SREENIDHI INSTITUTE OF SCIENCE & TECHNOLOGY

(AN AUTONOMOUS INSTITUTION UNDER JNTUH)

(Approved by AICTE & Aided by World Bank under TEQIP)

Yamnampet, Ghatkesar Mandal, Hyderabad - 501 301.

LAB MANUAL
For
SOFTWARE TESTING AND AUTOMATION LAB

For

B. Tech. IV year - I Semester

CSE BRANCH

DEPARTMENT
OF
COMPUTER SCIENCE AND ENGINEERING

B. Tech (Computer Science and Engineering)

Program objective:

B. Tech in Computer Science and Engineering program emphasizes the use of computer as a
sophisticated problem solving tool.

The first two years of this program begins with a set of introductory courses, like Mathematics, physics,
English, computer languages (C,C++,Java), Database Management Systems, which provide students with
a firm foundation in mathematics, computer science, as well as communication skills. These courses
include weekly labs in which students use state-of-the art software development techniques to create
solutions to interesting problems.

The last two years of study focuses on the concepts and techniques used in the design and development
of advanced software systems. In addition, students choose from a rich set of electives, which covers
skills in demand. These advanced courses give broad opening for research and help them to choose
specialization in their higher studies. A generous allotment of open electives allows students to learn
foreign languages like French, German, Spanish; and it includes computing with a business focus.

Students in this program pursue an inter-disciplinary course of study that combines strong foundation in
computer science with a focus on interdisciplinary areas. This program is designed for students who
seek to blend their computer science abilities with skills in demand and skills specific to another domain
to solve problems in that domain.

Having completed this course, a student is prepared to work independently within a well structured
design frame work in the job and for higher studies.

DEPARTMENT OF COMPUTER SCIENCE and ENGINEERING

Vision

To emerge as a leading department in Technical Education and Research in Computer Science and
Engineering with focus to produce professionally competent and socially sensitive engineers
capable of working in global environment.
Mission

1.To prepare Computer Science and Engineering graduates to be a life long learner with
competence in basic science & engineering and professional core, multidisciplinary areas ,
with continuous update of the syllabus, so that they can succeed in industry as an individual
and as a team or to pursue higher studies or to become an entrepreneur.
2.To enable the graduates to use modern tools, design and create novelty based products
required for the society and communicate effectively with professional ethics.
3.To continuously engage in research and projects development with financial management to
promote scientific temper in the graduates and attain sustainability.

Programme Educational Objectives

I Graduates will have a strong foundation in fundamentals of mathematics, science, computer science
and basic engineering with abilities to analyze problems, design and development of optimal
solutions to address societal problems.

II Apply knowledge of modern tools to solve the complex problems and enable graduates to be
professionally competent engineers to sensitize towards societal, health, safety legal, environmental
and sustainable issues by following the ethical ideologies and makes them globally employable.

III Ability to work effectively as an individual, team member or a leader or pursue entrepreneurial skills
and be aware of gender sensitization with good communication, practice project and finance
management skills.

IV Encouraging students to pursue higher studies in internationally reputed institutes thus making them
life-long learners.

Programme Outcomes

The Programme Outcomes (POs) of the B.Tech (CSE) programme as stated by the NBA, India are
listed below:

Engineering Graduates will be able to:

1. Engineering knowledge: Apply the knowledge of mathematics, science, engineering fundamentals,
and an engineering specialization to the solution of complex engineering problems.

2. Problem analysis: Identify, formulate, review research literature, and analyze complex engineering
problems reaching substantiated conclusions using first principles of mathematics, natural sciences,
and engineering sciences.

3. Design/development of solutions: Design solutions for complex engineering problems and design
system components or processes that meet the specified needs with appropriate consideration for
the public health and safety, and the cultural, societal, and environmental considerations.

4. Conduct investigations of complex problems: Use research-based knowledge and research methods
including design of experiments, analysis and interpretation of data, and synthesis of the
information to provide valid conclusions.

5. Modern tool usage: Create, select, and apply appropriate techniques, resources, and modern
engineering and IT tools including prediction and modeling to complex engineering activities with an
understanding of the limitations.

6. The engineer and society: Apply reasoning informed by the contextual knowledge to assess societal,
health, safety, legal and cultural issues and the consequent responsibilities relevant to the
professional engineering practice.

7. Environment and sustainability: Understand the impact of the professional engineering solutions in
societal and environmental contexts, and demonstrate the knowledge of, and need for sustainable
development.

8. Ethics: Apply ethical principles and commit to professional ethics and responsibilities and norms of
the engineering practice.

9. Individual and team work: Function effectively as an individual, and as a member or leader in diverse
teams, and in multidisciplinary settings.
10. Communication: Communicate effectively on complex engineering activities with the engineering
community and with society at large, such as, being able to comprehend and write effective reports
and design documentation, make effective presentations, and give and receive clear instructions.

11. Project management and finance: Demonstrate knowledge and understanding of the engineering
and management principles and apply these to one’s own work, as a member and leader in a team,
to manage projects and in multidisciplinary environments.

12. Life-long learning: Recognize the need for, and have the preparation and ability to engage in
independent and life-long learning in the broadest context of technological change.

Correlation between the POs and the PEOs

Programme Outcomes
PEOs
1 2 3 4 5 6 7 8 9 10 11 12

I    
II      
III   
IV  
Program Specific Outcomes (PSOs):

1. Imbibe strong foundation of basic sciences and its applications Computer Science , apply
concepts of computer systems with reference to hardware and software aspects. [CORE]
2. Possess professional skills to design, analyze and develop computer-based systems/
programs in the areas related to algorithms, , system software object oriented system,
relational data bases , operating systems ,multimedia, web design, big data analytics,
mobile computing cloud computing and other emerging frontier technologies.
[Practicals]
3. Comprehend and apply technological advancements by using modern tools such as
UML, data mining, software testing, network management to analyze, design and
implement subsystems/processes for variety real time applications. [Tools]
4. Posses skills to communicate, be a team member and demonstrate professional ethics
and exhibit concerns for societal and environmental wellbeing for sustainable
professional development. [ENV, Team, Society and Life long learning , professional]

1 2 3 4 5 6 7 8 9 10 11 12

H: High M: Medium L: Low

Syllabus for B. Tech. IV Year I semester

Computer Science and Engineering

SOFTWARE TESTING AND AUTOMATION LAB

L T P C

- - 4 2
Code: 6EC75

Course Objectives:
 In software testing lab the various manual and automation testing processes are carried
out to efficiently learn the testing activities. Both commercial and open source testing
tools are being taught to better the software testing in detail.
 According to the software industry requirements the testing tools are taught so that the
students can directly make use of testing tools in industry.
  Implement various testing techniques and to make a thorough study on various testing
tools.

Course Outcomes:

At the end of this course, the student will be able to

1. Prepare Test Plan document and write Test Cases for Small scale Project (Like for their B.Tech IV Year
Project or Post-Graduate Projects), they are learn how to Analyze SRS document in order to prepare Test
Plan Document.

2. Demonstrate skills to use modern software testing tools (EX: UFT, TestLink, Bugzilla, Selenium, Test
Director and Quality Center) and test application (web, Window application) by using the tools.

3. Demonstrate the ability to differentiate between different Testing tools present in the market
(like functional testing tools, Test Management Tools, Bug Tracking Tools and Performance
Testing Tools) and prepare Test Plan document and write Test Cases for Small scale Project
(Like for their B.Tech IV Year Project or Post-Graduate Projects).

Week 1

1. Write programs in ‘C’ Language to demonstrate the working of the following constructs:
i) do…while ii) while…do iii) if …else iv) switch v) for

2. A program written in ‘C’ language for matrix multiplication fails” Introspect the causes for its
failure and write down the possible reasons for its failure.

Week 2

3. Take any system (e.g. ATM system) and study its system specifications and report the various
bugs.
4. Write the test cases for any known application (Ex: Banking application)

Week 3 &4

5. Create a test plan document for any application (Ex: Internet Banking Application)
6. Overview of any Test Management Tools (Open source testing tool : Ex - Test Link)

Week 5 to 10

7. Study of any Functional and Regression Testing Tools:

i) Open source Tool: SoapUI

ii) Licensed Tool: UFT 12.01

 Week 11 & 12

8. Study of any bug tracking tool (open source testing tool : Bugzilla)
9. Overview of Performance Testing Tools (Open source testing tool : Apache Jmeter)
10. Study of Selenium IDE (open source testing tool)

TEXT BOOKS

1. Software testing techniques – Boris Beizer, Dreamtech, second edition.(Unit 1,2,6)

2. Software testing tools – by Dr. K.V.K.K Prasad Dreamtech (Unit 1,6)
3. Effective Methods for Software Testing, 2nd Edition by William E.Perry, Wiley publications.(Unit 3,4)
4. Software Testing and continuous Quality Improvement, by William E.Lewis,Gunasekaran,2 nd Edition
Auerbach publications (Unit 5,Refer Internet)
5. Software Engineering A practitioner’s Approach, Roger S Pressman, 6th edition.
McGrawHill International Edition (Unit 3)

REFERENCES

1. Software Testing Techniques ,by Bories Beizer, Second Edition,Dreamtech Press

2. Testing and Quality Assurance for Component based software ,by Gao,Tsao and Wu,Artech
House Publishers
3. Managing the Testing Process,by Rex Black,Wiley.
4. Handbook of Software Quality Assurance, by G.Gordon Schulmeyer,James
I.McManus,2nd Edition,International Thomson Computer Press

Week-1:
1.
AIM : Program in “C” Language to demonstrate the working of the following constructs:
i)do-while ii) while-do iii) if-else iv) switch v) for

THEORY:
• Two kinds of basic program statements:
– Assignment statements (Ex. x = 2*y;)
– Conditional statements (Ex. If(), for(), while(), …)
• Control flow
– Successive execution of progra–m statements is viewed as flow of control.
– Conditional statements alter the default flow.
• Program path
– A program path is a sequence of statements from entry to exit.
– There can be a large number of paths in a program.
 – There is an (input, expected output) pair for each path.
– Executing a path requires invoking the program unit with the right test input.
– Paths are chosen by using the concepts of path selection criteria.
• Tools: Automatically generate test inputs from program paths.

Outline of Control Flow Testing

• Inputs to the test generation process
– Source code
– Path selection criteria: statement, branch, …
• Generation of control flow graph (CFG)
– A CFG is a graphical representation of a program unit.
– Compilers are modified to produce CFGs. (You can draw one by hand.)
• Selection of paths
– Enough entry/exit paths are selected to satisfy path selection criteria.
• Generation of test input data
– Two kinds of paths
• Executable path: There exists input so that the path is executed.
• Infeasible path: There is no input to execute the path.
– Solve the path conditions to produce test input for each path.
 Outline of Control Flow Testing
• Symbols in a CFG

Path Selection Criteria:

• Program paths are selectively executed.
• Question: What paths do I select for testing?

• The concept of path selection criteria is used to answer the question.

• Advantages of selecting paths based on defined criteria:
– Ensure that all program constructs are executed at least once.
– Repeated selection of the same path is avoided.
– One can easily identify what features have been tested and what not.
• Path selection criteria
– Select all paths.
– Select paths to achieve complete statement coverage.
– Select paths to achieve complete branch coverage.
– Select paths to achieve predicate coverage
• Statement coverage criterion:
– Statement coverage means executing individual program statements and
observing the output.
– 100% statement coverage means all the statements have been executed at least
once.
• Cover all assignment statements.
• Cover all conditional statements.
– Less than 100% statement coverage is unacceptable.
• Branch coverage criterion
– A branch is an outgoing branch (edge) from a node in a CFG.
• A condition node has two outgoing branches – corresponding to the True
and False values of the condition.
– Covering a branch means executing a path that contains the branch.
 – 100% branch coverage means selecting a set of paths such that each branch is
included on some path.
Example: A function to compute the average of selected integers in an array.
code: ReturnAverage()
public static double ReturnAverage(int value[], int AS, int MIN, int MAX){
int i, ti, tv, sum;
double av;
i = 0; ti = 0; tv = 0; sum = 0;
while (ti< AS && value[i] != -999) {
ti++;
if (value[i] >= MIN && value[i] <= MAX) {
tv++;
sum = sum + value[i];
}
i++;
}
if (tv> 0)
av = (double)sum/tv;
else
av = (double) -999;
return (av);
}

Control Flow Graph

Paths in a Control Flow Graph:
• A few paths in above flow graph.
– Path 1: 1-2-3(F)-10(T)-12-13
– Path 2: 1-2-3(F)-10(F)-11-13
– Path 3: 1-2-3(T)-4(T)-5-6(T)-7(T)-8-9-3(F)-10(T)-12-13
– Path 4: 1-2-3(T)-4(T)-5-6-7(T)-8-9-3(T)-4(T)-5-6(T)-7(T)-8-9-3(F)-10(T)-12- 13

Expected output:
Statement Coverage:
Inputs:
SCPath 1-2-3(F)-10(F)-11-13
1
SCPath 1-2-3(T)-4(T)-5-6(T)-7(T)-8-9-3(F)-10(T)-12-13
2
Output:
100% statement coverage is achieved.

Branch Coverage:
 Inputs:
BCPath 1 1-2-3(F)-10(F)-11-13
BCPath 2 1-2-3(T)-4(T)-5-6(T)-7(T)-8-9-3(F)-10(T)-12-13
BCPath 3 1-2-3(T)-4(F)-10(F)-11-13
BCPath 4 1-2-3(T)-4(T)-5-6(F)-9-3(F)-10(F)-11-13
BCPath 5 1-2-3(T)-4(T)-5-6(T)-7(F)-9-3(F)-10(F)-11-13

Output:
100% branch coverage is achieved

Path Coverage:
Inputs:

PCPath1 1-2-3(F)-10(F)-11-13
PCPath2 1-2-3(T)-4(T)-5-6(T)-7(T)-8-9-3(F)-10(T)-12-13
PCPath3 1-2-3(F)-10(F)-11-13
PCPath 4 1-2-3(T)-4(T)-5-6(T)-7(T)-8-9-3(F)-10(T)-12-13
PCPath 5 1-2-3(T)-4(F)-10(F)-11-13
PCPath 6 1-2-3(T)-4(T)-5-6(F)-9-3(F)-10(F)-11-13
PCPath 7 1-2-3(T)-4(T)-5-6(T)-7(F)-9-3(F)-10(F)-11-13

Output:
100% Path Coverage has been achieved

2.
AIM: “A Program written in “C” language for matrix multiplication fails” Introspect the causes
for its failure and write down the possible reasons for its failure

THEORY:
Validation Testing:
 It succeeds when the software functions in a manner that can be reasonably expected
by the customer.
 Reasonable expectations are defined in the SRS, the specification contains a section
called validation criteria, information contained in that section forms the basis for a
validation testing.

1)Validation Test Criteria: After each validation test case has been conducted, one or two
possible conditions exists.
1. The function or performance characteristic confirms to specification and is
accepted
2. A deviation from specification is uncovered and a deficiency list is created.
3. Deviation or error discovered at this stage in a project can rarely be correct prior to
scheduled delivery.

2)Configuration Review: The intent of review is to ensure that all elements of the s/w
configuration have been properly developed, are cataloged. Sometimes called audit.

3)Alpha testing: is conducted at the developer’s site by end-users.

 The s/w is used in a natural setting with the developer “looking over the shoulder”
of typical users and recording errors and usage problems
 Alpha tests conducted in a controlled environment

4)Beta testing: is conducted at the end-user site, unlike alpha testing, developer is
generally not present.
 Beta test is a “live” application of the software in an environment that can’t be
controlled by the developer.
 End-users records al the problems and reports to the developer at regular intervals
 As a result of problems reported during beta tests, s/w engineers make
modifications and then prepare for release of the s/w product.

System Testing:Its primary purpose is to test the complete software.

1)Recovery Testing:Many computer –based systems must recover from faults and resume
processing within a prespecified time.
 Recovery testing is a system test that forces the software to fail in a variety of ways
and verifies that recovery is properly performed
 If recovery automatic (performed by the system itself), reinitialization, checkpointing
mechanisms, data recovery and restart are evaluated for correctness
 If recovery is human intervention, the mean-time- to – repair(MTTR) is evaluated to
determine whether it is within acceptable limits.
 2)SecurityTesting: Security testing verifies that protection mechanism built into a system
infact protect it from improper penetration.

3)Stress Testing:Stress testing refers to a type of testing that is so harsh, it is expected to

push the program to failure. For example, we might flood a web application with data,
connections, and so on until it finally crashes. Buffer overflows are classic examples of
stress test results.

4)Performance Testing: Performance testing is designed to test the run-time performance

of software within the context of an integrated system.
 It occurs throughout all steps in the testing process, even at unit level also.
 Performance tests are often coupled with stress testing.

Program: Write the Matrix multiplication Program

OutPut:

Causes for failure:

.
.
.

Possible reasons for its failure:

…
.

Screenshots:
Missing function in line 40

Using undefined variable i

Week-2:

3.
AIM: “Take any system (e.g ATM system) and study its system specifications and report the
various bugs
THEORY:
Bug Def: Deviates from expected behavior is a bug.
Consequences: (how bugs may affect users)
These range from mild to catastrophic on a 10 point scale.
• Mild
• Aesthetic bug such as misspelled output or mal-aligned print-out.
• Moderate
• Outputs are misleading or redundant impacting performance.
• Annoying
• Systems behavior is dehumanizing for e.g. names are
truncated/modified arbitrarily, bills for $0.0 are sent.
• Till the bugs are fixed operators must use unnatural command
sequences to get proper response.
• Disturbing
• Legitimate transactions refused.
• For e.g. ATM machine may malfunction with ATM card / credit card.
• Serious
• Losing track of transactions & transaction events. Hence accountability
is lost.
• Very serious
• System does another transaction instead of requested e.g. Credit
another account, convert withdrawals to deposits.
• Extreme
• Frequent &Arbitrary - not sporadic & unusual.
• Intolerable
• Long term unrecoverable corruption of the Data base.
(not easily discovered and may lead to system down.)
• Catastrophic
• System fails and shuts down.
• Infectious
• Corrupts other systems, even when it may not fail.
Tools example:Bugzilla/Issue-Tracker/PR-Tracker etc, Jira,QC(Quality Center)

Bug Life Cycle:

Lifecycle of a Bugzilla Bug:

Sample example for bug report:

Here is a scanariocausea a bug. Let’s assume in your application under test you want to create a
new user with user information, for that you need to log into the application and navigate to
Users-> menu-> new user, then enter all the details in the user form like first name, last name,
age, address, phone etc. once you enter all these information, you need to click on “save” button
in order to save the user information. Now you can see a success message saying. “New User”
has been created successfully
But when you entered all information and pressed save button, the application is crashed and
you got one error page on screen (capture this error message window and save as a Microsoft
paint file). Now this a bug, that you report to developer your bug tracking tool.
BUG FORMAT:
Bug Name: Application crash on clicking the save button while creating a new user
Bug id:(it will be automatically created by the BUG tracking tool once you save this bug
Area path: USER Menu -> New Users
Build Number: Version number 5.0.1
Severity: High(High/medium/low) or 1
Priority: High(High/medium/low) or1
Assigned to: Developer X
Reported by: Your Name
Reported on: date
Reason: Defect
Status: New/open/active (depends on the tool you are using)
Environment: Window 2003/sql server 2005
Description:
Application crashes on clicking the save button which creating a new user, hence unable to
create a new user in the application.
Steps Reproduce:
1.Logon into the application
2.Navigate to the user menu-> new user
3. filled all the user information fields
4. clicked on “save” button
5. seen an error page “ORA1090 exception: insert values error…”
6. see the attaced logs for more information
7. and also see the attached screen shot of the error messages
Expected result: on clicking SAVE button, you should be prompted to a success message “New
user has been created successfully”
(Attach “application crash screen shots….)
Save the defect/bug in the bug tracking tool. You will get a bug id, which you can use for further
bug reference.
Default new bug mail will go to respective developer and the default module owner(team leader
or manager) for further action.
You can report bug details using tool as shown below
Ex: Bugzilla bug summary sheet
You can report bug details using Excel sheet as shown below

4.
AIM: “Write a Test Cases for any known Application (Ex: Banking system, ATM)
THEORY:
Software Testing Life Cycle:
The different stages in Software Test Life Cycle:

Each of these stages have a definite Entry and Exit criteria , Activities & Deliverables associated
with it.
Manual Testing:Testing when carried out without the help of any tool is called as Manual
testing. When user is required to carry out every activity related to testing manually, we say it is
a Manual testing process.
Steps for manual testing: -
1. Understand the functionality of application
2. Prepare the test plan
3. Write the test cases and execute on the aut.
4. Verify actual and expected results
5. Prepare the bug report
After recieving the modified build from the developer we will go for retesting and regression
testing. these process are repeated until the bug status is closed.

Examples:A simple example of testing would be a Login screen - we could test quite a few
scenarios. Enlisted below are a few: -
1) Checking if Both Username and Password are entered and not blank
2) Masking of Password is implemented
3) Verifying if screen navigates to next page incase valid Login credentials are provided.
4) Incase of invalid login, ensuring system does not navigate further but displays an error
message.
5) Checking the maximum possible length of login and password fields.

Automation Testing:
Using Automation tools to write and execute test cases is known as automation testing. No
manual intervention is required while executing an automated
test suite.
Testers write test scripts and test cases using the automation
tool and then group into test suites.
Benefits of Automation Testing
 Reduction of repetitive work.
 Repeatability
 Greater consistency
 Ease of access of information about tests or testing
Advantages:
 You would have tested software applications or web applications manually, so you
might be aware of the drawbacks of manual testing. Manual testing is time consuming,
tedious and requires heavy investment in human resources.
 Time constraints often make it impossible to manually test every feature thoroughly
before software application or web application is to be released. This leaves you
wondering whether serious defects have been detected or not.
 To address all these issues automation testing is done, you can create tests that check
all aspects of the software applications and then execute these test cases every time any
changes are made in software application.
Benefits of Automation Testing
 Fast: Runs tests significantly faster than human users.
 Repeatable: Testers can test how the website or software reacts after repeated
execution of the same operation.
 Reusable: Tests can be re-used on different versions of the software.
 Reliable: Tests perform precisely the same operation each time they are run
thereby eliminating human error.
 Comprehensive: Testers can build test suites of tests that covers every feature in
software software application.
 Programmable: Testers can program sophisticated tests that bring hidden
information.
Automation tools:
Following are the most popular test tools:
 HP UFT:HP Unified Functional Testing(now known as HP Functional Test) is the market
leader in Functional Testing Tool. The tool supports plethora of environments including
SAP,Java, Delphi amongst others. HP UFT can be used in conjunction with Quality
Center which is a comprehensive Test Management Tool. know is light tool which can
be recommended for web or client/server applications.
  Rational Robot:It’s is an IBM tool used to automate regression, functional and
configuration tests for client server, e-commerce as well as ERP applications. It can be
used with Rational Test Manager which aided in Test Management Activities
 Selenium:Its an open source Web Automation Tool. It supports all types of web
browsers. Despite being open source its actively developed and supported
Automation testing Process:
Simply record and play back
1. Learning
2. Recording
3. Edit script
4. Run
5. Analyze Results
Manual Testing Vs Automation Testing
Manual Testing Automation Testing
1. Time consuming and tedious: Since
1. Fast Automation runs test cases
test cases are executed by human
significantly faster than human resources.
resources so it is very slow and tedious.
2. Huge investment in human 2. Less investment in human resources:
resources: As test cases need to be Test cases are executed by using
executed manually so more testers are automation tool so less tester is required in
required in manual testing. automation testing.
3. Less reliable: Manual testing is less
3. More reliable: Automation tests perform
reliable as tests may not be performed
precisely same operation each time
with precision each time
4. Non-programmable: No programming 4. Programmable: Testers can program
can be done to write sophisticated tests sophisticated tests to bring out hidden
which fetch hidden information. information.
Test case definition: A test case is step by step instructions to test a specific requirement. Step
by step driving direction to check specific functionality.
 one test case can contain one or more steps based on the complexity of requirement.
 Simple and clear steps or driving directions to test the s/w functionality.
Test Scenario: A document specifying a sequence of actions for the execution of a test
Test Case: One or more input values, execution preconditions, steps for execution, expected
results and execution post-conditions, developed for a particular objective or test condition.
Test Data: Data that exists before a test is executed, and that affects or is affected by the
component or system under test.

How to create Effective test case:

 1. Create test case based on requirements:
 Business requirements are the input for test case. Define test conditions based on
detailed requirements
 Develop multiple cases to test individual business requirements when necessary.
2. Validate Test Case:
 Validate the test cases are defined correctly to test requirements and that cases
provide adequate coverage of requirements
 Review with business Functional expert
3. Target high risk functions:
 It is not always possible to test everything. cases should target high risk
functions first for more extensive testing.
4. Maintain Treaceability:
 Map test cases to requirements, components and scripts
 This ensure that the test documents are mainatainable
 Traceabilllity is very important when the requirements or test conditions change
and it becomes necessary to update the test scripts
5. Repeability:
 Manual scripts need to be detailed enough for everyone to follow cases
6. Manual and Automated:
 Test cases may be manual or automated
IEEE FORMAT FOR TEST CASE:
1. Test Case Id: Unique Name or ID.
2. Test Case Name: Name of the test condition
3. Features to Be Tested: Corresponding Module/ Function/ Service
4. Test Suite Id: In which batch, is this case is a member of
5. Priority: Importance of the test case in terms of functionality
P0: Basic Functionality
P1: General Functionality (Input Domain, Error Handling, Compatibility)
P2: Cosmetic Testing (User Interface)
6. Test Environment: Required Hardware and Software to execute this test case
7. Test Effort (Person/Hour): Time required to execute this test case (E.g. 20 minutes on
an average)
8. Test Duration: Date and Time (Scheduling)
9. Test Setup: Necessary tasks to do before starting this test case execution
10. Test Procedure: A step-by-step process to execute these test cases from base state to
end state
S. No. Action Input Required Expected Actuals Result Comments
Filled during test design stage filled during test execution
11. Test Case Pass/Fail Criteria: when this test case is pass and when this test case fails
Test Case General Template:

Test Case Document:

Test Cases in Excel Sheet

Test Case for ATM

TC 1 :- succesful card insertion.
TC 2 :- unsuccessful operation due to wrong angle card insertion.
TC 3:- unsuccesssful operation due to invalid account card.
TC 4:- successful entry of pin number.
TC 5:- unsuccessful operation due to wrong pin number entered 3 times.
TC 6:- successful selection of language.
TC 7:- successful selection of account type.
TC 8:- unsuccessful operation due to wrong account type selected w/r to that inserted card.
TC 9:- successful selection of withdrawl option.
TC 10:- successful selection of amount.
TC 11:- unsuccessful operation due to wrong denominations.
TC 12:- successful withdrawl operation.
TC 13:- unsuccessful withdrawl operation due to amount greater than possible balance.
TC 14:- unsucceful due to lack of amount in ATM.
TC 15:- un due to amount greater than the day limit.
TC 16:- un due to server down.
TC 17:- un due to click cancel after insert card.
TC 18:- un due to click cancel after insert card and pin no.
TC 19:- un due to click cancel after language selection,account type selection,withdrawl
selection, enter amount

Week 3 & 4:

5.
AIM: “Create a Test Plan document for any application(ex: library management system)
THEORY:
Def: Test Plan is a systematic approach to testing typically contain detailed information
of what the work load will be, it deals with detailed information about upcoming
testing efforts, scope of testing, testderiverables, staff and risk etc.
Template: A template is a file that serves as a strating point for a new document, when
we open a template, it is pre-formatted in some way
Document: A piece of written, printed or electronic matter that provides information
or evidence or that serves as an official record.

TEST PLAN IEEE FORMAT:

1. Test Plan ID: Unique No. or Id or Name of the test plan
2. Introduction: About the Project and testing
 3. Test Items: Names of Modules/ Functions/ Services/ Features
4. Features to Be Tested: Responsible Modules for the Test Design
5. Features Not to Be Tested: Which ones to test and which ones not to test (e.g. Features
of previous version of the Software)
6. Approach: List of testing techniques to be applied on the modules (prepared by
QA/PM)
7. Features Pass/Fail Criteria: When above features are pass and when they fail
8. Suspension Criteria: Possible abnormal situations arose during testing of above
features. Without recovering from these situations, you are not able to conduct testing.
(Technical problems with respect to project)
9. Test Environment: Required hardware and software including testing tools to conduct
testing
10. Test Deliverables: Required test documents to be prepared during testing (Test Cases,
Test Procedures, Test Log, Test Report)
11. Test Tasks: necessary tasks to do before starting of every project testing
12. Staff and Training Needs: The names of test engineers and required training sessions
13. Responsibilities: Work allocation in terms of test engineers Vs Modules
14. Schedule: Dates and Times
15. Risks and Mitigations: Analyze risks and possible solution to overcome them
16. Approvals: Signatures of Test Plan Author and PM/QA

A Sample Test Plan Document for Internet Banking Application:

1. Test Plan Id: IBS_ST_TP_001

2. Introduction:
 It is system Test Plan for internet Banking System, internet web application, provides
access to account holders and guest users from any where in the world.
 It has two interfaces one is Admin interface another is user interface.
 Admin can be accesses by Bank authorized users, user interface can be accessed by
Bank account holders and guest users.
 The purpose of the system(Application) is to provide bank information and services
online (through internet), Bank account holders can get banking services from
anywhere, without visiting the bank branches.
3. Test Items:
 Admin Interface:
 Master Data
 User Interface
 Information
 Personal Banking
 Corporate Banking
 Business
4. References:
 Requirments
 Project Plan
 Test Strategy
 Use cases (if available)
 High level Design Documents
 Low Level Design Documents
 Process Guide line document
 Prototypes
5. Features to be tested:
a) Admin Interface:
I) Master Data
1. Add new branch, edit branch/Delete branch
2. Add new ATM
3. Add new loan type
4. Add new account type
5. Add new deposit type
II) User Management
1. Create New user
2. Edit user
3. Delete user
Etc…
III) Reports
1. Branch wise report
2. User wise report
3. Day, month,yearly reports
4. Service wise report(only loans, only new account, fixed deposits)
b) User Interface:
I)Information
1. Branch locators
2. ATM locators
3. Loans information
5. Bank history
 6. Bank Financial details
7. Fixed deposits information
8. Calculators
Etc….
II)Personal Banking
Login
Balance enquiry
Bill payment (utilities, subscriptions0
Fund transfer (transfer to same bank, other banks)
Statement generation (mini statement, detailed report)
Etc….
IV) Corporate Banking
1. Add user, edit user, delete user
2. Balance enquiry
3. Money transfer
4. Payroll
5. Reports
Etc…
6. Features not to be tested:NA
7. Entry Criteria:
a) Test Design:
• Team formation, Responsibilities,schedule,requirements,test case template
• Training on domain, on automation tools
b) Test Execution
Readiness of test tab
Readiness of AUT
Requirements
Test case Documents
Test data
Defect Report Template
Etc….
8) Exit Criteria:
All possible test cases executed
Maximum defect fixed, final regression performed successfully
Confidence on test process
Time limitations
Budget limitations
9) Suspension criteria:
Show –stopper bug found
 Supplier issues
Vast changes in requirements
If resolving defects are more
10) Roles and Resposibilities:
S.NO NAME ROLE RESPONSIBILITIES REMARKS
1 T Mamatha Test Lead Test planning, guidance, Monitoring
and test control
2 A Ritvikasai Sr. Tester Test data collection, Generating test
scenarios
3 A vinay Tester Test case documentation,
testexecution, defect reporting and
tracking for admin module
4 Srinivas V Tester Test case documentation,
testexecution, defect reporting and
tracking for Personal banking module
5 Suneetha B Tester Test case documentation,
testexecution, defect reporting and
tracking for Corporate banking module

11) Schedule:
SNO TASK DAYS DURATION REMARKS
nd th
1 Understanding and Analyzing 5 2 july to 6 july
requirements
2 Review meeting 1 9thjuly
3 Generating Test scenarios 10 11thjuly to 22ndjuly
4 Reviews 02 25thjuly to 26thjuly
5 Test case Documentation 40 29thjuly to 12th august
6 Reviews 04 14th august to 18th august
7 Test data collection 6 20th august to 26th august
8 Reviews 1 28th august
9 Verifying Test Environment 1 29th august
Setup
10 Create Test Batches 02 30th 31st Aug
11 Sanity Testing 1 3rdseptember
12 Comprehensive testing 25 4thsep to 2nd October
13 Sanity Testing 1 3rd October
14 Selecting Test Cases 2 4th and 5th October
15 Regressing Testing 05 8th October to 12th October
 16 Sanity Testing 1 15th October
17 Selecting Test Cases 1 16th October
18 Regression Testing cycle -2 4 17th October to 22nd October
19 .
. .
. .
28 Final Regression 8 19th November to 28thnovember
29 Evaluating Exit Criteria 1 or 29th , 30thnov
2
30 Collecting all artifacts 2 3rd ,4th Dec
31 Test Summary Report 1 5th Dec
Note: Regression Testing depends on Application and strength of Development team.
12)Training:
 Training program on Banking Domain
 Test Automation Training Using HP UFT Tool
13) Risks and Miligations
 Team member’s issues
 Vendors issues
 Time
 Budget
14) Test Environment/ Lab:
Application Type: Web Application, Internet and public
Server Side:
 Windows 2003 server
 UNIX server
 MS Exchange server a) webserver b) EDP c) Data storage
 Bugzilla tool
 VSS
 MS Office
 HP UFT Tool etc
 Browser IE 7.0
Client side:
 Windows xp+sp2
 VSS
 Ms-Office
 HP UFT
AUT Environment:
 .NET(c#,VC++,ADO)
  IIS- web server
 COM+ - APP server
 SQL server 2005 for database server
15) Test Deliverables:
 Test Plan
 Review reports
 RTM
 Test Scenario docs
 Test Case Docs
 Test data
 Opened, closed defect report
 Test summary report
16) Approvals:
SN TASK/S AUTHOR/ RULE DATE & SIGNATURE
O
1 Test plan documentation Kareemulla (Test Lead)
2 Review Hari Prasad (Quality analyst)
3 Approval Vinod Rao (Project Manager)
17) Glossary
AUT- Application Under Test
PIN- Project initiation note
SRS- Software Requirement Specification

6.
AIM: Overview of any Test Management Tools (e.g. Test Director)
Introduction to TestLink
This is most widely used web based open source test management tool. It integrates both
requirements specification and Test specification together. User can create test projects and
document test cases using this tool. We can create account for multiple users/testers and
assign different user roles. Admin user can manage test cases assignment task.

It supports both manual and automated execution of Test cases. With this tool the testers
can generate Test Report and Test Plan Documents within a minute. It supports generation
of Test reports in MS Word, Excel and HTML formats.

TestLink also support integration with many popular Defect Tracking systems like Mantis,
BugZilla, Jira, Youtrack and TRAC. We can link a specific bug ticket with test cases. It also
support and maintain multiple Test projects. Since it is a web based tool, multiple users can
access its functionality at the same time with their credentials and assigned roles.
Benefits of TestLink
 Supports Multiple Projects.
 Easy Test Cases import or export.
  Easy to integrate with many defect management tools.
 Automated Test cases execution through XML-RPC.
 Easy to filter test cases with keywords, version and Testcase ID.
 Can provide credentials to multiple users and assign roles to them.
 Easy to assign test cases to multiple users.
 Easy to generate Test plan and Test reports in various formats.
TestLink Installation
Important Note: If you want to try your hand at TestLink demo before installing or using it
for your project, head to below demo page. All features are available in this online latest
demo version:
=>Go to TestLink Online Demo here.
Login name: admin
Password: admin

Pre-requisites:
1. Apache Web server
2. PHP
3. MySQL
Note: If you have System Admin assigned for your project you can ask sysadmin to install
this for your project and skip directly to “Creating a Test Project” step. (If you have time to
do these installations I will suggest try your hand at it. This will add to your experience. :) )
To install TestLink, You need to install Apache web server, PHP and MySQL server. If your
system or server already has Apache, PHP and MySQL installed then you can directly install
this tool as mentioned in “Installation of TestLink” section below.
Otherwise, follow below steps one by one to install Apache, PHP, and MySQL first.

Installation of Apache:
This section contains steps to be followed to install Apache web server.
Step – 1
Download Apache from here.
Step – 2
Extract the Zip file to C:/
Step- 3
Copy C:\Apache24\bin path and append this with path environment variable.
Step – 4
Open Command Prompt. (Run as administrator)
cd to C:/Apache24/bin and run the following commands one by one
httpd -k install
httpd -k start
Installation of PHP
This section contains steps to be followed to install PHP and configuring PHP with Apache.

Step – 1
Download php from this page (thread is safe).
Extract this to C:\php
Step – 2
Rename php.ini-development to php.ini
Step -3
Add C:\php\ to path environment variable.
Step -4
Edit php.ini and add/edit the following lines,
display_errors =On
log_erros = On
doc_root = C:/Apache24/htdocs
extension_dir = “C:/php/ext”
Step – 5
Edit httpd.conf and add/edit the following lines,
LoadModule php5_module “C:/php/php5apache2_4.dll”
AddType application/x-httpd-php .php .html .php4 .php5
At the end of httpd.conf file add,
PHPIniDir “C:/php”
Step – 6
Create a file named phpinfo.php inside C:/Apache24/htdocs & add the following line inside
the file.
<?php phpinfo();?>
Step – 7
Copy php-mysql.dll in C:/php/ext and put it inside C:/Windows/System32
Step – 8
Restart Apache.
Installation of MySQL
This section contains steps to be followed to install MySQL.

Step – 1
Download MySQL from this page and install it.
Step – 2
Create a Database named “testlink” in your MySQL server.
Step -3
In php.ini uncomment MySQL extension.
And set date time zone as “PRC”.
Installation of TestLink
This section contains steps to be followed to install TestLink in Apache web server.
Step – 1
Download TestLink from this page.
Step – 2
Extract the package, rename it to “testlink” and put it inside “C:/Apache24/htdocs”
Step – 3
Edit config.inc.php and edit the following lines,
$tlCfg->log_path = ‘C:/Apache24/htdocs/testlink/logs/’;
$tlCfg->config_check_warning_mode = ‘SILENT’;
$g_repositoryPath = ‘C:/Apache24/htdocs/testlink/upload_area’;
Save the changes, and open http://localhost:80/testlink from the browser.
Click “next” button until installation completed.
Step – 4
Now you can log in to TestLink By accessing http://localhost:80/testlink.
Username: admin
Password: admin
Creating a Test Project
Test Project is a project created for a specific product/project. It contains Test plans, Test
suites, Test cases and Builds. We can maintain multiple projects in TestLink.

This section clearly explains how to create a Test project:

Step-1: Creating a new Test Project requires “admin” rights. (So login with admin user)
Step-2: When logging for first time, it will directly navigate to Test project creation page.
Otherwise select “Test Project Management” link on main page and click on “Create” button.
Step-3: Test Project section will be opened. Click on “Create” button.
Step-4: Enter Test Project name, description and all the required fields and click on
“Create” button.
[Click to enlarge image]
------------

Test project should be created successfully.

Creating Test plan
Test plan document contains complete information like scope of testing, milestones, test
suites and test cases. Once you’ve created a Test Project, Next step is creating a Test plan.

This section clearly explains creating Test plan:

Step-1: Click on “Test Plan Management” link on the desktop page.
Step-2: Click on “Create” button on the test plan management page.
Step-3: Enter all the required details in the page.

Step-4: Click on “Create” button. It should be saved.

Build Creation
Build is a specific release of software.

This section clearly explains how to create a build:

Step-1: Click on “Builds/Releases” as shown in figure.
Step-2: Click on “create” button.
Step-3: Enter the details about the build as shown in below figure and click on “Create”
button.
Build should be created and saved.

Creating Testsuite
Testsuite is a collection of test cases that may be validating/testing same component. This
section clearly explains how to create a testsuite. Follow the below steps one by one to
create a Testsuite.

Step-1: Click on “Test specification” link on the Desktop. It should navigate to the Test
specification page of the Project.

Step-2: Click on the settings icon on the right side panel. It will display a series of Test
suite operations.
Step-3: Click on create button for the Test suite.

Step-4: Test suite specification page should be opened. Fill the details related to Test suite
and click “Create Test suite” button.
Test suite will be created and appear on the left side, folder tree structure.

Creating a Testcase
Testcase contains a sequence of test steps to test a specific scenario, with expected result.
This section explains how to create a testcase along with test steps. Follow the below steps
one by one to create Test cases.

Step-1: Click on the Test suite folder on the left side tree structure

Step-2: Click on the settings icon in the right side panel. List of Test case operations
will be displayed on the right side panel.

Step-3: Click on Test case “Create” button. It will open Test case specification page.
Step-4: Enter details in the Test case specification page.
Step-5: After entering the details, click on “Create” button. It will save the test case.
Step-6: Now click on the “Create steps” button in test case. It will show test case step
editor.
Step-7: Start adding the Test steps as shown in the picture.
Step-8: Click “Save” button to add further steps, or click “Save & exit” button to save step
and exit from the editor.
Finally, test case we just created will look like this: [Click to enlarge image]

Assigning Testcase to Test Plan:

To Execute a Test case, it should be assigned to a Test plan. This section describes how to
assign a testcase to a Test Plan. Follow the below mentioned steps to assign a test case to a
Test Plan.
Step-1: Click on the settings icon on the test case panel. It will display list of operations.
Step-2: Click on “Add to TestPlans” button.

Step-3: Click on the check box of test plan, to which you want to assign the test case. And
then click on “Add” button.

Test case will be successfully added to the Test Plan.

Week 5 to 10:
7. Study of any Functional and Regression Testing Tools((ex:UFT,QTP):

i)Aim: Study of Functional tool :SoapUI

Theory:

 SOAP UI is the leading open source cross-platform API Testing tool

 SOAPUI allows testers to execute automated functional, regression, compliance, and load tests on different
Web API.
 SOAPUI supports all the standard protocols and technologies to test all kinds of API's.
 SOAPUI interface is simple that enables both technical and non-technical users to use seamlessly .

Why use SOAPUI?

SOAPUI is not just a functional Api Testing tool but also lets us perform non-functional testing such as
performance and security test.

Let us discuss the 5 important features of SOAPUI

1) Functional Testing

 A powerful tool allows testers to write Functional API Tests in SoapUI

 Supports Drag-Drop feature which accelerates the script development
 Supports debugging of tests and allows testers to develop data driven tests.
 Supports Multiple Environments - Easy to switch between QA, Dev and Prod Environments
 Allows advanced scripting (tester can develop their custom code depending on the Scenario)

Task1: SoapUI: How to create Test Suite & Test Case:

Create a Project
Step 1: Now, depending upon the project, we need to import SOAP/REST protocol. We will create a
new SOAP Project.

Step 2: We will make use following SOAP request http://www.dneonline.com/calculator.asmx?wsdl

1. Enter the Project Name

2. Enter the path of the WSDL request. In this case http://www.dneonline.com/calculator.asmx?
wsdl
3. Click OK
Note:

 Create sample request for all operations? It creates a sample request for all the available
operations in the given WSDL. As soon as you enter the WSDL address, this option is checked
automatically. You may uncheck it.
 Create, a Test Suite for the imported WSDL: Creates a test suite within the project for the
imported WSDL.
 Relative Paths: It enables the user to save all the files relative to the project file.

Step 3: Upon creating the SOAP project with the above-said WSDL, we will be able to see that there
are two operations that will be imported into the project.
Step 4)

Expand the first request and right-click on the 'Add.' Then click on 'New Request'.

Then Click on 'OK'. It will display the SOAP request in the XML format

1. Enter the 'intA' and 'intB'

2. Click on the submit button
3. Response XML will be displayed right side pane.
You may wonder why create Test Cases? When you can directly test Webservice here…

Well, you can send a request for one operation. What about others? How many combinations of
inputs for Additions can you do using this operation? You have to edit the request for each and
every combination.

For example: If you want to add from 4 and 4 instead of 5 and 5… You need to edit the operation
again. So, one has to create a test suite/cases to have all possible scenarios tested without having to
directly edit the operation itself.

Creating Test Suite

Step 1: Within the project, testers can create a test suite by performing a right-click on the root of the
project.
Step 2: We need to enter the name of the test suite and press OK.

Step 3: The created test suite is displayed the navigator pane as shown below.
Step 4: The test Suite window opens in the Right Pane. As we have just created there are NO test
cases. Hence all options are disabled.
Creating Test Case

Step 1: Within a test suite, we can create multiple tests by performing right click on the 'test suite'
and choosing 'New TestCase'.
Step 2: Specify the name of the Test Case and click 'OK'.

Step 3: The created test case has zero steps.

Step 4: We can insert a variety of test steps by performing a right-click on test steps and selecting an
appropriate test step as shown below. So, if you were to test a REST Webservice, you would select the
REST Test Request.
Test Step Insert

Now let us add a test step to validate the imported SOAP request.

Step 1: Add a new step 'SOAP Request' as shown below.

Step 2: Enter the step name and click OK.

Step 3: Upon clicking 'OK', a dialog pops up to select the operation to invoke. All the operations are
listed, and user can select the operation that they would like to invoke.

 There are many operations that will be listed. The Operations are the same except the SOAP
version used.

CalculatorSoap – uses SOAP version 1.1 whereas,

CalculatorSoap12 – uses SOAP version 1.2

 The Version does not matter for us in this context. Hence you can select the one of your
choice.
  Upon Selecting the operation, click 'Ok'

Step 4: While adding a test case, we can add standard assertions. Assertions also called as
checkpoints/validation points which we will be dealing in detail in the next tutorial.

We can add following checkpoints/assertions while creating test case. Let us create a test case with
the option which means creating test step WITHOUT any of the below validation points

1. Verifies if the response message is SOAP, upon executing the test.

2. Verifies if the response schema is valid.
3. Verifies if the SOAP response contains FAULT.

Step 5: Upon creating the test case, the request XML is shown below. The structure of the XML is
explained within the below snapshot.

Step 6: The test step count is now incremented to one as we have just added one test step. Similarly,
upon adding load and security tests step, the corresponding number would be automatically
incremented based on the number of steps added.
Send Request Manually & Reading Response

Step 1: We would like to add two Integer Number.

 intA - 5
 intB - 5

Next,

1. We need to enter these inputs in place of the question mark which will be sent as request XML.
2. After inputting those values into the corresponding XML tags, click 'submit request' button to
check the response.
Step 2: Upon submitting a request the web service request is processed by the webserver and sends
back a response as shown below.

By reading the response, we are able to conclude 5 plus 5 is 10.

ii)AIM: Study of Functional and Regression Testing Tool - HPUFT 12.01

THEORY:
 HP Unified Functional Testing, popularly know by its acronym HP UFT is the
flagship functional automation testing toolfrom Mercury Interactive now acquired by HP.
 It is an icon based tool, which automates the functional & regression testing of an
application
 HP UFT is easier to use and implement for both technical &non technical testers in
comparison to other functional testing tools available.
 HP UFT's Scripting Language is VB Script which is easy to use, understand and program
 HP Unified Functional Testing enables Business Process Testing (BPT)
  Supports large pool of software development environments like SAP, Web, Oracle etc.
 The trainings have been recorded using HP UFT version 9.5 but you may use any higher
or lower versions for your learning purposes
 For All Hands On in these trainings, we will be using “Flight Reservation” Application
which comes bundled with HP UFT
 Uses “Active Screen “Technology to record script which aids the tester in reffering to the
screens object properties.
 Library files contain VBScript functions and subroutines that can be added to the test.

How to Launch HP UFT and Tool Bar and Menu bar in HP UFT:
 To launch HP UFT, In Start Menu, Choose Programs >HP Unified Functional
TestingFolder >HP Unified Functional Testing
 The first time you start HP UFT, the Add-in Manager dialog box opens. It Displays list of
all installed add-in along with license expiry date.
 It is recommended you select only the add-ins required for your particular testing
session. Because at times, different add-in interferes with each other degrading object
identification and HP UFT's performance. HP UFT will remember the add-ins you load so
that the next time you open HP UFT the add-ins you selected in the previous session are
selected by default. Also, if you do not want this dialog box to open the next time you
start HP UFT clear the Show on startup check box. Click OK.
 The Start Page describes the new features in this release—including links to more
information about these features.It also provides links to Process Guidance, a tool that
offers best practices for working with HP UFT.You can open a document from the list of
Recently Used Files,or you can click the buttons in the Welcome! area to open new or
existing documents.If you do not want HP UFT to display the Start Page when you next
open HP UFT ,select the "Don’t show the Start Page window on startup" check box.When
you select this option, the Start Page is also automatically hidden for the current HP UFT
session as soon as you open another HP UFT document.
 To display the Start Page again, select View > Start.
 Title Bar Displays the name of the active document. If changes have been made since it
was last saved, an asterisk (*) is displayed next to the document name in the title bar.
 Menu Bar Displays menus of HP UFT commands.
 Toolbars Contains buttons to assist you in managing your document
 Document Tabs Enables you to navigate open documents
 Keyword View Displays test steps in a graphical representation
 Expert View Displays test steps as a VB Script line.
 Active Screen Provides a snapshot of your application as it appeared when you
performed a certain step during the recording session.
 Data Table Assists you to parametrize your test.
  Test Flow Displays the hierarchy of actions and action calls in the current test, and
shows the order in which they are run.

Objects Identification in HP UFT:

 HP UFT also uses a "human" like technology for object identification
 During Record Time HP UFT tries to learn properties of a GUI object on which operation
is performed.
 During Run-Time HP UFT compares the stored object properties with actual properties
of object available on screen and uniquely identifies an object independent of its
location on screen
 The stored object and together with its properties is called TEST Object
 During Run-Time, the actual object available on the application under test is called Run-
Time Object
 This is Quick Tests "Test Object Model"
 Information about the Test Objects is stored in Object Repository
 Add-ins help in instructing Quick Test in advance of the nature of object to be
recorded so it as to reduce the time required to learn its properties

Understanding Expert View:

 In the Expert View, each line represents a Test Step in VB Script
 An Object's Name is displayed in parentheses following the Object Type.Herethe Object
Name is Login and Object Type is Dialog
 Objects in Object Hierarchy are separated by a "dot”. Here Dialog and WinEdit are fall
in the same Object Hierarchy
 Just to put things in perspective, Object Hierarchy is Object Oriented Concept where set
of objects that are grouped together in a parent-child relationship. In our case Dialog Box
is the Parent Object and WinEdit is the Child Object
 The Operation performed on the object is always displayed at the end of the
statement followed by any values associated with the operation. Here the word
"Mercury" is inserted in the AgentName Edit Box using the Set Method
 Syntax for a statement in expert view is GUI object on which the operation is performed
along with its complete hierarchy followed by the Operation on the Object and value
associated with that Operation
ParentObject(Name).ChildObject1(Name)….ChildObjectN(Name).Operation”Value”

Keyword view Vs Expert View:

 The Keyword View is comprised of a table-like view where
 Each step is a separate row in the table and
 Each column represents different parts of the steps.
  Item Column contains the item on which you want to perform the step. This column
uses icons displays the hierarchy of the GUI object on which operation is performed
 Operation Column contains the operation to be performed on the item.
 Value Column contains the argument values for the selected operation,
 HP UFT automatically documents each step for easy understanding in
the Documentation Column
 These 4 columns are default but you can also use assignment & comment columns in
Keyword View
 You will observe that the same object hierarchy is displayed in both Expert & Keyword
Views and they map to the same operation and argument value.
 Essentially, Keyword & Expert view contain the same data but arranged in different
format.

Program 7.1
AIM: Demonstrate the working of Recording Modes in HP UFT.
1. Normal Recording Mode or Context Recording Mode:
Steps:
1. Click on Record button
2. Record and Run Setting dialog box opens, as shown below
 Select 2nd option and Click on + button
Application Details dialog box opens

Click on OK button
3. click on Apply button and click on ok button
4. Then Login window appears, as shown below
 Give Agent name as: mercury, Password as: mercury and Click on OK button
4. Flight Reservation dialog box opens, as shown below

5. Close the flight reservation

6. In HP UFT, STOP recording. You get the script like below

7. Run the script

Results:
2. Analog Recording mode: For Paint
Steps:
1.To open paint
select ->start ->programs -> Accessories -> paint
2. In HP UFT, Click on Record button
3. Record and Run Setting dialog box opens, as shown below

Select window application, select 1st option, Click on ok button

4. In HP UFT, select -> Record -> analog recording mode

5. Then Analog Recording Setting dialog box opens
 Select 2nd option and Click on Hand icon
6. Cursor changed to hand icon, so click on untiled paint blue shaded area as shown below

8. click on Start analog record, in analog record setting dialog box

9. In untitled paint, sign your signature and select file -> exit
10. In HP UFT, stop recording. Then you get the script as below
Window("Paint").RunAnalog "Track1"
11. Run the script, analyze the execution and difference between normal recording moto
analog recording mode
Results:

Analog Recording Mode: For Window Application

Steps:
1. Open Flight Reservation window as below
Start -> Programs ->HP Unified Functional Testing -> Sample Application -> Flight
2. Login dialog box opens as shown below
 Give Agent name as: mercury, Password as: mercury, Click on OK button
3. Flight Reservation dialog box opens, as shown below

4. In Flight Reservation Select File -> Open Order

5. Open Order dialog box opens, as shown below

Click on Order No, Give order No :1, Click ok button

6. Then order no is opened, as shown below
7. select File -> Fax Order as shown below

8. In HP UFT, click on Record button

9. Record and Run Setting dialog box opens, as shown below

Select window application, Select 1st option, Click on ok button

8. select ->Record -> analog recording mode

 Analog Recording Setting dialog box opens as shown below

10. select the 2nd option (i.e Record Relative to the following window)
11. click on hand icon
12. cursor changed to hand icon, then click on Fax order:1 blue shaded area, as shown
below

13. click on Start analog record on AnalogRecording Setting dialog box

14. and sign your signature on Agent signature area in Fax order No :1 dialog box, as shown
below
19. In HP UFT, stop Recording and you get the script like below
Window("Flight Reservation").Window("Fax Order No. 1").RunAnalog "Track1"
20. Run the script, analyze the execution and difference between normal recording mode to
analog recording mode
Results:

Analog Recording mode: For Multiple window

Steps:
1. First open Paint and Fax order window as below steps
2. To open paint
select ->start ->programs -> Accessories -> paint
3. Open Flight Reservation window as below
Start -> Programs ->HP Unified Functional Testing -> Sample Application -> Flight
4. Login dialog box opens
 Give Agent name as: mercury, Password as: mercury, Click on OK button
5. Flight Reservation dialog box opens, as shown below
6. In Flight Reservation Select File -> Open Order
5. Open Order dialog box opens
Click on Order No, give order No :1, Click ok button
15. then order no is opened, as shown below
16. select File -> Fax Order as shown below

17. In HP UFT, Click on Record button

18. Record and Run Setting dialog box opens, as shown below

Select window application, Select 1st option, Click on ok button

19. In HP UFT, select ->Record -> analog recording mode
6. Then Analog Recording Setting dialog box opens
20. In HP UFT, Click on Record button
21. Record and Run Setting dialog box opens, as shown below
 Select 1st option (i.e Record Relative to the screen) Click on Start Analog Record
6. And sign your signatures on Fax order:1 and paint as shown below

7. In HP UFT, Stop Recording

8. Run the script
 Results:

3. Low Level Recording Mode:

Steps:
1. Open Flight Reservation window as below
Start -> Programs ->HP Unified Functional Testing -> Sample Application -> Flight
2. Login dialog box opens as shown below

Give Agent name as: mercury or Your name or Your rollno, Password as: mercury, Click on OK
3. Flight Reservation dialog box opens, as shown below

4. In HP UFT, Click on Record button

 5. Record and Run Setting dialog box opens, as shown below

Select 1st option Click on Ok buttion

6. In HP UFT, select ->Record -> Low Level recording mode
7. Then in flight Reservation dialog box,Select file -> open order

8. Open Order dialog box opens, as shown below

Click on Order No, give order No: 1, Click on OK button

8. In HP UFT stop recording, you get script like this
Window("Flight Reservation").Window("Open Order").WinObject("Order No.").Click 6,9
Window("Flight Reservation").Window("Open Order").WinObject("1").Type "1"
Window("Flight Reservation").Window("Open Order").WinObject("OK").Click 30,11
9. stop recording
Results:

3. Insight Recording Mode

Steps:
10. In HP UFT, Click on Record button
11. Record and Run Setting dialog box opens, as shown below

Select 1st option Click on Ok buttion

12. In HP UFT, select ->Record -> Insight recording mode
13. Open Flight Reservation window as below
Start -> Programs ->HP Unified Functional Testing -> Sample Application -> Flight GUI
 14. Login dialog box opens as shown below

Give Agent name as: mercury or Your name or Your rollno, Password as: mercury, Click on OK
15. Flight Reservation dialog box opens, as shown below

16. Then in flight Reservation dialog box,Select file -> open order

8. Open Order dialog box opens, as shown below

 Click on Order No, Give order No : 1, Click on OK button
17. In HP UFT stop recording, you get script like this

18. stop recording

Results:
Program No.: 7.2
AIM: Performing operations on Actions:
 Creating Actions
 Splliting Actions
 Renaming Actions
 Deleting Actions
 Call to copy an action
 Calling an existing action
 Making an action Reusable and Non –Reusable

To perform the above operation, we are considering a sample example as below.

THEORY:
Action: A set of statements for performing a task or tasks
 Actions help to divide your test into logical units or Business processes
 Actions help to create a script which is more modular and efficient
 An action consists of its own test script
 When a script is newly created it consists of only one action
 Action consists of one or more actions
We divide our test into actions to streamline the process of testing.
Types of Actions:
1. Reusable actions:
 Can be used in other tests
 Can be used in same test, multiple times
2. Non –reusable actions:
 Cannt be used in other tests
 Can be called in same test, only once.
Two methods to import actions:
 Call to copy of an action:When you make a copy of an action, the action is
copied entirely, including checkpoints, parameterization and the corresponding
action tab in the data table into the calling test
 When you insert a copy of an existing action, you can make changes to the
copied action, and your changes will not affect nor be affected by any other
test
 Can insert copies of both reusable and non-reusable actions
 Call to an existing action: calls to actions are read only in the calling test. they
can only be modified in the test in which they were created
 Enables you to use the same action in several tests and makes it easy to
maintain tests
 Can make calls to only “reusable “actions
Steps:
1. Open New Test  GUI Test.
2. Goto Action1 from the flow chart.
3. Record Logging into Flight GUI

4. Right Click on Action1  Action Properties. There give name(login) to the action and
deselect “Resuable” checkbox to make it non reuseable

5. Now Design  Call to New Action. Give it a name (logout) and let it be reuseable and
insert at the end of the test.
6. Now record the logout.

7. Save the test and open new test.

8. Now before recording keep Flight GUI open and ready and only record opening an
order.

9. Now go to the flowgraph. Right click on Action1 and give name open and make it non –
reuseable.

10. Go to design  Call to Copy Action (since non resueable) and import Login action from
the previous test and insert action at the end of the test.
 11. Go to design  Call to Existing Action (since reuseable) and import Logout action from
previous test and insert action at the end of the test.
12. Now put the actions in proper order of Login  Open Order  Logout and Run the
Script.

13. Now we parameterize the open order action by going to the keyword view. (add to
local data sheet)
14. Now if we run the script, it will iterate only once, because Open Order, is a non
reuseable action.
15. To iterate through all rows of the data sheet, right click on Open Action  Action Call
Properties and select “Iterate through all rows”
16. Now it will iterate all the rows after logging in and then logout. Run the script and see
the results.
Result:
Program: 7.3
AIM: Parameterization of tests

TEST SCENARIO TEST STEPS TEST DATA

1.Inputting a
combination of valid
alphanumeric agent
name and password.
1. Open flight reservation Agent Name: mercury
application Password: mercury
2. enter valid Agent name
3. enter valid password Agent Name: mercury123
4. press ok Password: Mercury
5. close application after
succesffull. Agent Name:1234
Password: MERCURY

THEORY:
When you test your applications, you may want to check how theapplication performs the
same operations with multiple sets of data.
Parameterization is:
 For Checkpints
 In object repository
 In action steps
Why Parameterization:
 Parameterization allows us to pick different values at run time
 Reduces time and effort
 Usage of data drivers allow us to use the same data for various input boxes.

Data Table: Integrated spread sheet (EXCEL), used for Data Driven Testing .
Data Driven Testing: Testing the same task with multiple sets of test data. Data can be
imported to the data table from external files (flat files, excel sheets etc) and data bases (MS-
Access, SQL server, oracle etc)

Two types of Sheets in Data Table:

Global Data Sheet:
 used for entire test i.e used for all actions in the test.
 Sheet is named as “GLOBAL”
 Any action can access and write data into global sheet.
 Similar like global variables in languages like c
 Local or Action Data sheet:
 For specific action only.
 Sheet is named as “ACTION NAME”
 An action can read and write data into its own local data sheet only
 Similar like local variables in languages like c
Steps:
1. Click on Record buttion
2. Start-> programs->HP UFT -> sample application-> flight reservation
3. Enter Agent name: mercury
Password: mercury
Click –ok button
4. Flight Reservation Window open, then close the window
5. In HP UFT- stop Recording
6. Goto keyword view

And parameterize the argument mercury. On clicking on Parameterization icon <<.>>

7. Then you get the Value configuration option dialog box appear.

8. Click on parameter
Name: AgentName
 Click ok
9. Then in Data table you get AgentNamecoloumn, like this

10. Like that you parameterize for password also.

11. Run the script
12. Analyze the results.
Result:

Program: 7.4
AIM: Checkpoints
THEORY:
Checkpoint Definition: A confirmation or verification point in which the value of some
property which is expected at a particular step is compared with the actual value which is
displayed in the application
Types of checkpoints:
The expected value can be any property of an image or web page or table with values
displayed in application, portion of text or text displayed in a specific region
Dynamic value displayed in application from database, bitmap of image displayed or dynamic
text displayed from XML
Based on expected value, checkpoints are classified as
1. Standard checkpoint
2. Page checkpoint
3. Text/Text area checkpoint
4. Image checkpoint
5. Data Base checkpoint
6. XML checkpoint
7. Bitmap checkpoint
8. Table checkpoint
9. Accessibility checkpoint
Page checkpoints:
Standard checkpoint created for a web page is called page checkpoint
 It is used to check total no. of links and images on a web page
 Ex: suppose in your web page, you have six links andis used to check
total no. of links and images on a web page
 Ex: suppose in your web page, you have six links and 4 images
HP UFT results will give you
No of links=6
No of images=4
 Page checkpoints can also be used to check load time, i.e time taken
to load a web page
 Also checks HTML source tags and broken lines
 Very useful for Regression Testing
Steps:
1. Click on Record
2. You get Record and Run Setting dialog box appear.
  select web application
 select 2nd option
 Give URL: www.google.com
 Open in: Internet explorer or firefox
 click ok
3. Then Google site appears
4. In HP UFTselectDesign -> checkpoint -> standard checkpoint
5. Then cursor changed to hand icon, so click on google page as below

6. In HP UFT you get, checkpoint properties dialog box open.

Click on page: google

7. Page checkpoint properties dialog boxopens

 8. Click on ok
9. Run the script and analyze the results
Results:

Bit mapCheckpoint:
A bitmap checkpoint help a user in checking the bitmap of an image or a full web page
 During recording, you can insert a bitmap checkpoint, HP UFT will store it as expected
value
 During Run time, HP UFT will compare the actual bitmap with the expected bitmap and
give the appropriate results
Steps:
1. Open the flight reservation window
2. Click on record
3. design -> checkpoint -> bitmap checkpoint. cursor changed to hand icon so click on
flight reservation window image
4.then object selection: bitmap checkpoint properties dialog box opens

Click ok
7. bitmap checkpoint properties dialog box opens as shown below
 8. In HP UFT, stop recording
Results:

Bitmap checkpoint for fail

Steps:
4. Open the flight reservation window

5. Click on record
  Select 1st option
 Click ok
6. design -> checkpoint -> bitmap checkpoint
7. cursor changed to hand icon so click on flight reservation window image
4. then object selection: bitmap checkpoint properties dialog box opens

Click ok
7. bitmap checkpoint properties dialog box opens as shown below
 8. In HP UFT, stop recording
Text checkpoint for web application:
 Used to check expected text in a web page or application
 At run time, HP UFT verifies expected value with an actual value
EX: Open any site, select any text that you want to test.
Steps:
1. Before recording, open any site like google, give any query like HP UFT
1. Click on Record
2. You get Record and Run Setting dialog box appear.

 select web application

 select 1st option
 click ok
3. In HP UFT select
Design -> checkpoint -> Text Checkpoint
4. Cursor changed to hand icon, place cursor where you want to select the text
5. ThenObjectSelection-Text checkpoint properties dialog box opens
 6. Text checkpoint properties dialog box opens

 On summary you get the selected text, so

 Click on Configure buttion
 Select checked text so your selected text is hightlighted
 Click on Match case
 Click on ok
7.In HP UFT stop recording
8. Run the script
Results:

Text checkpoint for window application:

checks that a text string is displayed in the appropriate place on a Web page or application
Steps:
1. Before recording open flight reservation and open an order as shown below

2. click on Record button

3. Record and Run Setting Dialog box open

 Select window applicaion

 1st option
 Click ok
4. design -> checkpoint -> text checkpoint
Cursor changed to hand icon, place where you want to test. Click on Name box
5.Object Selection-Text checkpoint properties dialog box opens

Click ok
6. Text checkpoint properties dialog box opens

• Constant – mamatha
• Select match case
• Click ok
7. In HP UFT, you get script like this
Window("Flight Reservation").WinEdit("Name:").Check CheckPoint("Name:")
8. stop recording
9. Run the script
Result:
DataBase Checkpoint:
 A query is created during record time
 Query can be created by data base query wizard.
 During record time, query is created and send to data base and stored as
expected.

Select * from table where

agentname= ”mercury”

Data Base Off-no Emp-no Cons.

emp
4 20 5

Stored as Expected Value

Total No of offices =4
Total no of employe =20
Total no of contract emp=5

 During run time, same query is send to data base and data base value are fetched and
compared with expected

Select * from table where

company= ”.*”
 Data Base Off-no Emp-no Cons.
emp
4 20 3

Actual Value
Total No of offices =4
Total no of employe =20
Total no of contract emp=55 != 3 SO CHECK POINT FAILS

EXAMPLE: Updating order by changing customer_name from paul to mamtha

Steps:
1. Click on Record
2. You get Record and Run Setting dialog box appear.

 select window application

 select 2nd option
 click ok
3. Login dialog box appears
Agent Name: mercury
Password: mercury
Click on ok
4. Then Flight Reservation window opens,then insert new order, and minimize the dialog
box.

5. In HP UFT, select Design -> checkpoint -> database checkpoint

6. Data Base Query wizard dialog box opens as shown below

Choose specify SQL statement manually Click on Next

7. Data base query wizard dialog box opens

• Click on CREATE buttion

• Select machine data source
• Select QT_flight _32
• Click on OK
8. Specify the SQL Statement
Select customer_name from orders
Click on finish buttion

9. Data base checkpoint properties dialog box opens

 Drag down and hight light on paul
 On constant: paul highlight
 Click ok
10. In HP UFT, you get the script
DbTable(“DbTable_2”).checkpoint(“DbTable_2”)
Highlight the Dbtable_2,and right click on it, select action properties and highlight on
changed name
 11. Open flight reservation
On NAME: Mamatha, change the name as u desire
Click on Update Order
12. Run the script
Result:

Dabase Checkpoint (fail):

Steps:
1. In HP UFT, select
Design -> checkpoint -> database checkpoint
2. Data Base Query wizard dialog box opens as shown below
 Choose specify SQL statement manually, Click on Next
3. Data base query wizard dialog box opens

• Click on CREATE buttion

• Select machine data source
• Select QT_flight _32
• Click on OK
4. Specify the SQL Statement “Select * from orders”, Click on finish buttion
5. Data base checkpoint properties dialog box opens

Change any of the fields in database, ex: change mamatha as mamta

 6. In HP UFT, you get the script DbTable(“DbTable_2”).checkpoint(“DbTable_2”)
7. Run the script

Image Checkpoint checks the value of an image in your application or Web page.
For example, you can check that a selected image’s source file is correct.
1. Befor recording, open flightreservation and open an order as shown below.

2. click on Record button

3. Record and Run Setting Dialog box open

 Select window applicaion

 1st option
 Click ok
4. design -> checkpoint -> standard checkpoint. Cursor changed to hand icon, place where you
want to test. Click on Image.
5.Object Selection-Text checkpoint properties dialog box opens. Click on ok
6. then checkpoint properties dialog box opens as shown below

• Hight light the enabled true value

• On Constant: false
• Click ok
7. In HP UFT, you get the script like below
Window("Flight Reservation").Static("Static").Check CheckPoint("Static")
8. stop recording
8. Run the script
Results:
Standard Checkpoint:
 checks the property value of an object in your application or Web page.
 The standard checkpoint checks a variety of objects such as buttons, radio buttons,
combo boxes, lists, and so forth.
 For example, you can check that a radio button is activated after it is selected or you can
check the value of an edit box.
For example:

Steps:
13. 1. Click on Record buttion
14. Start-> programs->HP UFT -> sample application-> flight reservation
15. Enter Agent name:mercury
Password: mercury
Click –ok button
16. Flight Reservation Window open, then close the window
17. In HP UFT- stop Recording
18. Goto keyword view
And parameterize the argument mercury. On clicking on Parameterization icon <<.>>
19. Then you get the Value configuration option dialog box appear.

20. Click on parameter, Name: AgentName, Click ok

21. Then in Data table you get AgentNamecoloumn, like this
22. Like that you parameterize for password also.
23. After doing all you will see like below

24. On 5th line, rightclick on it then select standard checkpoint.Click on after the current step
25. In HP UFT, you get the script like below

26. Run the script

27. You get the run time error
28. Bcause, when your checking properties of an object, then it should available to HP
UFTto recognize
29. To run the script properly, exchange line 5 with 6 as below
 30. Rerun the script
31. Analyze the result
Results:

XML checkpoint:
Steps:
1. In NotePad write any sample script .
Ex: Employees Biodata
<EmployeesBiodata>
<empid>1234</empid>
<empname>mamatha</empname>
<empdesignation>Asstprof</empdesignation>
</employeesBiodata>
2. save as employee.xml In desktop
3. In HP UFT,
Select design -> checkpoint -> XML Checkpoint
4. Then you get XML source selection dialog box opens

5. On create checkpoint from XML file, click on browse button, and select xml file

6. Left side expand the tag, do modification on any of the field, like shown below
8. click ok
7. Run the script
Results:

Click on View XML checkpoint result, then XML checkpoint Result window displays
Accessibility Checkpoint:
Steps:
1. In HP UFT, go to Select tools -> options

2. On left side in web select Advanced

3. enable any property you need eg: Alt property

4. In HP UFT, click on Record button
5. Run and Record Setting Dialog box opens
  select 2nd option
 Give URL as www.W3.org
 Click on apply
 Click ok
6. Then W3C.org will launched
7. In HP UFT, design -> checkpoint -> Accessibility checkpoint
8. then cursor changed to hand icon, so click on w3.org page
9. Accessibility checkpoint properties dialog box opens, click ok on it as shown below

10. In HP UFT, you get the script.

11. Stop recording
12. Run the script
Results:
Pogram No.: 7.5
Transactions:
AIM: To Note time taken to login into the filght Reservation
THEORY:
 You can measure how long it takes to run a section of your test by defining
transactions
 You define transactions within your test by enclosing the appropriate sections of the
test with start and end transaction statements.
 Transactions can be inserted anywhere in the script
 There is no limit to the number of transactions that can be added to a test
 You can also insert a transaction within a transaction
Steps:
10. Click on Record
11. You get Record and Run Setting dialog box appear.

 select window application

 select 2nd option
 click ok
12. Login dialog box appears
Agent Name: mercury
Password: mercury
Click on ok

13. Then Flight Reservation window opens, then close the window
 14. Stop recording
15. In HP UFT select the appropriate statement where you want to start transaction.
In our example, place cursor in 1st line
16. And select Insert -> start transaction
17. Start transaction dialog box opens

18. Give suitable name Name: Login Time, Click ok

Then start transaction statement added to your script
19. select a line where you want end your transaction. In our example, keep cursor in 7 th
line or after window(“Flight Reservation”) .close statement
20. and select insert -> end transaction
21. end transaction dialog box opens

Click ok
22. End transaction statement is added to your script like below
Services.EndTransaction “LoginTime”
23. Run the script and Analyze the results
Results:
Program:7.6
AIM: Synchronization Point
THEORY:
Synchronization Point:
• It is required to match execution speed of HP UFT with the loading/responding speed of
application. Otherwise the test execution may fail at unexpected ways.
• If you do not want QuickTest to execute a step or checkpoint until particular object in
your application appears, you should insert a synchronization point to instruct QuickTest
to pause the test until the object appears (or until a specified timeout is exceeded).
• You can add synchronization point from menu (Insert > Synchronization Point) after
start recording the test.
• And, we can use Exist or Waitproperty statement for providing synchronization
Wait() Property:
Steps:
1. Click on Record
2. You get Record and Run Setting dialog box appear.

 select window application

 select 2nd option
 click ok
3. Login dialog box appears
Agent Name: mercury
Password: mercury
Click on ok

4. Then Flight Reservation window opens, then close the window

5. stop recording
22. In HP UFT, in second line give as wait (30)
6. Analyze or observe the execution

Results:
Week 11 & 12:
8.
AIM:Study of any Bug Tracking Tool (EX: By using Bugzilla, report a bug Details. )
THEORY:
What is Bugzilla?
 Bugzilla is a bug- or issue-tracking system.
 Bugzilla was originally written by Terry Weissman in a programming language called TCL
and was later ported to PERL.
 Most commercial defect-tracking software vendors at the time charged enormous
licensing fees, and Bugzilla quickly became a favorite of the open-source crowd (with its
genesis in the open-source browser project, Mozilla).
 It is now the de-facto standard defect-tracking system against which all others are
measured.
 Bugzilla boasts many advanced features. These include:
 Powerful searching
 User-configurable email notifications of bug changes
 Full change history
 Inter-bug dependency tracking and graphing
 Excellent attachment management
 Integrated, product-based, granular security schema
 Fully security-audited, and runs under Perl's taint mode
 A robust, stable RDBMS back-end
 Web, XML, email and console interfaces
 Completely customisable and/or localisable web user interface
 Extensive configurability
 Smooth upgrade pathway between versions
Why Should We Use Bugzilla?
 Bugzilla is very adaptable to various situations. Known uses currently include IT support
queues, Systems Administration deployment management, chip design and
development problem tracking (both pre-and-post fabrication), and software and
hardware bug tracking for luminaries such as Redhat, NASA, Linux-Mandrake, and VA
Systems. Combined with systems such as CVS, Bonsai, or Perforce SCM, Bugzilla
provides a powerful, easy-to-use solution to configuration management and replication
problems.
 Bugzilla can dramatically increase the productivity and accountability of individual
employees by providing a documented workflow and positive feedback for good
 performance. Ultimately, Bugzilla puts the power in your hands to improve your value to
your employer or business while providing a usable framework for your natural
attention to detail and knowledge store to flourish.
Steps:
1. Open a mozillafirfox and type
www.bugzilla.org
2. On Bugzilla in Action Select 1st option as shown below

3. Then you get the screen as shown below

4. if you already have an account, then give Email address: Password:

5. if you don’t have an account then

create a new account, by clicking on
Create a new account
6. then You get the screen like this to
create a new account
5. In email write your email id and click on Create Account
6.you get a confirmation email will be sent to your email. As below

7. open your email, account as below click on link

Click on the link to continue in bugzilla…………

8. Then You get the screen like below
 Write your real name:
 Password :
 Confirm password:

Click Create
9. you get Bugzilla main page appears, indicating that your account is successfully created
10. click on File a bug option
11. Type to find product and component by name or description: in this option type your
desired details.In login page: while creating new user, after clicking on save button error
message is coming

12. summarize your issue in one sentence as below

Click on find similar issues

13. Then bugzilla list out all the related bugs………. As shown below. If your issue is not in the
list, click on My issue is not listed.

Click on my issue is not listed

14. you a get,

15. what did you do?

1. Login page -> new user
2. new user page appeared -> I filled all fields
3. I clicked on save button
What happended:
1.error message is coming, when I clicked on save button
What should have happened
1. new user has been successfully created message should appear after clicking
save button
Attach file:
Security:
16. click on submit bug
17. on bottom, you have switch to the advanced bug entry form, if you want then you can
fill on that form also

18. you get the screen as below

19. click on save changes

20. click on commit button

21. click on new button to enter more new bugs

Results: Bug id: 783483 is successfully sent to developer url: [email protected]

And bug information shown as below
Bug information sent to following people:

Program:9
AIM: Overview of Performance Testing Tools (Ex: Load runner)

Recording HTTP Requests in JMeter

We will study recording of HTTP requests in JMeter using HTTP(S) Test Script Recorder (or HTTP
Proxy Server in older versions of JMeter). Let's begin with the very first step i.e. launching
JMeter. Once, we launch JMeter, we can see the the two controls in the left pane -
  Test Plan - Test plan is the area where all the scripting is done and saved.
 Workbench - Workbench is the area which we use for temporary purpose, basically it is
used for adding test elements that help in recording scripts in JMeter.

Recording in JMeter
Now let's see how we can record scripts in JMeter-

1. Add a Thread Group inside the Test Plan and name the Thread Group as per the action
they are bound to perfrom e.g. 'LoginUsers'.
Right Click on Test Plan -> Click on Add -> Threads (Users) -> Thread Group

2. Add a Logic Controller (e.g. Transaction Controller) within the thread group.
Right click thread group -> Click on Add -> Logic Controller -> Transaction Controller
(make sure to click on generate parent sample checkbox).
Add a transaction controller for each step of the user scenario of the thread group
created e.g. transaction controller for "User launch the application", "User log in with
valid credentials", "Click on the links of unread mails", "Log out and Exit the application".

3. Configure Browser for Proxy Settings

So, now we have got a skeleton where we can record and create scripts, next thing we
will do is to record HTTP or HTTPS requests inside the transaction controllers. For this,
we need to setup proxy in our browser. Although we can record calls with any browser
but it is recommended to use Mozilla Firefox just because of its plug-in 'Firebug' as
firebug is very important for validating whether all calls are successfully recorded or
not.
Steps to set proxy in Mozilla are-

o Click on Tools-> Options

o Click on Advanced, under Advanced click on Network tab
o Click on setting, a connection Settings from would appear
o Click on manual proxy configuration radio button
o Now type 127.0.0.1 in the HTTP Proxy textbox and any available port in Port
textbox like 9001
 Let's see what we have done, the IP address we have entered in HTTP Proxy textbox is
loopback address that is software loopback interface of the machine itself on which we
are working and the port we have specified is the Port through which all the traffic will
be routed, this port will be used in JMeter also.

4. Configure JMeter to Record Scripts

Now we will configure JMeter for recording HTTP requests in the transaction controllers
-

o Right click on WorkBench.

o Click on Add-> Non Test Elements-> HTTP(S) Test Script Recorder(HTTP Proxy
server in older JMeter versions).
o Enter the port value that we have entered in the Port field of our browser.
o Under Target Controller dropdown select the Transaction Controller in which we
want to do the recording.
o Click on start button to start the recording.
Now whatever we do in our browser will get saved in the form of http requests in the
transaction controller that we have chosen. Suppose, we chose "User launch application" as our
target controller then we will click on start button on JMeter then we will go to our browser
and launch the application. Again we will go to JMeter and check whether any requests are
recorded in the "User launch application" transaction controller or not. If yes then we will click
on stop button, chose next transaction controller from the target controller dropdown (User
enter valid credentials and click on Login button), click on start button, go to browser and enter
credentials and click on login button. Go to JMeter and click on stop button. Perform these
steps for every transaction controller.

This completes the recording part, next thing is to add Listeners to our Test Plan for
interpretation of test results. For this right click on Test Plan-> Add-> Listeners. You will get a list
of all the Listeners available, as of now use Aggregate graph and View Result Tree Listeners.
Now we can run the script by pressing Ctrl+R keys or click on Play icon. On top right you will see
an icon indicating that the test is running. Once complete, check the results and graphs in the
Listeners. Some of the transaction controllers may fail (check in view result tree- failed requests
come in red) because lots of scripting is still required in the test plan.

So, this was all about record and playback in JMeter. In the next we will study
"Parameterization and Correlation" that are heart and soul of scripting.

Program:10

AIM: Study of Selenium IDE(open source testing tool)

EX: To test web-based applications that could be run in an Internet browser i.e. to record how
an application is being used and then play back those recordings followed by asserts.
THEORY:
 Selenium is a FUNCTIONAL testing tool.
 Selenium is set of different software tools each with a different approach to supporting
test automation.
 The entire suite of tools results in a rich set of testing functions specifically to fulfill the
needs of testing of web applications of all types. These operations are highly flexible,
allowing many options for locating UI elements and comparing expected test results
against actual application behavior.
 One of Selenium’s key features is the support for executing one’s tests on multiple
browser platforms.
Introduction:
 Selenium IDE (Integrated Development Environment) is a prototyping tool for building
test scripts. It is a Firefox plug-in and provides an easy-to-use interface for developing
automated tests. Selenium IDE has a recording feature, which records user actions as
they are performed and then exports them as a reusable script in one of many
programming languages that can be later executed.
 It is open source software realesed under the apache 2.0 license.
a) Selenium’s Tool Suite: Selenium is composed of multiple software tools. Each has a
specific role.
b) Selenium IDE :( Selenium Recorder)
 Selenium IDE is a complete Integrated Development Environment for Selenium tests
which is a extension for Firefox and allows recording, editing and debugging tests. It is
prototyping tool.
Features:
 Record and playback
 Intelligent field selection will use IDs, names as needed
 Auto complete for all common Selenium commands
 Debug and set breakpoints
 Save tests as HTML,Ruby scripts or other scripts
 Support for Selenium user-extensions.js file
 Option to automatically assert the title of every page
Selenium Remote Control: (Selenium 1): It is a server, written in java , that accepts commands
for the browser via HTTP. RC makes it possible to write automated tests for a web application in
any programming language, which allows for better integration of Selenium in existing unit test
frameworks.
Selenium 2 :( Selenium Webdriver): Selenium 2 is the newest addition in the Selenium toolkit.
In includes a more cohesive and object oriented API. It supports backwards compatibility with
Selenium 1’s and Selenium RC interface.
Selenium-Grid:Selenium Grid allows you to run your tests in parallel, that is, different tests
can be run at the same time on different remote machines.

Steps to Install:
Using Firefox, first, download the IDE from the SeleniumHQ downloads page. Firefox will
protect you from installing add-ons from unfamiliar locations, so you will need to click
‘Allow’ to proceed with the installation, as shown in the following screenshot.

When downloading from Firefox, the following window opens

Select Install Now. The Firefox Add-ons window pops up, first showing a progress bar, and when
the download is complete, displays the following.
Restart Firefox. After Firefox reboots you will find the Selenium-IDE listed under the Firefox
Tools menu.

Selenium IDE Features:

b) Toolbar:The toolbar contains buttons for controlling the execution of your test
cases, including a step feature for debugging your test cases

Speed Control: controls how fast your test case runs.

Run All: Runs the entire test suite when a test suite with multiple test cases is loaded.

Run: Runs the currently selected test. When only a single test is loaded this button and
the Run All button have the same effect.

Pause/Resume: Allows stopping and re-starting of a running test case.

 Step: Allows you to “step” through a test case by running it one command at a time. Use
for debugging test cases.

Test Runner Mode: Allows you to run the test case in a browser loaded with the
Selenium-Core TestRunner. The TestRunner is not commonly used now and is likely to
be deprecated. This button is for evaluating test cases for backwards compatibility with
the TestRunner. Most users will probably not need this button.

Apply Rollup Rules: This advanced feature allows repetitive sequences of Selenium
commands to be grouped into a single action. Detailed documentation on rollup rules
can be found in the UI-Element Documentation on the Help menu.

Record: Records the user’s browser action

c) Test Case Pane:
The script is displayed in the test case pane.

It has two tabs, one for displaying the command and their parameters in a readable “table”
format.
The Command, Target, and Value entry fields display the currently selected command along
with its parameters. These are entry fields where the modifications to the currently selected
command can be done.
The first parameter specified for a command in the Reference tab of the bottom pane always
goes in the Target field. If a second parameter is specified by the Reference tab, it always goes
in the Value field.

d) Log/Reference/UI-Element/Rollup Pane:
The bottom pane is used for four different functions–Log, Reference, UI-Element, and Rollup–
depending on which tab is selected.
Log: When running the test case, error messages and information messages showing the
progress are displayed in this pane automatically. These messages are often useful for test case
debugging.
Reference: The Reference tab is the default selection for entering or modifying Selenese
commands and parameters in Table mode.

e) Selenium Commands – “Selenese”

Selenium provides a rich set of commands for fully testing your web-app in virtually any way
you can imagine. The command set is often called selenese. These commands essentially create
a testing language.
A command is what tells Selenium what to do. Selenium commands come in three “flavors”:
Actions, Accessors and Assertions.
 Actions are commands that generally manipulate the state of the application. Many
Actions can be called with the “AndWait” suffix, e.g. “clickAndWait”. This suffix tells
Selenium that the action will cause the browser to make a call to the server, and that
Selenium should wait for a new page to load.
 Accessors examine the state of the application and store the results in variables, e.g.
“storeTitle”. They are also used to automatically generate Assertions.
 Assertions are like Accessors, but they verify that the state of the application
conforms to what is expected. Examples include “make sure the page title is X” and
“verify that this checkbox is checked”.
Commonly Used Selenium Commands
1) Open: opens a page using a URL.
2) Click/clickAndWait: performs a click operation, and optionally waits for a new page to
load.
3) VerifyTitle/assert Title: verifies an expected page title.
4) VerifyTextPresent: verifies expected text is somewhere on the page.
5) VerifyElementPresent: verifies an expected UI element, as defined by its HTML tag, is
present on the page.
6) VerifyText: verifies expected text and its corresponding HTML tag are present on the
page.
7) VerifyTable: verifies a table’s expected contents.
 8) WaitForPageToLoad: pauses execution until an expected new page loads. Called
automatically when clickAndWait is used.

Program: 8.1
Step 1: Open the selenium IDE from the Mozilla browser
Step 2: Hit the Record Button in selenium IDE.

Step 3:Open the browser in a new tab and login to gmail by entering user name and password.

All the action performed will be displayed on the screen

 Step 4: now save the test case as “gmail”

Step 5: Run the test case by opening the gmail test case and click on the run all button.

Step 6: Finally, all operations are performed in browser.

Results:
Selenium is highly flexible. We can add functionality to both Selenium test scripts and
Selenium’s framework to customize your test automation. Since Selenium is Open Source,
the source code can always be downloaded and modified.
Beyond the Syllabus:

1. What is Use Case Testing? Technique, Examples

2. Mobile Apps Testing: Sample Test Case Functional Testing Test Cases

3. Agile Model & Methodology: Guide for Testers

4. What is STRESS Testing in Software Testing? Tools, Types, Examples

1. What is Use Case Testing? Technique, Examples:

What is a Use Case?

A use case is a description of a particular use of the system by an actor or user. It is used widely
in developing tests at system or acceptance level.

What is Use Case Testing?

Use Case Testing is defined as a software testing technique, that helps identify test cases that
cover the entire system, on a transaction by transaction basis from start to the finishing point.

How to do Use Case Testing: Example

Main Success Scenario Step Description

A:Actor 1 A: Enter Agent Name & Password

S:System

2 S: Validate Password

3 S: Allow Account Access

Extensions 2a Password not valid

S: Display Message and ask for re-try 4 times
 2b Password not valid 4 times
S: Close Application

In a use-case, an actor is represented by "A" and system by "S". We create Use for a login
functionality of a Web Application as shown belo

 Consider the first step of an end to end scenario for a login functionality for our web
application where the Actor enters email and password.
 In the next step, the system will validate the password
 Next, if the password is correct, the access will be granted
 There can be an extension of this use case. In case password is not valid system will
display a message and ask for re-try four times
 If Password, not valid four times system will ban the IP address.

2. Mobile Apps Testing: Sample Test Case Functional Testing Test Cases

The functional testing of Mobiles normally consists in the areas of testing user interactions as
well as testing the transactions. The various factors which are relevant in functional testing are

1. Type of application based upon the business functionality usages (banking, gaming,
social or business)
2. Target audience type (consumer, enterprise, education)
3. Distribution channel which is used to spread the application (e.g. Apple App Store,
Google play, direct distribution)

The most fundamental test scenarios in the functional testing can be considered as :

1. To validate whether all the required mandatory fields are working as required.
2. To validate that the mandatory fields are displayed in the screen in a distinctive way than
the non-mandatory fields.
3. To validate whether the application works as per as requirement whenever the application
starts/stops.
4. To validate whether the application goes into minimized mode whenever there is an
incoming phone call. In order to validate the same we need to use a second phone, to call
the device.
5. To validate whether the phone is able to store, process and receive SMS whenever the
app is running. In order to validate the same we need to use a second phone to send sms
to the device which is being tested and where the application under test is currently
running.
6. To validate that the device is able to perform required multitasking requirements
whenever it is necessary to do so.
7. To validate that the application allows necessary social network options such as sharing,
posting and navigation etc.
8. To validate that the application supports any payment gateway transaction such as Visa,
Mastercard, Paypal etc as required by the application.
9. To validate that the page scrolling scenarios are being enabled in the application as
necessary.
10. To validate that the navigation between relevant modules in the application are as per the
requirement.
11. To validate that the truncation errors are absolutely to an affordable limit.
12. To validate that the user receives an appropriate error message like “Network error.
Please try after some time” whenever there is any network error.
13. To validate that the installed application enables other applications to perform
satisfactorily, and it does not eat into the memory of the other applications.
14. To validate that the application resumes at the last operation in case of a hard reboot or
system crash.
15. To validate whether the installation of the application can be done smoothly provided the
user has the necessary resources and it does not lead to any significant errors.
16. To validate that the application performs auto start facility according to the requirements.
17. To validate whether the application performs according to the requirement in all versions
of Mobile that is 2g, 3g and 4g.
18. To perform Regression Testing to uncover new software bugs in existing areas of a
system after changes have been made to them. Also rerun previously performed tests to
determine that the program behavior has not changed due to the changes.
 19. To validate whether the application provides an available user guide for those who are
not familiar to the app

Performance Testing Test Cases

This type of testing’s fundamental objective is to ensure that the application performs acceptably
under certain performance requirements such as access by a huge number of users or the removal
of a key infrastructure part like a database server.

The general test scenarios for Performance Testing in a Mobile application are:

1. To determine whether the application performs as per the requirement under different
load conditions.
2. To determine whether the current network coverage is able to support the application at
peak, average and minimum user levels.
3. To determine whether the existing client-server configuration setup provides the required
optimum performance level.
4. To identify the various application and infrastructure bottlenecks which prevent the
application to perform at the required acceptability levels.
5. To validate whether the response time of the application is as per as the requirements.
6. To evaluate product and/or hardware to determine if it can handle projected load
volumes.
7. To evaluate whether the battery life can support the application to perform under
projected load volumes.
8. To validate application performance when network is changed to WIFI from 2G/3G or
vice versa.
9. To validate each of the required the CPU cycle is optimization
10. To validate that the battery consumption, memory leaks, resources like GPS, Camera
performance is well within required guidelines.
11. To validate the application longevity whenever the user load is rigorous.
12. To validate the network performance while moving around with the device.
13. To validate the application performance when only intermittent phases of connectivity is
required.
Security Testing Test Cases:

The fundamental objective of security testing is to ensure that the application’s data and
networking security requirements are met as per guidelines.

The following are the most crucial areas for checking the security of Mobile applications.

1. To validate that the application is able to withstand any brute force attack which is an
automated process of trial and error used to guess a person’s username, password or
credit-card number.
2. To validate whether an application is not permitting an attacker to access sensitive
content or functionality without proper authentication.
3. To validate that the application has a strong password protection system and it does not
permit an attacker to obtain, change or recover another user’s password.
4. To validate that the application does not suffer from insufficient session expiration.
5. To identify the dynamic dependencies and take measures to prevent any attacker for
accessing these vulnerabilities.
6. To prevent from SQL injection related attacks.
7. To identify and recover from any unmanaged code scenarios.
8. To ensure whether the certificates are validated, does the application implement
Certificate Pinning or not.
9. To protect the application and the network from the denial of service attacks.
10. To analyze the data storage and data validation requirements.
11. To enable the session management for preventing unauthorized users to access
unsolicited information.
12. To check if any cryptography code is broken and ensure that it is repaired.
13. To validate whether the business logic implementation is secured and not vulnerable to
any attack from outside.
14. To analyze file system interactions, determine any vulnerability and correct these
problems.
15. To validate the protocol handlers for example trying to reconfigure the default landing
page for the application using a malicious iframe.
16. To protect against malicious client side injections.
 17. To protect against malicious runtime injections.
18. To investigate file caching and prevent any malicious possibilities from the same.
19. To prevent from insecure data storage in the keyboard cache of the applications.
20. To investigate cookies and preventing any malicious deeds from the cookies.
21. To provide regular audits for data protection analysis.
22. Investigate custom created files and preventing any malicious deeds from the custom
created files.
23. To prevent from buffer overflows and memory corruption cases.
24. To analyze different data streams and preventing any vulnerabilities from these.

Usability Testing Test Cases

The usability testing process of the Mobile application is performed to have a quick and easy
step application with less functionality than a slow and difficult application with many features.
The main objective is to ensure that we end up having an easy-to-use, intuitive and similar to
industry-accepted interfaces which are widely used.

1. To ensure that the buttons should have the required size and be suitable to big fingers.
2. To ensure that the buttons are placed in the same section of the screen to avoid confusion
to the end users.
3. To ensure that the icons are natural and consistent with the application.
4. To ensure that the buttons, which have the same function should also have the same
color.
5. To ensure that the validation for the tapping zoom-in and zoom-out facilities should be
enabled.
6. To ensure that the keyboard input can be minimized in an appropriate manner.
7. To ensure that the application provides a method for going back or undoing an action, on
touching the wrong item, within an acceptable duration.
8. To ensure that the contextual menus are not overloaded because it has to be used quickly.
9. To ensure that the text is kept simple and clear to be visible to the users.
10. To ensure that the short sentences and paragraphs are readable to the end users.
11. To ensure that the font size is big enough to be readable and not too big or too small.
 12. To validate the application prompts the user whenever the user starts downloading a large
amount of data which may be not conducive for the application performance.
13. To validate that the closing of the application is performed from different states and
verify if it re-opens in the same state.
14. To ensure that all strings are converted into appropriate languages whenever a language
translation facility is available.
15. To ensure that the application items are always synchronized according to the user
actions.
16. To ensure that the end user is provided with a user manual which helps the end user to
understand and operate the application who may be not familiar with the application’s
proceedings

Usability testing is normally performed by manual users since only human beings can understand
the sensibility and comfort ability of the other users.

Compatibility Testing Test Cases

Compatibility testing on mobile devices is performed to ensure that since mobile devices have
different size, resolution, screen, version and hardware so the application should be tested across
all the devices to ensure that the application works as desired.

The following are the most prominent areas for compatibility testing.

1. To validate that the user Interface of the application is as per the screen size of the device,
no text/control is partially invisible or inaccessible.
2. To ensure that the text is readable for all users for the application.
3. To ensure that the call/alarm functionality is enabled whenever the application is running.
The application is minimized or suspended on the event of a call and then whenever the
call stops the application is resumed.

Recoverability Testing Test Cases

1. Crash recovery and transaction interruptions

 2. Validation of the effective application recovery situation post unexpected
interruption/crash scenarios.
3. Verification of how the application handles a transaction during a power failure (i.e.
Battery dies or a sudden manual shutdown of the device)
4. The validation of the process where the connection is suspended, the system needs to re-
establish for recovering the data directly affected by the suspended connection.

3. Agile Model & Methodology: Guide for Testers

Agile Testing Methodology

There are various methods present in agile testing, and those are listed below:

Scrum

SCRUM is an agile development method which concentrates specifically on how to manage

tasks within a team-based development environment. Basically, Scrum is derived from activity
that occurs during a rugby match. Scrum believes in empowering the development team and
advocates working in small teams (say- 7 to 9 members). It consists of three roles, and their
responsibilities are explained as follows:
  Scrum Master
o Master is responsible for setting up the team, sprint meeting and removes
obstacles to progress
 Product owner
o The Product Owner creates product backlog, prioritizes the backlog and is
responsible for the delivery of the functionality at each iteration
 Scrum Team
o Team manages its own work and organizes the work to complete the sprint or
cycle

Product Backlog

This is a repository where requirements are tracked with details on the no of requirements to be
completed for each release. It should be maintained and prioritized by Product Owner, and it
should be distributed to the scrum team. Team can also request for a new requirement addition or
modification or deletion

Scrum Practices

Practices are described in detailed:

Process flow of Scrum Methodologies:

Process flow of scrum testing is as follows:

 Each iteration of a scrum is known as Sprint

 Product backlog is a list where all details are entered to get end product
 During each Sprint, top items of Product backlog are selected and turned into Sprint
backlog
 Team works on the defined sprint backlog
 Team checks for the daily work
 At the end of the sprint, team delivers product functionality

eXtreme Programming (XP)

Extreme Programming technique is very helpful when there is constantly changing

demands or requirements from the customers or when they are not sure about the
functionality of the system. It advocates frequent "releases" of the product in short
development cycles, which inherently improves the productivity of the system and also
introduces a checkpoint where any customer requirements can be easily implemented. The
XP develops software keeping customer in the target.

Business requirements are gathered in terms of stories. All those stories are stored in a place
called the parking lot.

In this type of methodology, releases are based on the shorter cycles called Iterations with span
of 14 days time period. Each iteration includes phases like coding, unit testing and system testing
where at each phase some minor or major functionality will be built in the application.
Phases of eXtreme programming:

There are 6 phases available in Agile XP method, and those are explained as follows:

Planning

 Identification of stakeholders and sponsors

 Infrastructure Requirements
 Security related information and gathering
 Service Level Agreements and its conditions

Analysis

 Capturing of Stories in Parking lot

 Prioritize stories in Parking lot
 Scrubbing of stories for estimation
 Define Iteration SPAN(Time)
 Resource planning for both Development and QA teams

Design

 Break down of tasks

 Test Scenario preparation for each task
 Regression Automation Framework

Execution

 Coding
 Unit Testing
 Execution of Manual test scenarios
 Defect Report generation
 Conversion of Manual to Automation regression test cases
 Mid Iteration review
 End of Iteration review
Wrapping

 Small Releases
 Regression Testing
 Demos and reviews
 Develop new stories based on the need
 Process Improvements based on end of iteration review comments

Closure

 Pilot Launch
 Training
 Production Launch
 SLA Guarantee assurance
 Review SOA strategy
 Production Support

There are two storyboards available to track the work on a daily basis, and those are listed below
for reference.

 Story Cardboard
o This is a traditional way of collecting all the stories in a board in the form of stick
notes to track daily XP activities. As this manual activity involves more effort and
time, it is better to switch to an online form.
 Online Storyboard
o Online tool Storyboard can be used to store the stories. Several teams can use
itfor different purposes.

Crystal Methodologies

Crystal Methodology is based on three concepts

1. Chartering: Various activities involved in this phase are creating a development team,
performing a preliminary feasibility analysis, developing an initial plan and fine-tuning
the development methodology
 2. Cyclic delivery: The main development phase consists of two or more delivery cycles,
during which the
1. Team updates and refines the release plan
2. Implements a subset of the requirements through one or more program test
integrate iterations
3. Integrated product is delivered to real users
4. Review of the project plan and adopted development methodology
3. Wrap Up: The activities performed in this phase are deployment into the user
environment, post- deployment reviews and reflections are performed.

Dynamic Software Development Method (DSDM)

DSDM is a Rapid Application Development (RAD) approach to software development and

provides an agile project delivery framework. The important aspect of DSDM is that the users
are required to be involved actively, and the teams are given the power to make decisions.
Frequent delivery of product becomes the active focus with DSDM. The techniques used in
DSDM are

1. Time Boxing
2. MoSCoW Rules
3. Prototyping

The DSDM project consists of 7 phases

1. Pre-project
2. Feasibility Study
3. Business Study
4. Functional Model Iteration
5. Design and build Iteration
6. Implementation
7. Post-project

Feature Driven Development (FDD)

This method is focused around "designing & building" features. Unlike other agile methods,
FDD describes very specific and short phases of work that has to be accomplished separately per
feature. It includes domain walkthrough, design inspection, promote to build, code inspection
and design. FDD develops product keeping following things in the target

1. Domain object Modeling

2. Development by feature
3. Component/ Class Ownership
4. Feature Teams
5. Inspections
6. Configuration Management
7. Regular Builds
8. Visibility of progress and results

Lean Software Development

Lean software development method is based on the principle "Just in time production". It aims at
increasing speed of software development and decreasing cost. Lean development can be
summarized in seven steps.

1. Eliminating Waste
2. Amplifying learning
3. Defer commitment (deciding as late as possible)
4. Early delivery
5. Empowering the team
6. Building Integrity
7. Optimize the whole

Kanban

Kanban originally emerged from Japanese word that means, a card containing all the information
needed to be done on the product at each stage along its path to completion. This framework or
method is quite adopted in software testing method especially in agile testing.
Scrum Vs Kanban

Scrum Kanban

 In scrum technique, test must be  No particular item size is

broken down so that they can be prescribed
completed within one sprint

 Prescribes a prioritized product  Prioritization is optional

backlog

 Scrum team commits to a particular  Commitment is optional

amount of work for the iteration

 Burndown chart is prescribed  No particular item size is

prescribed

 Between each sprint, a scrum board is  A Kanban board is persistent. It

reset limits the number of items in
workflow state

 It cannot add items to ongoing  It can add items whenever capacity

iteration is available

 WIP limited indirectly  WIP limited directly

 Timeboxed iterations prescribed  Timeboxed iterations optional

Agile metrics:

Metrics that can be collected for effective usage of Agile is:

 Drag Factor
o Effort in hours which do not contribute to sprint goal
o Drag factor can be improved by reducing number of shared resources, reducing
the amount of non-contributing work
 o New estimates can be increased by percentage of drag factor -New estimate =
(Old estimate+drag factor)
 Velocity
o Amount of backlog converted to shippable functionality of sprint
 No of Unit Tests added
 Time taken to complete daily build
 Bugs detected in an iteration or in previous iterations
 Production defect leakage

4. What is STRESS Testing in Software Testing? Tools, Types, Examples

What is Stress Testing?

Stress Testing is defined as a type of Software Testing that verified the stability & reliability of
the system. This test mainly determines the system on its robustness and error handling under
extremely heavy load conditions.

It even tests beyond the normal operating point and evaluates how the system works under those
extreme conditions. Stress Testing is done to make sure that the system would not crash under

crunch situations.

In Software Engineering, Stress Testing is also known as Endurance Testing. Under Stress
Testing, AUT is be stressed for a short period of time to know its withstanding capacity. A most
prominent use of stress testing is to determine the limit, at which the system or software or
hardware breaks. It also checks whether the system demonstrates effective error management
under extreme conditions.

The application under testing will be stressed when 5GB data is copied from the website and
pasted in notepad. Notepad is under stress and gives 'Not Responded' error message.

Need for Stress Testing

Consider the following scenarios -

 During festival time, an online shopping site may witness a spike in traffic, or when it
announces a sale.
 When a blog is mentioned in a leading newspaper, it experiences a sudden surge in
traffic.

It is imperative to perform Stress Testing to accommodate such abnormal traffic spikes. Failure
to accommodate this sudden traffic may result in loss of revenue and repute.

Stress testing is also extremely valuable for the following reasons:

 To check whether the system works under abnormal conditions.

 Displaying appropriate error message when the system is under stress.
 System failure under extreme conditions could result in enormous revenue loss
 It is better to be prepared for extreme conditions by executing Stress Testing.

Goals of Stress Testing

The goal of stress testing is to analyze the behavior of the system after a failure. For stress testing
to be successful, a system should display an appropriate error message while it is under extreme
conditions.

To conduct Stress Testing, sometimes, massive data sets may be used which may get lost during
Stress Testing. Testers should not lose this security-related data while doing stress testing.
The main purpose of stress testing is to make sure that the system recovers after failure which is

Load Testing Stress Testing

Load Testing is to test the system behavior Stress testing is to test the system behavior
under normal workload conditions, and it is under extreme conditions and is carried out
just testing or simulating with the actual till the system failure.
workload

Load testing does not break the system stress testing tries to break the system by
testing with overwhelming data or resources.

called as recoverability.

Load Testing Vs Stress Testing

Types of Stress Testing:

Following are the types of stress testing and are explained as follows:

Distributed Stress Testing:

In distributed client-server systems, testing is done across all clients from the server. The role of
stress server is to distribute a set of stress tests to all stress clients and track on the status of the
client. After the client contacts the server, the server adds the name of the client and starts
sending data for testing.

Meanwhile, client machines send signal or heartbeat that it is connected with the server. If the
server does not receive any signals from the client machine, it needs to be investigated further for
debugging. From the figure, a server can connect with the 2 clients (Client1 and Client2), but it
cannot send or receive a signal from Client 3 & 4.

Night run is the best option to run these stress testing scenarios. Large server farms need a more
efficient method for determining which computers have had stress failures that need to be
investigated.

Application Stress Testing:

This testing concentrate on finding defects related to data locking and blocking, network issues
and performance bottlenecks in an application.

Transactional Stress Testing:

It does stress testing on one or more transactions between two or more applications. It is used for
fine-tuning & optimizing the system.

Systemic Stress Testing:

This is integrated stress testing which can be tested across multiple systems running on the same
server. It is used to find defects where one application data blocks another application.

Exploratory Stress Testing:

This is one of the types of stress testing which is used to test the system with unusual parameters
or conditions that are unlikely to occur in a real scenario. It is used to find defects in unexpected
scenarios like

1. A large number of users logged at the same time

2. If a virus scanner started in all machines simultaneously
3. If Database has gone offline when it is accessed from a website,
4. When a large volume of data is inserted to the database simultaneously

How to do Stress Testing?

Stress Testing process can be done in 5 major steps:

1. Planning the Stress Test. Here you gather the system data, analyze the system, define the
stress test goals
2. Create Automation Scripts: In this phase, you create the Stress testing automation scripts,
generate the test data for the stress scenarios.
3. Script Execution: In this stage, you run the Stress testing automation scripts and store the
stress results.
4. Results Analysis: In this stage, you analyze the Stress Test results and identify
bottlenecks.
 5. Tweaking and Optimization: In this stage, you fine-tune the system, change
configurations, optimize the code with goal meet the desired benchmark.

Lastly, you again run the entire cycle to determine that the tweaks have produced the desired
results. For example, it's not unusual to have to 3 to 4 cycles of the Stress Testing process to
achieve the performance goals

Tools recommended for Stress Testing:

LoadRunner

LoadRunner from HP is a widely-used Load Testing tool. Load Test Results shaped by
Loadrunner are considered as a benchmark.

Jmeter

Jmeter is an Open Source testing tool. It is a pure Java application for stress andPerformance
Testing. Jmeter is intended to cover types of tests like load, functional, stress, etc. It needs JDK 5
or higher to function.

Stress Tester

This tool provides extensive analysis of the web application performance, provides results in
graphical format, and it is extremely easy to use. No high-level scripting is required and gives a
good return on investment.

Neo load

This is a popular tool available in the market to test the web and Mobile applications. This tool
can simulate thousands of users in order to evaluate the application performance under load and
analyze the response times. It also supports Cloud-integrated - performance, load and stress
testing. It is easy to use, cost-effective and provides good scalability.

Metrics for Stress Testing

Metrics help in evaluating a System's performance and generally studied at the end of Stress
Test. Commonly used metrics are -
Measuring Scalability & Performance

 Pages per Second: Measures how many pages have been requested / Second
 Throughput: Basic Metric - Response data size/Second
 Rounds: Number of times test scenarios have been planned Versus Number of times a
client has executed

Application Response

 Hit time: Average time to retrieve an image or a page

 Time to the first byte: Time is taken to return the first byte of data or information
 Page Time: Time is taken to retrieve all the information in a page

Failures

 Failed Connections: Number of failed connections refused by the client (Weak Signal)
 Failed Rounds: Number of rounds it gets failed
 Failed Hits: Number of failed attempts done by the system (Broken links or unseen
images)

Conclusion

Stress testing's objective is to check the system under extreme conditions. It monitors system
resources such as Memory, processor, network etc., and checks the ability of the system to
recover back to normal status. It checks whether the system displays appropriate error messages
while under stress.

INFORMATION SECURITY LAB

Programs

1.Implement RSA algorithm

 (a) Generate Public key and Private key pair

(b) Generate Ciphertext for the Plaintext

(c) Obtain the Plaintext from the Ciphertext

import java.math.BigInteger;
import java.security.SecureRandom;

public class RSA {

private final static BigInteger one = new BigInteger("1");
private final static SecureRandom random = new SecureRandom();

private BigInteger privateKey;

private BigInteger publicKey;
private BigInteger modulus;

// generate an N-bit (roughly) public and private key

RSA(int N) {
BigInteger p = BigInteger.probablePrime(N/2, random);
BigInteger q = BigInteger.probablePrime(N/2, random);
BigInteger phi = (p.subtract(one)).multiply(q.subtract(one));

modulus = p.multiply(q);
publicKey = new BigInteger("65537"); // common value in practice = 2^16 + 1
privateKey = publicKey.modInverse(phi);
}

BigInteger encrypt(BigInteger message) {

return message.modPow(publicKey, modulus);
}

BigInteger decrypt(BigInteger encrypted) {

return encrypted.modPow(privateKey, modulus);
}

public String toString() {

String s = "";
s += "public = " + publicKey + "\n";
s += "private = " + privateKey + "\n";
s += "modulus = " + modulus;
return s;
}
 public static void main(String[] args) {
int N = Integer.parseInt(args[0]);
RSA key = new RSA(N);
StdOut.println(key);

// create random message, encrypt and decrypt

BigInteger message = new BigInteger(N-1, random);

//// create message by converting string to integer

// String s = "test";
// byte[] bytes = s.getBytes();
// BigInteger message = new BigInteger(bytes);

BigInteger encrypt = key.encrypt(message);

BigInteger decrypt = key.decrypt(encrypt);
StdOut.println("message = " + message);
StdOut.println("encrypted = " + encrypt);
StdOut.println("decrypted = " + decrypt);
}
}
2. Implement DES

(a) Generate Cipher text for the given Plaintext

(b) Retrieve the Plaintext from the given Ciphertext

import javax.swing.*;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.util.Random ;
class DES {
byte[] skey = new byte[1000];
String skeyString;
static byte[] raw;
String inputMessage,encryptedData,decryptedMessage;
public DES() {
try {
generateSymmetricKey();
inputMessage=JOptionPane.showInputDialog(null,"Enter message to encrypt");
byte[] ibyte = inputMessage.getBytes();
byte[] ebyte=encrypt(raw, ibyte);
String encryptedData = new String(ebyte);
System.out.println("Encrypted message "+encryptedData);
JOptionPane.showMessageDialog(null,"Encrypted Data "+"\n"+encryptedData);
byte[] dbyte= decrypt(raw,ebyte);
String decryptedMessage = new String(dbyte);
System.out.println("Decrypted message "+decryptedMessage);
JOptionPane.showMessageDialog(null,"Decrypted Data "+"\n"+decryptedMessage);
}
catch(Exception e) {
System.out.println(e);
}
}
void generateSymmetricKey() {
try {
Random r = new Random();
int num = r.nextInt(10000);
String knum = String.valueOf(num);
byte[] knumb = knum.getBytes();
skey=getRawKey(knumb);
skeyString = new String(skey);
System.out.println("DES Symmetric key = "+skeyString);
}
catch(Exception e) {
System.out.println(e);
}
}
private static byte[] getRawKey(byte[] seed) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("DES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(56, sr);
SecretKey skey = kgen.generateKey();
raw = skey.getEncoded();
return raw;
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "DES");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "DES");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static void main(String args[]) {
DES des = new DES();
}
}
3. Implement Diffie Hell man Algorithm and generate Secret Key

// Retrieve the prime, base, and private value for generating the key pair.
// If the values are encoded as in
// Generating a Parameter Set for the Diffie-Hellman Key Agreement Algorithm,
// the following code will extract the values.
String[] values = valuesInStr.split(",");
BigInteger p = new BigInteger(values[0]);
BigInteger g = new BigInteger(values[1]);
int l = Integer.parseInt(values[2]);

try {
// Use the values to generate a key pair
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH");
DHParameterSpec dhSpec = new DHParameterSpec(p, g, l);
keyGen.initialize(dhSpec);
KeyPair keypair = keyGen.generateKeyPair();

// Get the generated public and private keys

PrivateKey privateKey = keypair.getPrivate();
PublicKey publicKey = keypair.getPublic();

// Send the public key bytes to the other party...

byte[] publicKeyBytes = publicKey.getEncoded();

// Retrieve the public key bytes of the other party

publicKeyBytes = ...;

// Convert the public key bytes into a PublicKey object

X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(publicKeyBytes);
KeyFactory keyFact = KeyFactory.getInstance("DH");
publicKey = keyFact.generatePublic(x509KeySpec);

// Prepare to generate the secret key with the private key and public key of the other party
KeyAgreement ka = KeyAgreement.getInstance("DH");
ka.init(privateKey);
ka.doPhase(publicKey, true);

// Specify the type of key to generate;

// see Listing All Available Symmetric Key Generators
String algorithm = "DES";

// Generate the secret key

SecretKey secretKey = ka.generateSecret(algorithm);

// Use the secret key to encrypt/decrypt data;

// see Encrypting a String with DES
} catch (java.security.InvalidKeyException e) {
} catch (java.security.spec.InvalidKeySpecException e) {
} catch (java.security.InvalidAlgorithmParameterException e) {
} catch (java.security.NoSuchAlgorithmException e) {
}

4. Implement Hash Algorithm

import java.util.Scanner;

class LinearProbingHashTable

private int currentSize, maxSize;

private String[] keys;

private String[] vals;

/** Constructor **/

public LinearProbingHashTable(int capacity)

currentSize = 0;

maxSize = capacity;

keys = new String[maxSize];

vals = new String[maxSize];

/** Function to clear hash table **/

public void makeEmpty()

currentSize = 0;

keys = new String[maxSize];

 vals = new String[maxSize];

/** Function to get size of hash table **/

public int getSize()

return currentSize;

/** Function to check if hash table is full **/

public boolean isFull()

return currentSize == maxSize;

/** Function to check if hash table is empty **/

public boolean isEmpty()

return getSize() == 0;

/** Fucntion to check if hash table contains a key **/

public boolean contains(String key)

return get(key) != null;

/** Functiont to get hash code of a given key **/

private int hash(String key)

{

return key.hashCode() % maxSize;

/** Function to insert key-value pair **/

public void insert(String key, String val)

int tmp = hash(key);

int i = tmp;

do

if (keys[i] == null)

keys[i] = key;

vals[i] = val;

currentSize++;

return;

if (keys[i].equals(key))

vals[i] = val;

return;

i = (i + 1) % maxSize;

} while (i != tmp);
}

/** Function to get value for a given key **/

public String get(String key)

int i = hash(key);

while (keys[i] != null)

if (keys[i].equals(key))

return vals[i];

i = (i + 1) % maxSize;

return null;

/** Function to remove key and its value **/

public void remove(String key)

if (!contains(key))

return;

/** find position key and delete **/

int i = hash(key);

while (!key.equals(keys[i]))

i = (i + 1) % maxSize;

keys[i] = vals[i] = null;

/** rehash all keys **/

 for (i = (i + 1) % maxSize; keys[i] != null; i = (i + 1) % maxSize)

String tmp1 = keys[i], tmp2 = vals[i];

keys[i] = vals[i] = null;

currentSize--;

insert(tmp1, tmp2);

currentSize--;

/** Function to print HashTable **/

public void printHashTable()

System.out.println("\nHash Table: ");

for (int i = 0; i < maxSize; i++)

if (keys[i] != null)

System.out.println(keys[i] +" "+ vals[i]);

System.out.println();

/** Class LinearProbingHashTableTest **/

public class LinearProbingHashTableTest

public static void main(String[] args)

{
Scanner scan = new Scanner(System.in);

System.out.println("Hash Table Test\n\n");

System.out.println("Enter size");

/** maxSizeake object of LinearProbingHashTable **/

LinearProbingHashTable lpht = new LinearProbingHashTable(scan.nextInt() );

char ch;

/** Perform LinearProbingHashTable operations **/

do

System.out.println("\nHash Table Operations\n");

System.out.println("1. insert ");

System.out.println("2. remove");

System.out.println("3. get");

System.out.println("4. clear");

System.out.println("5. size");

int choice = scan.nextInt();

switch (choice)

case 1 :

System.out.println("Enter key and value");

lpht.insert(scan.next(), scan.next() );

break;

case 2 :

System.out.println("Enter key");
 lpht.remove( scan.next() );

break;

case 3 :

System.out.println("Enter key");

System.out.println("Value = "+ lpht.get( scan.next() ));

break;

case 4 :

lpht.makeEmpty();

System.out.println("Hash Table Cleared\n");

break;

case 5 :

System.out.println("Size = "+ lpht.getSize() );

break;

default :

System.out.println("Wrong Entry \n ");

break;

/** Display hash table **/

lpht.printHashTable();

System.out.println("\nDo you want to continue (Type y or n) \n");

ch = scan.next().charAt(0);

} while (ch == 'Y'|| ch == 'y');

}
5. Implement Digital Signature

Signing the Message

import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.nio.file.Files;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.List;

import javax.swing.JOptionPane;

public class Message {

private List<byte[]> list;

//The constructor of Message class builds the list that will be written to the file.
//The list consists of the message and the signature.
public Message(String data, String keyFile) throws InvalidKeyException, Exception {
list = new ArrayList<byte[]>();
list.add(data.getBytes());
list.add(sign(data, keyFile));
}

//The method that signs the data using the private key that is stored in keyFile path
public byte[] sign(String data, String keyFile) throws InvalidKeyException, Exception{
Signature rsa = Signature.getInstance("SHA1withRSA");
rsa.initSign(getPrivate(keyFile));
rsa.update(data.getBytes());
return rsa.sign();
}

//Method to retrieve the Private Key from a file

public PrivateKey getPrivate(String filename) throws Exception {
byte[] keyBytes = Files.readAllBytes(new File(filename).toPath());
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePrivate(spec);
 }

//Method to write the List of byte[] to a file

private void writeToFile(String filename) throws FileNotFoundException, IOException {
File f = new File(filename);
f.getParentFile().mkdirs();
ObjectOutputStream out = new ObjectOutputStream(new
FileOutputStream(filename));
out.writeObject(list);
out.close();
System.out.println("Your file is ready.");
}

public static void main(String[] args) throws InvalidKeyException, IOException,

Exception{
String data = JOptionPane.showInputDialog("Type your message here");

new Message(data, "MyKeys/privateKey").writeToFile("MyData/SignedData.txt");

}
}

Verifying the Signature

import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.nio.file.Files;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.List;

import javax.swing.JOptionPane;

public class Message {

private List<byte[]> list;

//The constructor of Message class builds the list that will be written to the file.
//The list consists of the message and the signature.
public Message(String data, String keyFile) throws InvalidKeyException, Exception {
list = new ArrayList<byte[]>();
 list.add(data.getBytes());
list.add(sign(data, keyFile));
}
//The method that signs the data using the private key that is stored in keyFile path
public byte[] sign(String data, String keyFile) throws InvalidKeyException, Exception{
Signature rsa = Signature.getInstance("SHA1withRSA");
rsa.initSign(getPrivate(keyFile));
rsa.update(data.getBytes());
return rsa.sign();
}
//Method to retrieve the Private Key from a file
public PrivateKey getPrivate(String filename) throws Exception {
byte[] keyBytes = Files.readAllBytes(new File(filename).toPath());
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePrivate(spec);
}
//Method to write the List of byte[] to a file
private void writeToFile(String filename) throws FileNotFoundException, IOException {
File f = new File(filename);
f.getParentFile().mkdirs();
ObjectOutputStream out = new ObjectOutputStream(new
FileOutputStream(filename));
out.writeObject(list);
out.close();
System.out.println("Your file is ready.");
}
public static void main(String[] args) throws InvalidKeyException, IOException,
Exception{
String data = JOptionPane.showInputDialog("Type your message here");
new Message(data, "MyKeys/privateKey").writeToFile("MyData/SignedData.txt");
}
}
6. Implement Digital Envelope

import java.security.KeyPairGenerator;
import java.security.KeyPair;
import java.security.PublicKey;
import java.security.PrivateKey;
import java.security.Signature;
import java.io.FileInputStream;
public class SignatureTest {
private static byte[] sign(String datafile, PrivateKey prvKey,
String sigAlg) throws Exception {
Signature sig = Signature.getInstance(sigAlg);
sig.initSign(prvKey);
FileInputStream fis = new FileInputStream(datafile);
byte[] dataBytes = new byte[1024];
int nread = fis.read(dataBytes);
while (nread > 0) {
sig.update(dataBytes, 0, nread);
nread = fis.read(dataBytes);
};
return sig.sign();
}
private static boolean verify(String datafile, PublicKey pubKey,
String sigAlg, byte[] sigbytes) throws Exception {
Signature sig = Signature.getInstance(sigAlg);
sig.initVerify(pubKey);
FileInputStream fis = new FileInputStream(datafile);
byte[] dataBytes = new byte[1024];
int nread = fis.read(dataBytes);
while (nread > 0) {
sig.update(dataBytes, 0, nread);
nread = fis.read(dataBytes);
};
return sig.verify(sigbytes);
}
public static void main(String[] unused) throws Exception {
// Generate a key-pair
KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA");
kpg.initialize(512); // 512 is the keysize.
KeyPair kp = kpg.generateKeyPair();
PublicKey pubk = kp.getPublic();
PrivateKey prvk = kp.getPrivate();
String datafile = "SignatureTest.java";
byte[] sigbytes = sign(datafile, prvk, "SHAwithDSA");
System.out.println("Signature(in hex):: " +
Util.byteArray2Hex(sigbytes));
 boolean result = verify(datafile, pubk, "SHAwithDSA", sigbytes);
System.out.println("Signature Verification Result = " + result);
}}

PROGRAMS BEYOND SYLLABUS

1. WRITE A PROGRAM TO IMPLEMENT CAESAR CIPHER

Algorithm for Caesar Cipher:

Input:

1. A String of lower case letters, called Text.

2. An Integer between 0-25 denoting the required shift.

Procedure:

 Traverse the given text one character at a time .

 For each character, transform the given character as per the rule, depending on whether we’re
encrypting or decrypting the text.
 Return the new string generated.

2. WRITE A PROGRAM TO PERFORM ElGamal Encryption

Idea of ElGamal cryptosystem

Suppose Alice wants to communicate to Bob.

 1. Bob generates public and private key :
 Bob chooses a very large number q and a cyclic group Fq.
 From the cyclic group Fq, he choose any element g and
an element a such that gcd(a, q) = 1.
 Then he computes h = ga.
 Bob publishes F, h = ga, q and g as his public key and retains a as private key.
2. Alice encrypts data using Bob’s public key :
 Alice selects an element k from cyclic group F
such that gcd(k, q) = 1.
 Then she computes p = gk and s = hk = gak.
 She multiples s with M.
 Then she sends (p, M*s) = (gk, M*s).
3. Bob decrypts the message :
 Bob calculates s′ = pa = gak.
 He divides M*s by s′ to obtain M as s = s′.

3. WRITE A PROGRAM TO IMPLEMENT TRANSPOSITION CIPHER

Encryption

In a transposition cipher, the order of the alphabets is re-arranged to obtain the cipher-text.

1. The message is written out in rows of a fixed length, and then read out again column by column,
and the columns are chosen in some scrambled order.
2. Width of the rows and the permutation of the columns are usually defined by a keyword.
3. For example, the word HACK is of length 4 (so the rows are of length 4), and the permutation is
defined by the alphabetical order of the letters in the keyword. In this case, the order would be “3
1 2 4”.
4. Any spare spaces are filled with nulls or left blank or placed by a character (Example: _).
5. Finally, the message is read off in columns, in the order specified by the keyword.

Decryption

1. To decipher it, the recipient has to work out the column lengths by dividing the message length by
the key length.
2. Then, write the message out in columns again, then re-order the columns by reforming the key
word.