Common Questions Regarding Grey-Box Testing

How to Approach Penetration Testing?
3rd August 2016
VAPT Testing for Total Assurance
11th August 2016
Show all

Common Questions Regarding Grey-Box Testing

What is the reason that Grey-box testing is based on requirement based test case generation?

Grey-box testing uses assertion methods to preset all the conditions required, prior to a program being tested. Formal testing is one of the commonly used techniques for ensuring that a core program is largely correct. If the requirement specification language is being used to specify the requirements, it should be trivial to understand and then validate findings. Grey-box testing should use the requirement specification language as inputs to the requirements based test case generation phase.

Why is Grey-Box testing especially useful for Web and Internet applications?

This is because the Internet is built around loosely integrated components that are connected via relatively well-defined interfaces. It factors in high-level design, environment and inter-operable conditions. It has been devised in a way which should reveal problems with end-to-end information flow and distributed hardware / software system configuration and compatibility.

What is the Grey-Box assumption for object-oriented software?

Typically, a reference state model for SOT is assumed. The testing problem is to identify failure to conform to the reference model. The tester must determine which state is actually obtained by applying a distinguishing sequence and observing the resulting output. This increases the number of tests by a large amount. With object-oriented software, we assume that the internal state can be determined by;

  1. A method of activation state where activation is equated with state.
  2. State reporting capability in the Class-Under-Test (CUT).
  3. Built-in Test reporting in the CUT.

These are the Grey-Box assumptions.

Leave a Reply

%d bloggers like this: