What is Static Testing?

For high software quality, testing the software application is crucial before it is made available to the customer. There are several approaches to validate the software developed. It is better to prevent defects and easy to rectify them before they complicate the system. Static testing the performed in early development to prevent defects.  

What is Static Testing?

Static testing is an approach to testing the software application without executing the actual code. This is performed at the early stage of development to identify the issues in the project documents in multiple ways, namely reviews, walkthroughs, and inspections. The documents required for static testing are:

1. Business requirement document, customer requirement specifications
2. Functional requirement documents, Software requirement Specifications.
3. User stories, Use case documents.
4. Prototypes and design specification documents.
5. High-level and low-level design documents.
6. Testing documents such as test plan, test strategy document, test scenarios, test cases, test data, and traceability matrix.

Why is Static Testing required?

Static testing is analyzing the project specifications at the initial stage of development. If defects are detected at the early stage cost of the testing is reduced. With static testing, we can identify ambiguities in project documentation, misunderstandings of requirements, or flaws in the requirement and design issues. Static testing is required to improve development productivity. Coding mistakes can be detected and rectified at the initial stage of development by static testing.

Types of Static Testing

Static testing can be done mainly by manual and automated methods as described below. 

Manual Methods of Static Testing

Detailed evaluation of project-specific documents done manually performed by different project members like architects, designers, managers, moderators, and reviewers.

Types of manual methods:

1. Inspections
2. Walkthroughs 
3. Informal Reviews
4. Technical Review

• Inspections: These are the most formal way of static testing, a dedicated moderator initiates the process and conducts a complete formal review by scheduling a meeting. Proper documentation has been prepared before and after the meeting, and peer reviews will happen to understand the product. observations and issues are documented as issue logs and the moderator will do a follow-up and schedule meetings accordingly till the closure. The Author is responsible for resolving the identified defects and improving the quality. Reviewers are responsible for checking the documents and reviewing the defects during the inspection process. The manager will take care of the planning for the inspection process and ensures whether the goal has been met or not.
• Informal Reviews: These reviews are performed mainly as peer reviews, management participation is not mandatory. There is no need for any report generation after the meeting. Feedback from the team will be captured and implemented wherever necessary.
• Technical Review: A  formal way of review conducted by a trained moderator or by a technical expert. Potential defects can be identified by the document review by architects, designers, and users who focus on the content of the documentation. This is beneficial to understand the progress of the project. The major goal of this method is to focus on technical concept corrections and identifying alternatives if required, to improve the understanding of technical information among the team members.
• Walkthrough: This is not a formal process, usually the meeting is led by the author of the documentation, aiming for a common understanding of the proposed solutions and taking the feedback. It’s like a knowledge transfer and examining the content of the documentation with the participants. This is useful for high-level documents like requirement specifications.

Automation Method of Static Testing

The automation method of static testing is nothing but code analysis by some tools. Source code analysis or debugging is done by different tools, and by the developers. It is called static analysis.

• Static Analysis: Static analysis is the code analysis performed to understand the code structure and coding standards. It’s a debugging performed to examine the source code without executing the program. This is helpful for developers to ensure identifying programming errors,syntac errors,security issues and performance issues, and coding standard viloations. Different tools like Pycharm, Checkstyle, and SourceMeter are available to analyze data flows and control flows in the source code in the targeted programming language. Some examples of these tools are mentioned here. 

Types of automation methods or static analysis

• Control flow analysis : This is a static code analysis techniques used to chekc the control flow of the programming language and it is defined in control flow graph nad verifies the functions or modules and subroutines to check the process flows.
• Data flow analysis: This method used to verify the data structures and defincations of variables and their usage without executing the code.
• Failure analysis :This method is used to identify the causes of  design failures and condition failures,incorrect behaviour of the modules etc.
• Interface analysis:This method is used to anlyze the different interfaces used the program model and to identify the integrations and  simulations.

For Example,

Pycharm: It is the IDE for Python programming, and it provides options for code analysis and debugging. The Space plugin is used for code review in Pycharm, peer reviews can be done and changes can be merged with the source code.

When is Static Testing required?

Static testing is performed at the early stage of SDLC, before the testing phase.

So to prevent defects static testing can be done by a manual process of reviewing can be done to identify the defects that are difficult to capture during dynamic testing. It is required to ensure industry standards of the source code and find security vulnerabilities and detect the possibility of cyber attacks. A mitigation plan has to be created for the risks. Static analysis is the automation process to reduce the time and cost of the project.

How is Static Testing performed?

Let us understand static testing with an example. Consider an e-commerce application that is about to develop in a project.

1. During the initial stage of SDLC, the Customer will send the customer requirement specifications (CRS) of the web application.
2. CRS will be reviewed by the project team and they will prepare the  software requirement specifications.
3. The development team will prepare the High-level design document for the application.
4. Based on the project model, the team will review SRC and HLD and verifies the HLD is in line with SRS or not and then a Low-level design document will be prepared.
5. Based on the LLD and project plan testing team will prepare QA documents test plan, RTM, test scenario, and test cases.
6. All these documents are reviewed and analyzed by different teams like the architect team, Business analysts, Business users, Dev team, and QA team.

After completing all the required documentation a review meeting will be conducted and requirements will be concluded with the final decision of the meeting. The design will be finalized and the dev team will start developing the code. Once the source code is finished a code walkthrough and code analysis will be done before unit testing. All the process done before the unit testing is the static testing.

This entire process varied based on the SDLC model followed by the project but the goal is the same for all to get the output with quality.

Static Testing vs Dynamic Testing 

Static testing and Dynamic testing are different here are the differences

Advantages and Disadvantages of Static Testing

Advantages or Benefits:

1. Static testing is beneficial for detecting and rectifying issues in an early stage.
2. Eventually reduces the cost and time by avoiding the rework.
3. Improves development productivity and reduces testing efforts.
4. Feedbacks are helpful in the software development process.
5. Collaboration of the team helps an equal understanding of the technical aspects and software requirements and improves the quality. 

Disadvantages or limitations

1. The manual process of static testing requires a lot of time and people’s involvement.
2. Automation tools are limited to some programming languages.
3. Automation tools may mislead by false results, can only scan the code, and may not identify weak points.

Summary

Static testing is a process to detect and rectify issues at the early stage that prevent defects. It is a beneficial and effective way of improving the quality.

It reduces the testing time and cost. However, it is not a replacement for the dynamic testing process. It has its limitations concerning initial time and automation tools.