CH 3 Software Testing - Static Testing

Static Testing

Testing software and work products without executing code.

Review

A static testing technique used to find and remove errors and ambiguities in work products.

Static Analysis

Automated analysis of code to find structural defects and programming weaknesses without execution.

Work Product

Anything written down that can be reviewed or tested.

Examples of Work Products

Requirements, user stories, designs, test plans, test cases, user guides, web pages, contracts, models, and code.

Value of Static Testing

Finds defects early, reduces costs, improves quality, and prevents defects from being built into software.

Static Testing vs Dynamic Testing

Static testing examines work products without execution; dynamic testing executes software to find failures.

Static Testing Focus

Defect prevention and defect detection.

Dynamic Testing Focus

Finding failures caused by defects.

Defects Easier to Find with Static Testing

Requirements defects, design defects, coding defects, standards violations, interface defects, security vulnerabilities, and test coverage gaps.

Requirements Defects

Inconsistencies, ambiguities, contradictions, omissions, inaccuracies, and redundancies.

Design Defects

Inefficient algorithms, poor database structures, high coupling, and low cohesion.

Coding Defects

Undefined variables, unused variables, unreachable code, and duplicate code.

Benefits of Early Stakeholder Feedback

Clarifies requirements, reduces rework, improves understanding, and prevents project delays.

Review Objective

The main purpose or focus of a review.

Common Review Objectives

Finding defects, gaining understanding, generating discussion, education, and decision-making by consensus.

Informal Review

A review with no defined process and no formal documented output.

Formal Review

A review with team participation, documented results, documented procedures, and often defined roles.

Factors Influencing Review Formality

SDLC type, process maturity, work product complexity, legal requirements, and need for an audit trail.

Basic Review Process

Study document, identify issues, communicate findings, and update document.

Review Planning Stage

Defines scope, effort, schedule, participants, roles, and entry/exit criteria.

Review Initiation Stage

Distributes work products, explains roles, answers questions, and provides training.

Individual Review Stage

Reviewers examine work products and record findings.

Communication and Analysis Stage

Potential defects are discussed and analyzed.

Fixing and Reporting Stage

Defects are corrected, documented, and review results evaluated.

Entry Criteria

Conditions that must be met before a review can begin.

Exit Criteria

Conditions that must be met before a review can be completed.

Manager Review Role

Allocates resources, ensures review objectives are met, and monitors effectiveness.

Author Review Role

Creates the work product and usually fixes agreed defects.

Moderator (Facilitator)

Ensures the review runs effectively and resolves issues between participants.

Scribe (Recorder)

Documents defects, issues, open points, and review metrics.

Reviewer

Examines the work product and identifies findings.

Review Leader

Plans, leads, and follows up on the review process.

Tester in Reviews

Reviews work products to identify defects and improve test development.

Informal Review Characteristics

Little structure, optional documentation, optional checklist, defect detection focus.

Buddy Check

A type of informal review performed by a colleague.

Walkthrough

A review led by the author that focuses on finding defects and improving understanding.

Walkthrough Main Purposes

Find defects, improve product quality, evaluate standards, exchange ideas, and train participants.

Walkthrough Leader

The author of the work product.

Walkthrough Scribe

A scribe is mandatory.

Technical Review

A review performed by technical experts and led by a moderator.

Technical Review Main Purposes

Gaining consensus and detecting defects.

Technical Review Requirements

Documented process, technical reviewers, and individual preparation.

Inspection

The most formal type of review.

Inspection Main Purposes

Detect defects, evaluate quality, build confidence, and prevent future defects.

Inspection Characteristics

Formal process, checklists, entry/exit criteria, trained facilitator, metrics collection, and documented results.

Inspection Facilitator

Must not be the author.

Inspection Preparation

Reading source documents and preparing before the review meeting.

Ad Hoc Review Technique

A review with little or no guidance for reviewers.

Checklist-Based Review Technique

Uses predefined checklists to identify defects systematically.

Scenario-Based Review Technique

Uses realistic scenarios and dry runs to identify defects.

Role-Based Review Technique

Reviews work products from specific stakeholder roles.

Perspective-Based Review Technique

Reviews work products from different stakeholder viewpoints.

Most Effective Review Technique

Perspective-based reviewing.

Review Success Factors

Clear objectives, correct participants, suitable review type, preparation time, management support, and good facilitation.

Organizational Success Factors

Clear objectives, appropriate review types, effective techniques, updated checklists, and management support.

People-Related Success Factors

Right participants, adequate time, objective handling of defects, trust, training, and positive review culture.

High Coupling

Strong interdependence between software modules.

Low Cohesion

Components that are poorly related and difficult to maintain or understand.

Security Vulnerability Example

Buffer overflow susceptibility.

Interface Defect Example

Different measurement units used by interacting systems.

Maintainability Quality Characteristic

Ability to analyze, modify, and maintain software efficiently.

Performance Efficiency Quality Characteristic

How well software performs during execution.

Main Purpose of Reviews

Detect defects as early as possible.

Main Benefit of Reviews

Defects are found earlier and fixed more cheaply.

Static Testing Finds

The causes of failures.

Dynamic Testing Finds

Failures caused by defects.

ISO/IEC 20246

International standard describing the review process for software and systems engineering.

Review Metrics

Time spent, defects found, review effectiveness, and quality improvements.

Audit Trail

Documented evidence that supports traceability throughout development.

Walkthrough Additional Purpose

Training participants and achieving consensus.

Technical Review Additional Purpose

Evaluating quality and building confidence.

Inspection Additional Purpose

Root cause analysis and process improvement.

Formal Review Outputs

Documented findings, reports, metrics, and review decisions.

Informal Review Outputs

Optional and often undocumented.

Review Meeting

Optional in informal reviews and technical reviews; required in inspections.

Static Testing Application Point

As early as possible in the software development lifecycle.

Why Static Testing Saves Money

Defects are cheaper to fix before code is written or deployed.