White Box Testing (WBT) is also known as Code-Based Testing or Structural Testing. White box testing is the software testing method in which internal structure is being known to tester who is going to test the software.
White Box Testing Definition:
Testing based on an analysis of the internal structure of the component or system.
In this method of testing the testcases are calculated based on analysis internal structure of the system based on Code coverage, branches coverage, paths coverage, condition Coverage etc.
White box testing involves the testing by looking at the internal structure of the code & when you completely aware of the internal structure of the code then you can run your test cases & check whether the system meet requirements mentioned in the specification document. Based on derived test cases the user exercised the test cases by giving the input to the system & checking for expected outputs with actual output. In this is testing method user has to go beyond the user interface to find the correctness of the system.
Typically such method are used at Unit Testing of the code but this different as Unit testing done by the developer & White Box Testing done by the testers, this is learning the part of the code & finding out the weakness in the software program under test.
For tester to test the software application under test is like a white/transparent box where the inside of the box is clearly seen to the tester (as tester is aware/access of the internal structure of the code), so this method is called as White Box Testing.
The White-box testing is one of the best method to find out the errors in the software application in early stage of software development life cycle. In this process the deriving the test cases is most important part. The test case design strategy include such that all lines of the source code will be executed at least once or all available functions are executed to complete 100% code coverage of testing.
What do you verify in White Box Testing ?
In the White box testing following steps are executed to test the software code:
- Basically verify the security holes in the code.
- Verify the broken or incomplete paths in the code.
- Verify the flow of structure mention in the specification document
- Verifyt the Expected outputs
- Verify the all conditional loops in the code to check the complete functionality of the application.
- Verify the line by line or Section by Section in the code & cover the 100% testing.
Above steps can be executed at the each steps of the STLC i.e. Unit Testing, Integration & System testing.
In the White Box Testing verify the flow of the application. The pre designed test cases are executed with the help of input data & compare the output with the expected one & found mismatch if any means you found a bug.
White Box Testing Techniques
Here are some white box testing techniques used in White Box Testing?
In the White box testing the Code Coverage analysis is main part.
Code Coverage analysis helps to identifying the gaps in a test case suite. It allows you to find the area in the code to which is not executed by given set of test cases. Upon identifying ht gaps in the test case suite you can add the respective test case. So it helps to improve the quality of the software application.
In the market lots of white box testing tools are available to perform Code Coverage analysis. Here are some White Box Testing Techniques
In this white box testing technique try to cover 100% statement coverage of the code, it means while testing the every possible statement in the code is executed at least once.
Tools: To test the Statement Coverage the Cantata++ can be used as white box testing tool.
In this white box testing technique try to cover 100% decision coverage of the code, it means while testing the every
possible decision conditions like if-else, for loop and other conditional loops in the code is executed at least once.
Tools: To cover the Decision Coverage testing in the code the TCAT-PATH is used. This supports for the C, C++ and Java applications.
In this white box testing techniquie try to cover 100% Condition coverage of the code, it means while testing the every possible conditions in the code is executed at least once.
In this mixed type of white box testing technique try to cover 100% Decision/Condition coverage of the code, it means while testing the every possible Decisions/Conditions in the code is executed at least once.
Multiple Condition Coverage:
In this type of testing we use to cover each entry point of the system to be execute once.
In the actual development process developers are make use of the combination of techniques those are suitable for there software application.
Using above mentions testing white box testing techniques the 80% to 90% code coverage is completed which might be sufficient with white box testing.
How do you perform White Box Testing?
Let take a simple website application. The end user is simply access the website, Login & Logout, this is very siple and day 2 days life example. As end users point of view user able to access the website from GUI but inside there are lots of things going on to check the internal things are going right or not, the white box testing method is used. To explain this we have to divide this part in two steps. This is all is being done when the tester is testing the application using White box testing techniques.
STEP 1) UNDERSTAND OF THE SOURCE CODE
Step 2) CREATE TEST CASES AND EXECUTE
STEP 1) UNDERSTAND OF THE SOURCE CODE
The first & very important steps is to understand the source code of the application is being test. As tester should know about the internal structure of the code which helps to test the application. Better knowldge of Source code will helps to indentify & write the important test case which causes the security issues & also helps to cover the 100% test coverage. Before doing this the tester should know the programming languange what is being used in the developing the application. As security of application is primary objective of application so tester should aware of the security concerns of the project which help in testing. If the tester is aware of the security issues then he can prevents the security issues like attacks from hackers & users who are tring to inject the macious things in the application.
Step 2) CREATE TEST CASES AND EXECUTE
In the second step invovles the actual writing of test cases based on Statement/Decision/Condition/Branch coverage & actual execution of test cases to cover the 100% testing coverage of the software appliction. The Tester will write the test cases by diving the applications by Statement/Decision/Condition/Branch wise. Other than this tester can include the trial and error testing, manual testing and using the Software testing tools as we covered in the previous article.
Advantages and Disadvantages of White Box Testing:
Advantages of White Box Testing –
- To start the testing of the software no need to wait for the GUI, you can start the White Box Testing.
- As covering all possible paths of code so this is a thorough testing.
- Tester can ask about implementation of each section, so it might be possible to remove unused lines of code which might be causing introduction of bug.
- By executing equivalence use to approximates the partitioning.
- As the tester is aware of internal coding structure, then it is helpful to derive which type of input data is needed to testing software application effectively.
- White box testing allows you to help in the code optimization.
Disadvantages of White Box Testing –
- To test the software application a highly skilled resource is required to carry out testing who know the deep knowledge of internal structure of the code which increase the cost.
- Update test script is required if changing the implementation too frequently.
- If the application under test large is size then exhaustive testing is impossible.
- It is not possible for testing each and every path/condition of software program, which might miss the defects in code.
- White box testing very expensive type of testing.
- To analyze each line by line or path by path is nearly impossible work which may introduce or miss the defects in the code.
- To test each paths or conditions may require different input conditions, so to test full application tester need to create fill range of inputs which may be a time consuming.