|
Translating Business Risks into a Risk-Based Test Plan We all know that testing should be based on business risks. In practice, test managers often go from those risks to test coverage in an ad-hoc, intuitive way. Instead, by taking a step-by-step approach, you can improve coverage and better prioritize your tests. After translating business risks into product risks and establishing the required test coverage, you select the appropriate techniques and estimate test effort. Ruud Teunissen explains that the right test design technique is based on the required coverage, type of functionality, test level, quality characteristics to be tested, available documentation, available resources, and resource skill sets. This risk-based test planning approach enables the test manager to report progress and defects found in terms of the business risks so that stakeholders can make informed decisions about releasing the software into production.
|
Ruud Teunissen, POLTEQ IT Services BV
|
|
Managing Successful Outsourcing Projects Global teams are increasingly becoming a reality with advancement in networking and internet technologies. You may have part of your team on west coast, east coast, in Europe or Asia. Although global teams seem to be a great way to bring diverse talent and to improve time-to-market, many projects actually fail to deliver on promises. An exception is the MSN Messenger team. After first setting reasonable goals and roadmaps for each team(s) and selecting projects that were amenable to remote work then hired the right talent or vendor resources that could support long-term project requirements. Samir Shah shares the techniques, especially those related to communications, that they employ at each stage of the effort to help them succeed. Samir describes the data they capture and the set of metrics they use to keep them on track. Find out what it takes to scale your team to be a successful global team.
|
Samir Shah, Microsoft Corporation
|
|
SOA and Web Services Testing Involve the Whole Team Serious enterprise application development is moving to Service Oriented Architectures as companies try to leverage existing applications while meeting new customer demands. Even as the ability to connect Web sites dynamically adds significant new levels of business functionality, it opens up a new point of failure with each connection. Code coverage is becoming far less important than the ability to test every component of your J2EE stack in the same environment as it will be deployed in production. John Michelsen shares the current trends in SOA testing, including unit testing with JUnit, test-driven Development (XP, TDD methods), test script automation, load testing, continuous testing, and much more. Learn about the pitfalls in testing SOA systems and why some companies wrongly give up on even trying.
- Trends in testing SOA and Web service enabled applications
|
John Michelsen, iTKO, Inc.
|
|
Security Testing: Are You a Deer in the Headlights? With frequent reports in the news of successful hacker attacks on Web sites, application security is no longer an afterthought. More than ever, organizations realize that security has to be a priority while applications are being developed-not after. Developers and QA professionals are learning that Web application security vulnerabilities must be treated like any other software defect. Organizations can save time and money by identifying and correcting these security defects early in the development process. Ryan English helps you overcome the “deer in the headlights” look when you are asked to begin testing applications for security issues. See real world examples of company Web sites that have been hacked because of vulnerable applications and see how the attacks could have been avoided.
- Security defect categories and responsibility areas
|
Ryan English, SPI Dynamics Inc
|
|
STAREAST 2006: Lightning Talks: A Potpourri of 5-Minute Presentations Lightning Talks are nine five-minute talks in a fifty-minute time period. Lightning Talks represent a much smaller investment of time than track speaking and offer the chance to try conference speaking without the heavy commitment. Lightning Talks are an opportunity to present your single biggest bang-for-the-buck idea quickly. Use this as an opportunity to give a first time talk or to present a new topic for the first time. Maybe you just want to ask a question, invite people to help you with your project, boast about something you did, or tell a short cautionary story. These things are all interesting and worth talking about, but there might not be enough to say about them to fill up a full track presentation. For more information on how to submit your Lightning Talk, visit
www.sqe.com/lightningtalks.asp
|
Robert Sabourin, AmiBug.com Inc
|
|
S-Curves and the Zero Bug Bounce: Plotting the Way to Better Testing The use of objective test metrics is an important step toward improving your ability to effectively manage any test effort. With the two test metrics-the S-Curve and Zero Bug Bounce-you can easily track the progress of the test effort. Learn to graph the S-Curve, showing cumulative test cases planned, attempted, and completed over time. Keep track of the Bug Bounce-the number of open bugs at the end of a period (usually one to several days)-and especially Zero Bug Bounce-the first time development has resolved all the bugs raised by the testers and there are no active outstanding issues. Improve your ability to communicate to the project team test results and test needs and make better decisions about when your application is ready to ship.
- Derive a theoretical and actual S-Curve for test cases using historic and current data
- Use the Zero Bug Bounce for tracking defect correction activities
|
Shaun Bradshaw, Questcon Technologies, A Division of Howard Systems Intl.
|
|
Five Core Metrics to Guide the Testing Endgame By its very nature, the endgame of software projects is a hostile environment. Typical dynamics include release pressure, continuous bug discovery, additional requirements, exhausted development teams, frenzied project managers, and "crunch mode"-a politically correct term for unpaid overtime. Although testing teams are usually in the thick of this battle, they usually do not do enough to help guide the project in this critical stage. To improve the overall endgame experience, testers can help entire team’s focus with a few key defects metrics. Robert Galen discusses ways to track these five key defect metrics: found vs. fixed; high priority defects found; project keywords; defect transition progress; and functional distribution of errors. Join Robert to increase the likelihood of delivering your projects on time-and surviving yet another endgame.
- Help traffic the action for the incoming defect stream during the endgame
|
Robert Galen, RGCG, LLC
|
|
Testing Windows Registry Entries Warning: Registry keys may be hazardous to your program's health! Registry key entries in Windows applications-visible or hidden-are often neglected by testers. A registry key entry is a program feature just like any other application function and as such needs to be validated. Michael Stahl describes why registry keys should be accorded special attention during testing and proposes a strategy for mitigating risks posed by incorrect registry key entries. He suggests a test strategy, as well as coding standards for input value and type validation, default values, regeneration, and naming rules. Michael demonstrates the use of correct and incorrect registry keys in common commercial applications.
|
Michael Stahl, Intel Corporation
|
|
Deploy a Peerless Peer Review Process Peer review programs are like parachutes-proper deployment is essential; otherwise, they inevitably will crash. When effectively implemented, peer reviews have a significant return on investment and result in greater product reliability. Lee Sheiner shares the key features for making peer reviews a value-added practice at Georgia Tech Research Institute, including: selecting the proper type of review for each work product, identifying the right reviewers, focusing on early defect detection, using supporting tools, fostering an environment conducive to reviews, managing the review materials, and much more. Learn from Lee the ways they have crosspollinated peer review methods across the organization and how successful peer reviews encourage project groups to "gel" and become highly productive teams.
|
Lee Sheiner, Georgia Tech Research Institute
|
|
The Value-added Manager: Five Pragmatic Practices What do great managers do that others don't? Great managers focus their efforts, increase their productivity, and develop their people. In this session, Esther Derby describes five pragmatic practices that managers can apply to improve both work results and worker satisfaction-give both positive and corrective feedback weekly, consciously decide what not to do, limit multitasking, develop people, and meet with staff individually and as a group every week. Esther says these ideas are not rocket science. If you apply these five practices consistently you will improve the value of your team to the organization-and keep your sanity, too.
|
Esther Derby, Esther Derby Associates Inc
|