Bug Classification

An unexpected behavior of any functionality which is not supposed to do is known as software bug  or in simple words we can say bug is Deviation from the expected result. Bug can be categorized into different types basing on the core issues they address.  We can divide into four major criteria. These criteria is-

Interface Related Bugs (UI Bug)/Cosmetic Issues:   As the name suggests, the bugs deal with problems related to UI.  Usually UI related bug are considered less severe.
Examples:

• Improper error/warning/UI messages
• Broken Links
• Spell Mistakes
• Background Color, Alignment Issue

Functionality Related Bugs: Bugs that produce an unexpected/illogical application behavior where the end result differs from the expected result, this type of bug affect the functionality of the application.
Examples:

• Searching of any item leads wrong result Buttons like Save, Delete, Cancel not performing their intended functions 
• A missing functionality (or) a feature not functioning the way it is intended t Continuous execution of loops

Security Related Bugs: Application security defects generally involve improper handling of data sent from the user to the application.  These defects are the most severe and given highest priority for a fix.
Examples:

• Authentication: Accepting an invalid username/password, 
• Authorization: Accessibility to pages though permission not given
• URL rewriting, Cookies editing, Encryption and decryption of important data

Database Related Bugs:  These bugs are deals with improper handling of data in the database. Some time these are due to the improper flow of data in database.
Examples:

• Values not deleted/inserted into the database properly
• Improper/wrong/null values inserted in place of the actual values
• Not validating data type and length from front end

Priority and Severity

There are so many bug tracking as well as software management tools are available in the market. These tools allow tester to convey complete information about bug to the development team. The Priority and Severity terms are used to elaborate the importance and impact of the bug.

Priority: Basically priority tells how urgent the bug should be fixed. How much this bug is important from business point of view. Priority is related to scheduling to resolve the problem. It’s status set on the basis of customer requirement. Priority can be categorized in following level.       

Urgent (P1):  Must be fixed in the next built because without fix it no further work.

High (P2):      Must be fixed in any of the upcoming built but should be included in the release because critical functionality is not working.

Medium (P3): May be fixed after the release.

Low (P4):      May or may not be fixed at all.

Severity: The severity is assigned by tester. Based on seriousness of the bug severity is assigned to defect. Basically severity tells us impact (in term of functionality) of this bug  to our application. Severity can be categorized in following level-

Urgent/Showstopper (S1): Like system crash or error message forcing to close the window.
Medium/Workaround (S2): Incident affects an area of functionality but there is a work-around which negates impact to business process.
Minor (S3): These are incidents that are cosmetic in nature and of no or very low impact to business processes.

Let us take some example on different situation of assigning priority and severity-

1. High Priority & High Severity: Upon login to system “Run time error” displayed on the page, so due to which tester is not able to proceed the testing further.

2. High Priority and Low Severity: On the home page of the company’s web site spelling mistake in the name of the company is surely a High Priority issue. In terms of functionality it is not breaking anything so we can mark as Low Severity, but making bad impact on the reputation of company site. So it highest priority to fix this.

3. Low Priority and High severity: System is crashing in the one of the corner scenario, it is impacting major functionality of system so the Severity of the defect is high but as it is corner scenario so many of the user not seeing this page we can mark it as Low Priority by project manager since many other important bugs are likely to fix before doing high priority bugs because high priority bugs are can be visible to client or end user first.

4. Low Priority and Low Severity: Spelling mistake in the confirmation error message like “You have registered success” instead of successfully, success is written.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  

Positive and Negative Testing

The purpose of software testing is to verify that our software/application is working according to the expectations which are defined in the requirement document and gaining confidence over application. The overall objective is not to proof of correctness of this software/application. We write the test cases to perform the testing so that overall functionality and all the steps are covered these test cases. Test cases follow two approaches to verify all the functionality.

The purpose of software testing is to verify that our software/application is working according to the expectations which are defined in the requirement document and gaining confidence over application. The overall objective is not to proof of correctness of this software/application. We write the test cases to perform the testing so that overall functionality and all the steps are covered these test cases. Test cases follow two approaches to verify all the functionality.

Positive Testing:  The main purpose of positive testing to verify the functionality is working properly as we expected according to the requirement. 

Example- Now takes an example to write positive test cases on an Integer field which accept exactly 6 digit numbers.

              Integer Value field -  123456

Negative Testing:   The main purpose of negative testing to verify the response of application/system when we pass non recommended values. Basically we want to break down the application. You know that these input values are not supported by application but you need to test. So that sometimes it known as ‘Test to fail’.

Example- Now takes an example to write negative test cases on an Integer field which accept exactly 6 digit numbers.

                 Integer Value field –   qwe123           (Alphanumeric Value)

                 Integer Value field –  1234567           (Check an integer value more than 6 digit)

                 Integer Value field – 12345                (Check value less than six digit)

Both testing types have their own importance, if positive testing told about how smooth our application/Software on other end negative testing told all lacking, bugs/issues on which we are not supposed as per requirement document.  As you can see, negative testing improves the testing coverage of your application. Using the negative and positive testing approaches together allows you to test your applications with any possible input data (both valid and invalid) and can help you make your application more stable and reliable.