White Box Testing Loop Testing

Loop Testing Loop testing is the testing of resource(s) multiple times under program control. The most important aspect of this test is to ensure that the control loop is executed multiple times and exited when a particular condition is satisfied. # Typical bugs that arise are Variable not incremented, hence an infinite loop is established, Specifying the loop exit criteria incorrectly, hence the resultant output will be incorrect. # Typical examples are While not rs.EOF then statement 1 statement 2 rs.MoveNext Wend Will generate an infinite loop, due to non-availability of the next incrementing record. Important tip for Loop testing Note that unstructured loops are not to be tested. They need to be RE-DESIGNED for better performance. Summary Ensuring an effective White Box test for your code, will generate an efficient, and performance oriented code, will less memory leaks and unwanted memory usage. Needs to be done with a lot of concentration and dedication. Usage of data flow graph is an effective tool for reducing unwanted data declaration and usage. Other Techniques/ Tools # Profiling tool : Helps the tester to uncover bottlenecks as regards performance. Uncovers memory leaks and memory access errors. # Code Based Fault Injection. Changes program states by injecting software source code to force changes into the state of the program as it executes. this technique forces non-normative behavior of the software, and the resulting understanding can help determine whether a program has vulnerabilities that can lead to security violations. This technique can be used to force error conditions to exercise the error handling code, change execution paths, input unexpected (or abnormal) data, change return values, etc.

Abuse Cases Abuse cases help security testers view the software under test in the same light as attackers do . With access to the source code, a tester is in a better position to quickly see where the weak spots are compared to an outside attacker. The simplest, most practical method for creating abuse cases is usually through a process of informed brainstorming, involving security, reliability, and subject matter expertise. Error Handling techniques Testing Exceptions and error-handling should be verified thoroughly by simulating partial and complete fails. Proper error recovery, notification and logging should be checked. Transactions test This test is employed for Data test as regards database. Systems that employ transaction (either local or distributed) should be validated to ensure ACID (Atomicity, Consistency, Isolation, Durability). Thank you, Everybody You can use these techniques for those little programs you create, so that you are confident on creating efficient, performance oriented programs. Do get back for any clarification, whatsoever