White Box Testing – What is, Techniques, Example & Types

ByThomas Hamilton

White Box Testing

White Box Testing is a testing technique in which software’s internal structure, design, and
coding are tested to verify input-output flow and improve design, usability, and security. In white
box testing, code is visible to testers, so it is also called Clear box testing, Open box testing,
Transparent box testing, Code-based testing, and Glass box testing.
It is one of two parts of the Box Testing approach to software testing. Its counterpart, Blackbox
testing, involves testing from an external or end-user perspective. On the other hand, White box
testing in software engineering is based on the inner workings of an application and revolves
around internal testing.
The term “WhiteBox” was used because of the see-through box concept. The clear box or
WhiteBox name symbolizes the ability to see through the software’s outer shell (or “box”) into
its inner workings. Likewise, the “black box” in “Black Box Testing” symbolizes not being able
to see the inner workings of the software so that only the end-user experience can be tested.

What do you verify in White Box Testing?

White box testing involves the testing of the software code for the following:
 Internal security holes
 Broken or poorly structured paths in the you coding processes
 The flow of specific inputs through the code
 Expected output
 The functionality of conditional loops
 Testing of each statement, object, and function on an individual basis
The testing can be done at system, integration, and unit levels of software development. One of
the basic goals of whitebox testing is to verify a working flow for an application. It involves
testing a series of predefined inputs against expected or desired outputs so that when a specific
input does not result in the expected output, have encountered a bug.

How do you perform White Box Testing?

We have divided it into two basic steps to give you a simplified explanation of white box testing.
This is what testers do when testing an application using the white box testing technique:
STEP 1) UNDERSTAND THE SOURCE CODE
The first thing a tester will often do is learn and understand the source code of the application.
Since white box testing involves the testing of the inner workings of an application, the tester
must be very knowledgeable in the programming languages used in the applications they are
testing. Also, the testing person must be highly aware of secure coding practices. Security is
often one of the primary objectives of testing software. The tester should be able to find security
issues and prevent attacks from hackers and naive users who might inject malicious code into the
application either knowingly or unknowingly.
STEP 2) CREATE TEST CASES AND EXECUTE
The second basic step to white box testing involves testing the application’s source code for
proper flow and structure. One way is by writing more code to test the application’s source code.
The tester will develop little tests for each process or series of processes in the application. This
method requires that the tester must have intimate knowledge of the code and is often done by
the developer. Other methods include Manual Testing, trial, and error testing and the use of
testing tools as we will explain further on in this article.
WhiteBox Testing Example
Consider the following piece of code
Printme (int a, int b) { ------------ Printme is a function
int result = a+ b;
If (result> 0)
Print ("Positive", result)
Else
Print ("Negative", result)
} ----------- End of the source code
The goal of WhiteBox testing in software engineering is to verify all the decision branches,
loops, and statements in the code.
To exercise the statements in the above white box testing example, WhiteBox test cases would
be
 A = 1, B = 1
 A = -1, B = -3

White Box Testing Techniques

A major White box testing technique is Code Coverage analysis. Code Coverage analysis
eliminates gaps in a Test Case suite. It identifies areas of a program that are not exercised by a
set of test cases. Once gaps are identified, you create test cases to verify untested parts of the
code, thereby increasing the quality of the software product
Below are a few coverage analysis techniques a box tester can use:
Statement Coverage:- This technique requires every possible statement in the code to be tested
at least once during the testing process of software engineering.
Branch Coverage – This technique checks every possible path (if-else and other conditional
loops) of a software application.
Apart from above, there are numerous coverage types such as Condition Coverage, Multiple
Condition Coverage, Path Coverage, Function Coverage etc. Each technique has its own merits
and attempts to test (cover) all parts of software code. Using Statement and Branch coverage
you generally attain 80-90% code coverage which is sufficient.
Following are important WhiteBox Testing Techniques:

 Statement Coverage
 Decision Coverage
 Branch Coverage
 Condition Coverage
 Multiple Condition Coverage
  Finite State Machine Coverage
 Path Coverage
 Control flow testing
 Data flow testing

Types of White Box Testing

White box testing encompasses several testing types used to evaluate the usability of an
application, block of code or specific software package. There are listed below —
 Unit Testing: It is often the first type of testing done on an application. Unit Testing is
performed on each unit or block of code as it is developed. Unit Testing is essentially
done by the programmer. As a software developer, you develop a few lines of code, a
single function or an object and test it to make sure it works before continuing Unit
Testing helps identify a majority of bugs, early in the software development lifecycle.
Bugs identified in this stage are cheaper and easy to fix.
 Testing for Memory Leaks: Memory leaks are leading causes of slower running
applications. A QA specialist who is experienced at detecting memory leaks is essential
in cases where you have a slow running software application.
 White Box Penetration Testing: In this testing, the tester/developer has full information
of the application’s source code, detailed network information, IP addresses involved and
all server information the application runs on. The aim is to attack the code from several
angles to expose security threats.
 White Box Mutation Testing: Mutation testing is often used to discover the best coding
techniques to use for expanding a software solution.

White Box Testing Tools

Below is a list of top white box testing tools.
 EclEmma
 NUnit
 PyUnit
 HTMLUnit
 CppUnit