Static Testing is a software testing technique which is used to check defects in software application without executing the code. Static testing is done to avoid errors at an early stage of development as it is easier to identify the errors and solve the errors. It also helps finding errors that may not be found by Dynamic Testing.
Its counterpart is Dynamic Testing which checks an application when the code is run. Refer to this tutorial for a detailed difference between static and dynamic testing.
The two main types of static testing techniques are
- Manual examinations: Manual examinations include analysis of code done manually, also known as REVIEWS.
- Automated analysis using tools: Automated analysis are basically static analysis which is done using tools.
- Informal Reviews
- Technical Reviews
- Static Analysis
- Data Flow
- Control Flow
Various tools used for Static Testing are as follow,
A review in Static Testing is a process or meeting conducted to find the potential defects in the design of any program. Another significance of review is that all the team members get to know about the progress of the project and sometimes the diversity of thoughts may result in excellent suggestions. Documents are directly examined by people and discrepancies are sorted out.
Reviews can further be classified into four parts:
- Informal reviews
- Technical review
During the Review process four types of participants that take part in testing are:
- Moderator: Performs entry check, follow up on rework, coaching team member, schedule the meeting.
- Author: Takes responsibility for fixing the defect found and improves the quality of the document
- Scribe: It does the logging of the defect during a review and attends the review meeting
- Reviewer: Check material for defects and inspects
- Manager: Decide on the execution of reviews and ensures the review process objectives are met.
Types of defects which can be easier to find during static testing are:
- Deviations from standards
- Non-maintainable code
- Design defects
- Missing requirements
- Inconsistent interface specifications
Usually, the defect discovered during static testing are due to security vulnerabilities, undeclared variables, boundary violations, syntax violations, inconsistent interface, etc.
Some useful tips to perform a static testing process in Software Engineering.
- Focus only on things that really count
- Explicitly plan and track review activities. A software walkthrough and inspection are generally composite into peer’s reviews
- Train participants with Examples
- Resolve people issues
- Keep process formal as the project culture
- Continuous Improvement – Process and Tools
- By removing the major delays in test execution, testing cost and time can be reduced
Static testing is performed due to the following reasons
- Early defect detection and correction
- Reduced development timescales
- Reduced testing cost and time
- For improvement of development productivity
- To get fewer defect at a later stage of testing
In Static Testing, following things are tested
- Unit Test Cases
- Business Requirements Document (BRD)
- Use Cases
- System/Functional Requirements
- Prototype Specification Document
- DB Fields Dictionary Spreadsheet
- Test Data
- Traceability Matrix Document
- User Manual/Training Guides/Documentation
- Test Plan Strategy Document/Test Cases
- Automation/Performance Test Scripts
To perform Static Testing, it is done in the following ways,
- Carry out the inspection process to completely inspect the design of the application
- Use a checklist for each document under review to ensure all reviews are covered completely
The various activities for performing Static Testing are:
- Use Cases Requirements Validation: It validates that all the end-user actions are identified, as well as any input and output associated with them. The more detailed and thorough the use cases are, the more accurate and comprehensive the test cases can be.
- Functional Requirements Validation: It ensures that the Functional Requirements identify all necessary elements. It also looks at the database functionality, interface listings, and hardware, software, and network requirements.
- Architecture Review: All business level process like server locations, network diagrams, protocol definitions, load balancing, database accessibility, test equipment, etc.
- Prototype/Screen Mockup Validation: This stage includes validation of requirements and use cases.
- Field Dictionary Validation: Every field in the UI is defined well enough to create field level validation test cases. Fields are check for min/max length, list values, error messages, etc.
- Static testing is to find defects as early as possible.
- Static testing not a substitute for dynamic testing, both find a different type of defects
- Reviews are an effective technique for Static Testing
- Reviews not only help to find defects but also understand missing requirements, design defects, non-maintainable code.