Test Coverage and Risk

Similar documents
Subject & Course: CS362 Software Engineering II. Credits: 4. Instructor s Name: Arpit Christi. Instructor s christia@onid.oregonstate.

The ROI of Test Automation

Schools of Software Testing

Certification Authorities Software Team (CAST) Position Paper CAST-10

Test Management and Techniques

Testing Introduction. IEEE Definitions

Four Schools of Software Testing.

Introduction to Computers and Programming. Testing

Advanced Testing Techniques

Improved Software Testing Using McCabe IQ Coverage Analysis

Outline. 1 Denitions. 2 Principles. 4 Implementation and Evaluation. 5 Debugging. 6 References

1 White-Box Testing by Stubs and Drivers

4. Test Design Techniques

Genetic Algorithm Based Test Data Generator

Basic Testing Concepts and Terminology

Teaching Software Testing from two Viewpoints

Different Approaches to White Box Testing Technique for Finding Errors

The Theory of Software Testing

Black Box Software Testing Fall 2005 Overview for Students

Regression Testing Based on Comparing Fault Detection by multi criteria before prioritization and after prioritization

Software Engineering. How does software fail? Terminology CS / COE 1530

Software Engineering Introduction & Background. Complaints. General Problems. Department of Computer Science Kent State University

A Case Study in Test Management

Test Plan Evaluation Model

Test Driven Development Part III: Continuous Integration Venkat Subramaniam

How to Misuse Code Coverage

EVALUATING METRICS AT CLASS AND METHOD LEVEL FOR JAVA PROGRAMS USING KNOWLEDGE BASED SYSTEMS

Formal Software Testing. Terri Grenda, CSTE IV&V Testing Solutions, LLC

Exploratory Testing in an Agile Context

(Refer Slide Time: 01:52)

Software Testing & Analysis (F22ST3): Static Analysis Techniques 2. Andrew Ireland

CSTE Mock Test - Part III Questions Along with Answers

Functional and LoadTest Strategies

Good FORTRAN Programs

Event- Driven Software Testing An Overview

Cem Kaner, J.D., Ph.D. Florida Institute of Technology STAR East May 2011

Module 10. Coding and Testing. Version 2 CSE IIT, Kharagpur

Developing MapReduce Programs

Name of chapter & details

Software testing. Objectives

Measuring Software Complexity to Target Risky Modules in Autonomous Vehicle Systems

User Stories Applied

Introduction to Automated Testing

Workshop on Agile Test Strategies and Experiences. Fran O'Hara, Insight Test Services, Ireland

Software Project Management Matrics. Complied by Heng Sovannarith

Softw are Testing as a Social Science

Insource or Outsource Testing: Understanding Your Context. Updates

Towards a Framework for Generating Tests to Satisfy Complex Code Coverage in Java Pathfinder

Designing a Software Test Automation Framework

Test case design techniques I: Whitebox testing CISS

Baseline Code Analysis Using McCabe IQ

Testing in Agile methodologies easier or more difficult?

Software Testing. Quality & Testing. Software Testing

Module 10. Coding and Testing. Version 2 CSE IIT, Kharagpur

THE THREE ASPECTS OF SOFTWARE QUALITY: FUNCTIONAL, STRUCTURAL, AND PROCESS

Secure Software Programming and Vulnerability Analysis

Agile Testing Overview

Di 3.1. A Test Design Poster for Testers, Developers, and Architects. Peter Zimmerer

Software Testing, Mythology & Methodologies

The Practical Organization of Automated Software Testing

Life Is a Series of Trade-Offs and Change Is Accelerating!

TESTING: FIRST STEP TOWARDS SOFTWARE QUALITY

Disclaimer for Advisys Content

Practical Online Filesystem Checking and Repair

Advancements in the V-Model

EXAM FOR INFOTECH SOFTWARE ENGINEERING FOR REAL-TIME SYSTEMS. Suggested Solution WS 13/14. - Without Engagement -

Static Analysis for Software Verification. Leon Moonen

"Code management in multi programmer environments."

Peer Review in Software Development: A Survey

The ConTract Model. Helmut Wächter, Andreas Reuter. November 9, 1999

Paradigms of Black Box Software Testing

Lecture 17: Testing Strategies" Developer Testing"

Testing Automation for Distributed Applications By Isabel Drost-Fromm, Software Engineer, Elastic

Testing of safety-critical software some principles

Chapter 12 Programming Concepts and Languages

Specification and Analysis of Contracts Lecture 1 Introduction

Quality Cost Analysis: Benefits and Risks

Robot Task-Level Programming Language and Simulation

Conditionals: (Coding with Cards)

Web Application Regression Testing: A Session Based Test Case Prioritization Approach

Software Module Test for an Electronic Steering Lock

Transcription:

Test Coverage and Risk Hans Schaefer Consultant 5281 Valestrandsfossen, Norway hans.schaefer@ieee.org http://home.c2i.net/schaefer/testing.html 2006 Hans Schaefer page 1

How to check that a test was good enough? A test is never good enough, it is always a sample. The criteria in this chapter can be used as a compromise between the Ideal and a simple measurement. 2006 Hans Schaefer page 2

How precise measurement? As precise as needed. Measuring costs time and money the measurement itself tools interpretation More precise measurement only for research projects. Typically, you measure what you can measure automatically. 2006 Hans Schaefer page 3

Test Coverage in Programs Theory: The more details you test, the more faults you find. Thus, a test with higher coverage is (theoretically) better. 2006 Hans Schaefer page 4

Why measure coverage a measure of how much testing was done useful as exit criterion easy to measure with automated tools some relation to quality you know where holes in your test are 2006 Hans Schaefer page 5 Some more comments, from Cem Kaner, author of the book Testing Computer Software : On the issue of developer testing, I agree with everyone who says that developers should do careful, planned glass box testing. (I call it "glass box" because you're looking inside the box when you do this stuff. White boxes are as opaque as black ones.) The developer is in the best position to understand the risks associated with many of the conscious design trade-offs, and is in the best position to understand the various optimizations provided for special circumstances. The developer, if she has time, is in the best position to conduct the series of tests needed to achieve complete line coverage, or branch coverage, or predicate coverage, because she will understand the intent behind the lines and the issues that can be presented to nontrivially test those lines, or branches, or whatever. If the developer doesn't have enough time to do this testing, somebody else will have to do it, but less efficiently. The developer's testing will help her assure that the code does what she think it's supposed to do. This is important -- too many bugs coming out of development are obvious bugs that would have been fixed if the programmer had done much testing. But the developer is only going to confront some of her own blind spots if she does her own testing. Therefore (at least, I think this is a "therefore") we want someone else besides the developer to do a lot of testing too. This isn't an issue of programmer incompetence (though we sometimes do have to deal with that). And it is not an issue of programmer bad faith (again, if there is bad faith, we must include independent testing as one of a set of compensating and corrective measures). And it is not that the programmer doesn't have enough time to do her own testing (though in my world, programmers are rarely given the time they need to do the testing they should do). Even when the programmer is well rested, has the time, the inclination, and the skill to do the testing, she will still have blind spots and someone else can find things that she will miss. In the ideal world (which is, I am told, common practice in some companies), I think that we want extensive testing by the authoring programmer, plus extensive testing/inspection by some other programmer. Whether these folk are doing module testing exclusively, or module testing plus some functional testing, or system-level integration testing, I hope that their work is driven by a deep understanding of the code, and that their test cases are designed with reference to the code. If so, they are doing "glass box testing."

Definition of (white box) coverage criteria Statement Coverage Branch Coverage Condition Coverage Multi-Condition Coverage... Path Coverage Data Coverage Interface Coverage 2006 Hans Schaefer page 6 Decision or branch coverage (DC) every decision tested in each possible outcome Condition/Decision coverage (C/DC) as above plus, every condition in each decision tested in each possible outcome Modified Condition/Decision (MC/DC) as above plus, every condition shown to independently affect a decision outcome (by varying that condition only) (minimal multicondition, or meaningful impact) Multiple-condition coverage (M-CC) all possible combinations of conditions within each decision taken Path Coverage Percentage of paths through the program which are covered. Impossible to 100% if loops are in the program. reach Data Coverage Coverage of set-use pairs. I.e.: initialize - read, Write - read. Interface Coverage Every interface is covered. See under Integration test.

Example program Begin Read date If (YY = leapyear and MM = February) then DD := 29 End if Print date End 2006 Hans Schaefer page 7

Test cases 28 Feb 2004 -> 100% statement coverage, 50% Branch 31 Mar 2003-> 100% statement and Branch and condition Multicondition coverage requires four test cases, all combinations: 28 Feb 2003 28 Feb 2004 31 March 2003 31 March 2004 2006 Hans Schaefer page 8 Some coverage tools may be extremely slow, because they write the whole execution history to disk.

Exercise Consider the example program. Introduce a fault: and replaced by or. Consider the example test cases on the page before: Does any coverage criterion guarantee that THIS fault is found? 2006 Hans Schaefer page 9

The minimum coverage criteria Depends on RISK: For highly critical programs (airborne systems, RTCA-DO-178B): Modified decision condition coverage (MCDC). For less critical ones: Branch coverage, then statement coverage. General experience: Near 100% statement and near 85% Branch coverage (by Review or test or both) 2006 Hans Schaefer page 10 Coverage easy to achieve for logical and algorithmic functions, not easy for communication and I/O intensive functions (Reuben Gallant, EuroSTAR 99) Keith Miller, A modest proposal for software testing, IEEE Software, 2/2001

Coverage Criteria for Integration Test Test every interface statement (Call, invoke) All real time coordination (Start, stop, wait, resume, break,...) Global Data flow: All In-out-Pairs through buffers, data bases, files, global variables etc. All database and file access statements 2006 Hans Schaefer page 11

Coverage Criteria for System Test 70 to 85% Branch coverage. This is an experience value from general industry practice. 2006 Hans Schaefer page 12

How to measure coverage Use a fully automated Test Coverage Analysis Tool. Tools exist for your languages. They consist of three parts: Preprocessor: Puts count statements into the code. Runtime routine: Count-statements count execution and write statistics to a file or table. Postprocessor: Sums up statistics and reports results. Problem The probes (count statements) have influences on execution time of the code. Thus, to test such issues, the code must first be tested with coverage measurement, then again without. 2006 Hans Schaefer page 13

Caution! Coverage can lead away from the real goal of testing: Finding as many defects as possible in as short a time as possible. Finding the highest risk defects. White box test coverage does not find faults of omission! But: A coverage goal can help to control testing, as programmers will take a more serious look towards testing. 2006 Hans Schaefer page 14

Exercise Below you find a list of data about some modules having been tested. Module complexity is given by the number of code lines and code branches. Test coverage is given by the percentage of branches covered during testing. Discuss if some modules should be tested more. Module no.# program lines # branches covered % of branches 1 200 15 93 2 50 10 100 3 50 5 40 4 120 15 80 5 600 5 80 6 100 48 98 7 100 10 90 8 80 30 30 9 50 5 100 10 50 5 20 11 80 7 0 12 60 10 80 13 400 125 74 2006 Hans Schaefer page 15

Coverage and the British Standard for Software Component Testing The Standard measures coverage two ways: Coverage of test case generation methods applied Coverage of code (control and data flow) British Standard BS 7925-2 Software Component Testing and BS 7925-1 Vocabulary of Terms in Software Testing 2006 Hans Schaefer page 16

Test coverage for changes Execute all changed statements. Execute all code taking data from the changed area. Execute all code which could be affected through different time characteristics. If this is too complicated: Do a full regression test! 2006 Hans Schaefer page 17

Summary Define and follow up coverage. First a black box test. Then interpretation of measurements. Then more test to achieve coverage. Then inspection of untested parts. No coverage criterion guarantees error free code. 2006 Hans Schaefer page 18

Literature Glenford Myers, "The Art of Software Testing, 1979. Boris Beizer, "Software Testing Techniques, 1990. Thomas McCabe: Structured Testing, IEEE Tutorial, IEEE Catalog No. EHO 200-6, 1983. Hewlett Packard Journal, June 1987, pg.. 13 ff. Harry M. Sneed, "Data Coverage Measurement in Program Testing", Proceedings of the Workshop on Software Testing, 15. - 17. July 1986, IEEE Catalog no. 86TH0144-6, pg. 34 ff. Mary J. Harrold and Mary Lou Soffa, Selecting and Using Data for Integration Testing, IEEE Software, March 1991. Joseph R. Horgan, Saul London, Michael R. Lyu, Achieving Software Quality with Testing Coverage Measures, IEEE Computer, Sept. 1994. Cem Kaner, James, Bach, Bret Pettichord, LESSONS LEARNED IN SOFTWARE TESTING, Wiley, 2001. Andreas Spillner und Tilo Linz, Basiswissen Softwaretest, dpunkt Verlag 2002, 2003 (in German). 2006 Hans Schaefer page 19

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information