Software Engineering CMMI Representation – Staged and Continuous

A representation allows an organization to pursue a

different set of improvement objectives. There are two
Capability Maturity Model Integration (CMMI) representations for CMMI :
 Staged Representation :
o uses a pre-defined set of process areas to

define improvement path.
The Capability Maturity Model Integration (CMMI) is an
o provides a sequence of improvements, where
advanced framework designed to improve and integrate
each part in the sequence serves as a
processes across various disciplines such as software
foundation for the next.
engineering, systems engineering, and people
o an improved path is defined by maturity
management. It builds on the principles of the original
level.
CMM, enabling organizations to enhance their processes
o maturity level describes the maturity of
systematically. CMMI helps organizations fulfill
processes in organization.
customer needs, create value for investors, and improve
o Staged CMMI representation allows comparison
product quality and market growth. It offers two
between different organizations for multiple
representations, staged and continuous, to guide
maturity levels.
organizations in their process improvement efforts.
 Continuous Representation :
o allows selection of specific process areas.
What is Capability Maturity Model Integration (CMMI)? o uses capability levels that measures
Capability Maturity Model Integration (CMMI) is a improvement of an individual process area.
successor of CMM and is a more evolved model that o Continuous CMMI representation allows
incorporates best components of individual disciplines comparison between different organizations
of CMM like Software CMM, Systems Engineering CMM, on a process-area-by-process-area basis.
People CMM, etc. Since CMM is a reference model of o allows organizations to select processes
matured practices in a specific discipline, so it which require more improvement.
becomes difficult to integrate these disciplines as o In this representation, order of improvement
per the requirements. This is why CMMI is used as it of various processes can be selected which
allows the integration of multiple disciplines as and allows the organizations to meet their
when needed. objectives and eliminate risks.

Objectives of CMMI CMMI Model – Maturity Levels

1. Fulfilling customer needs and expectations. In CMMI with staged representation, there are five
2. Value creation for investors/stockholders. maturity levels described as follows :
3. Market growth is increased. 1. Maturity level 1 : Initial
4. Improved quality of products and services.  processes are poorly managed or controlled.
5. Enhanced reputation in Industry.  unpredictable outcomes of processes involved.
 ad hoc and chaotic approach used.
 No KPAs (Key Process Areas) defined.
 Lowest quality and highest risk.
2. Maturity level 2 : Managed 1. Capability level 0 : Incomplete
 requirements are managed.  incomplete process – partially or not performed.
 processes are planned and controlled.  one or more specific goals of process area are
 projects are managed and implemented according to not met.
their documented plans.  No generic goals are specified for this level.
 This risk involved is lower than Initial level,  this capability level is same as maturity level
but still exists. 1.
 Quality is better than Initial level. 2. Capability level 1 : Performed
3. Maturity level 3 : Defined  process performance may not be stable.
 processes are well characterized and described  objectives of quality, cost and schedule may not
using standards, proper procedures, and methods, be met.
tools, etc.  a capability level 1 process is expected to
 Medium quality and medium risk involved. perform all specific and generic practices for
 Focus is process standardization. this level.
4. Maturity level 4 : Quantitatively managed  only a start-step for process improvement.
 quantitative objectives for process performance 3. Capability level 2 : Managed
and quality are set.  process is planned, monitored and controlled.
 quantitative objectives are based on customer  managing the process by ensuring that objectives
requirements, organization needs, etc. are achieved.
 process performance measures are analyzed  objectives are both model and other including
quantitatively. cost, quality, schedule.
 higher quality of processes is achieved.  actively managing processing with the help of
 lower risk metrics.
5. Maturity level 5 : Optimizing 4. Capability level 3 : Defined
 continuous improvement in processes and their  a defined process is managed and meets the
performance. organization’s set of guidelines and standards.
 improvement has to be both incremental and  focus is process standardization.
innovative. 5. Capability level 4 : Quantitatively Managed
 highest quality of processes.  process is controlled using statistical and
 lowest risk in processes and their performance. quantitative techniques.
 process performance and quality is understood in
statistical terms and metrics.
 quantitative objectives for process quality and
performance are established.
CMMI Model – Capability Levels
6. Capability level 5 : Optimizing
A capability level includes relevant specific and
 focuses on continually improving process
generic practices for a specific process area that can
improve the organization’s processes associated with performance.
that process area. For CMMI models with continuous  performance is improved in both ways –
representation, there are six capability levels as incremental and innovation.
described below :
  emphasizes on studying the performance results
across the organization to ensure that common
causes or issues are identified and fixed.

1. What is the difference CMM and CMMI?

CMM (Capability Maturity Model) focuses on improving
processes within a single discipline, like software
development. CMMI (Capability Maturity Model
Integration) integrates multiple disciplines into one
cohesive framework, allowing for broader and more
flexible process improvement. CMMI is the evolved
version of CMM, incorporating best practices from
various CMM models.
What is the primary objective of the capability
maturity model integration CMMI )?
Building dependable environments with innovative,
efficient, and productive departments, services, and
products is one of CMMI’s main objectives.
3. What is level 5 in CMMI called?
Level 5 in CMMI called Optimizing.
Unit -2  Requiremnets which are related to
functional/working aspect of software fall into
Requirement analysis
this category
 Non-functional requirements are expected
charcateristics of target
Software requirements:-
software.(Security,storage, configuration,
It is the description of features and Performance ,cost ,interoperability , flexibility
functionalitites of the target system. , disaster , recovery, accessibility.

It is the description of what the system should

do.
SRS(software requirements specification):-
Requirements engineering refers to the process of
SRS is a description of a software system to be
defining, documenting and maintaining requirements in
developed.
the engineering design process.
It lays out functional and not functional requirements
It is a four step process ,which includes-
of the software to be developed.
1. Feasibility Study
It may include a set of use cases that describe user
2. Requirement gathering/elicitation
interactions that the software must provide to the user
3. Software requirement specification
for perfect interaction.
4. Software requirement validation

SRS STRUCTURE:-
Tools support for requirement engineering:-
1. Introduction
 Observation reports(user observation)
 Purpose
 Questionaries
 Intended audience
 Use cases
 Scope
 User stories
 Definations
 Requirement workshops
 References.
 Mind mapping 2. Overall Description
 Role-playing  User interfaces
 Prototyping  System Interfaces
 Constraints,Assumptions and dependencies
 User charcateristics
Functional vs Non-functional requirements:-
3. System features and requirements
 Functional Requirements
  Use cases
 External interface requirements
 Logical database requirement
 Non-functional requirements
4. Deliver for approval

User requirememts:-

 Easy and simple to operate

 Quick response
 Effectivey handling operational errors
 Customer support
Unit -4 procedures, such as shared work boards or
Risk management project management software, to make sure
that each member of the team is aware of all
tasks and responsibilities, including those
What is Risk Management? of their teammates.
An organization must focus on providing
Risk Management is a systematic process of resources to minimize the negative effects
recognizing, evaluating, and handling threats or risks of possible events and maximize positive
that have an effect on the finances, capital, and results in order to reduce risk effectively.
overall operations of an organization. These risks can Organizations can more effectively identify,
come from different areas, such as financial
instability, legal issues, errors in strategic
assess, and mitigate major risks by
planning, accidents, and natural disasters. implementing a consistent, systematic, and
The main goal of risk management is to predict integrated approach to risk management.
possible risks and find solutions to deal with them
successfully.

The risk management process

Why is risk management important?
Risk management is a sequence of steps that
Risk management is important because it
help a software team to understand, analyze,
helps organizations to prepare for
and manage uncertainty. Risk management
unexpected circumstances that can vary from
process consists of
small issues to major crises. By actively
 Risks Identification.
understanding, evaluating, and planning for
 Risk Assessment.
potential risks, organizations can protect
 Risks Planning.
their financial health, continued operation,
 Risk Monitoring
and overall survival.
Let’s Understand why risk management
important with an example.
Suppose In a software development project,
one of the key developers unexpectedly falls
ill and is unable to contribute to the
product for an extended period.
One of the solution that organization may
have , The team uses collaborative tools and
 as equipment failures and extreme weather
conditions.
Risk analysis
Risk analysis is the process of evaluating
and understanding the potential impact and
likelihood of identified risks on an
organization. It helps determine how serious
a risk is and how to best manage or mitigate
it. Risk Analysis involves evaluating each
risk’s probability and potential
consequences to prioritize and manage them
effectively.
Risk Planning
Risk planning involves developing strategies
and actions to manage and mitigate
identified risks effectively. It outlines
how to respond to potential risks, including
prevention, mitigation, and contingency
measures, to protect the organization’s
objectives and assets.
Risk Monitoring
Risk monitoring involves continuously
Risk Management Process tracking and overseeing identified risks to
assess their status, changes, and
Risk Identification effectiveness of mitigation strategies. It
Risk identification refers to the systematic ensures that risks are regularly reviewed
process of recognizing and evaluating and managed to maintain alignment with
potential threats or hazards that could organizational objectives and adapt to new
negatively impact an organization, its developments or challenges.
operations, or its workforce. This involves
identifying various types of risks, ranging
from IT security threats like viruses and
phishing attacks to unforeseen events such
Understanding Risks in Software Projects 2. Technical Risks:
A computer code project may be laid low with Technical risks concern potential style,
an outsized sort of risk. To be ready to implementation, interfacing, testing, and
consistently establish the necessary risks maintenance issues. Technical risks
that could affect a computer code project, conjointly embody ambiguous
it’s necessary to group risks into specifications, incomplete specifications,
completely different categories. The project dynamic specifications, technical
manager will then examine the risks from uncertainty, and technical degeneration.
every category square measure relevant to Most technical risks occur thanks to the
the project. event team’s lean information concerning
There are mainly 3 classes of risks that may the project.
affect a computer code project:
1. Project Risks: 3. Business Risks:
Project risks concern various sorts of This type of risk embodies the risks of
monetary funds, schedules, personnel, building a superb product that nobody
resources, and customer-related issues. A needs, losing monetary funds or personal
vital project risk is schedule slippage. commitments, etc.
Since computer code is intangible, it’s
tough to observe and manage a computer
code project. It’s tough to manage one
thing that can not be seen. For any
producing project, like producing cars, Risk management standards and frameworks
the project manager will see the
merchandise taking form.
For example, see that the engine is Risk management standards and frameworks
fitted, at the moment the area of the door give organizations guidelines on how to
unit is fitted, the automotive is being find, evaluate, and handle risks
painted, etc. so he will simply assess the effectively. They provide a structured way
progress of the work and manage it. The to manage risks, making sure that everyone
physical property of the merchandise being follows consistent and reliable practices.
developed is a vital reason why several Here are some well-known risk management
computer codes come to suffer from the standards and frameworks:
danger of schedule slippage. 1. COSO ERM Framework:
COSO ERM Framework was introduce in 2004 and Benefits of risk management
updated in 2017. Its main purpose is to Here are some benefits of risk management:
addresses the growing complexity of  Helps protect against potential losses.
Enterprise Risk Management (ERM).  Improves decision-making by considering
 Key Features: risks.
o 20 principles grouped into five  Reduces unexpected expenses.
components: Governance and culture,  Ensures adherence to laws and regulations.
Strategy and objective-setting,  Builds resilience against unexpected
Performance, Review and revision, challenges.
Information, communication, and  Safeguards company reputation.
reporting. Limitation of Risk Management
o It promote integrating risk into Here are Some Limitation of Risk Management
business strategies and operations.  Too much focus on risk can lead to missed
2. ISO 31000: opportunities.
ISO 31000 was introduce in 2009, revised in  Implementing risk management can be
2018. It provides principles and a framework expensive.
for ERM.  Risk models can be overly complex and hard
 Key Features: to understand.
o It offers guidance on applying risk  Having risk controls might make people
management to operations. feel too safe.
o It focuses on identifying,  Relies on accurate human judgment and can
evaluating, and mitigating risks. be prone to mistakes.
o It promote senior management’s role  Some risks are hard to predict or
and integrating risk management quantify.
across the organization.  Managing risks can take a lot of time and
3. BS 31100: resources.
This framework is British Standard for Risk
Management and latest version issued in
2001. It offers a structured approach to
applying the principles outlined in ISO What are the Five Steps in the Risk Management
31000:2018, covering tasks like identifying, Process?
evaluating, and addressing risks, followed Step 1: Identify the Risks
by reporting and reviewing risk management This step involves the activities to
efforts. properly comprehend the Risks and their
impact on the various project tasks. It is planned according to the impact that the
important to recognize and document the risks create. The key factors of this step
risks in a proper record. It has various include:
aspects such as methods of identification,  Analyze Risks Scenario: The Project
communicating with the stakeholder, and experts understand What risks may arise
documentation of the risk factors. Let us under what conditions. Also, they evaluate
discuss each of these in detail. the scale of the scenario that may lead to
 Identify the Risks: The project experts a particular risk. Finally, the risk
implement methods such as SWOT (Strengths, assessment results are communicated to the
Weaknesses, Opportunities, Threats) stakeholders associated with the project.
Analysis to predict the Project risks.  Define the Scope of the Risks: After
Additionally, the Delphi Method is used to understanding the root cause of the risks,
know the risk information from the expert the stakeholders and project team analyze
opinions and consensus. the domains that may be impacted by the
 Involve the Stakeholders: Risks may affect risks. Thus, they define the boundaries
every part of the Project due to which the and limits for each risk.
entire business process has to suffer.  Develop the criteria for
Therefore, through this substep, Project prioritization: Since all the risks cannot
Experts involve the different Stakeholders be diagnosed and resolved at the same
through standup sessions and meetings to time, it is important to be aware of the
get thoughts on the Risks from the end- priority of the risk-response plans. So,
user perspectives. criteria for the risk priority are defined
 Document the risks: After the different in this substep.
risks have been identified, they are Step 3: Evaluate or Rank the Risks
organized in the form of a hierarchy and In this step, risks are evaluated or ranked
formally documented in the record. These by assessing their potential impact and
records are accessible to the key likelihood of occurrence. This
stakeholders and project team to prioritization helps focus attention on the
continuously review and update in each most critical risks that require mitigation
phase of the Project. or contingency planning.
Step 2: Analyze the Risks  Perform Qualitative and Qualitative
After we have identified all the possible Analysis: Some risks have a higher impact
risks in our project, we have to analyze and some have a lower. Also, some risks
them so that the mitigating actions can be may have a high frequency of occurrence
 while some have a lower frequency of  Implement the Mitigation actions: Here,
occurrence. Hence, it is important to the action plans are executed as per the
analyze them in terms of quality as well actions, responsibilities, and timelines
as quantity so that they can be properly specified in the risk response strategy.
analyzed.  Monitor and update the Risk
 Visualize the Probability Impact Register: After the implementation of risk
Analysis: The evaluation and assessment of response is done, Project Managers monitor
the Project risks have to be understood the performance and update the status in
and interpreted accurately. So, project the risk register.
managers often use the Risk Matrix to Step 5: Monitor and Review the Risks
analyze the Probability versus Impact of Identifying the risks and executing the
the Risk to categorize them into low, mitigation action is alone not sufficient to
medium, and high risk. ensure risk-free project planning. It is
 Documenting the Updates: All the updates also important to consciously monitor the
of the Risk Management Process are status of the risks and keep a check on the
finalized and documented in the record. risk-mitigating actions. The key actions of
This information also helps in the future this step are:
project execution.  Monitor the risks: The stakeholders and
Step 4: Treat the Risks the project managers keep a check on the
After identifying and evaluating the risks, probability, impact, or overall
various mitigation actions and response significance of the risk.
strategies are developed to reduce the risk  Analyzing KPIs: System experts observe the
impact and eliminate it from the Project Key Performance Indicators that give
Lifecycle. This step generally has the information about the metrics related to
following activities: risk occurrence, severity, and the success
 Develop the Mitigation Plans: The project of mitigation efforts.
experts can deal with the risks in four  Develop Trigger System and Early
ways. They can Avoid, Mitigate, Transfer, Warnings: If the risk response strategy
or Accept the risks. The type of action fails in any scenario, the response
plan depends upon the intensity and scope triggers are defined so that immediate
of a risk that arises. Keeping this fact action can be planned for risk mitigation.
in mind, the experts formulate different
mitigating actions.
 A project may contain large variety of risk.
To know the specific amount of risk, there
Methods for Identifying Risks may be chance of affecting a project. So,
this is necessary to make categories into
Last Updated : 30 Nov, 2022
different class of risk.
 There are many different types of risks which
Identifying risk is one of most important or affects the software project:
essential and initial steps in risk
management process. By chance, if failure 1. Technology risks
occurs in identifying any specific or 2. Tools risks
particular risk, then all other steps that 3. Estimation risks
are involved in risk management will not be 4. People risks
implemented for that particular risk. For 5. Requirement risks
identifying risk, project team should review 6. Organizational risks
scope of program, estimate cost, schedule, Methods for Identifying Risks : Earlier,
technical maturity, parameters of key there were no easy methods available that
performance, etc. To manage risk, project will surely identify all risks. But nowadays,
team or organization are needed to know about there are some additional approaches
what risks it faces, and then to evaluate available for identifying risks. Some of
them. Generally, identification of risk is an approaches for risk identification are given
iterative process. It basically includes below:
generating or creating comprehensive list of 1. Checklist Analysis – Checklist Analysis is
threats and opportunities that are based on type of technique generally used to identify
events that can enhance, prevent, degrade, or find risks and manage it. The checklist is
accelerate, or might delay successful basically developed by listing items, steps,
achievement of objectives. In simple words, or even tasks and is then further analyzed
if you don’t find or identify risk, you won’t against criteria to just identify and
be able to manage it. determine if procedure is completed correctly
The organizer of project needs to expect some or not. It is list of risk that is just found
of the risk in the project as early as to occur regularly in development of software
possible so that the performance of risk may project. Below is the list of software
be reduced. This could be only possible by development risk by Barry Boehm- modified
making effective risk management planning. version.
 members identify and determine risks in ‘no
Risk Risk Reduction Technique
wrong answer’ environment. This technique
also provides opportunity for team members to
Various techniques include always develop on each other’s ideas. This
training and career technique is also used to determine best
Personnel development, job-matching, possible solution to problems and issue that
Shortfalls teambuilding, etc. arises and emerge.
3. Casual Mapping – Causal mapping is method
that builds or develops on reflection and
Various techniques include review of failure factors in cause and effect
incremental development, of the diagrams. It is very useful for
Unrealistic standardization of methods, facilitating learning with an organization or
time and cost recording, and analysis of system simply as method of project-post
estimates the past project, etc. evaluation. It is also key tool for risk
assessment.
4. SWOT Analysis – Strengths-Weaknesses-
Development of Various techniques include Opportunities-Threat (SWOT) is very technique
wrong software formal specification and helpful for identifying risks within
functions methods, user surveys, etc. greater organization context. It is generally
used as planning tool for analyzing business,
its resources, and also its environment
Development of Various techniques include
simply by looking at internal strengths and
the wrong user user involvement, weaknesses and opportunities and threats in
interface prototyping, etc. external environment. It is technique often
used in formulation of strategy. The
2. Brainstorming – This technique provides appropriate time and effort should be spent
and gives free and open approach that usually on thinking seriously about weaknesses and
encourages each and everyone on project team threats of organization for SWOT analysis to
to participate. It also results in greater more effective and successful in risk
sense of ownership of project risk, and team identification.
generally committed to managing risk for 5. Flowchart Method – This method allows for
given time period of project. It is creative dynamic process to be diagrammatically
and unique technique to gather risks represented in paper. This method is
spontaneously by team members. The team generally used to represent activities of
process graphically and sequentially to 2. Budget Risk: Budget related risks refers
simply identify the risk. to the monetary risks mainly it occurs due
to budget overruns. Always the financial
aspect for the project should be managed
as per decided but if financial aspect of
Various Kinds of Risks in Software Development project mismanaged then there budget
The following are the types of risk concerns will arise by giving rise to
in software development: budget risks. So proper finance
distribution and management are required
Various kinds of risks in software development for the success of project otherwise it
may lead to project failure. Some reasons
1. Schedule Risk : Schedule related risks for Budget risks –
refers to time related risks or project  Wrong/Improper budget estimation
delivery related planning risks. The wrong  Unexpected Project Scope expansion
schedule affects the project development  Mismanagement in budget handling
and delivery. These risks are mainly  Cost overruns
indicates to running behind time as a  Improper tracking of Budget
result project development doesn’t 3. Operational Risks : Operational risk
progress timely and it directly impacts to refers to the procedural risks means these
delivery of project. Finally if schedule are the risks which happen in day-to-day
risks are not managed properly it gives operational activities during project
rise to project failure and at last it development due to improper process
affect to organization/company economy implementation or some external
very badly. Some reasons for Schedule operational risks. Some reasons for
risks – Operational risks –
 Time is not estimated perfectly  Insufficient resources
 Improper resource allocation  Conflict between tasks and employees
 Tracking of resources like system,  Improper management of tasks
skill, staff etc  No proper planning about project
 Frequent project scope expansion  Less number of skilled people
 Failure in function identification and  Lack of communication and cooperation
its’ completion  Lack of clarity in roles and
responsibilities
 Insufficient training
4. Technical Risks : Technical risks refers security risks and they have become common
to the functional risk or performance risk in a time.
which means this technical risk mainly 3. Quality Risks: The risk associated with
associated with functionality of product quality is the potential for a product to
or performance part of the software be delivered that does not meet end user
product. Some reasons for Technical risks satisfaction or required criteria.
– 4. Risks associated with Law and
 Frequent changes in requirement Compliance: Rules and laws are often
 Less use of future technologies overlooked when it comes to project
 Less number of skilled employee development. Ignoring them may result in
 High complexity in implementation penalties, legal issues or just a lot of
 Improper integration of modules difficulties.
5. Programmatic Risks : Programmatic risks 5. Cost Risks: Unexpected costs, changes in
refers to the external risk or other the project scope or excess funds may
unavoidable risks. These are the external completely halt your financial plan.
risks which are unavoidable in nature. 6. Market Risks: The effectiveness of your
These risks come from outside and it is programme in the market may be compromised
out of control of programs. Some reasons by evolving technology trends, new
for Programmatic risks – competitors or shifting the customer
 Rapid development of market wants.
 Running out of fund / Limited fund for
project development
 Changes in Government rules/policy
 Loss of contracts due to any reason Risk Mitigation, Monitoring,
More risks associated with software
development and Management (RMMM) plan
1. Communication Risks: Misunderstandings, Last Updated : 22 Mar, 2021
mistakes and a general sense of confusion
can result from inadequate or absent 
communication. RMMM Plan :
2. Security Risks: Vulnerabilities that might A risk management technique is usually seen
compromise the privacy, reliability or in the software Project plan. This can be
accessibility of the set are known as divided into Risk Mitigation, Monitoring, and
Management Plan (RMMM). In this plan, all
works are done as part of risk analysis. As 4. To allocate what problems are caused by
part of the overall project plan project which risks throughout the project.
manager generally uses this RMMM plan. Risk Management and planning :
In some software teams, risk is documented It assumes that the mitigation activity
with the help of a Risk Information Sheet failed and the risk is a reality. This task
(RIS). This RIS is controlled by using a is done by Project manager when risk becomes
database system for easier management of reality and causes severe problems. If the
information i.e creation, priority ordering, project manager effectively uses project
searching, and other analysis. After mitigation to remove risks successfully then
documentation of RMMM and start of a project, it is easier to manage the risks. This shows
risk mitigation and monitoring steps will that the response that will be taken for each
start. risk by a manager. The main objective of the
risk management plan is the risk register.
Risk Mitigation :
This risk register describes and focuses on
It is an activity used to avoid problems
the predicted threats to a software project.
(Risk Avoidance).
Steps for mitigating the risks as follows.
1. Finding out the risk.
2. Removing causes that are the reason for
risk creation.
3. Controlling the corresponding documents
from time to time.
4. Conducting timely reviews to speed up the
work.
Risk Monitoring :
It is an activity used for project tracking.
It has the following primary objectives as
follows.

1. To check if predicted risks occur or not.

2. To ensure proper application of risk
aversion steps defined for risk.
3. To collect data for future risk analysis.
Unit -5 in several machines, with alternative code
Quality management merchandise, etc.
2. Usability: A software has smart usability
if completely different classes of users
What is Software Quality? (i.e. knowledgeable and novice users) will
Software Quality shows how good and reliable simply invoke the functions of the
a product is. To convey an associate degree merchandise.
example, think about functionally correct 3. Reusability: A software has smart
software. It performs all functions as laid reusability if completely different
out in the SRS document. But, it has an modules of the merchandise will simply be
associate degree virtually unusable program. reused to develop new merchandise.
even though it should be functionally 4. Correctness: Software is correct if
correct, we tend not to think about it to be completely different needs as laid out in
a high-quality product. the SRS document are properly enforced.
Another example is also that of a product 5. Maintainability: A software is reparable,
that will have everything that the users if errors may be simply corrected as and
need but has an associate degree virtually once they show up, new functions may be
incomprehensible and not maintainable code. simply added to the merchandise, and
Therefore, the normal construct of quality therefore the functionalities of the
as “fitness of purpose” for code merchandise merchandise may be simply changed, etc
isn’t satisfactory. 6. Reliability: Software is more reliable if
it has fewer failures. Since software
engineers do not deliberately plan for
their software to fail, reliability
Factors of Software Quality depends on the number and type of mistakes
The modern read of high-quality associates they make. Designers can improve
with software many quality factors like the reliability by ensuring the software is
following: easy to implement and change, by testing
it thoroughly, and also by ensuring that
if failures occur, the system can handle
1. Portability: A software is claimed to be them or can recover easily.
transportable, if it may be simply created 7. Efficiency. The more efficient software
to figure in several package environments, is, the less it uses of CPU-time, memory,
disk space, network bandwidth, and other
 resources. This is important to customers Software Quality Assurance (SQA) encompasse s
in order to reduce their costs of running SQA process Specific quality assurance and
the software, although with today’s quality control tasks (including technical
powerful computers, CPU time, memory and reviews and a multitiered testing strategy)
disk usage are less of a concern than in Effective software engineering practice
years gone by. (methods and tools) Control of all software
work products and the changes made to them a
procedure to ensure compliance with software
development standards (when applicable)
measurement and reporting mechanisms
Software Quality Assurance –
Software Engineering Elements of Software Quality Assurance (SQA)
Last Updated : 02 Aug, 2024 1. Standards: The IEEE, ISO, and other
standards organizations have produced a
 broad array of software engineering
Software Quality Assurance (SQA) is simply a standards and related documents. The job
way to assure quality in the software. It is of SQA is to ensure that standards that
the set of activities that ensure processes, have been adopted are followed and that
procedures as well as standards are suitable all work products conform to them.
for the project and implemented correctly. 2. Reviews and audits: Technical reviews are
Software Quality Assurance is a process that a quality control activity performed by
works parallel to Software Development. It software engineers for software engineers.
focuses on improving the process of Their intent is to uncover errors. Audits
development of software so that problems can are a type of review performed by SQA
be prevented before they become major issues. personnel (people employed in an
Software Quality Assurance is a kind of organization) with the intent of ensuring
Umbrella activity that is applied throughout that quality guidelines are being followed
the software process. for software engineering work.
3. Testing: Software testing is a quality
control function that has one primary
goal—to find errors. The job of SQA is to
ensure that testing is properly planned
 and efficiently conducted for primary goal Software Quality Assurance (SQA) Include
of software. 1. A quality management approach.
4. Error/defect collection and analysis : SQA 2. Formal technical reviews.
collects and analyzes error and defect 3. Multi testing strategy.
data to better understand how errors are 4. Effective software engineering technology.
introduced and what software engineering 5. Measurement and reporting mechanism.
activities are best suited to eliminating
them.
5. Change management: SQA ensures that
adequate change management practices have Major Software Quality Assurance (SQA)
been instituted. Activities
6. Education: Every software organization 1. SQA Management Plan: Make a plan for how
wants to improve its software engineering you will carry out the SQA throughout the
practices. A key contributor to project. Think about which set of software
improvement is education of software engineering activities are the best for
engineers, their managers, and other project. check level of SQA team skills.
stakeholders. The SQA organization takes 2. Set The Check Points: SQA team should set
the lead in software process improvement checkpoints. Evaluate the performance of
which is key proponent and sponsor of the project on the basis of collected data
educational programs. on different check points.
7. Security management: SQA ensures that 3. Measure Change Impact: The changes for
appropriate process and technology are making the correction of an error
used to achieve software security. sometimes re introduces more errors keep
8. Safety: SQA may be responsible for the measure of impact of change on
assessing the impact of software failure project. Reset the new change to check the
and for initiating those steps required to compatibility of this fix with whole
reduce risk. project.
9. Risk management : The SQA organization 4. Multi testing Strategy: Do not depend on a
ensures that risk management activities single testing approach. When you have a
are properly conducted and that risk- lot of testing approaches available use
related contingency plans have been them.
established. 5. Manage Good Relations: In the working
environment managing good relations with
other teams involved in the project
 development is mandatory. Bad relation of 6. Improving the process of creating
SQA team with programmers team will impact software.
directly and badly on project. Don’t play 7. Improves the quality of the software.
politics. 8. It cuts maintenance costs. Get the release
6. Maintaining records and right the first time, and your company can
reports: Comprehensively document and forget about it and move on to the next
share all QA records, including test big thing. Release a product with chronic
cases, defects, changes, and cycles, for issues, and your business bogs down in a
stakeholder awareness and future costly, time-consuming, never-ending cycle
reference. of repairs.
7. Reviews software engineering
activities: The SQA group identifies and
documents the processes. The group also Disadvantage of Software Quality Assurance
verifies the correctness of software (SQA)
product. There are a number of disadvantages of
8. Formalize deviation handling: Track and quality assurance.
document software deviations meticulously.  Cost: Some of them include adding more
Follow established procedures for handling resources, which cause the more budget its
variances. not, Addition of more resources For
betterment of the product.
 Time Consuming: Testing and Deployment of
the project taking more time which cause
delay in the project.
Benefits of Software Quality Assurance (SQA)  Overhead : SQA processes can introduce
1. SQA produces high quality software. administrative overhead, requiring
2. High quality application saves time and documentation, reporting, and tracking of
cost. quality metrics. This additional
3. SQA is beneficial for better reliability. administrative burden can sometimes
4. SQA is beneficial in the condition of no outweigh the benefits, especially for
maintenance for a long time. smaller projects.
5. High quality commercial software increase  Resource Intensive : SQA requires skilled
market share of company. personnel with expertise in testing
methodologies, tools, and quality
assurance practices. Acquiring and
 retaining such talent can be challenging Software Review is a systematic inspection of
and expensive. software by one or more individuals who work
 Resistance to Change : Some team members together to find and resolve errors and
may resist the implementation of SQA defects in the software during the early
processes, viewing them as bureaucratic or stages of the Software Development Life Cycle
unnecessary. This resistance can hinder (SDLC). A software review is an essential
the adoption and effectiveness of quality part of the Software Development Life Cycle
assurance practices within an (SDLC) that helps software engineers in
organization. validating the quality, functionality, and
 Not Foolproof : Despite thorough testing other vital features and components of the
and quality assurance efforts, software software. It is a whole process that includes
can still contain defects or testing the software product and it makes
vulnerabilities. SQA cannot guarantee the sure that it meets the requirements stated by
elimination of all bugs or issues in the client.
software products. Usually performed manually, software review
 Complexity : SQA processes can be complex, is used to verify various documents like
especially in large-scale projects with requirements, system designs, codes, test
multiple stakeholders, dependencies, and plans, and test cases.
integration points. Managing the Objectives of Software Review
complexity of quality assurance activities The objective of the software review is:
requires careful planning and 1. To improve the productivity of the
coordination. development team.
2. To make the testing process time and cost-
effective.
3. To make the final software with fewer
defects.
4. To eliminate the inadequacies.
Software Review – Software
Engineering
Last Updated : 29 Jan, 2024


Process of Software Review 2. Management Preparation: To get ready for
the review process, assign roles, gather
resources and provide brief management.
3. Review Planning: Establish the review’s
goals and scope, invite relevant
parties and set a time for the meeting.
4. Preparation: Distribute appropriate
resources, give reviewers time to get
familiar and promote issue identification
to help them prepare.
5. Examination and Exit Evaluation: Reviewers
should collaborate to examine the results,
record concerns, and encourage candid
communication in meetings. It assess the
results, make remedial plans based on flaws
that have been reported and assess the
process’s overall efficacy.
Types of Software Reviews
There are mainly 3 types of software
reviews:
1. Software Peer Review
Peer review is the process of assessing the
technical content and quality of the product
and it is usually conducted by the author of
the work product along with some other
developers.
Software Review process
Peer review is performed in order to examine
or resolve the defects in the software, whose
1. Entry Evaluation: By confirming quality is also checked by other members of
documentation, fulfilling entry the team.
requirements and assessing stakeholder and Peer Review has following types:
team preparation, you can determine the 1. Code Review: Computer source code is
software’s availability. examined in a systematic way.
2. Pair Programming: It is a code review where 3. It can be used to train technical authors.
two developers develop code together at the 4. It can be used to remove process
same platform. inadequacies that encourage defects.
3. Walkthrough: Members of the development
team is guided by author and other
interested parties and the participants ask
questions and make comments about defects.
4. Technical Review: A team of highly
qualified individuals examines the software
product for its client’s use and identifies
technical defects from specifications and
standards.
5. Inspection: In inspection the reviewers
follow a well-defined process to find
defects.
2. Software Management Review
Software Management Review evaluates the work
status. In this section decisions regarding
downstream activities are taken.
3. Software Audit Review
Software Audit Review is a type of external
review in which one or more critics, who are
not a part of the development team, organize
an independent inspection of the software
product and its processes to assess their
compliance with stated specifications and
standards. This is done by managerial level
people.
Advantages of Software Review
1. Defects can be identified earlier stage of
development (especially in formal review).
2. Earlier inspection also reduces the
maintenance cost of software.
 Unit-6 implement all the functionalities of the
Design engineering system.
2. Efficiency: A good software design should
address the resources, time, and cost
optimization issues.
Introduction of Software 3. Flexibility: A good software design should
Design Process – have the ability to adapt and accommodate
changes easily. It includes designing the
Last Updated : 25 Feb, 2024 software in a way, that allows for
modifications, enhancements, and

scalability without requiring significant
Software Design is the process of rework or causing major disruptions to the
transforming user requirements into a existing functionality.
suitable form, which helps the programmer in 4. Understandability: A good design should be
software coding and implementation. During easily understandable, it should be
the software design phase, the design modular, and all the modules are arranged
document is produced, based on the customer in layers.
requirements as documented in the SRS 5. Completeness: The design should have all
document. Hence, this phase aims to the components like data structures,
transform the SRS document into a design modules, external interfaces, etc.
document. 6. Maintainability: A good software design
The following items are designed and aims to create a system that is easy to
documented during the design phase: understand, modify, and maintain over
1. Different modules are required. time. This involves using modular and
2. Control relationships among modules. well-structured design principles
3. Interface among different modules. e.g.,(employing appropriate naming
4. Data structure among the different conventions and providing clear
modules. documentation). Maintainability in
5. Algorithms are required to be implemented Software and design also enables
among the individual modules. developers to fix bugs, enhance features,
Objectives of Software Design and adapt the software to changing
1. Correctness: A good design should be requirements without excessive effort or
correct i.e., it should correctly introducing new issues.
Software Design Concepts Software Design Concepts

Concepts are defined as a principal idea or

invention that comes into our mind or in Points to be Considered While Designing
thought to understand something. Software
The software design concept simply means the 1. Abstraction (Hide Irrelevant
idea or principle behind the design. It data): Abstraction simply means to hide
describes how you plan to solve the problem the details to reduce complexity and
of designing software, and the logic, or increase efficiency or quality. Different
thinking behind how you will design levels of Abstraction are necessary and
software. It allows the software engineer to must be applied at each stage of the
create the model of the system software or design process so that any error that is
product that is to be developed or built. present can be removed to increase the
The software design concept provides a efficiency of the software solution and to
supporting and essential structure or model refine the software solution. The solution
for developing the right software. There are should be described in broad ways that
many concepts of software design and some of cover a wide range of different things at
them are given below: a higher level of abstraction and a more
detailed description of a solution of
software should be given at the lower
level of abstraction.
2. Modularity (subdivide the
system): Modularity simply means dividing
the system or project into smaller parts
to reduce the complexity of the system or
project. In the same way, modularity in
design means subdividing a system into
smaller parts so that these parts can be
created independently and then use these
parts in different systems to perform
different functions. It is necessary to
divide the software into components known
as modules because nowadays, there are
different software available like
Monolithic software that is hard to grasp
 for software engineers. So, modularity in a solution to a common recurring problem
design has now become a trend and is also within a certain context.
important. If the system contains fewer 6. Information Hiding (Hide the
components then it would mean the system Information): Information hiding simply
is complex which requires a lot of effort means to hide the information so that it
(cost) but if we can divide the system cannot be accessed by an unwanted party.
into components then the cost would be In software design, information hiding is
small. achieved by designing the modules in a
3. Architecture (design a structure of manner that the information gathered or
something): Architecture simply means a contained in one module is hidden and
technique to design a structure of can’t be accessed by any other modules.
something. Architecture in designing 7. Refactoring (Reconstruct
software is a concept that focuses on something): Refactoring simply means
various elements and the data of the reconstructing something in such a way
structure. These components interact with that it does not affect the behavior of
each other and use the data of the any other features. Refactoring in
structure in architecture. software design means reconstructing the
4. Refinement (removes design to reduce complexity and simplify
impurities): Refinement simply means to it without impacting the behavior or its
refine something to remove any impurities functions. Fowler has defined refactoring
if present and increase the quality. The as “the process of changing a software
refinement concept of software design is a system in a way that it won’t impact the
process of developing or presenting the behavior of the design and improves the
software or system in a detailed manner internal structure”.
which means elaborating a system or
software. Refinement is very necessary to Different levels of Software Design
find out any error if present and then to There are three different levels of software
reduce it. design. They are:
5. Pattern (a Repeated form): A pattern 1. Architectural Design: The architecture of
simply means a repeated form or design in a system can be viewed as the overall
which the same shape is repeated several structure of the system and the way in
times to form a pattern. The pattern in which structure provides conceptual
the design process means the repetition of integrity of the system. The architectural
design identifies the software as a system
 with many components interacting with each of defining a collection of hardware and
other. At this level, the designers get software components and their interfaces to
the idea of the proposed solution establish the framework for the development
domain. of a computer system.” The software that is
2. Preliminary or high-level design: Here the built for computer-based systems can exhibit
problem is decomposed into a set of one of these many architectural styles.
modules, the control relationship among System Category Consists of
various modules identified, and also the  A set of components(eg: a database,
interfaces among various modules are computational modules) that will perform a
identified. The outcome of this stage is function required by the system.
called the program architecture. Design  The set of connectors will help in
representation techniques used in this coordination, communication, and
stage are structure chart and UML. cooperation between the components.
3. Detailed design: Once the high-level  Conditions that how components can be
design is complete, a detailed design is integrated to form the system.
undertaken. In detailed design, each  Semantic models that help the designer to
module is examined carefully to design the understand the overall properties of the
data structure and algorithms. The stage system.
outcome is documented in the form of a The use of architectural styles is to
module specification document. establish a structure for all the components
of the system.
Taxonomy of Architectural Styles
1] Data centered architectures:
 A data store will reside at the center of

Architectural Design – this architecture and is accessed

frequently by the other components that
Software Engineering update, add, delete, or modify the data
present within the store.
Last Updated : 22 Apr, 2024  The figure illustrates a typical data-


centered style. The client software
The software needs an architectural design to accesses a central repository. Variations
represent the design of the software. IEEE of this approach are used to transform the
defines architectural design as “the process repository into a blackboard when data
related to the client or data of interest
 for the client change the notifications to filter and it has a set of components
client software. called filters connected by lines.
 This data-centered architecture will  Pipes are used to transmitting data from
promote integrability. This means that the one component to the next.
existing components can be changed and new  Each filter will work independently and is
client components can be added to the designed to take data input of a certain
architecture without the permission or form and produces data output to the next
concern of other clients. filter of a specified form. The filters
 Data can be passed among clients using the don’t require any knowledge of the working
blackboard mechanism. of neighboring filters.
Advantages of Data centered architecture:  If the data flow degenerates into a single
 Repository of data is independent of line of transforms, then it is termed as
clients batch sequential. This structure accepts
 Client work independent of each other the batch of data and then applies a series
 It may be simple to add additional clients. of sequential components to transform it.
 Modification can be very easy Advantages of Data Flow architecture:
 It encourages upkeep, repurposing, and
modification.
 With this design, concurrent execution is
supported.
Disadvantage of Data Flow architecture:
 It frequently degenerates to batch
sequential system
 Data flow architecture does not allow
Data centered architecture applications that require greater user
engagement.
 It is not easy to coordinate two different
2] Data flow architectures:
but related streams
 This kind of architecture is used when
input data is transformed into output data
through a series of computational
manipulative components.
 The figure represents pipe-and-filter
architecture since it uses both pipe and
 Data Flow architecture

3] Call and Return architectures

It is used to create a program that is easy
to scale and modify. Many sub-styles exist 4] Object Oriented architecture
within this category. Two of them are The components of a system encapsulate data
explained below. and the operations that must be applied to
 Remote procedure call architecture: This manipulate the data. The coordination and
components is used to present in a main communication between the components are
program or sub program architecture established via the message passing.
distributed among multiple computers on a Characteristics of Object Oriented
network. architecture:
 Main program or Subprogram  Object protect the system’s integrity.
architectures: The main program structure  An object is unaware of the depiction of
decomposes into number of subprograms or other items.
function into a control hierarchy. Main Advantage of Object Oriented architecture:
program contains number of subprograms that  It enables the designer to separate a
can invoke other components. challenge into a collection of autonomous
objects.
 Other objects are aware of the
implementation details of the object,
allowing changes to be made without having
an impact on other objects.
5] Layered architecture
 A number of different layers are defined
with each layer performing a well-defined
set of operations. Each layer will do some
operations that becomes closer to machine
instruction set progressively.
 At the outer layer, components will receive
the user interface operations and at the
inner layers, components will perform the
operating system interfacing(communication
and coordination with OS)
 Intermediate layers to utility services and
application software functions.
 One common example of this architectural
style is OSI-ISO (Open Systems
Interconnection-International Organisation
for Standardisation) communication system.

Layered architecture
  Different Types of Software Testing
Techniques
 Different Levels of Software Testing
 Best Practices for Software Testing
 Benefits of Software Testing
 Conclusion
Unit-7
 Frequently Asked Questions on Software
Testing Testing
The process of software testing aims not only
at finding faults in the existing software
What is Software Testing? but also at finding measures to improve the
software in terms of efficiency, accuracy,
Last Updated : 25 Jul, 2024 and usability. The article focuses on
discussing Software Testing in detail.

It is important to learn the basics whether
Software testing is an important process in it is software testing or anything else you
the software development lifecycle . It
always need to start from the basics and make
involves verifying and validating that
a software application is free of bugs, meets your foundation strong and then proceed to
the technical requirements set by the advance level. If you want to learn
its design and development , and satisfies software testing in a structure approach then
user requirements efficiently and you can enroll in our manual to automation
effectively. testing course.
This process ensures that the application can What is Software Testing?
handle all exceptional and boundary cases,
Software Testing is a method to assess the
providing a robust and reliable user
functionality of the software program. The
experience. By systematically identifying and
process checks whether the actual software
fixing issues, software testing helps deliver
matches the expected requirements and ensures
high-quality software that performs as
the software is bug-free. The purpose of
expected in various scenarios.
software testing is to identify the errors,
Table of Content faults, or missing requirements in contrast
 What is Software Testing? to actual requirements. It mainly aims at
 Different Types Of Software Testing measuring the specification, functionality,
and performance of a software program or high performance which results in saving
application. time, costs, and customer satisfaction.
Perform end-to-end test automation, including  Helps with scalability: Software testing
AI-powered codeless testing, mobile app, type non-functional testing helps to
cross-browser, visual UI testing, and more identify the scalability issues and the
with TestGrid . It is a highly secure and point where an application might stop
scalable software testing tool that offers working.
extensive integration with CI/CD  Saves time and money: After the application
pipelines for continuous testing. is launched it will be very difficult to
Software testing can be divided into two trace and resolve the issues, as performing
steps this activity will incur more costs and
1. Verification: It refers to the set of tasks time. Thus, it is better to conduct
that ensure that the software correctly software testing at regular intervals
implements a specific function. It means during software development.
“Are we building the product right?”.
2. Validation: It refers to a different set of
tasks that ensure that the software that
Different Types Of Software Testing
has been built is traceable to customer
requirements. It means “Are we building the Explore diverse software testing methods
right product?”. including manual and automated testing for
Importance of Software Testing improved quality assurance . Enhance
software reliability and performance through
 Defects can be identified early: Software
functional and non-functional testing,
testing is important because if there are
ensuring user satisfaction. Learn about the
any bugs they can be identified early and
significance of various testing approaches
can be fixed before the delivery of the
for robust software development.
software.
 Improves quality of software: Software
Testing uncovers the defects in the
software, and fixing them improves the
quality of the software.
 Increased customer satisfaction: Software
testing ensures reliability, security, and
 1. Functional testing : It is a type of
software testing that validates the
software systems against the functional
requirements. It is performed to check
whether the application is working as per
the software’s functional requirements or
not. Various types of functional testing
are Unit testing, Integration testing,
System testing, Smoke testing, and so on.
2. Non-functional testing : It is a type of
software testing that checks the
application for non-functional
requirements like performance,
scalability, portability, stress, etc.
Various types of non-functional testing
are Performance testing, Stress testing,
Usability Testing, and so on.
3. Maintenance testing : It is the process of
changing, modifying, and updating the
software to keep up with the customer’s
needs. It involves regression testing that
verifies that recent changes to the code
have not adversely affected other
previously working parts of the software.
Apart from the above classification software
testing can be further divided into 2 more
ways of testing:
1. Manual testing : It includes testing
software manually, i.e., without using any
Types Of Software Testing automation tool or script. In this type,
the tester takes over the role of an end-
Software Testing can be broadly classified user and tests the software to identify
into 3 types: any unexpected behavior or bug. There are
different stages for manual testing such
 as unit testing, integration testing, code, and is conducted by making sure that
system testing, and user acceptance all internal operations are performed
testing. Testers use test plans, test according to the specifications is known
cases, or test scenarios to test software as white box testing.
to ensure the completeness of testing. 3. Grey Box Testing : Testing in which the
Manual testing also includes exploratory testers should have knowledge of
testing, as testers explore the software implementation, however, they need not be
to identify errors in it. experts.
2. Automation testing : It is also known as
Black Box White Box
Test Automation, is when the tester writes
scripts and uses another software to test S No. Testing Testing
the product. This process involves the
automation of a manual process. Automation Internal Knowledge of the
Testing is used to re-run the test workings of an internal
scenarios quickly and repeatedly, that 1
application are workings is a
were performed manually in manual testing. not required. must.
Apart from Regression testing , Automation
testing is also used to test the application
from a load, performance, and stress point Also known as Also known as
of view. It increases the test coverage, closed clear
improves accuracy, and saves time and money 2
box/data-driven box/structural
when compared to manual testing. testing. testing.
Different Types of Software Testing Techniques
Software testing techniques can be majorly
classified into two categories: End users, Normally done by
1. Black box Testing : Testing in which the 3 testers, and testers and
tester doesn’t have access to the source developers. developers.
code of the software and is conducted at
the software interface without any concern
with the internal logical structure of the Data domains and
software known as black-box testing. 4 This can only
internal
2. White box Testing : Testing in which the be done by a
boundaries can
tester is aware of the internal workings
of the product, has access to its source
 and assess whether it is acceptable for
Black Box White Box
delivery.
S No. Testing Testing Best Practices for Software Testing
Below are some of the best practices for
trial and error be better software testing:
 Continuous testing : Project teams test
method. tested.
each build as it becomes available thus it
enables software to be validated in real
Different Levels of Software Testing environments earlier in the development
Software level testing can be majorly cycle, reducing risks and improving the
classified into 4 levels: functionality and design.
1. Unit testing : It a level of the software  Involve users: It is very important for
testing process where individual the developers to involve users in the
units/components of a software/system are process and open-ended questions about the
tested. The purpose is to validate that functionality required in the application.
each unit of the software performs as This will help to develop and test the
designed. software from the customer’s perspective.
2. Integration testing : It is a level of the  Divide tests into smaller parts: Dividing
software testing process where individual tests into smaller fractions save time and
units are combined and tested as a group. other resources in environments where
The purpose of this level of testing is to frequent testing needs to be conducted.
expose faults in the interaction between This also helps teams to make better
integrated units. analyses of the tests and the test
3. System testing : It is a level of the results.
software testing process where a complete,  Metrics and Reporting: Reporting enables
integrated system/software is tested. The the team members to share goals and test
purpose of this test is to evaluate the results. Advanced tools integrate the
system’s compliance with the specified project metrics and present an integrated
requirements. report in the dashboard that can be easily
4. Acceptance testing : It is a level of the reviewed by the team members to see the
software testing process where a system is overall health of the project.
tested for acceptability. The purpose of  Don’t skip regression testing: Regression
this test is to evaluate the system’s testing is one of the most important steps
compliance with the business requirements as it encourages the validation of the
 application. Thus, it should not be long term. If the bugs are caught in the
skipped. early phases of software testing, it costs
 Programmers should avoid writing tests: less to fix those errors.
Test cases are usually written before the  Security: Security testing is a type of
start of the coding phase so it is software testing that is focused on
considered a best practice for programmers testing the application for security
to avoid writing test cases as they can be vulnerabilities from internal or external
biased towards their code and the sources.
application.
 Service virtualization: Service
virtualization simulates the systems and
services that are not yet developed or are
missing. Thus, enabling teams to reduce
dependency and start the testing process
sooner. They can modify, and reuse the Software Testing Strategies
configuration to test different scenarios
without having to alter the original Last Updated : 06 Feb, 2023
environment. 
Benefits of Software Testing
Software testing is the process of evaluating
 Product quality: Testing ensures the
a software application to identify if it
delivery of a high-quality product as the meets specified requirements and to identify
errors are discovered and fixed early in any defects. The following are common testing
the development cycle. strategies:
 Customer satisfaction: Software testing
aims to detect the errors or 1. Black box testing – Tests the functionality
vulnerabilities in the software early in of the software without looking at the
the development phase so that the detected internal code structure.
bugs can be fixed before the delivery of 2. White box testing – Tests the internal code
the product. Usability testing is a type structure and logic of the software.
of software testing that checks the 3. Unit testing – Tests individual units or
application for how easily usable it is components of the software to ensure they
for the users to use the application. are functioning as intended.
 Cost-effective: Testing any project on
time helps to save money and time for the
4. Integration testing – Tests the integration or not and does it fulfill the requirements
of different components of the software to or not is called testing.
ensure they work together as a system.  When the number of errors found during the
5. Functional testing – Tests the functional testing is high, it indicates that the
requirements of the software to ensure they testing was good and is a sign of good test
are met. case.
6. System testing – Tests the complete  Finding an unknown error that wasn’t
software system to ensure it meets the discovered yet is a sign of a successful
specified requirements. and a good test case.
7. Acceptance testing – Tests the software to The main objective of software testing is to
ensure it meets the customer’s or end- design the tests in such a way that it
user’s expectations. systematically finds different types of
8. Regression testing – Tests the software errors without taking much time and effort so
after changes or modifications have been that less time is required for the
made to ensure the changes have not development of the software. The overall
introduced new defects. strategy for testing software includes:
9. Performance testing – Tests the software to
determine its performance characteristics
such as speed, scalability, and stability.
10. Security testing – Tests the software to
identify vulnerabilities and ensure it
meets security requirements.
Software Testing is a type of investigation
to find out if there is any default or error
present in the software so that the errors
can be reduced or removed to increase the
quality of the software and to check whether
it fulfills the specifies requirements or
not.
According to Glen Myers, software testing has
the following objectives:
 The process of investigating and checking a
program to find whether there is an error
 the product in a quantifiable
manner. Different characteristics quality
of the software is there such as
maintainability that means the ability to
update and modify, the probability that
means to find and estimate any risk, and
usability that means how it can easily be
used by the customers or end-users. All
these characteristic qualities should be
specified in a particular order to obtain
clear test results without any error.
2. Specifying the objectives of testing in a
clear and detailed manner. Several
objectives of testing are there such as
effectiveness that means how effectively
the software can achieve the target, any
failure that means inability to fulfill the
requirements and perform functions, and the
cost of defects or errors that mean the
cost required to fix the error. All these
objectives should be clearly mentioned in
the test plan.
3. For the software, identifying the user’s
category and developing a profile for each
user. Use cases describe the interactions
and communication among different classes
of users and the system to achieve the
target. So as to identify the actual
requirement of the users and then testing
the actual use of the product.
4. Developing a test plan to give value and
focus on rapid-cycle testing. Rapid Cycle
1. Before testing starts, it’s necessary to Testing is a type of test that improves
identify and specify the requirements of quality by identifying and measuring the
 any changes that need to be required for 8. For the testing process, developing a
improving the process of software. approach for the continuous development. As
Therefore, a test plan is an important and a part of a statistical process control
effective document that helps the tester to approach, a test strategy that is already
perform rapid cycle testing. measured should be used for software
5. Robust software is developed that is testing to measure and control the quality
designed to test itself. The software during the development of software.
should be capable of detecting or
identifying different classes of errors. Advantages or Disadvantages:
Moreover, software design should allow
automated and regression testing which
Advantages of software testing:
tests the software to find out if there is
any adverse or side effect on the features
of software due to any change in code or 1. Improves software quality and reliability –
program. Testing helps to identify and fix defects
6. Before testing, using effective formal early in the development process, reducing
reviews as a filter. Formal technical the risk of failure or unexpected behavior
reviews is technique to identify the errors in the final product.
that are not discovered yet. The effective 2. Enhances user experience – Testing helps to
technical reviews conducted before testing identify usability issues and improve the
reduces a significant amount of testing overall user experience.
efforts and time duration required for 3. Increases confidence – By testing the
testing software so that the overall software, developers and stakeholders can
development time of software is reduced. have confidence that the software meets the
7. Conduct formal technical reviews to requirements and works as intended.
evaluate the nature, quality or ability of 4. Facilitates maintenance – By identifying
the test strategy and test cases. The and fixing defects early, testing makes it
formal technical review helps in detecting easier to maintain and update the software.
any unfilled gap in the testing approach. 5. Reduces costs – Finding and fixing defects
Hence, it is necessary to evaluate the early in the development process is less
ability and quality of the test strategy expensive than fixing them later in the
and test cases by technical reviewers to life cycle.
improve the quality of software.
 Disadvantages of software testing: ensures that the software meets the
specified requirements. The article focuses
1. Time-consuming – Testing can take a on discussing Conventional testing in
significant amount of time, particularly if detail.
thorough testing is performed. What is Conventional Testing?
2. Resource-intensive – Testing requires Conventional testing is defined as
specialized skills and resources, which can traditional testing where the main aim is to
be expensive. check whether all the requirements stated by
3. Limited coverage – Testing can only reveal the user are achieved.
defects that are present in the test cases,  The difference between conventional
and it is possible for defects to be testing and other testing approach is that
missed. it concentrates on checking all the
4. Unpredictable results – The outcome of requirements given by the user rather than
testing is not always predictable, and following a software development life
defects can be hard to replicate and fix. cycle.
5. Delays in delivery – Testing can delay the  Conventional testing mainly focuses on
delivery of the software if testing takes functional testing.
longer than expected or if significant  This testing is being performed by a
defects are identified. dedicated team of software testers.

What is Conventional Testing?

Last Updated : 07 Aug, 2023


Conventional testing also known as the
Traditional approach of software testing
involves a series of activities that aim to
identify the defects in the software and
Stages of Conventional Testing resources that will be required for
performing testing.
2. Requirement Analysis
Software Requirements are being analyzed in
this phase. These requirements help to
identify the scope of testing and risks and
for the preparation of test cases.
3. Design
In this stage, test cases are designed. If
the test cases are successful it means that
test cases are achieved. If not test cases
are failed to achieve.
4. Execution
Execution is the process where test cases
are executed. The errors encountered during
execution are documented.
5. Reporting
In reporting phase, all the documented
errors are sent to the development team for
fixing.
6. Retesting
Retesting is the stage where all the test
cases are performed again. It checks whether
all the failed test cases meet. All the
requirements specified by the user are
achieved.
Conventional testing follows a sequential
approach. It consists of various stages. 7. Release
Such as In the last stage, the software is released
1. Planning for the users. It is verified that all the
requirements stated by the user or client
Planning is the first stage of conventional
are successfully working before the release
testing. This stage consists of planning
of the software product.
regarding the objective of testing
developing a complete test plan and
Types of Conventional Testing again in order to check that the changes
1. Unit Testing made are being fixed and the system is
Unit Testing is defined as a type of testing working accordingly.
where the various modules and units are Benefits of Conventional Testing
being tested individually. Unit testing 1. Cost Effective: Conventional Testing is
makes sure that each individual component of cost-effective as manual testing is being
the system works well and eventually checks used. Manual testing requires less
whether all the requirements stated by financial investment as compared to
clients are achieved successfully. automation testing.
2. Integration Testing 2. Flexible: Conventional testing has the
Integration Testing is defined as a type of advantage of flexibility. Manual testing
testing where multiple modules or components has the ability to adopt the changes that
are tested together in order to check that take place while testing the product.
they work accordingly once integrated with 3. Testing of Non-functional Requirements
each other. It makes sure that interaction also: Manual testing can test functional
and communication between different modules as well as non-functional requirements
work well. such as accessibility, and usability which
3. Performance Testing is different from automation testing.
Performance Testing is defined as a type of 4. Understanding User Experience more
testing that checks for performance-related effectively: Conventional Testing makes
parameters for a software product. use of manual testing which helps to
Performance testing helps to find out the understand the user experience more
loopholes in the system and improve effectively as the manual tester can test
performance. the requirements with multiple scenarios.
4. Acceptance Testing 5. Provides better communication between
testers and developers: Manual testing
Acceptance Testing is defined as a type of
allows better communication between
testing that is used to check the
testers, developers, and other clients
requirements according to the user’s point
regarding issues and wrong outputs.
of view. It makes sure that all requirements
Limitations of Conventional Testing
specified by the user are achieved.
1. Time-consuming: Conventional Testing can
5. Regression Testing
be time-consuming as with manual testing
Regression Testing is defined as a type of it can take more time for large
testing in which test cases are executed
 applications and accordingly delay further Boehm described verification and validation as
deployment process of the project. the following:
2. Subjective: The manual tester performing Verification: Are we building the product
the testing can have their own views and right?
opinions which can in turn result in the Validation: Are we building the right product?
quality of testing that is being Table of Content
performed.
 Verification
3. Repetitive: Manual testing can lead to
 Validation
repetition by performing the testing for
 Questions For Practice
the same test cases. It can consume more
 Conclusion
time than it is required.
 Frequently Asked Questions
4. Limited Coverage: Manual testing can miss
Verification
some of the test cases and it will be not
Verification is the process of checking that
notified by the tester. This can result in
software achieves its goal without any bugs.
delivering the software product with
It is the process to ensure whether the product
errors or untasted test cases.
that is developed is right or not. It verifies
whether the developed product fulfills the
requirements that we have. Verification is
simply known as Static Testing.
Static Testing
Verification Testing is known as Static
Testing and it can be simply termed as checking
whether we are developing the right product or
erification and Validation in not and also whether our software is fulfilling
Software Engineering the customer’s requirement or not. Here are
some of the activities that are involved in
Last Updated : 19 Jun, 2024 verification.
 Inspections
  Reviews
Verification and Validation is the process of  Walkthroughs
investigating whether a software system  Desk-checking
satisfies specifications and standards and
fulfills the required purpose. Barry
 Dynamic Testing
Validation Testing is known as Dynamic
Testing in which we examine whether we have
developed the product right or not and also
about the business needs of the client. Here
are some of the activities that are involved
in Validation.
1. Black Box Testing
2. White Box Testing
3. Unit Testing
4. Integration Testing
Note: Verification is followed by Validation.

System Testing – Software

Engineering
Verification and Validation
Last Updated : 30 Jul, 2024
Validation

Validation is the process of checking whether System testing is a type of software testing
the software product is up to the mark or in that evaluates the overall functionality and
other words product has high-level performance of a complete and fully
requirements. It is the process of checking integrated software solution. It tests if
the validation of the product i.e. it checks the system meets the specified requirements
what we are developing is the right product. and if it is suitable for delivery to the
it is a validation of actual and expected end-users. This type of testing is performed
products. Validation is simply known after the integration testing and before the
as Dynamic Testing. acceptance testing.
Table of Content that is independent of the development
 What is System Testing? team and helps to test the quality of the
 System Testing Process system impartial.
 Types of System Testing  It has both functional and non-functional

 Tools used for System Testing

testing. System Testing is a black-box
 Advantages of System Testing
testing . System Testing is performed
 Disadvantages of System Testing after the integration testing and before
What is System Testing ? the acceptance testing.
System Testing is a type of software System testing is evergreen role in software
testing that is performed on a completely engineering because every software is needed
integrated system to evaluate the compliance to test and very update is needed to test so
of the system with the corresponding the demand of the software tester is always
requirements. In system testing, integration needed. If you wish to learn software
testing passed components are taken as testing from the scratch and want to grab a
input. good grip on testing tools and concept you
 The goal of integration testing is to
can check our new software testing course
detect any irregularity between the units
that are integrated. System testing
detects defects within both the integrated
units and the whole system. The result of
system testing is the observed behavior of
a component or a system when it is tested.
 System Testing is carried out on the whole
system in the context of either system
requirement specifications or functional
requirement specifications or the context
of both. System testing tests the design
and behavior of the system and also the
expectations of the customer.
 It is performed to test the system beyond
the bounds mentioned in the software
requirements specification (SRS) . System
Testing is performed by a testing team
 System Testing

System Testing Process

System Testing is performed in the following
steps:
 Test Environment Setup: Create testing
environment for the better quality
testing.
 Create Test Case: Generate test case for
the testing process.
 Create Test Data: Generate the data that
is to be tested.
 Execute Test Case: After the generation of
the test case and the test data, test
cases are executed.
 Defect Reporting: Defects in the system
are detected.
 Regression Testing: It is carried out to
test the side effects of the testing
process.
 Log Defects: Defects are fixed in this
step.
 Retest: If the test is not successful then
again test is performed.

System Testing Process

Types of System Testing

 Performance Testing: Performance Testing
is a type of software testing that is
 carried out to test the speed, Advantages of System Testing
scalability, stability and reliability of  The testers do not require more knowledge
the software product or application. of programming to carry out this testing.
 Load Testing: Load Testing is a type of  It will test the entire product or
software Testing which is carried out to software so that we will easily detect the
determine the behavior of a system or errors or defects which cannot be
software product under extreme load. identified during the unit testing and
 Stress Testing: Stress Testing is a type integration testing.
of software testing performed to check the  The testing environment is similar to that
robustness of the system under the varying of the real time production or business
loads. environment.
 Scalability Testing: Scalability Testing  It checks the entire functionality of the
is a type of software testing which is system with different test scripts and
carried out to check the performance of a also it covers the technical and business
software application or system in terms of requirements of clients.
its capability to scale up or scale down  After this testing, the product will
the number of user request load. almost cover all the possible bugs or
Tools used for System Testing errors and hence the development team will
1. JMeter confidently go ahead with acceptance
2. Gallen Framework testing
3. HP Quality Center/ALM  Verifies the overall functionality of the
4. IBM Rational Quality Manager system.
5. Microsoft Test Manager  Detects and identifies system-level
6. Selenium problems early in the development cycle.
7. Appium  Helps to validate the requirements and
8. LoadRunner ensure the system meets the user needs.
9. Gatling  Improves system reliability and quality.
10. JMeter  Facilitates collaboration and
11. Apache JServ communication between development and
12. SoapUI testing teams.
Note: The choice of tool depends on various  Enhances the overall performance of the
factors like the technology used, the size system.
of the project, the budget, and the testing  Increases user confidence and reduces
requirements. risks.
 Facilitates early detection and resolution
of bugs and defects.
 Supports the identification of system-
level dependencies and inter-module
interactions.
 Improves the system’s maintainability and
What is Black Box Testing?
scalability.
Disadvantages of System Testing Black-box testing is a type of software
 This testing is time consuming process
testing in which the tester is not concerned
than another testing techniques since it with the software’s internal knowledge or
checks the entire product or software. implementation details but rather focuses on
 The cost for the testing will be high
validating the functionality based on the
since it covers the testing of entire provided specifications or requirements.
software.
 It needs good debugging tool otherwise the
hidden errors will not be found.
 Can be time-consuming and expensive.
 Requires adequate resources and
infrastructure.
 Can be complex and challenging, especially
for large and complex systems.
 Dependent on the quality of requirements
and design documents.
 Limited visibility into the internal
workings of the system.
 Can be impacted by external factors like
hardware and network configurations.
 Requires proper planning, coordination, Black Box Testing
and execution.
 Can be impacted by changes made during Types Of Black Box Testing
development. The following are the several categories of
 Requires specialized skills and expertise. black box testing:
 May require multiple test cycles to 1. Functional Testing
achieve desired results.
2. Regression Testing Regression Testing
3. Nonfunctional Testing (NFT)  Regression Testing is the process of
Before we move in depth of the Black box testing the modified parts of the code and
testing do you known that their are many the parts that might get affected due to
different type of testing used in industry the modifications to ensure that no new
and some automation testing tools are there errors have been introduced in the
which automate the most of testing so if you software after the modifications have been
wish to learn the latest industry level made.
 Regression means the return of something
tools then you check-out our manual to
automation testing course in which you will and in the software field, it refers to
the return of a bug. It ensures that the
learn all these concept and tools
newly added code is compatible with the
Functional Testing existing code.
 Functional testing is defined as a type of  In other words, a new software update has
testing that verifies that each function no impact on the functionality of the
of the software application works in software. This is carried out after a
conformance with the requirement and system maintenance operation and upgrades.
specification. Nonfunctional Testing
 This testing is not concerned with the  Non-functional testing is a software
source code of the application. Each testing technique that checks the non-
functionality of the software application functional attributes of the system.
is tested by providing appropriate test  Non-functional testing is defined as a
input, expecting the output, and comparing type of software testing to check non-
the actual output with the expected functional aspects of a software
output. application.
 This testing focuses on checking the user  It is designed to test the readiness of a
interface, APIs, database, security, system as per nonfunctional parameters
client or server application, and which are never addressed by functional
functionality of the Application Under testing.
Test. Functional testing can be manual or  Non-functional testing is as important as
automated. It determines the system’s functional testing.
software functional requirements.  Non-functional testing is also known as
NFT. This testing is not functional
 testing of software. It focuses on the
software’s performance, usability, and
scalability.
Advantages of Black Box Testing
 The tester does not need to have more Tools Used for Black Box Testing:
functional knowledge or programming skills 1. Appium
to implement the Black Box Testing. 2. Selenium
 It is efficient for implementing the tests 3. Microsoft Coded UI
in the larger system. 4. Applitools
 Tests are executed from the user’s or 5. HP QTP .
client’s point of view.
 Test cases are easily reproducible.
 It is used to find the ambiguity and
contradictions in the functional
specifications. What is White Box
Disadvantages of Black Box Testing
 There is a possibility of repeating the
Testing?
White box testing is a software testing
same tests while implementing the testing
technique that involves testing the internal
process.
structure and workings of a software
 Without clear functional specifications,
application . The tester has access to the
test cases are difficult to implement.
source code and uses this knowledge to
 It is difficult to execute the test cases
design test cases that can verify the
because of complex inputs at different
correctness of the software at the code
stages of testing.
level.
 Sometimes, the reason for the test failure
cannot be detected.
 Some programs in the application are not
tested.
 It does not reveal the errors in the
control structure.
 Working with a large sample space of
inputs can be exhaustive and consumes a
lot of time.
White box testing is also known Ensures the software is developed using
as structural testing or code-based secure practices.
testing, and it is used to test the  Loop Testing: Checks the loops in the
software’s internal logic, flow, and program to make sure they work correctly
structure. The tester creates test cases to and efficiently. Ensures that loops handle
examine the code paths and logic flows to variables properly within their scope.
ensure they meet the specified requirements.  Data Flow Testing: Follows the path of
Before we move in depth of the white box variables through the program to ensure
testing do you known that their are many they are declared, initialized, used, and
different type of testing used in industry manipulated correctly.
and some automation testing tools are there Types Of White Box Testing
which automate the most of testing so if you White box testing can be done for different
wish to learn the latest industry level purposes. The three main types are:
tools then you check-out our manual to 1. Unit Testing
2. Integration Testing
automation testing course in which you will
3. Regression Testing
learn all these concept and tools
What Does White Box Testing Focus On?
White box testing uses detailed knowledge of
a software’s inner workings to create very
specific test cases.
 Path Checking: Examines the different
routes the program can take when it runs.
Ensures that all decisions made by the
program are correct, necessary, and
efficient.
 Output Validation: Tests different inputs
to see if the function gives the right
output each time.
 Security Testing: Uses techniques like
static code analysis to find and fix
potential security issues in the software.
  Done after unit testing to make sure
components work well both alone and
together.
Regression Testing
 Verifies that changes or updates don’t
break existing functionality.
 Ensures the application still passes all
existing tests after updates.
White Box Testing Techniques

White Box Testing Techniques

One of the main benefits of white box
testing is that it allows for testing every
part of an application. To achieve complete
code coverage, white box testing uses the
following techniques:
1. Statement Coverage
In this technique, the aim is to traverse
all statements at least once. Hence, each
line of code is tested. In the case of a
flowchart, every node must be traversed at
Types Of White Box Testing
least once. Since all lines of code are
covered, it helps in pointing out faulty
code.
Unit Testing
 Checks if each part or function of the
application works correctly.
 Ensures the application meets design
requirements during development.
Integration Testing
 Examines how different parts of the
application work together.
 Statement Coverage Example

2. Branch Coverage
In this technique, test cases are designed
so that each branch from all decision points
is traversed at least once. In a flowchart,
all edges must be traversed at least once. 4 test cases are required such that all branches of all decisions

are covered, i.e, all edges of the flowchart are covered

3. Condition Coverage  V(G) = P + 1, where P is the number of
In this technique, all individual conditions predicate nodes in the flow graph
must be covered as shown in the following  V(G) = E – N + 2, where E is the number of
example: edges and N is the total number of nodes
 READ X, Y  V(G) = Number of non-overlapping regions
 IF(X == 0 || Y == 0) in the graph
 PRINT ‘0’  #P1: 1 – 2 – 4 – 7 – 8
 #TC1 – X = 0, Y = 55  #P2: 1 – 2 – 3 – 5 – 7 – 8
 #TC2 – X = 5, Y = 0  #P3: 1 – 2 – 3 – 6 – 7 – 8
4. Multiple Condition Coverage  #P4: 1 – 2 – 4 – 7 – 1 – . . . – 7 – 8
In this technique, all the possible 6. Loop Testing
combinations of the possible outcomes of Loops are widely used and these are
conditions are tested at least once. Let’s fundamental to many algorithms hence, their
consider the following example: testing is very important. Errors often
 READ X, Y occur at the beginnings and ends of loops.
 IF(X == 0 || Y == 0)  Simple loops: For simple loops of size n,
 PRINT ‘0’ test cases are designed that:
 #TC1: X = 0, Y = 0 1. Skip the loop entirely
 #TC2: X = 0, Y = 5 2. Only one pass through the loop
 #TC3: X = 55, Y = 0 3. 2 passes
 #TC4: X = 55, Y = 5 4. m passes, where m < n
5. Basis Path Testing 5. n-1 ans n+1 passes
In this technique, control flow graphs are  Nested loops: For nested loops, all the
made from code or flowchart and then loops are set to their minimum count, and
Cyclomatic complexity is calculated which we start from the innermost loop. Simple
defines the number of independent paths so loop tests are conducted for the innermost
that the minimal number of test cases can be loop and this is worked outwards till all
designed for each independent path. Steps: the loops have been tested.
 Make the corresponding control flow graph  Concatenated loops: Independent loops, one
 Calculate the cyclomatic complexity after another. Simple loop tests are
 Find the independent paths applied for each. If they’re not
 Design test cases corresponding to each independent, treat them like nesting.
independent path
 White
Black Box Box Gray Box
Black Box vs White Box vs Gray Box Testing Aspect Testing Testing Testing
Here is a simple comparison of Black Box,
White Box, and Gray Box testing, Smaller
Smaller
highlighting key aspects: than both
Test Case compared
Largest Black Box
White Input to Black
and White
Black Box Box Gray Box Box
Size Box
Aspect Testing Testing Testing
Easier due
Knowledge Challengin
to
Finding g, may be
of Not Partially Difficult internal
Required Hidden found at
Internal required required code
user level
Code Errors access

Structural Well-
Functional testing, Not suited and Not
testing, clear box Algorithm suitable recommende suitable
data-driven testing, Translucen Testing d
testing, code-based t testing
closed box testing, Depends on High due Moderate,
Other testing transparen Time functional to complex faster
Names t testing Consumpti specificati code than White
on ons analysis Box
Verificati
Trial and on of Combinatio
error, internal n of both
based on coding, black box
external system and white Process of White Box Testing
functionali boundaries box 1. Input: Requirements, Functional
ty , and data approaches specifications, design documents, source
Approach domains code.
2. Processing: Performing risk analysis to 2. Access to the source code: White box
guide through the entire process. testing requires access to the
3. Proper test planning: Designing test cases application’s source code, which makes it
to cover the entire code. Execute rinse- possible to test individual functions,
repeat until error-free software is methods, and modules.
reached. Also, the results are 3. Knowledge of programming
communicated. languages: Testers performing white box
4. Output: Preparing the final report of the testing must have knowledge of programming
entire testing process. languages like Java, C++, Python, and PHP
White Testing is performed in 2 Steps to understand the code structure and write
1. Tester should understand the code well tests.
2. Tester should write some code for test 4. Identifying logical errors: White box
cases and execute them testing helps to identify logical errors
Tools required for White box testing: in the code, such as infinite loops or
 PyUnit incorrect conditional statements.
 Sqlmap 5. Integration testing: White box testing is
 Nmap useful for integration testing, as it
 Parasoft Jtest allows testers to verify that the
 Nunit different components of an application are
 VeraUnit working together as expected.
 CppUnit 6. Unit testing: White box testing is also
 Bugzilla used for unit testing, which involves
 Fiddler testing individual units of code to ensure
 [Link] that they are working correctly.
 OpenGrok 7. Optimization of code: White box testing
 Wireshark can help to optimize the code by
 HP Fortify identifying any performance issues,
 CSUnit redundant code, or other areas that can be
Features of White box Testing improved.
1. Code coverage analysis: White box testing 8. Security testing: White box testing can
helps to analyze the code coverage of an also be used for security testing, as it
application, which helps to identify the allows testers to identify any
areas of the code that are not being vulnerabilities in the application’s code.
tested.
9. Verification of Design: It verifies that 5. Detection of Complex Defects: Testers can
the software’s internal design is identify defects that cannot be detected
implemented in accordance with the through other testing techniques.
designated design documents. 6. Comprehensive Test Cases: Testers can
10. Check for Accurate Code: It create more comprehensive and effective
verifies that the code operates in test cases that cover all code paths.
accordance with the guidelines and 7. Testers can ensure that the code meets
specifications. coding standards and is optimized for
11. Identifying Coding Mistakes: It finds performance.
and fix programming flaws in your code, Disadvantages of White Box Testing
including syntactic and logical errors. 1. Programming Knowledge and Source Code
12. Path Examination: It ensures that each Access: Testers need to have programming
possible path of code execution is knowledge and access to the source code to
explored and test various iterations of perform tests.
the code. 2. Overemphasis on Internal Workings: Testers
13. Determining the Dead Code: It finds and may focus too much on the internal
remove any code that isn’t used when the workings of the software and may miss
programme is running normally (dead code). external issues.
Advantages of White Box Testing 3. Bias in Testing: Testers may have a biased
1. Thorough Testing : White box testing is view of the software since they are
thorough as the entire code and structures familiar with its internal workings.
are tested. 4. Test Case Overhead: Redesigning code and
2. Code Optimization: It results in the rewriting code needs test cases to be
optimization of code removing errors and written again.
helps in removing extra lines of code. 5. Dependency on Tester Expertise: Testers
3. Early Detection of Defects: It can start are required to have in-depth knowledge of
at an earlier stage as it doesn’t require the code and programming language as
any interface as in the case of black box opposed to black-box testing.
testing. 6. Inability to Detect Missing
4. Integration with SDLC: White box testing Functionalities: Missing functionalities
can be easily started in Software cannot be detected as the code that exists
Development Life Cycle. is tested.
7. Increased Production Errors: High chances
of errors in production.
 simply, flow graph) is a directed graph which
represents the control structure of a program
or module. A control flow graph (V, E) has V
number of nodes/vertices and E number of
edges in it. A control graph can also have :
Basis Path Testing in  Junction Node – a node with more than one
Software Testing arrow entering it.
 Decision Node – a node with more than one
Last Updated : 15 Dec, 2022 arrow leaving it.
 Region – area bounded by edges and nodes

(area outside the graph is also counted as
Prerequisite – Path Testing Basis Path a region.).
Testing is a white-box testing technique
based on the control structure of a program
or a module. Using this structure, a control
flow graph is prepared and the various
possible paths present in the graph are
executed as a part of testing. Therefore, by
definition, Basis path testing is a technique
of selecting the paths in the control flow
graph, that provide a basis set of execution
paths through the program or module. Since
this testing is based on the control
structure of the program, it requires
complete knowledge of the program’s
structure. To design test cases using this
technique, four steps are followed :
1. Construct the Control Flow Graph
2. Compute the Cyclomatic Complexity of the
Graph
3. Identify the Independent Paths
4. Design Test cases from Independent Paths
Let’s understand each step one by one. 1.
Control Flow Graph – A control flow graph (or
  Sequential Statements –

 If – Then – Else –

Below are the notations used while

constructing a flow graph :
 Do – While –  While – Do –
 Switch – Case –