ISTQB - Chapter 3 Flashcards
What is the difference between dynamic and static testing in terms of the types of work products they can be applied to?
Dynamic test execution can only be applied to software code, whereas static test execution can be applied to any human-readable software work product
What is the difference between static analysis and reviews?
Static analysis typically uses tools to evaluate code against various criteria as well as to evaluate spelling and grammar correctness and reading difficulty. Reviews examine the work product manually, relying on the reviewers’ expertise while reading the work product to identify defects.
The following items are examples of what?
- Dead code
- Variables whose value is used before they have been identified
- Broken web page links
- Spelling and grammar errors in requirements documents (identified using natural language tools)
Defects that can be identified by static analysis
List 5 work products that can be examined by static testing
- Specifications (business, functional, security)
- User stories, epics, acceptance criteria
- Code
- Testware
- User guides
- Web pages
- Contracts, project plans, schedules, budgets
- Models
What are the 2 main benefits of static testing?
- Early feedback on quality issues
- Detecting defects at an early stage, which saves time and money
Are the following defects easier to detect during dynamic or static testing?
- Requirements defects
- Design defects (e.g. inefficient algorithms or database structures)
- Coding defects (e.g. issues with variables, unreachable code, duplicate code)
- Deviations from standards (e.g. coding standards)
- Incorrect interface specifications (e.g. mismatch in units of measurement)
- Security vulnerabilities
- Traceability problems (e.g. missing tests for an acceptance criterion)
- Maintainability defects (e.g. poor reusability, code that is difficult to analyze and modify)
Static testing
Do static and dynamic testing have the same objectives? Do they find the same types of defects?
They can have the same objectives (e.g. assessing quality, identifying defects), but they find different types of defects
Does static testing identify defects or failures?
Static testing finds defects themselves, rather than failures resulting from defects
What is the point of having a different person review a work product?
Having a different person look at a work product is a way to overcome cognitive bias, the tendency to see what we intended rather than what we actually wrote.
List the 5 stages to a review process
- Planning
- Initiate review
- Individual review
- Issue communication and analysis
- Fixing and reporting
Which stage of the review process includes the following activities?
- Defining the scope of the review
- Estimating effort and timeframe
- Identifying review characteristics e.g. roles, activities, checklists
- Selecting participants and allocating roles
- Defining the entry and exit criteria
- Checking that entry criteria are met before the review starts
Planning stage
Which stage of the review process includes the following activities?
- Distributing the work products and any other relevant material
- Explaining the scope, objectives, process, roles, and work products to the participants
- Answering any questions from participants
Initiate review stage
Which stage of the review process includes the following activities?
- Reviewing all or part of the work document(s)
- Noting potential defects, recommendations, and questions
Individual review stage
Which stage of the review process includes the following activities?
- Communicating identified potential defects
- Analyzing potential defects, assigning ownership and status
- Evaluating and documenting quality characteristics
- Evaluating the review findings against the exit criteria
Issue communication and analysis stage
Which stage of the review process includes the following activities?
- Creating defect reports
- Communicating defects to the appropriate person or team
- Fixing defects
- Recording updated status of defects
- Gathering metrics
- Checking that exit criteria are met
- Accepting the work product when the exit criteria are reached
Fixing and reporting stage
List the 6 potential roles involved in a review process
- Author
- Management
- Facilitator (or moderator)
- Review leader
- Reviewers
- Scribe
Which role in a review process is responsible for the following tasks?
- Is responsible for review planning
- Decides on the execution of reviews
- Assigns staff, budget, and time
- Monitors ongoing cost effectiveness
- Executes control decisions in the event of inadequate outcomes
Management
What is the difference between a facilitator and a review leader?
Facilitator (or moderator):
- Ensures the effective running of review meetings
- Mediates between various points of view
- Is the person upon whom the success of the review often depends
Review leader (sometimes done by facilitator or management):
- Takes overall responsibility for the review
- Decides who will be involved
Which role in a review process is responsible for the following tasks?
- Creates the work product under review
- Fixes defects in the work product under review (if necessary)
Author
Which role in a review process is responsible for the following tasks?
- May be subject matter experts, persons working on the project, stakeholders with an interest in the work product, and/or individuals with specific technical or business backgrounds
- Identifying potential defects in the work product under review
- May represent different perspectives (e.g., tester, developer, user, operator, business analyst, usability expert, etc.)
Reviewers
Which role in a review process is responsible for the following tasks?
- Collates potential defects found during the individual review activity
- Records new potential defects, open points, and decisions from the review meeting
Scribe
What are the 4 main types of review?
- Informal review
- Walkthrough
- Technical review
- Inspection
Which type of review has the following characteristics?
- Main purpose: detecting potential defects
- Possible additional purposes: generating new ideas or solutions, quickly solving minor problems
- Not based on a formal (documented) process
- May not involve a review meeting
- May be performed by a colleague of the author (buddy check) or by more people
- Results may be documented
- Varies in usefulness depending on the reviewers
- Use of checklists is optional
- Very commonly used in Agile development
Informal review
Which type of review has the following characteristics?
- Main purposes: find defects, improve the software product, consider alternative implementations, evaluate conformance to standards and specifications
- Possible additional purposes: exchanging ideas about techniques or style variations, training of participants, achieving consensus
- Individual preparation before the review meeting is optional
- Review meeting is typically led by the author of the work product
- Scribe is mandatory
- Use of checklists is optional
- May take the form of scenarios, dry runs, or simulations
- Potential defect logs and review reports are produced
- May vary in practice from quite informal to very formal
Walkthrough
Which type of review has the following characteristics?
- Main purposes: gaining consensus, detecting potential defects
- Possible further purposes: evaluating quality and building confidence in the work product, generating new ideas, motivating and enabling authors to improve future work products, considering alternative implementations
- Reviewers should be technical peers of the author, and technical experts in the same or other disciplines
- Individual preparation before the review meeting is required
- Review meeting is optional, ideally led by a trained facilitator (typically not the author)
- Scribe is mandatory, ideally not the author
- Use of checklists is optional
- Potential defect logs and review reports are produced
Technical review
Which type of review has the following characteristics?
- Main purposes: detecting potential defects, evaluating quality and building confidence in the work product, preventing future similar defects through author learning and root cause analysis
- Additional purposes: motivating and enabling authors to improve future work products and the software development process, achieving consensus
- Follows a defined process with formal documented outputs, based on rules and checklists
- Uses clearly defined roles, which are mandatory, and may include a dedicated reader
- Individual preparation before the review meeting is required
- Reviewers are either peers of the author or experts in other disciplines that are relevant to the work product
- Specified entry and exit criteria are used
- Scribe is mandatory
- Review meeting is led by a trained facilitator (not the author)
- Author cannot act as the review leader, reader, or scribe
- Potential defect logs and review report are produced
- Metrics are collected and used to improve the entire software development process, including the inspection process
Inspection
List the 5 main review techniques
- Ad-hoc reviewing
- Checklist-based reviewing
- Scenario-based reviewing
- Role-based reviewing
- Perspective-based reviewing
What review technique does this describe?
Reviewers often read the work product sequentially, identifying and documenting issues as they encounter them, with little or no guidance.
Ad-hoc reviewing
What review technique does this describe?
A systematic technique whereby the reviewers detect issues by following a set of questions based on potential defects, which is distributed at review initiation (e.g., by the facilitator).
Checklist-based reviewing
What review technique does this describe?
Reviewers are provided with structured guidelines on how to read through the work product, based on expected usage of the work product.
Scenario-based reviewing
What review technique does this describe?
Reviewers use checklists take on different stakeholder viewpoints in individual reviewing and attempt to use the work product under review to generate the product they would derive from it
Perspective-based reviewing
What is the difference between role-based and perspective-based reviewing?
Role-based is more specific, whereas perspective-based is more high level, e.g. a role would be a specific type of end-user such as an inexperienced gamer who is left-handed, whereas a perspective is that of a generic end-user, or tester, or designer
The following is a list of what type of success factor?
- Each review has clear objectives, defined during review planning, and used as measurable exit criteria
- Review types are applied which are suitable to achieve the objectives and are appropriate to the type and level of software work products and participants
- Any review techniques used, such as checklist-based or role-based reviewing, are suitable for effective defect identification in the work product to be reviewed
- Any checklists used address the main risks and are up to date
- Large documents are written and reviewed in small chunks
- Participants have adequate time to prepare
- Reviews are scheduled with adequate notice
- Management supports the review process
- Reviews are integrated in the company’s quality and/or test policies
Organizational success factors
The following is a list of what type of success factor?
- The right people are involved to meet the review objectives
- Testers are seen as valued reviewers who contribute to the review and learn about the work product
- Participants dedicate adequate time and attention to detail
- Reviews are conducted in small chunks, so that reviewers do not lose concentration
- Defects found are acknowledged, appreciated, and handled objectively
- The meeting is well-managed, so that participants consider it a valuable use of their time
- The review is conducted in an atmosphere of trust; the outcome will not be used for the evaluation of the participants
- Participants avoid body language and behaviors that might indicate boredom, exasperation, or hostility to other participants
- Adequate training is provided
- A culture of learning and process improvement is promoted
People-related success factors
