Software testing is the process of evaluating a system to find defects, verify it meets requirements, and ensure it behaves as expected. Testing isn't just about finding bugs — it's about building confidence that the software works correctly.
Why Testing Matters
Every piece of software ships with risk. Testing reduces that risk by catching problems before users do.
- Cost: A bug found in production costs 10–100x more to fix than one caught during development.
- Reputation: A single critical bug can erode user trust overnight.
- Safety: In healthcare, aviation, and finance, bugs can have life-or-death consequences.
Testing in the SDLC
Testing isn't a phase that happens at the end. It's woven throughout the Software Development Life Cycle (SDLC):
| Phase | Testing Activity |
|---|---|
| Requirements | Review requirements for clarity and testability |
| Design | Validate architecture decisions, identify risk areas |
| Development | Unit tests, code reviews, static analysis |
| Testing | Functional, integration, system, and acceptance testing |
| Deployment | Smoke tests, sanity checks |
| Maintenance | Regression testing after changes |
Verification vs Validation
These two terms sound similar but mean different things:
- Verification: "Are we building the product right?" — Checking that the software conforms to its specification.
- Validation: "Are we building the right product?" — Checking that the software meets the user's actual needs.
A feature can pass verification (it works as specified) but fail validation (it doesn't solve the user's problem).
The Seven Principles of Testing
The ISTQB defines seven fundamental principles:
- Testing shows the presence of defects, not their absence. You can never prove software is bug-free.
- Exhaustive testing is impossible. You can't test every input combination — focus on risk.
- Early testing saves time and money. Find bugs as close to when they were introduced as possible.
- Defects cluster together. A small number of modules usually contain the most bugs.
- The pesticide paradox. Running the same tests repeatedly won't find new bugs — update your tests.
- Testing is context-dependent. How you test a banking app differs from how you test a game.
- Absence-of-errors fallacy. A bug-free system that doesn't meet user needs is still a failure.
STLC: The Software Testing Life Cycle
The STLC is a structured approach to testing:
- Requirement analysis — Understand what needs to be tested
- Test planning — Define strategy, scope, resources, and timeline
- Test case design — Write detailed test cases and scenarios
- Environment setup — Prepare test data, tools, and infrastructure
- Test execution — Run tests and log results
- Test closure — Report findings, lessons learned, and sign off