Static Testing is a technique by which we can check the defects in software without actually executing it. Its counter-part is Dynamic Testing which checks an application when code is run. Refer this tutorial for a detailed difference between static and dynamic testing.
Static testing is done to avoid errors at an early stage of development as it is easier to find sources of failures then failures themselves.
Static testing helps find errors that may not be found by Dynamic Testing.
The two main types of static testing techniques are
● Manual examinations: Manual examinations include analysis of code done manually, also known as REVIEWS.
● Automated analysis using tools: Automated analysis are basically static analysis which is done using tools.
A review in a Static Testing is a process or meeting conducted to find the potential defects in the design of any program. Another significance of review is that all the team members get to know about the progress of the project and sometimes the diversity of thoughts may result in excellent suggestions. Documents are directly examined by people and discrepancies are sorted out.
Reviews can further be classified into four parts:
● Informal reviews
● Walkthroughs
● Technical review
● Inspections
● Moderator: Performs entry check, follow up on rework, coaching team member, schedule the meeting.
● Author: Takes responsibility for fixing the defect found and improves the quality of the document
● Scribe: It does the logging of the defect during review and attends the review meeting
● Reviewer: Check material for defects and inspects
● Manager: Decide on the execution of reviews and ensures the review process objectives are met.
Types of defects which can be easier to find during static testing are:
● Deviations from standards
● Non-maintainable code
● Design defects
● Missing requirements
● Inconsistent interface specifications
Usually, the defect discovered during static testing are due to security vulnerabilities, undeclared variables, boundary violations, syntax violations, inconsistent interface, etc.
Static testing is performed due to following reasons
● Early defect detection and correction
● Reduced development timescales
● Reduced testing cost and time
● For improvement of development productivity
● To get fewer defect at later stage of testing
In Static Testing, following things are tested
● Unit Test Cases
● Business Requirements Document (BRD)
● Use Cases
● System/Functional Requirements
● Prototype
● Prototype Specification Document
● DB Fields Dictionary Spreadsheet
● Test Data
● Traceability Matrix Document
● User Manual/Training Guides/Documentation
● Test Plan Strategy Document/Test Cases
● Automation/Performance Test Scripts
To perform Static Testing, it is done in following ways,
● Carry out the inspection process to completely inspect the design of the application
● Use a checklist for each document under review to ensure all reviews are covered completely
The various activities for performing Static Testing are:
● Informal Reviews
● Walkthroughs
● Technical Reviews
● Inspections
● Static Analysis
○ Data Flow
○ Control Flow
Various tools used for Static Testing are as follow,
● Checkstyle
● IntelliJ IDEA
● FindBugs
● Jarchitect
● Soot
● Squale
● ThreadSafe
● SourceMeter
Some useful tips to perform static testing process
● Focus only on things that really count
● Explicitly plan and track review activities. A software walkthrough and inspection are generally composite into peer's reviews
● Train participants
● Resolve people issues
● Keep process formal as the project culture
● Continuous improvement – Process and Tools
● By removing the major delays in test execution, testing cost and time can be reduced