Introduction to software engineering

Course Code: SE104

Target Group: Software Engineering
Instructor: Biniam Behailu

July, 2024
Chapter 6 Outline
Verification and validation (SW testing)
01 Software testing terminologies

02 Software testing lifecycle

02 Software Quality Assurance (SQA)

04 Software Security Engineering

Software Testing

 Software testing is the process of evaluating and verifying that a

software product or application does what it’s supposed to do
 The primary goal of software testing is to identify defects or bugs
within the software to ensure it meets the specified requirements
and works as expected.
 It is the process of executing a program /application under positive
and negative conditions by manual or automated means.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 3

Software Testing

 It checks for the Specification, Functionality, Performance

 A process used to identify the correctness, completeness and quality
of developed software.
 The benefits of good testing include preventing bugs and improving
performance.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 4

Software Testing (Terminologies)

 Error: An error is a mistake, inaccuracy, or deviation from

correctness.
 It is a state or condition that is unintended, undesirable, and usually
requires correction.
 Errors can occur in various contexts, such as human actions, computer
systems, mathematical calculations, or any kind of process.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 5

Software Testing (Terminologies)

 Fault: A fault is a defect, flaw, or imperfection that causes a system

or component to fail or malfunction.
 Faults can be physical, like a hardware component failure, or logical,
like a software bug.
 Faults can lead to errors and ultimately result in system failures.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 6

Software Testing (Terminologies)

 Bug: A bug is a software defect or an error in a computer program or

system that causes it to produce an incorrect or unexpected result,
or to behave in unintended ways.
 Bugs can stem from mistakes in the program's source code or design,
and they need to be identified and fixed to ensure the software
functions correctly.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 7

Software Testing (Terminologies)

 Failure: A failure is the inability of a system or component to perform

its required function within specified limits.
 Failures can be caused by various factors, including errors, faults,
design flaws, environmental conditions, or improper use.
 When a system fails, it stops working as intended, which can have
serious consequences depending on the context.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 8

Software Testing (Terminologies)

Software Verification:
 Verification is the process of confirming if the software is meeting the
business requirements, and is developed adhering to the proper
specifications and methodologies.
 Verification ensures the product being developed is according to
design specifications.
 It focuses on "Are we building the product right?" by checking if the
software conforms to its specified functional and non-functional
requirements.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 9

Software Testing (Terminologies)

Software Validation
 Validation is process of examining whether or not the software
satisfies the user requirements. It is carried out at the end of the
SDLC.
 Validation ensures the product under development is as per the user
requirements.
 It focuses on "Are we building the right product?" by evaluating if the
software fulfills user expectations and solves the intended business
problem.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 10

Software Testing Life Cycle (STLC)

 The software testing life cycle (STLC) is a framework that outlines the
different phases involved in the testing process for a software
application or system.

Requirements Analysis Test Planning Test Case Design

Test Environment Setup

Defect Reporting and

Test Closure Test Execution
Tracking

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 11

Software Testing Life Cycle (STLC)

1. Requirements Analysis
 In this phase, the testing team analyzes the software requirements,
functional specifications, and design documents to understand the
system's expected behavior and identify potential areas for testing.
 The team identifies the testing objectives, scope, and constraints
based on the requirements.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 12

Software Testing Life Cycle (STLC)

2. Test Planning
 The testing team creates a comprehensive test plan that outlines the
testing strategy, test approach, test methods, and resource
requirements.
 The test plan defines the testing objectives, test types, test
environment setup, test data requirements, and the overall testing
schedule.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 13

Software Testing Life Cycle (STLC)

3. Test Case Design

 A test case is a detailed description of the steps to be taken and the
expected results to verify a specific feature or functionality of a software
application.
 The testing team designs test cases based on the software requirements
and specifications.
 Test cases include inputs, expected outputs, and the steps to be followed
during testing.
 The team also defines the test data required for executing the test cases.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 14

Software Testing Life Cycle (STLC)

4. Test Environment Setup

 The testing team sets up the necessary infrastructure, including
hardware, software, and tools, to support the testing activities.
 This phase involves the installation, configuration, and verification of
the test environment.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 15

Software Testing Life Cycle (STLC)

5. Test Execution
 The testing team executes the designed test cases in the established
test environment.
 During test execution, the team records the actual results and
compares them against the expected results.
 Any discrepancies between the actual and expected results are
identified as defects or bugs.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 16

Software Testing Life Cycle (STLC)

6. Defect Reporting and Tracking

 The testing team documents the identified defects or bugs and logs
them in a defect tracking system.
 The defects are assigned a priority and severity level based on their
impact on the software functionality and user experience.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 17

Software Testing Life Cycle (STLC)

7. Test Closure
 The testing team analyzes the overall testing process, including the
test results, defect reports, and the achieved test coverage.
 A test closure report is generated, summarizing the testing activities,
outcomes, and any unresolved issues or risks.
 The team also makes recommendations for future testing efforts or
improvements to the STLC.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 18

Types of Testing

 Manual - This testing is performed without taking help of automated

testing tools.
 The software tester prepares test cases for different sections and levels of
the code, executes the tests and reports the result to the manager.
 Manual testing is time and resource consuming.
 The tester needs to confirm whether or not right test cases are used. Major
portion of testing involves manual testing.
 It's effective for exploratory testing and scenarios that require human
judgment.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 19

Types of Testing

 Automated: This testing is a testing procedure done with aid of automated

testing tools.
 Testing where tests are automated and executed using scripts, tools, or
software.
 A test needs to check if a webpage can be opened in Internet Explorer. This
can be easily done with manual testing. But to check if the web-server can
take the load of 1 million users, it is quite impossible to test manually.
 There are software and hardware tools which helps tester in conducting
load testing, stress testing, regression testing.
 It helps in repetitive testing tasks, regression testing, and ensuring
consistency.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 20

Testing tools

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 21

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 22
Static Testing

 Static testing is performed without actually executing the software

program or application.
 It involves the review and analysis of the software's artifacts, such as
requirements, design documents, source code, and documentation.
 Static testing is typically performed early in the software
development life cycle and is effective in identifying issues before the
code is executed.
 Static testing techniques include Code reviews, Walkthroughs,
Inspections, Linting

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 23

Dynamic Testing

 Dynamic testing involves executing the software program or

application and observing its behavior.
 It focuses on the software's runtime characteristics and interactions
with its environment.
 Dynamic testing is typically performed throughout the software
development life cycle and helps identify issues that may not be
detected during static testing.
 Dynamic testing techniques include Unit testing, Integration testing,
System testing, Acceptance testing, Performance testing

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 24

Testing Techniques

 Tests can be conducted based on two approaches

1. Functionality testing
2. Implementation testing
 When functionality is being tested without taking the actual
implementation in concern it is known as black-box testing.
 The other side is known as white-box testing, where not only
functionality is tested but the way it is implemented is also analyzed.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 25

Black-Box Testing

 It is carried out to test functionality of the program and also called

‘Behavioral’ testing.
 The tester in this case, has a set of input values and respective
desired results.
 On providing input, if the output matches with the desired results,
the program is tested ‘ok’, and problematic otherwise.
 In this testing method, the design and structure of the code are not
known to the tester, and testing engineers and end users conduct
this test on the software.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 26

White-Box Testing

 It is conducted to test program and its implementation, in order to

improve code efficiency or structure.
 It is also known as ‘Structural’ testing or ‘glass-box’ testing.
 In this testing method, the design and structure of the code are
known to the tester.
 Programmers of the code conduct this test on the code.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 27

Levels of Testing

 Testing itself may be defined at various levels of SDLC.

 The testing process runs parallel to software development.
 Before jumping on the next stage, a stage is tested, validated and
verified.
 Testing separately is done just to make sure that there are no hidden
bugs or issues left in the software.
 Software is tested on various levels.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 28

Levels of Testing

 Testing itself may be defined at various levels of SDLC.

 The testing process runs parallel to software development.
 Before jumping on the next stage, a stage is tested, validated and
verified.
 Testing separately is done just to make sure that there are no hidden
bugs or issues left in the software.
 Software is tested on various levels.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 29

Levels of Testing

Unit Testing
 Testing individual components or modules of the software to ensure
they work as expected.
 This type of testing is performed under white-box testing approach.
 Unit testing helps developers decide that individual units of the
program are working as per requirement and are error free.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 30

Levels of Testing

Integration Testing
 Even if the units of software are working fine individually, there is a
need to find out if the units if integrated together would also work
without errors.
 Testing how different components or modules of the software work
together.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 31

Levels of Testing

System Testing
 The software is compiled as product and then it is tested as a whole.
 This can be accomplished using one or more of the following tests:
o Functionality testing - Tests all functionalities of the software against
the requirement.
o Performance testing - This test proves how efficient the software is. It
tests the effectiveness and average time taken by the software to do
desired task.
o Security & Portability - These tests are done when the software is
meant to work on various platforms and accessed by number of
persons.
Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 32
Levels of Testing

Acceptance Testing
 When the software is ready to hand over to the customer it has to go
through last phase of testing where it is tested for user-interaction
and response.
 Testing the software to verify that it meets the customer's or end-
user's acceptance criteria.
 This is important because even if the software matches all user
requirements and if user does not like the way it appears or works, it
may be rejected.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 33

Alpha Vs Beta Testing

 Alpha testing - The team of developer themselves perform alpha

testing by using the system as if it is being used in work environment.
 They try to find out how user would react to some action in software
and how the system should respond to inputs.
 Beta testing - After the software is tested internally, it is handed over
to the users to use it under their production environment only for
testing purpose.
 This is not as yet the delivered product.
 Developers expect that users at this stage will bring minute problems,
which were skipped to attend.
Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 34
Regression Testing

 Regression testing can be performed on a new build when there is a

significant change in the original functionality.
 It ensures that the code still works even when the changes are occurring.
 Regression means Re-test those parts of the application, which are
unchanged.
 Regression tests are also known as the Verification Method. Test cases are
often automated.
 Test cases are required to execute many times and running the same test
case again and again manually, is time-consuming and tedious too.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 35

Non-Functional Testing

 A type of software testing which checks the non-functional aspects

such as performance, usability, reliability, etc. of a software
application.
 It is designed to test the readiness of a system as per non-functional
parameters which are never addressed by functional testing.
 Should increase usability, efficiency, maintainability, and portability of
the product.
 Helps to reduce production risk and cost associated with non-
functional aspects of the product.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 36

Non-Functional Testing

 Optimize the way product is installed, setup, executes, managed and

monitored.
 Collect and produce measurements, and metrics for internal research
and development.
 Improve and enhance knowledge of the product behaviour and
technologies in use.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 37

Performance Testing

 Performance testing is a type of software testing that focuses on

evaluating the performance characteristics of a software system or
application under different workloads and conditions.
o Load Testing: Evaluating the system's behavior under normal or peak
anticipated loads.
o Stress Testing: Pushing the system to its limits by applying extreme loads
to identify its breaking point.
o Endurance (Soak) Testing: Assessing the system's ability to maintain
performance over an extended period of time under a sustained load.
o Spike Testing: Evaluating the system's response to sudden, large
increases in user traffic or workload.
Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 38
Release Testing

 Release testing, also known as deployment testing or production

testing, refers to the process of testing a software application or
system in its production environment before making it available to
end-users or customers.
 The primary goal of release testing is to ensure that the software is
stable, reliable, and performs as expected in the live environment.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 39

Release Testing

 Effective release testing minimizes the risk of deploying software with

critical defects or performance issues, ensuring a positive user
experience and maintaining business continuity.
 It bridges the gap between development and operations, providing
confidence to stakeholders that the software is ready for production
use.
 Can include regression testing and acceptance testing.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 40

Software Quality

 Software quality is concerned with ensuring that developed software

systems are “fit for purpose.”
 That is, systems should meet the needs of their users, should
perform efficiently and reliably, and should be delivered on time and
within budget.
• Correctness • Functionality
• Reliability • Performance
• Usability • Security
• Efficiency • Testability
• Maintainability • Scalability
• Portability • Interoperability

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 41

Software Quality Assurance(SQA)

 Software Quality Assurance (SQA) is a systematic process that

ensures the quality of software throughout its development
lifecycle.
 It involves a set of activities and practices aimed at ensuring that the
software meets predefined standards and requirements.
 SQA encompasses the entire software development process, from
planning and design to coding, testing, and maintenance.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 42

Software Quality Assurance(SQA)

 Standards and Procedures: Establishing and maintaining standards

and procedures to be followed in the software development process.
 Reviews and Audits: Conducting formal technical reviews and audits
of software engineering activities to ensure compliance with
established standards.
 Testing: Performing various levels of testing (unit, integration, system,
acceptance) to identify and fix defects.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 43

Software Quality Assurance(SQA)

 Metrics and Measurement: Defining and collecting software metrics

to understand and control the software development process and
product quality.
 Configuration Management: Managing changes to the software
configuration to ensure that the software system maintains its
integrity over time.
 Risk Management: Identifying, analyzing, and mitigating risks that
could impact the quality of the software.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 44

Software Quality Assurance(SQA) - Activities

 Requirement Analysis: Ensuring that requirements are clear, complete, and

testable.
 Design Verification: Reviewing design documents to ensure they meet the
requirements and standards.
 Code Reviews: Conducting peer reviews and inspections of the code to identify
defects early.
 Testing: Performing systematic testing at various levels to identify and fix defects.
 Process Monitoring: Continuously monitoring the software development process
to ensure adherence to standards and procedures.
 Defect Management: Tracking and managing defects to ensure they are resolved
in a timely manner.
 Documentation: Ensuring that all aspects of the software development process
are well-documented and accessible for future reference.
Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 45
Software Security Engineering

 Software Security Engineering is a discipline that integrates security

practices into the software development lifecycle to protect software
from threats and vulnerabilities.
 It involves a combination of methodologies, practices, and tools
designed to ensure that software is secure from the beginning and
remains secure throughout its lifecycle.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 46

Software Security Engineering – Main concepts

 Threat Modeling: Identifying and assessing potential threats to the

software. Creating models that describe possible attackers, their
goals, and the methods they might use.
 Secure Coding Practices: Adhering to coding standards that prevent
common vulnerabilities. Using languages and libraries that reduce the
risk of security flaws.
 Security Requirements: Defining security-specific requirements
during the requirements gathering phase. Ensuring that these
requirements address confidentiality, integrity, availability, and non-
repudiation.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 47

Software Security Engineering – Main concepts

 Security Design Principles: Incorporating principles such as least

privilege, defense in depth, and fail-safe defaults into the software
design. Designing software architecture to minimize attack surfaces
and isolate critical components.
 Static and Dynamic Analysis: Using static analysis tools to detect
security vulnerabilities in source code without executing it. Employing
dynamic analysis to identify security issues by executing the software
and monitoring its behavior.
 Penetration Testing: Conducting simulated attacks on the software to
find security weaknesses. Using the results to fix vulnerabilities and
improve security defenses.

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 48

Software Security Engineering – Main concepts

 Security Reviews and Audits: Performing regular security reviews and

audits of the software and development processes. Ensuring
compliance with security policies and standards.
 Incident Response and Recovery: Preparing for potential security
incidents with an incident response plan. Ensuring that the software
can recover quickly and maintain operations after an attack

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 49

 THANK YOU
?
"Testing leads to failure, and failure
leads to understanding."
- Burt Rutan

Compiled by : Biniam Behailu Introduction to Software Engineering 50

Compiled by : Biniam Behailu & Yimer Amedie Introduction to Software Engineering 51