Archive for August, 2011
Wednesday, August 24th, 2011 by Rex Black
We have lots of terms in software testing, but we’re not always clear what they mean. A common confusion is about the terms bug, defect, fault, failure, anomaly, incident, false positive, error, and mistake. Reader Rodrigo Cursino asks:
I read [Foundations of Software Testing]… You defined bug as a synonymous with fault or defect. If we exercise the part of software that contains that bug we’ll have a failure.
Now I’m reading your article “The Bug Reporting Processes” and I’m a little confused. Should the correct [title] be “The Failure Reporting Processes”. It’s because we report failures not bugs. The developers, based on the steps to reproduce the failure will be able to debug it and find the bug.
Rodrigo, you are right. This is a case of common usage prevailing of terminological rigor, I suppose. Many people talk about “bug reporting,” so I used that term in the article and in my book Critical Testing Processes.
If we want to be rigorous in our terminology, here’s the way to think about the sequence of events:
- The programmer makes a mistake (also called an error). This can be a misunderstanding of the internal state of the software, an oversight in terms of memory management, confusion about the proper way to calculate a value, etc.
- The programmer introduces a bug (also called a defect) into the code. This is the programmatical manifestation of the mistake.
- The tester executes the part of the software that contains the bug.
- If the test was properly designed to reveal the bug, the test can cause the buggy software to execute in such a way that the behavior of the software is not what the tester–who is closely observing the behavior–would expect. This difference between expected behavior and actual behavior is called an anomaly.
- The tester then investigates the anomaly to determine the exact failure. The failure may go beyond the obvious, immediately observable misbehaviors associated with the anomaly. For example, data might have been corrupted, another process improperly terminated, etc.
- The results of that investigation are a report, which is commonly referred to in the software business as a bug report, an incident report, a defect report, an issue, a problem report, or various other names.
- Whatever we call it, that report gets prioritized and (in some cases) ultimately routed to a programmer. The programmer then debugs the program in order to repair the underlying bug.
- Ideally, the bug fix (typically as part of a larger test release) comes back to the tester who reported the problem in the first place for a confirmation test. If the confirmation test passes, the report can be closed as fixed. If the confirmation test fails, the report should be re-opened.
Now, a few additional points are worth making:
- In some cases, when a tester runs a test, she observes an anomaly, but not due to a failure. This happens when the anomaly results from a bad test, bad test data, an improperly configured test environment, or simply a misunderstanding on the tester’s part. This situation is referred to as a false positive. Because some reports will inevitably be false positives–testers being human, they will also make mistakes–some people like to refer to them as incident reports. An incident is some situation that requires further investigation, and in this case the programmer will investigate whether the incident was really caused by a failure.
- Bugs (or defects) can be introduced into work products other than software. For example, a business analyst can put a bug into a requirements specification. Bugs in requirements specifications and design specifications (and code, for that matter) are ideally detected by reviews. When a bug is detected by a review (or by static analysis), notice that the bug is what is actually detected; the software is not executing, so no failure occurs.
- Some people use the word fault instead of bug or defect. I don’t like that term, and avoid it. When I talk about a fault, perhaps it sounds like I’m talking about something that is someone’s fault; i.e., implications of blame can arise. Bugs happen for various reasons, and individual carelessness is not at the top of the list. We should see bugs (and bug reports) as a way to understand the quality capability of the software process, not as a way to apportion blame.
So, back to Rodrigo’s bigger point: Does it really matter what we call the report? If you want to be 100% correct in your terminology, then incident report is probably the best name. However, I think that failure report is fine, too. I also think that, because these terms are so widely used, defect report and bug report are also acceptable. However, when using the terms defect report or bug report, it’s important that people keep in mind the sequence of events laid out above, and that the report actually describes the symptom of the bug, not the bug itself.
Tags: bug, defect, error, failure, fault, mistake, software testing
Posted in software quality, software test management, software testing | 2 Comments »
Monday, August 15th, 2011 by Rex Black
Blog reader Angee Tong asks the following interesting question about equivalence partitioning:
Hi Rex,
I have a question on the sample test analyst exam question below. I can’t figure out how the answer is derived. Can you walk me through the solution for this exam question?
Thanks.
Exam Question:
You are testing a computerized gas pump that allows users to pay using credit cards.
Four types of cards are accepted: Visa, MasterCard, Discover, and American Express. The pump will reject any other type of card. If given an accepted credit card, the pump validates the card. If the card is valid, the pump is turned on and the customer is told to begin pumping gas. The pump remains on until the transaction ends. The transaction ends when one of the following events occurs:
1. Pump handle is returned to the pump.
2. Amount reaches transaction limit for card
3. No gas is pumped within 2 minutes of validation of card
4. Emergency shut-off switch is thrown by the station attendant.
Assume that a test is consists of a triple set of values (card type, card validity, transaction ending). Design the minimum number of tests needed to cover all the equivalence partitions for each card brand, including both valid and invalid cards of each accepted type along with covering each equivalence partition for transaction endings. How many tests do you need?
I came up with 17 tests but it is the wrong answer. My reasoning is I counted the amount reaches card limit or within card limit count as two other equivalence partitions as well. Also I counted the emergency shut-off option as an equivalence partition. Should these three items not be counted as equivalence partitions? Can you explain how the answer 9 is derived?
Can you provide other sample questions similar to this for additional practice so I can make sure I learned to apply the test technique correctly? Thank you.
| Test Case |
Card |
No Gas Is Pumped Within 2+ Minutes |
Amount Within Card Limit |
Gas Is Pumped Within 2 Minutes |
Pump Handled Returned to Pump |
Amount Reaches Card Limit |
Emergency Shut-Off |
| 1 |
Invalid Card |
|
|
|
|
|
|
| 2 |
Visa |
Y |
Y |
|
|
|
|
| 3 |
Master Card |
Y |
Y |
|
|
|
|
| 4 |
Discover |
Y |
Y |
|
|
|
|
| 5 |
Amex |
Y |
Y |
|
|
|
|
| 6 |
Visa |
|
|
Y |
Y |
|
|
| 7 |
MasterCard |
|
|
Y |
Y |
|
|
| 8 |
Discover |
|
|
Y |
Y |
|
|
| 9 |
Amex |
|
|
Y |
Y |
|
|
| 10 |
Visa |
|
|
|
|
Y |
|
| 11 |
MasterCard |
|
|
|
|
Y |
|
| 12 |
Discover |
|
|
|
|
Y |
|
| 13 |
Amex |
|
|
|
|
Y |
|
| 14 |
Visa |
|
|
|
|
|
Y |
| 15 |
MasterCard |
|
|
|
|
|
Y |
| 16 |
Discover |
|
|
|
|
|
Y |
| 17 |
Amex |
|
|
|
|
|
Y |
Angee, what you’ve done in your solution is a form of combinational testing. In other words, you are testing each combination of credit card with transaction ending. That is not required for equivalence partitioning. In addition, you’re not testing the invalid card numbers for each accepted card type.
The answer is nine tests. Here’s why. There are four equivalence partitions for transaction endings. Those are all valid partitions. There are nine equivalence partitions for cards: four valid card numbers, one for each type; four invalid card numbers, one for each type; and, one invalid card type (e.g., a JCB).
Angee, there are a number of other practice questions for equivalence partitioning provided in the book and e-learning course. Make sure to go back and do the Foundation sample questions on test design techniques (Chapter 4), too.
Tags: equivalence partitioning
Posted in ISTQB certification, software testing | No Comments »
Wednesday, August 3rd, 2011 by Rex Black
Reader Patricia Osorio asked another interesting question:
Hi Rex
In chapter 8 [of the Advanced syllabus], I was reading about Standards and Test process improvements. There you talk about Efficiency and Effectiveness. I have one definition about these terms, but what do I have in mind about these terms in order to be prepared for the advanced exam?
Thank you
Regards
Patricia Osorio Aristizabal
To answer, I’ll quote my explanation of the difference from Chapter 2 of Beautiful Testing:
Each stakeholder has a set of objectives and expectations related to testing. They want these carried out effectively, efficiently, and elegantly. What does that mean?
Effectiveness means satisfying these objectives and expectations. Unfortunately, the objectives and expectations are not always clearly defined or articulated. So, to achieve effectiveness, testers must work with the stakeholder groups to determine their objectives and expectations. We often see a wide range of objectives and expectations held by stakeholders for testers. Sometimes stakeholders have unrealistic objectives and expectations. You must know what people expect from you, and resolve unrealistic expectations, to achieve beautiful testing.
Efficiency means satisfying objectives and expectations in a way that maximizes the value received for the resources invested. Different stakeholders have different views on invested resources, which might not include money. For example, a business executive will often consider a corporate jet an efficient way to travel, because it maximizes her productive time and convenience. A vacationing family will often choose out-of-the-way airports and circuitous routings, because it maximizes the money available to spend on the vacation itself. You must find a way to maximize value—as defined by your stakeholders—within your resource constraints to achieve beautiful testing.
Elegance means achieving effectiveness and efficiency in a graceful, well-executed fashion. You and your work should impress the stakeholders as fitting well with the overall project. You should never appear surprised—or worse yet dumbfounded—by circumstances that stakeholders consider foreseeable. Elegant testers exhibit what Ernest Hemingway called “grace under pressure,” and there’s certainly plenty of pressure involved in testing. You and your work should resonate as professional, experienced, and competent. To achieve beautiful testing, you cannot simply create a superficial appearance of elegance—that is a con man’s job—but rather you prove yourself elegant over time in results, behavior, and demeanor.
In an upcoming newsletter, I’ll include this chapter as the featured article.
Tags: effective software testing, efficient software testing
Posted in software test metrics, software testing | No Comments »
Tuesday, August 2nd, 2011 by Rex Black
Reader Patricia Osorio asks two good questions about a little-known test technique:
This is a question/suggestion. In the chapter 4 [of the Advanced syllabus], Test Techniques, I found Classification tree method technique. I know this technique…but it does not appear in the Foundation Syllabus. It appears in Advanced Syllabus. Why is this technique not included in Foundation Syllabus? Why it is classified as the same level of pair wise and orthogonal arrays? I have understood this technique as join application of BVA + Equivalence Partitioning + Error guessing + Defect based.
The answer to the first question, Patricia, is that this technique is really too sophisticated and complex to expect entry-level testers to master. Remember, the Foundation syllabus is meant to serve as an entry-level certification, such that people with no testing knowledge can take the training and exams as preparation to enter a testing career (or simply to be competent if posted temporarily in a testing role).
The answer to the second question is that pairwise testing techniques, include orthogonal arrays, are about testing combinations. That’s what classification trees allow you to do: define sophisticated types of combinations that you want to test. However, if you see affinities with other test techniques, that’s good; it probably means you’re thinking of ways to combine those techniques together and use them for specific problems, which is exactly what you want.
Tags: software test techniques, software testing
Posted in ISTQB certification, software testing | No Comments »
Tuesday, August 2nd, 2011 by Rex Black
Reader Patricia Osorio had another good question about the answer to the following question from our Advanced Test Manager e-learning course. Here’s the question:
A given organization is using reviews for development work products like code, requirements and design specifications; test work products like test plans, quality risk analyses, and test design specifications; and, documentation and help screens. The review processes have been in place for two years and are delivering excellent financial, quality, and schedule benefits.
You are attending a management team meeting. A senior executive raises the need to update the objectives by which the individual contributors are measured on their yearly performance evaluations. He suggests using defect counts from review meetings. He circulates a draft plan. Under the plan, people will be rewarded based on the number of defects they find in reviews. Further, people will be penalized if items they have produced incur too many defects during reviews.
Which of the following is a psychological factor affecting review success and failure that is likely to cause such an initiative to undermine the current success of the reviews?
- Scrutinize the document and not the author.
- Focus all participants on delivering high-quality items.
- Try to find as many defects as possible.
- Assemble the right team of reviewers.
The correct answer is the second option. Instead of focusing on delivering high-quality items, the reviewers will focus on trying to claim as many defects found in reviews as their own, and will raise as defects trivialities, in order to try to maximize their rewards, while the authors will try to refute every defect report, even the most serious, in order to try to minimize their punishments. We have seen this play out in real life with clients, so you must be careful.
Tags: software reviews
Posted in ISTQB certification, software quality, software testing | No Comments »
Tuesday, August 2nd, 2011 by Rex Black
Long-time reader Patricia Osorio asks about some material from our Advanced Test Manager e-learning course (and also from Advanced Software Testing: Volume 2):
1. In the section 6.4.1 Defect Removal Effectiveness of Reviews, I founded the following paragraph, Could you please explain me how to get the numbers [of remaining defects]?
First, imagine that you started with 1, 000 defects. You follow worst practices in reviews, but at least you review all types of items. In this case, you would enter testing with about 166 defects. Now, imagine that you started with 1, 000 defects again. However, this time you follow best practices (and again you review all types of items). This time, you go into testing with 3 defects.
The question refers to the following table:
| |
Least
|
Average
|
Most
|
| Requirements review |
20%
|
30%
|
50%
|
| High-level design review |
30%
|
40%
|
60%
|
| Functional design review |
30%
|
45%
|
65%
|
| Detailed design review |
35%
|
55%
|
75%
|
| Code review |
35%
|
60%
|
85%
|
So, if you follow the “least” column, after the requirements review, there are 800 defects remaining (20% removed), after the high level design review there are 560 defects remaining (30% removed), and so forth, with 166 the final figure for defects remaining. If you follow the “most” column, after the requirements review, there are only 500 defects remaining (50% removed), after the high level design review there are 200 defects remaining (60% removed), and so forth, with 3 the final figure for defects remaining.
Now, admittedly the real situation is a bit more complex than this. Defects are not introduced only in the requirements, but indeed in every work product. However, the basic point remains: the more defects are removed earlier in the lifecycle, the easier the job of testing.
Tags: software reviews, software testing
Posted in ISTQB certification, best practices, software testing | 1 Comment »
|
Rex Black is President of RBCS (
