In this post, we’ll go on a short journey through the concept of formal modelling and how you can apply modelling techniques to help you test more effectively.
Firstly, what is a model?
Traditionally used in mathematics and science, a model helps communicate and describe something. A very basic model that we’ve all come across is the one used to calculate the approximate volume of any cardboard box width x height x length. If we stick some random numbers in to the formula, the output is the volume of randomly generated, virtual cardboard box. If we take a cardboard box and measure each dimension, we can calculate the approximate volume of a real box – that’s pretty useful, especially if you’re a company like Amazon!
Models don’t have to be formula, they can be diagrams; information flows; or physical objects. It took me a little while to make the connection, but that Airfix kit you might’ve built as a child (or grown up), is called a model because it is a model of the real thing.
Using Provided Models to Aid Testing
Not only are there different ways to model something, there are also different uses for them. Requirements are written models that describe the expected behaviour of a system. This type of model is used to communicate how something should work, so that it can be made. These are really useful models for us as testers as they give us an expected outcome. Remember that Airfix kit, well here’s a formal model that you use to help build your physical model.
We can test the model before a line of code is written, by asking questions of the model and testing its limitations. By doing this early, we can extend the model to be more specific or we can help correct the model where it is deficient. This helps increase the likelihood that what we build, is actually what was required.
When it comes to testing the output of the requirements, we can reuse those models to determine if what we built, meets the expectations of the model. Traditionally we might call these Test Cases: for a given requirement (formula) and set of data (dimensions) we expect the output of the software to be deterministic (volume). This is what we testers call checking and is a prime candidate for automation (but that’s a different topic!). It may even be better still to use this as a way to drive the writing of the system’s code – I’m sure you’ve come across TDD and it’s many variants.
Creating Our Own Models to Aid Testing
As a tester, even if you hadn’t made the connection yourself before, you should now realise that you’re using models all of the time in your daily routine. Models provided to us are great for testers, but modelling techniques are even more useful.
You may ask, if the models have been provided for me, why would I need to model anything myself? Great question! As testers, our primary responsibility is to provide information about the product, focussing on the risks to its value. If the scope of testing activities that we partake in are guided only by the models that we’ve been provided, we run the risk of only reporting on what we thought we knew and not the actual behaviours of the system.
To counteract this risk, we testers can look to use modelling techniques ourselves, to explore and describe the system as it is, not just what it was supposed to do. Here’s a really simple modelling exercise that you can do right now.
Now It’s Your Go!
Firstly, pick a web site to model against. If you work on one, pick that because everything you do in this example will add real value to your testing efforts. If not pick, something relatively simple, maybe your favourite online store.
Next, pick a part of the site to model. Keep it a single page for now, so if it’s an online store, use the search page or product details page and use the mobile version as it’ll reduce the work we need to complete. I’m going to pick Alan Richardson’s Blog to demonstrate the exercise.
Head over to your chosen page in Chrome and once it’s finished loading, open the developer tools (instructions are here) and click the network tab. If they’re not there already, add the Domain and Method columns to the network table. Order the list by Domain either descending or ascending.
Clear the log in case there’s anything in there already, then refresh the page. This will list out all of the network calls that the page makes client side and it’s these we’re going to model.
In your favourite diagramming tool or on a large piece of paper, stick the page we’re modelling in the centre. I’m going to use a mind map for now.
Head back to Chrome and take note of each of the domains your page calls out to. Create a node in the diagram for each domain and that’s the first part of your model finished.
You now have a useful, visual record of all of the domains that your site calls out to and you can sit with your friendly neighbourhood developer or architect to determine if there’s anything that looks odd.
A More Useful Model
So that exercise didn’t take too long did it! The great thing is, it won’t take much longer to make it even more useful. Follow these steps to add to your diagram and make that conversation even more interesting.
For each domain you’ve added to your model, refer back to the network tab in Chrome and make a note of the Type of request made and the address up to any query. You may find it’s useful to group some types: images and gifs are a good example. You can also see from my example, I’ve called out that there’s a redirect because I’m using the mobile view in Chrome.
Don’t stop there, keep adding more information to your model. There’s lots of information that you can add to spark off a conversation. Here’s some ideas on how what you can add to your model as you explore the software even deeper:
- highlight a domain or address that you don’t recognise for questioning later;
- call out a request to the same address requesting the same payload more than once;
- annotate with the size of a response if it falls outside some boundaries
-
- a really small response (single bytes)
-
- a really large response (varies but something over a few hundred KB is worth questioning);
- a response that takes a long time, start with anything >300ms (set the Waterfall column to show Total Duration);
- a response that returns a 4** or 5** error code;
- any further redirects
- or if the response body mentions an error.
Now what?
That’s entirely up to you! The important thing to remember is that whilst you’re building this model you’re actually exploratory testing. You’re learning about the product and you’re questioning it. In this simple example we’re only questioning the various calls that the product is making client side, but they are good questions.
Amongst many other examples, this specific activity can help find performance issues through:
- responses that take too long or are blocking
- responses that are repeated
- requests that are pointless and can be canned
It can also help find security issues
- if you’re making calls that should be https but they’re not
- any redirects that are happening that you don’t expect
- any other calls that don’t make sense or may be sending information that they shouldn’t
You can use the model to decide which calls you should manipulate to help you understand how doing so might impact the user experience:
- try to block a call
- slow a call down
- intercept a call and manipulate the response
And we’ve only covered client side requests. By using the same technique, you can take a capability and slowly break it down, level by level, building your knowledge of the product. Share your knowledge with your team to help identify problems and then use it to give you a ideas on where to focus your testing based on dependencies and areas of brittleness.
I haven’t even mentioned how you can use these models to confidently share your test coverage, that’s a post for another time.
