Basics & Preface
Basics of Software Testing
Phase of Detection vs Cost to Fix
| Phase of Detection | Cost | Description | Example |
|---|---|---|---|
| Requirements / Design | Lowest | Errors are caught before implementation begins. | Missing requirement for user authentication identified during requirement review |
| Coding / Unit Testing | Moderate | Errors are fixed by the developer during the creation phase. | Null pointer exception caught during unit testing of a function |
| Integration Testing | Higher | Errors involve complex interactions between components. | API incompatibility discovered when integrating payment gateway with checkout system |
| Post-Deployment | Highest | Results in financial loss, damage to reputation, and potential loss of life. | Critical security vulnerability in production allowing unauthorized data access |
Categories of Software and Specialized Risks
Different software environments present unique testing challenges and require tailored methodologies:
| Category | Description | Specialized Risks | Testing Considerations |
|---|---|---|---|
| Embedded Software | Tightly coupled with hardware (e.g., car GPS, autopilot, power windows). | Safety-critical; errors lead directly to physical accidents and potential loss of life. | Hardware-in-the-loop testing, real-time constraints, safety standards compliance (ISO 26262, DO-178C). |
| Enterprise Software | Operates in banking and finance with large databases and critical server requirements. | Data corruption, security breaches, financial losses, regulatory non-compliance. | Data integrity validation, performance testing under load, security auditing, compliance testing. |
| Web Applications | Browser-based applications accessible via internet, running on servers. | Cross-browser compatibility issues, security vulnerabilities (XSS, CSRF), scalability challenges. | Cross-browser testing, responsive design validation, API testing, load testing, security penetration testing. |
| Mobile Applications | Native or hybrid apps running on smartphones and tablets. | Device fragmentation, OS version compatibility, battery drain, offline functionality issues. | Device farm testing, OS version compatibility, network condition testing, battery/performance profiling. |
| Free and Open Source Software (FOSS) | Software with source code available for public use and modification. | Code quality inconsistencies, security vulnerabilities from unmaintained dependencies, licensing compliance. | Code review processes, dependency vulnerability scanning, license compatibility verification, community testing. |
Facts vs. Myths in Software Testing
To maintain an objective approach to quality assurance, professionals must distinguish between the capabilities and limitations of testing.
| Fact | Myth / Limitation |
|---|---|
| Testing is a proven technique for finding and fixing real errors. | Testing cannot prove that a piece of software is 100% correct; it can only prove the presence of errors, not their absence. |
| Testing is heavily automated using frameworks like JUnit. | Testing cannot be fully automated; human intervention is required for domain-specific test case design. |
| Testing is most effective when combined with quality reviews and audits. | Testing alone is not a substitute for a comprehensive quality assurance process. |