Black Box or White Box Testing? (How many boxes do you need ?)

Always Start with the WHY?

Why do we need to have Black Box, Grey Box, and White Box testing, respectively?

It all depends on several factors, such as type of component or system, component/system complexity, regulatory standards, customer or contractual requirements, risk types or levels, test objectives, documentation and tools availability, and the tester’s knowledge and skills.

We will have different testing techniques to cater to each combination of factors mentioned above.

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — -

1. Black Box test technique

Black box testing is a behavior-based technique that is based on analysis of the appropriate test basis.

It is a testing technique where the tester will only pay attention to the inputs and outputs without referencing the internal structure of the test object.

The tester will only pay attention to the inputs and outputs without referencing the test object's internal structure.

1(a) How to do black box testing?

Since we don't know the internal structure or design, how are we ensuring that our test cases can provide excellent coverage and still find defects?

• ✅ Understanding the requirement / Acceptance Criteria: The tester can run the software thoroughly to understand the system. The system/component requirements/acceptance criteria will act as a source of truth to create high-coverage test cases in most cases. Tester may need to close the understanding gap with Product Owners to ensure the specifications are sufficient to write black-box test cases.
• ✅ Test Case Creation: Here is the challenging part, as we do not know the internal structure of the system. However, there are a few paths that we can have a guide on ( Happy Paths, Alternate Paths, and Negative Paths).

Happy Path: Usually focus on the critical business requirement where we give positive inputs. It involved the most commonly used steps.

Alternate Path: Usually focus on the critical business requirement where we give positive inputs as the happy path does. However, it usually involved not commonly used steps.

Negative Path: Focus on the business scenarios where we give negative inputs, and we expect the system to return the error as requirement expected.

• ✅ Execution: We compare the actual results to the expected results after test executions.
• ✅ Defect Logging and Closure: This is to log the defects and retest them once it is fixed by the dev. We can also test the scenarios that are around the fix and sometimes leads to another defect.

🚀 Now, what are the types of black-box testing techniques? (Total 5)

1. 🔥 Equivalence Partitioning(Valid and Invalid). We can apply this technique, especially when we have an input range to enter. EG: Length of mobile number.

Let’s say the mobile number is usually 9 figure length. Hence,

• > 9 digits (Invalid Partition)
• = 9 digits (Valid Partition)
• < 9 digits (Invalid Partition)

2. 🔥 Boundary Value Analysis. We have already reduced the test conditions using equivalence partitioning, but that’s not always enough because defects usually happen in the boundary/borders of the equivalence classes.

• 8 digits mobile number
• 9 digits mobile number
• 10 digits mobile number

Do note that including 100 digits mobile number in this test condition will have a low ROI, and it may cause exhaustive testing where time is consumed.

3. 🔥 Decision Table Testing: This usually design to execute tests on complex business logic, Eg: (Correct Email, Correct Password, Correct account number), (Incorrect Email, Correct Password, Correct account number).

4. 🔥 State Transition Testing: This type mainly focuses on the system's output. Eg: ( Alan withdraws $100 from the ATM, and the cash comes out. Then, Alan withdraws $100 again from the ATM later, but he refuses the money this time). Both are the same input, $100, but the state has changed.

5. 🔥Use Case Testing: Use cases will define the system behavior using an actor (User). A use case defines the process flow from the actor, and the use case produces test cases.

• Customer who orders a pizza
• Admin who can provide support for any issues
• The delivery guy checks the address of the customer in the system to deliver the pizza.

All these above-mentioned black box techniques are more likely to achieve higher test coverage and catch defects.

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

2. White Box Testing Technique

White-box test techniques concentrate on the structure and processing within the test object.

White box testing is a structure-based technique based on an analysis of the architecture, detailed design, internal structure, or code of the test object. Unlike black box testing, it concentrates on the structure and processing within the test objects.

WHY?

💡 The purpose of having white box testing is to

• Improve Security
• Improve performance and efficiency
• Test the flow of inputs and outputs
• Improve design and ease of use

Example:

When we want to buy things online using a payment gateway that brings us to our selected bank web application.

The bank web application will have return login codes from different authentication or validation services, then the bank web application will contact the payment gateway.

The payment gateways will talk to the bank application using messages/response codes.

All these messages or codes are not directly visible to the end user but are part of the bank web application’s internal communication.

🚨Hence, the tester may need to write tests to verify whether the correct response status codes/messages are sent to the payment gateway.

🚨 Not only that, the tester may need to verify that the bank web application is responding as expected when received, corresponding to the status code returned from the payment gateway.

🚀 White box testing involves checking the internal structure, flow, and source code of the application.

🚀 Types of White Box Testing Techniques

The major techniques that help you run the white box tests successfully are:

• ✅ Statement testing and coverage: This technique makes sure that each line of code is tested. Coverage is measured as the number of statements executed by the tests divided by the total number of executable statements in the test object, normally expressed as a percentage.
• ✅ Branch and Path coverage: This technique ensures that all branches/paths (for example, true or false) are tested.
• ✅ Decision Testing and coverage: This exercises the decisions in the code and tests the code that is executed based on the decision outcomes. To do this, the test cases follow the control flows that occur from a decision point (e.g., for an IF statement, one for the true outcome and one for the false outcome; for a CASE statement, test cases would be required for all the possible outcomes, including the default outcome).

Let’s Recap :

1. Black box testing focuses on evaluating the functionality of a software application without any knowledge of its internal workings. Testers approach the software as external users, using inputs and outputs to verify whether the system performs as expected.
2. White box testing involves analyzing the internal structure and logic of a software application. Testers have knowledge of the code and can evaluate individual components or the system as a whole.

✅ Related Articles:

1. Cloud Computing, let’s talk about it [Part 2]
2. AWS ! the terms you must know 🤫
3. ISTQB 🧙🏻‍♀️The software testing Myth, do you need that?
4. Why is software testing needed in the first place?
5. What is Agile Methodology?
6. Java 101 for software testing (Using fruits and Vehicle as examples)
7. What do you need to know to test using Selenium in Java? (that I wished somebody had told me)
8. “Understand what Docker is in 5 minutes: Challenged Accepted”

✅

Or connect with me on LinkedIn to discuss more!

#Softwaretesting #softwaretestere #SDLC #STLC #ISTQB #Java101 #SeleniumJava #blackboxtesting #whiteboxtesting