Testing Methods


These are currently popular methods to test software.

Fuzz Testing

  • Input massive invalid, unexpected, or random data(Fuzz) to find errors or vulnerabilities in the software.
  • Effective on blackbox testing
  • Pros
    • Simple
    • Provides results with little effort
  • Cons
    • May miss bugs that don’t trigger a full program crash
    • May be less likely to trigger bugs that are only triggered in highly specific circumstances


Stochastic Testing

  • Input random sequence of datas 


Model-based Testing

  • Generates meaningful test case models which can detect errors on the desired behavior.


Symbolic Testing

  • Replace inputs of program with symbolic variables.
  • Track symbols rather than concrete input
  • When execution path diverges, fork and add constraints on symbolic values
  • Find the feasibility of all paths in the program.
  • Quite expensive for finding feasibility of path.
x = read();
if (x > 3) {
  y = 1;
  if (x < 0)
    y = 2;
} else y = 3;

After changing with symbolic variables, it checks the feasibility of paths. On above example, the expression (y = 2; on line #5) will not be reached.

  • Challenges
    • path explosion
      • Exponential in branching structure
      • Loop on symbolic variables
    • Complex code and environment dependencies
      • System calls
      • Library calls
      • Recursive calls
  • Possible Solutions
    • For “path Explosion”
      • Random search (e.g., randomly restart in a while loop, pick next path randomly), but check coverage implementation is required
      • Combined search
    • For “complex code and environment dependencies”
      • Simulate system call
      • Build simple versions of library calls
      • Run library an system calls with a concrete value
      • Summarize the loops
  • Applications:
    • Detecting infeasible paths
    • Generating test inputs
    • Finding bugs and vulnerabilities
    • Proving two code segments are equivalent (Code Hunt)


Concolic Testing (Concrete + Symbolic)

  • Input actual concrete value to the program, then generate new input by changing the path condition.
  • Less expensive than Symbolic testing.


A/B (or split, bucket) Testing

  • Comparing two versions of software which performs better
  • Statistical analysis which performed better

e.g.) randomly showing two different versions to users, and see which one had more uses


Boundary Testing

  • Extreme ends like Start- End, Lower- Upper, Maximum-Minimum, Just Inside-Just Outside values are called boundary values and the testing is called “boundary testing”.
  • Input variables are selected at their:
    • Minimum
    • Just above the minimum
    • A nominal value
    • Just below the maximum
    • Maximum
  • Boundary Testing comes after the Equivalence Class Partitioning.


Equivalence partitioning or equivalence class partitioning (ECP)

  • Software testing technique that divides the input data of a software unit into partitions of equivalent data from which test cases can be derived
  • In principle, test cases are designed to cover each partition at least once.
  • This technique tries to define test cases that uncover classes of errors, thereby reducing the total number of test cases that must be developed.
    • Pros: reduction in the time required for testing software due to lesser number of test cases




  • https://www.guru99.com/equivalence-partitioning-boundary-value-analysis.html
  • https://en.wikipedia.org/wiki/Equivalence_partitioning

Leave A Comment

Your email address will not be published. Required fields are marked *