ICST 2010 Industry Tutorial: An Newcomer's Guide to Software Testing
advertisement
Software Testing:
A Newcomer’s Guide
Paul Ammann
Software Engineering Group
George Mason University
Presented at ICST
April 2, 2009
Denver, Colorado
Slides Co-Produced with Jeff Offutt
Here! Test This!
Testing
Testing
Testing
two
a Now?
decade
decades
ago
ago
stack ofconglomeration
computer
printouts—and
documentation
AA
complex
A disk – and
no
– only
documentation
low no
level
documentation
Software Testing: A Newcomer’s Guide
© 2009
2
A Talk in 4 Parts
1. Why do we test ?
Costs and Attitudes
2. What should we do during testing ?
Test Activities
Software Testing Terms
Evolving Notion of Coverage Criteria
3. How do we get to this future of testing ?
Beizer’s Maturity Levels
4. Background for ICST sessions
We are in the middle of a revolution in how software is tested
Research is finally meeting practice
Software Testing: A Newcomer’s Guide
© 2009
3
Part 1 : Why Test?
If you don’t know why you’re conducting
a test, it won’t be very helpful
Written test objectives are rare or useless
– “The software shall be easily maintainable”
– What fact is each test trying to verify?
Requirements definition teams should include testers!
– Ensures testing can satisfy test objectives
– Provides rationale for tests
How much testing is enough?
Software Testing: A Newcomer’s Guide
© 2009
4
Cost of Testing
You’re going to spend at least half of
your development budget on testing,
whether you want to or not
In the real-world, testing is the principle post-design activity
Restricting early testing usually increases cost
Extensive hardware-software integration requires more testing
Software Testing: A Newcomer’s Guide
© 2009
5
Cost of Not Testing
Program Managers often say:
“Testing is too expensive.”
Not testing is even more expensive
Planning for testing after development is prohibitively
expensive
Hardware developers spend huge amounts on testing …
Software test tools aren’t that expensive. Many are free!!!
Software Testing: A Newcomer’s Guide
© 2009
6
Caveat: Impact of New Tools and
Techniques
They’re teaching a new way
of plowing over at the Grange
tonight - you going?
Naw - I already
don’t plow as good
as I know how...
Good Techniques and Tools are Not Enough:
Practitioners Need to Adopt Them Too!
Software Testing: A Newcomer’s Guide
© 2009
7
Part 2 : What ?
But … What should we do ?
1. Types of test activities
2. Software testing terms
3. Changing notions of testing
– test coverage criteria
– criteria based on structures
Software Testing: A Newcomer’s Guide
© 2009
8
Testing in the 21st Century
We are going through a time of change
Software Defines Behavior
–
–
–
–
Testing ideas have
matured enough to
be used in practice
Embedded Control Applications
–
–
–
–
–
network routers
financial networks
telephone switching networks
other infrastructure
airplanes, air traffic control
spaceships
watches
ovens
remote controllers
– PDAs
– memory seats
– DVD players
– garage door openers
– cell phones
Safety critical, real-time software
Web apps must be highly reliable
And of course … security is now all about software faults !
Software Testing: A Newcomer’s Guide
© 2009
9
Test Activities
Testing can be broken up into four general types of activities
1. Test Design
1.a) Criteria-based
2. Test Automation
1.b) Human-based
3. Test Execution
4. Test Evaluation
Each type of activity requires different skills, background
knowledge, education and training
No reasonable software development organization uses the same
people for requirements, design, implementation, integration
and configuration control
Why do test organizations still use the same people
for all four test activities??
This is clearly a waste of resources
Software Testing: A Newcomer’s Guide
© 2009
10
1. Test Design – (a) Criteria-Based
Design test values to satisfy coverage criteria
or other engineering goal
This is the most technical job in software testing
Requires knowledge of :
– Discrete math
– Programming
– Testing
Requires much of a traditional CS degree
This is intellectually stimulating, rewarding, and challenging
Test design is analogous to software architecture on the
development side
Using people who are not qualified to design tests is a sure way to
get ineffective tests
Software Testing: A Newcomer’s Guide
© 2009
11
1. Test Design – (b) Human-Based
Design test values based on domain knowledge of
the program and human knowledge of testing
This is much harder than it may seem to developers
Criteria-based approaches can be blind to special situations
Requires knowledge of :
– Domain, testing, and user interfaces
Requires almost no traditional CS
– A background in the domain of the software is essential
– An empirical background is very helpful (biology, psychology, …)
– A logic background is very helpful (law, philosophy, math, …)
This is intellectually stimulating, rewarding, and challenging
– But not to typical CS majors – they want to solve problems and build
things
Software Testing: A Newcomer’s Guide
© 2009
12
2. Test Automation
Embed test values into executable scripts
This is slightly less technical
Requires knowledge of programming
– Fairly straightforward programming – small pieces and simple algorithms
Requires very little theory
Very boring for test designers
Programming is out of reach for many domain experts
Who is responsible for determining and embedding the expected
outputs ?
– Test designers may not always know the expected outputs
– Test evaluators need to get involved early to help with this
Software Testing: A Newcomer’s Guide
© 2009
13
3. Test Execution
Run tests on the software and record the results
This is easy – and trivial if the tests are well automated
Requires basic computer skills
– Interns
– Employees with no technical background
Asking qualified test designers to execute tests is a sure way to
convince them to look for a development job
If, for example, GUI tests are not well automated, this requires a
lot of manual labor
Test executors have to be very careful and meticulous with
bookkeeping
Software Testing: A Newcomer’s Guide
© 2009
14
4. Test Evaluation
Evaluate results of testing, report to developers
This is much harder than it may seem
Requires knowledge of :
– Domain
– Testing
– User interfaces and psychology
Usually requires almost no traditional CS
– A background in the domain of the software is essential
– An empirical background is very helpful (biology, psychology, …)
– A logic background is very helpful (law, philosophy, math, …)
This is intellectually stimulating, rewarding, and challenging
– But not to typical CS majors – they want to solve problems and build
things
Software Testing: A Newcomer’s Guide
© 2009
15
Other Activities
Test management : Sets policy, organizes team, interfaces with
development, chooses criteria, decides how much automation is
needed, …
Test maintenance : Tests must be saved for reuse as software
evolves
– Requires cooperation of test designers and automators
– Deciding when to trim the test suite is partly policy and partly technical –
and in general, very hard !
– Tests should be put in configuration control
Test documentation : All parties participate
– Each test must document “why” – criterion and test requirement satisfied
or a rationale for human-designed tests
– Traceability throughout the process must be ensured
– Documentation must be kept in the automated tests
Software Testing: A Newcomer’s Guide
© 2009
16
Approximate Number of Personnel
A mature test organization may need only one test designer to
work with several test automaters, executors and evaluators
Improved automation will reduce the number of test executors
– Theoretically to zero … but not in practice
Putting the wrong people on the wrong tasks leads to
inefficiency, low job satisfaction and low job performance
– A qualified test designer will be bored with other tasks and look for a job
in development
– A qualified test evaluator will not understand the benefits of test criteria
Test evaluators have the domain knowledge, so they must be free
to add tests that “blind” engineering processes will not think of
Software Testing: A Newcomer’s Guide
© 2009
17
Types of Test Activities – Summary
1a. Design
Criteria
1b. Design
Human
2.
Design test values to satisfy engineering goals
Requires knowledge of discrete math, programming and testing
Design test values from domain knowledge and intuition
Requires knowledge of domain, UI, testing
Automation Embed test values into executable scripts
Requires knowledge of scripting
3.
Execution
Run tests on the software and record the results
Requires very little knowledge
4.
Evaluation
Evaluate results of testing, report to developers
Requires domain knowledge
These four general test activities are quite different
It is a poor use of resources to use people inappropriately
Most test teams use the same people for ALL FOUR activities !!
Software Testing: A Newcomer’s Guide
© 2009
18
Applying Test Activities
To use our people effectively
and to test efficiently
we need a process that
lets test designers
raise their level of abstraction
Software Testing: A Newcomer’s Guide
© 2009
19
Model-Driven Test Design
model /
structure
refined
requirements /
test specs
test
requirements
DESIGN
ABSTRACTION
LEVEL
software
artifact
IMPLEMENTATION
ABSTRACTION
LEVEL
pass /
fail
Software Testing: A Newcomer’s Guide
test
results
input
values
test
scripts
© 2009
test
cases
20
Model-Driven Test Design – Steps
model /
structure
refine
refined
test
requirements /
requirements
test specs
criterion
DESIGN
ABSTRACTION
LEVEL
analysis
software
artifact
generate
IMPLEMENTATION
ABSTRACTION
LEVEL
input
values
execute
evaluate
automate
pass /
test
test
test
fail
results
scripts
cases
Software Testing: A Newcomer’s Guide
© 2009
prefix
postfix
expected
21
Model-Driven Test Design – Activities
model /
structure
refined
requirements /
test specs
test
requirements
Test Design
software
artifact
DESIGN
ABSTRACTION
LEVEL
IMPLEMENTATION
Raising our abstraction level makes
ABSTRACTION
test design MUCH easier
LEVEL
pass /
fail
Test
Evaluation
Software Testing: A Newcomer’s Guide
test
results
test
scripts
input
values
test
cases
Test
Execution
© 2009
22
Software Testing Terms
Like any field, software testing comes with a large number of
specialized terms that have particular meanings in this context
Some of the following terms are standardized, some are used
consistently throughout the literature and the industry, but some
vary by author, topic, or test organization
The definitions here are intended to be the most commonly used
Software Testing: A Newcomer’s Guide
© 2009
23
Important Terms
Validation & Verification (IEEE)
Validation : The process of evaluating software at the end of
software development to ensure compliance with intended
usage
Verification : The process of determining whether the products
of a given phase of the software development process fulfill the
requirements established during the previous phase
IV&V stands for “independent verification and validation”
Software Testing: A Newcomer’s Guide
© 2009
24
Test Engineer & Test Managers
Test Engineer : An IT professional who is in charge of one or
more technical test activities
–
–
–
–
–
designing test inputs
producing test values
running test scripts
analyzing results
reporting results to developers and managers
Test Manager : In charge of one or more test engineers
– sets test policies and processes
– interacts with other managers on the project
– otherwise helps the engineers do their work
Software Testing: A Newcomer’s Guide
© 2009
25
Test Engineer Activities
Test
Manager
design
Test
instantiate
Executable
Designs
Tests
Test
Engineer
Test
Engineer
P
Software Testing: A Newcomer’s Guide
Computer
execute
Output
© 2009
Evaluate
26
Static and Dynamic Testing
Static Testing : Testing without executing the program
– This include software inspections and many forms of analysis
– Very effective at finding certain kinds of problems – especially “potential” faults,
that is, mistakes that may only be visible after the program evolves
– Example faults identifiable with static analysis:
• Overriding equals(), but not hashCode()
• Implementing clone() by calling a constructor
• Using “foreign” data prior to scrubbing
– Hypertext inputs
– Parts of SQL queries
– Array indices
Dynamic Testing : Testing by executing the program with real
inputs
– Mostly what this talk is about
Software Testing: A Newcomer’s Guide
© 2009
27
Software Faults, Errors & Failures
Software Fault : A static defect in the software
Software Error : An incorrect internal state that is the
manifestation of some fault
Software Failure : External, incorrect behavior with respect to
the requirements or other description of the expected behavior
Faults in software are design mistakes and will always exist
Software Testing: A Newcomer’s Guide
© 2009
28
Testing & Debugging
Testing : Finding inputs that cause the software to fail
– The principle topic of this lecture
Debugging : The process of finding a fault given a failure
– Fault localization is a huge issue
– Some faults have failures that are hard to reproduce
– Often desirable to recast a problem report as a “short” test case that also
reveals the failure
• General principle: Faults usually have “short” revealing test cases
• These test cases are excellent candidates for regression tests
Software Testing: A Newcomer’s Guide
© 2009
29
Fault & Failure Model
Three conditions necessary for a failure to be observed
1. Reachability : The location or locations in the program that
contain the fault must be reached
2. Infection : The state of the program must be incorrect
3. Propagation : The infected state must propagate to cause some
output of the program to be incorrect
Software Testing: A Newcomer’s Guide
© 2009
30
Test Case
Test Case Values : The values that directly satisfy one test
requirement
Expected Results : The result that will be produced when
executing the test if the program satisfies it intended behavior
Software Testing: A Newcomer’s Guide
© 2009
31
Observability and Controllability
Software Observability : How easy it is to observe the behavior
of a program in terms of its outputs, effects on the environment
and other hardware and software components
– Software that affects hardware devices, databases, or remote files have low
observability
Software Controllability : How easy it is to provide a program
with the needed inputs, in terms of values, operations, and
behaviors
– Easy to control software with inputs from keyboards
– Inputs from hardware sensors or distributed software is harder
– Data abstraction reduces controllability and observability
Software Testing: A Newcomer’s Guide
© 2009
32
Inputs to Affect Controllability and
Observability
Prefix Values : Any inputs necessary to put the software into
the appropriate state to receive the test case values
Postfix Values : Any inputs that need to be sent to the software
after the test case values
Two types of postfix values
1. Verification Values : Values necessary to see the results of the test case values
2. Exit Commands : Values needed to terminate the program or otherwise return it
to a stable state
Executable Test Script : A test case that is prepared in a form
to be executed automatically on the test software and produce
a report
–
Example: Junit tests
Software Testing: A Newcomer’s Guide
© 2009
33
Top-Down and Bottom-Up Testing
Top-Down Testing : Test the main procedure, then go down
through procedures it calls, and so on
Bottom-Up Testing : Test the leaves in the tree (procedures that
make no calls), and move up to the root.
– Each procedure is not tested until all of its children have been tested
Software Testing: A Newcomer’s Guide
© 2009
34
White-box and Black-box Testing
Black-box testing : Deriving tests from external descriptions of
the software, including specifications, requirements, and design
White-box testing : Deriving tests from the source code internals
of the software, specifically including branches, individual
conditions, and statements
This view is really out of date.
The more general question is: from what level of abstraction
to we derive tests?
Software Testing: A Newcomer’s Guide
© 2009
35
Evolving Notion of Coverage Criteria
Old view of testing is of testing at specific
software development phases
– Unit, module, integration, system …
New view is in terms of structures and criteria
– Graphs, logical expressions, syntax, input space
Software Testing: A Newcomer’s Guide
© 2009
36
Traditional : Testing at Different Levels
Acceptance testing: Is
the software acceptable
to the user?
System testing: Test the
overall functionality of
the system
Integration testing:
Test how modules
interact with each
other
Module testing: Test
each class, file, module
or component
Unit testing: Test each
unit (method)
individually
main Class P
Class A
Class B
method mA1()
method mB1()
method mA2()
method mB2()
Software Testing: A Newcomer’s Guide
© 2009
37
Beizer’s Insight : Find a Graph and Cover It
Tailored to:
–
–
a particular software artifact
• code, design, specifications
a particular phase of the lifecycle
• requirements, specification, design, implementation
But graphs do not characterize all testing techniques well
Four abstract models seem to suffice …
Software Testing: A Newcomer’s Guide
© 2009
38
New : Test Coverage Criteria
A tester’s job is simple : Define a model of the
software, then find ways
to cover it
Test
Requirements : Specific things that must be satisfied or
covered during testing
Test
Criterion : A collection of rules and a process that define
test requirements
Testing researchers have defined dozens of criteria, but they
are all really just a few criteria on four types of structures …
Software Testing: A Newcomer’s Guide
© 2009
39
New : Criteria Based on Structures
Structures : Four ways to model software
1. Graphs
2. Logical Expressions
3. Input Domain
Characterization
4. Syntactic Structures
Software Testing: A Newcomer’s Guide
(not X or not Y) and A and B
A: {0, 1, >1}
B: {600, 700, 800}
C: {swe, cs, isa, infs}
if (x > y)
z = x - y;
else
z = 2 * x;
© 2009
40
1. Graph Coverage – Structural
2
1
6
5
7
Node
Edge
(Branch)
Path(Statement)
Cover
Cover
every
edge
Coverevery
everynode
path
3
This graph may represent
• statements & branches
•••12567
12567
12567
•••1343567
1343567
1257
4
• methods & calls
•• 1357
13567
• components & signals
• 1357
• states and transitions
• 1343567
Software Testing: A Newcomer’s Guide
© 2009
• 134357 …
41
1. Graph Coverage – Data Flow
def = {m}
def = {a , m}
use = {y}
2
def = {x, y}
6
use = {x}
use = {a}
1
5
use = {x} def = {a}
use = {a}
use = {m}
7
Defs
& Uses Pairs
All
AllDefs
Uses
•Every
(x, 1, (1,2)),
(x, 1,once
(1,3))
def
used
Every def “reaches” every
3
• (y,
use1, 4), (y, 1, 6)
• 1, 2, 5, 6, 7
This graph contains:
• defs: nodes & edges where
variables get values
• uses: nodes & edges where
values are accessed
Software Testing: A Newcomer’s Guide
4
• (a, 2, (5,6)), (a, 2, (5,7)), (a,
• 1,2,2,5,5,76, 7
3,• 1,
(5,6)), (a, 3, (5,7)),
def = {m}
•1,1,3,
2,4,
5,3,(m,
7 5,4,7 7), (m, 6, 7)
••(m,
2,
7),
use = {y}
• 1, 3, 5, 6, 7
• 1, 3, 5, 7
• 1, 3, 4, 3, 5,7
© 2009
42
1. Graph - FSM Example
Memory Seats in a Lexus ES 300
Guard (safety constraint)
Trigger (input)
[Ignition = off] | Button2
Driver 2
Configuration
Driver 1
Configuration
[Ignition = off] | Button1
[Ignition = on] | seatBack ()
(to Modified)
Ignition = off
New
Configuration
Driver 2
[Ignition = on] | seatBottom ()
[Ignition = on] | lumbar ()
[Ignition = on] | sideMirrors ()
Ignition = off
[Ignition = on] | Reset AND Button2
New
Configuration
Driver 1
Modified
Configuration
[Ignition = on] | Reset AND Button1
Software Testing: A Newcomer’s Guide
© 2009
43
2. Logical Expressions
( (a > b) or G ) and (x < y)
Transitions
Logical
Program Decision Statements
Expressions
Software Specifications
Software Testing: A Newcomer’s Guide
© 2009
44
2. Logical Expressions
( (a > b) or G ) and (x < y)
Predicate Coverage : Each predicate must be true and false
– ( (a>b) or G ) and (x < y) = True, False
Clause Coverage : Each clause must be true and false
– (a > b) = True, False
– G = True, False
– (x < y) = True, False
Combinatorial Coverage : Various combinations of clauses
– Active Clause Coverage: Each clause must determine the predicate’s result
Software Testing: A Newcomer’s Guide
© 2009
45
2. Logic – Active Clause Coverage or
Multiple Condition/Decision Coverage (MCDC)
( (a > b) or G ) and (x < y)
With these values
for G and (x<y),
(a>b) determines
the value of the
predicate
Software Testing: A Newcomer’s Guide
1
T
F
T
2
F
F
T
3
F
T
T
4
F
F
T
5
T
T
T
6
T
T
F
© 2009
duplicate
46
2: Logic
Disjunctive Normal Form (DNF) Coverage
Consider the DNF predicate: f = ab + cd
For implicant ab
– For a, choose UTP, NFP pair
• TTFF, FTFF
– For b, choose UTP, NFP pair
• TTFT, TFFT
For implicant cd
– For c, choose UTP, NFP pair
• FFTT, FFFT
– For d, choose UTP, NFP pair
• FFTT, FFTF
Possible CUTPNFP test set
– {TTFF, TTFT, FFTT
//UTPs
FTFF, TFFT, FFFT, FFTF} //NFPs
ab
cd
00
01
11
00
t
01
t
11
10
t
t
t
t
10
t
3. Input Domain Characterization
Describe the input domain of the software
– Identify inputs, parameters, or other categorization
– Partition each input into finite sets of representative values
– Choose combinations of values
System level
– Number of students
– Level of course
– Major
{ 0, 1, >1 }
{ 600, 700, 800 }
{ swe, cs, isa, infs }
Unit level
– Parameters
F (int X, int Y)
– Possible values
X: { <0, 0, 1, 2, >2 }, Y : { 10, 20, 30 }
– Tests
• F (-5, 10), F (0, 20), F (1, 30), F (2, 10), F (5, 20)
Software Testing: A Newcomer’s Guide
© 2009
48
4. Syntactic Structures
Based on a grammar, or other syntactic definition
Primary example is mutation testing
1.
2.
3.
4.
Induce small changes to the program: mutants
Find tests that cause the mutant programs to fail: killing mutants
Failure is defined as different output from the original program
Check the output of useful tests on the original program
Example program and mutants
if (x > y)
z = x - y;
else
z = 2 * x;
Software Testing: A Newcomer’s Guide
if (x > y)
if (x >= y)
z = x - y;
z = x + y;
z = x – m;
else
z = 2 * x;
© 2009
Relational Operator
Replacement
Arithmetic Operator
Replacement
Scalar Variable
Replacement
49
Source of Structures
These structures can be extracted from lots of software artifacts
– Graphs can be extracted from UML use cases, finite state machines,
source code, …
– Logical expressions can be extracted from decisions in program source,
guards on transitions, conditionals in use cases, …
Model-based testing derives tests from a model that describes
some aspects of the system under test
– The model usually describes part of the behavior
– The source is usually not considered a model
Software Testing: A Newcomer’s Guide
© 2009
50
Coverage Overview
Four Structures for
Modeling Software
Graphs
Logic
Input Space
Syntax
Applied to
Applied
to
Source
Specs
Source
Applied
to
FSMs
DNF
Source
Specs
Design
Software Testing: A Newcomer’s Guide
Models
Integ
Use cases
© 2009
Input
51
Coverage
Given a set of test requirements TR for coverage criterion
C, a test set T satisfies C coverage if and only if for every
test requirement tr in TR, there is at least one test t in T
such that t satisfies tr
Infeasible test requirements : test requirements that cannot be
satisfied
– No test case values exist that meet the test requirements
– Dead code
– Detection of infeasible test requirements is formally undecidable for most test
criteria
Thus, 100% coverage is impossible in practice
Software Testing: A Newcomer’s Guide
© 2009
52
Two Ways to Use Test Criteria
1. Directly generate test values to satisfy the criterion often
assumed by the research community most obvious way to use
criteria very hard without automated tools
2. Generate test values externally and measure against the
criterion usually favored by industry
–
–
sometimes misleading
if tests do not reach 100% coverage, what does that mean?
Test criteria are sometimes called metrics
Software Testing: A Newcomer’s Guide
© 2009
53
Generators and Recognizers
Generator : A procedure that automatically generates values to
satisfy a criterion
Recognizer : A procedure that decides whether a given set of
test values satisfies a criterion
Both problems are provably undecidable for most criteria
It is possible to recognize whether test cases satisfy a criterion
far more often than it is possible to generate tests that satisfy the
criterion
Coverage analysis tools are quite plentiful
Software Testing: A Newcomer’s Guide
© 2009
54
Comparing Criteria with Subsumption
Criteria Subsumption : A test criterion C1 subsumes C2 if and
only if every set of test cases that satisfies criterion C1 also
satisfies C2
Must be true for every set of test cases
Example : If a test set has covered every branch in a program
(satisfied the branch criterion), then the test set is guaranteed to
also have covered every statement
Software Testing: A Newcomer’s Guide
© 2009
55
Test Coverage Criteria
Traditional software testing is expensive and labor-intensive
Formal coverage criteria are used to decide which test inputs to
use
More likely that the tester will find problems
Greater assurance that the software is of high quality and
reliability
A goal or stopping rule for testing
Criteria makes testing more efficient and effective
But how do we start to apply these ideas in practice?
Software Testing: A Newcomer’s Guide
© 2009
56
Part 3 : How ?
Now we know why and what …
How do we get there ?
Software Testing: A Newcomer’s Guide
© 2009
57
Beizer’s Maturity Levels
Level 0 : There’s no difference between testing and debugging
Level 1 : The purpose of testing is to show correctness
Level 2 : The purpose of testing is to show that the software
doesn’t work
Level 3 : The purpose of testing is not to prove anything specific,
but to reduce the risk of using the software
Level 4 : Testing is a mental discipline that helps all IT
professionals develop higher quality software
Software Testing: A Newcomer’s Guide
© 2009
58
Level 0 Thinking
Testing is the same as debugging
Does not distinguish between incorrect behavior and mistakes in
the program
Does not help develop software that is reliable or safe
This is what we teach undergraduate CS majors
Software Testing: A Newcomer’s Guide
© 2009
59
Level 1 Thinking
Purpose is to show correctness
Correctness is impossible to achieve
What do we know if no failures?
– Good software or bad tests?
Test engineers have no:
–
–
–
–
Strict goal
Real stopping rule
Formal test technique
Test managers are powerless
This is what hardware engineers often expect
Software Testing: A Newcomer’s Guide
© 2009
60
Level 2 Thinking
Purpose is to show failures
Looking for failures is a negative activity
Puts testers and developers into an adversarial relationship
What if there are no failures?
This describes most software companies.
How can we move to a team approach ??
Software Testing: A Newcomer’s Guide
© 2009
61
Level 3 Thinking
Testing can only show the presence of failures
Whenever we use software, we incur some risk
Risk may be small and consequences unimportant
Risk may be great and the consequences catastrophic
Testers and developers work together to reduce risk
This describes a few “enlightened” software companies
Software Testing: A Newcomer’s Guide
© 2009
62
Level 4 Thinking
A mental discipline that increases quality
Testing is only one way to increase quality
Test engineers can become technical leaders of the project
Primary responsibility to measure and improve software quality
Their expertise should help the developers
This is the way “traditional” engineering works
Software Testing: A Newcomer’s Guide
© 2009
63
Summary
More testing saves money
– Planning for testing saves lots of money
Testing is no longer an “art form”
– Engineers have a tool box of test criteria
When testers become engineers, the product gets better
– The developers get better
Software Testing: A Newcomer’s Guide
© 2009
64
Open Questions
Which criteria work best on embedded, highly reliable software?
– Which software structure to use?
How can we best automate this testing with robust tools?
–
–
–
–
–
Deriving the software structure
Constructing the test requirements
Creating values from test requirements
Creating full test scripts
Solution to the “mapping problem”
Empirical validation
Technology transition
Application to new domains
Software Testing: A Newcomer’s Guide
© 2009
65
Summary of Today’s New Ideas
Why do we test – to reduce the risk of using the software
Four types of test activities – test design, automation, execution
and evaluation
Software terms – faults, failures, the RIP model, observability
and controllability
Four structures – test requirements and criteria
Test process maturity levels – level 4 is a mental discipline that
improves the quality of the software
Earlier and better testing can empower the test
manager
Software Testing: A Newcomer’s Guide
© 2009
66
Part 4: Testing Topics by ICST Section
ICST has 16 Sessions with Papers: 13 Research and 3 Industry
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
R1: GUI Testing
R2: Model Checking
R3: Embedded and Real-Time Testing
R4: QA and Test Management
R5: Model-Based Testing
R6: Static Analysis
R7: Security Testing
R8: Empirical Studies
R9: Test Case Generation
R10: Web Testing
R11: Aspects and Faults
R12: Mutation and Non Functional Testing
R13: Assertions and Failure States
I3: Real World Testing
I2: Test Management
I3: Automation
Following slides briefly overview foundations for each Session
– Tall Order!
– I’ll be brief…
Software Testing: A Newcomer’s Guide
© 2009
67
Section R1: GUI Testing
Basic Issues
– Many systems have only a GUI interface
– Problems may exist in GUI, or in underlying application
– Structural Tests
• Legal event sequences / hiding of uninteresting events
– Model Based Tests
• Operational / Behavioral / Graph models
Research Foci
– Case studies on industrial software
– Reuse and scalability are huge issues
• Particularly in the presence of maintenance
– Crash testing
Software Testing: A Newcomer’s Guide
© 2009
68
Section R2: Model Checking
Basic Issues
–
–
–
–
Define a labeled state space with transitions: A state machine
Check (temporal) properties over paths in that state space
Bonus: Counterexamples
Standard Problem: Scalability
Research Foci
– Show two descriptions consistent (or identical)
– Test case generation
• Interpreting counterexamples as test cases
• Using model checker as test generation engine
– Model checking “real” code
• Direct application to programs (eg JavaPathFinder)
Software Testing: A Newcomer’s Guide
© 2009
69
Section R3: Embedded and Real-Time Testing
Basic Issues
– Embedded software has a huge observability problem
• How do you know the exact state of the SUT?
– Testing timeliness constraints as well as functional correctness
Research Foci
– Abstract models for SUT
– Notions such as Partial Observability
– Passive Testing
• Non interference of test harness with observations
– Test specification frameworks for specific domains
• TTCN-3
Software Testing: A Newcomer’s Guide
© 2009
70
Section R4: QA and Test Management
Basic Issues
– Scale: How to manage very large artifacts
– Comprehensiveness: How to encompass heterogeneous analyses?
Research Foci
– In vivo testing of deployed applications
• Contrast with testing in a lab
• No “clean slate”
– Flexible frameworks to manage analysis
– Dealing with large test suites
• Substantial test set up time required
• Contention for test resource between different test tasks
Software Testing: A Newcomer’s Guide
© 2009
71
Section R5: Model-Based Testing
Basic Issues
– Test cases are derived from a model of the SUT
– Modeling addresses many engineering concerns
– Very active research area
Research Foci
– Testing real-time systems – when to best schedule a test?
– Testing from UML
• Sequence and state machine models
– Exploring the link between formal modeling and model-based testing
Software Testing: A Newcomer’s Guide
© 2009
72
Section R6: Static Analysis
Basic Issues
– Analyze code without execution
– Widely used for identifying vulnerabilities and other flaws
Research Foci
– Empirical analysis of effectiveness of static analysis tools
• Fault detection
• Refactoring
– Symbolic analysis
• Safety analysis for critical software
– Actionable static analysis alerts
• Distinguishing false positives from true positives
Software Testing: A Newcomer’s Guide
© 2009
73
Section R7: Security Testing
Basic Issues
– Testing intended security functions
• Very similar to testing any other type of function
– Testing for unintended behavior
• Much harder – focus is on what system does not do
Research Foci
– Adapting functional tests to also test intended security functions
• “Separation of concerns” implementations
– Predicting which components are attack targets
• Early identification of problem components
• Issue of false positives vs. true positives
– Very high level models
• Seasonal variations in vulnerability discovery
Software Testing: A Newcomer’s Guide
© 2009
74
Section R8: Empirical Studies
Basic Issue
– Empirical studies are crucial foundations for software engineering
• Only so much you can do with theorems
Research Foci
– Studying automating software testing in large organizations
• What are the factors that lead to success?
– Studying capture/recapture models
• Effect of number of natural faults
– Studying redundancy in test cases
• Basis for reducing test sets such as regression sets
Software Testing: A Newcomer’s Guide
© 2009
75
Section R9: Test Case Generation
Basic Issues
– Old, but very important problem
– We need tools that can automatically generate good test data!
Research Foci
– Generating feasible paths in finite state machines
• Hard problem whether a given transition is, in fact, feasible
– Generating test inputs to follow paths
• Key factors
– Constraint solving
– Path explosion
– Relation of paths to other coverage goals
– Test inputs to satisfy complex predicates
• Efficient algorithms
Software Testing: A Newcomer’s Guide
© 2009
76
Section R10: Web Testing
Basic Issues
– Web testing is large, complex issue
– Reliability requirements are very high
• Customers simply click away from unreliable web applications
Research Foci
– Testing tools for web services
• Data driven test generation
– Taking advantage of user session data
• Identifying key relationships by observing actual behavior
– Penetration testing
• By definition, every web application is a potential target
• Key: Find vulnerabilities in web applications before the bad guys
Software Testing: A Newcomer’s Guide
© 2009
77
Section R11: Aspects and Faults
Basic Issues
– Very disparate session
• Logic faults, fault localization, and aspect-oriented programming!
Research Foci
– Minimizing the size of fault-detecting test sets (logic testing)
• Analyzing infeasible test requirements
• Making sure every test has a reason for being in the set
– Tracing failed test cases back to faults
• Probabilistic distributions of faults
– Aspect-Oriented programming
• Using test cases to drive pointcut descriptors
Software Testing: A Newcomer’s Guide
© 2009
78
Section R12: Mutation and Non Functional
Testing
Basic Issues
– Mutation testing is a powerful approach to testing
• Goal is a test set sensitive enough to detect all mutants
• Mutants used as source for seeded faults
– Testing nonfunctional properties such as response time and security
Research Foci
– Mutation testing for logic expressions
• New mutation operators with much more powerful mutants
– Revived research interest in Higher-Order Mutants (HOMs)
– Mutation testing of database applications
• Goal: Test databases “rich” enough to detect query faults
– Testing component-based distributed systems
• Widespread applications demand effective approaches
Software Testing: A Newcomer’s Guide
© 2009
79
Section R13: Assertions and Failure States
Basic Issues
– Assertions are statements that must be true at given points in execution
• Extremely powerful approach to fault detection
– Failure states are program states after something bad happens.
Research Foci
– Extracting tests from runtime failures
• Automatically turning any failure (in operation) into a test
• Huge potential practical impact
• Clearly, overhead needs to be low
– Assertion-based test validation
• When software is modified, which assertions need to be checked?
– Metamorphic testing
• Solving the “oracle” problem by relating multiple program “runs”
• Experience with implementing this approach via assertions
Software Testing: A Newcomer’s Guide
© 2009
80
Section I1: Real World Testing
Basic Issue
– Testability:
• The degree to which components are easy to test
– Components can be designed to be easier to test
• The efficiency of the test process
Research Foci
– Why testability is hard in practice
• Organizational factors
• Technical Factors
Software Testing: A Newcomer’s Guide
© 2009
81
Section I2: Test Management
Basic Issues
– How to plan for test phase of a project
– How to optimize test resources
Research Foci
– Estimating test effort based on use cases
• Case study with comparison to other approaches
– Estimating test effort for functional test cases
• Case study
– Regression set selection
• Which tests need to be rerun
• Evaluation on large industrial system
Software Testing: A Newcomer’s Guide
© 2009
82
Section I3: Automation
Basic Issues
– Test generation
– Code for multi-core processors
– Specialized languages
Research Foci
– Test generation to satisfy coverage criteria
• Application to safety critical system
– How to test code optimized for multi-core?
• Testing multi-threaded is much harder than single-threaded!
– Developing high level languages for specific domains
• High level test approaches are a necessary complement
Software Testing: A Newcomer’s Guide
© 2009
83
