Whitepaper: Comprehensive Code Coverage – Aggregate Coverage Across Testing Practices

Assess release readiness and gain visibility into risky areas of your application with application coverage.

Learn how to aggregate code coverage across testing techniques to mitigate the risks associated with accelerated delivery.


Download the whitepaper to learn how to collect application coverage across multiple testing practices and achieve the necessary traceability to meet compliance objectives.

Focus areas:

  • What is application coverage and why does it matter?
  • The benefits of aggregated code coverage
  • Compliance traceability
  • Accelerated release schedules
  • Test-driven development

But the focus on speed comes with risk, which requires minimizing and optimizing development and testing tasks to be more effective in rapid release cycles. Software development teams must reassess the end-to-end software quality process and identify a set of metrics that give managers the confidence that a release candidate is ready to go.

A critical metric for assessing release readiness is application coverage: the aggregation and correlation of code coverage from various testing techniques, such as automated functional testing, unit testing, and manual testing. By aggregating code coverage from all testing practices, organizations gain better visibility into risky areas of the application.

  • Application coverage expresses the degree to which the application’s source code is exercised by all testing practices, including unit testing, manual testing, automated functional testing, etc. This enables more accurate quality and coverage metrics while exposing untested or under-tested parts of the application, providing insight into risk. 
  • Application coverage can also help organizations focus on testing efforts when time constraints limit their ability to run the full suite of manual regression tests.
  • Data from application coverage can be leveraged as part of the continuous integration (CI) process, as well as the developer desktop workflow.
  • Data can also help you identify which manual and exploratory testing activities have been performed on that same piece of code, enabling developers to quickly perform manual verification on their desktop before committing to source control.
  • Analyzing code, executing tests, tracking coverage and reporting the data in a dashboard or chart is a useful first step toward assessing risk, but teams must still dedicate significant time and resources to interpreting the data correctly. Time constraints and other factors limit the organization’s ability to derive a more accurate risk assessment.
  • The ability to interact with the data and navigate the code structures within the context of the reports generated by code analysis is essential to understanding not only the business risk associated with the application but also identifying potential process improvements. However, even sophisticated reports only provide a narrow view of code readiness if they lack the ability to explore and interact with the coverage data.
  • Understanding potential risks in the application requires advanced analytics processes that merge and correlate the data. This provides greater visibility into the true code coverage and helps identify testing gaps and overlapping tests.
  • Organizations in safety-critical industries, such as automotive, medical devices or avionics, are required to demonstrate traceability throughout the SDLC.
  • Parasoft DTP can leverage application coverage data to enable the correlation of requirements to the code, providing full traceability for safety-critical auditing requirements. The codebase can also be monitored for changes so teams understand what tests need to be re-executed and what requirements are impacted.
  • This can enable “what if” scenarios to model the potential impact of the proposed change so that managers can assess the level of business risk that the changes present.
  • Additionally, the coverage information can be leveraged to identify tests that could potentially be extended or reused to increase the code coverage before changing the files--reducing the risk before making a single code change.

Parasoft DTP can provide test traceability by collecting, merging, and correlating coverage, test data, and other quality metrics. DTP identifies tests that can be refactored and reused to test functionality as it is developed, enabling organizations to write as much of the tests as possible as early as possible, reducing the time and effort required to implement and execute TDD.

The process iterates on the following cycle:

  1. Before changing code, review coverage and build up the test suite to increase current coverage.
  2. Before adding new functionality, use the coverage data to add more tests potentially leveraging existing tests as starting points.

When organizations can merge and correlate this data with coverage collected from other techniques, teams can derive the traceability necessary to demonstrate regulatory compliance or implement lean development methodologies, such as TDD or change-based testing.

In any case, testing mitigates the business risk that may be hiding in the code. In a compliance world, risk tolerance is extremely low, so you need to run everything and provide traceability. The same data can be used in an agile testing environment with different varying levels of risk tolerance to enable organizations to apply prioritized, focused testing. The common concerns behind compliance and lean development are the same – it’s all about what level of business risk the organization is willing to accept.

About Parasoft

Parasoft helps organizations continuously deliver quality software with its market-proven, integrated suite of automated software testing tools. Supporting the embedded, enterprise, and IoT markets, Parasoft’s technologies reduce the time, effort, and cost of delivering secure, reliable, and compliant software by integrating everything from deep code analysis and unit testing to web UI and API testing, plus service virtualization and complete code coverage, into the delivery pipeline. Bringing all this together, Parasoft’s award winning reporting and analytics dashboard delivers a centralized view of quality enabling organizations to deliver with confidence and succeed in today’s most strategic ecosystems and development initiatives — security, safety-critical, Agile, DevOps, and continuous testing.