Skip to main content

Introduction

White-box testing can also be referred to as Clear-box, Open-box or Glass-box testing, and differs from Black-box as the emphasis is on the internal structure, design, and all aspects of the code. The focus is mainly on the flow of inputs and outputs through the product, allowing for improvements in usability and security. Importantly, White-box testing revolves around the internals of the product.

The name White-box derives from the see-through box concept, symbolising the ability to see the internal functionalities of the product. During the process, the tester chooses inputs to exercise paths through the code, determining the appropriate outputs. Crucially, a strong knowledge of programming is required due to the complexity of the products internal applications. White-box testing offers a fast way to test every path and does not require a complete user interface to execute tests. While this ensures the code is working well, it cannot guarantee it works as the user intends, which is why we also need Black-box testing.

White-box Testing Involves…

The primary objective of white box testing is to verify the quality of the application code. For this reason, the tester needs to have a deep understanding of the expected outcomes. Through the process, White-box testing identifies:

  • Security issues within the product
  • Broken paths within the code
  • The input flow relating to specific sections of the code
  • The expected output
  • How the functionality works with conditional loops
  • Ensuring that every statement, object and function is tested

Pros vs Cons

Pros icon

Pros

  • Testing is thorough with complete code coverage
  • White-box testing gives a clear structure to testing with clearly defined rules
  • Knowledge of the products internal system allows for small pieces of code to be tested to see if they run as they should, a process known as ‘Unit Testing’. Due to their quick nature, unit tests can be automated
  • White-box testing can significantly speed up the testing process
  • The Code can be optimised during the process
Cons icon

Cons

  • Due to the precise nature, White-box testing is costly
  • Testing is often more time consuming and complex
  • Automated tests can be neglected if there are continuous changes is in the code
  • Testers are required to possess internal knowledge
  • Despite its thoroughness, there is still the possibility that sections of code are accidentally missed

White-box Techniques

There are several White-box testing techniques, far more than the scope of this website. Code coverage measures the degree of how source code has been tested. Some of the basic techniques are:

Statement Coverage

Every statement within the code is required to be tested at least once during the testing process. It is used to measure the number of statements in the code which can be executed against the given the requirements. Statement coverage typically covers unused statements, unused branches and dead code.

Path Coverage

With Path Coverage, the program is split into a series of distinct paths, providing a structured testing method to identify every possible executable path. One of the benefits is that it helps to find all defects within a specific piece of code while determining all lying faults.

Branch Coverage

Branch Coverage is perhaps the most comprehensive coverage as every outcome from the code is tested. Sections of code which do not contain branches can be identified, and fractions of code segments can be measured.

Return to the top
User Sitemap