MODULE 5

Software Quality
Software quality product is defined in term of its fitness of purpose. That is, a
quality product does precisely what the users want it to do. For software products,
the fitness of use is generally explained in terms of satisfaction of the requirements
laid down in the SRS document. Although "fitness of purpose" is a satisfactory
interpretation of quality for many devices such as a car, a table fan, a grinding
machine, etc.for software products, "fitness of purpose" is not a wholly satisfactory
definition of quality.
Example: Consider a functionally correct software product. That is, it performs all
tasks as specified in the SRS document. But, has an almost unusable user interface.
Even though it may be functionally right, we cannot consider it to be a quality
product.
The modern view of a quality associated with a software product several
quality methods such as the following:
Portability: A software device is said to be portable, if it can be freely made to
work in various operating system environments, in multiple machines, with other
software products, etc.
Usability: A software product has better usability if various categories of users can
easily invoke the functions of the product.
Reusability: A software product has excellent reusability if different modules of
the product can quickly be reused to develop new products.
Correctness: A software product is correct if various requirements as specified in
the SRS document have been correctly implemented.
Maintainability: A software product is maintainable if bugs can be easily
corrected as and when they show up, new tasks can be easily added to the product,
and the functionalities of the product can be easily modified, etc.
The Software Dilemma
Any time software and business come together, there is an inherent conflict
between “get it done fast” and “do a good job”. This conflict often comes to a head
when deadlines are missed, whether through unrealistic expectation or
underestimation on the part of the developers.
The dilemma between quantity, speed and feature set isn’t going to go away any
time soon. It’s an inherent dilemma in software. But there are approaches we can
take to help solve it.
Any software project has three core elements: the speed at which the software
ships, the fidelity of the feature set, and the quality of the underlying code base. In
a perfect world, we’d be right in the middle, like so:

The triangle makes clear that as you move towards one goal, you tend to move
away from the others. Pushing for speed, for example, sacrifices quality and
feature fidelity to some degree.
And yet, often its impossible to live completely in the center of the triangle. After
all, there are deadlines to be met, and sometimes we need to push software out,
even while incurring technical debt. But leaving the center of the triangle does not
necessarily mean project ruin.
Achieving Software Quality
•Software quality doesn’t just appear
•Software quality is the result of good project management and solid engineering
practice
•This comes into play in four broad activities:
a)Software engineering methods
b)Project management techniques
c)Quality control
d)Quality assurance46

a)Software engineering methods

•If you expect to build high quality software, you must understand the problem to
be solved
•You must also be capable of creating a design that conforms to the problem while
at the same time exhibiting characteristics that lead to software that exhibits the
quality dimensions and factors discussed earlier
•If you follow sound methods, the likelihood of creating high quality software will
increase dramatically47

b)Project management techniques

•If a project manager uses estimation to verify delivery dates are achievable,
schedule dependencies are understood and the team resists the temptationto use
shortcuts, and risk planning is conducted
•The project plan should include explicit techniques for quality and change
management48

c)Quality control
•Quality control encompasses a set of software engineering actions that help to
ensure that each work product meets its quality goals
•Models are reviewed to ensure that they are complete and consistent
•Code may be inspected to uncover and correct errors before testing commences
•A series of testing steps is applied to uncover errors in processing logic, data
manipulation, and interface communication
•A combination of measurement and feedback allows a software team to tune the
process when any of these work products fail to meet quality goals49

d)Quality assurance
•Quality assurance establishes the infrastructure that supports solid software
engineering methods, rational project management, and quality control actions
•The goal of quality assurance is to provide management and technical staff with
the data necessary to be informed about product quality

Software Testing
Software testing is a process of identifying the correctness of software by
considering its all attributes (Reliability, Scalability, Portability, Re-usability,
Usability) and evaluating the execution of software components to find the
software bugs or errors or defects.
software testing has the following objectives:
• The process of investigating and checking a program to find whether there is an
error or not and does it fulfill the requirements or not is called testing.
• When the number of errors found during the testing is high, it indicates that the
testing was good and is a sign of good test case.
• Finding an unknown error that’s wasn’t discovered yet is a sign of a successful
and a good test case.

The main objective of software testing is to design the tests in such a way that it
systematically finds different types of errors without taking much time and effort
so that less time is required for the development of the software.
The overall strategy for testing software includes:
1. Before testing starts, it’s necessary to identify and specify the requirements of
the product in a quantifiable manner.

2. Specifying the objectives of testing in a clear and detailed manner.

3. For the software, identifying the user’s category and developing a profile for
each user.
4. Developing a test plan to give value and focus on rapid-cycle testing.

5. Robust software is developed that is designed to test itself.

6. Before testing, using effective formal reviews as a filter.

7. Conduct formal technical reviews to evaluate the nature, quality or ability of the
test strategy and test cases.

8. For the testing process, developing a approach for the continuous development.

Software Engineering-Strategic Issues

The following issues must be addressed if a successful software testing strategy is

to be implemented:

1)Specify product requirements in a quantifiable manner long before testing

commences.
2)State testing objectives explicitly
3)Understand the users of the software and develop a profile for each user
category.
4)Develop a testing plan that emphasizes “rapid cycle testing.
Build “robust” software that is designed to test itself.
5)Use effective formal technical reviews as a filter prior to testing
Conduct formal technical reviews to assess the test strategy and test cases
themselves.
6)Develop a continuous improvement approach for the testing process
7)Use-cases that describe the interaction scenario for each class of user can reduce
overall testing effort by focusing testing on actual use of the product.
8) Software should be designed in a manner that uses antibugging techniques.
9)Formal technical reviews can uncover inconsistencies, omissions, and outright
errors in the testing approach. This saves time and also improves product quality.
 10) The test strategy should be measured. The metrics collected during testing
should be used as part of a statistical process control approach for software
testing.

Type of Software testing

We have various types of testing available in the market, which are used to test the
application or the software.
With the help of below image, we can easily understand the type of software
testing:

Types of Manual Testing

There are various methods used for manual testing. Each technique is used
according to its testing criteria. Types of manual testing are given below:
• White Box Testing
• Black Box Testing
• Gray Box Testing
White-box testing
The white box testing is done by Developer, where they check every line of a code
before giving it to the Test Engineer. Since the code is visible for the Developer
during the testing, that's why it is also known as White box testing.
Black box testing
The black box testing is done by the Test Engineer, where they can check the
functionality of an application or the software according to the customer /client's
needs. In this, the code is not visible while performing the testing; that's why it is
known as black-box testing.
Gray Box testing
Gray box testing is a combination of white box and Black box testing. It can be
performed by a person who knew both coding and testing. And if the single person
performs white box, as well as black-box testing for the application, is known as
Gray box testing.

Testing levels
Unit Testing
Unit testing involves the testing of each unit or an individual component of the
software application. It is the first level of functional testing. The aim behind unit
testing is to validate unit components with its performance.
A unit is a single testable part of a software system and tested during the
development phase of the application software.
Let us see one sample example for a better understanding of the concept of unit
testing:

For the amount transfer, requirements are as follows:

1. Amount transfer

1.1 From account number (FAN)→ Text Box

1.1.1 FAN→ accept only 4 digit

1.2 To account no (TAN)→ Text Box

1.2.1 TAN→ Accept only 4 digit

1.3 Amount→ Text Box

1.3.1 Amount → Accept maximum 4 digit

1.4 Transfer→ Button

1.4.1 Transfer → Enabled

1.5 Cancel→ Button

 1.5.1 Cancel→ Enabled

Below are the application access details, which is given by the customer

• URL→ login Page

• Username/password/OK → home page
• To reach Amount transfer module follow the below

Loans → sales → Amount transfer

While performing unit testing, we should follow some rules, which are as follows:

• To start unit testing, at least we should have one module.

• Test for positive values
• Test for negative values
• No over testing
• No assumption required

When we feel that the maximum test coverage is achieved, we will stop the
testing.
Now, we will start performing the unit testing on the different components such as

• From account number(FAN)

• To account number(TAN)
• Amount
• Transfer
• Cancel
For the FAN components

Values Description

1234 accept

4311 Error message→ account valid or not

Blank Error message→ enter some values

5 digit/ 3 digit Error message→ accept only 4 digit

Alphanumeric Error message → accept only digit

Blocked account no Error message

Copy and paste the value Error message→ type the value

Same as FAN and TAN Error message

For the TAN component

• Provide the values just like we did in From account number (FAN)
components
For Amount component

• Provide the values just like we did in FAN and TAN components.

For Transfer component

• Enter valid FAN value

• Enter valid TAN value
• Enter the correct value of Amount
• Click on the Transfer button→ amount transfer successfully( confirmation
message)

For Cancel Component

• Enter the values of FAN, TAN, and amount.

• Click on the Cancel button → all data should be cleared.

Advantages and disadvantages of unit testing

The pros and cons of unit testing are as follows:
Advantages
• Unit testing uses module approach due to that any part can be tested without
waiting for completion of another parts testing.
• The developing team focuses on the provided functionality of the unit and
how functionality should look in unit test suits to understand the unit API.
• Unit testing allows the developer to refactor code after a number of days and
ensure the module still working without any defect.

Disadvantages
• It cannot identify integration or broad level error as it works on units of the
code.
• In the unit testing, evaluation of all execution paths is not possible, so unit
testing is not able to catch each and every error in a program.
• It is best suitable for conjunction with other testing activities.

Integration testing
Integration testing is the second level of the software testing process comes after
unit testing. In this testing, units or individual components of the software are
tested in a group. The focus of the integration testing level is to expose defects at
the time of interaction between integrated components or units.
Example of integration testing
Let us assume that we have a Gmail application where we perform the integration
testing.
First, we will do functional testing on the login page, which includes the various
components such as username, password, submit, and cancel button. Then only
we can perform integration testing.
The different integration scenarios are as follows:

Scenarios1:
• First, we login as P users and click on the Compose mail and performing the
functional testing for the specific components.
• Now we click on the Send and also check for Save Drafts.
• After that, we send a mail to Q and verify in the Send Items folder of P to
check if the send mail is there.
• Now, we will log out as P and login as Q and move to the Inbox and verify
that if the mail has reached.
Secanrios2: We also perform the integration testing on Spam folders. If the
particular contact has been marked as spam, then any mail sent by that user should
go to the spam folder and not in the inbox.
As we can see in the below image, we will perform the functional testing for all
the text fields and every feature. Then we will perform integration testing for
the related functions. We first test the add user, list of users, delete user, edit
user, and then search user

Integration Testing Techniques

Any testing technique (Blackbox, Whitebox, and Greybox) can be used for
Integration Testing;
Types of Integration Testing
Integration testing can be classified into two parts:
• Incremental integration testing
• Non-incremental integration testing
Incremental Approach
In this type of testing, there is a strong relationship between the dependent
modules. Suppose we take two or more modules and verify that the data flow
between them is working fine. If it is, then add more modules and test again.

For example: Suppose we have a Flipkart application, we will perform

incremental integration testing, and the flow of the application would like this:
Flipkart→ Login→ Home → Search→ Add cart→Payment → Logout
Incremental integration testing is carried out by further methods:
• Top-Down approach
• Bottom-Up approach

Top-Down Approach
The top-down testing strategy deals with the process in which higher level modules
are tested with lower level modules until the successful completion of testing of all
the modules. Major design flaws can be detected and fixed early because critical
modules tested first. In this type of method, we will add the modules incrementally
or one by one and check the data flow in the same order.
Advantages:
• Identification of defect is difficult.
• An early prototype is possible.

Disadvantages:
• Due to the high number of stubs, it gets quite complicated.
• Lower level modules are tested inadequately.
• Critical Modules are tested first so that fewer chances of defects.

Bottom-Up Method
The bottom to up testing strategy deals with the process in which lower level
modules are tested with higher level modules until the successful completion of
testing of all the modules. Top level critical modules are tested at last, so it may
cause a defect. Or we can say that we will be adding the modules from bottom to
the top and check the data flow in the same order.
Advantages
• Identification of defect is easy.
• Do not need to wait for the development of all the modules as it saves time.

Disadvantages
• Critical modules are tested last due to which the defects can occur.
• There is no possibility of an early prototype.

In this, we have one addition approach which is known as hybrid testing.

Hybrid Testing Method
In this approach, both Top-Down and Bottom-Up approaches are combined for
testing. In this process, top-level modules are tested with lower level modules and
lower level modules tested with high-level modules simultaneously. There is less
possibility of occurrence of defect because each module interface is tested.

System Testing
System Testing includes testing of a fully integrated software system. a computer
system consists of a group of software to perform the various tasks, but only
software cannot perform the task; for that software must be interfaced with
compatible hardware. System testing is a series of different type of tests with the
purpose to exercise and examine the full working of an integrated software
computer system against requirements.
System testing falls under Black box testing as it includes testing of the external
working of the software. Testing follows user's perspective to identify minor
defects.
System Testing includes the following steps.
• Verification of input functions of the application to test whether it is
producing the expected output or not.
• Testing of integrated software by including external peripherals to check the
interaction of various components with each other.
• Testing of the whole system for End to End testing.
• Behavior testing of the application via auser's experience

Example of System testing

Suppose we open an application, let say www.rediff.com, and there we can see
that an advertisement is displayed on the top of the homepage, and it remains there
for a few seconds before it disappears. These types of Ads are done by the
Advertisement Management System (AMS). Now, we will perform system testing
for this type of field.
The below application works in the following manner:
• Let's say that Amazon wants to display a promotion ad on January 26 at
precisely 10:00 AM on the Rediff's home page for the country India.
• Then, the sales manager logs into the website and creates a request for an
advertisement dated for the above day.
• He/she attaches a file that likely an image files or the video file of the AD
and applies.
• The next day, the AMS manager of Rediffmail login into the application and
verifies the awaiting Ad request.
• The AMS manager will check those Amazons ad requests are pending, and
then he/she will check if the space is available for the particular date and
time.
• If space is there, then he/she evaluate the cost of putting up the Ad at 15$ per
second, and the overall Ad cost for 10 seconds is approximate 150$.
• The AMS manager clicks on the payment request and sends the estimated
value along with the request for payment to the Amazon manager.
• Then the amazon manager login into the Ad status and confirms the payment
request, and he/she makes the payment as per all the details and clicks on
the Submit and Pay
 • As soon as Rediff's AMs manager gets the amount, he/she will set up the
Advertisement for the specific date and time on the Rediffmail's home page.

The various system test scenarios are as follows:

Scenario1: The first test is the general scenario, as we discussed above. The test
engineer will do the system testing for the underlying situation where the Amazon
manager creates a request for the Ad and that Ad is used at a particular date and
time.
Scenario2: Suppose the Amazon manager feels that the AD space is too expensive
and cancels the request. At the same time, the Flipkart requests the Ad space on
January 26 at 10:00 AM. Then the request of Amazon has been canceled.
Therefore, Flipkart's promotion ad must be arranged on January 26 at 10 AM.
After all, the request and payment have been made. Now, if Amazon changes their
mind and they feel that they are ready to make payment for January 26 at 10 AM,
which should be given because Flipkart has already used that space. Hence,
another calendar must open up for Amazon to make their booking.
Scenario3: in this, first, we login as AMS manger, then click on Set Price page
and set the price for AD space on logout page to 10$ per second.
Then login as Amazon manager and select the date and time to put up and Ad on
the logout page. And the payment should be 100$ for 10 seconds of an Ad on
Rediffmail logout page.
Types of System Testing
System testing is divided into more than 50 types, but software testing companies
typically uses some of them. These are listed below:
Regression Testing
Regression testing is performed under system testing to confirm and identify that if
there's any defect in the system due to modification in any other part of the system.
It makes sure, any changes done during the development process have not
introduced a new defect and also gives assurance; old defects will not exist on the
addition of new software over the time.

Load Testing
Load testing is performed under system testing to clarify whether the system can
work under real-time loads or not.
Functional Testing
Functional testing of a system is performed to find if there's any missing function
in the system. Tester makes a list of vital functions that should be in the system and
can be added during functional testing and should improve quality of the system.
Recovery Testing
Recovery testing of a system is performed under system testing to confirm
reliability, trustworthiness, accountability of the system and all are lying on
recouping skills of the system. It should be able to recover from all the possible
system crashes successfully.
Migration Testing
Migration testing is performed to ensure that if the system needs to be modified in
new infrastructure so it should be modified without any issue.
Usability Testing
The purpose of this testing to make sure that the system is well familiar with the
user and it meets its objective for what it supposed to do
Software and Hardware Testing
This testing of the system intends to check hardware and software compatibility.
The hardware configuration must be compatible with the software to run it without
any issue. Compatibility provides flexibility by providing interactions between
hardware and software.
Acceptance testing
Acceptance testing is formal testing based on user requirements and function
processing. It determines whether the software is conforming specified
requirements and user requirements or not. It is conducted as a kind of Black Box
testing where the number of required users involved testing the acceptance level of
the system. It is the fourth and last level of software testing.

For example, the blue-dart company gives the requirement to TCS for developing
the application, and the TCS will accept the needs and agree to deliver the
application in the two releases as we can see in the below image:

On August 10, the test manager tells the project manager that there is a critical bug
in the application, and that will take another four days to fix it.

But the project manager said we have to deliver the software within a given time. It
takes another 30 days to fix the defect, or otherwise, we will have to pay the
penalty (fine) for each day after the given release date. Is this the real situation?
NO, let us see three different cases and understand who perform the acceptance
testing.
Case1
In this, we will discuss how the acceptance testing is performed, and here the test
engineer will do the acceptance testing.

Mostly, the actual flow for testing the application will be seen in the above image,
but here it is little difference, as we know where the end-to-end testing or system
testing ends and the acceptance testing will proceed. To understand this scenario,
follow the below process:
The blue-dart provides the requirements, and TCS develops the application and
performs all the testing and handover to the blue-dart company.
Now the question arises the blue-dart will use the application as soon they get it
from TCS? NO, the blue dart company has a group of test engineers after they get
the software, and this team will start testing the application, and this end-to-end
testing is done at the customer environment, which is called the User Acceptance
Testing.
Let us see the difference between TCS test engineers and Blue-dart Engineers:
In TCS, the tester will perform the functional testing, integration testing, and
system testing and whereas in Blue-dart, the tester will do only the end-to-end or
system testing, which is known as acceptance testing.
Steps to Perform Acceptance Testing

TEST STRATEGIES FOR WEB APPS

WEB TESTING, or website testing is checking your web application or website
for potential bugs before its made live and is accessible to general public. Web
Testing checks for functionality, usability, security, compatibility, performance of
the web application or website.
During this stage issues such as that of web application security, the functioning of
the site, its access to handicapped as well as regular users and its ability to handle
traffic is checked.
How to test Web Application
In Software Engineering, the following testing types/technique may be performed
depending on your web testing requirements.
1. Functionality Testing of a Website
Functionality Testing of a Website is a process that includes several testing
parameters like user interface, APIs, database testing, security testing, client and
server testing and basic website functionalities. Functional testing is very
convenient and it allows users to perform both manual and automated testing. It is
performed to test the functionalities of each feature on the website.

Web based Testing Activities includes:

Test all links
Test Forms are working as expected.
Test Cookies are working as expected. Cookies are small files used by websites to
primarily remember active user sessions so you do not need to log in every time
you visit a website.
Test HTML and CSS to ensure that search engines can crawl your site easily.
This will include
Test business workflow-
2. Usability testing:
Usability Testing has now become a vital part of any web based project. It can
be carried out by testers like you or a small focus group similar to the target
audience of the web application.
Test the site Navigation:

• Menus, buttons or Links to different pages on your site should be easily

visible and consistent on all webpages

Test the Content:

• Content should be legible with no spelling or grammatical errors.

• Images if present should contain an "alt" text

3.Interface Testing:
Three areas to be tested here are - Application, Web and Database Server
 • Application: Test requests are sent correctly to the Database and output at
the client side is displayed correctly. Errors if any must be caught by the
application and must be only shown to the administrator and not the end
user.
• Web Server: Test Web server is handling all application requests without
any service denial.
• Database Server: Make sure queries sent to the database give expected
results.

4. Database Testing:
Database is one critical component of your web application and stress must be laid
to test it thoroughly. Testing activities will include-

• Test if any errors are shown while executing queries

• Data Integrity is maintained while creating, updating or deleting data in
database.
• Check response time of queries and fine tune them if necessary.
• Test data retrieved from your database is shown accurately in your web
application

5. Compatibility testing.
Compatibility tests ensures that your web application displays correctly across
different devices. This would include-
Browser Compatibility Test: Same website in different browsers will display
differently. You need to test if your web application is being displayed correctly
across browsers, JavaScript, AJAX and authentication is working fine. You may
also check for Mobile Browser Compatibility.
The rendering of web elements like buttons, text fields etc. changes with change
in Operating System. Make sure your website works fine for various combination
of Operating systems such as Windows, Linux, Mac and Browsers such as Firefox,
Internet Explorer, Safari etc.

6. Performance Testing:
This will ensure your site works under all loads. Software Testing activities will
include but not limited to -

• Website application response times at different connection speeds

• Load test your web application to determine its behavior under normal and
peak loads
 • Stress test your web site to determine its break point when pushed to beyond
normal loads at peak time.
• Test if a crash occurs due to peak load, how does the site recover from such
an event
• Make sure optimization techniques like gzip compression, browser and
server side cache enabled to reduce load times

7. Security testing:
Security Testing is vital for e-commerce website that store sensitive customer
information like credit cards. Testing Activities will include-

• Test unauthorized access to secure pages should not be permitted

• Restricted files should not be downloadable without appropriate access
• Check sessions are automatically killed after prolonged user inactivity
• On use of SSL certificates, website should re-direct to encrypted SSL pages.
8. Crowd Testing:
You will select a large number of people (crowd) to execute tests which otherwise
would have been executed a select group of people in the company. Crowdsourced
testing is an interesting and upcoming concept and helps unravel many a unnoticed
defects.

Test Strategies for Object

Oriented Software
Software typically undergoes many levels of testing.That are
Object Oriented unit testing
Object Oriented system testing
Object Oriented Integration testing
Object Oriented validation testing

Techniques of object-oriented testing are as follows:

1. Fault Based Testing:
This type of checking permits for coming up with test cases supported the
consumer specification or the code or both. It tries to identify possible faults
(areas of design or code that may lead to errors.).
2. Class Testing Based on Method Testing:
This approach is the simplest approach to test classes. Each method of the class
performs a well defined cohesive function and can, therefore, be related to unit
testing of the traditional testing techniques. Therefore all the methods of a class
can be involved at least once to test the class.
3. Random Testing:
It is supported by developing a random test sequence that tries the minimum
variety of operations typical to the behavior of the categories
4. Partition Testing:
This methodology categorizes the inputs and outputs of a category so as to
check them severely. This minimizes the number of cases that have to be
designed.
5. Scenario-based Testing:
It primarily involves capturing the user actions then stimulating them to similar
actions throughout the test.
These tests tend to search out interaction form of error.

Test strategies for Conventional Software

• There are many strategies that can be used to test software.
• At one extreme, you can wait until the system is fully constructed and then
conduct tests on the overall system in hopes of finding errors.
o This approach simply does not work. It will result in buggy software.
• At the other extreme, you could conduct tests on a daily basis, whenever any
part of the system is constructed.
o This approach, although less appealing to many, can be very effective.
• A testing strategy that is chosen by most software teams falls between the
two extremes.
• It takes an incremental view of testing,
o Beginning with the testing of individual program units,
o Moving to tests designed to facilitate the integration of the units,
o Culminating with tests that exercise the constructed system.
Unit Testing :
• Unit testing focuses verification effort on the smallest unit of software
design—the software component or module.
 • The unit test focuses on the internal processing logic and data structures
within the boundaries of a component.
• This type of testing can be conducted in parallel for multiple components.
Integration testing
• Integration testing is a systematic technique for constructing the software
architecture while at the same time conducting tests to uncover errors
associated with interfacing.
• Different Integration Testing Strategies :
o Top-down testing
o Bottom-up testing
o Regression Testing
o Smoke Testing

Regression Testing :
• Regression testing is the re-execution of some subset of tests that have
already been conducted to ensure that changes have not propagated
unintended side effects.
Smoke Testing :
• Smoke testing is an integration testing approach that is commonly used
when product software is developed
• Smoke testing is performed by developers before releasing the build to the
testing team and after releasing the build to the testing team it is performed
by testers whether to accept the build for further testing or not.

Software Engineering | Debugging

Introduction:
In the context of software engineering, debugging is the process of fixing a bug in
the software
Debugging Process: Steps involved in debugging are:
• Problem identification and report preparation.
• Assigning the report to software engineer to the defect to verify that it is
genuine.
• Defect Analysis using modeling, documentations, finding and testing candidate
flaws, etc.
• Defect Resolution by making required changes to the system.
• Validation of corrections.
Debugging Strategies:
1. Study the system for the larger duration in order to understand the system. It
helps debugger to construct different representations of systems to be
debugging depends on the need. Study of the system is also done actively to
find recent changes made to the software.
2. Backwards analysis of the problem which involves tracing the program
backward from the location of failure message in order to identify the region of
faulty code. A detailed study of the region is conducting to find the cause of
defects.
3. Forward analysis of the program involves tracing the program forwards using
breakpoints or print statements at different points in the program and studying
the results. The region where the wrong outputs are obtained is the region that
needs to be focused to find the defect.
4. Using the past experience of the software debug the software with similar
problems in nature. The success of this approach depends on the expertise of the
debugger.
Debugging Tools:
Debugging tool is a computer program that is used to test and debug other
programs. A lot of public domain software like gdb and dbx are available for
debugging. They offer console-based command line interfaces. Examples of
automated debugging tools include code based tracers, profilers, interpreters, etc.
Some of the widely used debuggers are:
• Radare2
• WinDbg
• Valgrind
Difference Between Debugging and Testing:
Debugging is different from testing. Testing focuses on finding bugs, errors, etc
whereas debugging starts after a bug has been identified in the software. Testing is
used to ensure that the program is correct and it was supposed to do with a certain
minimum success rate. Testing can be manual or automated. There are several
different types of testing like unit testing, integration testing, alpha and beta
testing, etc.
Debugging requires a lot of knowledge, skills, and expertise. It can be supported
by some automated tools available but is more of a manual process as every bug is
different and requires a different technique, unlike a pre-defined testing
mechanism.
 Software Maintenance
Software maintenance is widely accepted part of SDLC now a days. It stands for all
the modifications and updations done after the delivery of software product. There
are number of reasons, why modifications are required, some of them are briefly
mentioned below:
• Market Conditions - Policies, which changes over the time, such as taxation
and newly introduced constraints like, how to maintain bookkeeping, may
trigger need for modification.
• Client Requirements - Over the time, customer may ask for new features or
functions in the software.
• Host Modifications - If any of the hardware and/or platform (such as
operating system) of the target host changes, software changes are needed to
keep adaptability.
• Organization Changes - If there is any business level change at client end,
such as reduction of organization strength, acquiring another company,
organization venturing into new business, need to modify in the original
software may arise.

Types of maintenance

In a software lifetime, type of maintenance may vary based on its nature. It may be
just a routine maintenance tasks as some bug discovered by some user or it may be
a large event in itself based on maintenance size or nature. Following are some types
of maintenance based on their characteristics:
• Corrective Maintenance - This includes modifications and updations done
in order to correct or fix problems, which are either discovered by user or
concluded by user error reports.
• Adaptive Maintenance - This includes modifications and updations applied
to keep the software product up-to date and tuned to the ever changing world
of technology and business environment.
• Perfective Maintenance - This includes modifications and updates done in
order to keep the software usable over long period of time. It includes new
features, new user requirements for refining the software and improve its
reliability and performance.
 • Preventive Maintenance - This includes modifications and updations to
prevent future problems of the software. It aims to attend problems, which
are not significant at this moment but may cause serious issues in future.

Cost of Maintenance
Reports suggest that the cost of maintenance is high. A study on estimating software
maintenance found that the cost of maintenance is as high as 67% of the cost of
entire software process cycle.

On an average, the cost of software maintenance is more than 50% of all SDLC
phases. There are various factors, which trigger maintenance cost go high, such as:

Real-world factors affecting Maintenance Cost

• The standard age of any software is considered up to 10 to 15 years.

• Older softwares, which were meant to work on slow machines with less
memory and storage capacity cannot keep themselves challenging against
newly coming enhanced softwares on modern hardware.
• As technology advances, it becomes costly to maintain old software.
• Most maintenance engineers are newbie and use trial and error method to
rectify problem.
• Often, changes made can easily hurt the original structure of the software,
making it hard for any subsequent changes.
• Changes are often left undocumented which may cause more conflicts in
future.
Software-end factors affecting Maintenance Cost

• Structure of Software Program

• Programming Language
• Dependence on external environment
• Staff reliability and availability

Maintenance Activities
IEEE provides a framework for sequential maintenance process activities. It can be
used in iterative manner and can be extended so that customized items and
processes can be included.

These activities go hand-in-hand with each of the following phase:

• Identification & Tracing - It involves activities pertaining to identification
of requirement of modification or maintenance. It is generated by user or
system may itself report via logs or error messages.Here, the maintenance
type is classified also.
• Analysis - The modification is analyzed for its impact on the system
including safety and security implications. If probable impact is severe,
alternative solution is looked for. A set of required modifications is then
materialized into requirement specifications. The cost of
modification/maintenance is analyzed and estimation is concluded.
 • Design - New modules, which need to be replaced or modified, are designed
against requirement specifications set in the previous stage. Test cases are
created for validation and verification.
• Implementation - The new modules are coded with the help of structured
design created in the design step.Every programmer is expected to do unit
testing in parallel.
• System Testing - Integration testing is done among newly created modules.
Integration testing is also carried out between new modules and the system.
Finally the system is tested as a whole, following regressive testing
procedures.
• Acceptance Testing - After testing the system internally, it is tested for
acceptance with the help of users. If at this state, user complaints some issues
they are addressed or noted to address in next iteration.
• Delivery - After acceptance test, the system is deployed all over the
organization either by small update package or fresh installation of the
system. The final testing takes place at client end after the software is
delivered.
Training facility is provided if required, in addition to the hard copy of user
manual.
• Maintenance management - Configuration management is an essential part
of system maintenance. It is aided with version control tools to control
versions, semi-version or patch management.

Reverse Engineering
It is a process to achieve system specification by thoroughly analyzing,
understanding the existing system. This process can be seen as reverse SDLC
model, i.e. we try to get higher abstraction level by analyzing lower abstraction
levels.
An existing system is previously implemented design, about which we know
nothing. Designers then do reverse engineering by looking at the code and try to get
the design. With design in hand, they try to conclude the specifications. Thus, going
in reverse from code to system specification.
Program Restructuring
It is a process to re-structure and re-construct the existing software. It is all about
re-arranging the source code, either in same programming language or from one
programming language to a different one. Restructuring can have either source
code-restructuring and data-restructuring or both.
Re-structuring does not impact the functionality of the software but enhance
reliability and maintainability. Program components, which cause errors very
frequently can be changed, or updated with re-structuring.
The dependability of software on obsolete hardware platform can be removed via
re-structuring.

Forward Engineering
Forward engineering is a process of obtaining desired software from the
specifications in hand which were brought down by means of reverse engineering.
It assumes that there was some software engineering already done in the past.
Forward engineering is same as software engineering process with only one
difference – it is carried out always after reverse engineering.

Component reusability
A component is a part of software program code, which executes an independent
task in the system. It can be a small module or sub-system itself.

Example
The login procedures used on the web can be considered as components, printing
system in software can be seen as a component of the software.
Components have high cohesion of functionality and lower rate of coupling, i.e.
they work independently and can perform tasks without depending on other
modules.
In OOP, the objects are designed are very specific to their concern and have fewer
chances to be used in some other software.
In modular programming, the modules are coded to perform specific tasks which
can be used across number of other software programs.
There is a whole new vertical, which is based on re-use of software component, and
is known as Component Based Software Engineering (CBSE).

Re-use can be done at various levels

• Application level - Where an entire application is used as sub-system of new
software.
• Component level - Where sub-system of an application is used.
• Modules level - Where functional modules are re-used.
Software components provide interfaces, which can be used to establish
communication among different components.

Reuse Process
Two kinds of method can be adopted: either by keeping requirements same and
adjusting components or by keeping components same and modifying
requirements.
 • Requirement Specification - The functional and non-functional
requirements are specified, which a software product must comply to, with
the help of existing system, user input or both.
• Design - This is also a standard SDLC process step, where requirements are
defined in terms of software parlance. Basic architecture of system as a whole
and its sub-systems are created.
• Specify Components - By studying the software design, the designers
segregate the entire system into smaller components or sub-systems. One
complete software design turns into a collection of a huge set of components
working together.
• Search Suitable Components - The software component repository is
referred by designers to search for the matching component, on the basis of
functionality and intended software requirements..
• Incorporate Components - All matched components are packed together to
shape them as complete software.

Software Re-engineering
When we need to update the software to keep it to the current market, without
impacting its functionality, it is called software re-engineering. It is a thorough
process where the design of software is changed and programs are re-written.
Legacy software cannot keep tuning with the latest technology available in the
market. As the hardware become obsolete, updating of software becomes a
headache. Even if software grows old with time, its functionality does not.
For example, initially Unix was developed in assembly language. When language
C came into existence, Unix was re-engineered in C, because working in assembly
language was difficult.
Other than this, sometimes programmers notice that few parts of software need
more maintenance than others and they also need re-engineering.

Re-Engineering Process
• Decide what to re-engineer. Is it whole software or a part of it?
• Perform Reverse Engineering, in order to obtain specifications of existing
software.
• Restructure Program if required. For example, changing function-oriented
programs into object-oriented programs.
• Re-structure data as required.
• Apply Forward engineering concepts in order to get re-engineered
software.
There are few important terms used in Software re-engineering

Reverse Engineering –
Reverse Engineering is processes of extracting knowledge or design information
from anything man-made and reproducing it based on extracted information. It is
also called back Engineering.
Software Reverse Engineering –
Software Reverse Engineering is the process of recovering the design and the
requirements specification of a product from an analysis of it’s code. Reverse
Engineering is becoming important, since several existing software products, lack
proper documentation, are highly unstructured, or their structure has degraded
through a series of maintenance efforts.

Why Reverse Engineering?

• Providing proper system documentatiuon.
• Recovery of lost information.
• Assisting with maintenance.
• Facility of software reuse.
• Discovering unexpected flaws or faults.
Used of Software Reverse Engineering –
• Software Reverse Engineering is used in software design, reverse engineering
enables the developer or programmer to add new features to the existing
software with or without knowing the source code.
• Reverse engineering is also useful in software testing, it helps the testers to
study the virus and other malware code .