What is Negative Testing? Test cases With Example

Negative Testing

Negative Testing is a software testing type used to check the software application for unexpected input data and conditions. Unexpected data or conditions can be anything from wrong data type to strong hacking attack. The purpose of negative testing is to prevent the software application from crashing due to negative inputs and improve the quality and stability.

By just doing positive testing we can only make sure our system is working in normal conditions. We have to make sure that our system can handle unexpected conditions to ensure a 100% fault-free system.

Example of Negative Testing

Consider the case of a lift which is a commonly considered example of negative testing.

We all know the functionality of a lift. These will be considered as the requirements of a lift like pressing the floor number make the lift go to that particular floor.

The door opens automatically once the lift reaches the specified floor and so on.

Now let’s consider some negative scenarios for lift. Some of them are,

Negative Testing Positive Testing
What happens if the number of persons (weight) exceeds the specified limit? Assumes the only specified number of persons will enter the lift
What happens if someone smokes or cause a fire inside the lift? There won’t be smoke or fire inside the lift
What happens if there is a power failure during operation? There won’t be a power failure during the working of the lift

All these cases will come under negative testing. The importance of this is that we can’t make sure that all the above mentioned won’t happen, so we need them contained.

Consider the case that the overweight condition is checked and on implementation, the lift performs abnormal when there is an overweight condition. This will make a potential impact on the reliability of the system and can even cause danger to life. This explains what is negative testing and its importance.

The same case is applied in software also. For negative testing, we have deviated from a normal operational procedure. Let’s go through some examples.

Consider a registration form for example.

Negative Testing Positive Testing
Try to enter an invalid email id in the email field Only valid email ids will be entered in an email field
Try to enter an invalid phone number in a phone number field (characters) The only number will be entered in the number field
Upload image with size out of specified boundary Only images with size under specified boundary will be uploaded
Upload invalid files like XML, SQL, etc. files in image upload field Upload only valid image formats like jpg.png, etc.

As we said earlier, we have to make sure in all these negative cases our system will work properly. Consider the case if someone tries to enter a character in the number field and the system can’t process the unexpected data since it is expecting a number, and finally, the system crashes. Or what if someone tries to do an SQL injection and erase all our data from the database. We can’t bear such potential losses. So negative testing is important.

Why do Negative Testing?

Since testing is time and cost consuming task, deciding ‘what’, ‘how’ and ‘how much’ to test is really important. We have to choose wisely whether we have to do negative testing in our system or not. So let’s have a look at the importance of negative testing.

Organization perspective

It is the responsibility of the organization to provide a good quality product to its client. To achieve this, one has to do negative testing.

As a part of confirmation against a failure, an organization has to do negative testing.

Maybe we can’t build a 100% error free system, but we have to make sure that we have done everything to prevent a failure, in order to achieve that we should do negative testing.

The impact is one factor which we have to consider. Consider we have done positive testing on an e-commerce site and make sure everything is fine. But what if there is a loophole in our system that someone can do SQL injection and erase all our data. That will be a great security breach. To avoid this type of cases, one has to do negative testing too.

For applications open for public, mainly websites we have to always keep in mind that we don’t have much control the using procedure of the application, so we have to do negative testing to make sure that all such cases are covered and contained.

Another thing we need to take care is that there are a lot of black hackers out there who are looking for an opportunity to destroy the system. Hacking is an important case covered in negative testing

Client perspective

Clients always expect zero vulnerability products, in order to ensure that negative testing is a must

If it is a sensitive product like e-commerce, online stock, etc., then security and negative testing is a must.

The only concern to the client regarding negative testing is that the cost. But once the impact is analyzed it is up to the client to decide whether to do or not negative testing.

How to do negative testing

To do negative testing we have to consider all the possible cases. That is if it is possible we have to consider it in the Test Case no matter whether it is not the right way to use it. For example, if we see an email field think about all possible inputs we can put there other than correct email format. Same way when we see an image upload option, we have to test it with all possible files.

While creating negative test cases we have to prioritize the inputs otherwise, there will be a lot of cases possible. For example, for an image field where only ‘.png’ files are supposed to enter we can have a lot of options to upload like ‘jpeg’, ‘xml’, ‘xls’, etc.. So we need to prioritize the options like XML and SQL can have greater impact than that of jpeg and xls so we should take care of SQL and XML cases first. Like this, we have to prioritize the cases before execution to save time and testing cost.

Pros and cons of negative testing

Like all other testing techniques, there are pros and cons for negative testing mainly based on the ‘where’, ‘when’ and ‘how’ to use. Let’s take a look at this.

Advantages of Negative Testing

  • As we all know negative testing is very important to ensure the quality of a product. A good quality product is a zero vulnerability product, to ensure that negative testing is very important.
  • Doing negative testing makes sure that all possible cases are covered. Intentionally or unintentionally there is a chance of negative test cases to occur. So to make sure all cases are covered we have to do negative testing along with positive testing.
  • Negative testing will make more confidence to the client before going live.

Disadvantages of Negative Testing

  • In Software Engineering, Negative testing in some cases becomes a waste of time and energy. In many cases, there is no need for excessive negative testing. For example, if an application is created for single person use, then we don’t have to consider the case that 100 user uses the system at a time. So deciding conditions in negative test cases are very important. There will be times where we don’t have to do negative testing on a particular system.
  • Require skilled and experienced people to create negative test cases.
  • To the client, negative testing is another thing that causes unnecessary delay in release and cost adder.
  • A chance that a team spends more time and energy on negative testing. There is a chance that testers spend a lot of time and energy in negative testing that results in a lower concentration in positive testing.