Page |1

1. What is software testing? Why do we need to test the application? / What is the importance of software testing? Software testing is a critical element of software quality assurance and represents the ultimate process to ensure the correctness of the product. Testing is the process of executing a program with the intention of finding errors. Here identifying the errors is more important than verifying the functioning of the programs. Defects can exist in the software, as it is developed by human beings who can make mistakes during the development of software. However, it is the primary duty of a software vendor to ensure that software delivered does not have defects. So for delivering a flawless software, testing is essential. Hence it is needed and is very important. 2. Explain unit test method with the help of an example. Unit test method uses both black box and white box methods to test a module against its design specification immediately after its design. Unit testing is important and mandatory for all software modules. For example, if we develop a program which computes simple interest, it has to be tested for all different type of inputs. What is static testing? Mention its importance in software testing. / Explain how static program analysis is performed so as to identify errors without executing the program. Static testing is a non-execution-based testing and carried through mostly by human effort. In static testing, we test, design, code or any document through inspection, walkthroughs and reviews without executing the software even once. It is important because: human testing techniques are quite effective in finding errors the earlier the errors are found, the lower are the costs of correcting the errors and the higher is the probability of correcting the errors correctly Programmers seem to experience a psychological change when computer-based testing commences. 4. What is the purpose of software testing? To show that the software works: It is known as demonstration-oriented. Test all functions that are used to run the software which produces results. These functions are directly related to the business functions. To Show that the software doesnt work: It is known as destruction-oriented. In this case, all functions including non-business functions, non-routine functions and even exceptions are tested to discover the possible errors. To minimize the risk of not working up to an acceptable level: It is known as evaluation oriented. Sometimes the entire software will not be tested due to many reasons like inadequate time. However, all the functions which are critical from the business point of view to the customer will be tested. 3.

5. List any eight types of software testing. / Explain the different types of software testing. TYPES OF SOFTWARE TESTING i) Black Box Testing: To ensure the validity of the software application without the need for having its internal structure exposed. During the testing, the program code is not available but the executable module is used. ii) White Box Testing: It is a method to test the software utilizing its internal structure. The complete code structure is available during the test. iii) Grey Box Testing: Used to test the software through some understanding of its internals and is like looking under hood. iv) Alpha Testing: A person other than the developer carries out testing, in-house, and at various project milestones. v) Beta Testing: Users who are the ultimate owner of the software will test the system before deployment and the errors will be reported back to the developer. vi) Unit Testing: Unit testing uses both black box and white box methods to test a module against its design specification immediately after its design. vii) Integration Testing: Here an independent tester in association with developers tests the system after the integration.

Page |2
6. What are alpha and beta testing? Discuss. Alpha testing: A person other than the developer carries out testing, in-house, and at various project milestones. Since a third person tests the software, a detailed test plan must be provided. Beta testing: This type of testing is conducted by end-users either after or in parallel with system testing. Users who are the ultimate owner of the software will test the system before deployment and the errors will be reported back to the developer. The goal is to test the product by the end user in all respect.

7. List and explain the various software testing hurdles. Some of the hurdles normally encountered in Software Testing are: Usually late activity in the project life cycle No concrete output and therefore difficult to measure the value addition Lack of historical data Recognition of importance is relatively less Politically damaging as you are challenging the developer Delivery commitments Too much optimistic that the software always works correctly 8. What is loop testing? List and discuss the guidelines for loop testing. Loops are fundamental to many algorithms. Loops can be categorized as simple, concatenated, nested, and unstructured. The testing of these loops is known as loop testing. The following guidelines should be followed for loop testing: Simple Loops of size n: Skip loop entirely Only one pass through the loop Two passes through the loop m passes through loop where m<n (n-1), n, and (n+1) passes through the loop Nested Loops Start with inner loop. Set all other loops to minimum values. Conduct simple loop testing on inner loop. Work outwards and take the next nested loop. Continue until all loops are tested. Concatenated Loops If independent loops, use simple loop testing. If dependent, treat as nested loops. Unstructured loops Dont test - redesign. 9. What is validation test? Explain with the help of an example. Validation succeeds when software functions in a manner that can be reasonable expected by customer. It is a final series of software tests conducted at the culmination of integration testing. Some examples could be legislative rules, guidelines or proposals, methods, theories/hypothesis/models products and services. 10. With a neat functional schematic, explain the debugging process employed in software testing. When a test case uncovers an error, debugging is the process that results in the removal of the error. The debugging process begins with the execution of a test case. Results are assessed and a lack of correspondence between expected and actual is encountered. The debugging process attempts to match symptom with cause, thereby leading to error correction. Given below is the schematic of debugging process:-

Page |3

11. Explain black box testing with the help of an example. Black-box testing is a method of software testing that tests the functionality of an application as opposed to its internal structures or workings. Specific knowledge of the application's code/internal structure and programming knowledge in general is not required. The tester is only aware of what the software is supposed to do, but not how. It uses external descriptions of the software, including specifications, requirements, and designs to derive test cases. For example, if we wanted to move a Player instance, Player1, on the board. A black-box test case would check Player.getPosition() to see to make sure the player has moved on the board without checking the driver code. 12. What are the different techniques available to conduct black box testing? Typical black-box test design techniques include: Decision table testing All-pairs testing State transition tables Equivalence partitioning Boundary value analysis 13. What is dynamic testing of software application? Dynamic testing is an execution based testing technique. Program must be executed to find the possible errors. Here, the program, module or the entire system is executed and the output is verified against the expected result. Dynamic execution of tests is based on specifications of the program, code and methodology. 14. What is basic path testing? In programs, conditions are very important and testing such conditions is more complex than other statements like assignment and declarative statements. Basic path testing is one such way of control structure testing. 15. What do you mean by automation of testing program? / What is automated testing tools and give examples for automated testing tools which help the programmer. / List and describe the different automated testing tools. Automation of testing is a technique where a number of tools will help in testing program automatically. Programmers can use any tool to test his/her program and ensure the quality. Some of the tools are: Static analyzer Code Auditors Assertion processors Test file generators Test Data Generators Test Verifiers Output comparators.

Page |4
16. What is white box testing? This testing technique takes into account the internal structure of the system or component. The entire source code of the system must be available. White box testing helps to derive test cases to ensure: All independent paths are exercised at least once. All logical decisions are exercised for both true and false paths. All loops are executed at their boundaries and within operational bounds. All internal data structures are exercised to ensure validity. 17. Why the white box testing is used to test conformance to requirements? White box testing is used to test conformance to requirements as: Logic errors and incorrect assumptions most likely to be made when coding for special cases. Need to ensure these execution paths are tested. May find assumptions about execution paths incorrect, and so make design errors. Typographical errors are random. 18. Explain different methods available in white box testing with example. / Explain in brief different methods available in white box testing. White-box test design techniques include control flow testing data flow testing branch testing path testing statement coverage decision coverage For example, if we wanted to move a Player instance, Player1, two spaces on the board, the driver code would be movePlayer(Player1, 2); This driver code would likely be called from the main method. A white-box test case would execute this driver line of code and check Player.getPosition() to make sure the player is now on the expected cell on the board. 19. What is Integration testing? Explain the different integration strategies. Here an independent tester in association with developers tests the system after the integration. In large scale business systems, it is necessary to integrate many modules developed by different people. Once it is integrated, the same has to be tested and known as integration testing. Integration strategy may be implemented with the following steps: i) Low-level modules are combined into clusters that perform a specific software sub function. ii) A driver is written to coordinate test case input and output. iii) The cluster is tested. iv) Drivers are removed and clusters are combined moving upward in the program structure. 20. What is system testing? This is a pre-deployment testing to verify whether the developed system meets the requirement specifications or not by simulating the target operational environment. This is to verify whether the system is production ready or not. 21. Explain the testing approaches to software testing. / What are the different approaches to software testing. Some of the approaches of software testing are: Debugging-oriented This approach identifies the errors during debugging the program. There is no difference between testing and debugging. Demonstration-oriented The purpose of testing is to show that the software works Destruction-oriented The purpose of testing is to show that the software doesnt work. Evaluation-oriented The purpose of testing is to reduce the perceived risk of not working up to an acceptable value. Prevention-oriented It can be viewed as testing is a mental discipline that results in low risk software.

Page |5
22. Explain the testing fundamentals of software. Any software program that is to be quality conscious must be rigorously tested with a predefined set of objectives. Testing fundamentals of software include:A) Testing objectives: Some of the objectives of testing are Testing is a process of executing a program with the intent of finding an error. A good test is one that has a high probability of finding an as yet undiscovered error. A successful test is one that uncovers an as yet undiscovered error. Secondary benefits include Testing demonstrates that software functions appear to be working according to specification. Those performance requirements appear to have been met. Data collected during testing provides a good indication of software reliability and some indication of software quality. B) Test Information Flow Software Configuration includes a Software Requirements Specification, a Design Specification, and source code. A test configuration includes a Test Plan and Procedures, test cases, and testing tools. It is difficult to predict the time to debug the code, hence it is difficult to schedule. C) Test Case Design Can be as difficult as the initial design. Can test if a component conforms to specification It is known as Black Box Testing. Can test if a component conforms to design It is known as White box testing. 23. Explain the control structure testing in detail. In programs, conditions are very important and testing such conditions is more complex than other statements like assignment and declarative statements. This is control structure testing. There are many ways in which it can be tested: i) Conditions testing: Condition testing aims to exercise all logical conditions in a program module. ii) Data flow testing: First, a proper data flow diagram like control flow is drawn. Then selects test paths according to the location of definitions and use of variables. iii) Loop testing: Testing the different kinds of loops in a program. 24. Explain the software testing strategy in detail. Software testing strategy: The strategy for software testing may be viewed in the context of the spiral. Unit testing begins at the vortex of the spiral where focus is on source code. It progresses by moving outward along the spiral to integration testing, where the focus is on design. Talking another turn outward on the spiral, we encounter Validation testing where requirements established are validated against the software. Finally, we arrive at system testing where the system elements are tested as a whole. Diagrammatic representation of testing strategy:

Page |6
25. What are top down testing and bottom up testing? Discuss. Top Down Testing To test the application, through the white box method, starting with the main program and going down unit by unit. It involves creation of stubs if a lower level unit is not ready. This method is useful if the system is large and developed many people. This method also ensures that the requirements are tested well in advance. Bottom Up Testing To test the application, by white box method, starting with the lower level units and going up unit by unit. It involves creation of drivers when a higher-level unit is not ready. Here, module level tests are carried out first and system level later. 26. What is stress testing? Explain. Stress testing is a form of load testing. Similar to load testing in a constrained environment, it involves stressing the server beyond the expected load and verifying the behavior of the operational characteristics of the application. 27. What criterias are used to complete the testing procedure? / What are the strategic issues in software testing? / List the issues to be addressed if a successful software strategy is to be implemented. Following issues must be addressed for the completion of testing procedure. Specify product requirements in a quantifiable manner long before testing commences. State testing objectives explicitly. Understand the users of the software and develop a profile for each user category. Develop a testing plan that emphasizes rapid cycle testing. Build robust software that is designed to test itself. Use effective formal technical reviews as a filter prior to testing. Conduct formal technical reviews to assess the test strategy and test cases themselves. Develop a continuous improvement approach for the testing process. 28. What is risk in software testing? How risk management improves the quality of the software? Software Risk Management is a proactive approach for minimizing the uncertainty and potential loss associated with a project by providing insights to support informed decision making. It is performed continually over the life of a program, from initiation to retirement. Risk Management Process starts with the identification of a list of potential risks. Each of these risks is then analyzed and prioritized. A risk management plan is created that identifies containment actions that will reduce the probability of the risk occurring and/or reduce the impact if the risk turns into a problem. This helps in improving the quality of the software as it identifies the old and new risk and the potential threats which may degrade quality and lays out the ways to mitigate them.

Page |7
29. What is GUI? Explain the need for GUI testing and its complexity. Graphical user interface (GUI) is a type of user interface that represents the information and actions available to a user through graphical icons and visual indicators such as secondary notation, as opposed to text-based interfaces, typed command labels or text navigation. The actions are usually performed through direct manipulation of the graphical elements. The growth of Graphical User Interfaces (GUIs) in various applications has become a challenge for test engineers. Because of reusable components provided as part of GUI development environments, the creation of the user interface has become less time consuming and more precise. GUI is becoming mandatory for any application as users are used to it. Here the main problem is to understand the user psychology during the development time. Due to complexity of GUIs, testing and generating test cases has become more complex and tedious. 30. List the guidelines required for a typical tester during GUI testing. / What are the guidelines to be followed which helps for creating a series of generic tests for GUIs? Guidelines required for a typical tester during GUI testing are categorized into different kind of operations. Some of them are: For windows: Will the window open properly based on related typed or menu-based commands? Can the window be resized, moved, scrolled? Does the window properly regenerate when it is overwritten and then recalled? Are all functions that relate to the window available when needed? Are all functions that relate to the window available when needed? Are all functions that relate to the window operational? For pull-down menus and mouse operations Is the appropriate menu bar displayed in the appropriate context? Does the application menu bar display system related features (e.g. a clock display) Do pull-down operations work properly? Do breakaway; menus, palettes, and tool bars work properly? Are all menu functions and pull-down sub functions properly listed? Are all menu functions and pull-down sub functions properly listed? Data entry Is alphanumeric data entry properly echoed and input to the system? Do graphical modes of data entry (e.g., a slide bar) work properly? Is invalid data properly recognized? Are data input messages intelligible? Are basic standard validation on each data is considered during the data entry itself? Once the data is entered completely and if a correction is to be done for a specific data, does the system requires entering the entire data again? 31. List and explain the steps involved in test case design. Test cases are designed in many ways. The steps involved for test case design are: Using the design or code, draw the corresponding flow graph. Determine the cyclomatic complexity of the flow graph. Determine a basis set of independent paths. Prepare test cases that will force execution of each path in the basis set. 32. What do you mean by configuration / platform testing and what system functionality it has to ensure? Sometime the system may have to work with different platforms like windows 2000, Windows NT, Unix etc. In such cases, the system has to be tested in all platforms in which the system will be ultimately used. It is to ensure the system functionality across: Different Hardware/ Software configurations, Multiple versions of Operating Systems, Different versions of browsers, Various plug-ins or external components Different local conditions.

Page |8
33. Define the term quality, quality design and quality of conformance. Quality is defined as a characteristic or attribute of something. As an attribute of an item, quality refers to measurable characteristics-things we are able to compare to known standards such as length, color, electrical properties, malleability, and so on. However, software, largely an intellectual entity, is more challenging to characterize than physical objects. Quality design refers to the characteristics that designers specify for an item. The grade of materials, tolerance, and performance specifications all contribute to the quality of design. Quality of conformance is the degree to which the design specification is followed during manufacturing. Again, greater the degree of conformance, higher the level of quality of conformance. 34. Explain the review technique adopted in quality assurance. There are many different types of reviews that can be conducted as part of quality assurance like: An informal meeting if technical problems are discussed. A formal presentation of software design to an audience of customers, management, and technical staff is a form of review. A formal technical review is the most effective filter from a quality assurance standpoint. Also the following approaches are taken: Review the product, Not the producer Set an agenda and maintain it Limit the debate Enunciate problem areas but dont attempt to solve every problem noted Take return notes Limit the number of participants and insist upon the advanced preparation Develop a check list each work product that is likely to be reviewed Allocate resources and time schedule for FTRs. Conducts meaningful training for all reviewers Review your early reviews 35. Explain statistical quality assurance technique. Statistical quality assurance reflects a growing trend throughout industry to become more quantitative about quality. For software, statistical quality assurance implies the following steps: Information about software defects is collected and categorized An attempt is made to trace each defect to its underlying cause Using Pareto principle (80% of the defects can be traced to 20% of all possible causes), isolate the 20% (the vital few) Once the vital few causes have been identified, move to correct the problems that have caused the defects. 36. Give the meaning of quality control (QC) and quality assurance (QA or SQA). QC or Quality Control is the series of inspections, reviews, and tests used throughout the development life cycle to ensure that each work product meets the requirements placed upon it. QC includes a feedback loop to the process that created the work product. The combination of measurement and feedback allows us to tune the process when the work products created fail to meet their specification. QA or Quality Assurance consists of the editing and reporting functions of management. The goal of quality assurance is to provide management with the data necessary to be informed about product quality, thereby gaining insight and confidence that product quality is meeting its goals. Of course, if the data provided through QA identify problems, it is managements responsibility to address the problems and apply the necessary resources to resolve quality issues. 37. What are the concepts of quality? The concepts of quality are: Quality Quality control Quality assurance Cost of quality

Page |9
38. Give the road map for instituting software quality assurance. / What is the SQA Plan? / What are the SQA activities? The road map for instituting Software Quality Assurance is as follows:I) The software engineers who do technical work like a) Performing Quality assurance by applying technical methods b) Conduct Formal Technical Reviews c) Perform well-planed software testing. II) SQA group that has responsibility for a) Quality assurance planning oversight b) Record keeping c) Analysis and reporting. III) QA activities performed by SE team and SQA are governed by the following plan: a) Evaluation to be performed. b) Audits and reviews to be performed. c) Standards that is applicable to the project. d) Procedures for error reporting and tracking e) Documents to be produced by the SQA group f) What are the activities performed by SQA and SE team? g) Prepare SQA Plan for a project h) Participate in the development of the projects software description i) Review software-engineering activities to verify compliance with defined software process. j) Audits designated software work products to verify compliance with those defined as part of the software process. k) Ensures that deviations in software work and work products are documented and handled according to a documented procedure. l) Records any noncompliance and reports to senior management.

39. Explain the background issues of SQA. QA is an essential activity for any business that produces products to be used by others. The SQA looks at the software from customers point of view. The SQA group attempts to answer the questions asked below and hence ensures the quality of software: Has software development been conducted according to pre-established standards? Have technical disciplines properly performed their role as part of the SQA activity? 40. Explain the ISO approach to quality assurance system . ISO 9000 describes the elements of a quality assurance in general terms. These elements include the organizational structure, procedures, processes, and resources needed to implement quality planning, quality control, quality assurance, and quality improvement. However, ISO 9000 does not describe how an organization should implement these quality system elements. 41. Quality and reliability are related concepts but are different in a number of ways. Discuss them. Quality focuses on the software's conformance to explicit and implicit requirements. Reliability focuses on the ability of software to function correctly as a function of time or some other quantity. Safety considers the risks associated with failure of a computerbased system that is controlled by software. In most cases an assessment of quality considers many factors that are qualitative in nature. Assessment of reliability and to some extent safety is more quantitative, relying on statistical models of past events that are coupled with software characteristics in an attempt to predict future operation of a program.

P a g e | 10
42. What is the difference between verification and validation? Explain in your own words. Verification is the process, its aim is to ensure that the product is made built in accordance with the requirements and design specifications given by the end user. It is the checking of data that has been copied from one place to another to ensure that it replaces the original one. E.g. PASSWORD. When you sign up in a site, just like GMAIL, we have to enter our password twice, the second entry being compared with the first. While the validation is also the process, but the task of it is to check the product design to ensure that the product is perfect for its intended use. It is the checking of data before processing to ensure that it is acceptable for it or not. E.g. When entering a date, the validation for month is 1-12, we cannot enter 13, its out of range. 43. What is the process involved in inspection and walk troughs? The process is performed by a group of people (three or four), only one of whom is the author of the program. Hence the program is essentially being tested by people other than the author, which is in consonance with the testing principle stating that an individual is usually ineffective in testing his or her own program. Inspection and walkthroughs are far more effective compare to desk checking (the process of a programmer reading his/her own program before testing it) because people other than the programs author are involved in the process. 44. Explain the different error checklist for inspections. An important part of the inspection process is the use of a checklist to examine the program for common errors. Checklist for Data-Reference Errors i) Is a variable referenced whose value is unset or uninitialized? ii) For all array references, is each subscript value within the defined bounds of the corresponding dimension? Checklist for Data-Declaration Error i) Have all variables been explicitly declared? ii) If all attributes of a variable are not explicitly stated in the declaration, are the defaults well understood? Checklist for Computation Errors i) Are there any computations using variables having inconsistent data types? ii) Are there any mixed mode computations? Checklist Comparison Errors i) Are there any comparisons between variables having inconsistent data types? ii) Are there any mixed-mode comparisons or comparisons between variables of different lengths? Checklist for Control-Flow Errors i) Will every loop, function or program module eventually terminate? ii) Are there any non-exhaustive decisions? Checklist for Interface Errors i) Does the number of parameters received by this module equal the number of arguments sent by each of the calling modules? ii) Do the attributes of each parameter match the attributes of each corresponding argument? Input/Output Errors with respect to file handling i) If files are explicitly declared, are their attributes correct? ii) Are the attributes on the file OPEN statement correct? 45. Why debugging is difficult. Debugging is so difficult because: a) The symptom and the cause may be geographically remote. b) The symptom may disappear (temporarily) when another error is corrected. c) The symptom may actually be caused by no errors. d) The symptom may be caused by human error that is not easily traced. e) The symptom may be a result of timing problems, rather than processing problems. f) It may be difficult to accurately reproduce input conditions. g) The symptom may be due to causes that are distributed across a number of tasks running on different processors.

P a g e | 11
46. List and explain the various origins of software bugs. The most common origin of software bugs is due to: Poor understanding and incomplete requirements Unrealistic schedule Fast changes in requirements Too many assumptions and complacency 47. List and describe the main objectives of formal technical reviews. Formal Technical Review or FTR is a Software Quality Assurance or SQA activity that is performed by software engineers. The main objectives of the FTR are: To uncover errors in function, logic, implemented in any representation of the software To verify that software under review meets its requirements To ensure that software has been represented according to predefined standards To achieve software that is developed in an uniform manner To make projects more manageable 48. Explain the origin of the defect distribution in a typical software development life cycle. / What is software defect distribution? When the product is tested, the defects may be due to many reasons. It may be either due to programming error or may be due to defects in the design or defects at any stages in the life cycle itself. The overall defect distribution is shown in the figure:-

49. List and explain the various benefits of code inspections. What is the need for inspection? The main benefits of code inspection are: Identifying early, errors in the program, The programmers usually receive feedback concerning his or her programming style and choice of algorithms and programming techniques. Other participants are also gain in similar way by being exposed to another programmers errors and programming style. The inspection process is a way of identifying early the most error-prone sections of the program, thus allowing one to focus more attention on these sections during the computer based testing processes. 50. Explain the boundary value analysis. It is observed that boundary points for any inputs are not tested properly. This leads to many errors. Large numbers of errors tend to occur at boundaries of the input domain. Boundary Value Analysis (BVA) leads to selection of test cases that exercise boundary values. BVA complements equivalence partitioning. Examples: For a range of values bounded by a and b, test (a-1), a, (a+1), (b-1), b, (b+1). Consider If a = 1 and b = 999 then the boundary values would be 0,1,2,999,1000 etc.

P a g e | 12
51. List the difference between code walk-through and inspection. A walkthrough is an informal meeting for evaluation or informational purposes. A walk through is also a process at an abstract level. It's the process of inspecting software code by following paths through the code. The purpose of code walkthroughs is to ensure the code fits the purpose. An inspection is a formal meeting more formalized than a walkthrough and typically consists of 3-10 people including a moderator reader (the author of whatever is being reviewed) and a recorder (to make notes in the document). The subject of the inspection is typically a document such as a requirements document or a test plan. The purpose of an inspection is to find problems and see what is missing not to fix anything. Preparation for inspections is difficult but is one of the most cost-effective methods of ensuring quality since bug prevention is more cost effective than bug detection. 52. What are the measures of software reliability and availability? Explain briefly. / Give the equation for measure of reliability and availability. In a computer-based system, a simple measure of reliability is mean time between failures (MTBF), where MTBF = MTTF+MTTR The acronym MTTF and MTTR are Mean Time To Failure and Mean Time To Repair, respectively. In addition to reliability measure, we must develop a measure of availability. Software availability is the probability that a program is operating according to requirements at a given point in time and is defined as: Availability = MTTF / (MTTF+MTTR) x100% 53. What is ISO 9001 standard? List the requirements delineated by ISO 9001 to use in the software process. ISO 9001 is the quality assurance standard that applies to software engineering. The standard contains 20 requirements that must be present for an effective quality assurance system. The requirements are:i) Management responsibility ii) Quality system iii) Contract review iv) Design control v) Document and data control vi) Purchasing vii) Control of customer supplied product viii) Product identification and tractability ix) Process control x) Inspection and testing xi) Control of inspection, measuring, and test equipment xii) Inspection and test status xiii) Control of non-confirming product xiv) Corrective and preventive action xv) Handling, storage, packing, preservation, and delivery xvi) Control of quality records xvii) Internal quality audits xviii) Training xix) Servicing xx) Statistical techniques 54. List the different types of code reviews. Code review practices fall into three main categories: i) pair programming ii) formal code review iii) lightweight code review. Formal code review, such as a Fagan inspection, involves a careful and detailed process with multiple participants and multiple phases. Formal code reviews are the traditional method of review, in which software developers attend a series of meetings and

P a g e | 13
review code line by line, usually using printed copies of the material. Formal inspections are extremely thorough and have been proven effective at finding defects in the code under review. Lightweight code review typically requires less overhead than formal code inspections, though it can be equally effective when done properly. Lightweight reviews are often conducted as part of the normal development process: Over-the-shoulder One developer looks over the author's shoulder as the latter walks through the code. Email pass-around Source code management system emails code to reviewers automatically after checkin is made. Pair Programming Two authors develop code together at the same workstation, such is common in Extreme Programming. Tool-assisted code review Authors and reviewers use specialized tools designed for peer code review. 55. Explain the defect amplification model of software design. A defect amplification model can be used to illustrate the generation and detection of errors during preliminary design, detail design, and coding steps of the software engineering process. The model is illustrated schematically in the figure. A box represents a software development step. During the step, errors may be inadvertently generated. Review may fail to uncover newly generated errors from previous steps, resulting in some number of errors that are passed through.

56. Explain the notations used for control structures. Flow graph notation helps to represent various control structures of any programming language. Commonly used notations for representing control flow are shown in the figure: Here, Arrows called edges represent flow of control Circles called nodes represent one or more actions Areas bounded by edges and nodes called regions A predicate node is a node containing a condition

P a g e | 14
57. Explain the concept of cyclomatic complexity in detail. The cyclomatic complexity gives a quantitative measure of the logical complexity. This value gives the number of independent paths in the basis set, and an upper bound for the number of tests to ensure that each statement is executed at least once.

In the figure, the statements are numbered and the corresponding nodes also numbered with the same number. The sample program contains one DO and three nested IF statements. From the example we can observe that: Cyclomatic Complexity of 4 can be calculated as: a) Number of regions of flow graph, which is 4. b) #Edges - #Nodes + 2, which is 11-9+2=4. c) #Predicate Nodes + 1, which is 3+1=4. The above complexity provides the upper bound on the number of tests cases to be generated or independent execution paths in the program. The independent paths (4 paths) for the program shown are given below: Independent Paths: a) 1. 1, 8 b) 2. 1, 2, 3, 7b, 1, 8 c) 3. 1, 2, 4, 5, 7a, 7b, 1, 8 d) 4. 1, 2, 4, 6, 7a, 7b, 1, 8 58. What is benchmark testing? Benchmark is a standard mechanism to compare with other similar products. This type of testing is to compare the product with the standard benchmark available. 59. What is availability testing? To ensure the availability of the application to the user by verifying the user connections, check whether application responds to an input, 24x7 availability time and number of failed attempts to load a page. The above dictionary of testing types is designed to be a quick reference to help develop an appreciation, obtain some understanding and strengthen our testing vocabulary. Some of the testing types/definitions may overlap with each other and suggest nearly the same meaning.

P a g e | 15
60. What is security testing? Any software is subjected to security threat. It may be due to virus or hackers may misuse the software. In order to protect the software from these threats, security testing must be conducted. 61. What is user testing? Collect all the user scenarios through real user exercises and test the software. Participation by users is very important in this type of testing. 62. What is preventive testing? This type of Testing is through code review, formal inspection, design reviews and walkthroughs to prevent possible errors once the software is ready. This is a kind of static testing method and helps in documentation also. 63. What is cause effect graphing technique? How do you test code, which attempts to implement this? A cause effect graph is a directed graph that maps a set of causes to a set of effects. The causes may be thought of as the input to the program and the effects to be the output. Test code which attempts to implement this:Cause-effect graphing attempts to provide a concise representation of logical combinations and corresponding actions. a) Causes (input conditions) and effects (actions) are listed for a module and an identifier is assigned to each. b) A cause-effect graph developed. c) Graph converted to a decision table. d) Decision table rules are converted to test cases. 64. What are graph matrices? Explain with the help of an example. Graph matrices can automate derivation of flow graph and determination of a set of basis paths. A sample graph matrix is shown in the figure. The graph matrix: Is a square matrix with number of sides equal to number of nodes Rows and columns of the matrix correspond to the number of nodes in the flow graph Entries correspond to the directing edges. The matrix can associate a number with each entry of the edge.