Comprehensive Testing Strategy for BSc Computing Science Dissertation Project

Categories: Engineering Science

Dissertation, Pages 12 (2969 words)

Views

Introduction

Testing strategy plan and test cases are applied to BSc Computing Science dissertation project of DimitarStoynev. The project is a web application that allows the lecturers to create exams in different schools and different modules, topics and types of questions – multiple choice, fill the gaps and open answer questions – accompanied with a good description, points and pictures as required. All generated exams and questions are saved in a database and can be accessed at any time from the authorized users.

Don't use plagiarized sources. Get your custom paper on

“ Comprehensive Testing Strategy for BSc Computing Science Dissertation Project ”

Get high-quality paper

NEW! smart matching with writer

Laravel is used for the dissertation project because it is a free open - source PHP web framework designed to develop web applications based on the architectural model-view-controller (MVC). The test strategies are applied to functions of the application: createQuestion and deleteQuestion.

How MVC helps BDD testing

MVC separates the application into three main components: model, view, and controller. The model manages fundamental behaviors and information of the application. It will respond to requests for data, reply to instructions to alter the state of its data.

Sweet V

Verified writer

Proficient in: Engineering

4.9 (984)

“ Ok, let me say I’m extremely satisfy with the result while it was a last minute thing. I really enjoy the effort put in. ”

+84 relevant experts are online

Hire writer

The view effectively provides the user interface component of the application. It’ll render information from the model into a form that is appropriate for the user interface. The controller receives user input and makes calls to model objects and the view to perform appropriate actions. The MVC software architecture, facilitates the testing processes and behavior driven development (BDD), as this clear distinction between components allows us to perform independent component tests to every part of the system. It allows us to go even further and apply unit testing to every class or even methods.

BDD Testing

The main goal of this web application is to allow lecturers create exam papers.

Get to Know The Price Estimate For Your Paper

Topic

Deadline: 10 days left

Number of pages

Email Invalid email

By clicking “Check Writers’ Offers”, you agree to our terms of service and privacy policy. We’ll occasionally send you promo and account related email

"You must agree to out terms of services and privacy policy"

Write my paper

You won’t be charged yet!

Module questions are a fundamental part of the examination, without them exams would not exist. The first step is to select the module to which the question should be added – modules that are only taught by the authenticated lecturer are available. Questions may be from any of the three type: Multiple choice, Open answer and Fill the gaps. They all have two common fields– text and image, but the image is an optional one.

Multiple choice questions require from the user to define a set of answers as more than one can be correct. The answers are sent to the database as an array, which contains the value of the answer and a ‘correct’ value (true or false). Open answer questions do not have answer field – an empty array is posted. Fill the gaps questions are similar to Open answer, but they allow the lecturer to import special symbols into the questions text to specify where the gaps are.

For the purpose of this report Behat is applied as a BDD testing tool. Behat is a tool to test the behavior of the application, described in special language called Gherkin. Gherkin is a Business Readable language created especially for behavior descriptions. It gives you the ability to remove logic details from behavior tests. The parser divides the input into features, scenarios and steps. This tool gives the opportunity to follow the business logic of the software and to make sure the sequence of actions made is correct and that the system responds in the right way.

Appendix 9.1. Bеhat Pseudo Code Testing is a Behat Feature test for the ability of the lecturer to generate a new module question. This test allowed to check if the system is following the required business logic, if some preconditions are met (for example whether the lecturer is logged in) and if the right information is posted to the database.

Black box & White box Testing

Black Box Testing is a software testing technique within which the internal structure of the item being tested is not known to the tester. This testing method helps in exposing discrepancies in the specifications, as the tests are performed from the user’s point of view. Furthermore, the tester does not need any knowledge of specific programming language to test the reliability and functionality of an application and the tests can be developed as soon as the specifications are completed (Rongala, 2015.)

For this task the createQuestion() feature is used. The purpose of the function is to allow lecturers add a new module question from any of the three types: Multiple Choice, Open Answer and Fill the Gaps.

Decision Table
Precise and yet compact way of modelling logic.
Allow association between independent conditions and actions.
Conditions: Simple condition that evaluates to true or false (No and / or combinations).
Action: Something that the program does as a result of a condition or combination of conditions being valid (a single action).

Actions Based on Conditions Table
Contains Defined Answers	Contains Gaps In the Question Text
True	False
False	True
False	False
Actions
Create Multiple Choice Question	X
Create Fill the Gaps Question	X
Create Open answer Question	X

Table 1. Black Box Decision Table

On the other hand, White Box Testing is a software testing technique in which the structure of the item being tested is known to the tester. This testing method is very efficient, because the tester has internal knowledge of the software and maximum coverage is obtained and in this way a lot of hidden errors and problems are found and the code is further optimized (Jorgensen, 2008).

For this task the Delete a Question feature of the Exam Generating web application is used. Appendix 9.2 shows the implementation of deleteQuestion() function from the Lecturer’s Action Controller. This method is responsible for removing a question selected from the lecturer. In the code shows that before the action is executed, the data is passed from the view to the controller undergoes three validations: LaravelValidator, check if the module in which the question to be removed is valid and check if the actual question exists.

Branch Coverage
Aim is to identify a set of test cases to exercise each branch at least once.
Goal is to achieve 100% branch coverage.

Chart 1. White Box Testing Flowchart for deleteQuestion function.

White Box Testing Branch Coverage Table
Test Case	Validator	Model	Question	Output
1	Fail	Pass	Pass	Custom Error Message
2	Pass	Fail	Pass	Custom Error Message
3	Pass	Pass	Fail	Custom Error Message
4	Pass	Pass	Pass	Question Successfully Deleted

Chart 1 and table 2 above represent information for four possible outcomes of the deleteQuestion() function. It can be seen that in order for the method to successfully delete a question all three conditions need to be satisfied.

Three of the four test cases contain two Pass conditions and one Fail.
The first achieves 25% coverage.
The second 50%.
The third contains two consequent Pass conditions – 75%, because it goes to the last IF statement, but the condition is not passed and the action is not performed.
In the fourth test case all conditions are satisfied and the action is performed. This test case achieves 100% coverage.

Quadrant 3 Testing

Scenario testing is a software testing activity that uses scenarios, similar to the scenarios created by Behat. Theoretic stories are used to assist the tester run through a complex problem or test system. The best scenario check is a credible story the end result of which is straightforward to evaluate (Jorgensen, 2008).

Based on a story about how the program is used.

A stakeholder with influence would push to fix a program that failed this test.

It not only could happen in the real world; stakeholders would believe that something like it probably will happen.

Involves a complex use of the program or a complex environment or a complex set of data.

The results are easy to evaluate:

Scenario: The server is crashes and all exams are deleted.

A lecturer is looking at an examination paper the night before the exam day.

He wants to update the paper.

He adds and removes questions.

The lecturer prints out the exam to be sure it is formatted correctly.

He applies the update to the exam.

The exam paper is ready.

On the next day, when the exam needs to be held, the server which holds the system crashes and all exams are deleted.

Exam papers are not accessible.

Is the exam still held?

On the other hand, exploratory testing is about investigation and learning. It emphasizes personal freedom and responsibility of the individual tester. It takes a closer look at cases that do not seem to be created beforehand (Jorgensen, (2008).

The web application is based on the Iterative model. Each build consisted of developing a new feature as functionality and design, as well as testing it.

Exploratory testing was applied in all builds, but it helped me find a hidden error when the endpoint for a specific module was added to the Lecturers user interface. Using this testing technique it was noticed that changing the module ID in the endpoint redirects the lecturer to a different module, even to a one that is not taught by him. This major flaw in the system was fixed by adding a validation. The function now goes through a check, in which it is tested if the requested module is actually part of the authenticated lecturer profile.

Furthermore, another flaw in the system was noticed with exploratory testing. From the createQuestion() function, mentioned above, it can be seen that each question has an image as an optional field. In the first builds of the system, those images were saved in the database, which is usually a very bad practice, as it overloads the database and it may result in the server crashing or lagging. This problem was fixed by linking the images by the path to the folder where they are actually saved. Moreover, this now allows the user to upload more than one picture for a question.

Quadrant 4 Testing

Security testing is a kind of code testing that intends to uncover vulnerabilities of the system and verify that its information and resources are protected from potential intruders (Wysopal, 2007).

Network security: This involves looking for vulnerabilities in the network infrastructure.
System software security: This involves assessing weaknesses in the various software the application depends on.
Client-side application security: This deals with ensuring that the client cannot be manipulated.
Server-side application security: This involves making sure that the server code and its technologies are robust enough to fend off any intrusion.

This web application is based on the PHP framework Laravel, which protects the system from SQL injections when using Eloquent model. Laravel does this by creating prepared statements that escape any user input that come through forms in the frontend. If hackers add a replacement input to the form, they may attempt to insert their own custom SQL question to break or browse your application information. This does not work when using the Eloquent model, which will escape this SQL command and the invalid query will be saved as text into the information (Mansuri, 2018).

Laravel makes it simple to protect the system from cross-site request forgery (CSRF) attacks. Cross-site request forgeries are a sort of malicious exploit whereby unauthorized commands are performed on behalf of an authenticated user. Laravel automatically generates a CSRF 'token' for every active user session managed by the application. This token is used to verify that the authenticated user is the one actually creating the requests to the appliance (Mansuri, 2018).

Load testing determines the system's performance under real-life load conditions. This testing helps determine how the application behaves once multiple users access it at the same time. This type of testing is needed in order to check how the web application threats high traffic and if the database can manage high number of requests at the same time.

This testing usually identifies:

The maximum operating capacity of an application.
Determine whether the current infrastructure is sufficient to run the application.
Sustainability of application with respect to peak user load.
Number of concurrent users that an application can support, and scalability to allow more users to access it.

This system would be tested with the Webserver Stress Tool, which is a powerful HTTP-client/server check application designed to pinpoint vital performance issues in your web site or internet server which will prevent best experience for your site's visitors.

It simulates the HTTP requests generated by hundreds or even thousands of simultaneous users, you can test your web server performance under normal and excessive loads to ensure that critical information and services are available at speeds your end-users expect (Paessler AG, 2019).

Overall Testing Strategy Discussion

Overall, the testing strategy, applied to the Exam Generation web application, covered several types of tests: BDD, Black Box, White Box, Scenario, Exploratory, Security and Load testing. All this software testing techniques checked different aspects of the performance of either of the two features of the web application: deleteQuestion() and createQuestion().

First BDD testing was applied. This testing method allowed checking the business logic of the createQuestion() feature and if the sequence of taken actions is correct. Behaviour driven development is the most suitable software testing technique for mapping functional requirements to the actual implementation, as the user scenarios describe perfectly what is required.
Black Box testing was applied to the same feature as BDD. Its goal was to check if all statements are actually required. Decision tables allow us to look at the code from an abstract perspective. It gives a better view at the project and following it makes the code more consistent, precise and increases the overall performance of the system, by revealing redundant conditions.
White Box testing tested the code coverage of the deleteQuestion() function. Following the process of creating a decision table, the white box branch coverage table can be built easily. Its goal was to prove that the feature can achieve 100% code coverage.
Scenario testing represents a user perspective of the project with a credible user story. Following from the BDD Testing scenarios, the tester can define more complex and very likely to occur in day use of the system, user scenarios.
Exploratory testing pointed out some hidden errors, which could let to serious issue if the system was released. This software testing technique gives a user like perspective, so it allows to compare the produced functionality against the actual system requirements.
Security testing points out the security issues the system has. In this case the Laravel framework handles the most common attacks. Security testing is crucial for improving systems security, as an activity in which the systems are assessed and security faults are identified to be fixed (IEEE/ACS, 2018).
Load testing helps determine what would be the system performance in real time conditions, when the system is released and people are using it.

The testing strategy has a great outcome, because of all those different types of test techniques that were applied. Each testing method covered different aspect of the system ensuring that the same thing is not tested twice. Going over every possible issue that may occur, resulted in the system being more efficient and the code more precise and consistent.

Appendix

Bahat Pseudo Code Testing

Feature: Create new Open Answer module question

In order to create a new module question

As a lecturer

The lecturer needs to be able to add a new question

Scenario: Creating the question

Given The lecturer is logged in

And The lecturer is on New Question page

When The lecturer selects the Module he would like to create a question for

And The lecturer selects the type of the question

And The lecturer fills in the question text

And The lecturer presses the Create Question button

Then The lecturer has now added a new question and redirected to the Module’s question page

Feature: Create new Multiple Choice module question

In order to create a new module question

As a lecturer

The lecturer needs to be able to add a new question

Scenario: Creating the question

Given The lecturer is logged in

And The lecturer is on New Question page

When The lecturer selects the Module he would like to create a question for

And The lecturer selects the type of the question

And The lecturer fills in the question text

And The lecturer fills in the answer fields

And The lecturer presses the Create Question button

Then The lecturer has now added a new question and redirected to the Module’s question page

Delete a Question Action Controller View

public function deleteQuestion(Request $request) {

$validator = Validator::make($request->all(), [

'id' => 'bail|required|numeric',

'module_id' => 'bail|required|numeric'

]);

if($validator->fails()) {

return $this->returnCustomJsonValidatorError($validator);

}

$module = Auth::user()->modules()->where('id', $request->input('module_id'))->first();

if(is_null($module)) {

return response()->json(['success' => false, 'message' => 'Something went wrong. Please, try again later.']);

}

$question = $module->questions()->where('id', $request->input('id'))->first();

if(is_null($question)) {

return response()->json(['success' => false, 'message' => 'Something went wrong. Please, try again later.']);

}

Storage::delete('uploads/'.$question->imageServerName);

$question->delete();

return response()->json(['success' => true, 'message' => 'You have successfully deleted the specified question.']);

}

References

A Security Testing Process Supported by an Ontology Environment: A Conceptual Proposal. (2018). 2018 IEEE/ACS 15th International Conference on Computer Systems and Applications (AICCSA), Computer Systems and Applications (AICCSA), 2018 IEEE/ACS 15th International Conference On, 1. https://doi.org/10.1109/AICCSA.2018.8612820
Guru99 (2019). Load Testing Tutorial: What is? How to? (with examples). Retrieved: https://www.guru99.com/load-testing-tutorial.html Last accessed: 26th April 2019
Jorgensen, P. (2008). Software testing : a craftsman’s approach. BocaRaton : Auerbach Publications, 2008.
Ighodaro, N. (2018) How Laravel implements MVC and how to use it effectively. Retrieved: https://blog.pusher.com/laravel-mvc-use/ Last accessed: 26th April 2019
Mansuri, S. (2018). Why Laravel is the Recommended Framework for Secure, Mission- critical Applications. Retrieved: https://auth0.com/blog/why-laravel-is-the-recommended-framework-for-secure-mission-critical-applications/ Last accessed: 26th April 2019
Paessler AG (2019). Webserver Stress Tool. Retrieved: https://www.paessler.com/tools/webstress Last accessed: 26th April 2019. Available at Aston University Library.

Comprehensive Testing Strategy for BSc Computing Science Dissertation Project. (2024, Feb 19). Retrieved from https://studymoose.com/document/comprehensive-testing-strategy-for-bsc-computing-science-dissertation-project