether or not they are exactly same.

- The deleted is checked for whether or not it has been really deleted from the data base.

- Every action being performed is tested for its efficiency as it will affect the overall well being of the data base.

- These days with the introduction of the business logic, the data bases have become more complex.

- Though the business logic makes the whole data base complex in nature, it cannot be neglected since it plays a very crucial role in the implementation of the applications.

- After the implementation of the business rules or logic, the data base values are again checked for their correctness.

- The coupling of the data bases to the libraries also poses a problem for the data base testing besides the following:

1. Data base schemas
2. Data base tables
3. Verification of the data base after every execution of test cases.
4. Cleaning up of the data base for every new test case execution.
5. Carrying out the whole data base testing manually is absolutely impossible or perhaps a nightmare.
6. Writing short test codes that are easy to understand.

One needs to carry out data base testing very carefully and with understanding since any faltering can disrupt the whole testing process.


Tuesday, March 13, 2012

What are different aspects of Compounded SQL injection attack?

Till now so many types of SQL injection attacks have been identified. But, there is one type of SQL injection type which results in to different kinds of combinations of the other SQL injection attacks. This type of SQL injection attacks are commonly known as the compound SQL injection attacks.

This type of SQL injection attack has been derived from rigorous research and experimenting with the different SQL injection attack vectors putting them in different combinations with the various other web application attacks.

Some of the most commonly employed combinations are:

1. SQL injection + XSS cross site scripting
2. SQL injection + DDos attacks
3. SQL injection + insufficient authentication
4. SQL injection + DNS hijacking

Compounded SQL Injection Attack

- SQL is a language developed for interacting with the data base of the applications and web sites.

- The functions are mainly defined to retrieve the data from the data bases or to update the contents of the existing data bases.

- It uses compound conditions basically that make use of AND or OR.

- A compound statement is used to group all the other statements so as to constitute an executable block.

- SQL variables can be declared in an atomic compound statement that has been dynamically developed.

- A compound statement can be easily embedded in to SQL functions, SQL methods, trigger etc.

- To invoke a dynamic compound statement no privileges are required, although the authorization ID of the compound statement needs to include all the privileges required invoking the other SQL statements that form a part of that particular compound statement.

- Most of the compilers compile the compound statements as one single statement since this technique proves effective for the short scripts that do not require little control flow logic though a great data flow.

- For larger scripts or constructs, it’s better to use the SQL procedures.

- The “discretize” function is quite a simple one and is often used for the classification and modification of the data and gives back a NULL value for the malicious data.

- Later this malicious data is cleansed up by the compound statement.

- Most of the mechanisms can be elaborated using the technique of multi stage cleansing.

- The advantage of the compound statement is that here the FOR loop neither does open up a cursor nor the single row inserts are treated so.

- Here the underlying logic is of a multi table insert that has been selected previously.

- This advantage is reaped by compiling the dynamic statement as a single one.

- In contrast to this dynamic compound statement, there’s another type called Compounded SQL embedded statement.

- These statements can only be embedded in to the applications.

- In contrast to the dynamic statements, these cannot be prepared dynamically.

- These statements do not required any special privileges for invocation.


Facebook activity