Definition:

According to ANSI/IEEE 1059 standard – A process of analyzing a software item to detect the differences between existing and required conditions (i.e., defects) and to evaluate the features of the software item.

Also known as, “defect testing”. And developing and delivering a quality product to the customer .

To develop a bug free and quality product,we need to follow a different  approach according to our project bulkness. 

Types of Testing

Basically, there are two approaches to testing: Static and Dynamic testing.

Dynamic testing contains  functional and non functional  testing.

Static testing contains Reviews of the documents , which contains the techniques as:

• Informal Reviews
• Technical Reviews
• Walkthrough
• Inspection
• Static code Review

Dynamic Testing contains functional and non-functional techniques, under functional techniques are as:

• Unit Testing: This technique includes individual units or modules that are tested by the developers. It involves testing of source code by developers.
• Integration Testing: This Techniques Involves Individual modules are grouped together and tested by the developers. The purpose is to determine what modules are working as expected once they are integrated.
• System Testing: This testing is performed on the whole system by checking whether the system or application meets the requirement specification document as expected.
•  Smoke testing
•  User Acceptance
• Regression testing
• Localization
• Globalization
• Interoperability

Example of Functional testing is Functional test case is to verify the login functionality.

Under Non Functional Testing : Non-functional testing like performance, security testing falls under the category of dynamic testing.

Example of the Non functional testing is to check whether the homepage is loading in less than 2 second ? 

Main difference between Static and Dynamic Testing.

Performance Testing:

Types of performance Testing are as: 

• Load testing: Load Testing is to verify that a system/application can handle the expected number of transactions and to verify the system/application behavior under both normal and peak load conditions (no. of users).
• Stress Testing: Stress Testing is to verify the behavior of the system once the load increases more than the system’s design expectations. This testing addresses which components fail first when we stress the system by applying the load beyond the design expectations. So that we can design a more robust system.
•  Spike Testing: Spike Testing is to determine the behavior of the system under a sudden increase of load (a large number of users) on the system.
• Volume Testing: Volume Testing is to verify whether a system/application can handle a large amount of data. This testing focuses on Database. Performance tester who does volume testing has to populate a huge volume of data in a database and monitor the behavior of a system.
• Capacity Testing:Capacity Testing is to determine how many users a system/application can handle successfully before the performance goals become unacceptable. This allows us to avoid the potential problems in the future such as increased user base or increased volume of data. It helps users to identify a scaling strategy in order to determine whether a system should scale up or scale out. It is done majorly for eCommerce and Banking sites.  are some examples. This testing is sometimes called Scalability testing.
• Soak Testing: Soak Testing is aka Endurance Testing. Running a system at high load for a prolonged period of time to identify the performance problems is called Soak Testing. It is to make sure the software can handle the expected load over a long period of time.

API testing:  (security Testing)

(Application Programming Interface), which is the mechanism which allows communications between two application components or computer hardware using a set of rules and protocols ,API can be written or used for the web based applications, computer operating systems and database computer hardware and library system.  

•  An application layer, often has three layer, front end layer, business logic layer and data layer
• API layer contains business logic of an application
• APIs or services layers directly both data and presentation layers

Web services are the implementation of APIs to communicate between two  application over a network networks i.e, http and https

• Web services is an API which is wrapped in Http
• Web services needs  network whereas, API doesn’t need and API
• All the Web services are API, but all the API are not web services

Web services APIs  Types:

• SOAP: simple access application protocol: it’s a protocol, where all data passed in XML format, this protocol cannot make use of REST since, REST is an Architectural pattern, whereas, SOAP is designed with specification includes WSDL, file which has the required information on what web services does in addition to the location of web services.
• XML: RPC
• JSON:RPC
• REST: Representational state transfer: It is an Architectural style, which permits different data format such as plane, text , html, xml, json etc. but most of the time this API performs the JSON format, REST can make use of SOAP, as underlying the protocol for web services, because at the end it’s just an architectural style, so it can be treated as REStful services so around 70% of Web services are implemented using RESTful.

REST API Request Methods: 

• GET: Retrieve information about the RESt API resource
• POST: Create REST API resource
• PUT: Update a RESt API Resource
• DELETE: Delete the RESt API Resource and revelevent Component

Basically , we make concern on the content type while sending the request response, content type specifies that what types of data your end point with get/ understand for.eg: 

• Application/json
• Application/xml
• X-www-form-urlEncoded

Let’s take an example of RESTful API is , how the responses work.

Figure: Flow diagram of RESTful API

Testing the application programming interface, or the business logic layer of any application is called API testing.  A Tester must focus on four things before API testing are (URL,METHOD,CONTENT-TYPE, DATA TYPE). Basically used to check following conditions:

• Is used to determine whether the APIs return to the correct response.
• Is considered as the part of the integration testing
• Commonly includes the testing RESt APIs or SOAP  web services with JSON or XML message payloads.

Why API Testing? 

Earlier Testing: once the logic is implemented, a test can be built to validate the correctness of data and response, we don’t have to wait for the front end to the build.

Easier test Maintenance: UIs constantly change and they are accessed from different browsers, os and screen orientations, which makes UIs relatively unstable however, APIs have no such challenges.

Fast Time to Resolution: When an APIs test fails, we know exactly where our system broke where a defect has been present, this will help us teo fix bugs so easily.

Speed and coverage of testing: 300 UI tests may take 30 hr to run, meanwhile, 300 APIs may take 3 minutes. That means you will find more bugs in less time, and also will fix those bugs immediately in time.

APIs Testing Types: 

• Functionality and Behaviours
• Performance and reliability
• Security

APIs Testing Tools common tools are as : 

• Postman: just test the functionality of the system, 
• REST ASSURED : it’s a library API, need to download and used in java programming, then should used functionality and also can use RESt sharp used for c# language for automation.
• SOAP-UI: Plaid Tools User for various API tests for Automation.
• Jmeter: APIs Load testing or Performance testing tool

Among, Automation and Manual testing according to the needs and requirements, both software testing is essential, as we discussed above mainly with manual testing approach, whose value is never going to degrade for delivering the Quality of product to the customer.