Add to collection(s) Add to saved
  1. No category

Grey Box testing

advertisement 
Grey Box testing
Tor Stålhane
What is Grey Box testing
Grey Box testing is testing done with limited
knowledge of the internal of the system.
Grey Box testers have access to detailed design
documents with information beyond
requirements documents.
Grey Box tests are generated based on
information such as state-based models or
architecture diagrams of the target system.
State based testing
The tests are derived from a state model of the
system. We can derive the state model in several
way, e.g. from
• Expected system behavior
• State part of a UML design or requirements
specification.
• Other state diagrams
Most system will, however, have a large number of
states
Binder’s state control faults – 1
Binder has make a list of common state –related
problems in software systems. This list may be
used as an input to
• State based testing
• State machine or code inspection
Binder’s state control faults – 2
• Missing or incorrect
– Transitions – new state is legal but incorrect
– Events – valid message ignored
• Extra, missing or corrupt state – unpredictable
behavior
• Sneak path – message accepted when it
should not be accepted
• Illegal message failure – unexpected message
causes a failure
• Trap door – system accepts undefined
message.
State test criteria
We can choose one or more of the following test
selection criteria:
• All states – testing passes through all states
• All events – testing forces all events to occur
at least once
• All actions – testing forces all actions to be
produced at least once
State test strategies
All round-trip paths
• All transition sequences beginning and ending
in the same state
• All simple paths from initial to final state
This strategy will help you to find
• All invalid or missing states
• Some extra states
• All event an action faults
Round-trip path tree – 1
A round-trip path tree
• Is built form a state transition diagram
• Includes all round-trip paths
– Transition sequences beginning and ending in the
same state
– Simple paths for initial to final state. If a loop is
present, we use only one iteration
• Is used to
– Check conformance to explicit behavioral models
– Find sneak paths
Round-trip path tree – 2
A test strategy based on round-trip path trees
will reveal:
• All state control faults
• All sneak paths – messages are accepted when
they should not
• Many corrupt states - unpredictable behavior
Challenge for round-trip path testing
In order to test a system based on state
transitions via triggers, predicates (guards)
and activities, we need to be able to observe
and register these entities.
Thus, we may need to include “points of
observations” in the code that gives us access
to the necessary information.
Round-trip tree – small example
a
a
A
a[p1] / w
B
b[p2] / u
a[p1] / w
A
C
B
C
A
b[p2] / u
W
A
W
B
A
W
Transitions
Each transition in a state diagram has the form
trigger-signature [guard] / activity. All parts are
optional
• trigger-signature: usually a single event that
triggers a potential change of state.
• guard: a Boolean condition that must be true
for the transition to take place.
• activity: an action that is performed during
the transition.
Test description – 1
Each test completes one branch of the roundtrip tree – from a to W. The necessary
transitions describes the test case.
a
The table on the next slide
shows the test case for
a -> A -> C -> A
A
B
C
A
W
B
A
A
W
Test description – 2
ID
1
2
3
Start
state
a
A
C
Event
Condition
Reaction
constructor
a
b
p1
p2
w
u
a
a[p1] / w
A
B
C
A
b[p2] / u
A
W
B
A
W
New
state
A
C
A
Sneak path test cases
A sneak path – message accepted when it
should not be accepted – can occur if
• There is an unspecified transition
• The transition occur even if the guard
predicate is false
Sneak path test description
ID
Event
Condition
Reaction
1
Start
state
a
constructor
-
2
A
c
p1
3
A
a
p1 - false
Error
message
Error
message
a
a[p1] / w
A
B
C
A
b[p2] / u
A
W
B
A
W
New
state
A
A
A
State diagram for a sensor - 1
w
C
E
D
B
a
A
State diagram for a sensor - 2
w
E
a
A
D
C
B
Sensor round-trip path tree
a
A
[sensor alarm] / sound alarm
[no sensor alarm] / test
E
B
[false alarm] / test
[test fails] / replace
D
[alarm OK / request reset]
[test OK]
E
w
[test fails] / replace
/ test
D
E
/ test
E
C
[test OK]
w
[ACK] / reset
w
Acknowledgement
Most of the previous presentation is based on a
slide set from the University of Ottawa,
Canada
Mutation testing
Tor Stålhane
Type 1 mutation testing – 1
Type 1 mutation testing is done as follows:
1. Write a chunk of code
2. Write a set of tests
3. Test and correct until the test suite runs
without errors
4. Change a random part of the code – e.g. a
“+” to a “-”. This is called a code mutant. We
will only consider mutants that compiles
without error messages
5. Run the test suite again
Type 1 mutation testing – 2
6. If the tests suite
– runs without errors, then we need to extend the
test suite until we discover the defect.
– diagnoses the defect then got back to step 4 to
create a new mutant.
The test process stops when all of X new
mutants are discovered by the current test
suite.
Type 2 mutation testing
Type 2 mutation testing – also called “fuzzing” –
has many ideas in common with random
testing. The main difference is that:
• Random testing generate random tests from
scratch.
• Type 2 mutation testing starts with an input
that works OK and then change part of it in a
random way.
Software functions are not continuous
When we discuss mutation testing, it is
important to remember that a function
implemented in software is not continuous.
E.g. x = 2.00 and x = 1.99 can give dramatically
different results.
A small changes in input can thus have a large
effect on the output.
Type 2 mutation testing example – 1
SUT – a system for computing F(x) – takes an
input consisting of
• F – a three character string identifying a
probability distribution function.
• A real number x. The allowed value range will
depend on F, e.g. if F = “ exp”, then x must be
a positive number, while if F “nor” then x may
be any number.
Type 2 mutation testing example – 2
We can perform type 2 mutation testing as follows:
1. Run a test with input <“exp”, 3>
2. Check that the result is correct
3. Make a mutant by drawing a random integer value
1 (F) or 2 (x).
–
–
If we draw a 1, generate a random integer n from 0 to 10 – string size – and
generate a random string of length n
If we draw a 2, generate a random real value x
4. Compute F(x)
5. Check the result – especially any error messages
6. If we are satisfied then stop, otherwise repeat from
step 3
Related documents
6-3-GreyBoxtesting
6-3-GreyBoxtesting
Name: TOPIC 6: DNA and its processes Please use the Council
Name: TOPIC 6: DNA and its processes Please use the Council
Bio 130 – Quiz April 4
Bio 130 – Quiz April 4
GENETIC MUTATIONS
GENETIC MUTATIONS
Development of a Diagnostic Test for Mutations in NPM1 Exon 12 in
Development of a Diagnostic Test for Mutations in NPM1 Exon 12 in
核基因外遗传物质的结构与功能-浙江大学管敏鑫教授
核基因外遗传物质的结构与功能-浙江大学管敏鑫教授
mutations
mutations
2/8
2/8
Midterm 1 Answers 1. Mutation at S9 to alanine would cause GSK3
Midterm 1 Answers 1. Mutation at S9 to alanine would cause GSK3
Genetics for the Dermatological Practice
Genetics for the Dermatological Practice
Fin Econ Slides 1 - University of Illinois at Urbana
Fin Econ Slides 1 - University of Illinois at Urbana
WELCOME TO Mutation Analysis Facility seminars Monday
WELCOME TO Mutation Analysis Facility seminars Monday
Lecture 5
Lecture 5
ppt
ppt
Spotlight your Support with Anderson Theatre Spirit Wear! (a great
Spotlight your Support with Anderson Theatre Spirit Wear! (a great
Do plants evolve differently?
Do plants evolve differently?
IPEAGLE - Dualtech
IPEAGLE - Dualtech
Read, Write Inc Red Words-Set 1
Read, Write Inc Red Words-Set 1
Slide 1
Slide 1
Mutation
Mutation
Presentation - Alliance for Risk Assessment
Presentation - Alliance for Risk Assessment
An Evaluation of Mutation and Data-flow Testing: A Meta
An Evaluation of Mutation and Data-flow Testing: A Meta
Download
advertisement