Gray-box: the bridge between black-box and white-box testing

May 14, 2012 by AlexI

Traditionally, software testing is divided into two major methods:

 * Black-box testing is used for running tests from the user’s point of view, being focused on the application’s functionalities, features and also design. An important advantage of this testing method is that it's inexpensive, it's performed exclusively from the application's user interface and no implementation knowledge is required whatsoever. However, black-box testing has quite a few disadvantages, such as: not all possible paths can be realistically tested within an adequate time-frame, or that the cause of the issues found may be hard to determine by the output of the user interface alone.

 * On the other hand, white-box testing is employed for testing mainly the internal workings of an application (the source code) rather than its functionalities. For this type of testing programming knowledge is a must and is required in order to design test cases. This is the main reason why most of the time this type of testing is performed by developers and not by testers. As a consequence, this type of testing is considered to be more expensive than black-box testing. Even more, testing the whole code of an application is nearly impossible, as there are numerous paths that could be tested in a module and in the interaction between modules. Also, white-box doesn't have the objectivity of black-box testing, as tests are performed by programmers (the ones in charge with the development).

Most projects use these two testing methods complementary, white-box is preferred for unit testing and optimizing code, while black-box testing for integration testing, system testing and acceptance testing (although it can be applied successfully to any testing level).

Apart from these two testing methods, another methodology has become more and more popular: gray-box testing. Gray-box testing attempts, and generally succeeds, to combine the benefits of both black-box and white-box testing methods, thus cancels out some of the flaws of each testing method when used individually.

Gray-box testing takes the straight-forward approach of black-box testing, but also employs some limited knowledge of the inner workings of the application. Therefore, a tester can verify both the output of the user interface and also the process that leads to that user interface output. Gray-box testing can be applied to most testing phases, however it is mostly used in integration testing.

A tester with little programming knowledge can create test cases based on the code, and then apply them to the user interface elements of the application. This way, the whole process is tested not only the output, eliminating some of the major problems of black-box testing: the difficulty of determining the cause of the issue, "blind" testing that can become time consuming and sometimes completely misses important issues.

Let me give you an example: you have an application that manages the employees of a company and you need to test the process of adding an employee. The form contains fields for various information (phone numbers, emails, address, etc.), so there are values of different types. If the black-box tester will have to create test cases for all possible combinations of types of values, for each field, the gray-box tester has access to the database and knows exactly what type of value each field has. So he can design test cases with specific vulnerabilities in mind, but he'll also cover possible user interface issues, as this is where he will apply his test cases.

The advantages of using gray-box testing are obvious, it combines the strengths of both black and white testing, it's non-intrusive, as testers don't have access to the entire code, testers can author better test cases due to the extra knowledge of the application and more. However, gray-box testing inherits some of the disadvantages of black and white box testing methods, such as: the fact that it can only achieve partial code coverage and it requires better trained testers.

Overall, gray-box testing has become a popular testing method, and some testers don't even realize that they use it, as even the most untrained tester can pick up on tips and tricks about the inner workings of applications, given enough experience. So the process of upgrading from black-box testing to gray-box testing is a natural one, its speed depending only on the determination of the tester, and on the characteristics of the development process.
More precisely: if the process is based on the effectiveness of the black-box testing, as a "non-biased" and "agnostic" method, then gray-box testing will work against that. But if the development process tries to accumulate the benefits of both black-box and gray-box (for example, some of the members of the testing team can use exclusively black-box testing, while others are also allowed to rely on white-box), then gray-box testing is also a good option.

Other articles:

Suite-based testing: a challenging job
Manual vs. automated testing

Tags: Programming  Testing 


QA InfoTech commented on 6/20/2012 5:35:54 AM

From my end, a 'No' to black box testing, because if problems occur outside of user-interface scenario, it'll be difficult for end users to fix those. As for Gray box, I think it's suitable for enterprises because this model is compatible with <a href="">outsourced software testing</a> as someone with little knowledge in programming can study cases. Thus, it'll be inexpensive.

AlexI commented on 6/20/2012 11:30:39 AM

Thank you for sharing your thoughts on this subject, but I wouldn't hurry to dismiss black box testing. Black box testing is still an important part of the testing process and I think it will continue to be so for a long time. It's biggest strength is that it's non-biased - the piece of software is judged as it would be by the users themselves.

No testing method is truly perfect, that's why a lot of companies employ multiple testing teams, each having its own testing pattern. In the end, the most suitable testing method is the one that gives the best results considering the environment, the number of employees and many other factors.

Cape Coral Website Design commented on 8/16/2012 5:32:32 AM

I was certainly confused about black box testing and gray box testing, but after reading your post, I am quite clear about it. Thanks for sharing various testing briefly.

Event Management commented on 9/4/2012 8:03:50 AM

Resourcive to gain more about gray-box testing and its functional aspects that enriched my mind about this concept.

Toiletter commented on 10/9/2012 10:26:22 AM

Knowing more about Black-box testing,white-box testing,Gray-box testing and thier functionary aspects with their relative terms and thier definitions as well as made my knowledge enriched.

Prashant commented on 7/11/2013 1:14:47 PM

Gray box testing is an approach between black box and white box. While approaching this strategy you need to know the internal source code of the application. It is well explained in this blog you can see here- <a href=""></a>

order winning personal statement commented on 10/15/2013 8:27:02 AM

I finally got the difference between black box and grey box testing. Thanks! I will read some more information and then I'll start writing a research paper on this topic.

QTP Training in Chennai commented on 12/31/2014 8:49:08 AM

QTP is flagship automation testing tool, which is used to perform functional and regression testing on a software application. Training on this automation will ensure lucrative career opportunity for aspiring professionals.

software testing commented on 12/19/2018 11:51:57 AM

Grey Box testing is a testing approach which is executed with the restricted information or intelligence around the inner utility of the application or software.You have explained it in detailed way about it. Keep writing.!

preeti commented on 2/20/2019 6:43:59 AM

Gray-box testing is a combination of white-box testing and black-box testing. The aim of this testing is to search for the defects if any due to improper structure or improper usage of applications
Now i got clear understanding about gray box testing
great job

radhik singh commented on 2/26/2019 9:32:20 AM

wow great information on Gray-box: the bridge between black-box and white-box testing thank you.


financial accounting service commented on 3/8/2019 7:29:47 AM

I frequently value placing a site that provides beneficial information as a result of the fact that I such as discovering new elements. I intended to connect that I divulged the details on your website was, as a matter of fact, satisfying which I discovered new elements.

look at this site commented on 3/19/2019 11:45:16 AM

I could not locate any kind of knowledge on this matter prior to. Also, operate a site as well as if you are ever thinking about doing some site visitor creating for me if possible do not hesitate to let me understand, I'm constantly seeking individuals to take a look at my internet site.

expert lawn care commented on 3/29/2019 9:14:57 AM

It exists numerous subjects to see my year inexpensive assessments. The quick blog posts they are launching to recognized one of the most reliable jobs making up service UK resources.

misha commented on 4/4/2019 6:18:09 AM

This all knowledge of White-box,black-box,gray box testing are really helpful for beginners and testers.
Keep sharing.

laws personal injury commented on 4/4/2019 2:30:31 PM

It plainly is all points thought about right to fathom that this element is being joined like means on this net website websites so joys for putting aside an opportunity to analyze this!

homes gutter repair commented on 4/13/2019 1:17:51 PM

It's due to this that individuals can supply well seasoned as well as customized Expert Moving companies and Packers service, be it for Worldwide Relocating, Workplace Relocating, Domestic Movers or Local Moving service, we give one of the most efficient and also cost-effective solution in the industry.

misha commented on 4/15/2019 5:44:19 AM

Thanks for sharing, bulk information available in this blog about software testing.
This very helpful.

misha commented on 4/15/2019 5:44:24 AM

Thanks for sharing, bulk information available in this blog about software testing.
This very helpful.

Your Comment:

Blog Home   SBP Home
RSS Feed       Contact


 Blog Archives  |  Terms of Use  |  Privacy Policy
© 2019 SBP Romania. All rights reserved.