| || |
- 1 Post By Joe Strazzere
Grey Box Testing
I want to do my thesis research work in grey box testing, kindly guide me that in which direction i should go??
For a research thesis you should attempt to formally define grey box testing, research the practices carrying that name in the real world, and attempt to quantify the benefit (if any) of that approach compared to others.
Thanks sir, actually i want something practically that is i want to prove my research work by applying on an application.
Joe has a good point. Everyone says they do it, but no one could really define the lines of what grey box testing really means. I personally wish that whole term would just go away. It means nothing to me considering almost all QA engineers do have access to the source to some degree or another. It's not that hard to just peek at the dev's code repo. Almost all automation engineers will have a commit access to the AUT's source since we have to add test hooks and write test harnesses.
Agree with dlai. In fact, I believe, all black box tests can have some traces of 'greyness' (depending on the conditions of testing environment). It is only the 'amount of access a particular tester have to the code', that makes a test 'grey box testing'.
Probably for your thesis, you should emphasis on the 'threshold of access' a tester should have, to call a test 'grey box testing'. Just a suggestion
Very nice answers given above.
Mehreen - Better define grey box testing with an example taken from a domain + supporting application for it.
Usually, in a complex applications suite - which satisfies (again complex) a business scenario, it becomes much more easier to define boundaries for a grey box. The reason is: a QA testing team may end up spending more time in doing functional, internal & external workflows testing with limited integration or interface tests across systems. In such cases, the testing team at large would not do real deep code reviews or look at the source.
This does not signify less technical understanding of a QA team member, but the role at large need not demand such an approach. Hence, a tester would usually end up doing mostly black box tests and do limited white box testing (say for batch or interfaces).
You can also define boundaries for the domain you select & see if you can get access to a complex application setup for such a thesis.