Loading

Static Testing


It is a well-known fact that the value of detecting errors and defects during the development stage of an application is exceedingly high. Well, as the good old saying by Aristotle tells, to begin is half done. Likewise, the return on investment will be higher, if this detection can be achieved without the execution of application’s main code. Achieving this goal of testing has been made possible by Static testing, which is one important testing technique executed during the verification phase of the software. So, let’s plunge into a detailed discussion on static testing and reap as many benefits from it as we can.

Static Testing, the concept:

Static testing, which is a type of software testing methodology, is the verification of a software product, done in a static environment i.e. testing done without executing the code. Carried on by means of manual and automated reviews of documents, static testing enables early detection of defects during the initial phase of the development cycle of the product.

Features of Static Testing:

To attain clarity about static testing, it is important for us to acknowledge its features and components that set it apart from its counterparts as well as other software testing techniques. Therefore, mentioned here are some of the features of static testing:

  • It is a stage of white box testing.
  • Can also be referred as dry-run testing.
  • Can be performed manually or through the use of automated tools.
  • Improves the quality of software product.
  • It does not require the program to be executed.
  • Static testing is performed during the verification process.
  • Find errors and defects in the early stages of software development life cycle.
  • It can be tested either manually or with the assistance of various automated tools available in the IT industry.
  • Static testing ensures the functionality of the software.
  • Involves examination of program’s code.

Work document for Static testing:

Static testing involves going through written materials which can give a holistic view of the general working of the product under test. This information can be gained by delving through various documents and reports, other sources like:

  • Web page content.
  • Test Cases.
  • Design document.
  • Source code.
  • Requirements Specifications.
  • User Document.
  • Test plans.
  • Test Scripts.

Methods Used for Static Testing:

As stated above, the process of static testing can either be implemented manually or through the use of automated tools. The former method involves reviewing the various documents for error, while the latter involves analysis of software code. These two methods of static testing are:

  1. Review: During this method, documents prepared and published during various stages of software development are reviewed by the team, to remove numerous ambiguities as well as to eliminate errors and defect. The process of review is performed with the assistance of the following software testing techniques:
    • Informal.
    • Technical.
    • Walkthrough.
    • Inspection.
    • Static Code Review.
  2. Static Analysis: With the assistance of static analysis, the team is able to analyze the code written by software developers. Moreover, it allows them to find structural defects and apertures, which may lead to defects that can impact the quality as well as the functionality of the software. Performed with the assistance of tools, this method enables the team to identify and rectify the following issues and defects:
    • Helps to identify unreadable and dead codes.
    • Security vulnerabilities.
    • Violations of syntaxes and programming standards.
    • Variables with unidentified values.
    • Inconsistent variables between modules.

Static Testing Techniques:

Static testing is a process, that is frequently performed manually, by the team of testers. During this process, the team follows the method of software review, which further involves various testing techniques, such as:

  1. Informal reviews: Devoid of any process, this aspect involves a general review of working manual of the product and ends with a small bunch of unofficial comments which are never documented. Generally a team of two persons are involved with the aim of improving the quality of the document along with the author.
  2. Technical Reviews: Similar to the previous technique, a team headed by a technical expert and consisting of designers, users and technical architects, detects flaws in the product. An assessment of technical concepts along with a description of suitable alternatives to the product is done. At the end of it, the reviews are documented.
  3. Walkthroughs : The document of the code is presented to a team of programmers, recorders, and readers. The code is meticulously gone through step by step in detail. Participants then ask questions relating to errors and possibilities of violation of development standards.
  4. Inspection: Often used for safety/ time related criticality of the system, inspection is pretty similar to the walkthrough, except that it is a lot stricter and formal in nature. Also, greater number of sophisticated errors comes out for QA testing.
  5. Static Code review: It is a review of the source code of the software product and involves checking of syntax, the standards of coding involved, along with the coding optimization.

Merits and Demerits of Static Testing:

Before implementing static testing, it is crucial for the team to accumulate all the necessary and relevant information and knowledge about the technique, which will help make informed decisions, as well as allow them to be prepared with necessary tools and actions. Therefore, following are the merits and demerits of static testing:

Merits:

  • Reduces the cost of rework as it identifies defects in the early stages of software development cycle.
  • The feedback received from this testing helps to improve the functioning of the process, which further assists the team to avoid similar defects and issues.
  • Offers increased awareness about the various quality issues in the software.
  • Improves communication, about critical and important information, among team members.
  • Substantially reduces efforts for rework, which further promotes productivity of the development.

Demerits:

  • The process of static testing can be time consuming, as it is majorly performed manually.
  • It inhibits one to find vulnerabilities introduced in the runtime environment.

Difference Between Static Testing & Dynamic Testing:

The process of static testing can be better understood comparing it with its counterpart dynamic testing. Though usually used by inexperienced testers interchangeably, dynamic testing has several distinct different and divergent qualities and features, some of which are overcome by static testing. Hence, to highlight the differences among static and dynamic testing here is a detailed comparison of the two:

Static Testing Dynamic Testing
1. Static testing is performed during the early stages of development cycle. 1. Performed during the later stages of software development life cycle.
2. During this type of testing, tests are performed without executing the program. 2. Here, the program is executed by the team to test the software product.
3. It is performed during the verification stage. 3. It is executed during the validation stage.
4. Offers more statement coverage than dynamic testing in a shorter span of time. 4. As it a covers limited area of the code, dynamic testing requires less statement coverage.
5. Offers code and documentation assessment. 5.It provides bugs and bottlenecks of the software.
6. Involves various assessment methods like walkthrough, inspection, review, and more. 6. Involves both functional and non-functional testing.
7. The objective of static testing is to mainly prevent defects in the software. 7. The objective of testing here is to find and fix defects.
8. It is a comprehensive testing of the code, which helps find more defects in the system. 8. Finds fewer defects than static testing.
9. This is a cost effective testing technique, that requires minimal time for assessment. 9. Dynamic testing is time consuming as it tests each test case separately.
10. Static testing is performed without executing the code. 10. This type of testing is done by executing the code.
11. It is done before the deployment of the code by the team. 11. It is performed once the code is deployed by the team.
12. The percentage of fixing defects is higher in static testing. 12. The bugs fixed during dynamic testing are fewer than static testing.
13. This type of testing follows a checklist for the process of test execution. 13. Here, test cases are prepared by the team to execute the process.
14. To ensure the quality of testing, collecting more feedback and reviews is required. 14. To validate the quality of testing during dynamic testing finding more defects is recommended.

Tips for Static Testing:

When it comes to testing a software product, it is always advised by the team to follow some tips or suggestions, which can simplify the process of testing and help them get accurate and expected results. Likewise, for static testing also, following tips are provided, which can help the team immensely.

  • Thoroughly plan and monitor the review and inspection activities during the testing process.
  • The team should be focused on testing elements that really count or can impact the effectiveness of the product.
  • Issues and defects detected by the team during static testing should be reported and resolved immediately.
  • The team lead or manager should constantly indulge in improvement activities to enhance the process of testing as well as to ensure the accuracy of the results.
  • Team should be focused on eradicating any delays in the in test execution.
  • The team should prioritize the vulnerabilities.
  • Tools can be used to enforce secure code practices.

Tools Used for Static Testing:

Before we conclude our discussion on static testing, it is extremely crucial for us to mention the popular tools used by software testers around the world for the process of static testing. Nowadays, when the market is full of various open source as well paid tools, this list will help you easily get secure and reliable tools that offer remarkable advantages to their users. Hence, here is a list of popular tools used for static testing are:

  1. Veracode.
  2. RIPS Technologies.
  3. PVS Studios.
  4. Kiuwan.
  5. Gamma.
  6. SnappyTick.
  7. Coverity.
  8. CAST.
  9. Application Inspector.
  10. CodeDX.
  11. IBM Security AppScan.
  12. LDRA.

Conclusion:

In spite of the fact that static testing requires a long time spent in heady discussions and meetings, it is well worth the time to prevent defects from occurring at the latter stages of product development. Therefore static testing is rightfully considered as a major step towards developing an application zero bugs.