Software Quality Engineering - - PDF document

• ✁

CISC 323: Intro to Software Engineering

Software Quality

What Does Quality Mean?

• Operational meanings:

– Software does what is wanted and expected – On budget and on schedule – Users are happy – Level of bugginess is tolerable – Changes are not too expensive – Software is cost-effective in use and supports

• rganizational mandate

Definitions of Quality

• OED: the standard of something when compared to other

things like it (a wine of excellent quality); of high quality, general excellence

• Crosby: zero defects
• ISO: The totality of features and characteristics of a product
• r service that bear on its ability to satisfy specified or implied

needs.

• Juran: Fitness for Purpose
• DoD: The degree to which the attributes of the software

enable it to perform its intended end use.

• ✁

Quality is Relative

• Rolls Royce: quality when cost is no object
• Ford Taurus: quality tradeoffs when cost

is a factor

• Mini: minimum acceptable quality when

cost is the dominant factor.

• Costs include initial cost, cost of operation, and

cost of repairs.

• ✁

Quality -- General

• is multidimensional (all aspects of a car)
• is subject to constraints (e.g. cars must fit on

roads)

• is about acceptable compromises (e.g. poorer

ride for lower cost)

• criteria are not independent (e.g. fuel use vs.

vehicle weight)

• is not absolute (all levels of cars have quality)

• ✁

Characteristics of Software

• not physical
• needs are usually uncertain
• needs change
• platforms change (CPUs, OS, network)
• high expectations, especially of adaptability

• ✁

Changing Approaches to Software Quality

• increasing use of metrics
• increasing emphasis on process, components

and intermediate products, as opposed to the end product

• software crisis persists, but progress is being

made

• ✁

Dimensions of Quality

• A Partial List:

– Timeliness – Functionality – Cost – Correctness – Reliability – Maintainability

• ✁

Quality - Software

• is multidimensional (portability, usability, functionality)
• is subject to constraints (regulations, rules,

resources)

• is about acceptable compromises (e.g. less

functionality / lower cost)

• criteria are not independent (e.g. efficiency vs

maintainability)

• is not absolute (different levels of quality are

acceptable for different software types

• ✁

How can the Dimensions of Quality be assured?

• by establishing and enforcing a process
• process must include measurement
• by making sure everyone understands the qualities

that must be embedded in the product

• by keeping focused on the relevant qualities

throughout the development lifecycle

• by determining “up front” how to achieve each

quality

• verification and validation

• ✁

Cost of Quality

• prevention
• ✁

• appraisal

• failure - internal

• failure - external

• ✁

Views of Quality (not software specific)

• Transcendental: “eureka!”, “the ideal”
• User: fitness for purpose
• Manufacturing: conformance to spec
• Product: characteristics of the product
• Value-based: willingness to pay

• ✁

User View

• can be highly personalized
• typical user views:

– reliability – performance – usability

• ✂

ISO 9126

source: http://www.cse.dcu.ie/essiscope/sm2/9126ref.html

• ✂

Manufacturing View

• avoid rework and associated costs
• often leads to process focus (ISO 9001-3)
• process does not guarantee good products;
• nly guarantees uniformity of output

• ✂

Product View

• measure internal characteristics?

– Measurements chosen depend on type of product (e.g. code, design, …) – may not ensure quality of external characteristics

• measure external characteristics?

– Corresponds to user/manufacturer views – measurements chosen depend on product (e.g. OS, spreadsheet, …)

• ✂

Value-based view

• helps to decide trade-offs during

development

– cost vs. reliability – cost vs. functionality

• cost to consumer is affected by scale

– high volume products have a higher perceived value

• value is defined by

– potential savings/productivity enhancements – profit opportunities

• ✂

Problems with Qualities

• qualities are at odds with one another

– always a compromise

• difficulty in trying to measure qualities e.g.,

accuracy, usability

• what does quality really mean?

• ✁

Proposed solution 1: Focus on Product

• most dimensions of quality are measured

after the fact

• need to identify actions that can embed

needed qualities in the products, up front

• implementation quality model: identify what

the programmer can do to ensure quality

– link these actions to high level qualities

Proposed Solution 1 (cont’d)

• requirements quality model: all requirement

statements must be measurable

• design quality model: define qualities for

design, identify characteristics of design that would embed those qualities

• ✂

Proposed solution 2: Focus on Process

• integrate quality decisions into the design

process, e.g.:

– by using quality checklists during inspection, design – by determining testing criteria up front – by following a documented design process

Qualities Discernable at Runtime

• performance
• security
• availablity
• functionality
• usability

Qualities Not Discernable at Runtime

• modifiability
• portability
• reusability
• testability

– ease with which software can be made to demonstrate its faults through execution based testing – related to architectural documentation, separation

• f concern, information hiding, incremental

development

• ✁

• ✒

• ✒

Business Qualities

• time to market
• cost
• projected lifetime of system
• targeted market
• integration with existing legacy systems

• ✂

• ✒

• ✒

What's Ahead

Remainder of material about quality focuses on two topics related to software quality:

– Testing: finding defects by executing software and examining results (and then fixing the defects) – Inspection: a formal way of analyzing software and other documents

• ✂

• ✒

• ✒

What is Software Inspection?

• Formal process to statically analyze a

software product and record metrics related to that product.

• Differs from informal "walk-throughs" or

"reviews":

– formal process – products inspected at greater level of detail – metrics

• ✂

• ✒

• ✒

IEEE Definition

"...a formal evaluation technique in which software requirements, design, or code are examined in detail by a person or group other than the author to detect faults, violations of development standards, and other problems..."

• ✒

• ✒

History

• Traditional meaning of inspection:

– Inspecting the product of a manufacturing process – Physical product, evaluate by looking, manipulating – Often put through rigorous tests, keep metrics

• Michael Fagan at IBM:

– used similar processes to inspect software (code) – landmark paper in 1976 – often called "Fagan Inspections" – Inspection process has been extended & refined since, ongoing research

• ✒

• ✒

What Gets Inspected?

• Inspection process initially used to inspect software

(code)

• Extended to include all documents:

• Above includes diagrams, prose, pseudo-code, etc.
• Some other industries have adopted Inspection for

design documents, drawings, etc.

• ✓

• Inspection Versus Testing (1)
• AT&T classifies inspection as a form of testing
• In CISC 323, we use the term "testing" to

mean dynamic testing: executing software to find faults

• inspection does not replace dynamic testing
• software process should include both

inspection and testing

• ✁

• ✓

• Inspection Versus Testing (2)
• difficult to inspect for qualities such as

performance, timing, load

• inspection can be applied earlier than testing
• inspection can be applied to any software

product, not just code

• ✓

• Defects vs. Faults
• Inspection finds defects: problems in

software

• Testing finds faults: incorrect behavior
• When you find a fault by testing:

– must debug to trace the fault to a defect in the code

• Often more cost-effective to find defaults via

Inspection

• ✂

• ✓

• Analysis Tools
• static analysis tools can find some types of

defects

– compilers find undeclared variables, syntax errors – other static analysis tools may check for:

• ✁

• should inspect for things tools can’t find

• ✁

• ✓

• Inspection Metrics
• to be classified as “inspection”, metrics must be kept
• record:

• may also record

• ✁

• ✓

• Use of Metrics
• Data collected can tell you:

• Data can be used to:

• ✂

• ✓

• Inspection Process

from Software Inspection, Tom Gilb & Dorothy Graham

• ✂

• ✓

• People Involved in Inspection
• Inspection is a team process: ideally 2-6 people
• Inspection Leader:

• checkers (inspectors)

• ✂

• ✓

• Entry
• entry criteria set up for products to be inspected
• a lot of controversy about when to inspect code

• if entry criteria not met, product not inspected

• inspections are expensive

• author offers up product for inspection
• leaders decides if it's ready -- quick examination

• ✂

• ✓

• Kickoff
• initial meeting for all participants
• organized by leader
• familiarize everyone involved with task at hand
• define everyone’s roles
• hand out materials needed
• deal with general questions
• set goals
• discuss overall plan, timetable
• long documents divided into "chunks": separate

inspection & logging for each chunk

• ✁

Individual Checking (1)

• each checker works alone using documents handed
• ut in kick-off meeting
• aims to find maximum number of unique major

potential defects

• mainly by looking for discrepancies between source

documents and products being inspected, i.e.:

• ✂

Individual Checking (2)

• usually uses a checklist
• kickoff meeting suggests amount of time to spend:

• checker records actual time taken
• keeps notes of issues found

• "issue" = matter requiring attention

• ✓

Logging Meeting (1)

• 3 purposes:

– log issues identified by each checker – work as group to find more issues – suggestions for process improvement (inspection process and overall software process)

• controlled by moderator (usually the leader)

– must be very skilled in handling people and issues – maintain time discipline and issue discipline

• no evaluation of issues

– just log issues, like brainstorming

• ✁

Logging Meeting (2)

• must not last more than 2 hours
• not for explaining, defending, suggesting fixes, or

training

• identify issues, then log them
• issues can be questions to product author and

suggestions for improvements

• NOT an attack or evaluation of product author
• management personnel should NOT be in attendance

• ✁

Edit

• log of issues given to author to resolve
• author can

– classify or reclassify issues (which are really defects) – voluntarily improve product as per issues raised – request rules or checklist be changed

• ✁

Follow-up

• inspection leader makes sure satisfactory

closure has taken place on all issues

– actions to correct all defects (change or change request) – suggestions for process changes reported

• if major changes, product may need to be

inspected again

• ✁

Exit

• need exit criteria
• need closure on all issues in writing
• record metrics for inspection process (for

process improvement)

• product now considered “safe” to pass on to

next phase in software development

The V-model

Requirem ents Cost of running inspections is about 10-15% of cost of development budget. Inspection Architecture Inspection Design Inspection Code Inspection Unit Test Integration Test System Test

• ✂

Costs of Inspection

• Inspection takes time
• Typically 10-15% of development budget
• Also start-up costs:

– establishing procedures – training leaders, inspectors

• Is it worth it?

• ✂

Benefits of Inspection (1)

• Defects found early save time and money
• many defects found before testing

– testing is much quicker

• total development time is reduced

– even when counting time for inspection

• inspections increase productivity

• ✁

Benefits of Inspection (2)

• Defects found early result in better product
• inspection results in

– cleaner design – better documentation – better code – fewer defects – defects that remain will be easier to fix when found

• ✂

Benefits of Inspection (3)

• feedback for mangement about software

process:

– inspector's comments plus metrics

• defects found earlier means fewer deadline

surprises

• inspection trains inspectors:

– learn from good code and documentation of

• thers

– learn from mistakes of others

• ✓

Success Stories (1)

• IBM Federal Systems Division

– kept metrics for similar projects before and after introducing Inspection into development process – delivered lines of code per work-month:

• ✁

• ✑✒

• ✁

Success Stories (2)

• ICL (in U.K.):

– 57.7% of defects found by Inspection – cost of finding defect by Inspection: 1.58 work hours – cost of finding without Inspection: 8.47 work hours – only 6% of development time devoted to Inspection

• ✂

Success Stories (3)

• Large IBM project:

– 500,000 lines of code (networked operating system) – based on past experience without inspection, expected to find about 800 bugs during tests at trial site – used inspection at 11 stages of devopment – found 8 bugs at trial site!

• ✁

Software Inspection Research (1)

• Research into inspection

– inspection process – techniques for individual inspectors

• ✁

Software Inspection Research (2)

• research at Lucent Technologies (University
• f Maryland)

– experiment where they varied

– one of the conclusions

Software Inspection Research (3)

• new techniques to help guide inspectors in

their work

– scenario-based reading

• ✂

Checklists

• common guidance used for inspections
• good checklists are hard to make up

– rely on past experience – can get too long and unwieldy – need to be updated as new situations arise – inspectors have a tendency to follow the checklist and do no more – can be misinterpreted – may not cover everything necessary to the right level of detail

• ✁

Approach for Checklists

• (general approach for inspections as well)
• determine what qualities are important for the

software system

• determine what software design/code characteristics

contribute to those qualities

• determine what you want the inspectors to look for

• checklist used for Assignment 4 is based on McCall's

Quality Model

McCall's Quality Model

• ✁

Testing

• Now we move to the subject of testing
• Recall that software process should include

both testing and inspection

• Inspecting documents & code before testing

results in fewer defects for testing to find – speeds up testing

• A bit of informal testing before code

inspection might save time – get rid of

• bvious bugs quickly

Testing is Hard!

• hits budget and schedule limits
• may include heavy debugging

– may even include product (re-)development

• bugs slip through to customers

– user executes untested code – order in which statements are executed in actual use differ from that in testing – user applies combination of untested input values – user’s operating environment is never tested

• ✒

Skills of a Tester (1)

• Not all testers are developers
• ✁✄✂

• ✁✄✂

• testers who are developers must have
• ✟

• ✟

• ✟

• ✟

• ✎

• ✁

Skills of a Tester (2)

• More skills employers look for:

– software engineering skills

– communication skills – organizational skills – hands-on experience

• ✁

Attitude For Testers

• destructive creativity
• detective skills
• understanding the product as the sum of its parts
• appreciating the customer’s perspective
• requirements change
• skeptical but not hostile attitude
• ability to be the bearer of bad news and remain objective
• an eagerness to embrace new technologies

• ✂

Definitions of Testing (1)

• Myers, Glenford J., The Art of Software

Testing, Wiley, 1979

– “The Process of executing a program with the intent of finding errors”

• Hetzel, Bill, A Complete Guide to Software

Testing, QED Information Sciences Inc., 1988

– "Testing is any activity aimed at evaluating an attribute or capability of a program or system and determining that it meets its required results."

• ✂

Definitions of Testing (2)

• IEEE Standard 610.12-1990

– “The process of operating a system or component under specified conditions, observing or recording the results, and making an evaluation of some aspect of the system or component”

• IEEE Standard 829-1983

– “The process of analyzing a software item to detect the differences between existing and required conditions (that is , bugs) and to evaluate the features of the software items”

• ✂

Purposes of Testing

• To find bugs - including bugs in the tests!
• To estimate reliability in use by tracking the

execution time interval between failures

• To estimate defects remaining by tracking the defects

found per person-hour of testing and debugging time

• To decide on when to release: e.g. by deciding that

the remaining known defects are acceptable in the target market

• To learn where process problems are by classifying

and counting defects found

• ✂

What Testing Can't Do

• Testing can't guarantee code is correct
• You can't try every possible combination of

inputs, every environment

• Rigorous testing increases confidence that

software runs correctly, or that few bugs remain

• For some critical software, formal

mathematical methods used to "prove" correctness – but that's another topic for

• ther courses

• ✂

Stages of Testing (1)

• Requirements and Design testing

– when requirements and design are written in special languages which permit "execution" to simulate actual system

• User Interface testing

– Often done at prototyping stage

• Unit/Module Testing
• Component/subsystem Testing

Stages of Testing (2)

• Integration Testing

– Incremental Testing

• the

usual version

• f

integration testing.

• Daily builds and Sanity testing
• System Testing

– Performance and Load/Stress Testing – Usability Testing, but this is a late stage to be doing it!

• ✓

Stages of Testing (3)

• Alpha and Beta Testing

– alpha = testing full system in-house – beta = outside users

• Acceptance Testing
• Installation/Compatibility Testing
• Platform/Configuration/Port testing

• ✒

Stages of Testing (4)

• Integrity and Release testing
• ✁✄✂

• Reliability/Certification Testing

• Security/Fault Tolerance/Recovery testing
• Regression Testing

Black Box Testing

• pick test cases based on requirements only
• don't use knowledge of implementation
• view code as a black box: insides not visible
• can be used at any stage:

– unit, subsystem, system testing

Black-Box Testing Strategies

• look at specifications for inputs
• test normal use:

– sampling of "normal" inputs (random values)

• test abnormal use:

– different kinds of erroneous/illegal input – combinations of errors

• test boundary conditions:

– values close to boundary between normal and abnormal

• ✂

Example

/** * Raises a number to an integral power. * * @param base the number to be raised to a power * @param pow the power to which base is to be raised. * Must not be negative. * @return base raised to the pow-th power */ static double power(double base, int pow) {

• error inputs: negative values for pow
• boundary cases: pow = 0, pow = 1, pow = -1
• normal cases:

– pow >= 2, range of values – base: negative, 0, positive – combinations of these

• ✂

Possibilities For Automation

• Ideal: tool to generate set of test cases and

expected results from specifications

• Reality: needs very precise, mathematical

specifications, usually not available

• So usually generate test cases & expected

results by hand

• Automated execution is still possible

• ✂

Test Harness

• Takes set of test inputs & expected results
• Runs program on each test input, compares

results with expected

• Reports any discrepancies
• Complicated to write for GUIs, embedded

systems, but often possible

• Takes lots of drudgery out of testing
• Makes testers willing to run and re-run large

test suites

• ✂

White Box Testing

• Pick test cases based on the actual software
• also called "clear box" or "structural" testing
• key word is coverage:

– do the test cases cover all of the code?

• different measures of coverage

Statement Coverage

• Every statement in the software must be

executed at least once by the test cases

• Quote from text (Murray):

– "Testing less than this for new software is unconscionable and should be criminalized"

• NASA story

• ✁

Branch Coverage

• Every branch alternative must be covered by

at least one test case

• More demanding than statement coverage:

if (x > 3) y = 14; // continue -- no else part

• We need at least one test case where x > 3 is

and at least one where x > 3 is false.

• ✓

Path Coverage

• Every possible path through the program must be

covered by at least one test case

void tst(int x) { if (x>0) pos = pos+1; if (x%2==0) even = even+1; return; }

• Needs 4 test cases:

– all combinations alternatives

√ √

• ✁✄✂

√ √

• ✁✄✂

• ✠

• ☞

Example

void tst(int x) { if (x>0) pos = pos+1; if (x%2==0) even = even+1; }

• Statement Coverage: tst(2)
• Branch Coverage: tst(-1),tst(2)
• Path Coverage: tst(-2),tst(-1),tst(1),tst(2)

• ✂

What About Loops?

• May require test cases which make each loop

execute 0 times, 1 time, many times

• for (int i = 0; i < n; i++) {...}

– Test cases should include:

• n <= 0 (no times around the loop)
• n = 1 (one time around the loop)
• n > 1 (several times around the loop)

• ✁

More About Loops

• real time software generally runs inside an

infinite loop

– need to carefully define what you mean by path or loop coverage

• ✂

Path Coverage: Impossible Combinations

• Not all combinations are possible:

if (x > 2) ... else ... if (x > 4) ... else ...

• impossible to have first loop false, second

true – no test case for that combination

• ✂

Path Coverage: Combinatorial Explosion

• Large method with many branches and

loops:

– many combinations, lots of test cases – difficult to manage – May catch sepcial inputs that trigger an error

• Full path coverage only practical for unit

testing

• ✂

Example

static double power(double base, int pow) { double answer = 1; while (pow > 0) { if (pow % 2 == 0) { // pow is even pow = pow / 2; base = base * base; } else { // pow is odd pow = pow - 1; answer = answer * base; } // end if } // end while return answer; } // end power

White box checklist: pow = 0, 1, 2, bigger (so while loop executed 0, 1, many times) even and odd powers to exercise both parts of if statement

• ✂

Data Flow Testing

• Another kind of white box testing
• exercise (in order of weakest to strongest testing)

– all input and output variables – both truth values of all predicates – all definitions of variables (eg variables on LHS of assignments) – all uses of variables that are defined – all loops

• ✂

Possibilities For Automation

• Ideal: tool to generate set of test cases satisfying

coverage requirements

• Can't generate expected output from code!
• Some help: tools to help verify coverage:

• ✁

White Box Alone

• White box alone is not a good way to

generate test cases.

– may lead to focus on less important parts – intrinsically leads to incomplete testing – if coder overlooked possibilities, test cases will not detect them

• ✓

Black Box Alone

• Black box alone may not cover the code

adequately

– some special cases are not obvious from specifications, depend on algorithms

• Studies examined black box test suites

developers considered extremely thorough

– only exercised 1/3 to 1/2 of code!

• ✒

Another Example: Background

• Heron's formula for area of triangle:

– let s = – area =

• Example program takes three sides of triangle as

command-line arguments (string form)

• checks to make sure it's an equilateral triangle
• ✁

2 c b a + + ) )( )( ( c s b s a s s − − −

• ✁

Example Code with two Branches

public class Triangle { public static void main(String args []) { int sideA = Integer.parseInt(args[0]); int sideB = Integer.parseInt(args[1]); int sideC = Integer.parseInt(args[1]); if ((sideA == sideB) && (sideA == sideC)) { double s = 0.5 * (sideA + sideB + sideC); double area = Math.sqrt(s / (s - sideA) * (s - sideB) * (s - sideC)); System.out.println("area = " + area); } else System.out.println("not equilateral"); } // end main } // end class

• ✂

Branch Coverage

• one if statement, so two test cases needed
• false case: pick sides that aren't equal

– run Triangle 2 3 4 – output: not equilateral

• true case: pick equal sides

– run Triangle 2 2 2 – output: area = 1.7320508075688772

• output is correct, looks like all is well

Two Errors not Caught by Test Cases

public class Triangle { public static void main(String args []) { int sideA = Integer.parseInt(args[0]); int sideB = Integer.parseInt(args[1]); int sideC = Integer.parseInt(args[1]); if ((sideA == sideB) && (sideA == sideC)) { double s = 0.5 * (sideA + sideB + sideC); double area = Math.sqrt(s / (s - sideA) * (s - sideB) * (s - sideC)); System.out.println("area = " + area); } else System.out.println("not equilateral"); } // end main } // end class

should be 2 should be *

• ✂

Combining the Two Approaches

• pick a set of test cases from the specification

(black box)

• then look at code (white box) and see if test cases

cover the code adequately

• it not, add more to complete coverage
• power example:

– black box alone didn't tell us it was important to make sure we tested both odd and even powers – suggests additional test cases: pow = 16, pow = 15

• ✂

Testing at Different Levels

• Unit testing:

– dual black box/clear box approach – level of smallest granularity: want to look at code

• Above unit testing level: gray box

– awareness of structure, but not all details,

• System testing: primarily black box

• ✂

Stages

• Big Bang Testing: go right to System Testing

– generally least effective – very difficult to find bugs – avoid this!

• Better way:

– test all modules individually (unit testing) – put together gradually & test larger pieces

• ✁

– finally test whole system

• ✁

Integration Testing

• Tests uses between modules - source of 40%
• f all errors in code.
• Incremental: Top Down vs. Bottom Up

– start with tested modules in either case – planning of increments starts early

• ✥

– top down requires stubs – bottom up requires drivers – 'sandwich' variants exist

• ✁
• ✂

System Testing

• Functional Testing (does it work?)
• Also:

• ✿

• ◆

• – etc.

• ✁✂

Regression Testing

• after system is modified:

– bug fix, change or extension

• should run all tests over again
• bug fix in one module can show up bugs in

another – module interactions change

• automation is a great help here

• ✁✂

Regression Testing Issues (1)

• After changes to system, may need to update test

plan, test cases.

• 2 types of regression testing

• ✁

Regression Testing Issues (2)

• corrective modifications may require progressive

regression testing if the original specifications were in error

• Version control is a major issue

• ✁
• ✄

Acceptance Testing

• Testing

specified early as criteria for accepting product

• Can be dangerous! If tests are pre-specified,

software may pass tests but not do much else (Ada compilers)

• Good acceptance testing does not involve

detailed prior specification of the tests, but depends on precise, complete and correct system specifications.

• ✁✂

Resources That Limit Testing

• Budget
• Schedule
• Hardware
• Testers
• Debuggers
• Users (for usability testing)

• ✁
• ✄

Object-Oriented Testing

• Much wisdom about testing accumulated before

popularity of OOP

• How is the testing task different for object-oriented

code?

• sources:

• http://www.rbsc.com/pages/myths.html
• lectures by

• ✁✂

Myth #1

• Myth:

– OO testing is unnecessary. OO promotes iteration and reuse, so we have a more effective way to develop trustworthy classes.

• Reality:

– Human error is as likely as ever. We have to check class functionality and interactions between classes

• ✁✂

Myth #2

• Myth:

– testing is a structured waterfall idea and isn’t consistent with incremental OO development

• Reality:

– tests can be designed and exercised at many points in the process – paradigm of “design a little, code a little” becomes “design a little, code a little, test a little” – Extreme Programming (XP) promotes early testing (more later)

• ✁

Myth #3

• Myth:

– testing is too expensive

• Reality:

– pay me now or pay me MUCH more later – failures in operational systems can cause severe secondary problems – proper testing is very cheap by comparison, even when done manually – efficient testing of large or complex systems needs some automated support

• ✄

Myth #4

• Myth:

– testing is the same as conventional software – all you need is black-box system testing

• ✁✄✂

• Reality:

– OO code structure matters – polymorphism, inheritance, encapsulation present

• pportunities for error (more later)

• ✁

Myth #5

• Myth:

– conventional testing is useless for objects

• Reality:

– there is a large body of knowledge about testing – basic testing techniques continue to apply with necessary changes – if scope of testing is small, ie classes and collaborations

– as scope of testing gets larger

• ✒

Myth #6

• Myth:

– inheritance means never having to say you are sorry – specializing from a trusted superclass means the inherited part of subclasses will also be correct – we don’t need to retest inherited features

• Reality:

– subclasses create new ways to misuse inherited features – different test cases are needed for each subclass (more later)

• ✂

Myth #7

• Myth:

– reuse means never having to say you are sorry – reusing a trusted class means behaviour of server

• bject is trustworthy and doesn’t need to be

tested

• Reality:

– nothing prevents a new client class from using the server object incorrectly – all client class use of a server needs to be exercised

• ✂

Myth #8

• Myth:

– black box testing is sufficient – designing test cases using class interface and specification assures the class is fully exercised – white box testing violates encapsulation

• Reality:

– studies show black-box test suites typically only exercise 1/3 to 1/2 of the statements (let alone paths or states) – typically miss abnormal paths, exception and error-handling

• ✁

XP’s Approach to Testing

• programmer should

– focus on testing in order to give chance to think about what code will do, independently of how it is implemented – write every test he/she can think of that won’t run immediately on existing code – consider tests as giving confidence that things are working

– consider testing as a type of metric:

• ✁

XP’s Design through Refactoring

• Based on test cases

– pick up first test case – implement code to get test case running – pick up next test case – refactor code to get simplest implementation to get both test cases running – repeat for rest of test cases

• probably won’t work for large systems

– focus on testing up front is interesting

• ✂

OO Testing in Four Phases

• 1. modeling the software environment
• 2. selecting test scenarios

– we will look at unit testing only

• 3. running and evaluating test scenarios
• 4. measuring testing progress

• ✁

• 1. Modelling the Software Environment
• must identify and simulate interfaces

software system uses

– human interfaces

– software interfaces

• ✁✂

• 1. Modelling the Software Environment

– file system interfaces

– communication interfaces

• ✁
• ✄

• 2. Selecting Test Scenarios
• consider application domain and variables
• ✷

• ✩✫✪

• ✼

• ✁

Complications From Inheritance (1)

• test class super first, including methods A and B
• now test class sub
• new version of B – need to test in sub
• sub inherits A – no need to re-test in sub
• suppose C calls A:

– no guarantee that C calls A properly – we still have to test C's use of A

super int A(int x) int B(int x) sub int B(int x) int C(int x)

• ✁✂

Complications From Inheritance (2)

• test class super first, including methods A and B
• now test class sub
• new version of B – need to test in sub
• might assume no need to test A inside sub
• but what if A calls B??
• need to test A with the new B

super int A(int x) int B(int x) sub int B(int x)

• ✁
• ✄

Testing Objects

• exercise methods provided by object with

goals of uncovering errors in results, state of

• bject, or both
• must test interaction between methods in
• bject
• must search for all patterns of method

invocation of object

– methods can be invoked in any random order leading to a large number of combinations

• ✁
• ✄

• 3. Running and Evaluating

Test Scenarios (1)

• manually executing test scenarios is labour-

intensive and error prone

– automate as appropriate

– often include extra code to provide information about variables, object properties, etc during test runs – write code for testability: controllability and

• bservability

• ✁✂

• 3. Running and Evaluating

Test Scenarios (2)

• evaluation of test results

– comparison of software’s actual output to its expected output – often difficult to do

• ✿

• ❊

• ✁

• 4. Measuring Testing

Progress

• determining

– when to stop testing

– when the product is ready to release

• need quantitative measures

– estimation of number of bugs left in software