|
|
Test Driven Development (TDD) for Secure Applications Test Driven Development (TDD) has emerged as a successful productivity technique for development teams. As a unit testing methodology, TDD prescribes a simple three-step process of (1) develop test, (2) write code, and (3) re-factor the code. In a question-and-answer tag-team
|
James Whittaker, Florida Institute of Technology
|
|
|
Structured Testing within the Rational Unified Process Many organizations have adopted, or are in the process of adopting, the Unified Process (UP) and, in particular, the Rational Unified Process (RUP). The test process defined within UP/RUP differs from more traditional, structured testing processes such as TMap (Test Management Approach) in Europe and STEP™ (Systematic Test and Evaluation Process) in the US. Tim Koomen, who has operated within these and other development lifecycle and test processes,
describes testing as defined in UP/RUP, maps the processes to those in TMap, and combines them into a "best of both worlds" approach. Learn about the UP/RUP defined practices such as the risk based test strategy, testability, test design, the role of the tester, independent testing,
|
Tim Koomen, Sogeti - Netherlands
|
|
|
The QA/Testing Perspective on Software Security Most everyone now realizes that we cannot solve security vulnerabilities with firewalls, virus scanners, and other tactics that build an electronic “moat” around systems. According to Julian Harty, security is not an operational issue, not a developer issue, and not a testing issue. It is a systems issue that you must focus on throughout the software’s life. From a QA/testing perspective, we need to look early in the development process for adequate security requirements. Then, we should assess the designs for vulnerabilities and participate in security code reviews. When specialized, security tests find bugs that get past our early prevention efforts, causal analysis helps prevent the recurring security defects. Dig into system security issues with Julian and learn about manual techniques, commercial software, and home-brew automation tools to help you find security vulnerabilities-before the bad guys do.
|
Julian Harty, Commercetest Limited
|
|
|
Evaluating Requirements for Testability For a test engineer, perhaps the most important measure of requirements quality is testability. By improving testability during requirements development, you not only will make test design easier, but you also will have gone a long way toward building better software for less cost. Learn methods to identify the requirements problems that reduce or improve testability: ambiguity, incompleteness, inconsistency, incorrectness, and "compoundness." This method first was used successfully in a very large payroll system development project and has since been practiced in both large and small development projects. From this session take away a spreadsheet-based method for tracking requirements testability throughout the project, and see examples from an Access database that can be used for further requirements analysis.
- How to analyze requirements for attributes that increase testability
|
Rodger Drabick, Lockheed Martin Transportation & Security Solutions
|
|
|
Automate Acceptance Testing using Open Source FitNesse FitNesse is an open source testing tool based on the Wiki Wiki Web and FIT (Framework for Integrated Tests). The Wiki Wiki Web is a collaboration tool in which anyone can create or change new pages to document or share any information. FIT is a framework and tool for creating automated acceptance tests. Joined together, FitNesse is a Web server-based tool for teams to easily and collaboratively create documents, specify tests, and run them. Micah Martin, co-creator of FitNesse, demonstrates how FitNesse can be used to create high-level feature tests that will drive development. Walk away with an understanding of how to automate acceptance testing in agile development and how it fits in with test-driven development.
- What a Wiki is and how to use it
- An introduction to the free FIT acceptance testing tool
- Acceptance testing as part of the test-driven development practice
|
Micah Martin, Object Mentor, Inc.
|
|
|
Free Test Tools are Like a Box of Chocolates You never know what you are going to get! Until you explore, it can be hard to tell whether a free, shareware, or open source tool is an abandoned and poorly documented research project or a robust powerhouse of a tool. In this information-filled presentation, Danny Faught shows you where open source and freeware tools fit within the overall test tool landscape. During this double session, Danny installs and tries out several tools right on the spot and shares tips on how to evaluate tools you find on the Web. Find out about licensing, maintenance, documentation, Web forums, bugs, and more. Discover the many different types of testing tools that are available for free and where to find them. Danny demonstrates examples of tools that you can put to use as soon as you get back to the office.
|
Danny Faught, Tejas Software Consulting
|
|
|
Asia as a Test Outsource Center Outsourcing testing software projects to countries in Asia is a trend that is here to stay. You have a growing number of choices for an outsourcing country in Asia-India, China, Taipei, Korea, and others. Although India currently dominates the scene and both Taipei and Korea have historically provided excellent quality, though at a higher cost, China is quickly moving to become the leader with even lower billing rates and a large number of experienced and educated engineers. In this session, Jacob Hsu offers an overview of the Asian outsource scene including the latest trends and data. Take away a checklist of best practices for successfully outsourcing product testing to Asia, including how to manage distributed testing teams, how to overcome language/cultural issues by country, and what types of testing should (and should not) be outsourced offshore.
|
Jacob Hsu, Symbio Group
|
|
|
Testers and Testing in the Agile Development You have heard about agile software development techniques such as eXtreme Programming (XP), Scrum, and Agile Modeling (AM). The industry is buzzing with everything from "this is the greatest thing ever" to "it's just hacking with a fancy new name." Comments like "there is no place for testers because developers and users do the testing now" and "testers play an important role in the agile methods" are both common. Scott Ambler, an early proponent of the agile movement, explains the fundamentals, values, and principles of agile development. He describes a range of agile techniques and explores many myths and misconceptions surrounding agility. Agile software development is real, it works, and it may be an important part of your future in testing. Better testing and improved quality are critical aspects of agile software development, but the roles of traditional testers and QA professionals on agile projects remain unclear.
|
Scott Ambler, Ronin International, Inc.
|
|
|
A Strategic Approach - "Beta the Business" Beta testing is an industry standard practice to obtain user feedback prior to general availability of software. Have you ever considered that the Beta release can be used to validate the software's value to customers and application users? Extending the Beta concept will result in higher customer satisfaction (and higher revenue for commercial products). Also, you can employ Beta testing to evaluate not only the software product, but the distribution (and sales) process, training, customer support, and usage within your customers' environments. Far beyond just finding defects in the product, you can focus Beta testing on how well the software is meeting your customers' needs. What does that mean to the Development team and the organization as a whole? What are the risks and challenges that we face? What are the rewards?
|
Pete Conway, EMC Corporation
|
|
|
Service-Oriented Architecture - Exposed Service-Oriented Architecture (SOA), incorporating methods for Web services to communicate dynamically, promises to significantly improve organizational operating efficiency, change the way companies conduct business, and even alter the competitive landscape. However, Service-Oriented Architecture is a strategy rather than an objective, and, like any strategy, it is of no value unless it is implemented. With illustrations from companies who today are using SOA to transform their organizations, Sharon Fay shares current practices for exposing Web services and XML to internal development teams, outsourced development, external trading partners, and customers. Learn why reuse is a key method for supporting integration of SOA implementations and how it is being accomplished. Take away a set of metrics that you can use to measure the level of SOA adoption, development productivity gains, and organizational agility.
|
Sharon Fay, Flashline, Inc.
|
