KEMBAR78
ST Module1 2023 | PDF | Software Testing | Computer Program
0% found this document useful (0 votes)
46 views92 pages

ST Module1 2023

The document summarizes the modules and topics covered in the course on software testing. It discusses the basics of software testing including definitions of key terms like error, fault, failure, incident and test case. It also describes the testing life cycle and different types of testing like functional testing, structural testing, integration testing and system testing. The document lists textbooks that cover specific topics from the course.

Uploaded by

Karthik C
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
46 views92 pages

ST Module1 2023

The document summarizes the modules and topics covered in the course on software testing. It discusses the basics of software testing including definitions of key terms like error, fault, failure, incident and test case. It also describes the testing life cycle and different types of testing like functional testing, structural testing, integration testing and system testing. The document lists textbooks that cover specific topics from the course.

Uploaded by

Karthik C
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 92

SOFTWARE TESTING

(18IS62)
SOFTWARE TESTING
Module-1
Basics of Software Testing: Basic definitions, Software Quality , Requirements, Behavior
and Correctness, Correctness versus Reliability, Testing and Debugging, Test cases, Insights from
a Venn diagram, Identifying test cases, Test-generation Strategies, Test Metrics, Error and fault
taxonomies, Levels of testing, Testing and Verification, Static Testing. Problem Statements:
Generalized pseudocode, the triangle problem, the NextDate function, the commission
problem, the SATM (Simple Automatic Teller Machine) problem, the currency converter, Saturn
windshield wiper

Module-2
Functional Testing: Boundary value analysis, Robustness testing, Worst-case testing, Robust
Worst testing for triangle problem, Nextdate problem and commission problem, Equivalence
classes, Equivalence test cases for the triangle problem, NextDate function, and the commission
problem, Guidelines and observations, Decision tables, Test cases for the triangle problem,
NextDate function, and the commission problem, Guidelines and observations. Fault Based
Testing: Overview, Assumptions in fault based testing, Mutation analysis, Fault-based
adequacy criteria, Variations on mutation analysis.

2
SOFTWARE TESTING
Module 3
Structural Testing: Overview, Statement testing, Programme testing, Condition
testing , Path testing: DD paths, Test coverage metrics, Basis path testing, guidelines
and observations, Data –Flow testing: Definition-Use testing, Slice-based testing,
Guidelines and observations. Test Execution: Overview of test execution, from test
case specification to test cases, Scaffolding, Generic versus specific scaffolding,
Test oracles, Self-checks as oracles, Capture and replay.

Module 4
Process Framework: Basic principles: Sensitivity, redundancy, restriction, partition,
visibility, Feedback, the quality process, Planning and monitoring, Quality goals,
Dependability properties ,Analysis Testing, Improving the process, Organizational
factors. Planning and Monitoring the Process: Quality and process, Test and analysis
strategies and plans, Risk planning, monitoring the process, Improving the process,
the quality team Documenting Analysis and Test: Organizing documents, Test
strategy document, Analysis and test plan, Test design specifications documents,
Test and analysis reports.
3
SOFTWARE TESTING
Module 5

Integration and Component-Based Software Testing: Overview, Integration


testing strategies, Testing components and assemblies. System, Acceptance
and Regression Testing: Overview, System testing, Acceptance testing,
Usability, Regression testing, Regression test selection techniques, Test
case prioritization and selective execution. Levels of Testing, Integration
Testing: Traditional view of testing levels, Alternative life-cycle models,
The SATM system, Separating integration and system testing, A closer look
at the SATM system, Decomposition-based, call graph-based, Path-based
integrations.

4
SOFTWARE TESTING
• Textbooks:
1. Paul C. Jorgensen: Software Testing, A Craftsman’s Approach, 3rd
Edition, Auerbach Publications, 2008. (Listed topics only from
Chapters 1, 2, 5, 6, 7, 9, 10, 12, 13)
2. Mauro Pezze, Michal Young: Software Testing and Analysis –
Process, Principles and Techniques, Wiley India, 2009. (Listed topics
only from Chapters 3, 4, 16, 17, 20,21, 22,24)
3. Aditya P Mathur: Foundations of Software Testing, Pearson
Education, 2008.( Listed topics only from Section 1.2 , 1.3, 1.4 ,1.5,
1.8,1.12,6. 2.1,6. 2.4 )

5
Basics of Software Testing
➢Basic Definitions
✓Error:
▪ A good synonym is mistake.
▪ When people make mistakes while coding, we call
these mistakes as bugs.
▪ Errors tend to propagate and requirements error
may be magnified during design and amplified still
more during coding.

6
Basics of Software Testing(contd..)
✓Fault:
▪ A fault is the result of an error
▪ It is the representation of an error, where
representation is the mode of expression, such as
narrative text, data flow diagrams, hierarchy
charts, source code, and so on
▪ Defect is a good synonym for fault.

7
Basics of Software Testing(contd..)
✓ Types of Fault:
▪ Fault of omission occurs when we fail to enter correct
information. (Some details are missed out in specifications
and additional details are implemented)
▪ Fault of commission occurs when we enter something into
a representation that is incorrect. (Mentioned in
Specifications but missed out while implementing) or
▪ Omission/commission:
▪ Omission - neglecting to include some entity in a module
▪ Commission - incorrect executable statement

8
Basics of Software Testing(contd..)
✓Failure:
▪ A failure occurs when a fault executes
▪ Two subtleties arise here: one is that failures only
occur in an executable representation, which is
usually taken to be source code, or loaded object
code
▪ Second subtlety is that, this definition relates
failures only to faults of commission.

9
Basics of Software Testing(contd..)
✓ Incident:
▪ An incident is the symptom associated with a failure that
alerts the user to the occurrence of failure
✓ Test:
▪ A test is the act of exercising software with test cases. A
test has two distinct goals: to find failures or to
demonstrate correct execution

✓ Test Case:
▪ Test case has an identity and is associated with a program
behavior. A test case also has a set of inputs and a list of
expected outputs.
10
Basics of Software Testing (contd..)
➢What is testing?
▪ Software testing is a process used to identify the
correctness, completeness and quality of
developed computer software.
▪ The process of devising a set of inputs to a given
piece of software that will cause the software to
exercise some portion of its code.
▪ The developer of the software can then check that
the results produced by the software are in accord
with his or her expectations.

11
A Testing life cycle

12
Test cases
• Aim of testing is to determine a set of test cases.
• The below information should be in a test case.
• Inputs: Pre-conditions (circumstances that hold prior to test
case execution), Actual Inputs identified by some testing
method.
• Expected Outputs: Post- conditions and actual outputs
• Typical Test Case Information (Contents of a Test Case)
➢ Title, author, date,
➢ Test case ID
➢ Purpose
➢ Pre-conditions
➢ Inputs
➢ Expected Outputs
➢ Observed Outputs
➢ Pass/Fail Comments 13
Insight from the Venn Diagram
• consider the relationships among S, P, and T (Test cases). We
can find, there may be specified behaviors that are not tested
correspond to the regions 2 and 5, specified behaviors that are
tested correspond to the regions 1 and 4, and test cases that
correspond to unspecified behaviors in regions 3 and 7.

14
• Similarly, there may be programmed behaviors that are not
tested correspond to the regions 2 and 6.
• Programmed behaviors that are tested correspond to the
regions 1 and 3, and test cases that correspond to
unprogrammed behaviors in regions 4 and 7.
• All regions are important. If specified behaviors exist for
which no test cases are available, the testing is incomplete.

• If some test cases correspond to unspecified behaviors, then


some possibilities arise: test case is unwarranted or
specification is deficient or tester wishes to determine that
specified nonbehavior does not occur.

15
Identifying test cases
• Two fundamental approaches known as Functional and
Structural testing are used to identify test cases.

✓ Functional Testing
• Functional Testing is based on the view that any program can
be considered to be a function that maps values from input
domain to values in the output range. This notion is used
when systems are considered to be black boxes.

• In black box testing, the content or implementation of a


black box is not known and its function is understood
completely in terms of its inputs and outputs.

16
Black Box - A strategy in which testing is based on
requirements and specifications

17
✓ Advantages of Black Box Testing / Black Box Test cases
• The test is unbiased because the designer and the tester are
independent of each other.
• Test cases are independent of how the software is
implemented, so if the implementation changes, the test cases
are still useful.
• The tester does not need knowledge of any specific
programming languages.
• The test is done from the point of view of the user, not the
designer.
• Test cases can be designed as soon as the specifications are
complete or in parallel with implementation.

18
✓ Disadvantages of Black Box Testing/ Black Box Test cases
• The test can be redundant if the software designer has already
run a test case.
• Significant redundancies may exist among test cases.
• The test cases are difficult to design and compounded by the
possibility of gaps of untested software.
• Testing every possible input stream is unrealistic because it
would take an inordinate amount of time. Therefore, many
program paths will go untested.

19
✓ Structural Testing

• Structural Testing is another approach to test case


identification. It is also called as White Box, Clear Box,
Glass box and Open box testing. Function is understood only
in terms of its implementation and used to identify test cases.
• White Box: A strategy in which testing is based on internal
parts, structure, and implementation.

20
✓ Advantages of White Box Testing are mentioned below:
• All the features and functionality within the application can be
tested. Testing can be started at the very initial stage. Tester
does not need to wait for interface or GUI to be ready for
testing.
• Can reduce to number of test cases to be executed during
black box testing.
• Helps in checking coding standards and optimizing code.
• Extra code resulting in hidden defects can be removed.
• Reason of failure can be known.
• Identifying test data is easy because of coding knowledge.

21
✓ Disadvantages of White Box Testing are mentioned below:
• Tester should be highly skilled because should have the
knowledge of coding/implementation.
• Cost of tester is very high.
• White Box testing is very complex.
• It is not possible to look into each piece of code to find out
hidden errors.
• Test cases maintenance can be tough if the implementation
changes very frequently.
• Since White Box Testing is closely tied with the application
being testing, tools to cater to every kind of
implementation/platform may not be readily available.
• Exhaustive testing of larger system is not possible.
22
Error and fault Taxonomies

23
Types of Faults

24
25
26
Levels of Testing
• Structural testing is more appropriate at unit level and functional
testing is at more appropriate at system level.

27
Software quality
➢ Software quality is a multidimensional quantity and
is measurable.
➢ Quality attributes
▪ There exist several measures of software quality.
These can be divided into static and dynamic quality
attributes.
▪ Static quality attributes include structured,
maintainable and testable code as well as the
availability of correct and complete documentation.
▪ Dynamic quality attributes include software reliability,
correctness, completeness, consistency, usability and
performance.
28
Dynamic quality attributes
– Reliability refers to the probability of failure free
operation
– Correctness refers to the correct operation of an
application and is always with reference to some artifact
– Completeness refers to the availability of all features
listed in the requirements, or in the user manual.
Incomplete software is one that does not fully implement
all features required
– Performance refers to the time the application takes to
perform a requested task

29
– Consistency refers to adherence to a common set
of conventions and assumptions. For example, all
buttons in the user interface might follow a
common color coding convention.
– Usability refers to the ease with which an
application can be used.

30
Requirements, Behavior and
Correctness
➢ Any software is designed in response to requirements of the
environment.
➢ Example: Two Requirements are given below and each leads
to two different programs.
✓ Requirement 1: It is required to write a program that
inputs two integers and outputs the maximum of these.
✓ Requirement 2: It is required to write a program that
inputs a sequence of integers and outputs the sorted
version of this sequence.
➢ Consider Requirement 1: The expected output of max when
the input integers are 13 and 19 is easily determined as 19.
Suppose now that the tester wants to know if the two
integers to be on the same line followed by a carriage return,
31
or on two separate lines with a carriage return
typed in after each number. The requirement as
stated above fails to provide an answer to this
question. This requirement illustrates
Incompleteness.

• Consider Requirement 2: It is not clear whether the


input sequence is to be sorted in ascending or in
descending order. The behavior of sort program
written to satisfy this requirement will depend on
the decision taken by the programmer. This is called
as ambiguity.

32
Input domain and Program
Correctness
➢ A program is correct if it behaves as desired on all possible inputs.
The set of all possible inputs to a program P is known as the input
domain or input space of P.
➢ Using Requirement 1, we find the input domain of max to be the
set of all pairs of integers where each element in the pair integers is
in the range -32,768 to 32,767.
➢ Using Requirement 2, it is not possible to find the input domain for
the sort program.
➢ Modified Requirement 2: It is required to write a program that
inputs a sequence of integers and outputs the integers sorted in
either ascending or descending order.

33
The order of the output sequence is determined by an input
request character which should be “A” when an ascending
sequence is desired, and “D” otherwise. While providing
input to the program, the request character is input first
followed by the sequence of integers to be sorted and
terminated with a period
➢ Based on the above modified requirement, the input
domain for Sort is a set of pairs. The first element of the
pair is a character. The second element of the pair is a
sequence of zero or more integers ending with a period.
➢ Examples are:
<A -5 56 32 16 . >
<D 79 103 -2 0 29 . >
<A . >
34
Valid and Invalid Inputs
➢ The modified requirement for sort mentions that the
request characters can be “A” and “D”, but fails to answer
the question “What if the user types a different
character?” When using sort it is certainly possible for the
user to type a character other than “A” and “D”. Any
character other than “A” and “D” is considered as invalid
input to sort.
➢ The requirement for sort does not specify what action it
should take when an invalid input is encountered. Example:
< E 7 19 . > Now the sort program enters into infinite loop.
➢ Further the modified input domain consists of pair of values
in which the first value is the request character and the
second is the sequence of integers combined with invalid
characters terminated by a period.
35
➢Example: < D 7 9F 19 . >. From this it is
assumed that invalid characters are possible
inputs to sort program.

➢ It is advisable to separate valid and invalid


inputs and can be used for testing.

36
Correctness versus Reliability
✓ Correctness
▪ Correctness is the process of testing a
program on all elements in the input
domain. In most cases this is impossible to
accomplish. Thus, correctness is established
via mathematical proofs of programs.
▪ While correctness attempts to establish that
the program is error free, testing attempts to
find if there are any errors in it.
▪ Testing, debugging and the error removal
processes together increase our confidence
in the correct functioning of the program
under test.
37
Correctness versus Reliability
✓ Reliability
The reliability of a program P is the probability of
its successful execution on a randomly selected
element from its input domain.

Example: Consider a program P whose inputs are


{< (0, 0) (-1, 1) (1, -1)>}. If it is known that P fails on
exactly one of the three possible input pairs then
the frequency with which P will function correctly
is 2/3.
38
Program Use and the Operational
profile
➢An operational profile is a numerical
description of how a program is executed
and used.
➢Example: Consider a sort program, on any
given execution allows any one of two
types of input sequences. Sample
operational profiles for sort are as follows.

39
Program Use and the Operational
profile

40
Testing and debugging

➢Testing is the process of determining if a


program behaves as expected.
➢When testing reveals an error, the process
used to determine the cause of this error
and to remove it, is known as debugging.

41
Testing and debugging

42
Preparing a Test plan
• A test cycle is often guided by a test plan. Test Plan
for sort program is given below. The sort program is
to be tested to meet the requirements given earlier.
Specifically, the following needs to be done.
1. Execute sort on at least two input sequences, one with “A”
and the other with “D” as request characters.
2. Execute the program on an empty input sequence.
3. Test the program for robustness against erroneous inputs
such as “R” typed in as the request character.
4. All failures of the test program should be recorded in a
suitable file using the Company Failure Report Form.

43
Constructing Test Data
• A test case is a pair consisting of test data to be input
to the program and the expected output. The test
data is a set of values, one for each input variable.
• A test set is a collection of zero or more test cases.
Sample test cases for sort are
Test data: <A 12 -29 32 >
Expected output: -29 12 32
Test data: <D 12 -29 32 >
Expected output: 32 12 -29

44
Executing the Program
➢ A tester will be able to construct a test harness to
aid in program execution.
➢ The harness initializes any global variables, inputs a
test case and executes the program. The output
generated by the program may be saved in a file for
subsequent examination by a tester.
• Example: The test harness shown in the figure reads
an input sequence, checks for its correctness, and
then calls sort. The sorted array returned by sort is
printed using print sequence. The test cases are
assumed to be in the Test Pool.

45
Executing the Program

46
Executing the Program
➢ In preparing this test harness, the assumptions made
are:
(a) sort is coded as a procedure.
(b) The get_input procedure accepts/reads the
variables in the sequence as request_char,
num_items and in numbers.
(c) The input is checked prior to calling sort by the
check_input procedure.

47
➢ The test_setup procedure is invoked first to set up
the test that includes identifying and opening the
file containing tests.
➢ check_output procedure serves as the oracle that
checks if the program under test behaves correctly.
➢ report_failure is invoked when the output from sort
is incorrect.
➢ print_sequence prints the sequence generated by
the sort program. This also can be saved in file for
subsequent examination.

48
Specifying Program behavior
➢ There are several ways to define and specify program
behavior such as plain natural language and a state diagram.

➢ The state of the program is the set of current values of all its
variables and an indication of which statement in the
program is to be executed next.

➢ One way is collecting the current values of program variables


into a vector known as the state vector.

49
Specifying Program behavior….
▪ In the case of assembly language programs the location of
the control can be specified more precisely by giving the value
of the program counter.
▪ Example: Consider a program given below to find maximum of
two numbers and store in Z. Here if X is less than Y, line 4 will
be executed, if not line 6 will be executed.
1.integer X, Y, Z;
2. input (X, Y);
3. if (X<Y)
4. {Z=Y;}
5. else
6. {Z=X;}
7. endif
8. output(Z);
9. end
50
Assessing the Correctness of Program
Behavior
➢ Assessing the correctness of program behavior includes two
steps.
➢ In the first step, the observation of the behavior is done.
➢ In the second step, analysis of the observed behavior is done
to check if the program is correct or not.
➢ The entity that performs the task of checking the correctness
of the observed behavior is known as an oracle.
➢ Next figure shows the relationship between the program
under test and the oracle.
➢ An oracle is a testing software designed to check the behavior
of other programs.

51
Assessing the Correctness of Program
Behavior

52
Construction of Oracles
➢ Construction of automated oracles, such as the one to check a
matrix multiplication program or a sort program, requires
determination of I/O relationship.
➢ When tests are generated from models such as finite-state
machines (FSMs) or state charts, both inputs and the
corresponding outputs are available. This makes it possible to
construct an oracle while generating the tests.
• Example: Consider a program HVideo to keep track of home
videos, which operates in two modes.
– In the data entry mode it displays a screen in which the user types
in information about a DVD such as title, comments and created
date etc., and stored in database.
– In search mode the program displays a screen into which a user can
type some attribute of the DVD to be searched.

53
Construction of Oracles

54
Test- generation Strategies
➢ One of the key tasks in software testing is generation
of test cases.
➢ Any form of test case generation uses a source
document/ requirement document.
➢ In most of the test methods the source document
resides in the mind of the tester who generates tests
based on the knowledge of the requirements

55
Test- generation Strategies

56
Test Metrics
➢ The term metric refers to a standard of measurement. In
software testing there exist a variety of metrics

57
Test Metrics
➢ There are four general core areas that assist in the design of
metrics. They are schedule, quality, resources and size.
✓ Schedule related metrics: Measure actual completion
times of various activities and compare these with
estimated time to completion.
✓ Quality related metrics: Measure quality of a product or a
process
✓ Resource related metrics: Measure items such as cost,
man power and test execution.
✓ Size-related metrics: Measure size of various objects such
as the source code and number of tests in a test suite.

58
Organizational metrics
➢ Metrics at the level of an organization are useful in
overall project planning and management.
➢ Example: the number of defects reported after
product release, average of products developed and
marketed by an organization is a useful metric of
product quality.
➢ Organizational metrics allow senior management to
monitor the overall strength of the organization and
points to areas of weakness. Thus, these metrics
help senior management in setting new goals and
plan for resources needed to realize these goals.
59
Project metrics
➢ Project metrics relate to a specific project. The I/O
device testing project or compiler design projects are
the examples.
➢ These are useful in the monitoring and control of a
specific project.
➢ The ratio of Actual-to-planned system test effort is
one project metric. Test effort could be measured in
terms of the tester-man-months.
➢ Another project metric is the ratio of number of
successful tests to the total number of tests in the
system test phase
60
Process metrics
➢ Every project uses some test process. The big-bang
approach is well suited for small single person
projects.

➢ The goal of a process metric is to assess the


goodness of the process

➢ The defects should not be carried from one phase of


testing to other phase.

➢ Otherwise the cost of testing will become high.


61
Product metrics: Generic
➢ Product metrics relate to a specific product.
➢ For example “Should the product be released for use by the
customer?”
➢ Product complexity can be measured with two types of
metrics. They are Cyclomatic complexity and Halstead
metrics.
➢ Cyclomatic complexity is computed as V(G) = E-N+2p
➢ Halstead complexity measures are software metrics
introduced by Maurice Halstead.
➢ The table lists some of the software science metrics.
➢ Using program size S and effort E, the following estimator
has been proposed for number of errors B as B= 7.6 𝐸 0.667
𝑆 0.33

62
Halstead Measures of Program
complexity and effort
Measure Notation Definition

Operator count N1 Number of operators in a Program


Operator count N2 Number of operands in a program
Unique operators n1 Number of unique operators in a program
Unique operators n2 Number of unique operators in a program

Program vocabulary n n1 + n2
Program size N N1 + N2
Program Volume V N ∗ log2 N

Difficulty D 2/n1 ∗ n2/N2


Effort E D∗V

63
Product metrics : Object-Oriented
(OO) Software

64
Progress monitoring and trends
➢ Metrics are often used for monitoring progress.
➢ This requires making measurements on a regular
basis over time. Such measurements offer trends.
➢ Example: When a browser is in system testing phase
one could measure the cumulative number of
defects found and plot these over time. Such plot
will rise over time.
➢ It is also required to show the saturation indicating
that the product is reaching stability.

65
Static and dynamic metrics
➢ Static metrics are those computed without having to
execute the product.
➢ Example: Number of testable entities in an
application.

➢ Dynamic metric requires code execution.


➢ Example: Number of testable entities actually
covered by a test suite.

66
Testability
➢ According to IEEE, testability is the “degree to which a system
or component facilitates the establishment of test criteria and
the performance of tests to determine whether those criteria
have been met”.

➢ Two ways to measure testability of a product are static


testability metrics and dynamic testability metrics. Software
complexity is one of the static testability metric.

➢ Dynamic metrics for testability includes various code based


coverage criteria. Example: when it is difficult to generate
tests that satisfy the statement coverage criterion then it is
considered to have low testability
67
Testing and Verification
➢ Program verification aims at proving the correctness
of programs by showing that it contains no errors.

➢ Verification aims at showing that a given program


works for all possible inputs that satisfy a set of
conditions and testing aims to show that the given
program is reliable i.e., it has no errors.

➢ Program verification and testing are considered as


complementary techniques

68
➢The person who verified a program might
have made a mistake in the verification
process there might be an incorrect
assumption on the input conditions, incorrect
assumptions on the components that
interface with the program and so on.

➢Thus neither verification nor testing is a


perfect technique for proving the correctness
of programs.

69
Static Testing
➢ Static testing is carried out without executing the
application under test. It is useful in discovery of
faults in the application, ambiguities and errors in
the requirements at a relatively low cost.
➢ This is carried out by an individual who did not write
the code or by a team of individuals.
➢ A sample process of static testing is illustrated in the
figure.
➢ The test team responsible for static testing has
access to requirements document, application, and
all associated documents such as design document
and user manual.
70
Static Testing
➢Team also has access to one or more static testing tools. A
static testing tool takes the application code as input and
generates a variety of data useful in the test process.

71
Walkthroughs
➢ Walkthroughs and inspections are an integral part of static
testing. Walkthrough is an informal process to review any
application-related document.
➢ Example: Requirements are reviewed using requirements
walkthrough, code is reviewed using code walkthrough (or)
peer code review. Walkthrough begins with a review plan
agreed upon by all members of the team.
➢ Review improves understanding of the application. Both
functional and non functional requirements are reviewed.
➢ A detailed report is generated that lists items of concern
regarding the requirements.

72
Inspections
• Inspection is a more formally defined process than a
walkthrough.
• Code inspection is carried out by a team. The team works
according to Inspection plan that consists of the following
elements.
➢ Statement of purpose
➢ Work product to be inspected, this includes code and
associated documents needed for inspection.
➢ Team formation, roles, and tasks to be performed
➢ Rate at which the inspection task is to be completed
➢ Data collection forms where the team will record its
findings such as defects discovered, coding standard
violations and time spent in each task.

73
Inspections
Members of inspection team are assigned roles of
➢Moderator: in charge of the process and leads the
review.
➢Leader: actual code is read by the reader, perhaps
with help of a code browser and with monitors for
all in the team to view the code.
➢Recorder: records any errors discovered or issues
to be looked into.
➢Author: actual developer of the code.

74
Use of static code analysis tools in
static testing
➢ Static code analysis tools can provide control flow and data
flow information.
➢ The control flow information presented in terms of a CFG
(Control Flow Graph), is helpful to the inspection team. This
information is valuable to the inspection team in
understanding the code as well as pointing out possible
defects.
➢ Two commercially available static code analysis tools are
Purify from IBM Rationale and Klockwork from Klockwork
➢ LAPSE (Light weight Analysis for Program Security in Eclipse)
is an open source tool for analysis of Java programs.

75
Software complexity and Static
testing
➢ Several parameters are considered in making
decision about which of the several modules should
be inspected first. One such parameter is module
complexity
➢ More complex module should be given with higher
priority during inspection because they may contain
more errors than less complex modules.
➢ Static analysis tools compute complexity metrics
using one or more metrics discussed already.

76
Examples
➢ Generalized pseudo code
• Pseudo code provides a “language neutral” way to
express logic.
• Program source code units can be interpreted
either as traditional components (procedures and
functions) or as object oriented components
(classes and objects.)
• Terms such as expression, variable list, and field
description are used with no formal definition

77
The Triangle Problem
• The triangle program is the most widely used
example in software testing literature.
✓ Problem Statement
• Simple version: The triangle program accepts three
integers, a, b, and c, as input. These are taken to be
sides of a triangle. The output of the program is the
type of triangle determined by the three sides:
Equilateral, Isosceles, Scalene, or Not a Triangle.

78
• Improved version: The triangle program accepts three integers a, b and c must
satisfy the following conditions:

• c1. 1 <= a <= 200 c4. a + b > c


• c2. 1 <= b <= 200 c5. a + c > b
• c3. 1 <= c <= 200 c6. b + c > a
• The output of the program is the type of triangle determined by the three sides:
Scalene, Isosceles, Equilateral or Not A Triangle. If an input value fails any of
conditions c1, c2 or c3, then program outputs message as, for example, “Value of
b is not in the range of permitted values”. If values of a, b, and c satisfy conditions
c1, c2, and c3, then one of four mutually exclusive outputs is given:
1. If no pair of sides is equal, the program output is Scalene.
2. If exactly one pair of sides is equal, the program output is Isosceles.
3. If all three sides are equal, the program output is Equilateral.
4. If any of conditions c4, c5 and c6 is not met, the program output is Not A Triangle.

79
✓ Discussion
• Triangle program contains clear but complex logic.
The specification insists developers to know some
details about triangles, its inequality i.e., sum of
two sides must be greater than the third side
(preconditions).

✓ Traditional Implementation (separate file)


✓ Flowchart for the Traditional Triangle Problem
Implementation
80
Structured Implementation

Figure: Dataflow diagram for a structured triangle


program Implementation

Triangle
Keyboard Program Screen

Triangle Sides Prompts and


Triangle Types

81
82
• Program Triangle2 ‘programming version of simpler specification
• Program Triangle3 ‘structured programming version of improved
specification

➢ NextDate Function
✓ Problem Statement
• NextDate is a function of three variables: month, date, and year. It returns the date of
the day after the input date. The month, date, and year variables have integer values
subject to these conditions

• c1. 1 ≤ month ≤ 12
• c2. 1 ≤ day ≤ 31
• c3. 1812 ≤ year ≤ 2021
• If any of conditions c1, c2, or c3 fails, NextDate produces an output indicating the
corresponding variable has an out-of-range value. For example, “Value of month not in
the range 1...12.” Because numerous invalid day, month, year combinations exist,
NextDate collapses these into one message: “Invalid Input Date”.

83
✓ Discussion
• Two sources of complexity in the NextDate function are the complexity of
the input domain and the rule that determines when a year is a leap year.
A year is 365.2422 days long; therefore leap years are used for the “extra
day” problem. If we declare a leap year every fourth year, a slight error
would occur.
• Century years are leap years only if they are multiples of 400. The years
1992, 1996 and 2000 are leap years, where 2000 is a century leap year and
the century year 1900 is not a leap year.

✓ NextDate Function Implementation

Program Nextdate1 // simple version

Program Nextdate2 //Improved version

84
➢ The Commission Problem
✓ Problem statement
• A rifle salesperson in the former Arizona Territory sold rifle
locks, stocks and barrels made by a gunsmith in Missouri,
Locks cost $45, stocks cost $30, and barrels cost $25.
• The salesperson has to sell at least one complete rifle per
month, and production limits were such that the most the
salesperson could sell in month was 70 locks, 80 stocks, and
90 barrels.
• After each town visit, the salesperson sent a telegram to the
Missouri gunsmith with the number of locks, stocks, and
barrels sold in that town.

85
• At the end of a month, the salesperson sent a very short
telegram showing –1 lock sold. The gunsmith then knew that
the sales for the month were complete and computed the
salespersons commission as follows “10% on sales up to (and
including) $1000, 15% on the next $800, and 20% on any
sales in excess of $1800”.
• The commission program produced a monthly sales report
that gave the total number of locks, stocks, and barrels sold
by the salespersons, total dollar sales, and finally, the
commission.

• Commission Problem

86
The SATM (Simple Automatic
Teller Machine) System
• The SATM system communicates with bank
customers via the 15 screens using a terminal with
features.

• SATM customers can select any of three transaction


types: deposits, withdrawals and balance inquiries.
This transaction can be done on two types of
accounts: checking and savings.

87
88
89
The Currency Converter
• The application converts U.S. dollars to any of the four
currencies: Brazilian reals, Canadian dollars, European Union
Euros and Japanese yen.

• Currency selection is governed by the radio buttons, which


are mutually exclusive. When a country is selected, the system
responds by completing the label. For example, “Equivalent
in…” becomes “Equivalent in Canadian dollars” if the Canada
button is clicked.

90
91
Saturn Windshield wiper
controller
• The windshield wiper on some Saturn automobiles is controlled by a lever
with a dial.
• The lever have four positions – OFF, INT (for intermittent), LOW and HIGH.
• The dial has three positions 1, 2 and 3.
• The dial position indicates three intermittent speeds, and the dial position
is relevant only when the lever is at INT position.
• The decision table below shows the windshield wiper speeds (wipes per
minute) for lever and dial position.
C1. Lever OFF INT INT INT LOW HIGH

C2. Dial n/a 1 2 3 n/a n/a

A1. Wiper 0 4 6 12 30 60

92

You might also like