White Box Testing: Testing With a View of the Software Code

White box testing strategy deals with the internal logic and structure of the code. This strategy is also known as glass box testing, structural testing, open box testing and clear box testing. The tests written based on the white box testing strategy incorporate coverage of the code written, branches, paths, statements and internal logic of the code etc. Superficial knowledge on software is not sufficient for doing this test. The engineer must have profound knowledge of the internal working of software in order to select the test data and also know the tests to perform. He must have studied the software thoroughly and should know the functional capabilities of the software without which the tests will not be accurate. If he has programming knowledge, then only then he can analyze why the program is doing something that it shouldn't be doing. In case any part of the test is omitted the test will be unsuccessful and the program will not function.

The process of white box testing includes software testing types such as unit testing, static and dynamic analysis, statement coverage, branch coverage, security testing and mutation testing and each of these tests have their own purpose.

Unit testing is the method of testing to make sure that smallest unit of your software is working properly in isolation. In this, testing is carried out on the minimal software component or module. They get integrated once the module testing is completed. This testing starts from the beginning of development of software. The unit testing is normally combined with scaffolding software developed by the software implementation team. In this one unit has to be built and tested before taking up another one. Static testing is also called as dry run testing. This is a form of software testing where the actual program or application is not used and analysis of a program is carried out without executing the program. In this testing method the programmers manually read their own code to find any errors in the software. This is not a detailed test and it checks only for the sanity of the code, document and algorithm. Dynamic analysis involves first reading the code to see if it is defective in any way and then running the code to determine the final output.

Statement coverage or Code coverage describes the degree to which the source code of a program has been tested. It is a form of testing that inspects the code directly and is therefore a form of white box testing. In this each of the code in the program is run one after the other in the order it is written and executed. Any side effects or errors are observed and corrected. Branch coverage helps the engineer to check the code logic while branching. No application can be written with single continuous code and the coverage helps in monitoring the changes in functionality when the code branches off.

Nowadays, software security has gained enormous importance in the world of software development. Many companies have computerized scientific, industrial and financial areas of operation and data is passed through internet either for communication or research or money transfer and all these operations are very critical and if not protected this will be detrimental to the profitability of the organization. The internet service provider must ensure that the information and network are secured from the intruders. The software security has to be inbuilt in the system from the day of starting the development and the matter has to be viewed very seriously. As more and more additions are made to the software there is further need for security. All these mean that the security testing has to be done carefully and diligently when new software is developed. Nowadays one comes across the misdeeds of hackers and crackers who breach the security of many organizations thereby getting access to the internals of organization data including finances. The security testing has to be done by a qualified technician who can detect errors and modify the code suitably. The purpose of mutation test is to find the code that is modified and also the code that causes efficient functioning of the application.