Testing Techniques Used for Web Application and OOSD

Rizwan Haider [060451] Rizwan Ali [060452] Bachelor Software Engineering Air University Islamabad, Pakistan metla12@gmail.com rizwanali89@gmail.com Abstract
Today amount of web application traffic on internet is increasing day by day; the quality of web application becomes serious. The purpose of this document is to discuss testing techniques of web application system and OOAD system. In this we go through the different process area used for testing for both systems, to increase the efficiency, flexibility of development and quality. testing of web application through object oriented approach.

1.3 Difference between OO application and web Application

In desktop interactive applications, the application is running during the whole relations, and the application state is held in memory as the application waits for user input. In difference, web application page sent a request to web servers. Web server process it, send a response, according to the request send by the client and stored in database if need. On the client end all this information is stored in session data in browser cookies. This creates new challenges for testing. Both applications are object oriented or not.

1. Introduction
1.1 Why Testing Important for Web Application and Object Orient?
Today web applications have become the part of our daily lives. We are done online as more and more very important and critical services as bank transaction and tax declaration using web services. So the quality, reliability and dependability are important factors because software bugs and error could block entire businesses and cause major shame for web services providers. Web applications are complex and mixed software, based on several components. Its often written in many different languages and distributed over the Web placed on different locations. Thus, testing of Web applications become a complex task for tester. Software has become a very important and performs complex task today, but often invisible part of our lives. Computers and the internet and telecommunication world have considerably changed our lives. For the near future, we will not have a single notation or process that can cover the mixture of todays development projects. Projects are too different in their application domain, size, need for reliability, time-to-market pressure, and the skills and demands of the project participants.

MAIN THRUST
First we discuss the testing techniques of web application systems and then Object Orient System.

2. Testing of Functional Requirements in Web Application

The functional requirements follows well-established methods for testing, we will give flavor almost all the methods in this report. Traditional testing methods are used to test functional requirements, such as unit testing because web application used Model-View-Controller for data storage. When testing equivalent to menu paths or dialog box sequences they can be represented using a Markov model.

2.1 White Box

White-box methods do testing based on the bases of code. Generate different models on the code in order to create test cases that cover all possible paths through the application. Liu et al. [1] identified some of the following flow graph which helps us to understand the interactions between complex pages that cause bugs.

1.2 Main Focus

So the testing of both web based system and OOSD system are very important. Here we discuss the testing techniques for functional and non-functional requirements for both systems. We also answer the important question

Types of Graphs are defines as: Control Flow Graphs (CFG) are created to show the statements, branches and conditions which together define the flow of control through the code for a distinct function. Inter-procedural Control Flow Graphs (ICFG) represent the control flow through a number of related functions as they call and pass information with each other. Object Flow Graphs (OFG) collect the control flow graphs (ICFG) for all the function calls on an object caused by a user action. Composite Control Flow Graphs (CCFG) are created from the OFG for the code involved in the interaction between two pages, containing all the user input, user commands and state information that is passed between them. From these CFGs, we can get the data flow in form of def-use tables which defines variables and their use.

- Expected state after test which may have changed in accordance to the action requested.

2.3 Grey Box

Grey-box techniques combine flavor of white-box and black-box testing methods, grey box testing an application according to its specification, design, condition and requirement, but by relying on information internal to the application. [3] One popular method is creating test cases by recording user session actions and data from real sessions to create logs. Analyzing the logs will also reveal the most trafficked areas and hence what areas need the most testing. This method relies on the size and quality of the collected session data - too small a sample means that many parts of the application may be poorly tested. This method may not be the most efficient in all cases, for instance in lowtraffic or unemployed applications the time required to collect test data may be too long.

2.2 Black Box

Black-box techniques take an outside, users-point-of view approach and use no internal knowledge of the code. Test cases are created using traditional methods, such as Equivalence Partitioning, where we divide the input ranges into partitions, and create test cases within each partition. Using Boundary Value Analysis we write tests to test the borders between partitions. State transition testing describes relationships where the state of application changes. Error guessing, where the tester uses his experience to test for common errors. Di Lucca, et al. [2] explore the representation of test cases in the form of a Decision Table, containing - Input variables consisting of user-entered data in web forms. -Input actions consisting of the URL and actions specified in a GET variables. - State before test consisting of page attributes, cookies, database contents, etc. - Expected results containing the correct output.

3.0 Testing of Non-Functional Requirements in Web Application

Some techniques are specific to test the non-functional requirements of the web based system. The main non-functional requirements to test are the four problem areas compatibility, performance, security and usability.

3.1 Compatibility
This test checks the compatibility of the browser. Mostly developers are choice most popular browsers to perform this test. The first step ensures the valid use of standards such as HTML and CSS using markup validation tools. This is easily automated, and must be applied to the final page output. The second is to test on actual web browsers. This testing must be done manually, as the only possible automation would be to make screenshot comparisons, and these would be very prone to error, and have to be updated manually any time a change is made to the code. The test cases for covering compatibility must include -Each individual page -Each possible style sheet

-Expected output actions that have been run as a consequence of the request.

-Execution of all client-side scripting code (such as JavaScript)

- Any embedded plug-ins (such as Java, Flash) The test cases are compiled in to a checklist which is then run through manually by a tester, at the very least before each release.

A good test platform based on the common hardware owned by the target group should be used to test client side performance. This test is depending on the client side processing. Web applications should be tested for high user loads. Performance while under load from a large amount of users is easily tested by generating a large amount of page requests, and measuring the time required to receive a response. To create reasonable request models, statistics can be pulled from real access logs in order to focus traffic on the most popular pages.

3.2 Performance
Performance depends on these factors:

Request Sent from Client to Server or Client to Server

This delay is principally defined by the physical distance to the server from Clint. The signal propagation delay is called the round-trip time, or ping time, and can be tested using command-line tools such as ping. It can depend on many factors, mainly physical distance, but also connection diffusion and how many hops there are between the nodes.

3.3 Security
Security of web application is done by attempting attacks by malicious users. The most common attacks are easy to generate automatically are: Cross-site scripting SQL injection and Buffer overflows This can be done by an automatic spider program which visits all the pages on the site and attempts to develop them.

Server Waits for Resources to be Free

If there are too many requests in a queue, the server must wait resources. If you suspect this may be a bottleneck in your application. Testing can be done using kernel statistics in your operating system, such as thewaiting statistic in Linux.

3.4 Usability
Usability of a site is totally-dependant on your target addressees. Beginners will need time to navigate complex structures than advanced users. Client target specifications are like Graphical and HTML Optimizations for Performance, Target Display Resolution and Target Color Depth. Ex: Simple Look and Feel (Google.com)

Server Page Generation

Page generation speed depends on the: Server Processor Code Complexity Efficiency To perform this test local test platform can be used, which avoids the delays involved in networking. To cut disk speeds out of the equation, a RAM disk can be in use during testing.

3.0 Testing of Object Orient System

In OO programs that include inheritance, aggregation, association, template class instantiation, class nesting, dynamic object creation, polymorphism and dynamic binding relationships complexity is readily found. So the complexity of the testing will increase if the class is depending on to many other classes. In this section we will discuss different testing techniques for testing the OO system. There are generally 4 levels of testing for object orientated systems depending on approach, consisting of: 1. Method Testing (Unit Testing) 2. Class Testing (Unit Testing/Interclass Testing) 3. Interclass Testing (Integration Testing) 4. System Testing 5. State Base Testing

Database Disk Reads/Writes

Reads and writes are delayed by the disks rotational speed. The read heads access speed, and the caching efficiency of the operating system. A web application can also have more or less disk usage, and more or less intelligent disk usage.

The client browser processing and display speed

Complex HTML, JavaScript scripting code and plug-ins can require real time client-side processing time before the user actually sees the site on their screen.

4.0 Testing of Web Application through OO Approach

Here we discuss the OTMW (OO Testing Model for Web Applications Analysis and Design). OTMW tests Web software using three different layers of test: Unit Testing Integration Testing System Testing The testing performed by using OTMW model is inspired by the category partition method which is a specific subtype of the functional testing method known as equivalence classes (EC) based testing. The EC method, for every testing layer (unit, integration, system) defines subdivisions of the application input domain in equivalence classes which are used to derive test cases. OTMW model is used to test an application through a gray box approach. There are six main steps to perform unit, integration and system testing to consider structural information using this Model. These steps are the following: 1. We need to build the OO model for the existing application under testing. 2. When the application under test is described through UML class, sequence and state diagrams class diagram identifies software unit to test. 3. Then perform the unit testing for this testing we use its state diagram to build its eFCG (graph of function calls and actions). eFCG use to define the test cases through the expected unit behavior shown in this eFCG. Then, we build the stages to defined set of functional test cases. 4. Then identify the integration order of system units needed to test the software components interactions. In this phase, we use the wTDG graph, built from UML class diagram. These graphs are used to extract information about the components dependencies and use a geneticbased algorithm that analyzes some coupling measurements among components in order to devise the best set of sequences usable to test the components integration.

5.

6.

Then test every cluster identified in the previous step (a cluster is a group of software units collaborating among them). In this case cluster is treating as a big-unit. Then merge eFCGs the same cluster to define the functional test cases and then to write scripting code using the XUnit tools. Then we test the whole integrated cluster. In the last step of OTMW performs whole system testing. Using the UML we build a graphs which contains only high level information to describes the application as a graph. This graph composed of nodes and edges. Nodes representing pages and edges representing links existing on pages. Using this graph, we perform some random walks paths to pass through the graph and to simulate user navigations using a set of sequences of URLs randomly generated based on the graph coverage.

5.0. Conclusion
This paper is presents the test techniques of Web Application. And which techniques make the web testing form the OO testing. Today web application and web services over the internet become the heart of internet. So the testing of web application is very important.

6.0. References
[1] Chien-Hung Liu David C. Kung Pei Hsia: ObjectBased Data Flow Testing of Web Applications, IEEE, 2000 [2] Giuseppe A. Di Lucca, Anna Rita Fasolino, Francesco Faralli, Ugo De Carlini: Testing Web Applications, IEEE, 2002 [3] Christian, Baron Testing web applications [4] Marchetto, Trentini "A framework for Web Applications Testing through Object Oriented approach and XUnit tools"