Is Functional Testing only spotting basic vulnerabilities?

Home Forums Software Testing Discussions Is Functional Testing only spotting basic vulnerabilities?

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
  • #8662

    Came across this article in the SD Times recently aimed at developers about why testing is important. The author mentions that Functional Testing is the most popular type of testing and likens it to a GP looking over a patient. Aleksandr states that if the tester/doctor doesn’t know how to treat the patient, he refers him to a specialist.

    What do you think? Would you say that Functional is for only spotting basic vulnerabilities or can more be done with this type of testing?


    Ouch, I had to wince a few times whilst reaing the the article. It’s one of those examples of someone who has some knowledge, but not detailed enough.
    e.g. Usability is about if the user can use it. If you said this to the growing feild of Uasability tester they’d not be happy. On one level it is, but more specifically it’s about users with limited capability, e.g. sight limitations, colour blind, etc. I think he meant to talk about UAT 😛

    Anyway, back to the original question : Functional testing can be very specialist. In my current incarnation as a UAT Test Manager I see UAT as general practice, and Functional as specialist Dr’s. Ok so they are not Security specialist (Neurosurgery) or Performance Specialists (Cardio-thorasics) but Functional testing does discect the application and break it down into small functions/features/requirements and test based on these. Maybe that makes Functional testing the (Medical Research Dr’s) of the software testing world. And I would hope that Functional testers do find the serious defects before they get to Alpha/Beta/UAT/Pilots or what ever you wish to call the customer phases.

    I guess if you took the analergy further: Unit testing is the Midwifery/Maternity discipline. Integration testing would be the Phsyc ward (tring to put the mind back together and re-integrate into society).

    Functional testing is not only for the basic vunerabilities. It might be considered to be holistic (depending on scope if use) but functional testing should be looking for a high majority of risks and issues. Admitted Security and Pen’ testers would be looking for more specific and vunerabilities, and Perf/Load look for another specific. But Functional testers will also be looking at security and scalability, but as targeted.

    I see Functional testing and key and pivotal to the testing process. You can get away without security, peformance, load, Integration, User testing etc, (at your risk) but you must do some level of functional testing to verify that the product works.


    I suppose you can compare Functional Testing with General Practice. Both provide about 90% of the care. Some vulnerabilities may be basic but can be show-stoppers. Others may be very subtle and obscure.

    Functional Testing can be seen from different angles.

    1. The tester verifies that the product satisfies the requirement. This might be compared to a medical examination but is more than just looking the patient over. The tester has to exercise each condition and behaviour required. If resources are limited s/he has perform a risk analysis to select the more important requirements to test.

    2. The tester finds defects in the product.. Tests are designed to probe vulnerabilities such as boundaries and out of range values.

    3 The tester collects diagnostic information about a defect. This may be one a tester has found or it may have come from a user in UAT or live running.

    Unlike a GP the tester does not treat the defects. That is the province of the developer who also usually makes the final diagnosis as well.

    Functional testing is not necessarily Black Box. It is still functional testing if you have access to source code or run a debugger though these kinds of testing are more often done by developers.

    Definitions are always contentious but isn’t testing for people with special needs known as ‘Accesibility Testing’?



    Yes, Functional Testing is one of the basic testing type in software QA, But It`s very important also and you can’t neglect.

    Functional Testing can be seen from different angles.

    Non technical tester able to use only – ( Application + UI ) for Functional Testing
    Technical tester view on Functional Testing is – ( Application + UI + Proxy + Server + DB )


    I do agree that Functional test cover most of the basic functionality of system under test and to some extent it’s the most important test too. However, don’t forget there are many other things that can threaten the value of the system as well (e.g: FEW HICCUPPS). Focus on testing on those, I’m less worried what type of test I’m performing


    My main occupation is functional testing. But I don’t only find and report functional bugs. There are also usability, performance, security and other kinds of bugs that I find on the way, along with bugs in requirements that describe the functionalities.
    I think that there are rarely clear boundaries between different kinds of testing (or testers). There might be exceptions, eg. when one specific change in the system is made, requiring that only a specific kind of test is done, but in a project as a whole any tester has to take care of different aspects of testing. Therefore I would say that functional testing could be a basis for testing within a project, but is never just testing of basic vulnerabilities as suggested in the article.

    I agree with previous comments about the incorrect statements in the article. I would like to make a distinction between basic checks and testing, because the author treats them as equal.
    If I am making checks, I am just putting check marks along with precise steps of a test case. You don’t even need a tester for that; anyone can make clicks on gui. Functional testing, if a tester is good and qualified, is much more than checking. I may start with basic checks whether the system behaves as described in the requirements document. But along the way I will keep an eye on performance, assess usability level, try scenarios that are not predicted by documentation, do some exploratory testing etc. And any knowledge of the architecture behind gui will help me to do it more thoroughly, so it is not only black-box testing.

    HemaValli Amara

    Functional Testing not just testing, it is the process of refining the product by unveiling most possible deviations. The reputation of any product depends directly on the functional perfection along with meeting customer requirements.

Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.