The document provides an overview of dynamic testing techniques used in software testing. It discusses black box and white box testing approaches and some common techniques used, including equivalence partitioning, boundary value analysis, decision tables, statement coverage, and branch/decision coverage. The techniques help testers select test cases in a more systematic and thorough manner to effectively find software faults.
The document discusses fundamentals of software testing including definitions of key concepts, objectives of testing, and seven principles of testing. It defines software testing as a process to evaluate quality and reduce risks of failure. Objectives include verifying requirements and validating user expectations. Testing is necessary because humans make mistakes, and testing can help reduce failures. Quality assurance supports proper testing processes. The seven principles are: 1) testing shows defects but not their absence, 2) exhaustive testing is impossible, 3) early testing saves time and money, 4) defects cluster together, 5) beware of pesticide paradox, 6) testing is context dependent, and 7) absence of errors is a fallacy.
Test cases are used to systematically test software and verify requirements. A test case contains a set of steps, expected results, and actual results. It has a name, description, prerequisites, and test data. Each test case contains multiple test steps that verify a discrete action. Best practices for writing test cases include avoiding jargon, writing steps independently, and focusing on positive scenarios. Test cases are organized into templates with required fields and naming conventions to facilitate management in testing tools.
This document discusses test management. It covers organizational structures for testing like having developers test their own code or having a dedicated testing team. It also discusses estimating testing time, monitoring testing progress through metrics like incident reports, and using configuration management to control testing activities and products. The key aspects of test management covered are organizational structures, estimation, monitoring, control, and configuration management.
There are many types of tools that support testing across the entire software development lifecycle. While automation can help improve testing, automating and testing require separate skills. Effective use of tools requires identifying the appropriate tests to automate through planning and effort, while maintaining control over the test automation process. Tools should support requirements testing, static analysis, test design, test data preparation, test execution, comparison, debugging, and test management.
This document provides an introduction to software testing. It defines software testing as a process used to identify correctness, completeness, and quality of computer software. The key points covered include: why software testing is important; who should be involved in testing; when testing should start and stop in the software development lifecycle; the differences between verification and validation; types of errors; types of testing including manual and automation; methods like black box and white box testing; levels of testing from unit to acceptance; and definitions of test plans and test cases.
The document outlines a test strategy for an agile software project. It discusses testing at each stage: release planning, sprints, a hardening sprint, and release. Key points include writing test cases during planning and sprints, different types of testing done during each phase including unit, integration, feature and system testing, retrospectives to improve, and using metrics like burn downs and defect tracking to enhance predictability. The overall strategy emphasizes testing early and often throughout development in short iterations.
The document discusses various aspects of test management including organizational structures for testing, configuration management, test estimation and monitoring, incident management, and standards for testing. It describes different levels of independence for testing, such as testing by developers, testing by development teams, and independent test teams. It also outlines the importance of configuration management, estimating and measuring test progress, logging incidents, and following standards for quality assurance and industry-specific testing.
The document outlines the key phases of the Software Testing Life Cycle (STLC) process. It describes 6 phases: 1) Requirement Analysis/Review to understand requirements, 2) Test Planning to develop the test plan, 3) Test Designing to create test cases and scripts, 4) Test Environment Setup to prepare the test environment, 5) Test Execution to run the test cases and report bugs, and 6) Test Closure to finalize testing and complete documentation. The goal of STLC is to systematically test software through a planned process to improve quality.
This document provides guidance on how to write effective test cases. It discusses test case components like objectives, preconditions, steps, and expected results. It emphasizes making test cases clear, concise, reusable, and up-to-date to reflect any application changes. The document also highlights techniques like breaking tests into focused subsets and attaching relevant artifacts.
This document provides an overview of software testing concepts and processes. It discusses the importance of testing in the software development lifecycle and defines key terms like errors, bugs, faults, and failures. It also describes different types of testing like unit testing, integration testing, system testing, and acceptance testing. Finally, it covers quality assurance and quality control processes and how bugs are managed throughout their lifecycle.
This is a presentation given at the Hangzhou Scrum Forum 2009, sponsored by Perficient, China. The topic is how to incorporate automated functional testing into an agile project, and also some best practices, tips, and warnings.
www.perficient.com
The document provides an overview of software testing techniques and strategies. It discusses unit testing, integration testing, validation testing, system testing, and debugging. The key points covered include:
- Unit testing involves testing individual software modules or components in isolation from the rest of the system. This includes testing module interfaces, data structures, boundary conditions, and error handling paths.
- Integration testing combines software components into clusters or builds to test their interactions before full system integration. Approaches include top-down and bottom-up integration.
- Validation testing verifies that the software meets the intended requirements and customer expectations defined in validation criteria.
- System testing evaluates the fully integrated software system, including recovery, security, stress,
Testing is the process of validating and verifying software to ensure it meets specifications and functions as intended. There are different levels of testing including unit, integration, system, and acceptance testing. An important part of testing is having a test plan that outlines the test strategy, cases, and process to be followed. Testing helps find defects so the product can be improved.
The document discusses software testing concepts and processes. It covers definitions of testing, objectives of testing, types of defects and their costs. It also describes the typical software testing process which includes test planning, preparation, execution, reporting and defect tracking. Additionally, it discusses test strategies such as unit testing, integration testing, system testing and acceptance testing. The overall purpose is to provide an introduction and overview of basic software testing concepts.
The document discusses test automation process and framework. It provides details on what test automation means, benefits of automation, guidelines for identifying test cases to automate, challenges in automation, and components of an automation framework like data tables, libraries, object repositories, scripts, and results.
The document outlines the fundamental test process which includes 5 steps: 1) test planning and controlling to identify objectives and implement strategy, 2) test analysis and design to review requirements and define tests, 3) test implementation and execution to automate test scripts and execute test cases, 4) evaluating exit criteria and reporting results to determine if more testing is needed, and 5) test closure activities such as closing defects and evaluating lessons learned to complete the process.
Static testing involves inspecting work products like requirements, design documents, and code without executing the code. It aims to find defects early when rework costs are lower. The document discusses static testing techniques like unit testing, integration testing, and reviews. Reviews include inspections - moderated meetings where defects are discussed - and technical and informal reviews with subject matter experts. The goal is early defect detection to improve quality and productivity.
Static testing is a software testing method that involves examination of program's code and its associated documentation but does not require the program to be executed.
Static Testing Techniques
Informal Reviews
Formal Reviews
Technical Reviews
Walk Through
Inspection Process
Static Code Review
Static testing involves examining a program's code and documentation without executing the code. It aims to improve quality by finding errors early. Techniques include informal reviews with minimal documentation; formal reviews following steps like planning, preparation, and follow-up; technical reviews of specifications; walkthroughs where authors explain work; and inspections led by moderators. Static testing allows early feedback but cannot find runtime issues and is time-consuming.
This document provides an overview of software testing concepts and definitions. It discusses key topics such as software quality, testing methods like static and dynamic testing, testing levels from unit to acceptance testing, and testing types including functional, non-functional, regression and security testing. The document is intended as an introduction to software testing principles and terminology.
Testing is the process of identifying bugs and ensuring software meets requirements. It involves executing programs under different conditions to check specification, functionality, and performance. The objectives of testing are to uncover errors, demonstrate requirements are met, and validate quality with minimal cost. Testing follows a life cycle including planning, design, execution, and reporting. Different methodologies like black box and white box testing are used at various levels from unit to system. The overall goal is to perform effective testing to deliver high quality software.
Static analysis techniques can analyze source code without executing it to find potential issues. It checks for violations of coding standards and detects problems like unreachable code, undeclared variables, and array index errors. Data flow analysis examines how variables are defined and used. Control flow analysis checks for unreachable nodes, infinite loops, and conformance to flow patterns. Cyclomatic complexity measures a program's structural complexity. Static analysis has limitations but can efficiently find certain faults before testing begins.
Static analysis is a static testing technique that analyzes source code without executing it. It can find faults like unreachable code, undeclared variables, and array bound violations. Some key advantages are that it can find faults difficult to see otherwise and provides an objective assessment of code quality. However, it also has limitations like not being able to distinguish fail-safe code from actual faults. Reviews are also useful for finding faults early and help achieve consensus, while inspections are more formal reviews.
Topics: Reviews and the test process, Types of review, static analysis
To know more about
Offer- http://mazenet-chennai.in/mazenet-offers.html
Syllabus- http://www.mazenet-chennai.in/software-testing-training-in-chennai.html
Slide share: http://www.slideshare.net/mazenet_solution/presentations
For more events- http://mazenet-chennai.in/mazenet-events.html
All videos- https://www.youtube.com/c/Mazenetsolution
Facebook- https://www.facebook.com/Mazenet.IT.Solution/
Twitter- https://twitter.com/Maze_net
Mail us : marketing@mazenetsolution.com
Contact: 9629728714
This document discusses static testing techniques, including reviews. It describes the review process, roles in reviews, types of reviews, and static analysis using tools. Reviews are a formal process typically involving planning, preparation, a review meeting, rework, and follow-up. Roles include the moderator, author, scribe, and reviewers. Types of reviews serve different purposes at different stages. Static analysis tools can check coding standards and metrics, as well as code structure.
This document provides an overview of static testing techniques and how they differ from dynamic testing techniques. It defines static testing as testing that does not require executing the software, such as reviews, inspections and static analysis tools. Dynamic testing involves executing the software with test cases. The document then describes various static techniques like formal reviews, informal reviews, walkthroughs, technical reviews and inspections. It also discusses static and dynamic analysis tools. Finally, it covers cyclomatic complexity, which is a measure of how many independent paths exist in a program.
Static techniques like reviews and static analysis tools can find defects in software work products like requirements, design, and code without executing the software. Reviews vary in formality from informal discussions to more structured inspections and walkthroughs. Static analysis examines software artifacts automatically using tools to identify defects before dynamic testing begins.
The document discusses static techniques for testing software work products like code, requirements, and design specifications. Static techniques like reviews and static analysis aim to find defects early before testing to improve productivity and reduce costs. Reviews involve examining documentation for defects, while static analysis checks code complexity, errors, and other issues without executing the code. Formal reviews follow steps like planning, kickoff meetings, preparation, review meetings, reworking defects, and follow up. Roles include managers, moderators, authors, reviewers, and scribes.
Static techniques such as reviews can improve both quality and productivity in software development. Static testing examines software work products like requirements and design documents manually or with tools before execution, finding defects early. Dynamic testing executes software with test cases. The two techniques are complementary, as static testing finds defects like missing requirements or design flaws while dynamic testing finds failures from execution. Using static testing from early in the development lifecycle provides advantages like early feedback, low rework costs, increased productivity, and greater awareness of quality issues.
Types of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating systemTypes of operating system
The document discusses various topics related to software testing including:
1. It introduces different levels of testing in the software development lifecycle like component testing, integration testing, system testing and acceptance testing.
2. It discusses the importance of early test design and planning and its benefits like reducing costs and improving quality.
3. It provides examples of how not planning tests properly can increase costs due to bugs found late in the process, and outlines the typical costs involved in fixing bugs at different stages.
Static techniques can improve both quality and productivity by impressive factors. Static testing is not magic and it should not be considered a replacement for dynamic testing, but all software organizations should consider using reviews in all major aspects of their work including requirements, design, implementation, testing, and maintenance. Static analysis tools implement automated checks, e.g. on code
This document discusses different types of software reviews including informal reviews, walkthroughs, and formal inspections. Formal inspections follow a defined process and are the most rigorous type of review. They involve preparation, inspection of the material by attendees to find defects, reworking defects, and follow up. Usability testing is discussed which involves testing a product with real users performing real tasks and observing them to identify usability issues. Methods like expert reviews and user testing are covered. Data is gathered during testing and analyzed to identify problems and inform recommendations.
Static techniques provide powerful ways to improve software quality and productivity. Static testing finds defects early by reviewing work products like requirements, design, code, and documentation. Reviews can be informal or formal, following a defined process. Formal reviews typically involve planning, a kickoff meeting, individual preparation, a group review meeting, reworking by the author, and follow up by a moderator. The goal is to improve quality by identifying and fixing defects early in development.
The document discusses software inspections and defect management. It defines key terms like defects, defect classification, and causes of defects. It explains that rework makes up 44% of project costs and discusses how inspections can help reduce defects and rework. Formal inspections involve individual preparation, overview meetings, review planning, inspection meetings, and follow up action to identify and address defects early. Benefits of inspections include increased productivity, reduced defects, and preparation for subsequent phases.
COURSE IS NOW FULLY AVAILABLE AND LIVE HERE: https://goo.gl/gVukvc
This is the first section of six parts to cover what you need to learn about ISTQB foundations exam. Broken down into pieces and examples to pass. Check out more on my blog: https://www.rogeriodasilva.com/
This document discusses various types of software testing performed at different stages of the software development lifecycle. It describes component testing, integration testing, system testing, and acceptance testing. Component testing involves testing individual program units in isolation. Integration testing combines components and tests their interactions, starting small and building up. System testing evaluates the integrated system against functional and non-functional requirements. Acceptance testing confirms the system meets stakeholder needs.
The document provides an overview of software testing fundamentals including definitions of testing, why testing is necessary, quality versus testing, general testing vocabulary, testing objectives, and general testing principles. It defines software testing as verifying and validating that software meets requirements, works as expected, and discusses how testing is needed because humans make mistakes and software errors can have expensive and dangerous consequences. The document also provides definitions of quality, contrasts popular versus technical views of quality, and outlines key aspects of quality like functionality, reliability, and value.
Quality Analyst Training - Gain AmericaGainAmerica
The document discusses verification and validation (V&V) processes for software. It states that V&V aims to establish confidence that software is fit for purpose, not completely defect-free. V&V includes verification to ensure software conforms to specifications and validation that it meets user requirements. Both static verification techniques like inspections and dynamic validation like testing are important and should be applied throughout development. The document provides details on different V&V techniques.
The document discusses software review methods and optimal review practices. It describes different review methods from walkthroughs to inspections and their goals and attributes. Inspections are highlighted as the most formal review method, involving preparation, an orientation, planning, a review meeting, rework, and verification stages. The goals of technical reviews are also outlined, including improving quality and knowledge while minimizing costs.
Discovery Series - Zero to Hero - Task Mining Session 1DianaGray10
This session is focused on providing you with an introduction to task mining. We will go over different types of task mining and provide you with a real-world demo on each type of task mining in detail.
The History of Embeddings & Multimodal EmbeddingsZilliz
Frank Liu will walk through the history of embeddings and how we got to the cool embedding models used today. He'll end with a demo on how multimodal RAG is used.
Garbage In, Garbage Out: Why poor data curation is killing your AI models (an...Zilliz
Enterprises have traditionally prioritized data quantity, assuming more is better for AI performance. However, a new reality is setting in: high-quality data, not just volume, is the key. This shift exposes a critical gap – many organizations struggle to understand their existing data and lack effective curation strategies and tools. This talk dives into these data challenges and explores the methods of automating data curation.
Welcome to Cyberbiosecurity. Because regular cybersecurity wasn't complicated...Snarky Security
How wonderful it is that in our modern age, every bit of our biological data can be digitized, stored, and potentially pilfered by cyber thieves! Isn't it just splendid to think that while scientists are busy pushing the boundaries of biotechnology, hackers could be plotting the next big bio-data heist? This delightful scenario is brought to you by the ever-expanding digital landscape of biology and biotechnology, where the integration of computer science, engineering, and data science transforms our understanding and manipulation of biological systems.
While the fusion of technology and biology offers immense benefits, it also necessitates a careful consideration of the ethical, security, and associated social implications. But let's be honest, in the grand scheme of things, what's a little risk compared to potential scientific achievements? After all, progress in biotechnology waits for no one, and we're just along for the ride in this thrilling, slightly terrifying, adventure.
So, as we continue to navigate this complex landscape, let's not forget the importance of robust data protection measures and collaborative international efforts to safeguard sensitive biological information. After all, what could possibly go wrong?
-------------------------
This document provides a comprehensive analysis of the security implications biological data use. The analysis explores various aspects of biological data security, including the vulnerabilities associated with data access, the potential for misuse by state and non-state actors, and the implications for national and transnational security. Key aspects considered include the impact of technological advancements on data security, the role of international policies in data governance, and the strategies for mitigating risks associated with unauthorized data access.
This view offers valuable insights for security professionals, policymakers, and industry leaders across various sectors, highlighting the importance of robust data protection measures and collaborative international efforts to safeguard sensitive biological information. The analysis serves as a crucial resource for understanding the complex dynamics at the intersection of biotechnology and security, providing actionable recommendations to enhance biosecurity in an digital and interconnected world.
The evolving landscape of biology and biotechnology, significantly influenced by advancements in computer science, engineering, and data science, is reshaping our understanding and manipulation of biological systems. The integration of these disciplines has led to the development of fields such as computational biology and synthetic biology, which utilize computational power and engineering principles to solve complex biological problems and innovate new biotechnological applications. This interdisciplinary approach has not only accelerated research and development but also introduced new capabilities such as gene editing and biomanufact
Keynote : Presentation on SASE TechnologyPriyanka Aash
Secure Access Service Edge (SASE) solutions are revolutionizing enterprise networks by integrating SD-WAN with comprehensive security services. Traditionally, enterprises managed multiple point solutions for network and security needs, leading to complexity and resource-intensive operations. SASE, as defined by Gartner, consolidates these functions into a unified cloud-based service, offering SD-WAN capabilities alongside advanced security features like secure web gateways, CASB, and remote browser isolation. This convergence not only simplifies management but also enhances security posture and application performance across global networks and cloud environments. Discover how adopting SASE can streamline operations and fortify your enterprise's digital transformation strategy.
Generative AI technology is a fascinating field that focuses on creating comp...Nohoax Kanont
Generative AI technology is a fascinating field that focuses on creating computer models capable of generating new, original content. It leverages the power of large language models, neural networks, and machine learning to produce content that can mimic human creativity. This technology has seen a surge in innovation and adoption since the introduction of ChatGPT in 2022, leading to significant productivity benefits across various industries. With its ability to generate text, images, video, and audio, generative AI is transforming how we interact with technology and the types of tasks that can be automated.
"Making .NET Application Even Faster", Sergey Teplyakov.pptxFwdays
In this talk we're going to explore performance improvement lifecycle, starting with setting the performance goals, using profilers to figure out the bottle necks, making a fix and validating that the fix works by benchmarking it. The talk will be useful for novice and seasoned .NET developers and architects interested in making their application fast and understanding how things work under the hood.
DefCamp_2016_Chemerkin_Yury-publish.pdf - Presentation by Yury Chemerkin at DefCamp 2016 discussing mobile app vulnerabilities, data protection issues, and analysis of security levels across different types of mobile applications.
Self-Healing Test Automation Framework - HealeniumKnoldus Inc.
Revolutionize your test automation with Healenium's self-healing framework. Automate test maintenance, reduce flakes, and increase efficiency. Learn how to build a robust test automation foundation. Discover the power of self-healing tests. Transform your testing experience.
3. People techniques individual: desk-checking, data-stepping, proof-reading group: Reviews (informal & formal): for consensus Walkthrough: for education Inspection (most formal): to find faults Static techniques do not execute code
4. Benefits of reviews Development productivity improvement Reduced development timescales Reduced testing time and cost Lifetime cost reductions Reduced fault levels Improved customer relations etc.
5. Reviews are cost-effective 10 times reduction in faults reaching test, testing cost reduced by 50% to 80% Freedman & Weinberg, Handbook of Walkthroughs, Inspections & Technical Reviews reduce faults by a factor of 10 Yourdon, Structured Walkthroughs
6. 25% reduction in schedules, remove 80% - 95% of faults at each stage, 28 times reduction in maintenance cost, many others Gilb & Graham, Software Inspection
7. What can be Inspected? Anything written down can be Inspected policy, strategy, business plans, marketing or advertising material, contracts system requirements, feasibility studies, acceptance test plans test plans, test designs, test cases, test results
9. What can be reviewed? anything which could be Inspected i.e. anything written down plans, visions, “big picture”, strategic directions, ideas project progress work completed to schedule, etc. “Should we develop this” marketing options
10. What to review / Inspect? Tests Tests Tests Tests Requirements Design Code Functions Integration T Unit Test Accept. Test System Test
11. Costs of reviews Rough guide: 5%-15% of development effort half day a week is 10% Effort required for reviews planning (by leader / moderator) preparation / self-study checking meeting fixing / editing / follow-up recording & analysis of statistics / metrics process improvement (should!)
12. Contents Reviews and the test process Types of review Static analysis ISEB Foundation Certificate Course Static testing 1 2 4 5 3 6
13. Types of review of documents Informal Review undocumented widely viewed as useful and cheap (but no one can prove it!) A helpful first step for chaotic organisations. Technical Review: (or peer review) includes peer and technical experts, no management participation. Normally documented, fault-finding. Can be rather subjective.
14. Decision-making Review: group discusses document and makes a decision about the content, e.g. how something should be done, go or no-go decision, or technical comments
15. Types of review of documents Walkthrough author guides the group through a document and his or her thought processes, so all understand the same thing, consensus on changes to make Inspection: formal individual and group checking, using sources and standards, according to generic and specific rules and checklists, using entry and exit criteria, Leader must be trained & certified, metrics required
16. Reviews in general 1 Objectives / goals validation & verification against specifications & standards achieve consensus (excluding Inspection) process improvement (ideal, included in Inspection)
17. Reviews in general 2 Activities planning overview / kickoff meeting (Inspection) preparation / individual checking review meeting (not always) follow-up (for some types) metrics recording & analysis (Inspections and sometimes reviews)
18. Reviews in general 3 Roles and responsibilities Leader / moderator - plans the review / Inspection, chooses participants, helps & encourages, conducts the meeting, performs follow-up, manages metrics Author of the document being reviewed / Inspected
19. Reviewers / Inspectors - specialised fault-finding roles for Inspection Managers - excluded from some types of review, need to plan project time for review / Inspection Others: e.g. Inspection/ review Co-ordinator
20. Reviews in general 4 Deliverables Changes (edits) in review product Change requests for source documents (predecessor documents to product being reviewed / Inspected) Process improvement suggestions to the review / Inspection process to the development process which produced the product just reviewed / Inspected Metrics (Inspection and some types of review)
21. Reviews in general 5 Pitfalls (they don’t always work!) lack of training in the technique (especially Inspection, the most formal) lack of or quality of documentation - what is being reviewed / Inspected
22. Lack of management support - “lip service” - want them done, but don’t allow time for them to happen in project schedules Failure to improve processes (gets disheartening just getting better at finding the same thing over again)
23. Inspection is different the document to be reviewed is given out in advance typically dozens of pages to review instructions are "please review this" not just product, sources chunk or sample training, roles
24. Inspection is different some people have time to look through it and make comments before the meeting (which is difficult to arrange) the meeting often lasts for hours entry criteria to meeting, may not be worth holding 2 max., often much shorter
25. Inspection is different "I don't like this" much discussion, some about technical approaches, some about trivia don't really know if it was worthwhile, but we keep doing it Rule violations, objective, not subjective no discussion, highly focused, anti-trivia only do it if value is proven (continually)
26. Inspection is more and better entry criteria training optimum checking rate prioritising the words standards process improvement exit criteria quantified estimates of remaining major faults per page typical review early Inspection mature Inspection effectiveness return on investment 10 - 20% unknown 30 - 40% 6 - 8 hrs / Insp hr 80 - 95% 8 - 30 hrs / Insp hr
27. The Inspection Process Software Development Stage . . Planning Kick off Ind Chk Meet Edit Change Request Process Improvement Entry Next Software Development Stage Exit
28. At first glance .. Here’s a document: review this (or Inspect it)
29. Reviews: time and size determine rate Time Checking Rate Size 2 hrs? 100 pages? 50 pages per hour Checking Rate
30. Review “Thoroughness”? ordinary “review” - finds some faults, one major, fix them, consider the document now corrected and OK major minor minor
31. Inspection: time and rate determine size Time Checking Rate Size 2 hrs? Optimum: 1 page * per hour 2 pages (at optimum rate) Size * 1 page = 300 important words
33. Inspection surprises Fundamental importance of Rules democratically agreed as applying define major issues / faults Slow checking rates Strict entry & exit criteria Fast logging rates Amount of responsibility given to author
35. What can static analysis do? Remember: static techniques do not execute the code A form of automated testing check for violations of standards check for things which may be a fault
36. Descended from compiler technology a compiler statically analyses code, and “knows” a lot about it, e.g. variable usage; finds syntax faults static analysis tools extend this knowledge can find unreachable code, undeclared variables, parameter type mis-matches, uncalled functions & procedures, array bound violations, etc.
37. Data flow analysis This is the study of program variables variable defined* where a value is stored into it variable used where the stored value is accessed variable is undefined before it is defined or when it goes out of scope *defined should not be confused with declared x = y + z IF a > b THEN read(S) x is defined, y and z are used a and b are used, S is defined
38. Data flow analysis faults n := 0 read (x) n := 1 while x > y do begin read (y) write( n*y) x := x - n end Data flow anomaly: n is re-defined without being used Data flow fault: y is used before it has been defined (first time around the loop)
39. Control flow analysis Highlights: nodes not accessible from start node infinite loops multiple entry to loops whether code is well structured, i.e. reducible whether code conforms to a flowchart grammar any jumps to undefined labels any labels not jumped to cyclomatic complexity and other metrics
40. Unreachable code example Macro definitions (different for different platforms the code runs on) Buffsize: 1000 Mailboxmax: 1000 IF Buffsize < Mailboxmax THEN Error-Exit ENDIF
42. Cyclomatic complexity cyclomatic complexity is a measure of the complexity of a flow graph (and therefore the code that the flow graph represents) the more complex the flow graph, the greater the measure it can most easily be calculated as: complexity = number of decisions + 1
43. Which flow graph is most complex? 1 2 3 5 What is the cyclomatic complexity?
44. Example control flow graph Result = 0 Right = 0 DO WHILE more Questions IF Answer = Correct THEN Right = Right + 1 ENDIF END DO Result = (Right / Questions) IF Result > 60% THEN Print "pass" ELSE Print "fail” ENDIF do if r=r+1 end init if res pass fail end Pseudo-code:
45. Other static metrics lines of code (LOC) operands & operators (Halstead’s metrics) fan-in & fan-out nesting levels function calls OO metrics: inheritance tree depth, number of methods, coupling & cohesion
46. Limitations and advantages Limitations: cannot distinguish "fail-safe" code from programming faults or anomalies (often creates overload of spurious error messages) does not execute the code, so not related to operating conditions Advantages: can find faults difficult to "see" gives objective quality assessment of code
47. Summary: Key Points Reviews help to find faults in development and test documentation, and should be applied early Types of review: informal, walkthrough, technical / peer review, Inspection Static analysis can find faults and give information about code without executing it