Menu
In best practices
What does the box say?
White, Black and Gray Box testing techniques.
Oh yes. Testing. Do you know that testing is science? Every new day, the global testers' community contributes to the knowledge base, sharing experience, and their own achievements.
by Olga S
QA engenier
by Olga S
QA engenier
As the old song goes: "If you're thinking of being my brother, it doesn't matter if you're black or white!" Thank you, Michael, for being this tolerant. Wait, where were we?

Oh yes. Testing. Do you know that testing is science? Every new day, the global testers' community contributes to the knowledge base, sharing experience, and their own achievements. This is how knowledge about high-level test classification was born, and we will be happy to share this knowledge with you in today's article.

So, the highest level in the hierarchy of approaches to testing will be the concept of type, which includes several testing techniques at once. That is, several different techniques may correspond to one type of testing. Let's take a look at several types of testing that differ in whether we (as testers) understand the internal structure of the test object.
As the old song goes: "If you're thinking of being my brother, it doesn't matter if you're black or white!" Thank you, Michael, for being this tolerant. Wait, where were we?

Oh yes. Testing. Do you know that testing is science? Every new day, the global testers' community contributes to the knowledge base, sharing experience, and their own achievements. This is how knowledge about high-level test classification was born, and we will be happy to share this knowledge with you in today's article.

So, the highest level in the hierarchy of approaches to testing will be the concept of type, which includes several testing techniques at once. That is, several different techniques may correspond to one type of testing. Let's take a look at several types of testing that differ in whether we (as testers) understand the internal structure of the test object.
White Box
(open box, clear box, glass box testing)
White Box
(open box, clear box, glass box testing)
Why the "white box"? The tested app, in this case, is a transparent box, the contents of which we can see perfectly. This means: we know the app inside out.

According to the ISTQB, white box testing is:

  • testing based on the analysis of the internal structure of a component or system.
  • test design, a procedure for writing or selecting test cases based on the analysis of the internal structure of the system or component.

The white box method is applicable when we have access to the internal structure and application code, and also have enough knowledge to understand what we see. We select input data based on the fact that we know the code, which will then process this data. We also know what the result of this processing should be. Knowledge of all the features of the application being tested is mandatory for this technique. White box testing is the process of deepening into the internal structure of the system, beyond its external interfaces.

When the tester uses the white box method, this can be compared with the work of an auto mechanic who studies the engine of a car to understand why it does not start. The white box technique is applicable at different levels of testing, from unit to system, but it is mainly used for unit testing of the component.
Here's an example.

The tester (who is usually also a developer) examines the code for the input field on a web page. Then the tester determines all possible (both correct and incorrect) user inputs and compares the actual result with the expected one. In this case, the expected result is determined by how the application code should work.
Advantages.
Testing can be done in the early stages of development, as there is no need for a user interface. Also, using the white box method, we can conduct more thorough testing, covering a large number of application execution options.
Disadvantages.
To use the white box method, the tester needs to have a lot of special knowledge. Also, when using test automation at this level, it can be quite difficult and expensive to support the test scripts, especially if the app is being constantly changed.
Disadvantages.
To use the white box method, the tester needs to have a lot of special knowledge. Also, when using test automation at this level, it can be quite difficult and expensive to support the test scripts, especially if the app is being constantly changed.
The opposite of the white box technique is black box testing, which will be discussed below.
The opposite of the white box technique is black box testing, which will be discussed below.
Black Box
(closed box testing, specification-based testing, requirements-based testing)
Black Box
(closed box testing, specification-based testing, requirements-based testing)
Why the "black box"? The tested app, in this case, is a lighttight box, the contents of which we cannot see. This means: we know what we should get out of the app, but we don't know how it works.

According to the ISTQB, black box testing is:

  • testing, both functional and non-functional, not involving knowledge of the internal structure of the component or system.
  • test design, a procedure for writing or selecting test cases based on the analysis of the functional or non-functional specification of a component or system without knowledge of its internal structure.
So, black box testing is a technique based on interacting exclusively with the external interfaces of the system. We use this method when we do not have access to the internal structure and application code, or we do not have enough knowledge to understand them. We may also not refer to the code during the testing process for a specific reason. We influence the application in different ways (and check the reaction), simulating the real situation of the application interacting with users or other applications.

According to the black box method, the main source for creating test cases is the documentation (especially the requirements) and common sense (who would doubt that?). Sometimes there are situations when the behavior of the application is not clearly regulated. In this case, "testing based on implicit requirements" can be carried out. In general, the black box technique is applicable at all levels of testing (from unit to acceptance), for which there is a specification.

Thus, the purpose of this technique is to search for bugs in the following categories:

  • Incorrectly implemented or missing functions.
  • Interface bugs.
  • Bugs in data structures.
  • External databases access bugs.
  • Behavior bugs or insufficient system performance.
Here's an example.

The tester checks the website, not knowing how it's implemented. This means that the tester will only use input fields and buttons that the developer has provided. The expected result is recorded in the specification. The tester receives the data and compares it with the specification, then comes to a conclusion about the application's performance.
Advantages.
Testing is done from the perspective of the end user and can help detect inaccuracies and contradictions in the specification. The tester does not need to know the programming languages and go into the specifics of the application implementation. Testing can be done by those specialists who are not involved in the development process, which helps to avoid a biased attitude. The advantage is also the fact that a tester can start writing test cases as soon as the specification is ready.
Disadvantages.
Only a very limited number of ways to execute an application can be tested using the black box technique. Also, without a clear specification, it is rather difficult to make effective test cases. Some tests may be redundant if they have already been conducted by the developer at the unit testing level.
Disadvantages.
Only a very limited number of ways to execute an application can be tested using the black box technique. Also, without a clear specification, it is rather difficult to make effective test cases. Some tests may be redundant if they have already been conducted by the developer at the unit testing level.
Now let's compare these two methods: White Box vs Black Box.
Now let's compare these two methods: White Box vs Black Box.
Advantages
White Box
  1. Shows hidden problems and simplifies their diagnosis.
  2. Allows fairly simple automation of test cases and their implementation at the earliest stages of project development.
  3. It has a developed system of metrics, the collection, and analysis of which is easily automated.
  4. Stimulates developers to write quality code.
Black Box
  1. The tester is not required to have (deep) knowledge of programming.
  2. The behavior of the application is investigated in the context of the real environment and takes into account its influence.
  3. Application behavior is explored in the context of real user scenarios.
  4. Test cases can be created at the stage of the first requirements appearance.
  5. The process of creating test cases allows the tester to identify defects in the requirements.
Disadvantages
White Box
  1. Cannot be performed by testers who do not have sufficient knowledge in the field of programming.
  2. Testing is focused on the implemented functionality; this may lead the tester to miss unfulfilled requirements.
  3. Application behavior is investigated in isolation from the real environment and real user scenarios.
Black Box
  1. t is possible to repeat part of the test cases that have already been completed by the developers.
  2. There is a high probability that some of the possible behaviors of the application will remain untested.
  3. For the development of high-performance test cases, high-quality documentation is required.
  4. Diagnostics of detected bugs is more complicated in comparison with the techniques of the white box method.
  5. Due to the wide choice of techniques and approaches, it is difficult to calculate the testing budget.
  6. In the case of automation, complex expensive tools may be required.
Ok, but what's a gray box testing?
Ok, but what's a gray box testing?
Gray Box
Why the "gray box"? This is the color that appears when you mix black and white. This means: we know what we should get out of the app, but we're not sure how exactly it works.

The gray box method is a combination of the white box and black box methods when the tester has access to one part of the code and the architecture only. That is, the internal device of the application is only partially known to us. The tester is given, for example, access to the internal structure and software operation algorithms for writing the most effective test cases, but the testing itself is carried out using the black box technique, that is, from the user's point of view. Usually, they talk about the methods of the white or black box as applied to certain parts of the application while realizing that the entire application is being tested using the gray box method.

The gray box technique is applicable at different levels of testing, from unit to system, but is mainly used at the integration level to test the interaction of different application units.
Here's an example.

The tester studies the application code in order to better understand the principles of its operation and possible ways of its implementation. Such knowledge will help to write a test case, which will certainly check the selected functionality. However, the tester only checks the individual parts of the application from the user's point of view, as he does not have access to the code
Advantages and Disadvantages.
The gray box method combines the advantages and disadvantages of the white and black box methods
Well, that's all for today. Stay tuned, and you'll definitely get a level up! At least, we passionately hope for it, because we are constantly learning too.
Well, that's all for today. Stay tuned, and you'll definitely get a level up! At least, we passionately hope for it, because we are constantly learning too.
Together we rock!

We love what we do and do it with pleasure.
QAcamp team

You may also like:
Close
Have a Question? Contact us!
I agree the Terms of Service