Black-box Test on:
[Wikipedia]
[Google]
[Amazon]
Black-box testing, sometimes referred to as specification-based testing, is a method of
Specific knowledge of the application's code, internal structure and programming knowledge in general is not required. The tester is aware of ''what'' the software is supposed to do but is not aware of ''how'' it does it. For instance, the tester is aware that a particular input returns a certain, invariable output but is not aware of ''how'' the software produces the output in the first place.
''Standard for Software Component Testing''
Working Draft 3.4, 27. April 2001. {{DEFAULTSORT:Black-Box Testing Software testing Hardware testing
software testing
Software testing is the act of checking whether software satisfies expectations.
Software testing can provide objective, independent information about the Quality (business), quality of software and the risk of its failure to a User (computin ...
that examines the functionality of an application without peering into its internal structures or workings. This method of test can be applied virtually to every level of software testing: unit
Unit may refer to:
General measurement
* Unit of measurement, a definite magnitude of a physical quantity, defined and adopted by convention or by law
**International System of Units (SI), modern form of the metric system
**English units, histo ...
, integration
Integration may refer to:
Biology
*Multisensory integration
*Path integration
* Pre-integration complex, viral genetic material used to insert a viral genome into a host genome
*DNA integration, by means of site-specific recombinase technology, ...
, system
A system is a group of interacting or interrelated elements that act according to a set of rules to form a unified whole. A system, surrounded and influenced by its open system (systems theory), environment, is described by its boundaries, str ...
and acceptance
Acceptance in psychology is a person's recognition and assent to the finality of a situation without attempting to change or protest it. This plays out at both the individual and societal level as people experience change.
Types of acceptanc ...
. Black-box testing is also used as a method in penetration test
A penetration test, colloquially known as a pentest, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment. The test is perform ...
ing, where an ethical hacker simulates an external hacking or cyber warfare attack with no knowledge of the system being attacked.
Test procedures
Specification-based testing aims to test the functionality of software according to the applicable requirements. This level of testing usually requires thoroughtest cases
In software engineering, a test case is a specification of the inputs, execution conditions, testing procedure, and expected results that define a single test to be executed to achieve a particular software testing objective, such as to exercise ...
to be provided to the tester, who then can simply verify that for a given input, the output value (or behavior), either "is" or "is not" the same as the expected value specified in the test case.
Specific knowledge of the application's code, internal structure and programming knowledge in general is not required. The tester is aware of ''what'' the software is supposed to do but is not aware of ''how'' it does it. For instance, the tester is aware that a particular input returns a certain, invariable output but is not aware of ''how'' the software produces the output in the first place.
Test cases
Test cases
In software engineering, a test case is a specification of the inputs, execution conditions, testing procedure, and expected results that define a single test to be executed to achieve a particular software testing objective, such as to exercise ...
are built around specifications and requirements
In engineering, a requirement is a condition that must be satisfied for the output of a work effort to be acceptable. It is an explicit, objective, clear and often quantitative description of a condition to be satisfied by a material, design, pro ...
, i.e., what the application is supposed to do. Test cases are generally derived from external descriptions of the software, including specifications, requirements and design parameters. Although the tests used are primarily ''functional'' in nature, ''non-functional'' tests may also be used. The test designer selects both valid and invalid inputs and determines the correct output, often with the help of a test oracle
In software testing, a test oracle (or just oracle) is a provider of information that describes correct output based on the input of a test case. Testing with an oracle involves comparing actual results of the system under test (SUT) with the ex ...
or a previous result that is known to be good, without any knowledge of the test object's internal structure.
Test design techniques
Typical black-box test design techniques includedecision table
Decision tables are a concise visual representation for specifying which actions to perform depending on given conditions. Decision table is the term used for a Control table or State-transition table in the field of Business process modeling; ...
testing, all-pairs testing In computer science, all-pairs testing or pairwise testing is a combinatorial method of software testing that, for ''each pair'' of input parameters to a system (typically, a software algorithm), tests all possible discrete combinations of those par ...
, equivalence partitioning
Equivalence partitioning or equivalence class partitioning (ECP) is a software testing technique that divides the input data of a software unit into partitions of equivalent data from which test cases can be derived. In principle, test cases are ...
, boundary value analysis, cause–effect graph, error guessing
Introduction
Before a software is released or finalized, it will often undergo a testing process conducted by an analyst. During software testing, when a bug is found, there are multiple ways the analyst will dissect the type of error and wher ...
, state transition
In automata theory and sequential logic, a state-transition table is a table showing what state (or states in the case of a nondeterministic finite automaton) a finite-state machine will move to, based on the current state and other inputs. It i ...
testing, use case
In both software and systems engineering, a use case is a structured description of a system’s behavior as it responds to requests from external actors, aiming to achieve a specific goal. It is used to define and validate functional requireme ...
testing, user story
In software development and product management, a user story is an informal, natural language description of features of a software system. They are written from the perspective of an end user or user of a system, and may be recorded on index ...
testing, domain analysis In software engineering, domain analysis, or product line analysis, is the process of analyzing related software systems in a domain to find their common and variable parts. It is a model of wider business context for the system. The term was coine ...
, and syntax testing.
Test coverage
Test coverage refers to the percentage ofsoftware requirements
Software requirements for a system are the description of what the system should do, the service or services that it provides and the constraints on its operation. The IEEE Standard Glossary of Software Engineering Terminology defines a requiremen ...
that are tested by black-box testing for a system or application. This is in contrast with code coverage
In software engineering, code coverage, also called test coverage, is a percentage measure of the degree to which the source code of a program is executed when a particular test suite is run. A program with high code coverage has more of its ...
, which examines the inner workings of a program and measures the degree to which the source code
In computing, source code, or simply code or source, is a plain text computer program written in a programming language. A programmer writes the human readable source code to control the behavior of a computer.
Since a computer, at base, only ...
of a program
Program (American English; also Commonwealth English in terms of computer programming and related activities) or programme (Commonwealth English in all other meanings), programmer, or programming may refer to:
Business and management
* Program m ...
is executed when a test suite is run. Measuring test coverage makes it possible to quickly detect and eliminate defects, to create a more comprehensive test suite
In software development, a test suite, less commonly known as a validation suite, is a collection of test cases that are intended to be used to test a software program to show that it has some specified set of behaviors. A test suite often conta ...
. and to remove tests that are not relevant for the given requirements.
Effectiveness
Black-box testing may be necessary to assure correct functionality, but it is insufficient to guard against complex or high-risk situations. An advantage of the black box technique is that no programming knowledge is required. Whatever biases the programmers may have had, the tester likely has a different set and may emphasize different areas of functionality. On the other hand, black-box testing has been said to be "like a walk in a dark labyrinth without a flashlight." Because they do not examine the source code, there are situations when a tester writes many test cases to check something that could have been tested by only one test case or leaves some parts of the program untested.See also
*ABX test
An ABX test is a method of comparing two choices of sensory stimuli to identify detectable differences between them. A subject is presented with two known samples (sample , the first reference, and sample , the second reference) followed by one un ...
* Acceptance testing
In engineering and its various subdisciplines, acceptance testing is a test conducted to determine if the requirements of a specification or contract are met. It may involve chemical tests, physical tests, or performance tests.
In systems ...
* Blind experiment
In a blind or blinded experiment, information which may influence the participants of the experiment is withheld until after the experiment is complete. Good blinding can reduce or eliminate experimental biases that arise from a participants' expe ...
* Boundary testing
* Fuzz testing
In programming and software development, fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program. The program is then monitored for exceptio ...
* Gray box testing
* Metasploit Project
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company, Rapid7.
...
* Sanity testing
A sanity check or sanity test is a basic test to quickly evaluate whether a claim or the result of a calculation can possibly be true. It is a simple check to see if the produced material is rational (that the material's creator was thinking ration ...
* Smoke testing
* Software performance testing
In software quality assurance, performance testing is in general a testing practice performed to determine how a system performs in terms of responsiveness and stability under a particular workload. It can also serve to investigate, measure, val ...
* Software testing
Software testing is the act of checking whether software satisfies expectations.
Software testing can provide objective, independent information about the Quality (business), quality of software and the risk of its failure to a User (computin ...
* Stress testing
Stress testing is a form of deliberately intense or thorough testing, used to determine the stability of a given system, critical infrastructure or entity. It involves testing beyond normal operational capacity, often to a breaking point, in orde ...
* Test automation
In software testing, test automation is the use of software separate from the software being tested to control the execution of tests and the comparison of actual outcomes with predicted outcomes. Test automation can automate some repetitive bu ...
* Unit testing
Unit testing, component or module testing, is a form of software testing by which isolated source code is tested to validate expected behavior.
Unit testing describes tests that are run at the unit-level to contrast testing at the Integration ...
* Web application security scanner
Dynamic application security testing (DAST) represents a non-functional testing process to identify security weaknesses and vulnerabilities in an application. This testing process can be carried out either manually or by using automated tools. Manu ...
* White hat hacker
A white hat (or a white-hat hacker, a whitehat) is an ethical security hacker. Ethical hacking is a term meant to imply a broader category than just penetration testing. Under the owner's consent, white-hat hackers aim to identify any vulnerabilit ...
* White-box testing
White-box testing (also known as clear box testing, glass box testing, transparent box testing, and structural testing) is a method of software testing that tests internal structures or workings of an application, as opposed to its functionality ...
References
External links
*BCS SIGIST (British Computer Society Specialist Interest Group in Software Testing)''Standard for Software Component Testing''
Working Draft 3.4, 27. April 2001. {{DEFAULTSORT:Black-Box Testing Software testing Hardware testing