What is Static Testing?
Static testing is a software testing technique used to identify defects in a software application without executing its code.
Static testing checks the code at an early stage of development and helps identify source code problems, some of which are detectable in dynamic testing. Some of the issues checked are:
- Diversions from coding conventions
- Non-compliance with security standards
- Logic errors
- Design flaws
- Dead code
- Unused or uninitialized variables
- Infinite loops
- Memory leaks
- Inefficient code
Static testing can be performed in two ways:
- Manual reviews: Other people examine the source code and point out the logic or design flaws, inconsistencies, deviations from standards, etc.
- Automated analysis: One or more tools analyze the source code for potential problems. Advanced data-driven analysis using machine learning for identifying problematic code patterns is now becoming popular.
Static Testing Techniques
Other developers in the team go through the code and point out problems with the code.
The developer presents the code to others, who then give their opinions. It is not surprising for the presenting developers to realize problems themselves during the walkthrough.
Peer review involves developers in a team checking each other's code.
A formal process in which one or more experts examine the code and give their evaluation.
Static Code Analysis
This technique mostly analyzes the code's data-flow, control-flow, and errors in addition to checking adherence to coding conventions and reports defects like dead code, uninitialized variables, infinite loops, etc.
The main disadvantage is that it cannot check whether the logic is indeed correct. For example, if the code for computing a rectangle area is miswritten as length + breadth instead of length x breadth, the software will not report this problem. A human is required.
Advantages of Static Testing
- Helps to identify missing requirements.
- Design defects can be found only in static testing, avoiding massive rework at a later stage.
- High return on investment - it is a hundred times cheaper to detect problems early than in production.
Disadvantages of Static Testing
- As code review and technical inspection is a manual process, it is expensive.
- Automated code verification is still not very reliable and can lead to false positives and false negatives.
Static testing is more of a defect prevention method than a defect correction method. It's the earliest step in the quality assurance process and one of the cheapest ways to achieving excellence.