iseb, istqb static testing
DESCRIPTION
Iseb, ISTQB Static Testing Foundation Level Software Testing Lecture Notes, Static Testing www.onsoftwaretest.comTRANSCRIPT
![Page 1: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/1.jpg)
Static Testing
1 Principles 2 Lifecycle
4 Dynamic testtechniques
3 Static testing
5 Management 6 Tools
Software Testing
ISEB Foundation Certificate Course
![Page 2: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/2.jpg)
Contents
Reviews and the test process
Types of review
Static analysis
![Page 3: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/3.jpg)
People techniques
individual:desk-checking, data-stepping, proof-reading
group:Reviews (informal & formal): for consensusWalkthrough: for education Inspection (most formal): to find faults
Static techniques do not execute codeStatic techniques do not execute code
![Page 4: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/4.jpg)
Benefits of reviews
Development productivity improvement Reduced development timescales Reduced testing time and cost Lifetime cost reductions Reduced fault levels Improved customer relations etc.
![Page 5: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/5.jpg)
Reviews are cost-effective
10 times reduction in faults reaching test, testing cost reduced by 50% to 80%Freedman & Weinberg, Handbook of
Walkthroughs, Inspections & Technical Reviews reduce faults by a factor of 10
Yourdon, Structured Walkthroughs
![Page 6: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/6.jpg)
25% reduction in schedules, remove 80% - 95% of faults at each stage, 28 times reduction in maintenance cost, many othersGilb & Graham, Software Inspection
![Page 7: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/7.jpg)
What can be Inspected?Anything written downcan be Inspected
policy, strategy, business plans, marketing or advertising material, contracts
system requirements, feasibility studies, acceptance test plans
test plans, test designs, test cases, test results
![Page 8: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/8.jpg)
system designs, logical & physical software code user manuals, procedures, training material
![Page 9: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/9.jpg)
What can be reviewed?
anything which could be Inspected i.e. anything written down
plans, visions, “big picture”, strategic directions, ideas
project progresswork completed to schedule, etc.
“Should we develop this” marketing options
![Page 10: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/10.jpg)
What to review / Inspect?
Tests
Tests
Tests
Tests
Requirements
Design
Code
Functions
Integration T
Unit Test
Accept. Test
System Test
![Page 11: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/11.jpg)
Costs of reviews
Rough guide: 5%-15% of development efforthalf day a week is 10%
Effort required for reviewsplanning (by leader / moderator)preparation / self-study checkingmeeting fixing / editing / follow-uprecording & analysis of statistics / metricsprocess improvement (should!)
![Page 12: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/12.jpg)
Contents
Reviews and the test process
Types of review
Static analysis
ISEB Foundation Certificate Course
Static testing
1 2
4 5
3
6
![Page 13: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/13.jpg)
Types of review of documentsInformal Review
undocumented widely viewed as useful and cheap (but no one can
prove it!) A helpful first step for chaotic organisations.
Technical Review: (or peer review)
includes peer and technical experts, no management participation. Normally documented, fault-finding. Can be rather subjective.
![Page 14: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/14.jpg)
Decision-making Review: group discusses document and makes a decision about
the content, e.g. how something should be done, go or no-go decision, or technical comments
![Page 15: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/15.jpg)
Types of review of documentsWalkthrough
author guides the group through a document and his or her thought processes, so all understand the same thing, consensus on changes to make
Inspection: formal individual and group checking, using sources
and standards, according to generic and specific rules and checklists, using entry and exit criteria, Leader must be trained & certified, metrics required
![Page 16: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/16.jpg)
Reviews in general 1
Objectives / goalsvalidation & verification against specifications &
standardsachieve consensus (excluding Inspection)process improvement (ideal, included in
Inspection)
![Page 17: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/17.jpg)
Reviews in general 2
Activitiesplanningoverview / kickoff meeting (Inspection)preparation / individual checking review meeting (not always) follow-up (for some types)metrics recording & analysis (Inspections and
sometimes reviews)
![Page 18: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/18.jpg)
Reviews in general 3
Roles and responsibilitiesLeader / moderator - plans the review / Inspection,
chooses participants, helps & encourages, conducts the meeting, performs follow-up, manages metrics
Author of the document being reviewed / Inspected
![Page 19: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/19.jpg)
Reviewers / Inspectors - specialised fault-finding roles for Inspection
Managers - excluded from some types of review, need to plan project time for review / Inspection
Others: e.g. Inspection/ review Co-ordinator
![Page 20: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/20.jpg)
Reviews in general 4
DeliverablesChanges (edits) in review productChange requests for source documents (predecessor
documents to product being reviewed / Inspected)Process improvement suggestions
to the review / Inspection process to the development process which produced the product just
reviewed / Inspected
Metrics (Inspection and some types of review)
![Page 21: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/21.jpg)
Reviews in general 5
Pitfalls (they don’t always work!) lack of training in the technique (especially
Inspection, the most formal) lack of or quality of documentation - what is being
reviewed / Inspected
![Page 22: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/22.jpg)
Lack of management support - “lip service” - want them done, but don’t allow time for them to happen in project schedules
Failure to improve processes (gets disheartening just getting better at finding the same thing over again)
![Page 23: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/23.jpg)
Inspection is different
• the document to be reviewed is given out in advance
• typically dozens of pages to review
• instructions are "please review this"
• not just product, sources
• chunk or sample
• training, roles
![Page 24: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/24.jpg)
Inspection is different
• some people have time to look through it and make comments before the meeting (which is difficult to arrange)
• the meeting often lasts for hours
entry criteria to meeting, may not be worth holding
2 max., often much shorter
![Page 25: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/25.jpg)
Inspection is different
• "I don't like this"
• much discussion, some about technical approaches, some about trivia
• don't really know if it was worthwhile, but we keep doing it
Rule violations, objective, not subjective
• no discussion, highly focused, anti-trivia
only do it if value is proven (continually)
![Page 26: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/26.jpg)
Inspection is more and better
entry criteria training optimum checking rate prioritising the words standards
process improvement exit criteria quantified estimates of
remaining major faults per page
typical review
early Inspection
mature Inspection
effectiveness return on investment
10 - 20% unknown
30 - 40% 6 - 8 hrs / Insp hr
80 - 95% 8 - 30 hrs / Insp hr
![Page 27: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/27.jpg)
The Inspection ProcessSoftware
DevelopmentStage
.
.
Planning
Kickoff
IndChk Meet Edit
ChangeRequest
Process Improvement
Entry
Next SoftwareDevelopment
Stage
Exit
![Page 28: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/28.jpg)
At first glance..
Here’s a document: review this (or Inspect it)
![Page 29: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/29.jpg)
Reviews: time and size determine rate
Time
CheckingRate
Size
2 hrs?
100 pages?
50 pages per hour
CheckingRate
![Page 30: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/30.jpg)
Review “Thoroughness?”
ordinary “review” - finds some faults, one major, fix them,consider the document now corrected and OK
majorminor
minor
![Page 31: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/31.jpg)
Inspection: time and rate determine size
Time
CheckingRate
Size
2 hrs?
Optimum:1 page* per hour
2 pages (at optimum rate)
Size
* 1 page = 300 important words
![Page 32: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/32.jpg)
Inspection Thoroughness
Inspection can find deep-seated faults: • all of that type can be corrected• but needs optimum checking rate
![Page 33: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/33.jpg)
Inspection surprises
Fundamental importance of Rulesdemocratically agreed as applyingdefine major issues / faults
Slow checking rates Strict entry & exit criteria Fast logging rates Amount of responsibility given to author
![Page 34: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/34.jpg)
Contents
Reviews and the test process
Types of review
Static analysis
![Page 35: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/35.jpg)
What can static analysis do? Remember: static techniques do not executethe code
A form of automated testingcheck for violations of standardscheck for things which may be a fault
![Page 36: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/36.jpg)
Descended from compiler technologya compiler statically analyses code, and “knows” a
lot about it, e.g. variable usage; finds syntax faultsstatic analysis tools extend this knowledgecan find unreachable code, undeclared variables,
parameter type mis-matches, uncalled functions & procedures, array bound violations, etc.
![Page 37: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/37.jpg)
Data flow analysis
This is the study of program variablesvariable defined* where a value is stored into itvariable used where the stored value is accessedvariable is undefined before it is defined or when it
goes out of scope
*defined should not be confused with declared
x = y + z
IF a > b THEN read(S)
x is defined, y and z are used
a and b are used, S is defined
![Page 38: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/38.jpg)
Data flow analysis faults
n := 0
read (x)
n := 1
while x > y do
begin
read (y)
write( n*y)
x := x - n
end
Data flow anomaly: n isre-defined without being used
Data flow fault: y is usedbefore it has been defined(first time around the loop)
![Page 39: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/39.jpg)
Control flow analysis
Highlights:nodes not accessible from start node infinite loopsmultiple entry to loopswhether code is well structured, i.e. reduciblewhether code conforms to a flowchart grammarany jumps to undefined labelsany labels not jumped tocyclomatic complexity and other metrics
![Page 40: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/40.jpg)
Unreachable code example
Macro definitions (different for different platforms the code runs on)
Buffsize: 1000
Mailboxmax: 1000
IF Buffsize < Mailboxmax THEN
Error-ExitENDIF
![Page 41: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/41.jpg)
Static Analysis finds the THEN clause unreachable, so will flag a fault
![Page 42: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/42.jpg)
Cyclomatic complexity
cyclomatic complexity is a measure of the complexity of a flow graph(and therefore the code that the flow graph
represents) the more complex the flow graph, the greater
the measure it can most easily be calculated as:
complexity = number of decisions + 1
![Page 43: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/43.jpg)
Which flow graph is most complex?1
2 3 5
What is the cyclomatic complexity?
![Page 44: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/44.jpg)
Example control flow graphResult = 0
Right = 0
DO WHILE more Questions
IF Answer = Correct THEN
Right = Right + 1
ENDIF
END DO
Result = (Right / Questions)
IF Result > 60% THEN
Print "pass"
ELSE
Print "fail”
ENDIF
do
if r=r+1
end
init
if
res
pass
fail
end
Pseudo-code:
![Page 45: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/45.jpg)
Other static metrics
lines of code (LOC) operands & operators (Halstead’s metrics) fan-in & fan-out nesting levels function calls OO metrics: inheritance tree depth, number of
methods, coupling & cohesion
![Page 46: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/46.jpg)
Limitations and advantages
Limitations:cannot distinguish "fail-safe" code from programming
faults or anomalies (often creates overload of spurious error messages)
does not execute the code, so not related to operating conditions
Advantages:can find faults difficult to "see"gives objective quality assessment of code
![Page 47: Iseb, ISTQB Static Testing](https://reader036.vdocuments.us/reader036/viewer/2022081720/554f583fb4c905524c8b5310/html5/thumbnails/47.jpg)
Summary: Key Points
Reviews help to find faults in development and test documentation, and should be applied early
Types of review: informal, walkthrough, technical / peer review, Inspection
Static analysis can find faults and give information about code without executing it