White-box testing (clear box testing, glass box testing, transparent box testing, or structural testing) is a method of testing software that tests internal structures or workings of an application, as opposed to its functionality.

White box testing involves the following steps:

  • Create test plans – Identify all white box test scenarios and prioritize them.
  • Profile the application block – This step involves studying the code at run time to understand the resource utilization, time spent by various methods and operations, areas in code that are not accessed, and so on.
  • Test the internal subroutines – This step ensures that the subroutines or the nonpublic interfaces can handle all types of data appropriately.
  • Test loops and conditional statements – This step focuses on testing the loops and conditional statements for accuracy and efficiency for different data inputs.
  • Perform security testing – White box security testing helps you understand possible security loopholes by looking at the way the code handles security.

Black box testing involves testing external interfaces to ensure that the code meets functional and nonfunctional requirements.

The various steps involved in black box testing are the following:

  • Create test plans – Create prioritized test plans for black box testing.
  • Test the external interfaces – Test the external interfaces for various type of inputs using automated test suites, such as NUnit suites and custom prototype applications.
  • Perform load testing – Load test the application block to analyze the behavior at various load levels. This ensures that it meets all performance objectives that are stated as requirements.
  • Perform stress testing – Stress test the application block to analyze various bottlenecks and to identify any issues visible only under extreme load conditions, such as race conditions and contentions.
  • Perform security testing – Test for possible threats in deployment scenarios. Deploy the application block in a simulated target environment and try to hack the application by exploiting any possible weakness of the application block.
  • Perform globalization testing – Execute test cases to ensure that the application block can be integrated with applications targeted toward locales other than the default locale used for development.