Black Box, White Box, And Gray Box Testing

Black,white,Grey testing

Software testing is a technical investigation that provides the numerous stake holders details about the quality of product under investigation. It is a technique to find bugs in the developed software. It provides objective and independent information about the quality of software. It can tell a lot about the build and about other underlying issues. A tester checks if the software is complete with all its loose ends tied, if it is secure and stable by testing it against specifications and expected results.

Unless the software is tested you cannot be sure of its quality. A software is expected to meet all the requirements its developers and designers intend it to. It should respond predictably to the inputs in an acceptable time frame. It should run error free in its intended environment. A tester’s job is to run the software through myriad of tests so that if the software has any bugs, any unpredictable behaviour, he can report it to the developers and designers who can then take care of the issues. Testing can be done in a phased manner after a software has been developed or it can be undertaken under ‘Agile’ approach where programming and testing runs concurrently.

There are many approaches to software testing. Black Box, White Box, and Gray Box are different testing techniques a tester uses. They are actually different points of view-on how a software is tested. Let’s discuss them.


# Black Box Testing

Black Box testers have nothing to do with the internal structure or workings of the codes. The tester doesn’t need to know the system architecture or source code. Black box testing is also known as closed box testing, data driven testing or functional testing. A functionality of an application can be tested by interacting with its user interface. A tester provides inputs, records outputs and compares it with the standard output he expects. Unexpected results and deviations are noted and brought to the notice of developers and designers.

Black box testing has limited coverage. Only a select number of scenarios can be created. Its test cases are difficult to design and you cannot depend only on Black box testing to ensure your application is stable and of quality.

Some important types of Black Box testing techniques are as follows:

  • Equivalence Partitioning: It is also called Equivalence Class Partitioning (ECP). It is a testing technique which divides the input data of a software unit into partitions of equivalent data from which test cases are derived. Here test cases are designed to cover each partition at once.
  • Boundary Value Analysis: Here extreme boundary values are chosen for testing. The idea is to find an error when feeding minimum, maximum, just inside/just outside boundaries, error values and typical values to the system.
  • Fuzzing: Fuzzing is testing by feeding random data using malformed/semi-malformed data injection in an automated or semi-automated session. Invalid, unexpected or random data is provided to the software for analysis. The software is then monitored for crashes, implementation bugs, potential memory leaks or failed built-in code assertions and security.
  • All Pair Testing: Generally most common bugs in a program are triggered by an interaction between pairs of parameters. It is a combinatorial method of software testing which tests all possible discrete combinations of each pair of input parameters.
  • Orthogonal Array Testing: It is a statistical testing technique used when number of inputs to the application which is to be tested is very small but complex for exhaustive testing. It is used to find faulty logic in computer systems. Orthogonal arrays can be applied for system testing, user interface testing, configuration testing, performance testing and regression testing.
  • State Transition Testing: It is a technique in which input conditions are changed or changes are made to the ‘state’ of the system to trigger faulty output. Valid and invalid state transitions are executed via appropriately designed tests.


#White Box Testing:

White Box testing technique is the detailed investigation of the internal structure and logic of the application. White Box testing verifies the correctness of the software’s statement, conditions, codepaths, loops and data flows. In White Box testing a coder needs to investigate the source code, to determine which unit of code is not performing as per expectations. The coder chooses appropriate input to exercise the codepath he wants to test. White box testing technique is applicable at unit, integration and system levels of the software testing process.

White – box testing technique is time consuming and can only be used by skilled coders. It is therefore expensive. The programmer must thoroughly know the application he wants to test so that he is then able to create right kind of test cases. White Box testing technique is also called Glass box testing, design based testing, clear box testing or structural testing by some testers.

Some important types of White Box testing techniques are as follows:

  • Control Flow Testing: It is a structural testing strategy which uses program’s control- flow as a model. Often the designers and developers who develop the software use this technique to test logic of the code to achieve required result. In this technique the idea is to select a coverage target on a codepath with the help of Control Flow Graph (CFG); input values and test cases are then created, executed and results analysed.
  • Data Flow Testing: It detects improper use of data values in a program. These data flow anomalies are due to coding errors. Data Flow testing focuses on the points at which variables receive values and at the points at which these values are used or referenced. By tracking data usage dodgy areas of codes can be spotted and then more tests can be conducted there. For data flow testing, a Data Flow Graph is useful. This graph shows the data dependencies between different operations.
  • Branch Coverage Testing: Branch coverage is also known as Decision Coverage. When the application is coded, it cannot be one continuous mode of code. The code branches out to perform particular functionality. The branch coverage testing validates the branches in the code to ensure there is no abnormality in the behaviour of the application.
  • Basis Path Testing: In Basis Path Testing or Structured testing the test case designer derives a logical complexity measure of a procedural design and then this design is used as a guide for determining the number of linearly independent paths. Generally McCabe’s cyclomatic complexity method is used to determine the paths. It was Tom McCabe who proposed the technique. The test cases are then prepared that force execution of each path obtained in the basis set.
  • Loop Testing: This technique focuses exclusively on the validity of loop constructs. There are four classes of loops: Simple loops, Nested loops, Concatenated loops, and Unstructured loops. Testing is done by varying the loop boundary values.

#Gray Box Testing:

Gray Box Testing Technique uses effective combination of both Black Box testing techniques and White Box testing techniques. Grey Box testing techniques increase testing coverage by focusing on all the layers of a complex system by combining all of Black and White testing techniques. In order to design tests under Gray Box, the tester needs to know all about the algorithm and internal data structure of the software.

Gray Box Testing provides benefits of both black box and white box testing techniques. The techniques can be used by testers, developers and end users. Testers don’t need to know the programming language or methods of testing applications which makes the Gray Box Testing Techniques unbiased. The software is tested from the perspective of user rather than the designer. Web applications can be best tested by Gray Box Testing techniques as they don’t have any source code or binaries.

Let’s look at some of the important Gray Box testing techniques.

  • Matrix Testing: It tests the status report of the project. A document is prepared that traces and maps user requirements with test case IDs. It is to make sure all the requirements are covered in test cases. It shows the clients that the test coverage is complete. Requirements are mapped with test cases and vice-versa. This test makes it easy to identify if there are any missing functionalities. It is to ensure that the right product is being built.
  • Regression Testing: This technique is utilised to see if the software still works as expected after a change or interface with other software. It ensures that no new bugs have developed after the change. The changes could be -enhancing the software by adding patches to the existing software, changing any configuration etc. A software change impact analysis can tell which areas could be affected by new changes in the software.
  • Pattern Testing: This technique tests the build, architecture and design of the software. It ensures that best practices were followed while developing the software.

The Wrap

These are some of the important software testing activities aimed at evaluating a software to ensure it meets required specification. Software testing helps eliminate a lot of bugs that can cause a lot of stress and loss of man-hours. We provide excellent testing services, in case, you are in need. That’s all from our end. Until next time, Adios.

push messages

Priyanka Garg

Priyanka Garg

A writer, a wordsmith. Curious about the internet of everything. Interested in the cutting edge landscape of mobile apps and SAAS products. Blogs for OpenXcell - A Mobile App Development Company. Loves Jazz and Blues.