Exploratory Software Testing: Tips, Tricks, Tours, and Techniques to Guide Test Design [Paperback]

James A. Whittaker (Author)

Book Description

ISBN-10: 0321636414 | ISBN-13: 978-0321636416 | Publication Date: September 4, 2009 | Edition: 1

How to Find and Fix the Killer Software Bugs that Evade Conventional Testing

 

In Exploratory Software Testing, renowned software testing expert James Whittaker reveals the real causes of today’s most serious, well-hidden software bugs--and introduces powerful new “exploratory” techniques for finding and correcting them.

 

Drawing on nearly two decades of experience working at the cutting edge of testing with Google, Microsoft, and other top software organizations, Whittaker introduces innovative new processes for manual testing that are repeatable, prescriptive, teachable, and extremely effective. Whittaker defines both in-the-small techniques for individual testers and in-the-large techniques to supercharge test teams. He also introduces a hybrid strategy for injecting exploratory concepts into traditional scripted testing. You’ll learn when to use each, and how to use them all successfully.

 

Concise, entertaining, and actionable, this book introduces robust techniques that have been used extensively by real testers on shipping software, illuminating their actual experiences with these techniques, and the results they’ve achieved. Writing for testers, QA specialists, developers, program managers, and architects alike, Whittaker answers crucial questions such as:

 

•  Why do some bugs remain invisible to automated testing--and how can I uncover them?

•  What techniques will help me consistently discover and eliminate “show stopper” bugs?

•  How do I make manual testing more effective--and less boring and unpleasant?

•  What’s the most effective high-level test strategy for each project?

•  Which inputs should I test when I can’t test them all?

•  Which test cases will provide the best feature coverage?

•  How can I get better results by combining exploratory testing with traditional script or scenario-based testing?

•  How do I reflect feedback from the development process, such as code changes?

 

Editorial Reviews

About the Author

James Whittaker has spent his career in software testing and has left his mark on many aspects of the discipline. He was a pioneer in the field of model-based testing, where his Ph.D. dissertation from the University of Tennessee stands as a standard reference on the subject. His work in fault injection produced the highly acclaimed runtime fault injection tool Holodeck, and he was an early thought leader in security and penetration testing. He is also well regarded as a teacher and presenter, and has won numerous best paper and best presentation awards at international conferences. While a professor at Florida Tech, his teaching of software testing attracted dozens of sponsors from both industry and world governments, and his students were highly sought after for their depth of technical knowledge in testing.

 

Dr. Whittaker is the author of How to Break Software and its series follow- ups How to Break Software Security (with Hugh Thompson) and How to Break Web Software (with Mike Andrews). After ten years as a professor, he joined Microsoft in 2006 and left in 2009 to join Google as the Director of Test Engineering for the Kirkland and Seattle offices. He lives in Woodinville, Washington, and is working toward a day when software just works.

 

Excerpt. © Reprinted by permission. All rights reserved.

Exploratory Software Testing

Preface

“Customers buy features and tolerate bugs.”
—Scott Wadsworth

Anyone who has ever used a computer understands that software fails. From the very first program to the most recent modern application, software has never been perfect.

Nor is it ever likely to be. Not only is software development insanely complex and the humans who perform it characteristically error prone, the constant flux in hardware, operating systems, runtime environments, drivers, platforms, databases, and so forth converges to make the task of software development one of humankind’s most amazing accomplishments.

But amazing isn’t enough, as Chapter 1, “The Case for Software Quality,” points out, the world needs it to be high quality, too.

Clearly, quality is not an exclusive concern of software testers. Software needs to be built the right way, with reliability, security, performance, and so forth part of the design of the system rather than a late-cycle afterthought. However, testers are on the front lines when it comes to understanding the nature of software bugs. There is little hope of a broad-based solution to software quality without testers being at the forefront of the insights, techniques, and mitigations that will make such a possibility into a reality.

There are many ways to talk about software quality and many interested audiences. This book is written for software testers and is about a specific class of bugs that I believe are more important than any other: bugs that evade all means of detection and end up in a released product.

Any company that produces software ships bugs. Why did those bugs get written? Why weren’t they found in code reviews, unit testing, static analysis, or other developer-oriented activity? Why didn’t the test automation find them? What was it about those bugs that allowed them to avoid manual testing?

What is the best way to find bugs that ship?

It is this last question that this book addresses. In Chapter 2, “The Case for Manual Testing,” I make the point that because users find these bugs while using the software, testing must also use the software to find them. For automation, unit testing, and so forth, these bugs are simply inaccessible. Automate all you want, these bugs will defy you and resurface to plague your users.

The problem is that much of the modern practice of manual testing is aimless, ad hoc, and repetitive. Downright boring, some might add. This book seeks to add guidance, technique, and organization to the process of manual testing.

In Chapter 3, “Exploratory Testing in the Small,” guidance is given to testers for the small, tactical decisions they must make with nearly every test case. They must decide which input values to apply to a specific input field or which data to provide in a file that an application consumes. Many such small decisions must be made while testing, and without guidance such decisions often go unanalyzed and are suboptimal. Is the integer 4 better than the integer 400 when you have to enter a number into a text box? Do I apply a string of length 32 or 256? There are indeed reasons to select one over the other, depending on the context of the software that will process that input. Given that testers make hundreds of such small decisions every day, good guidance is crucial.

In Chapter 4, “Exploratory Testing in the Large,” guidance is given for broader, strategic concerns of test plan development and test design. These techniques are based on a concept of tours, generalized testing advice that guides testers through the paths of an application like a tour guide leads a tourist through the landmarks of a big city. Exploration does not have to be random or ad hoc, and this book documents what many Microsoft and Google testers now use on a daily basis. Tours such as the landmark tour and the intellectual’s tour are part of the standard vocabulary of our manual testers. Certainly, test techniques have been called “tours” before, but the treatment of the entire tourist metaphor for software testing and the large-scale application of the metaphor to test real shipping applications makes its first appearance in this book.

Testing in the large also means guidance to create entire test strategies. For example, how do we create a set of test cases that give good feature coverage? How do we decide whether to include multiple feature usage in a single test case? How do we create an entire suite of test cases that makes the software work as hard as possible and thus find as many important bugs as possible? These are overarching issues of test case design and test suite quality that have to be addressed.

In Chapter 5, “Hybrid Exploratory Testing Techniques,” the concept of tours is taken a step further by combining exploratory testing with traditional script or scenario-based testing. We discuss ways to modified end-to-end scenarios, test scripts, or user stories to inject variation and increase the bug-finding potential of traditionally static testing techniques.

In Chapter 6, “Exploratory Testing in Practice,” five guest writers from various product groups at Microsoft provide their experience reports from the touring techniques. These authors and their teams applied the tours to real software in real shipping situations and document how they used the tours, modified the tours, and even created their own. This is the first-hand account of real testers who ship important, mission-critical software.

Finally, I end the book with two chapters aimed at wrapping up the information from earlier chapters. In Chapter 7, “Touring and Testing’s Primary Pain Points,” I describe what I see as the hardest problems in testing and how purposeful exploratory testing fits into the broader solutions. In Chapter 8, “The Future of Software Testing,” I look further ahead and talk about how technologies such as virtualization, visualization, and even video games will change the face of testing over the next few years. The appendixes include my take on having a successful testing career and assemble some of my more popular past writings (with new annotations added), some of which are no longer available in any other form.

I hope you enjoy reading this book as much as I enjoyed writing it.

© Copyright Pearson Education. All rights reserved.

Product Details

• Paperback: 256 pages
• Publisher: Addison-Wesley Professional; 1 edition (September 4, 2009)
• Language: English
• ISBN-10: 0321636414
• ISBN-13: 978-0321636416
• Product Dimensions: 9 x 7 x 0.7 inches
• Shipping Weight: 1 pounds (View shipping rates and policies)
• Average Customer Review: 4.0 out of 5 stars  See all reviews (4 customer reviews)
• Amazon Best Sellers Rank: #424,092 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

32 of 40 people found the following review helpful:

1.0 out of 5 stars Not much of value here, October 11, 2009

By 

Joseph S. Strazzere - See all my reviews
(REAL NAME)   

Amazon Verified Purchase

This review is from: Exploratory Software Testing: Tips, Tricks, Tours, and Techniques to Guide Test Design (Paperback)

A few years back, I read "How to Break Software" by James Whittaker. I liked it. It wasn't wonderful, but it had a good batch of practical, useful tips. Then I read "How to Break Software Security" and "How to Break Web Software". I liked them as well, but not as much. Still, I figured I'd read James Whittaker's newest book "Exploratory Software Testing". Sadly, the downward progression of his writing continues. This book is by far the worst of the bunch.

Chapter 1 - "The Case for Software Quality" is nothing more than "software is terrific, but it has bugs". That's it, nothing more here.

Chapter 2 - "The Case for Manual Testing" talks a bit about testing, and tries to define exploratory testing. Whittaker's definition has apparently caused some controversy among some well-known practitioners of exploratory testing, so here is his perhaps unique definition:

"When the scripts are removed entirely (or as we shall see in later chapters, their rigidness relaxed), the process is called exploratory testing."

Whittaker then divides exploratory testing into two sections. Exploratory testing in the small is that which guides the tester to make small, distinct decisions while testing. Exploratory testing in the large guides the tester in how an application is explored more than how a specific feature is tested.

Chapter 3 - "Exploratory Testing in the Small" was, to me, the only useful chapter in the whole book. Here Whittaker offers practical advice with examples for thinking about constructing test data, software state, and test environment.

Chapter 4 - "Exploratory Testing in the Large" is where Whittaker dives into what appears to be the point of the whole book - his Tourist Metaphor. Apparently this is a big hit at Microsoft, but I found it pointless. Think about every type of testing you have ever performed. Now try to torture it into a phrase that ends with the word Tour. There you go - that's the chapter.

Just to give you a flavor, here's a list of all these Tours, and their variations:

The Guidebook Tour
Blogger's Tour
Pundit's Tour
Competitor's Tour
The Money Tour
Skeptical Customer Tour
The Landmark Tour
The Intellectual Tour
Arrogant American Tour
The FedEx Tour
The After-Hours Tour
Morning-Commute Tour
The Garbage Collector's Tour
The Bad-Neighborhood Tour
The Museum Tour
The Prior Version Tour
The Supporting Actor Tour
The Back Alley Tour
Mixed-Destination Tour
The All-Nighter Tour
The Collector's Tour
The Lonely Businessman's Tour
The Supermodel Tour
The TOGOF Tour
The Scottish Pub Tour
The Rained-Out Tour
The Couch Potato Tour
The Saboteur Tour
The Antisocial Tour
Opposite Tour
Crime Spree Tour
Wrong Turn Tour
The Obsessive-Compulsive Tour

Perhaps the idea of calling UI Testing a Supermodel Tour appeals to you, and will make for a richer, more productive set of tests. I don't get it. I just don't see any value here. Doesn't testing have enough variation in language and definitions already, without adding this silliness?

Chapter 5 - "Hybrid Exploratory Testing Techniques" tells us that it's acceptable to combine scenario testing with exploratory testing. Then it spends time rehashing each of the tours from Chapter 4 and tries to suggest a side trip for each.

Chapter 6 - "Exploratory Testing in Practice" presents essays written by several Microsoft testers describing how they each used one or more of the tours in a testing situation. It appears as if Whittaker instructed his charges to write a "What I did this summer"-style essay, in the form of "How I used Tours to do my testing".

Chapter 7 - "Touring and Testing's Primary Pain Points" tries to tell us (in a few paragraphs) how to avoid five pain points - Aimlessness, Repetiveness, Transiency, Monontony, and Memorylesness. There's little real instruction here. For example, we are told that in order to avoid repetitiveness, we must know what testing has already occurred, and understand when to inject variation. Uhm, ok.

Chapter 8 - "The Future of Software Testing" has nothing at all to do with the other chapters, or exploratory testing. It's basically Whittaker's gee-whiz vision of what might be possible (some day) in the future. Perhaps. Whittaker has given this talk in several webinars - it's simply rehashed here.

Since these chapters take up only 136 pages, and obviously aren't enough to fill out a real book, three unrelated appendices are bolted on. A few pages about Testing as a career, and a bunch of pages lifted directly from Whittaker's blogs fill out the book to over 200 pages.

If you really want to learn about Exploratory Testing, this is probably not the place. "Exploratory Software Testing" is fluff - stretched and tortured out barely to book-length. There's not much in the way of learning here.

And if Microsoft testers are really instructed to "Tell me what kind of testing you did today, and make sure it ends with the word Tour", then I feel very sorry for them.

6 of 13 people found the following review helpful:

5.0 out of 5 stars A must read for all testers, September 4, 2009

By 

Rajat Dewan "rajatdewan" (Mountain View, CA) - See all my reviews
(REAL NAME)   

This review is from: Exploratory Software Testing: Tips, Tricks, Tours, and Techniques to Guide Test Design (Paperback)

I happened to review a copy of the book pre release. All I could say is that this book is full of new ideas regarding exploratory testing. The concept of tours is a revolutionary one, and provides a well defined structure to how we test. These concepts form a basic building block for a extremely comprehensive and solid test plan, paving way for automation. What is also impressive is the simplicity of the book. Easy and interesting to read, this book fills your mind with new ideas, which will change the way you think on approaching a test problem. 5 stars.

3 of 9 people found the following review helpful:

5.0 out of 5 stars a fun view on the perspectives of software testing, October 24, 2009

By 

Jeanne Boyarsky (New York, NY) - See all my reviews

This review is from: Exploratory Software Testing: Tips, Tricks, Tours, and Techniques to Guide Test Design (Paperback)

"Exploratory Software Testing" was a very enjoyable read. It is geared towards testers, but I think developers and informal testers can benefit from it as well.

My favorite section of the book was the "tours." This extended analogy compares vacation and testing. It points out different types of testing in a creative and memorable way. Examples
"morning commute" = startup
"arrogant American" provides silly inputs
"tourist district" differences between experienced/novice users

The author then provides case studies of how the tours were used at Microsoft. I really liked how he showed the importance of focusing on a completely different point of view in different tests.

The first 136 pages provide enough reasons to buy the book. The rest is the author's background, newsletter type posts from university and his Microsoft blog ([...]). While I'm not a fan of blog posts verbatium in a book, it was in an appendix at least.

If I could change three things about the book:
1)A list or table of the tours in one place
2)More consistency in the format of each Microsoft tester's description
3)Order the blog posts by topic rather than chronologically. Posts in a "series" should be together in printed form

As you can see, my biggest "complaints" about the book are quite minor.
---
And to make the FTC happy: I received a copy of this book from the publisher in exchange for writing this review on behalf of JavaRanch.