SlideShare a Scribd company logo

Testing large complex software systems

Download as DOCX, PDF
T
tamicawaysmith

The document discusses challenges in testing large, complex software systems and provides recommendations to address these challenges. It notes that handcrafted tests alone are no longer sufficient due to increasing software size, complexity, and concurrency. It recommends starting with good design practices, static checking, and unit testing to isolate components before integration testing. It also recommends using code coverage and techniques like all-pairs testing to prioritize tests, and generating stochastic tests using models. Finally, it emphasizes the importance of concurrency testing and prioritizing testing given limited resources for very large systems.

Education
1 of 21
30 February 2005 QUEUE rants: [email protected] DARNEDTesting large systems is a daunting task, but there are steps we can take to ease the pain. T he increasing size and complexity of software, coupled with concurrency and dis- tributed systems, has made apparent the ineffectiveness of using only handcrafted tests. The misuse of code coverage and avoidance of random testing has exacer- bated the problem. We must start again, beginning with good design (including dependency analysis), good static checking (including model property checking), and good unit testing (including good input selection). Code coverage can help select and prioritize tests to make you more effi cient, as can the all-pairs technique for controlling the number of confi gurations. Finally, testers can use models to generate test coverage and good stochastic tests, and to act as test oracles. HANDCRAFTED TESTS OUTPACED BY HARDWARE AND SOFTWARE Hardware advances have followed Moore’s law for years, giving the capability for run- ning ever-more complex software on the same cost platform. Developers have taken advantage of this by raising their level of abstraction from assembly to fi rst-generation
compiled languages to managed code such as C# and Java, and rapid application devel- opment environments such as Visual Basic. Although the number of lines of code per day per programmer appears to remain relatively fi xed, the power of each line of code has increased, allowing complex systems to be built. Moore’s law provides double the computing power every 18 months and software code size tends to double every seven years, but software testing does not appear to be keeping pace. QUEUE February 2005 31 more queue: www.acmqueue.comBIGBIGBIGTO TESTTOO DARNED Quality AssuranceFO C U S KEITH STOBIE, MICROSOFT 32 February 2005 QUEUE rants: [email protected] Unfortunately, the increased power has not, in gen- eral, made testing easier. While in a few cases the more powerful hardware means we can do more complete test- ing, in general the testing problem is getting worse. You can test square root for all the 32-bit values in a reason- able time,1,2 but we are now moving to 64-bit machines with 64-bit values (and even longer for fl oating point). Assuming a nanosecond per test case, it would take 584
years to test all the values. Sure, you could scale to, say, 1,000 processors, but you would still need six months for just this one test case. Two other issues of complexity to consider are: the number of different execution states software can go through, and concurrency. User interfaces were originally very rigid, letting users progress through a single fi xed set of operations—for example, a single set of hierarchi- cal menus and prompts. Now, good user design is event driven with the user in control of the sequence of actions. Further, many actions can be accomplished in multiple manners (e.g., closing a window via the menu [File/ Close], a shortcut key [ALT-F4], or the mouse [click on the Close icon]). Multiple rep- resentations of items (e.g., fi le names) also generally mean multiple execution paths. A manifestation of this is the security issue that occurs when an application makes wrong decisions based on a non- canonical representation of a name.3 These explo- sive combinations make it virtually impossible for a tester to both conceive of and then test a reasonable sampling of all the combinations. Concurrency is becoming more prevalent at many levels. Beyond multiple processes, we see increasing lower-level concurrency, especially as a result of multicore chipsets that encourage parallelism via threading and hyperthreading; soon, everyone will have a dual-proces- sor machine. Machine clustering and Web services are
increasing the concurrency across applications. All of this creates greater possibilities for more insidi- ous bugs to be introduced, while making them harder to detect. MISUNDERSTANDING CODE COVERAGE AND STOCHASTIC TESTING Before discussing possible approaches to these problems, let’s clear up some pervasive misconceptions. Myth: Code coverage means quality. Tools for measur- ing structural code coverage have become increasingly easy to use and deploy and have thus deservedly gained greater acceptance in the testing arsenal. A fundamental fl aw made by many organizations (especially by manage- ment, which measures by numbers) is to presume that because low code-coverage measures indicate poor test- ing, or that because good sets of tests have high coverage, high coverage therefore implies good testing (see Logical Fallacies sidebar). Code coverage merely measures that a statement, block, or branch has been exercised. It gives no measure of whether the exercised code behaved cor- rectly. As code gets too big to easily roll up qualitative assessments, people start summarizing code coverage instead of test information. Thus, we know low code cov- erage is bad, because if we have never exercised the code, it appears impossible to say we have “tested” it. However, while having something that just executes the code may consequently reveal a few possible fl aws (e.g., a complete system failure), it doesn’t really indicate if the code has been what most people consider tested. BIG TO TEST
TOO DARNED Quality AssuranceFO C U S Logical Fallacies Denying the Antecedent: If A, then B; not A; therefore, not B If low coverage, then poor tests; not low coverage; therefore, not poor tests Asserting the Consequent: If p, then q; q; therefore, p If good tests, then high coverage; high coverage; therefore, good tests QUEUE February 2005 33 more queue: www.acmqueue.com Tested indicates you have verified the results of the code execution in useful ways. The fallacy of high code coverage will become more evident with the next genera- tion of automatic unit testing tools (discussed later) that can generate high code coverage with no results checking. Further, results of real software comparing code coverage and defect density (defects per kilo-lines of code) show that using coverage measures alone as predictors of defect density (software quality/reliability) is not accurate.
Myth: Random testing is bad. One of the big debates in testing is partitioned (typically handcrafted) test design versus operational, profile-based stochastic testing (a method of random testing). Whereas many organiza- tions today still perform testing (such as choosing the partitions) as a craft (either manually or semi-automati- cally), it is unclear that this is the most effective method, especially with the increasing complexity of software. Current evidence indicates that unless you have reliable knowledge about areas of increased fault likelihood, then random testing can do as well as handcrafted tests.4,5 For example, a recent academic study with fault seed- ing showed that under some circumstance the all-pairs testing technique (see “Choose configuration interactions with all-pairs” later in this article) applied to function parameters was no better than random testing at detect- ing faults.6 The real difficulty in doing random testing (like the problem with coverage) is verifying the result. How, for random inputs, can we judge the output? It is easier to have static tests with precomputed outputs. In testing, being able to verify the output is called the test oracle problem.7,8 There are numerous current areas of work on this problem. Another problem is that very low probability sub– domains are likely to be disregarded by random testing, but if the cost of failures in those subdomains is very high, they could have a large impact. This is a major flaw of random testing and a good reason for using it as a complementary rather than the sole testing strategy. Part of the testing discipline is to understand where we have reliable knowledge of increased fault likelihood.
The classic boundary value analysis technique succeeds because off-by-one errors increase the fault likelihood at boundaries. Many other analysis techniques have a less tried-and-true underlying fault model to reliably indi- cate increased fault likelihood. For example, partitioning based on code coverage doesn’t guarantee finding the fault, as the right input must be used to stimulate the fault and sufficient verification must be done to realize the fault has produced a failure. TEST ISSUES: DO OVER It’s clear that increasing structural code coverage doesn’t solve the testing problem and that stochastic testing is frequently as good as or better than handcrafted test cases. Given this state of affairs, how do we address the issue of “it’s too darned big to test”? There are several approaches to consider: unit testing, design, static check- ing, and concurrency testing. Good unit testing (including good input selection). Getting high-quality units before integration is the first key to making big system testing tractable. The simple way to do that is to follow the decades-old recommenda- tion of starting with good unit testing. The IEEE Standard for Software Unit Testing has been around for years [Std. 1008-1987] and requires 100 percent statement cover- age. This has been nicely reincarnated via the test-driven development movement, which also espouses the previ- ously seldom-adhered-to idea of writing the tests before the code. Testing a big system is especially difficult when the underlying components and units are of low quality. Why isn’t good unit testing prevalent? In many shops the problem is partly cultural. Software developers pre- sumed someone else was responsible for testing besides them. Some development groups have spent more effort
building out stubbed components and test harnesses than on building the actual components. Standard unit testing harnesses now exist for many environments, and the creation of mock objects is becoming semi-automated. Another reason for poor unit testing is that software was once simpler and reliability expectations lower. In today’s world insecure systems arising from simple problems (for example, buffer overruns) that good unit testing could have caught have really motivated management to drive for better unit testing. A variety of tools exist in this arena. Unit testing frameworks include the XUnit family of tools, Framework for Integrated Test (Ward Cunningham’s Fit), Team Share, etc. Further, IDEs (integrated development environments) such as Eclipse and Rational can generate unit test out- lines. Any development shop should be able to find and use applicable ones. In general, today’s unit testing requires developers to handcraft each test case by defining the input and the expected output. In the future, more intelligent tools will be able to create good input coverage test cases and some expected output. We may see 100 percent code coverage, with no results checking. We will need to become more aware of the thoroughness of results checking instead of just code coverage. How to measure results-checking thoroughness hasn’t really been addressed. 34 February 2005 QUEUE rants: [email protected] Current automatic unit-generation test techniques work from the simple known failure modes (such as null parameters as inputs) to analysis of the data structures used. Data-structure generation can be based on con-
straint solvers, models, and symbolic execution. Other tools can enhance an existing set of tests. For example, Eclat creates an approximate test oracle from a test suite, then uses that oracle to aid in generating test inputs that are likely to reveal bugs or expose new behav- ior while ignoring those that are invalid inputs or that exercise already-tested functionality. Even without tools, just training people in simple functional test techniques can help them choose bet- ter inputs for their unit testing. You can also start with generic checklists of things to test and then make them your own by recording your organization’s history of what makes interesting input. You can fi nd industry checklists in several books under different names such as the following: “Common Software Errors” (Kaner, C., Falk, J. and Nguyen, H.Q. 1993. Testing Computer Soft- ware. Van Nostrand Reinhold); “Test Catalog” (Marick, B. 1994. Craft of Software Testing. Prentice Hall PTR. www. testing.com/writings/short-catalog.pdf); or “Attacks” (Whittaker, J.A. 2002. How to Break Software: A Practi- cal Guide to Testing. Addison Wesley); as well as on the Web (for example, http://blogs.msdn.com/jledgard/ archive/2003/11/03/53722.aspx). Good design (including dependency analysis). Many books and papers explain how to do good up-front design (the best kind), but what if you already have the code? Dependency analysis can be used to refactor code (rewriting to improve code readability or structure; see http://www.refactoring.com/). Many IDEs are incorporat- ing features to make code refactoring easier. Good unit tests, as agile methods advocate, provide more confi dence
that refactoring hasn’t broken or regressed the system. Dependency analysis allows testers to choose only those test cases that target a change. Simplistic analysis can be done by looking at structural code dependencies, and it can be very effective. More sophisticated data-fl ow analysis allows more accurate dependency determina- tion, but at a greater cost. Either technique can be a big improvement over just running everything all the time. A test design implication of this is to create relatively small test cases to reduce extraneous testing or factor big tests into little ones.9 Good static checking (including model property checking). The convergence of static analysis tools with formal methods is now providing powerful tools for ensuring high-quality units and to some extent their integration. For example, PREfi x is a simulation tool for C/C++ that simulates the program execution state along a selected set of program paths and queries the execution state to identify programming errors.10 The issue creat- ing the greatest resistance to adoption for most static checking remains the false positive rate. Some tools can only make reliable guesses and sometimes guess wrong. Developers get frustrated if they can’t turn off the tool for the places they know it is wrong. Sometimes develop- ers get carried away and turn off too much, then miss problems the tool could have caught. Some developers don’t believe the issues found are really bugs even when they are. Many of the more advanced checks require additional annotations to describe the intent. You can emulate some of the stricter checks in any language just using compiler or language constructs such as assert(). It is still a chal- lenge to convince many developers that the extra annota-
tions will pay off in higher-quality, more robust, and more maintainable code. Others, however, who have used it and seen nasty issues that would have taken hours, days, or weeks to debug being found effortlessly up front, would never go back. All of this data can also help independent testers later because defects found through static analysis are early indicators of pre-release system defect density. Static anal- ysis defect density can be used to discriminate between components of high and low quality (fault-prone and non-fault-prone components). Concurrency testing. Concurrency issues can be detected both statically (formal method properties such as liveness, livelock/deadlock, etc.) and dynamically (auto- matic race lockset tracking). Static detection frequently BIG TO TEST TOO DARNED Quality AssuranceFO C U S QUEUE February 2005 35 more queue: www.acmqueue.com requires extensive annotation of the source code with additional information to allow the necessary reasoning
to be done about the code. The advantage of static analy- sis is its potential to uncover all race conditions. Dynamic race detectors, such as code coverage tools, require a good set of test cases as input because they look only at what the tests force to occur. They can, however, determine race conditions even though the test itself didn’t force it. As long as the test executes the code of the overlapping locks, it is likely to be detected. Several tools, such as Java PathExplorer (JPAX), have been created that extend the Eraser lockset algorithm.11 Besides no guaran- tee of completeness without complete test cases, the other issues still being resolved with dynamic race detectors include their performance and the number of false posi- tives they generate. More traditional methods of concurrency testing involve controlling the thread scheduler, if possible, to create unusual timings. Fault injection tools, such as Secu- rity Innovation’s Holodeck, can be used to create artifi cial delays and increase the likelihood of race conditions. As a last resort, the old standby of just running lots of activity concurrently under varying conditions has been fruitful in fi nding defects (although perhaps not as effi ciently as many of the newer methods). PRIORITIZE TESTING The previous section helps set the stage at a basic level with units of code and analysis, but most test organiza- tions deal with testing the integrated whole. Testers have to be creative in addressing the overwhelming size of today’s software systems. When it’s too darned big to test, you must be selective in what you test, and use more powerful automation such as modeling to help you test. Fault injection tools again come in handy as a way to tweak things when reaching through the overall big
system becomes daunting (which it does quickly!). Use code coverage to help select and prioritize tests. Prioritizing test cases has become increasingly practi- cal in the past two decades. If you know the coverage of each test case, you can prioritize the tests such that you run tests in the least amount of time to get the highest coverage. The major problem here is getting the coverage data and keeping it up to date. Not all tools let you merge coverage data from different builds, and running coverage all the time can slow down testing. The time to calculate the minimization can also be a deterrent. For many collections of test cases, running the mini- mal set of test cases that give the same coverage as all of the test cases typically fi nds almost all of the bugs that running all of the test cases would fi nd. Industrial experience at several companies appears to confi rm this. For example, for an industrial program of 20,929 blocks, choosing tests only by function call cover- age required only 10 percent of the tests while providing 99.2 percent of the same coverage. Reducing by block coverage meant that 34 percent of the tests provided the same block coverage and 99.99 percent of the same branch (segment) coverage. Further, there were no fi eld- reported defects found that would have been caught by the full set of tests but missed by the coverage-reduced set of tests. Best of all, anyone can easily run the experimental comparison. First run the minimal set of tests providing the same coverage as all of the tests, and then run the remaining tests to see how many additional defects are revealed.
You can also combine this with dependency analysis to fi rst target only the changed code. Depending on the sophistication of your dependency analysis, you may not have to do any further testing. Use customer usage data. Another great way to target testing is based on actual customer usage. Customers perceive the reliability of a product relative to their usage of it. A feature used by only a few customers on rare occa- sions will have less impact on customer satisfaction than bread-and-butter features used by virtually all customers all of the time. Although development teams can always make conjectures about product usage, which makes a useful start, actual data improves the targeting. Ideally, you can automatically record and have actual customer usage sent to you. This approach has several problems, including privacy, performance, and secu- rity. Each of these can be dealt with, but it is nontrivial. Alternatively, you may have only a select few customers reporting data, you may do random sampling, or you may fall back on case studies or usability studies. You When it’s too darned big to test, you must be selective in what you test, and use more powerful automation such as modeling to help you test. 36 February 2005 QUEUE rants: [email protected] can also work with your customers for cooperative early testing either through beta programs or even earlier pre- release disclosures.12
Customer usage data is especially important in reli- ability testing where an operational profi le improves the meaningfulness of the reliability data. Customer usage data is also critical to prioritizing the confi gurations that you test. Setting up environments similar to those of your customers helps you fi nd interactions that you might otherwise miss. Choose confi guration interactions with all-pairs. A major problem that makes the testing task too darned big is worrying about all the possible confi gurations. Confi gurations cover things such as different hardware, different software (operating system, Web browser, appli- cation, etc.) or software versions, confi guration values (such as network speed or amount of memory), etc. If you understand which interactions of your confi gura- tions cause problems, you should explicitly test for them. But when all the software “should” be independent of the confi guration, and experience has shown you it isn’t, then you get worried. Setting up a confi guration to test is frequently expensive, and running a full set of tests typi- cally isn’t cheap, either. If you are doing performance testing, you need the more formal design-of-experiments techniques associ- ated with robust testing and requiring orthogonal arrays. For simple verifi cation, however, another easy, cheap technique used by many test shops is all-pairs. The most common defect doesn’t require any interaction. Just triggering the defect under any confi guration will cause a failure about 80 percent of the time. After basic testing eliminates those defects, the next most common defects turn out to require the interaction of just two aspects of the confi guration. Which two aspects? That’s the trick! Using all-pairs, you can cheaply verify any pair of interac-
tions in your confi guration. Public domain tools exist (http://tejasconsulting.com/open-testware/feature/all- pairs.html), and it takes less than a half hour to download the tool and create a description of your confi guration issues. You’ll then get a very quick answer. As a simple example of this, I consulted with a test group that had tested 100 different confi gurations, but were still getting errors from the fi eld. I taught them the technique and tool, and in less than an hour they had a result showing that only 60 confi gurations were needed to cover all pairs of interactions, and the interaction most recently reported from the fi eld was one of them. That is, if they tested with fewer confi gurations, they could have found the bug before shipping. All-pairs testing may be useful in other domains, but the studies are not yet conclusive. USE OF MODELS FOR STOCHASTIC TESTS One way toward stochastic testing is via the use of models. You can begin with the simplest of models, such as “dumb monkey” test tools or “fuzz” testers. You can enhance them toward “smart monkey” tools and formal- ize them using a variety of modeling languages, such as fi nite state machines, UML2 (Unifi ed Modeling Language, version 2), and abstract state machines. Testers’ reluctance in the past to embrace formal methods came principally from the state explosion problem that appeared to rel- egate most formal methods to “toy” problems instead of the big system-level problems that many testers have to deal with. Recent advances in many fi elds have helped, but espe- cially recent breakthroughs that make SAT (propositional satisfi ability) solvers highly effi cient and able to handle
more than 1 million variables and operations. Models can be used to generate all relevant variations for limited sizes of data structures.13,14 You can also use a stochastic model that defi nes the structure of how the target system is stimulated by its environment.15 This stochastic testing takes a different approach to sampling than partition test- ing and simple random testing. Even nonautomated models can provide useful insights for test design. Simple fi nite state machine models can show states the designers hadn’t thought about or anticipated. They also help clarify the expected behavior for the tester. You can build your own fi nite state machines in almost any language. A simple example for C# is goldilocks.16 BIG TO TEST TOO DARNED Quality AssuranceFO C U S QUEUE February 2005 37 more queue: www.acmqueue.com The major issue with model-based testing is changing testers’ mind-sets. Many testers haven’t been trained to think abstractly about what they are testing, and model- ing requires the ability to abstract away some detail while
concentrating on specific aspects. Modeling can be espe- cially difficult for ad hoc testers not used to approaching a problem systematically. Another reason modeling fails is because people expect it to solve all their problems. Frequently it is better just to add a few manually designed test cases than to extend the model to cover all the details for all cases. ECONOMY IN TESTING The size and complexity of today’s software requires that testers be economical in their test methods. Testers need a good understanding of the fault models of their tech- niques and when and how they apply in order to make them better than stochastic testing. Code coverage should be used to make testing more efficient in selecting and prioritizing tests, but not necessarily in judging the tests. Data on customer usage is also paramount in selecting tests and configurations with constrained resources. Pair- wise testing can be used to control the growth of testing different configurations. Attempting to black-box test integrations of poor-qual- ity components (the traditional “big bang” technique) has always been ineffective, but large systems make it exponentially worse. Test groups must require and prod- uct developers must embrace thorough unit testing and preferably tests before code (test-driven development). Dependencies among units must be controlled to make integration quality truly feasible. Q LOVE IT, HATE IT? LET US KNOW [email protected] or www.acmqueue.com/forums REFERENCES 1. Kaner, C. 2000. Architectures of test automation.
http://www.kaner.com/testarch.html. 2. Hoffman, D. So little time, so many cases. www.cs.bsu. edu/homepages/dmz/cs639/So%20little%20time,%20s o%20many%20cases.ppt. 3. Howard, M., and LeBlanc, D. 2002. Writing secure code, 2nd edition. Microsoft Press. 4. Nair, V. N., et al. 1998. A statistical assessment of some software testing strategies and application of experi- mental design techniques. Statistica Sinica 8: 165-184. 5. Ntafos, S. C. 2001. On comparisons of random, parti- tion, and proportional partition testing. IEEE Transac- tions on Software Engineering 27(10). 6. Bach, J., and Schroeder, P. 2004. Pairwise testing: A best practice that isn’t. 22nd Annual Pacific Northwest Software Quality Conference, Portland, OR. http:// www.pnsqc.org/proceedings/pnsqc2004.pdf. 7. Hoffman, D. 1999. Heuristic test oracles. Software Test- ing and Quality Engineering (March/April). http://soft- warequalitymethods.com/SQM/Papers/HeuristicPaper. pdf. 8. Hoffman, D. 1998. A taxonomy for test oracles. Qual- ity Week ’98. http://softwarequalitymethods.com/ SQM/Slides/ATaxonomyslide.pdf. 9. Saff, D., and Ernst, M. 2004. Automatic mock object creation for test factoring. ACM SIGPLAN/SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE’04), Washington, DC (June 7-8): 49-51.
10. Larus, J., et al. 2004. Righting Software. IEEE Software 21(3): 92-100. 11. Savage, S., Burrows, M., Nelson, G., Sobalvarro, P., and Anderson, T. 1997. Eraser: A dynamic data race detec- tor for multithreaded programs. ACM Transactions on Computer Systems 15(4): 391-411. 12. Tate, A. 2003. The best testers are free. Software Testing Analysis and Review (STAR West). 13. Marinov, D., and Khurshid, S. 2001. TestEra: A novel framework for automated testing of Java programs. Proceedings of the 16th IEEE Conference on Automated Software Engineering (November): 22-31. 14. Ball, T., et al. 2000. State generation and automated class testing. Software Testing, Verification and Reliability 10(3): 149-170. 15. Whittaker, J. A. 1997. Stochastic software testing. Annals of Software Engineering 4: 115-131. http://www. geocities.com/harry_robinson_testing/whittaker97. doc. 16. Robinson, H., and Corning, M. Model-based testing in the key of C#. http://www.qasig.org/presentations/ QASIG_Goldilocks2.pdf. KEITH STOBIE is a test architect in Microsoft’s XML Web Services group (Indigo), where he directs and instructs in QA and test process and strategy. He also plans, designs, and reviews software architecture and tests. With 20 years of distributed systems testing experience, Stobie’s interests are in testing methodology, tools technology, and quality
process. He is also active in the Web Services Interoperability organization’s (WS-I.org) Test Working Group creating test tools for analysis and conformance of WS-I profiles. He has a B.S. in computer science from Cornell University. © 2005 ACM 1542-7730/05/0200

Recommended

Annotated Bibliography .Guidelines Annotated Bibliograph.docx
Annotated Bibliography .Guidelines Annotated Bibliograph.docxAnnotated Bibliography .Guidelines Annotated Bibliograph.docx
Annotated Bibliography .Guidelines Annotated Bibliograph.docxjustine1simpson78276
 
A PARTICLE SWARM OPTIMIZATION TECHNIQUE FOR GENERATING PAIRWISE TEST CASES
A PARTICLE SWARM OPTIMIZATION TECHNIQUE FOR GENERATING PAIRWISE TEST CASESA PARTICLE SWARM OPTIMIZATION TECHNIQUE FOR GENERATING PAIRWISE TEST CASES
A PARTICLE SWARM OPTIMIZATION TECHNIQUE FOR GENERATING PAIRWISE TEST CASESKula Sekhar Reddy Yerraguntla
 
Regression Optimizer
Regression OptimizerRegression Optimizer
Regression OptimizerShradha Singh
 
A Productive Method for Improving Test Effectiveness
A Productive Method for Improving Test EffectivenessA Productive Method for Improving Test Effectiveness
A Productive Method for Improving Test EffectivenessShradha Singh
 
nullcon 2011 - Fuzzing with Complexities
nullcon 2011 - Fuzzing with Complexitiesnullcon 2011 - Fuzzing with Complexities
nullcon 2011 - Fuzzing with Complexitiesn|u - The Open Security Community
 
Driven to Tests
Driven to TestsDriven to Tests
Driven to TestsKevlin Henney
 
Combinatorial testing ppt
Combinatorial testing pptCombinatorial testing ppt
Combinatorial testing pptKedar Kumar
 
Testing Software Solutions
Testing Software SolutionsTesting Software Solutions
Testing Software Solutionsgavhays
 

Recommended

Annotated Bibliography .Guidelines Annotated Bibliograph.docx
Annotated Bibliography .Guidelines Annotated Bibliograph.docxAnnotated Bibliography .Guidelines Annotated Bibliograph.docx
Annotated Bibliography .Guidelines Annotated Bibliograph.docxjustine1simpson78276
 
A PARTICLE SWARM OPTIMIZATION TECHNIQUE FOR GENERATING PAIRWISE TEST CASES
A PARTICLE SWARM OPTIMIZATION TECHNIQUE FOR GENERATING PAIRWISE TEST CASESA PARTICLE SWARM OPTIMIZATION TECHNIQUE FOR GENERATING PAIRWISE TEST CASES
A PARTICLE SWARM OPTIMIZATION TECHNIQUE FOR GENERATING PAIRWISE TEST CASESKula Sekhar Reddy Yerraguntla
 
Regression Optimizer
Regression OptimizerRegression Optimizer
Regression OptimizerShradha Singh
 
A Productive Method for Improving Test Effectiveness
A Productive Method for Improving Test EffectivenessA Productive Method for Improving Test Effectiveness
A Productive Method for Improving Test EffectivenessShradha Singh
 
nullcon 2011 - Fuzzing with Complexities
nullcon 2011 - Fuzzing with Complexitiesnullcon 2011 - Fuzzing with Complexities
nullcon 2011 - Fuzzing with Complexitiesn|u - The Open Security Community
 
Driven to Tests
Driven to TestsDriven to Tests
Driven to TestsKevlin Henney
 
Combinatorial testing ppt
Combinatorial testing pptCombinatorial testing ppt
Combinatorial testing pptKedar Kumar
 
Testing Software Solutions
Testing Software SolutionsTesting Software Solutions
Testing Software Solutionsgavhays
 
Whole test suite generation
Whole test suite generationWhole test suite generation
Whole test suite generationJPINFOTECH JAYAPRAKASH
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Testing Hourglass at Jira Frontend - by Alexey Shpakov, Sr. Developer @ Atlas...
Testing Hourglass at Jira Frontend - by Alexey Shpakov, Sr. Developer @ Atlas...Testing Hourglass at Jira Frontend - by Alexey Shpakov, Sr. Developer @ Atlas...
Testing Hourglass at Jira Frontend - by Alexey Shpakov, Sr. Developer @ Atlas...Applitools
 
Technical Report: My Container
Technical Report: My ContainerTechnical Report: My Container
Technical Report: My ContainerFabio Simeoni
 
Making the Unstable Stable - An Intro To Testing
Making the Unstable Stable - An Intro To TestingMaking the Unstable Stable - An Intro To Testing
Making the Unstable Stable - An Intro To TestingCameron Presley
 
Software testing methods
Software testing methodsSoftware testing methods
Software testing methodsHoma Pourmohammadi
 
testing
testingtesting
testingRashmi Deoli
 
Software Testing
Software TestingSoftware Testing
Software TestingFaisal Hussain
 
Keerthi report
Keerthi reportKeerthi report
Keerthi reportKeerthi Sagar
 
unittesting-190620114546 (1).pptx document
unittesting-190620114546 (1).pptx documentunittesting-190620114546 (1).pptx document
unittesting-190620114546 (1).pptx documentAkshayaM79
 
Advanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip VerificationAdvanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip VerificationVLSICS Design
 
Automating The Process For Building Reliable Software
Automating The Process For Building Reliable SoftwareAutomating The Process For Building Reliable Software
Automating The Process For Building Reliable Softwareguest8861ff
 
MBT_Installers_Dev_Env
MBT_Installers_Dev_EnvMBT_Installers_Dev_Env
MBT_Installers_Dev_EnvChris Struble
 
Combinatorial testing
Combinatorial testingCombinatorial testing
Combinatorial testingKedar Kumar
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
TestDrivenDeveloment
TestDrivenDevelomentTestDrivenDeveloment
TestDrivenDevelomentAntonio Tapper
 
Implementing a testing strategy
Implementing a testing strategyImplementing a testing strategy
Implementing a testing strategyDaniel Giraldo
 
Test design techniques
Test design techniquesTest design techniques
Test design techniquesOksana
 
want to contact me login to www.stqa.org
want to contact me login to www.stqa.orgwant to contact me login to www.stqa.org
want to contact me login to www.stqa.orgnazeer pasha
 
programming testing.pdf
programming testing.pdfprogramming testing.pdf
programming testing.pdfSatishkumar722293
 
(No Plagiarism) Explain the statement Although many leading organi.docx
(No Plagiarism) Explain the statement Although many leading organi.docx(No Plagiarism) Explain the statement Although many leading organi.docx
(No Plagiarism) Explain the statement Although many leading organi.docxtamicawaysmith
 
 What made you choose this career path What advice do you hav.docx
 What made you choose this career path What advice do you hav.docx What made you choose this career path What advice do you hav.docx
 What made you choose this career path What advice do you hav.docxtamicawaysmith
 

More Related Content

Similar to Testing large complex software systems

Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Testing Hourglass at Jira Frontend - by Alexey Shpakov, Sr. Developer @ Atlas...
Testing Hourglass at Jira Frontend - by Alexey Shpakov, Sr. Developer @ Atlas...Testing Hourglass at Jira Frontend - by Alexey Shpakov, Sr. Developer @ Atlas...
Testing Hourglass at Jira Frontend - by Alexey Shpakov, Sr. Developer @ Atlas...Applitools
 
Technical Report: My Container
Technical Report: My ContainerTechnical Report: My Container
Technical Report: My ContainerFabio Simeoni
 
Making the Unstable Stable - An Intro To Testing
Making the Unstable Stable - An Intro To TestingMaking the Unstable Stable - An Intro To Testing
Making the Unstable Stable - An Intro To TestingCameron Presley
 
unittesting-190620114546 (1).pptx document
unittesting-190620114546 (1).pptx documentunittesting-190620114546 (1).pptx document
unittesting-190620114546 (1).pptx documentAkshayaM79
 
Advanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip VerificationAdvanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip VerificationVLSICS Design
 
Automating The Process For Building Reliable Software
Automating The Process For Building Reliable SoftwareAutomating The Process For Building Reliable Software
Automating The Process For Building Reliable Softwareguest8861ff
 
MBT_Installers_Dev_Env
MBT_Installers_Dev_EnvMBT_Installers_Dev_Env
MBT_Installers_Dev_EnvChris Struble
 
Combinatorial testing
Combinatorial testingCombinatorial testing
Combinatorial testingKedar Kumar
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Implementing a testing strategy
Implementing a testing strategyImplementing a testing strategy
Implementing a testing strategyDaniel Giraldo
 
Test design techniques
Test design techniquesTest design techniques
Test design techniquesOksana
 
want to contact me login to www.stqa.org
want to contact me login to www.stqa.orgwant to contact me login to www.stqa.org
want to contact me login to www.stqa.orgnazeer pasha
 

Similar to Testing large complex software systems (20)

Whole test suite generation
Whole test suite generationWhole test suite generation
Whole test suite generation
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
 
Testing Hourglass at Jira Frontend - by Alexey Shpakov, Sr. Developer @ Atlas...
Testing Hourglass at Jira Frontend - by Alexey Shpakov, Sr. Developer @ Atlas...Testing Hourglass at Jira Frontend - by Alexey Shpakov, Sr. Developer @ Atlas...
Testing Hourglass at Jira Frontend - by Alexey Shpakov, Sr. Developer @ Atlas...
 
Technical Report: My Container
Technical Report: My ContainerTechnical Report: My Container
Technical Report: My Container
 
Making the Unstable Stable - An Intro To Testing
Making the Unstable Stable - An Intro To TestingMaking the Unstable Stable - An Intro To Testing
Making the Unstable Stable - An Intro To Testing
 
Software testing methods
Software testing methodsSoftware testing methods
Software testing methods
 
testing
testingtesting
testing
 
Software Testing
Software TestingSoftware Testing
Software Testing
 
Keerthi report
Keerthi reportKeerthi report
Keerthi report
 
unittesting-190620114546 (1).pptx document
unittesting-190620114546 (1).pptx documentunittesting-190620114546 (1).pptx document
unittesting-190620114546 (1).pptx document
 
Advanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip VerificationAdvanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip Verification
 
Automating The Process For Building Reliable Software
Automating The Process For Building Reliable SoftwareAutomating The Process For Building Reliable Software
Automating The Process For Building Reliable Software
 
MBT_Installers_Dev_Env
MBT_Installers_Dev_EnvMBT_Installers_Dev_Env
MBT_Installers_Dev_Env
 
Combinatorial testing
Combinatorial testingCombinatorial testing
Combinatorial testing
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
TestDrivenDeveloment
TestDrivenDevelomentTestDrivenDeveloment
TestDrivenDeveloment
 
Implementing a testing strategy
Implementing a testing strategyImplementing a testing strategy
Implementing a testing strategy
 
Test design techniques
Test design techniquesTest design techniques
Test design techniques
 
want to contact me login to www.stqa.org
want to contact me login to www.stqa.orgwant to contact me login to www.stqa.org
want to contact me login to www.stqa.org
 
programming testing.pdf
programming testing.pdfprogramming testing.pdf
programming testing.pdf
 

More from tamicawaysmith

(No Plagiarism) Explain the statement Although many leading organi.docx
(No Plagiarism) Explain the statement Although many leading organi.docx(No Plagiarism) Explain the statement Although many leading organi.docx
(No Plagiarism) Explain the statement Although many leading organi.docxtamicawaysmith
 
 What made you choose this career path What advice do you hav.docx
 What made you choose this career path What advice do you hav.docx What made you choose this career path What advice do you hav.docx
 What made you choose this career path What advice do you hav.docxtamicawaysmith
 
 Patient Population The student will describe the patient populati.docx
 Patient Population The student will describe the patient populati.docx Patient Population The student will describe the patient populati.docx
 Patient Population The student will describe the patient populati.docxtamicawaysmith
 
 Dr. Paul Murray  Bessie Coleman  Jean-Bapiste Bell.docx
 Dr. Paul Murray  Bessie Coleman  Jean-Bapiste Bell.docx Dr. Paul Murray  Bessie Coleman  Jean-Bapiste Bell.docx
 Dr. Paul Murray  Bessie Coleman  Jean-Bapiste Bell.docxtamicawaysmith
 
 In depth analysis of your physical fitness progress  Term p.docx
 In depth analysis of your physical fitness progress  Term p.docx In depth analysis of your physical fitness progress  Term p.docx
 In depth analysis of your physical fitness progress  Term p.docxtamicawaysmith
 
 Information systems infrastructure evolution and trends  Str.docx
 Information systems infrastructure evolution and trends  Str.docx Information systems infrastructure evolution and trends  Str.docx
 Information systems infrastructure evolution and trends  Str.docxtamicawaysmith
 
⦁One to two paragraph brief summary of the book. ⦁Who is the.docx
⦁One to two paragraph brief summary of the book. ⦁Who is the.docx⦁One to two paragraph brief summary of the book. ⦁Who is the.docx
⦁One to two paragraph brief summary of the book. ⦁Who is the.docxtamicawaysmith
 
101018, 6(27 PMPage 1 of 65httpsjigsaw.vitalsource.co.docx
101018, 6(27 PMPage 1 of 65httpsjigsaw.vitalsource.co.docx101018, 6(27 PMPage 1 of 65httpsjigsaw.vitalsource.co.docx
101018, 6(27 PMPage 1 of 65httpsjigsaw.vitalsource.co.docxtamicawaysmith
 
100.0 Criteria10.0 Part 1 PLAAFP The PLAAFP thoroughly an.docx
100.0 Criteria10.0 Part 1 PLAAFP The PLAAFP thoroughly an.docx100.0 Criteria10.0 Part 1 PLAAFP The PLAAFP thoroughly an.docx
100.0 Criteria10.0 Part 1 PLAAFP The PLAAFP thoroughly an.docxtamicawaysmith
 
100635307FLORIDABUILDINGCODE Sixth Edition(2017).docx
100635307FLORIDABUILDINGCODE Sixth Edition(2017).docx100635307FLORIDABUILDINGCODE Sixth Edition(2017).docx
100635307FLORIDABUILDINGCODE Sixth Edition(2017).docxtamicawaysmith
 
1003Violence Against WomenVolume 12 Number 11Novembe.docx
1003Violence Against WomenVolume 12 Number 11Novembe.docx1003Violence Against WomenVolume 12 Number 11Novembe.docx
1003Violence Against WomenVolume 12 Number 11Novembe.docxtamicawaysmith
 
102120151De-Myth-tifying Grading in Sp.docx
102120151De-Myth-tifying Grading in Sp.docx102120151De-Myth-tifying Grading in Sp.docx
102120151De-Myth-tifying Grading in Sp.docxtamicawaysmith
 
100.0 Criteria30.0 Flowchart ContentThe flowchart skillful.docx
100.0 Criteria30.0 Flowchart ContentThe flowchart skillful.docx100.0 Criteria30.0 Flowchart ContentThe flowchart skillful.docx
100.0 Criteria30.0 Flowchart ContentThe flowchart skillful.docxtamicawaysmith
 
100 words agree or disagree to eac questions Q 1.As her .docx
100 words agree or disagree to eac questions Q 1.As her .docx100 words agree or disagree to eac questions Q 1.As her .docx
100 words agree or disagree to eac questions Q 1.As her .docxtamicawaysmith
 
101118, 4(36 PMCollection – MSA 603 Strategic Planning for t.docx
101118, 4(36 PMCollection – MSA 603 Strategic Planning for t.docx101118, 4(36 PMCollection – MSA 603 Strategic Planning for t.docx
101118, 4(36 PMCollection – MSA 603 Strategic Planning for t.docxtamicawaysmith
 
100 words per question, no references needed or quotations. Only a g.docx
100 words per question, no references needed or quotations. Only a g.docx100 words per question, no references needed or quotations. Only a g.docx
100 words per question, no references needed or quotations. Only a g.docxtamicawaysmith
 
100A 22 4 451A 1034 51B 1000 101C 1100 11D 112.docx
100A 22 4 451A 1034 51B 1000 101C 1100 11D 112.docx100A 22 4 451A 1034 51B 1000 101C 1100 11D 112.docx
100A 22 4 451A 1034 51B 1000 101C 1100 11D 112.docxtamicawaysmith
 
10122018Week 5 Required Reading and Supplementary Materials - .docx
10122018Week 5 Required Reading and Supplementary Materials - .docx10122018Week 5 Required Reading and Supplementary Materials - .docx
10122018Week 5 Required Reading and Supplementary Materials - .docxtamicawaysmith
 
101416 526 PMAfter September 11 Our State of Exception by .docx
101416 526 PMAfter September 11 Our State of Exception by .docx101416 526 PMAfter September 11 Our State of Exception by .docx
101416 526 PMAfter September 11 Our State of Exception by .docxtamicawaysmith
 
100 words per question, no references needed or quotations. Only.docx
100 words per question, no references needed or quotations. Only.docx100 words per question, no references needed or quotations. Only.docx
100 words per question, no references needed or quotations. Only.docxtamicawaysmith
 

More from tamicawaysmith (20)

(No Plagiarism) Explain the statement Although many leading organi.docx
(No Plagiarism) Explain the statement Although many leading organi.docx(No Plagiarism) Explain the statement Although many leading organi.docx
(No Plagiarism) Explain the statement Although many leading organi.docx
 
 What made you choose this career path What advice do you hav.docx
 What made you choose this career path What advice do you hav.docx What made you choose this career path What advice do you hav.docx
 What made you choose this career path What advice do you hav.docx
 
 Patient Population The student will describe the patient populati.docx
 Patient Population The student will describe the patient populati.docx Patient Population The student will describe the patient populati.docx
 Patient Population The student will describe the patient populati.docx
 
 Dr. Paul Murray  Bessie Coleman  Jean-Bapiste Bell.docx
 Dr. Paul Murray  Bessie Coleman  Jean-Bapiste Bell.docx Dr. Paul Murray  Bessie Coleman  Jean-Bapiste Bell.docx
 Dr. Paul Murray  Bessie Coleman  Jean-Bapiste Bell.docx
 
 In depth analysis of your physical fitness progress  Term p.docx
 In depth analysis of your physical fitness progress  Term p.docx In depth analysis of your physical fitness progress  Term p.docx
 In depth analysis of your physical fitness progress  Term p.docx
 
 Information systems infrastructure evolution and trends  Str.docx
 Information systems infrastructure evolution and trends  Str.docx Information systems infrastructure evolution and trends  Str.docx
 Information systems infrastructure evolution and trends  Str.docx
 
⦁One to two paragraph brief summary of the book. ⦁Who is the.docx
⦁One to two paragraph brief summary of the book. ⦁Who is the.docx⦁One to two paragraph brief summary of the book. ⦁Who is the.docx
⦁One to two paragraph brief summary of the book. ⦁Who is the.docx
 
101018, 6(27 PMPage 1 of 65httpsjigsaw.vitalsource.co.docx
101018, 6(27 PMPage 1 of 65httpsjigsaw.vitalsource.co.docx101018, 6(27 PMPage 1 of 65httpsjigsaw.vitalsource.co.docx
101018, 6(27 PMPage 1 of 65httpsjigsaw.vitalsource.co.docx
 
100.0 Criteria10.0 Part 1 PLAAFP The PLAAFP thoroughly an.docx
100.0 Criteria10.0 Part 1 PLAAFP The PLAAFP thoroughly an.docx100.0 Criteria10.0 Part 1 PLAAFP The PLAAFP thoroughly an.docx
100.0 Criteria10.0 Part 1 PLAAFP The PLAAFP thoroughly an.docx
 
100635307FLORIDABUILDINGCODE Sixth Edition(2017).docx
100635307FLORIDABUILDINGCODE Sixth Edition(2017).docx100635307FLORIDABUILDINGCODE Sixth Edition(2017).docx
100635307FLORIDABUILDINGCODE Sixth Edition(2017).docx
 
1003Violence Against WomenVolume 12 Number 11Novembe.docx
1003Violence Against WomenVolume 12 Number 11Novembe.docx1003Violence Against WomenVolume 12 Number 11Novembe.docx
1003Violence Against WomenVolume 12 Number 11Novembe.docx
 
102120151De-Myth-tifying Grading in Sp.docx
102120151De-Myth-tifying Grading in Sp.docx102120151De-Myth-tifying Grading in Sp.docx
102120151De-Myth-tifying Grading in Sp.docx
 
100.0 Criteria30.0 Flowchart ContentThe flowchart skillful.docx
100.0 Criteria30.0 Flowchart ContentThe flowchart skillful.docx100.0 Criteria30.0 Flowchart ContentThe flowchart skillful.docx
100.0 Criteria30.0 Flowchart ContentThe flowchart skillful.docx
 
100 words agree or disagree to eac questions Q 1.As her .docx
100 words agree or disagree to eac questions Q 1.As her .docx100 words agree or disagree to eac questions Q 1.As her .docx
100 words agree or disagree to eac questions Q 1.As her .docx
 
101118, 4(36 PMCollection – MSA 603 Strategic Planning for t.docx
101118, 4(36 PMCollection – MSA 603 Strategic Planning for t.docx101118, 4(36 PMCollection – MSA 603 Strategic Planning for t.docx
101118, 4(36 PMCollection – MSA 603 Strategic Planning for t.docx
 
100 words per question, no references needed or quotations. Only a g.docx
100 words per question, no references needed or quotations. Only a g.docx100 words per question, no references needed or quotations. Only a g.docx
100 words per question, no references needed or quotations. Only a g.docx
 
100A 22 4 451A 1034 51B 1000 101C 1100 11D 112.docx
100A 22 4 451A 1034 51B 1000 101C 1100 11D 112.docx100A 22 4 451A 1034 51B 1000 101C 1100 11D 112.docx
100A 22 4 451A 1034 51B 1000 101C 1100 11D 112.docx
 
10122018Week 5 Required Reading and Supplementary Materials - .docx
10122018Week 5 Required Reading and Supplementary Materials - .docx10122018Week 5 Required Reading and Supplementary Materials - .docx
10122018Week 5 Required Reading and Supplementary Materials - .docx
 
101416 526 PMAfter September 11 Our State of Exception by .docx
101416 526 PMAfter September 11 Our State of Exception by .docx101416 526 PMAfter September 11 Our State of Exception by .docx
101416 526 PMAfter September 11 Our State of Exception by .docx
 
100 words per question, no references needed or quotations. Only.docx
100 words per question, no references needed or quotations. Only.docx100 words per question, no references needed or quotations. Only.docx
100 words per question, no references needed or quotations. Only.docx
 

Recently uploaded

“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...M56BOOKSTORE PRODUCT/SERVICE
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 

Recently uploaded (20)

“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 

Testing large complex software systems

  • 1. 30 February 2005 QUEUE rants: [email protected] DARNEDTesting large systems is a daunting task, but there are steps we can take to ease the pain. T he increasing size and complexity of software, coupled with concurrency and dis- tributed systems, has made apparent the ineffectiveness of using only handcrafted tests. The misuse of code coverage and avoidance of random testing has exacer- bated the problem. We must start again, beginning with good design (including dependency analysis), good static checking (including model property checking), and good unit testing (including good input selection). Code coverage can help select and prioritize tests to make you more effi cient, as can the all-pairs technique for controlling the number of confi gurations. Finally, testers can use models to generate test coverage and good stochastic tests, and to act as test oracles. HANDCRAFTED TESTS OUTPACED BY HARDWARE AND SOFTWARE Hardware advances have followed Moore’s law for years, giving the capability for run- ning ever-more complex software on the same cost platform. Developers have taken advantage of this by raising their level of abstraction from assembly to fi rst-generation
  • 2. compiled languages to managed code such as C# and Java, and rapid application devel- opment environments such as Visual Basic. Although the number of lines of code per day per programmer appears to remain relatively fi xed, the power of each line of code has increased, allowing complex systems to be built. Moore’s law provides double the computing power every 18 months and software code size tends to double every seven years, but software testing does not appear to be keeping pace. QUEUE February 2005 31 more queue: www.acmqueue.comBIGBIGBIGTO TESTTOO DARNED Quality AssuranceFO C U S KEITH STOBIE, MICROSOFT 32 February 2005 QUEUE rants: [email protected] Unfortunately, the increased power has not, in gen- eral, made testing easier. While in a few cases the more powerful hardware means we can do more complete test- ing, in general the testing problem is getting worse. You can test square root for all the 32-bit values in a reason- able time,1,2 but we are now moving to 64-bit machines with 64-bit values (and even longer for fl oating point). Assuming a nanosecond per test case, it would take 584
  • 3. years to test all the values. Sure, you could scale to, say, 1,000 processors, but you would still need six months for just this one test case. Two other issues of complexity to consider are: the number of different execution states software can go through, and concurrency. User interfaces were originally very rigid, letting users progress through a single fi xed set of operations—for example, a single set of hierarchi- cal menus and prompts. Now, good user design is event driven with the user in control of the sequence of actions. Further, many actions can be accomplished in multiple manners (e.g., closing a window via the menu [File/ Close], a shortcut key [ALT-F4], or the mouse [click on the Close icon]). Multiple rep- resentations of items (e.g., fi le names) also generally mean multiple execution paths. A manifestation of this is the security issue that occurs when an application makes wrong decisions based on a non- canonical representation of a name.3 These explo- sive combinations make it virtually impossible for a tester to both conceive of and then test a reasonable sampling of all the combinations. Concurrency is becoming more prevalent at many levels. Beyond multiple processes, we see increasing lower-level concurrency, especially as a result of multicore chipsets that encourage parallelism via threading and hyperthreading; soon, everyone will have a dual-proces- sor machine. Machine clustering and Web services are
  • 4. increasing the concurrency across applications. All of this creates greater possibilities for more insidi- ous bugs to be introduced, while making them harder to detect. MISUNDERSTANDING CODE COVERAGE AND STOCHASTIC TESTING Before discussing possible approaches to these problems, let’s clear up some pervasive misconceptions. Myth: Code coverage means quality. Tools for measur- ing structural code coverage have become increasingly easy to use and deploy and have thus deservedly gained greater acceptance in the testing arsenal. A fundamental fl aw made by many organizations (especially by manage- ment, which measures by numbers) is to presume that because low code-coverage measures indicate poor test- ing, or that because good sets of tests have high coverage, high coverage therefore implies good testing (see Logical Fallacies sidebar). Code coverage merely measures that a statement, block, or branch has been exercised. It gives no measure of whether the exercised code behaved cor- rectly. As code gets too big to easily roll up qualitative assessments, people start summarizing code coverage instead of test information. Thus, we know low code cov- erage is bad, because if we have never exercised the code, it appears impossible to say we have “tested” it. However, while having something that just executes the code may consequently reveal a few possible fl aws (e.g., a complete system failure), it doesn’t really indicate if the code has been what most people consider tested. BIG TO TEST
  • 5. TOO DARNED Quality AssuranceFO C U S Logical Fallacies Denying the Antecedent: If A, then B; not A; therefore, not B If low coverage, then poor tests; not low coverage; therefore, not poor tests Asserting the Consequent: If p, then q; q; therefore, p If good tests, then high coverage; high coverage; therefore, good tests QUEUE February 2005 33 more queue: www.acmqueue.com Tested indicates you have verified the results of the code execution in useful ways. The fallacy of high code coverage will become more evident with the next genera- tion of automatic unit testing tools (discussed later) that can generate high code coverage with no results checking. Further, results of real software comparing code coverage and defect density (defects per kilo-lines of code) show that using coverage measures alone as predictors of defect density (software quality/reliability) is not accurate.
  • 6. Myth: Random testing is bad. One of the big debates in testing is partitioned (typically handcrafted) test design versus operational, profile-based stochastic testing (a method of random testing). Whereas many organiza- tions today still perform testing (such as choosing the partitions) as a craft (either manually or semi-automati- cally), it is unclear that this is the most effective method, especially with the increasing complexity of software. Current evidence indicates that unless you have reliable knowledge about areas of increased fault likelihood, then random testing can do as well as handcrafted tests.4,5 For example, a recent academic study with fault seed- ing showed that under some circumstance the all-pairs testing technique (see “Choose configuration interactions with all-pairs” later in this article) applied to function parameters was no better than random testing at detect- ing faults.6 The real difficulty in doing random testing (like the problem with coverage) is verifying the result. How, for random inputs, can we judge the output? It is easier to have static tests with precomputed outputs. In testing, being able to verify the output is called the test oracle problem.7,8 There are numerous current areas of work on this problem. Another problem is that very low probability sub– domains are likely to be disregarded by random testing, but if the cost of failures in those subdomains is very high, they could have a large impact. This is a major flaw of random testing and a good reason for using it as a complementary rather than the sole testing strategy. Part of the testing discipline is to understand where we have reliable knowledge of increased fault likelihood.
  • 7. The classic boundary value analysis technique succeeds because off-by-one errors increase the fault likelihood at boundaries. Many other analysis techniques have a less tried-and-true underlying fault model to reliably indi- cate increased fault likelihood. For example, partitioning based on code coverage doesn’t guarantee finding the fault, as the right input must be used to stimulate the fault and sufficient verification must be done to realize the fault has produced a failure. TEST ISSUES: DO OVER It’s clear that increasing structural code coverage doesn’t solve the testing problem and that stochastic testing is frequently as good as or better than handcrafted test cases. Given this state of affairs, how do we address the issue of “it’s too darned big to test”? There are several approaches to consider: unit testing, design, static check- ing, and concurrency testing. Good unit testing (including good input selection). Getting high-quality units before integration is the first key to making big system testing tractable. The simple way to do that is to follow the decades-old recommenda- tion of starting with good unit testing. The IEEE Standard for Software Unit Testing has been around for years [Std. 1008-1987] and requires 100 percent statement cover- age. This has been nicely reincarnated via the test-driven development movement, which also espouses the previ- ously seldom-adhered-to idea of writing the tests before the code. Testing a big system is especially difficult when the underlying components and units are of low quality. Why isn’t good unit testing prevalent? In many shops the problem is partly cultural. Software developers pre- sumed someone else was responsible for testing besides them. Some development groups have spent more effort
  • 8. building out stubbed components and test harnesses than on building the actual components. Standard unit testing harnesses now exist for many environments, and the creation of mock objects is becoming semi-automated. Another reason for poor unit testing is that software was once simpler and reliability expectations lower. In today’s world insecure systems arising from simple problems (for example, buffer overruns) that good unit testing could have caught have really motivated management to drive for better unit testing. A variety of tools exist in this arena. Unit testing frameworks include the XUnit family of tools, Framework for Integrated Test (Ward Cunningham’s Fit), Team Share, etc. Further, IDEs (integrated development environments) such as Eclipse and Rational can generate unit test out- lines. Any development shop should be able to find and use applicable ones. In general, today’s unit testing requires developers to handcraft each test case by defining the input and the expected output. In the future, more intelligent tools will be able to create good input coverage test cases and some expected output. We may see 100 percent code coverage, with no results checking. We will need to become more aware of the thoroughness of results checking instead of just code coverage. How to measure results-checking thoroughness hasn’t really been addressed. 34 February 2005 QUEUE rants: [email protected] Current automatic unit-generation test techniques work from the simple known failure modes (such as null parameters as inputs) to analysis of the data structures used. Data-structure generation can be based on con-
  • 9. straint solvers, models, and symbolic execution. Other tools can enhance an existing set of tests. For example, Eclat creates an approximate test oracle from a test suite, then uses that oracle to aid in generating test inputs that are likely to reveal bugs or expose new behav- ior while ignoring those that are invalid inputs or that exercise already-tested functionality. Even without tools, just training people in simple functional test techniques can help them choose bet- ter inputs for their unit testing. You can also start with generic checklists of things to test and then make them your own by recording your organization’s history of what makes interesting input. You can fi nd industry checklists in several books under different names such as the following: “Common Software Errors” (Kaner, C., Falk, J. and Nguyen, H.Q. 1993. Testing Computer Soft- ware. Van Nostrand Reinhold); “Test Catalog” (Marick, B. 1994. Craft of Software Testing. Prentice Hall PTR. www. testing.com/writings/short-catalog.pdf); or “Attacks” (Whittaker, J.A. 2002. How to Break Software: A Practi- cal Guide to Testing. Addison Wesley); as well as on the Web (for example, http://blogs.msdn.com/jledgard/ archive/2003/11/03/53722.aspx). Good design (including dependency analysis). Many books and papers explain how to do good up-front design (the best kind), but what if you already have the code? Dependency analysis can be used to refactor code (rewriting to improve code readability or structure; see http://www.refactoring.com/). Many IDEs are incorporat- ing features to make code refactoring easier. Good unit tests, as agile methods advocate, provide more confi dence
  • 10. that refactoring hasn’t broken or regressed the system. Dependency analysis allows testers to choose only those test cases that target a change. Simplistic analysis can be done by looking at structural code dependencies, and it can be very effective. More sophisticated data-fl ow analysis allows more accurate dependency determina- tion, but at a greater cost. Either technique can be a big improvement over just running everything all the time. A test design implication of this is to create relatively small test cases to reduce extraneous testing or factor big tests into little ones.9 Good static checking (including model property checking). The convergence of static analysis tools with formal methods is now providing powerful tools for ensuring high-quality units and to some extent their integration. For example, PREfi x is a simulation tool for C/C++ that simulates the program execution state along a selected set of program paths and queries the execution state to identify programming errors.10 The issue creat- ing the greatest resistance to adoption for most static checking remains the false positive rate. Some tools can only make reliable guesses and sometimes guess wrong. Developers get frustrated if they can’t turn off the tool for the places they know it is wrong. Sometimes develop- ers get carried away and turn off too much, then miss problems the tool could have caught. Some developers don’t believe the issues found are really bugs even when they are. Many of the more advanced checks require additional annotations to describe the intent. You can emulate some of the stricter checks in any language just using compiler or language constructs such as assert(). It is still a chal- lenge to convince many developers that the extra annota-
  • 11. tions will pay off in higher-quality, more robust, and more maintainable code. Others, however, who have used it and seen nasty issues that would have taken hours, days, or weeks to debug being found effortlessly up front, would never go back. All of this data can also help independent testers later because defects found through static analysis are early indicators of pre-release system defect density. Static anal- ysis defect density can be used to discriminate between components of high and low quality (fault-prone and non-fault-prone components). Concurrency testing. Concurrency issues can be detected both statically (formal method properties such as liveness, livelock/deadlock, etc.) and dynamically (auto- matic race lockset tracking). Static detection frequently BIG TO TEST TOO DARNED Quality AssuranceFO C U S QUEUE February 2005 35 more queue: www.acmqueue.com requires extensive annotation of the source code with additional information to allow the necessary reasoning
  • 12. to be done about the code. The advantage of static analy- sis is its potential to uncover all race conditions. Dynamic race detectors, such as code coverage tools, require a good set of test cases as input because they look only at what the tests force to occur. They can, however, determine race conditions even though the test itself didn’t force it. As long as the test executes the code of the overlapping locks, it is likely to be detected. Several tools, such as Java PathExplorer (JPAX), have been created that extend the Eraser lockset algorithm.11 Besides no guaran- tee of completeness without complete test cases, the other issues still being resolved with dynamic race detectors include their performance and the number of false posi- tives they generate. More traditional methods of concurrency testing involve controlling the thread scheduler, if possible, to create unusual timings. Fault injection tools, such as Secu- rity Innovation’s Holodeck, can be used to create artifi cial delays and increase the likelihood of race conditions. As a last resort, the old standby of just running lots of activity concurrently under varying conditions has been fruitful in fi nding defects (although perhaps not as effi ciently as many of the newer methods). PRIORITIZE TESTING The previous section helps set the stage at a basic level with units of code and analysis, but most test organiza- tions deal with testing the integrated whole. Testers have to be creative in addressing the overwhelming size of today’s software systems. When it’s too darned big to test, you must be selective in what you test, and use more powerful automation such as modeling to help you test. Fault injection tools again come in handy as a way to tweak things when reaching through the overall big
  • 13. system becomes daunting (which it does quickly!). Use code coverage to help select and prioritize tests. Prioritizing test cases has become increasingly practi- cal in the past two decades. If you know the coverage of each test case, you can prioritize the tests such that you run tests in the least amount of time to get the highest coverage. The major problem here is getting the coverage data and keeping it up to date. Not all tools let you merge coverage data from different builds, and running coverage all the time can slow down testing. The time to calculate the minimization can also be a deterrent. For many collections of test cases, running the mini- mal set of test cases that give the same coverage as all of the test cases typically fi nds almost all of the bugs that running all of the test cases would fi nd. Industrial experience at several companies appears to confi rm this. For example, for an industrial program of 20,929 blocks, choosing tests only by function call cover- age required only 10 percent of the tests while providing 99.2 percent of the same coverage. Reducing by block coverage meant that 34 percent of the tests provided the same block coverage and 99.99 percent of the same branch (segment) coverage. Further, there were no fi eld- reported defects found that would have been caught by the full set of tests but missed by the coverage-reduced set of tests. Best of all, anyone can easily run the experimental comparison. First run the minimal set of tests providing the same coverage as all of the tests, and then run the remaining tests to see how many additional defects are revealed.
  • 14. You can also combine this with dependency analysis to fi rst target only the changed code. Depending on the sophistication of your dependency analysis, you may not have to do any further testing. Use customer usage data. Another great way to target testing is based on actual customer usage. Customers perceive the reliability of a product relative to their usage of it. A feature used by only a few customers on rare occa- sions will have less impact on customer satisfaction than bread-and-butter features used by virtually all customers all of the time. Although development teams can always make conjectures about product usage, which makes a useful start, actual data improves the targeting. Ideally, you can automatically record and have actual customer usage sent to you. This approach has several problems, including privacy, performance, and secu- rity. Each of these can be dealt with, but it is nontrivial. Alternatively, you may have only a select few customers reporting data, you may do random sampling, or you may fall back on case studies or usability studies. You When it’s too darned big to test, you must be selective in what you test, and use more powerful automation such as modeling to help you test. 36 February 2005 QUEUE rants: [email protected] can also work with your customers for cooperative early testing either through beta programs or even earlier pre- release disclosures.12
  • 15. Customer usage data is especially important in reli- ability testing where an operational profi le improves the meaningfulness of the reliability data. Customer usage data is also critical to prioritizing the confi gurations that you test. Setting up environments similar to those of your customers helps you fi nd interactions that you might otherwise miss. Choose confi guration interactions with all-pairs. A major problem that makes the testing task too darned big is worrying about all the possible confi gurations. Confi gurations cover things such as different hardware, different software (operating system, Web browser, appli- cation, etc.) or software versions, confi guration values (such as network speed or amount of memory), etc. If you understand which interactions of your confi gura- tions cause problems, you should explicitly test for them. But when all the software “should” be independent of the confi guration, and experience has shown you it isn’t, then you get worried. Setting up a confi guration to test is frequently expensive, and running a full set of tests typi- cally isn’t cheap, either. If you are doing performance testing, you need the more formal design-of-experiments techniques associ- ated with robust testing and requiring orthogonal arrays. For simple verifi cation, however, another easy, cheap technique used by many test shops is all-pairs. The most common defect doesn’t require any interaction. Just triggering the defect under any confi guration will cause a failure about 80 percent of the time. After basic testing eliminates those defects, the next most common defects turn out to require the interaction of just two aspects of the confi guration. Which two aspects? That’s the trick! Using all-pairs, you can cheaply verify any pair of interac-
  • 16. tions in your confi guration. Public domain tools exist (http://tejasconsulting.com/open-testware/feature/all- pairs.html), and it takes less than a half hour to download the tool and create a description of your confi guration issues. You’ll then get a very quick answer. As a simple example of this, I consulted with a test group that had tested 100 different confi gurations, but were still getting errors from the fi eld. I taught them the technique and tool, and in less than an hour they had a result showing that only 60 confi gurations were needed to cover all pairs of interactions, and the interaction most recently reported from the fi eld was one of them. That is, if they tested with fewer confi gurations, they could have found the bug before shipping. All-pairs testing may be useful in other domains, but the studies are not yet conclusive. USE OF MODELS FOR STOCHASTIC TESTS One way toward stochastic testing is via the use of models. You can begin with the simplest of models, such as “dumb monkey” test tools or “fuzz” testers. You can enhance them toward “smart monkey” tools and formal- ize them using a variety of modeling languages, such as fi nite state machines, UML2 (Unifi ed Modeling Language, version 2), and abstract state machines. Testers’ reluctance in the past to embrace formal methods came principally from the state explosion problem that appeared to rel- egate most formal methods to “toy” problems instead of the big system-level problems that many testers have to deal with. Recent advances in many fi elds have helped, but espe- cially recent breakthroughs that make SAT (propositional satisfi ability) solvers highly effi cient and able to handle
  • 17. more than 1 million variables and operations. Models can be used to generate all relevant variations for limited sizes of data structures.13,14 You can also use a stochastic model that defi nes the structure of how the target system is stimulated by its environment.15 This stochastic testing takes a different approach to sampling than partition test- ing and simple random testing. Even nonautomated models can provide useful insights for test design. Simple fi nite state machine models can show states the designers hadn’t thought about or anticipated. They also help clarify the expected behavior for the tester. You can build your own fi nite state machines in almost any language. A simple example for C# is goldilocks.16 BIG TO TEST TOO DARNED Quality AssuranceFO C U S QUEUE February 2005 37 more queue: www.acmqueue.com The major issue with model-based testing is changing testers’ mind-sets. Many testers haven’t been trained to think abstractly about what they are testing, and model- ing requires the ability to abstract away some detail while
  • 18. concentrating on specific aspects. Modeling can be espe- cially difficult for ad hoc testers not used to approaching a problem systematically. Another reason modeling fails is because people expect it to solve all their problems. Frequently it is better just to add a few manually designed test cases than to extend the model to cover all the details for all cases. ECONOMY IN TESTING The size and complexity of today’s software requires that testers be economical in their test methods. Testers need a good understanding of the fault models of their tech- niques and when and how they apply in order to make them better than stochastic testing. Code coverage should be used to make testing more efficient in selecting and prioritizing tests, but not necessarily in judging the tests. Data on customer usage is also paramount in selecting tests and configurations with constrained resources. Pair- wise testing can be used to control the growth of testing different configurations. Attempting to black-box test integrations of poor-qual- ity components (the traditional “big bang” technique) has always been ineffective, but large systems make it exponentially worse. Test groups must require and prod- uct developers must embrace thorough unit testing and preferably tests before code (test-driven development). Dependencies among units must be controlled to make integration quality truly feasible. Q LOVE IT, HATE IT? LET US KNOW [email protected] or www.acmqueue.com/forums REFERENCES 1. Kaner, C. 2000. Architectures of test automation.
  • 19. http://www.kaner.com/testarch.html. 2. Hoffman, D. So little time, so many cases. www.cs.bsu. edu/homepages/dmz/cs639/So%20little%20time,%20s o%20many%20cases.ppt. 3. Howard, M., and LeBlanc, D. 2002. Writing secure code, 2nd edition. Microsoft Press. 4. Nair, V. N., et al. 1998. A statistical assessment of some software testing strategies and application of experi- mental design techniques. Statistica Sinica 8: 165-184. 5. Ntafos, S. C. 2001. On comparisons of random, parti- tion, and proportional partition testing. IEEE Transac- tions on Software Engineering 27(10). 6. Bach, J., and Schroeder, P. 2004. Pairwise testing: A best practice that isn’t. 22nd Annual Pacific Northwest Software Quality Conference, Portland, OR. http:// www.pnsqc.org/proceedings/pnsqc2004.pdf. 7. Hoffman, D. 1999. Heuristic test oracles. Software Test- ing and Quality Engineering (March/April). http://soft- warequalitymethods.com/SQM/Papers/HeuristicPaper. pdf. 8. Hoffman, D. 1998. A taxonomy for test oracles. Qual- ity Week ’98. http://softwarequalitymethods.com/ SQM/Slides/ATaxonomyslide.pdf. 9. Saff, D., and Ernst, M. 2004. Automatic mock object creation for test factoring. ACM SIGPLAN/SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE’04), Washington, DC (June 7-8): 49-51.
  • 20. 10. Larus, J., et al. 2004. Righting Software. IEEE Software 21(3): 92-100. 11. Savage, S., Burrows, M., Nelson, G., Sobalvarro, P., and Anderson, T. 1997. Eraser: A dynamic data race detec- tor for multithreaded programs. ACM Transactions on Computer Systems 15(4): 391-411. 12. Tate, A. 2003. The best testers are free. Software Testing Analysis and Review (STAR West). 13. Marinov, D., and Khurshid, S. 2001. TestEra: A novel framework for automated testing of Java programs. Proceedings of the 16th IEEE Conference on Automated Software Engineering (November): 22-31. 14. Ball, T., et al. 2000. State generation and automated class testing. Software Testing, Verification and Reliability 10(3): 149-170. 15. Whittaker, J. A. 1997. Stochastic software testing. Annals of Software Engineering 4: 115-131. http://www. geocities.com/harry_robinson_testing/whittaker97. doc. 16. Robinson, H., and Corning, M. Model-based testing in the key of C#. http://www.qasig.org/presentations/ QASIG_Goldilocks2.pdf. KEITH STOBIE is a test architect in Microsoft’s XML Web Services group (Indigo), where he directs and instructs in QA and test process and strategy. He also plans, designs, and reviews software architecture and tests. With 20 years of distributed systems testing experience, Stobie’s interests are in testing methodology, tools technology, and quality
  • 21. process. He is also active in the Web Services Interoperability organization’s (WS-I.org) Test Working Group creating test tools for analysis and conformance of WS-I profiles. He has a B.S. in computer science from Cornell University. © 2005 ACM 1542-7730/05/0200