Check your Skills on White Box Testing – through Descriptive Questions
(Set of 13 Questions)
(Answers to Objective Type Questions on White Box Testing – are available at the end of this article)
Q. 1: What are Test Coverage Analyzers?
Coverage analyzers are a class of test tools that offer automated support for this approach to testing management. With this tool, the tester runs a set of test cases on a program that has been instrumented by the coverage analyzer. The analyzer then uses the information produced by the instrumentation code to generate a coverage report. For example, in case of DD-path coverage, it identifies and labels all DD-paths in the original program. When the instrumented program is executed with test-cases, the analyzer tabulates the DD-paths traversed by each test case. So, a tester can experiment with different sets of test cases to determine the coverage of each set.
<<<<<< =================== >>>>>>
Q. 2: What is slice-based testing?
A program slice is a set of program statements that contribute to or affect a value for a variable at some point in the program. This is an informal definition.
Let us see now more formal definitions of a program slice.
“Given a program, P and a set of V of variables in P, a slice on the variable set V at statement n, written as S(V, n), is the set of all statements in P that contribute to the values of variables in V”.
It may be noted that listing elements in a slice S(V, n) will be cumbersome because the elements are the program statement fragments.
We can further refine the definition of a program slice.
“Given a program P and a program graph G(P) in which statements and statement fragments are numbered and a set V of variables in P, the slice on the variable set V at statement fragment n, written as S(V, n), is the set of node numbers of all statement fragments in P prior to n that contribute to the values of variables in V at statement fragment n.”
The basic idea is to separate a program into components (slices) that have some useful / functional meaning.
It may be noted that we have used the words “prior to” (in the 2nd definition) in the dynamic sense. Thus a slice, captures the execution time behavior of a program with respect to the variables in the slice. This develops a lattice or a directed, acyclic graph of slices in which nodes are slices and edges correspond to the subset relationship.
We have also used a word -“contribute’ which means that data declaration statements have an effect on the value of a variable. We simply exclude all non-executable statements.
We have five forms of usages
(a) P-use – used in a predicate (decision)
(b) C-use – used in computation.
(c) O-use – used for output.
(d) L-use – used for location (pointers, subscripts)
(e) 1-use – used for iterations (counters, loops)
We also identify two forms of definitions nodes
(a) I-clef : defined by input.
(b) A-clef : defined by assignment.
Now assume that the slice S(v, n) is a slice on one variable i.e., the set “V” consists of a single variable, “v”. If the statement fragment “n” is a defining node for “v”, then n is included in the slice. Also, if the statement fragment “n” is a usage node for “v”, then “n” is not included in the slice P-uses and C-uses of other variables i.e., not the “v” in the slice set “V”, are included to the extent that their execution affects the value of variable, v.
If the value of “v” is the same whether a statement fragment is included or excluded, then exclude the statement fragment.
Also, O-use, L-use and 1-use nodes are excluded from the slices as L-use and 1-use variables are typically invisible outside their modules.
<<<<<< =================== >>>>>>
Q. 3: What is slice splicing?
If we decide to develop a program in terms of compatible slices then we could code a slice and immediately test it. We can then code and test other slices and merge them into a fair solid program. This is known as slice splicing.
<<<<<< =================== >>>>>>
Q. 4: What are the different sources of knowledge for white-box testing?
The following are the knowledge sources for white-box or structural testing
(a) High-level design.
(b) Detailed design.
(c) Control flow graphs.
<<<<<< =================== >>>>>>
Q. 5: What is stress testing?
Stress testing is a testing technique used to determine if the system can function when subjected to large volumes of data. It includes areas like:
(a) Input transactions.
(b) Internal tables.
(c) Disk space
(d) Output
(e) Communications
(f) Computer capacity
(g) Interaction with users.
If the application functions properly with stressed data then it is assumed that it will function properly with normal volumes of work.
Objectives of Stress Testing: To simulate a production environment for determining that
(a) Normal or above normal volumes of transactions can be processed through the transaction within the available time frame.
(b) The system is able to process large volumes of data.
(c) Enough system capacity is available.
(d) Users can perform their assigned tasks.
<<<<<< =================== >>>>>>
Q. 6: How to use stress testing?
Online systems should be stress tested by allowing people to enter transactions of a normal or above normal pace.
Batch systems can be stress tested with large input batches. Please note that the error conditions should be included in tested transactions. Transactions that are used in stress testing can be obtained from Test data generators, test transactions created by test group or the transactions previously processed in the production environment.
In stress testing, the system should be run as it would in the production environment. Operators should use standard documentation and the people entering transactions or working with the system should be the clerical personnel that will use the system.
Examples of Stress Testing
1) Enter transactions that determine that sufficient disk space has been allocated to the application.
2) Overloading the communication network with transactions.
3) Testing system overflow conditions by entering more transactions that can be accommodated by tables, queues and internal storage facilities etc.
<<<<<< =================== >>>>>>
Q. 7: What is Execution testing?
Execution testing is used to determine whether the system can meet the specific performance criteria. It includes
(a) Verifying the optimum use of hardware and software.
(b) Determining the response time to online user requests.
(c) Determining transaction processing turnaround time.
Execution testing can be done in any phase of SDLC. It can evaluate a single aspect of the system like a critical routine in the system. We can use hardware and software monitors or creating quick and dirty programs to evaluate the approximate performance of a completed system. This testing may be executed onsite or offsite for the performance of the test. It may be noted that the earlier the technique is used, the higher is the assurance that the completed application will meet the performance criteria.
<<<<<< =================== >>>>>>
Q. 8: What is Recovery testing?
Recovery testing is used to ensure that operations can be continued even after a disaster. If not only verifies the recovery process but also the effectiveness of the component parts of that process. Objectives of recovery testing are:
(a) Document recovery procedures.
(b) Preserve adequate backup data.
(c) Training recovery personnel.
Examples of Recovery Testing
1) Inducing failures into one of the application system programs during processing.
2) Recovery could be conducted from a known point of integrity to ensure that the available backup data was adequate for the recovery process.
<<<<<< =================== >>>>>>
Q. 9: What is operations testing?
Operations testing is designed to determine whether the system is executable during normal system operations. It evaluates both the process and the execution of the process. During different phases of SDLC, it can be used as follows
Phase – 1: Requirements Phase: During this phase, operational requirements can be evaluated to determine the reasonableness and completeness of these requirements.
Phase – 2: Design Phase: During this phase, the operating procedures should be designed and thus can be evaluated.
Examples of Operations Testing
1) Verifying that the file labeling and protection procedures function properly.
2) Determining that OS supports features, perform the predetermined tasks.
<<<<<< =================== >>>>>>
Q. 10: What is security testing?
A testing used to identify defects that are very difficult to identify. It involves determining that adequate attention is devoted to identifying security risks, determining that sufficient expertise exists to perform adequate security testing.
Examples of Security testing
1) Determining that the resources being protected are identified.
2) Unauthorized access on online systems to ensure that the system can identify such accesses.
<<<<<< =================== >>>>>>
Q. 11: What is the difference between Formal Technical Review (FTR) & Management Review?
Broad points of differences among the two types of reviews are as under:
Formal Technical Review – FTR | Management Review | |
1 | It is done to examine the product. | It is done to evaluate a project plan. |
2 | Its purpose is to evaluate the software elements like requirements and design. | Its purpose is to ensure adequacy and completeness of all the planning documents for meeting project requirements. |
3 | It is done to ensure conformity to specifications. | It is done to ensure that project activities are progressing as well as per the planning documents. |
4 | The results of FTRs are given in technical review reports (TRR). | The results of the management reviews are summarized in a management review report (MRR). |
5 | It is done to ensure the integrity of changes to the software elements. | The purpose here is to ensure proper allocation of resources. |
<<<<<< =================== >>>>>>
Q. 12: What are the advantages of White Box Testing?
1) White box testing helps us to identify memory leaks. When we allocate memory using malloc( ) in C, we should explicitly release that memory also. If this is not done then over time, there would be no memory available for allocating memory on requests. This can be done using debuggers also that can tally allocated and freed memory.
2) Performance analysis: Code coverage tests can identify the areas of a code that are executed most frequently. Extra efforts can be then made to check these sections of code. To do further performance improvement techniques like caching, co-processing or even parallel processing can be considered.
3) Coverage tests with instrumented code is one of the best means of identifying any violations of such concurrency constraints through critical sections.
4) White box testing is useful in identifying bottlenecks in resource usage. For example, it particular resource like RAM or ROM or even network is perceived as a bottleneck then instrumented code can help identify where the bottlenecks are and point towards possible solutions.
5) White box testing can help identify security holes in dynamically generated code. For exam in case of Java, some intermediate code may also be generated. Testing this intermediate code requires code knowledge. White box testing only does this.
<<<<<< =================== >>>>>>
Q. 13: What are the practical difficulties in White Box Testing?
Few major challenges faced during white box testing are as under:
1) Difficult for Software Developer to pinpoint the defects in his Own Creations:
No one would like to point out errors from his own creations. So, does a developer. That is why a different test team is usually selected.
2) Even a completely tested code might not satisfy the real customer requirements:
Usually the developers do not have a full appreciation and favor to external customer’s requirements or the domain knowledge. This means that even after thorough verification and validation, common user scenarios may get left out. Hence there remains a great need to address all such scenarios.
<<<<<< =================== >>>>>>
Answers to Objective Type Questions on White Box Testing
Q. No. Correct Answer
1 B
2 B
3 A
4 B
5 A
6 A
7 B
8 B
9 C
10 A
Return to the Objective Type Questions Page
Many more Articles & Tutorials on White Box Testing
An expert on R&D, Online Training and Publishing. He is M.Tech. (Honours) and is a part of the STG team since inception.