Author Archives: lynnnsubuga

Introductory Post CS-343

Hi my name is Lynn and this is my new blog for CS-343. I am a senior at Worcester State majoring in Computer Science.

From the blog CS@Worcester – Site Title by lynnnsubuga and used with permission of the author. All other rights reserved by the author.

System Testing

System testing is a form of black box testing that assesses the complete functionality and performance of a fully integrated software system. This type of testing is the last stage before the software is released to the end users. The black box testing technique focuses on the system’s overall functionality. By this testing, you can identify any defects or errors in the system and fix them before the software is released. This testing can help improve the software’s quality by identifying and fixing defects and errors. This can help to prevent problems and improve the user experience. You can save time and money by identifying and fixing defects and errors early in development. This is because fixing defects early on is less expensive than fixing them after the software has been released. The purpose of system testing is to ensure that the system meets all requirements and behaves as expected by the end users. Some specific tasks typically performed during this testing include verifying that the system meets all functional requirements, testing the system’s performance under different load conditions, testing the system’s scalability to handle increasing numbers of users, and testing the system’s security against unauthorized access.

It’s also important to know some basic requirements of system testing. Some include functional requirements where the system must meet all its functional requirements, performing all of the tasks that it is intended to perform. The system must be tested in a realistic environment. It must be tested in an environment like the environment in which it will be used which ensures the system works correctly in the real world. The system must be tested thoroughly. The system must be tested properly to ensure that all potential problems are found and fixed. A variety of users must test the system to confirm that it is usable by everyone who need it. Below are some steps to do system testing manually. Analyze the requirements, create a test plan, write test cases, execute the test cases, log the defects, retest the defects and finally generate the test report. Some examples of system testing techniques include functional testing. Under this testing, we have black box testing which focuses on the inputs and outputs without knowing the internal code. White box testing which helps in validating the flow of data and control within the system. I chose this resource because it goes in depth about system testing, why it is used and important, and different types of testing methods.

References.

https://testsigma.com/guides/system-testing/

From the blog CS@Worcester – Site Title by lynnnsubuga and used with permission of the author. All other rights reserved by the author.

Security Testing

Security testing is a combination of the testing techniques used to test the application for security problems. It is mainly used to test the security of the data and functionalities of the application. These vulnerabilities are primarily found in web applications, cloud infrastructure, and blockchain applications. Security testing is a process that evaluates the security of a system and determines its potential vulnerabilities and threats to its security. Security testing is an essential phase in the SDLC and is used to find the security issues in the system to prevent attacks in the real world. This type of testing is not just about the testing the application by breaking into it, but security testing is also about identifying weaknesses in applications that attackers may exploit. Security testing can be done manually or with the help of software tools known as automated security testing tools. Security testing is based on the assessment of potential security threats in the system. It is a process in which the system’s security is tested by performing both positive and negative tests to find the potential security threats in the system.

The main goal of security testing is to identify the threats in the system and measure its potential vulnerabilities so that the threats can be encountered, and the system does not stop functioning or cannot be exploited. There are 5 types of security testing. Vulnerability scanning which identifies vulnerabilities present in software systems or network. Penetration testing which is a testing method in which testers find security weaknesses, usually to determine the risk of damage from possible attackers. Risk assessment which is the process of identifying and prioritizing the risks and threats that may be faced by an organization. Security auditing reviews and assesses an application or network to verify its compliance with standards, regulations and company policy. And finally, source code review verifies that the code complies with the specifications.

Some of the pros of security testing include identifying vulnerabilities early, protecting sensitive data, mitigating security risks, enhancing customer trust and confidence, and finally cost-effective risk management. By incorporating security testing into the software development lifecycle, organizations can proactively safeguard their digital assets and mitigate the risks associated with cyber threats in an increasingly interconnected world. I chose this resource because it explains security testing in depth and why it is important for organizations. We didn’t get a chance to get more practice about security testing in the course but reading about it has given me more knowledge about it.

References.

From the blog CS@Worcester – Site Title by lynnnsubuga and used with permission of the author. All other rights reserved by the author.

Static Testing Tools and Test Evaluation

In the fast-paced world of software development, ensuring the quality and reliability of code is essential for delivering successful products to the market. Static testing tools and test evaluation techniques play an important role in achieving these goals by enabling developers to identify defects, analyze code quality, and improve overall test coverage. First, let’s start by understanding what static testing tools are. It refers to the process of analyzing software artifacts, such as source code, design documents, and requirements specifications, without executing the program. Static tools scan code for potential defects, violations of code standards and security vulnerabilities. There are a lot of benefits of static testing tools. Static testing tools enables developers to detect defects early in the development lifecycle before code is executed. Improved code quality. By enforcing coding standards and best practices, static testing tools help maintain consistency and readability in code. This leads to higher-quality code that is easier to understand, maintain, and debug. Enhanced security. Static testing tools can identify security vulnerabilities and weaknesses in code, such as injection attacks. By identifying these issues early, developers can implement security controls to protect against potential threats. Increased productivity. Automating the process of code analysis with static testing tools saves developers time and effort, allowing them to focus on more critical tasks, such as feature development and bug fixing. This leads to increased productivity and faster time-to-market for software products.

Test evaluation involves assessing the effectiveness of test cases and test suites in detecting defects and achieving test objectives. This process helps identify gaps in test coverage, prioritize testing efforts, and optimize resource allocation. Some common test evaluation techniques include code coverage analysis. Code coverage metrics, such as statement coverage, branch coverage, and path coverage, measure the extent to which test cases exercise different parts of the codebase. By analyzing code coverage data, developers can identify areas of the code that have not been adequately tested and prioritize additional testing efforts accordingly. Mutation testing. Mutation testing involves introducing artificial defects, or “mutations,” into the codebase and running test cases to determine if the tests detect these mutations. This technique helps assess the effectiveness of test cases in detecting real-world defects and identifying areas of weakness in the test suite. Fault localization. Fault localization techniques help pinpoint the root causes of test failures by analyzing test results, execution traces, and code changes. By identifying the specific lines of code or program paths responsible for failures, developers can focus their debugging efforts and resolve issues more efficiently. I chose this resource because it does into depth talking about what static testing is and test evaluation is. This resource does into depth to get a deeper understanding of the topic.

References.

https://testsigma.com/blog/static-testing

https://testgrid.io/blog/static-testing

From the blog CS@Worcester – Site Title by lynnnsubuga and used with permission of the author. All other rights reserved by the author.

SOFTWARE TECHNICAL REVIEW.

Software technical review is a systematic examination of software artifacts, such as source code, design documents, requirements specifications, and test plans, by a team of peers or experts. The primary objective is to identify defects, inconsistencies, inefficiencies, and potential improvements early in the development lifecycle. Some types of software technical review include code review. It involves a thorough examination of source code by peers to ensure coding standards are met, to identify buys and to improve code readability. Another type is design review. It focuses on evaluating the software architecture and design documents to ensure they meet the project’s requirements, are scalable, maintainable, and align with best practices and architectural principles. Requirements review. It aims to validate the completeness, correctness, and clarity of the project requirements, ensuring they accurately represent the stakeholders’ needs and are feasible to implement. The last one is test plan review. It examines the test plans and strategies to verify that they cover all the functional and non-functional requirements and provide sufficient test coverage.

Importance of doing software technical reviews include bug detection and prevention. Software technical review helps identify defects, inconsistencies, and potential issues early in the development process, reducing the likelihood of bugs and improving software quality. Knowledge sharing and collaboration is also important. By involving multiple team members in the review process, knowledge sharing, and collaboration are promoted, leading to improved understanding of the codebase, better solutions, and fostering a culture of learning and improvement. Code quality and consistency. Through code reviews, developers can ensure that the codebase adheres to coding standards, best practices, and design principles, resulting in better code quality, readability, and maintainability. Some of the impacts of software reviews on industries include 51% of young adults searched on the internet daily as opposed to weekly or monthly. 52% of young adults researched online reviews, 41% of young adults preferred online reviews to personal suggestions, and on average, readers read ten reviews for a company or software before trusting it. The top reasons for writing an effective software review is to create reviews with quality content. Readers turn on reviewers from the moment that they feel their opinions can no longer be trusted. It creates a negative impact on the industry, especially when it comes to decent products. The reason I chose this article is it goes into depth about software reviews and why they are used in the industry. It helps improve the product features and to also check for bugs.

References.

From the blog CS@Worcester – Site Title by lynnnsubuga and used with permission of the author. All other rights reserved by the author.

Test-driven Development

Test-driven development is a software development approach that emphasizes writing tests before writing the actual code. By using this technique, developers ensure that their code is thoroughly tested, reliable and maintainable. Test driven development typically consists of three main steps, writing a failing test, writing the minimum code to pass the test, and then refactoring the code while ensuring that all tests still pass. In more detail of the three cycles, one is writing a failing test. Developers start by writing a test case that defines the desired behavior of the code. Since there’s no code yet, this test will inevitably fail. Write the Minimum Code: After writing the failing test, developers write the minimum amount of code necessary to make the test pass. The goal is to write just enough code to satisfy the requirements of the test. Refactor the Code: Once the test passes, developers refactor the code to improve its design, readability, and performance. Refactoring ensures that the code remains maintainable and scalable over time. Some benefits of using test-driven development are improved code quality. TDD encourages developers to write modular, well-structures code that is easier to understand and maintain. Faster development cycles. By writing tests upfront, developers can catch bugs early in the development cycle, leading to faster iteration cycles.

Another benefit is enhanced code coverage. TDD ensures test coverage, reducing the likelihood of undetected defects in the codebase. Increased confidence. Developers have greater confidence in making changes to their codebase without introducing regressions. The last benefit is better collaboration. TDD promotes better collaboration between developers, testers, and stakeholders by providing a shared understanding of the system’s behavior. Some practices for test-driven development include keeping tests simple. Write simple, focused tests that verify one aspect of the code’s behavior. Refactor Regularly: Refactor your code continuously to keep it clean, concise, and maintainable. Automate Tests: Use automated testing frameworks to run tests frequently and detect regressions early. Write Meaningful Tests: Ensure that your tests are descriptive and provide clear feedback when they fail. The last one is seeking feedback. Get feedback from peers and stakeholders to validate your tests and ensure they accurately reflect the desired behavior. Test-driven development is a powerful software development technique that promotes code quality, reliability, and maintainability. By adopting TDD principles and best practices, developers can write better code, deliver features faster, and build more robust software systems. I chose this source because it goes into detail explaining everything about Test driven development and what it does, why it is important for developers.

References.

https://testdriven.io/test-driven-development

https://www.browserstack.com/guide/what-is-test-driven-development

From the blog CS@Worcester – Site Title by lynnnsubuga and used with permission of the author. All other rights reserved by the author.

Week 11

Mocking is a process used in unit testing when the unit being tested has external dependencies. The purpose of mocking is to isolate and focus on the code being tested and not on the behavior or state of external dependencies. These dependencies, such as databases, external services, or third-party libraries, may be difficult to control or reproduce in a testing environment. By creating mock objects that mimic the behavior of these dependencies, we can isolate and test individual components of our code in a controlled and predictable manner. Some benefits of mocking include isolation. Mocking allows us to isolate the unit of code being tested from its external dependencies, ensuring that tests focus solely on the logic within the unit itself. Mock objects provide precise control over the behavior and responses of dependencies, enabling us to simulate various scenarios and edge cases during testing. Debugging is another benefit of mocking. Mock objects can be used to debug code by providing detailed information about how a method is being called and what values are being passed to it. Collaboration:Mock objects can be shared among developers, making it easier to collaborate on testing and ensure that code is tested consistently across different environments.

Some of the challenges that mock testing can cause is maintenance. Mock objects can be difficult to maintain, particularly as systems evolve and change over time. When new features are added, mocks may need to be updated to accurately reflect the behavior of the system. Complexity is another problem. As the complexity of a system increases, the complexity of the mock objects used to test it may also increase. This can make it difficult to understand and modify tests, particularly for developers who are not familiar with the system. Some mock testing best practices include using mock testing sparingly. It’s important to use it well and not rely on it too heavily because it can be hard to maintain. Keeping mock objects simple is important. Mock objects should be simple and easy to understand, with clear and concise code. Write test cases first: Writing test cases before writing code can help ensure that code is designed with testing in mind and that it can be easily tested using mock objects. I chose this article because it talks about the pros and cons of. Using mock testing as well as strategies to use in order not to find a lot of issues with it. Mock testing can be complicated when it’s overly used therefore it’s not advisable to use it all the time.

References.

From the blog CS@Worcester – Site Title by lynnnsubuga and used with permission of the author. All other rights reserved by the author.

WEEK 8

PATH TESTING.

Path testing is an approach to testing where you can ensure that every path through a program has been executed at least once. However, testing all paths does not mean that you will find all bugs in a program. There are some steps involved in path coverage testing. Step one is code interpretation. It is important to carefully understand the code you want to test. The next step is constructing a control flow graph. It shows the nodes representing code blocks and edges for the movement of control between them. The third step is determining the paths. This entails following the control’s path from its point of entry to its point of exit while considering all potential branch outcomes. While determining paths, you’ll also consider loops, nested conditions, and recursive calls. It is important to list every route like giving each path a special name or label so you can keep track of which paths have been tested. The next step is testing case design. Create test plans for each path that has been determined, make inputs that will make the program take each path in turn. Make sure the test cases are thorough and cover all potential paths. Examine the test results to confirm all possible paths have been taken. It is important to make sure the code responds as anticipated.

Some advantages of path testing is it helps reduce redundant tests, it focuses on the logic of the programs and it is used in test case design. Some cons of using path testing is the test case increases when the code complexity is increased, it will be difficult to create a test path if the application has a high complexity of code and some test paths may skip some of the conditions in the code. There are three path testing techniques which are Control Flow Graph (CFG) – The Program is converted into Flow graphs by representing the code into nodes, regions, and edges. Decision to Decision path (D-D) – The CFG can be broken into various Decision to Decision paths and then collapsed into individual nodes. Independent (basis) paths- Independent path is a path through a DD-path graph which cannot be reproduced from other paths by other methods. I chose these two resources because they go more in depth about path testing and help explain it well. One of the sources talks about the pros and cons of using path testing, the types of path testing which I didn’t know before this.

References.

https://www.geeksforgeeks.org/path-testing-in-software-engineering

https://www.tutorialspoint.com/software_testing_dictionary/path_testing.htm

From the blog CS@Worcester – Site Title by lynnnsubuga and used with permission of the author. All other rights reserved by the author.

Week 6

In week 6, we talked about Equivalence class testing in class. It is a black box testing technique that allows testers to group input data into sets or classes, making it possible to reduce the number of test cases while achieving comprehensive coverage. This technique is useful when dealing with a large range of input values. The classes resemble the specified requirements and common behavior or attributes of the inputs. Test classes are designed based on each class attribute and one element or input is used from each class for the test execution to validate software functioning. In Equivalence class testing, there are some important features that we need to note. Aside from being a black box testing technique, it restricts the testers to examine the software product externally. It is also used to from groups of test inputs of similar behavior or nature. And finally, test cases are based on classes, which reduces the time and effort required to build a larger number of test cases.

Some examples of equivalence class testing are weak normal equivalence testing, strong normal equivalence testing, weak robust equivalence testing and strong robust equivalence testing. Some pros of using Equivalence class testing is it helps reduce the number of test cases, without compromising the test coverage, it reduces the overall test execution time as it minimized the set of test data, it enables testers to focus on smaller data sets, which increases the probability of uncovering more defects in the software product and it’s used in cases where performing exhaustive testing is difficult. Some cons of using Equivalence class testing is it doesn’t consider the conditions for boundary value, identification of equivalence classes relies heavily on the expertise of testers and testers might assume the output for all input data set is correct, which isn’t the case all the time.

Some difference between equivalence class testing and boundary value analysis is equivalence testing is a black box technique while boundary analysis is portioning/testing. I chose this article because it goes into details talking about Equivalence class testing in depth. In my opinion when we were doing both equivalence class testing and boundary value testing, I found boundary value testing to be easier to use and to understand. However, after reading more on equivalence class testing, I have more understanding of how it works and why it is used a lot. I know I will be able to do assignments that will require using Equivalence class testing now that I have more knowledge on it.

References.

https://www.professionalqa.com/equivalence-class-testing

https://testsigma.com/blog/equivalence-partitioning

From the blog CS@Worcester – Site Title by lynnnsubuga and used with permission of the author. All other rights reserved by the author.

Final week

This week we talked about clean code. It is a reader-focused development style that produces software that’s easy to write, read and maintain. Knowing how to produce clean code is an essential skill for software developers. Clean code is what someone must do to call yourself a professional. Clean code is clear, understandable, and maintainable. When you write clean code, you’re keeping in mind the other people who will read it and need to interpret the code. Some of the characteristics of clean code is it should have meaningful names for the reader to easily understand and to avoid confusion. Functions are the building blocks of programs so creating easy to read functions makes it easier to understand and modify programs. It is important for programs to have comments because it helps explain your code to other people. Formatting when writing clean code is important like making sure you have white spaces in the program.

There are three principles of clean code which are choosing the right tool for the job, optimizing the signal-to-noise ratio and strive to write self-documenting code. The 10 steps to writing clean code are following conventions. This can be like using a name which keeps things clear and lets you know what you’re working with. Say what you mean is another step to writing clean code. It’s easily frustrating seeing code with variables that are misleading. Whitespace is incredibly powerful so that the code is readable. Remember the power of I as it’s always clear that “I” is your iterator variable. Keep if functional. If a function is doing more than its name suggests, then some of the excess functionality could be split into its own function. Keep it classy can mean keeping code tidy, clear and consistent or if you have a functionality problem, you can separate by creating a class to handle that functionality. I chose this blog post because it talks about some of the essential things needed for writing clean code to be a good programmer. This blog also explains in detail each step that’s important when writing clean code which also helps me understand better what good programmers do to have efficient code. I am an aspiring developer and going through all these steps has helped me have more insight on what I must do and gained some more knowledge. I liked this resource because it has helped me further understand some principles and steps when writing clean code.

References

.https://www.pluralsight.com/blog/software-development/10-steps-to-clean-code

From the blog CS@Worcester – Site Title by lynnnsubuga and used with permission of the author. All other rights reserved by the author.