Work Products Examinable by Static Testing - ISTQB CTFL Guide

Work Products Examinable by Static Testing

Introduction

Static testing is a critical quality assurance technique that examines work products without executing them. This guide covers the work products that can be examined through static testing methods, an essential topic for ISTQB CTFL certification.

Why is Static Testing of Work Products Important?

Understanding which work products are examinable by static testing is crucial because:

• Early Defect Detection: Issues can be found before code is written or executed, reducing costs and time
• Quality Assurance: Ensures requirements, designs, and documentation meet standards before implementation
• Risk Reduction: Identifies problems in planning and design phases when they are cheapest to fix
• Knowledge Transfer: Reviews help team members understand project intent and standards
• Compliance: Helps meet regulatory and organizational standards
• Cost Effectiveness: Prevents defects from reaching later testing phases where fixes are more expensive

What Are Work Products Examinable by Static Testing?

Work products are any artifacts or deliverables produced during the software development lifecycle. Those examinable by static testing include:

Requirements and Specifications

• Functional requirements documents
• Non-functional requirements (performance, security, usability)
• System specifications
• User stories and acceptance criteria
• Requirements traceability matrices

Design Documents

• System architecture documents
• High-level design specifications
• Low-level design documents
• Database design schemas
• UI/UX design specifications

Code and Implementation

• Source code
• Code comments and documentation
• Build scripts
• Configuration files

Test Documents

• Test plans
• Test cases and test scripts
• Test data specifications
• Test summary reports

Other Documentation

• User manuals and help documentation
• Installation guides
• API documentation
• Release notes
• Project plans and schedules

How Static Testing Works

Static Testing Techniques

Reviews: Informal or formal examination of work products by one or more people

Walkthroughs: A guided presentation of a work product by its author

Inspections: Formal, structured reviews with defined roles and entry/exit criteria

Static Analysis: Automated examination of code without execution to identify defects and issues

The Static Testing Process

1. Planning: Identify which work product to examine and select appropriate technique
2. Preparation: Participants review the work product independently before the session
3. Examination: Conduct the review, walkthrough, or inspection according to defined process
4. Documentation: Record defects, issues, and observations found
5. Rework: Author corrects identified defects
6. Follow-up: Verify that all defects have been properly resolved

Key Characteristics of Work Products Examinable by Static Testing

• Non-executable: Can be examined without running or executing them
• Documented: Should be in a format that allows review and analysis
• Traceable: Should connect to other work products and requirements
• Reviewable: Must be suitable for human or automated examination
• Measurable: Defects and issues found should be quantifiable

Common Defects Found in Work Products Through Static Testing

• Requirements Issues: Ambiguous, incomplete, or contradictory requirements
• Design Flaws: Architectural problems, missing components, or poor scalability
• Code Defects: Syntax errors, logic errors, poor naming conventions, security vulnerabilities
• Documentation Issues: Inaccurate, outdated, or unclear documentation
• Consistency Problems: Inconsistencies between related documents or code
• Non-compliance: Violations of coding standards, design patterns, or regulatory requirements

How to Answer Exam Questions on Work Products Examinable by Static Testing

Question Types You Might Encounter

Type 1: Identification Questions
Question: Which of the following is a work product examinable by static testing?
Strategy: Look for documents, specifications, designs, or code that do not require execution. Exclude anything that needs to run to be evaluated.

Type 2: Technique Matching
Question: Which static testing technique would be most appropriate for a requirements document?
Strategy: Match the type of work product with the appropriate technique (review, walkthrough, inspection, or static analysis).

Type 3: Defect Identification
Question: Which type of defect would static testing of design documents most likely reveal?
Strategy: Think about what can be found by examining documents without running them—logic errors, inconsistencies, architectural issues.

Type 4: Scenario-Based
Question: A team wants to check if code follows security standards without executing it. Which is the best approach?
Strategy: Identify the work product (code), the goal (security compliance), and the appropriate static testing method (static analysis).

Step-by-Step Approach to Answering

1. Read Carefully: Understand what the question is asking—is it about identification, technique, benefits, or process?
2. Identify the Work Product: Determine what artifact or deliverable is being discussed
3. Consider Context: Think about the phase of development and when this work product is created
4. Apply Knowledge: Match the work product with appropriate static testing techniques or expected outcomes
5. Eliminate Wrong Answers: Rule out options that require execution or are dynamic testing concepts
6. Verify Logic: Ensure your answer makes logical sense within the ISTQB framework

Exam Tips: Answering Questions on Work Products Examinable by Static Testing

Key Concepts to Remember

• Static = No Execution: The fundamental principle is that static testing examines work products without running or executing them. If a question implies execution, it's not static testing.
• Early in the Lifecycle: Static testing can be applied to any work product created during development, often before coding begins. Remember that earlier detection is more cost-effective.
• Broad Application: Don't think only of code. Requirements, designs, test cases, and documentation are equally important work products for static testing.

Common Pitfalls to Avoid

• Confusing with Dynamic Testing: Don't select answers that involve running the software. Static testing never requires execution.
• Limiting to Code Only: Remember that requirements, designs, and test documents are also examinable by static testing—often more effectively than code.
• Forgetting Automated Static Analysis: Not all static testing is manual. Automated tools can analyze code for style violations, potential bugs, and security issues.
• Overlooking Documentation: User manuals, help files, and other documentation are work products that can be statically tested for accuracy and consistency.

Specific Exam Strategies

Strategy 1: The "Can It Run?" Test
Ask yourself: "Does this need to be executed to be evaluated?" If no, it's likely examinable by static testing. If yes, it requires dynamic testing.

Strategy 2: The Timeline Approach
Static testing is performed before a product is fully built or deployed. If the question describes finding issues in the design phase or before implementation, it's likely static testing.

Strategy 3: The Technique Match
Remember the four main static testing techniques: Reviews, Walkthroughs, Inspections, and Static Analysis. When a question describes finding issues through examination or analysis, match it to one of these techniques.

Strategy 4: Look for Keywords
Positive indicators: review, examine, inspect, analyze, static analysis, code inspection, document review, walkthrough, peer review
Negative indicators: execute, run, test, dynamic, output, behavior

Practice Question Examples and Solutions

Example 1: Which work product is most suitable for static testing?
A) System behavior during load testing
B) Requirements specification document
C) Output of the application after user interaction
D) Performance metrics collected during execution

Answer: B) Requirements specification document
Explanation: Requirements can be reviewed and analyzed without executing anything. Options A, C, and D all involve execution or output from a running system, making them suitable for dynamic testing, not static testing.

Example 2: A development team wants to find potential security vulnerabilities in their codebase before deployment. Which static testing approach would be most efficient?
A) Manual code inspection by developers
B) Automated static analysis tools
C) Functional testing
D) User acceptance testing

Answer: B) Automated static analysis tools
Explanation: For finding security vulnerabilities at scale, automated static analysis tools are most efficient. They can scan the entire codebase quickly without execution. C and D involve dynamic testing, and A would be less efficient for large codebases.

Example 3: In which scenario would static testing be LEAST effective?
A) Verifying that requirements are clear and complete
B) Finding syntax errors in code
C) Detecting performance bottlenecks in an algorithm
D) Checking design document consistency

Answer: C) Detecting performance bottlenecks in an algorithm
Explanation: Performance bottlenecks require the code to be executed and monitored under various load conditions. Static testing cannot determine actual performance characteristics. Options A, B, and D can all be found through static examination.

Pre-Exam Preparation Checklist

• ☐ Understand the definition of static testing (examination without execution)
• ☐ Know the four main static testing techniques and when to use each
• ☐ Be able to identify various work products (requirements, design, code, test documents, documentation)
• ☐ Understand which defects are best found through static testing
• ☐ Know the benefits and limitations of static testing
• ☐ Understand the difference between static and dynamic testing
• ☐ Be familiar with automated static analysis tools
• ☐ Know the roles and responsibilities in formal inspections (moderator, author, inspector, recorder)
• ☐ Understand entry and exit criteria for reviews and inspections
• ☐ Practice distinguishing between work products suitable for static vs. dynamic testing

Final Tips for Exam Success

• Read Each Question Twice: Ensure you understand exactly what's being asked before selecting an answer.
• Use Elimination: Remove obviously wrong answers to improve your odds on difficult questions.
• Trust Your Knowledge: If you understand that static testing means no execution, most questions become clearer.
• Consider Context: Think about where in the development lifecycle the work product exists and when it's appropriate to test it.
• Don't Overthink: Sometimes the most straightforward answer based on ISTQB definitions is correct.
• Practice Actively: Use practice exams and questions to build confidence with question patterns.

Summary

Work products examinable by static testing form a broad category spanning requirements, designs, code, test documents, and documentation. The key principle is that these products can be examined and analyzed without executing them. By understanding what constitutes static testing, which techniques to apply, and what types of defects can be found, you'll be well-prepared to answer exam questions confidently. Remember: static testing is about examining work products early in the development lifecycle to find and prevent defects before they become expensive problems.