Gray-box testing

A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.{{cite web |url=http://softwaretestingfundamentals.com/gray-box-testing |title=Gray Box Testing |publisher=Software Testing Fundamentals |date=4 November 2011 |access-date=19 January 2012 |archive-date=16 November 2021 |archive-url=https://web.archive.org/web/20211116044449/https://softwaretestingfundamentals.com/gray-box-testing/ |url-status=dead }}

Gray-box testers require both high-level and detailed documents describing the application, which they collect in order to define test cases.{{cite web|url=http://www.geekinterview.com/question_details/35806 |title=Example of grey box testing with definition |publisher=Geekinterview.com |access-date=19 January 2012}}

Gray-box testing is beneficial because it takes the straightforward technique of black-box testing and combines it with the code-targeted systems in white-box testing.

Gray-box testing is based on requirement test case generation because it presents all the conditions before the program is tested by using the assertion method. A requirement specification language is used to make it easy to understand the requirements and verify its correctness.{{cite web |author=Jake Rogers |url=https://www.cgsec.co.uk/2016/08/09/common-questions-regarding-grey-box-testing/ |title=Common Questions Regarding Grey-Box Testing |publisher=cgsec.co.uk |date=8 August 2016 |access-date=8 August 2016 }}{{Dead link|date=March 2023 |bot=InternetArchiveBot |fix-attempted=yes }}

Object-oriented software consists primarily of objects; where objects are single indivisible units having executable code and/or data. Some assumptions are stated below which are needed for the application of use gray-box testing.

• Activation of Methods{{cite web |url=http://pascal-central.com/OOE-stds.html#sect-6.5.8.2 |title=Object-Oriented Extensions to Pascal |publisher=Pascal-central.com |access-date=19 January 2012 |archive-date=5 June 2021 |archive-url=https://web.archive.org/web/20210605064414/http://pascal-central.com/OOE-stds.html#sect-6.5.8.2 |url-status=dead }}
• State Reporting in Class Under Test (CUT).
• Report Testing is inherent in Class Under Test.

• Architectural model
• Unified Modeling Language - UML Design Model
• Finite-state machine - State Model.{{cite book|last=Patton|first=Ron|title=Software Testing|date=26 July 2005|publisher=Sams|isbn=978-0-672-32798-8|page=[https://archive.org/details/softwaretesting0000patt/page/2 2]|url=https://archive.org/details/softwaretesting0000patt/page/2|url-access=registration}}{{Cite web |url=http://www.site.uottawa.ca/~ssome/Cours/SEG3203/gboxtesting.pdf |title=Archived copy |access-date=17 October 2011 |archive-url=https://web.archive.org/web/20120403002944/http://www.site.uottawa.ca/~ssome/Cours/SEG3203/gboxtesting.pdf |archive-date=3 April 2012 |url-status=dead }}

Cem Kaner defines "gray-box testing as involving inputs and outputs, but test design is educated by information about the code or the program operation of a kind that would normally be out of view of the tester".{{cite book |last=Nguyen |first=Hung Q |date=2001 |title=Testing Applications on the Web: Test Planning for Internet-Based Systems |publisher=John Wiley & Sons |isbn=9780471437642}} Gray-box testing techniques are:

• Matrix Testing: states the status report of the project.
• Regression testing: it implies rerunning of the test cases if new changes are made.
• Pattern Testing: verify the good application for its design or architecture and patterns.
• Orthogonal array testing: used as subset of all possible combination.{{cite web|url=http://extremesoftwaretesting.com/Articles/WorldofGrayBoxTesting.html |title=Explore the World of Gray Box Testing |publisher=Extremesoftwaretesting.com |access-date=19 January 2012}}

• Offers combined benefits: As Gray-box testing is combination of white-box and black-box testing, it serves advantages from both the testings.
• Non Intrusive: It is based on functional specification, architectural view whereas not on source code or binaries which makes it invasive too.
• Intelligent Test Authoring: Gray-box tester handles intelligent test scenario, for example, data type handling, communication protocol, exception handling.
• Unbiased Testing: In spite of all above advantages and functionalities, Gray-box testing maintains boundary for testing between tester and developer.{{cite web |url=http://www.crosschecknet.com/soa_testing_black_white_gray_box.php |title=SOA Testing Tools for Black, White and Gray Box SOA Testing Techniques |publisher=Crosschecknet.com |access-date=19 January 2012 |archive-url=https://web.archive.org/web/20181001010542/http://www.crosschecknet.com/soa_testing_black_white_gray_box.php |archive-date=1 October 2018 |url-status=dead }}

• Partial code coverage: In gray-box testing, source code or binaries are missing because of limited access to internal or structure of the applications which results in limited access for code path traversal.
• Defect Identification: In distributed applications, it is difficult to associate defect identification. Still, Gray-box testing is a boon to find how appropriate these systems throw exceptions and how fine are these exceptions handled in distributed systems having web services environment.{{Cite web | url=http://www.sfisaca.org/events/conference04/presentations/E33-Gray-Box-Testing.pdf | title=E33 Gray Box Testing.PDF}}

• Gray-box testing is well suited for web applications. Web applications have distributed network or systems; due to absence of source code or binaries it is not possible to use white-box testing. Black-box testing is also not used due to just contract between customer and developer, so it is more efficient to use gray-box testing as significant information is available in Web Services Description Language (WSDL).{{cite web|last=Ramdeo |first=Anand |url=http://www.testinggeek.com/gray-box-testing |title=Gray Box Testing - Software |publisher=Testing Geek |date=5 May 2011 |access-date=19 January 2012}}
• Gray-box testing is suited for functional or business domain testing. Functional testing is done basically a test of user interactions with may be external systems. Gray-box testing is well-suited for functional testing due to its characteristics; it also helps to confirm that software meets the requirements defined for the software.{{cite book|last=Bach|first=James|title=Lessons Learned in Software Testing|date=31 December 2001 |publisher=Wiley Computer Publishing|isbn=978-0-471-08112-8 |url=https://www.amazon.com/exec/obidos/ASIN/0471081124/softwarqaandtest}}{{cite book|last=Falk|first=Jack|title=Testing Computer Software, 2nd Edition|date=12 April 1999 |publisher=Wiley Computer Publishing|isbn=978-0-471-35846-6 |url=https://www.amazon.com/exec/obidos/ASIN/0471358460/softwarqaandtest}}http://legacy.cleanscape.net/docs_lib/paper_graybox.pdf {{Bare URL PDF|date=March 2022}}{{cite journal |journal=IBM Systems Journal |volume=47 |issue=3 |pages=457–472 |doi=10.1147/sj.473.0457 |date=6 April 2010 |last1=Li |first1=Z. J. |title=Business-process-driven gray-box SOA testing |last2=Tan |first2=H. F. |last3=Liu |first3=H. H. |last4=Zhu |first4=J. |last5=Mitsumori |first5=N. M. }}

The distributed nature of Web services allows gray-box testing to detect defects within a service-oriented architecture (SOA). As we know, white-box testing is not suitable for Web services as it deals directly with the internal structures. White-box testing can be used for state art methods; for example, message mutation which generates the automatic tests for large arrays to help exception handling states, flow without source code or binaries. Such a strategy is useful to push gray-box testing nearer to the outcomes of white-box testing.

• Grey box model

{{Reflist}}

{{Software testing}}

Category:Hardware testing

Category:Software testing