Go to previous article – User Acceptance Testing

What is White-Box Testing?

White-box testing is known by many names: clear box, open box, glass box, transparent box.

This testing style tests the internal structures and code of a piece of software. The name “white-box” comes from the tester’s ability to see inside the software program at the very core of its code and design. This is different from its counterpart, black-box testing, which ignores the internal structures.

With white-box testing the tester uses programming skills and an internal perspective of the system to design the test cases.

Inputs are chosen to exercise the code and determine its expected outputs. Many levels of the software testing process can be tested this way– unit, system, and integration is three of the levels.

While the unit level has been tested this way frequently in the past, system and integration are tested this way more frequently today. White-box testing is highly efficient not flawless. Many errors can be discovered but there is also the potential to miss many other errors or skip over missing requirements.

What is the purpose of white-box?

This type of testing makes sure there are no functional issues, internal security flaws or broken paths in the code. It also tests to make sure specific inputs flow correctly through the code and give the expected output.

The basic goal is to make sure the application has a working flow of information. Predefined inputs are tested against expected inputs so if a particular input does not give what is expected then the tester will be able to tell if a bug is present.

There are two basic steps to performing a white-box test:

• The first and most important is understanding the source code. The tester must learn the source code of the application since white-box testing involves source code. This means the tester must also be knowledgeable in programming and the language the source code is written in. Understanding security is also an important step during this first part as the tester should be able to find security holes and prevent hackers from infecting the system.
• The next step is to create test cases and execute them. The tester must test the application’s structure and flow by developing tests for each process; this part is often performed by the developer. Test cases can also be performed manually or by the trial and error method.

White-box testing is mainly evaluated by using the code coverage analysis technique. This technique eliminates any gaps in the test cases and identifies areas of the program not being tested in the test cases. Code coverage analysis is an automated method that shows how much of the system has been tested, and it can be performed using statement coverage or branch coverage. Each technique has its own advantages and disadvantages.

While executing white box tests, some tests can be very complex which require a large amount of resources; however the tests are very thorough. It is up to the tester to determine which method is right for the software.

You might be interesting in other testing methods:

• User acceptance testing
• Unit testing
• Acceptance testing
• Functional testing
• Agile VS Waterfall

Go to next article – Understanding Website Testing