Why is static testing necessary?
In many companies, unfortunately, underestimate the influence of the static test on the quality of the final product. At first, let's start with terms to understand differences between static and dynamic testing.
Static testing - testing of a software development artifact, e.g., requirements, design or code, without execution of these artifacts, e.g., reviews or static analysis.
Dynamic testing - testing that involves the execution of the software of a component or system.
In contrast to dynamic testing, static testing finds causes of defects and help to prevent future failures. It often has a goal to educate team and new team members. Static testing is done before the dynamic test and accordingly, errors found at this stage costing us less. Always remember that the cost of finding and fixing defects rises considerably across the life cycle.
Obviously that any software product can be reviewed. For example requirements specifications, design specifications, code, test plans, test specifications, test cases, test scripts, user guides, web pages.
Two main terms in the context of static testing are review and static analysis, the last one mainly performed by developers and supporting by different tools.
The process of review may be formal or not. The formality of a review process is related to factors such as the maturity of the development process, legal or regulatory requirements or the need for an audit trail. Formal process based on rules, checklists with entry and exit criteria. It often includes pre-meeting preparation, led by trained moderator (not the author) and may be called walkthrough, technical review or inspection.
In common the process of review looks like:
1.Planning - to allocating roles, defining the entry and exit criteria etc.,
2.Kick-off meeting. The goal of this step is to give a short introduction on the objectives of the review and the documents to everyone in the meeting. At customer sites, we have measured results up to 70% more major defects found per page as a result of performing a kick-off.
3.Individual preparations where while reviewing individually identifies the defects, questions, and comments according to their understanding of the document and role.
4.Review meeting, during which command discuss found problems, make recommendations for handling the defects or make decisions about the defects.
5.On the rework step, an author makes a decision whether the defect has to be fixed or not. If nothing can be done about an issue, then at least it should be indicated that the author has considered the issue.
The review process cannot be successful if management support is lacking and a manager didn’t allocate time in project schedules. Sometimes managers prefer to take a part in review meetings and this is not always a good decision, because then appear psychological barrier, as employees may think that their words at the meeting may lead to the assessment of personal qualities. Other roles in review process may be called author, moderator, inspector, scribe. Sometimes a team may need to invite an outsource consultant if the project has unique field-related standards or other specific requirements.
If reviews fail due to lack of preparation, this is mostly because the wrong reviewers were chosen.
General rules for successful review meeting are:
●Meeting is limited to two hours, if necessary, another meeting is called, not before the next day.
●Select the documents for review that are most important in a project.
●Checklists and roles are recommended to increase the effectiveness of defect identification
●Continuously improve processes and tools
In conclusion, static testing is about code and documentation, without code execution and defect found at this stage costing us less. It is very important to have a strong system for review meetings, in another case they will be unprofitable. This is also good practice to use a static analysis tool to write cleaner code.
There is a saying about review: “Reviews, like weddings, are enhanced by including ‘something old, something new, something borrowed, something blue”, the latest means dissenter who is hard to please =)
A lot of companies are afraid of the review process and think that it is a waste of time, but in practice time and money, that was spent for it returns and makes a profit.
Just do it! Start doing reviews and start learning from every review.