11/01/2009 - 12/01/2009

Friday, December 4, 2009

Software Testing - User Stories

1^st of the usual query that they hear most of the time is how user histories are different from use cases. User histories are much simple than use cases. User histories are very easy to generate, discuss & create. They also do not contain any technical details.

Typically lovely user histories are defined in the following format

User histories are one of the primary development artifacts for the XP project teams. A user history contains information so that development team can reasonably give estimate about completing, tester can talk about how it will validate & customer can see its value.

While discussing User histories, you should make sure that they are not very massive. A massive user history leaves the chances of ambiguity & absence of clarity in the mind of growth team. Ideally, you should be able to break user histories so that it can be done by six people in a week's time.

As a I would love to do so that

During consideration of histories of users, you must ensure that there are very large. A user story leaves great potential for ambiguity and lack of clarity in the minds of the development team. Ideally, you should be able to break user stories so that it can be done by two people in a week.

If you are working as a tester in an Agile project and see any history taking longer to complete, consider this as an opportunity to ask questions and see if this can be broken by the functionality or platform or otherwise.

Once a story breaks at the last level, this story is given some points based on how long it will take a couple of programmer to finish it. These user stories that are broken down into tasks and assigned to appropriate developers. Typically, the start of the project, establishing a set of user stories for each iteration or Sprint chooses stories based on the priority and time it would take to complete.

User histories are written in the paper such as cards or post-its. This also ensures that no unnecessary details on the User histories. Once the development team decides on the stories to be developed in a sprint, which is divided into tasks and resources are allocated accordingly.

Most times, these user stories are defined only in terms of acceptance. For example,

As a user should be able to register on the site in order to receive the newsletter is a good example of the user story. As a tester, should be your job to find out negative scenarios and assumptions in this story. For example, what should I provide information to users to register? Is there a distinction between optional and required information? Should we validate the email address of the user before registering? And many more.

Recall, one of the main reasons for the use of user histories is to have an invitation to conversation. According to Ron Jeffries, each user story in Windows XP has three components - Cards (Physical Environment), Conversation (discussion about them) and confirmation (tests that verify them.) One of the widely used acronym for good use cases is called INVEST. How user histories rights is essential to the success of any project fast and therefore INVEST this acronym is used to justify the investment you make in creating user stories.

According to this acronym

I for independent
N for negotiable
V for value
E for Estimable
S for small and
T for verifiable

As a tester on agile projects is very important for you to make sure that all histories that is consistent with work on the characteristics defined by these terms. There are good reasons to do so.

Histories should be independent so that it is easier to plan. Consider the situation where the need to decide which stories to include in the sprint and most of the stories are dependent on each other.

Histories should be negotiable, user histories are not contract with the client are a platform for a clear understanding among totally involved. Anyone should be able to challenge its intention and its application.

User histories should be valuable to someone. You will have situation where in their histories do not provide direct value to his client, but should provide value to someone, could be a developer or tester. For example, as a tester should be able to access the application layer beneath the user interface so that automation is not dependent on the user interface. As We should oppose the application functionality with access to the user interface.

Histories should be estimable, remember we're not saying accurate estimate, but must be

Reasonable estimate. Since stories are negotiable, these estimates may change but should in principle be possible to reasonably estimate the amount of time it takes to complete histories.

Most of the characteristics described above to ensure that user stories are clear and small. This is very important; most of the times of great stories are inaccurate. It is also possible to keep the team moving, with little stories, since it gives a sense of accomplishment or finishing something. Normally, you should try to complete at least 2histories by Sprint (two programmers and a tester for two weeks).

From user stories are the requirement that drives the development should ensure that these stories are verifiable. You can find this for some features like ambiguity, clarity etc that may be used in the verification requirements in the traditional development model.

Remember, user stories are the focus of the agile methodology of software development and as a tester must ensure that their equipment investment of user stories.

Smoke and Sanity Testing

There are two types of evidence which by nature are of very short duration and are usually designed so that major problems are found much earlier in the cycle. These two types of test are:

1. Testing for sanity

2. Smoke Testing

It seems that the smoke test of the word comes from the industrial test equipment. The smoke testing procedure is considered a safety test by a curtain of smoke into parts of the sewerage and drainage to detect sources of unwanted leaks and sources of sewer odors.

Proving for sanity is a surface test, but is performed whenever a cursory analysis is sufficient to prove the coating works consorting to specifications. This level of analysis is a subset of regress testing. Normally includes a set of fundamental tests of basic GUI functionality to demonstrate connectivity to the database, application servers, printers, etc.

However, in the field of trial software smoke test is a very important element. I often look for the two words have been used interchangeably. I will focus on the aspect of smoke test in this article.

Smoke Testing is applicable when adding new components and are integrated with existing code. Ensures that the building is not broken. The product in its current state is smoke tested daily. Merely ensures that the building is not broken and is ready to test further. Once an engineer certifies the smoke test is successful, the test team can take action to test deeper.

Typical features of Smoke Testing:

It exercises the entire system end to end.
It is not exhaustive, but should be capable of exposing major problems.
It ensures that the core functionality is the accumulation of work and is stable enough for further testing thoroughly.

Smoke Testing Advantages:

Reduction of Risk of Integration: From smoke testing is carried out integration problems are discovered at a much earlier stage than later in the cycle.
Find big problems: A good test designed smoke can increase the probability of finding a big problem when software is built early in the cycle. So catch bugs earlier in the cycle.
You can save time and money - If a major problem is detected at the stage when the software is ready built, it can save time and enormous costs if the mistake was discovered at the end of the cycle.

Thursday, December 3, 2009

Software Testing - Stress Testing

Stress testing has a different meaning for different industries where it is used. For financial sector and the sector stress testing, a testing process of financial instruments to determine their robustness and accuracy level that can sustain under extreme conditions such as sudden market decline continued or at a certain level, sudden or extreme change on various parameters, for example, interest rates, repurchase agreements and time used in the financial sector, the sudden rise or fall in price of substances that may affect financial forecasts, etc. for manufacturing, testing effort can include different operating parameters and processes for the testing of different systems. For the medical industry, stress testing, a process that can help understand the condition of the patient, etc.

Stress tests in the IT industry

Stress tests in the IT sector (hardware and software sectors) means of testing software / hardware for its effectiveness to provide a consistent and satisfactory performance in extreme environments and stresses such as heavy network traffic, loading procedures, below or above the underlying hardware clock, working on applications for the maximum utilization of the resources of the periphery or in the system, etc.

In other words, stress testing helps find the level of robustness and consistency of performance as satisfactory or even crossed the limits for convention procedure of the system (software / hardware).

The most important use of stress testing is in testing software and hardware that are supposed to work at critical or real situation. As a website is always online and the server hosting the website must be able to handle the traffic in every potential way (even if traffic increases the variety), a mission-critical software or hardware that works on stage in real time, etc stress testing in relation to certain websites or software is considered an effective process to determine the limit, in which the system / / software hardware / website shows strength, is always available to perform its task, effectively manages the load that the normal scenario, and even shows effective error handling in extreme conditions.

Need for exercise testing

Stress testing is considered important for the following reasons:

1. Almost 90% of software / systems are developed with the assumption that they will operate in the normal scenario. And even if one considers that the limit of the normal operating conditions met, not much higher than might actually be.

2. The cost or the effect of a very important (critical) software / system / website failure in extreme conditions in real time can be huge (or can be catastrophic for the organization or entity that owns the software / system).

3. It is always best to be prepared for extreme conditions instead of letting the system / / software crash site, when it crosses the boundary of normal operation.

4. Tests conducted by the system developer / software / website may not be enough to help illuminate the conditions that lead to system crash or software when it is actually presented with the operating environment.

5. It is not always possible to make any problems or errors in a system or software, unless it is subjected to such tests.

To help overcome problems such as denial of service attacks, in the case of Web servers in a Web site, violation of safety due to problems with spam, hackers and viruses, etc., the problems arising from the conditions where / system software or website needs to process applications for resource allocation processes of interest at the time when all the necessary resources are already committed to some other process that needs more resources to complete its work (known as deadlock), memory loss, race condition, etc.

This type of testing is done mainly with the help of stress testing different programs available on the market. These tools are configured to automate a process of increasing tension (ie, the creation and increasing degree of adverse environment) in a system / software / website and capture the values of various parameters that help confirm the robustness, availability and performance of the system / software / web is being tested. Few of the actions involved in the stress test are bombarding a website with a large number of applications, the management of many sources of applications on a computer, making numerous attempts to access ports of a computer to hack it and used for various purposes, such as spam spread of viruses, etc.

Open Source Software Testing Tools and Scripts

Tester Tools is the largest website of Software Testing Tools with a variety of specific tests of open source software testing tools, ranging from scripts to test software security software systems, test harnesses and cloud computing .

We all live in the era of computers, there are plenty of inventions and changes are happening every day that relates directly to the computer. These updates and assistance to inventions in the heart of computer technology to be stable, but there is a kernel that has the ability to control even the core of the computer.

It's just the software

Acts as an effective interface between humans and computers. Since the first program built in the 1940s to the latest version of Google Earth 5, software diligence is the only industry that became a super star in the night. Now, we have software that rescues people from committing suicide to those used for the Mars mission.

However, all these programs have to undergo rigorous testing before being marketed or used. In principle, this test is performed manually with a software tester trying to do different things with the software, the test of reliability and other Aspects of the software for a specified period of time, check whether the software codes are properly and then loop software is released.

It took a long time for this process of testing to do, so the engineers came up with the idea of software that can try different software. And these programs were then known as generally as software testing tools. There are plenty of websites offering different software testing tools for a software engineer to test your software, but no comprehensive website offering the software testing tools of all kinds, but not anymore!

Besides all these features, the website also allows developers to upload their own software testing tools for the web, all you need is go to the page Send an instrument, then complete some simple details of the tool software testing is presented. The administrator will check the tool and add it to the list of other tools.

With all the great features and flexibility of this software testing center, stands out from the rest of other sites, and will become one stop location for all the testers out there.

Software Testing - A Cautionary Tale

There are some basic rules of them, who will serve you well in testing any application that deals with lists of data (and applications that do not?).

1.1, few, many "

2. "They make no hypothesis"

3. "Remember to mix a little"

This case study covers a very interesting example of where following the rules of thumbs * exactly * dividends.

The problem of

There was no interactive reporting solution that was having performance issues: in essence, there was some pathological performance degradation in some circumstances.

It contributes the lion's share of wasted time was in a 3rd party component that really could not be

There were several passes on the problem and things always did:

Direct: get the draft issue and simply pause the debugger at the point of obvious pain
Scrub indirect: the code in search of opportunities
(Time) through validation tests: write an automated script to perform the information component through a series of configurable settings

These scrubs palpable difference in each iteration: for reasons related to the limitations of the component of the 3rd party application and framework which was held on traceability was not large in the code and found to be difficult to get the right job the first time.

There were significant improvements made however: minutes became seconds in some cases, giving an indication of the potential seriousness of the issue of interactive applications.

However, it is that even if the encoding was achieved "first law" was not a hidden track that would have caused a return to the bench due to a serious performance problem.

The pump

In this case, it pays to enter a small detail:

Developers and testers have a certain level of awareness of the importance and complexity of a given process run time: in essence, tend to have an expectation that (approximately) the runtime is going as O (n) and many other applications is a strong pressure of nitrogen to a small number, otherwise the user experience can be very disappointing. Many defects arise around the issue that n is not really a small number. In this case, no figure appeared to be an acceptable if not excellent.

Developers and testers got a big surprise when at the last minute of the product release cycle of a project that was presented wholly challenged the performance as seen by developers and quality control. It took years to carry out what is immediately in much larger chunks of data.

What was happening?

The developer to debug the application: the calling sequence like any other data, only taken a very different time.

What is different in the project?

Well, one of the arrested were limits to open from the default of several hundred to several thousand people - that there was never any evidence of this number of elements in these lists but still a thousand years is a small number of modern machines with the functions that have an acceptable order of n.

Therefore, expectations are challenged: What was happening?

The automated test was repeated with the limits set to the default-busting - the quality was still acceptable and much better than the proposed problem.

It has reduced the data in the project. The automated test data that was created in a controlled manner and could not help.

Back to the developer.

They work hard for the last days of term development of the answer suddenly became clear in the purification and compare the behavior of large projects "good" and "bad" major projects.

The behavior of a key role to participate in the interactive exercise component was not simply characterized as O (n). A better indication would be O (n) + O (x) where x and y are the counts of items in the lists used by the component.

Where X and Y, below the default implementation of the second term was never observed by the behavior and the 3rd party component source was never discussed at the level where the fault could be found. When the defaults of the application exceeds this mass O (x) had the opportunity to be - "very important".

Why not capture the automated tests that when the larger sizes, were established in new settings?

Because the tests made a reasonable assumption - that n matter and therefore was not observed by the evaluator and advocate that the size of the list were all the same – x y is always zero

The proposed issue has real data with lists of great and different - all he did was a list that several articles of 1000 long and the other to be small for the performance problem besetting be exposed.

The moral of the story

One could argue the original bug report contained the core of the solution, providing an example of a rule of thumb # 3.

Golden Rule # 1 was initially intended to be covered adequately, but fatally compromised by the pathological behavior of the application. The application appears to be the game of assessors and internal model of development of certain very specific conditions; they were sadly realistic that a key feature.

Custom software development

During the development of complex projects you are faced with the choice between centralized management and decentralized projects. Centralized management means that the application of all phases of the project (from the simplest to the most difficult) is under control. At that time, there is a "Think Tank", keeping track of everything happening in the project. Decentralized management does not mean total rejection of project manager, who makes major decisions. This type of management implies that the control phase of the projects lies primarily with mini centers to report to the head of the general course of some phase of implementation, without elaborating.

Both approaches are in use, but its effectiveness depends on the structure of the company and developing the project. The centralized approach provides an advantage of full control over the process, and provides an opportunity to react in time if some phase of the project fails. Higher project risks to the terms or expected issue is reduced to the minimum in this case. But it is the reverse: the Think Tank is overloaded with information flow if the project has many steps and is divided into several subtasks. That has to process a large number of reports and consequently, the risks of failure of its primary mission: total control. The overworked heart can focus on the quality of various stages of project implementation, but may lose the main idea of the project in that. It is particularly relevant in the case of projects of large scale, complex developments, where project participants are in different time zones. Mini-sites can be created on the basis of pieces of projects, divided according to their subjects, or participants, close to each other in their geographical location. The central office does not know exactly what is happening in that or another area, but still free to support the main idea of the project and control over the major stages of project implementation. Using the decentralized approach risks doubt the main campus to inquire about the failure of sometime in the last minute.

The world has been experiencing a wide application of the recently decentralized system. It has a direct relationship to globalization and expansion projects. Many companies have employees working in offices located in different countries, or even at home. But one should not completely abandon the centralized approach - that is able to ensure the correct application of small tasks and projects that bring real benefit and ensure the development of your business.

Software testing: Static

A static test is necessary for detection of defects in the design phase and verify precisely the tasks for development of program modules and test plan. Thus, immediate performers of software modules will have a minimal sufficient package, but at the same time documents allowing them to begin working with waste minimal time in the study documents and comprehension tasks. Testers, in turn will have a comprehensive test plan, allowing them to verify the operation of the program product according to a criterion of "how it should work", not "how it was to work", as often happens.

The economic benefits are obvious static tests. Most of the large errors in the products of the program are derived from incomplete lists of demands of the tasks or incorrect. A developer often receive inadequate or excessive package of documents. These difficulties will be solved, using the static test. This means that the possibility of serious errors is dropping in the development phase. According to estimates, the costs of correcting errors in the static testing phase is 5 times less than in dynamic testing phase and 20 times less than in the operation stage of the product program. Our team will offer a series of operations necessary for the static test, ensuring high quality project documents and minimize the possibility of critical errors in the software already done.

The static testing involves contacts with the client or the contractor for the project, i.e. a person, able to express explicitly and the task of correcting the claims, if necessary.

The next job of the requirements for the software product: the client or his representative, the representative of the developer’s team representative team of assessors. At this stage the team of testers to control, to the list of requirements is complete and consistent. In the development stage of the testers of the composition of tasks, together with a leading developer of check, if tasks are full and not excessive.

A test plan for dynamic testing is formed during the static test. In it, including control of all the requirements for software products, and control of checkpoints, defined together with developers, as the choice of endpoints of the test depends on the programming tools significantly.

Conventional software testing in a Scrum team

If you are a professional application tester, or work in quality assurance, I consider you to be
(like me) a "conventional application tester." Increasingly, conventional application testers are finding themselves on teams using the Scrum development method. For testers unfamiliar with iterative lifecycles, this can be a real challenge. Having been on a variety of projects using Scrum as a conventional application tester, I'll share four stories that describe different approaches for testers.

The Scrum methodology can pose a challenge for application testers who are used to more traditional waterfall-inspired development processes. Jonathan Kohl relates his experiences working on Scrum teams who found some clear advantages in changing their methods.

What is Scrum?

According to the website of Scrum, Scrum is an agile process, light that can be used to manage and control software and product development using iterative, incremental practices. "The best place to start learning about Scrum is the page About the Scrum website. It's a good idea to learn as much as possible about Scrum as a tester, in particular the principles and theory behind it. To understand the terminology of this article, I will summarize some aspects of Scrum.

Scrum is a software management process that uses an iterative lifecycle and focuses on communication, including feedback loops. Each iteration, called Sprint, takes about four weeks. A Sprint is a block of time in completing the software development. Ideally, a complete vertical section of the application is submitted at the end of each Sprint. When each "slice" board, you have the full product. A Sprint is a longer cycle of votes in which the software developed in the last iteration is demonstrated to project sponsors and end users.

Short resubmit loops are also produced every day. These everyday Scrum meetings last fifteen minutes, during which team members describe what we are working and raise issues they might find. The Scrum Master (the person who manages the project management) will Scrum meetings.

Work to be undertaken during the life of a project (a project contains several Sprints) is summarized in an accumulation of products. The Product Backlog contains a list of characteristics needed for the project; this is the scenario for the project. Each also has a Sprint backlog tasks to meet a number of features in the Product Backlog. This describes the work of a special sprint. These documents are often written in a high level. The details can be filled in according to the practices of the team. How to perform tasks to achieve the objectives of the project left the team in Scrum, so it's common to see Scrum teams using Extreme Programming or other within Scrum.

For the evaluator, the most important things to note about Scrum are its iterative lifecycle and frequent communication. Both may require some adjustments by the examiner, who can be relied on to do the following:

Proof of within each iteration, rather than the end of a development cycle
Decide what to test when a product is still unfinished
Collaborate with team members rather than working in isolation
Participate in daily status meetings are a maximum of 15 minutes duration

Request Information on individual chemical through tests, and work with other team members to determine what to test, rather than testing requirements documents.

Thursday, November 26, 2009

Software Testing Tools to Test Cloud Computing Applications

Scalablity With its dynamic, flexible and virtualized resources are provided as a service, cloud computing is seen as the dawn of a new era for application services and has received its fair share of applause. Documents With Google, Flickr, Buzzword and Zoho as examples of general purpose applications that use Cloud Computing technology is only a matter of time before that cloud computing is seen as the most viable option for development and deployment .

With giants like Microsoft, Google and Amazon all competing for a position in the cloud computing space could be expected to have a lot of Cloud-based software applications currently available. Although this is sure to be the case in the near future, Software Testing now seems to favor the current use of cloud environments.

A recent study by Evans Data, an independent research firm that conducts regular surveys of developers found that the clouds with facilities for running applications, 49.8 percent said they were doing experimental or prototyping, the 28.6 per cent for business-critical applications and 21.6 percent for business-critical applications. Come be good cloud environments for testing, since it can establish and tear down quickly, sometimes at lower cost than in premise installations.

The question to answer, then, what software testing tools are available to help developers and quality assurance people in its application development and testing procedures. Software testing tools used for testing conventional applications are of little use when applied to Cloud evidence as there is a need for tools that allow software developers and Tester to analyze the network, desktop and implications of changes within the cloud.

A growing variety of clouds based on open author software testing tools have been published.

Tools clouds for example, is a set of tools for distributing, managing and testing Java EE applications on Amazon's Elastic Computing Cloud (EC2). It contains three main parts, which includes images of machines that can be configured to run on Tomcat and Maven and Grails plug-in is an incredible tool to use cloud test Open Source software.

Push To Test Maker is a distributed test environment that can run tests on test equipment, or a cloud computing environment. It is the introduction of specific commands for the automatic support of clouds testing services.

Clouds and Tools Maker Push To Test test are examples of products that will help shape the future of solid cloud base software testing applications. Although the technology is in its infancy, a number of testing tools are emerging that can provide assistance in the cloud-based testing software.

Visit Tester Tools for Open Source software testing tools and scripts including a section on testing tools Cloud Computing displaying the latest tools Cloud Computing Software Testing.

TST - Accredited Casino Software Testing

Technical Systems Testing (TST) is internationally recognized and independent accredited testing facility on the ground and the online gambling operations. Established in Australia in 1993 and also has offices in Vancouver, London and Macau.

TST audits and certifies that online gambling operations are fair, secure and auditable. It also certifies that the gaming operations to comply with industry standards and meet legal requirements imposed by the licensing jurisdiction. Certificates issued by TST are accepted by software vendors, licensors, the online casino operators and the Internet gaming community.

As for online gaming concerns two aspects of the audit are crucial TST. One is the test of random number generator (RNG). In the online casino games the results have to be unpredictable but fair. For example, roulette players should not be able to predict the next number. But with a large number of turns of each issue should have been called with the same frequency. In online roulette this is achieved by the RNG, which uses a complex mathematical algorithm to generate random numbers. These random numbers are then assigned to the numbers on the roulette. The same process is true for other casino games online. Therefore, if the random numbers generated by the RNG are fair and unpredictable then the numbers of roulette or cards in blackjack or dice thrown on the dice are fair and unpredictable. TST evaluates both the gross balance of the RNG and the output after having been allocated to specific results for the bias using a number of standard techniques such as General RNG analysis, DIEHARD battery of tests and the final result of testing distribution.

The critical aspect of the concerns of other TST's evaluation of the games. The games are first evaluated for the correctness of source code, images, functionality and specific features of the game. But most important are the calculations of payments made regularly, using real data generated in the actual operations of the online casino. The average payout percentage is the amount paid by the online casino for every $ 100 wagered. This figure is calculated over the period set for each group game and every game as well. TST reports of these results through a certificate that is placed in the public domain by the casino operator. Players can compare actual payments offered and decide whether to play at the casino or not.

When the online casino software has been tested by TST all stakeholders are assured of the accuracy and credibility of the TST results due to the experience brings to the table due to their independent status. The licensors are easier to license operations that have been tested by TST, software vendors are more readily available operator customers if the software has been tested by TST and online casino operators easier to attract traffic if its operations have been audited by TST.

LogiGear's Software Testing and Quality Assurance RSS Feed

RSS?RSS stands for Really Simple Syndication or Rich Site compendious or RDF (Resource Description Framework) Site Summary. RSS files are text based files in XML format. An RSS file is simply a list of items, consisting of at least one title, summary and a link (URL) to a web page. RSS files can also be referred to as RSS feeds or RSS feeds. The editors of websites, such as LogiGear use RSS feeds to distribute information such as articles or press releases. This makes it easier for interested people to get and read this information.

LogiGear RSS Feed

LogiGear makes articles on issues of quality assurance testing of software available through its RSS feed. The feed is updated regularly with new articles of interest to software testing and quality assurance community. LogiGear articles are written by renowned thought leaders in the software industry for quality control testing, including:

* Hung Nguyen - Mr. Nguyen is co-founder, CEO and President of LogiGear Corporation. He is co-author of the bestseller in the field of software testing, software testing (Wiley, 2nd ed. 2002) and other publications including test applications on the Web (Wiley, 2nd ed. 2003). Mr. Nguyen is an American Society for Quality Certified Quality Engineer and a member of the Advisory Board of UC Berkeley Extension Department of Applied Computing and Information Systems.

* Hans Buwalda - Mr. Buwalda is the Chief Architect of LogiGear Corporation. It is co-author of Integrated Test Design and Automation (Addison Wesley, 2001). Mr. Buwalda speaks frequently at international conferences on software testing concepts.

* Michael Hackett - Mr. Hackett is a co-founder and Vice President of Business Strategy and Operations, LogiGear Corporation. He is coauthor of the popular book test applications on the Web (Wiley, 2nd ed. 2003).

Benefits for End Users

By subscribing to the RSS feed LogiGear receive automatic updates as we publish more articles on issues for the consideration of software quality assurance. This allows you to keep up with the latest information without spending a lot of effort.

Benefits for Web Publishers

Web site publishers that publish articles on software and quality control issues can also benefit from LogiGear RSS feed. You can put LogiGear RSS feed on your website as a way to provide the latest information on quality assurance testing of software to their readers. As we update our supply of the information contained in our feed on your website is also updated automatically.

NOTE: We recommend using PHP include food for you to benefit from search engines by having the content of your website.

NEED HELP FOR INCORPORATING THE LOGIGEAR RSS feed on your site? See Adding the LogiGear RSS feeds to your website.

How to read RSS LogiGear

To study the articles in the LogiGear RSS feed you have to sign to the feed using an RSS reader or aggregator. A feed reader / aggregator is a web service or software on your PC that lets you subscribe to and read RSS and LogiGear's. RSS readers / aggregators are available as Web services, such as "My Yahoo!", Built in some web browsers such as browser plug-ins or extensions, and thus independent programs. Wikipedia provides information on the readers or aggregators, including links to lists of readers or aggregators.

Software Testing - How to Not Chase Away Your Customers

Online commerce and e-business are about to exceed the traditional business models. This has become much more evident with a large number of companies developing software applications carefully directed into the online retail sector, especially the implementation of online businesses and small businesses to large scale. The latter is more important, and unlike the big names of business customers, which already has a brand presence in the real world, small-scale enterprises also require software applications executed established as an online brand intimidating.

But software retail development is only half the ingredients to cook the perfect and successful history of commerce. Despite market trends and demands of millions of consumers to change the date and time is not sufficient to have only a model of great software for uploading to the top. What is also needed is a strategic vision and fully fund retail software testing process that has to be detailed and practical, leaving no room for mistakes, even marginal or allies in the code elements. The fact that retail software brings some of the more complex codes and algorithms makes the job of the examiners of all the most difficult.

Features such as maintaining databases, Point of Sale (POS), integrating them with other third party software applications and links, as well as financial accounting, employee records, etc., all to be properly tested to avoid a situation where either you or the consumer is at a loss - financial and rational confidence. Any problem that is allowed to persist, with or without the use of software testing, can seriously hamper the chances of it as a popular brand and reputation in the commercial circuit.

A POS (Point of Sale) system often poses problems of high-end security that are impossible to resolve once built and launched. However, a software tester qualified retail can easily solve the problems of security such that most tend to develop from small coding errors, snowball into a major security threat that may , can force an e-business firm to bear the stamp of "fraud". Another example of consumers to identify e-business portals mind is the question of POS systems receive discount offers, prices or special concessions. This is another case where customers can take the error in the software as intentional wrongdoing on behalf of the E-Business portal. These points may seem trivial, but with millions of businesses accessing the portal and find the same mistakes that can lead to a rapid fall in popularity and statistics of actual sales for the entrepreneur.

Therefore, it is important to have professional testers review the code of all retail software to develop for their clients. Most master testing authorities add a margin of unprejudiced attention to the testing software code, therefore, the omission of even the smallest details in the house testers sheerly would have jumped on trust! Therefore, unless you want consumers to decrease quickly, evidence of retail software (professional and experienced software tester’s retail) is the only element to swear by to achieve success. Not only the evidence of retail software helps retain customer loyalty, but also helps build and beautify the credibility of the company!

Software testing - Alpha Beta and Gamma testing

In software development, testing is usually required before release to the general public. The development phase is known as the alpha phase. Testing during this phase is known as alpha testing.

In the first phase of alpha testing, developers test the software using white box techniques. Additional verification is then performed by a black box or box techniques. This is usually done by a team of testing. This is often known as the second phase of alpha testing.

Once the alpha phase is complete, the development comes into the beta. Software versions, known as beta versions are released to a limited audience outside the company. The software is released to groups of people so that new evidence could ensure that the product has some flaws or errors. Sometimes, beta versions are made available to the public and open for increasing the comments field to a maximum number of future users.

During the beta testing, informally called 'closed beta test is restricted to black box techniques despite a core of test engineers are likely to continue with the white box testing in parallel with the beta testing. Thus, the beta term can refer to the stage of software closer to the release to be "alpha" or may refer to a particular group and the process is doing at the time. So it could be a tester for further work in the white box testing, while the software is "in beta" (a stage), but he or she would then not be part of "beta test" (group or activity). Evidence of gamma rays is a little-known informal phrase referred disparagingly to the release of "Buggy" (defect-ridden) products. There is a technical term among testers, but an example of referential humor. Cynics have referred to all software releases as "gamma test" because the defects are found in almost all trade, commodities and software available to the public over time. (Some types of inclusion, and highly specialized process control software are tested more thoroughly and subjected to other forms of guarantees rigorous quality software, especially that "criticism of life control" team, when a mistake can result in injury or death). (see I vars Peterson fatal flaw for counter examples).

If alpha and beta refer to the stages of the software before release (and implicitly the size of the testing community, and the limitations of test methods), white box, black box, and the gray box refers to the ways in which the examiner access to the target.

Sunday, November 15, 2009

Software Testing – Tips for Automation testing

Automation is an important aspect of software testing. Testers use various tools to automate their testing activities. The choice of instrument depends on the type of application under test. There are various tools available on the market, such as Rational Robot, Mercury Quick Test Pro, Test Complete and many more.

Makes automation to make life easy, but the automation of the testers in itself is a difficult task. There are many problems they face, while the automation of an application and a tester has to find a get around that problem.

In this section we give some tips Geek Test for automation. These tips are mainly drawn from personal experiences and are very useful in cases where a tester is stuck in a similar situation.

Waiting for long to complete processing

A common problem they face, while automation of the financial applications or application that requires too much processing time is expected to appear some windows or buttons to become active after the processing operations very long. This time can vary from 5 min. 30 min. Sometimes the automation tool does not respond after a long interval. One such problem was encountered while automating an insurance company based on the application. The processing time was over 15 minutes and the tool used for automating the answer after 15 minutes. The result was that the evidence cannot be completely automated. To address this issue had many options:

1. Wait Property: allows pausing script execution until the property specified object is equal to the specified value or until the specified timeout is not more than

2. Wait Child: This delays the execution of the functions of the script for the specified period or until the specified object.

3. BUT these tricks do not work for the longer processing time as 30 minutes. This was the work on monitoring the CPU usage. Since this function 'Process. CPU Usage' will constantly monitor the CPU and will pause script execution until the CPU has been reduced to zero or below. This trick is very effective. Even after 40 minutes of processing time, I continue my script execution as intended. Wait for the circuit to the CPU usage becomes 0.

Software Testing – Need to take care

There are some basic rules of them, who will serve you well in testing any application that deals with lists of information (and applications that do not?).

1.1, few, many”

2. "They make no hypothesis"

3. "Remember to mix a little"

This case study covers a very interesting example of where following the rules of thumbs * exactly * dividends.

The problem of

There was no interactive reporting solution that was having performance issues: in essence, there was some pathological performance degradation in some circumstances.

It contributes the lion's share of wasted time was in a 3rd party component that really could not be

There were several passes on the problem and things always did:

* Direct: get the draft issue and simply pause the debugger at the point of obvious pain

* Scrub indirect: the code in search of opportunities

* (Time) through validation tests: write an automated script to perform the information component through a series of configurable settings

There were significant improvements made however: minutes became seconds in some cases, giving an indication of the potential seriousness of the issue of interactive applications.

However, it is that even if the encoding was achieved "first law" was not a hidden track that would have caused a return to the bench due to a serious performance problem.

The pump

In this case, it pays to enter a small detail:

What was happening?

The developer to debug the application: the calling sequence like any other data, only taken a very different time.

What is different in the project?

Therefore, expectations are challenged: What was happening?

The automated test was repeated with the limits set to the default-busting - the quality was still acceptable and much better than the proposed problem.

It has reduced the data in the project. The automated test data that was created in a controlled manner and could not help.

Back to the developer.

They work hard for the last days of term development of the answer suddenly became clear in the purification and compare the behavior of large projects "good" and "bad" major projects.

Why not capture the automated tests that when the larger sizes, were established in new settings?

Because the tests made a reasonable assumption - that n matter and therefore was not observed by the evaluator and advocate that the size of the list were all the same – x y is always zero

The moral of the story

One could argue the original bug report contained the core of the solution, providing an example of a rule of thumb # 3.

Software Testing - Definition and introduction

Agile and Scrum are not alien to us more. The industry has adopted Scrum and agile for the value they provide. People have used Scrum in many ways and modified it to suite your needs and project requirements. It is not unusual to work together with many variants of the columns, with stretched tasks, defects, burn cards and so on. If you are not familiar with the requirements are managed in Agile / Scrum world, you can find this article interesting stories from users.

To summarize, in general, the requirements are managed agile world in the form of user histories in intersection backlog. During the Sprint planning meeting, intersection owner gives a list of user histories that are important to the current sprint along with their conditions of satisfaction. Equipment breaks the story into smaller tasks and gives your estimated time to finish them.

These tasks are in the task panel, along with user stories and team moves in the board task. Typically a job can move in four stages, has not started, in progress, done and done do. The tasks are treated as 'fact' when developers are finished coding and then moves to 'Done done' when finished taste testers.

Often, teams do not have clarity about the meaning of "Done", and when all tasks must be treated as "Done". Different people interpret 'Done' in different ways according to their functions in the scrum. For example, the developer might say that the task is done when working on your machine, try to work as test is done if you are in a state that is verifiable, Scrum Master might say that one does when one is outside the accumulation and so on. Since people have different meanings in fact, the tasks are carried out, but could be some of the conditions under which it becomes really, there is probably some room for design and code enhancements, documentation, etc...

As a result, management and the client receives a false sense of speed. They think that the features are carried out and are ready for production, but actually made with some caution. Are made, but there are some techniques associated with their debt. Features are made, but are partially tested, documented only rarely optimized and ready for release, but without trust.

A simple solution to this problem could be defined explicitly and clearly so that everyone knows what is the meaning of. This will also give opportunity to the owners of the product to see if they want to do something else before trying to tasks as done. An example might actually be "The task is performed when it is applied, the test unit, the code is revised, integrated, tested across browsers and is ready for further testing"

Once the definition is in fact approved by the entire team can be applied in the form of checklist or individual elements such as unit testing, code review, integration etc. can be treated as separate tasks and can be attached to each story.

This should be the responsibility of all equipment to ensure that every person on the team is adhering to the definition of fact every time a task moves indeed under way, the team must ensure that not only is working on the computer developer, but is made according to the accepted definition of fact.

Once we have this definition in place, the team will be a little closer to his ultimate goal of producing high quality new code as factors that can be deployed at any time with confidence.

Web Application Security Testing

This is the last article of the series of safety tests of web applications. In previous articles we have seen many interesting exposures as SQL injection, Cross site scripting vulnerabilities related to the environment and so on. If you have not gone through these articles, you may find it interesting to read in the articles section.

In this part we will examine security issues related to authentication and Web Services. Authentication is the core of many Web applications, since in the WWW world, we need to verify the connection of each client to ensure that there is a malicious user. Similarly Web services are commonplace these days, and most common applications used daily, may be using Web services. Threats associated with Web services are very different from what we have seen.

Authentication can be vulnerable for various reasons. As a tester, the security of web application certification, these are the things you should consider --

Fake Cryptography

Traces of cryptography and obtaining traffic information dates back hundreds of years. It becomes even more important when most of our personal data on the Internet for everyone to see, if not encrypted properly.

There are many ways that data can be encrypted so it is hard for anyone on the Internet to understand. Often, developers also rely on weaker encryption technology or use their own substitution cipher, which can be very easy to break for the experienced hacker. It is also possible to get an idea about the encryption technology used by looking at the encrypted data. For example, the presence of alpha-numeric characters only and '=' may indicate that the base64 encoding is used to hide data. Similarly, if you have access to the encrypted data and encrypted data, you can make minor changes in data and analyze the encrypted data to determine whether substitution cipher was used.

The only way to protect against this attack is to use widely known security algorithms like RSA, Triple DES etc. as oppose to inventing something new. Encryption using strong cryptographic process is an effective way of making sure that information is available to only cleared users.

Breaking authentication

In the world of Web applications, is extremely important to ensure that the information given to the appropriate users. Most of the time-out mechanism to make this insurance is through the use of username / password or some other form of validation to ensure that the user requests the user in fact, real. When a legitimate user transmits this information from the browser to the server, this information is online and potentially available to all hackers to exploit. If this data is not coded correctly, this information can be interpreted as if nonce feature does not apply, each applicant can be played by the attacker. Even on the client side, you should ensure that simple and very informative posts related to validation errors are not making life easy for attacker and harder for you. It is also necessary to check whether there are any restrictions on the length of the password field, if the username password case sensitive or not, and so on. If possible techniques such as CAPTCHA (that accompanies the recognition of simple words in image format, it will be difficult for teams to identify, but easy for humans) can also be applied as a protection against brute force attack. You should also make sure you always make sense, information is sent over HTTPS instead of HTTP.

Web Services

Last part of this series is devoted to security testing for Web services. In recent years we have seen tremendous growth in the use of Web services. Before housing in the safety issues associated with Web services, to analyze very briefly, what is web service? Web Services are self-described, independent of the functionality of the modular pieces that can be published, located, and invoked across the Internet. Web services can expose business functionality, data and services via the web through their interfaces. At the heart of Web services are different technologies such as Extensible Markup Language (XML), Simple Object Access Protocol (SOAP), Web Service Description Language (WSDL) and Universal Description, Discovery and Integration (UDDI). XML is used to describe data independent of the application, platform, protocol, etc SOAP is used to transport network XML, WSDL contains information related to the UDDI interface and allows you to find specific web service you need. WSDL offers many advantages over traditional APIs that it provides flexibility, platform independence, together with architecture vague, imprecise because of their architecture and general availability of its interface, Web services are vulnerable to threats from some more, along with some of the threats that have already included in our previous articles.

WSDL Scanning Attack

Although WSDL is designed to expose and describe all information that is available in a method, not a time for information in its side wall corporation may also be accessible to the general public. This can occur for many reasons. For an experienced striker who could be a wonderful piece of information. WSDL Scanning publicly available is not very difficult. Most citizens from Web services can also be accessed by search engines by specifying your search, for example, on Google you can search for specific file types or the presence of certain keywords, as in the WSDL URL.

Parameter Manipulation

As the person responsible for ensuring that their service is safe and secure website, you need to make sure they still do all the validations that you would otherwise. For example, the underlying format for transferring data in web services is XML and it can be assumed that a valid request for data will be well trained and follow the rules specified in XML schema, still need to validate all data it receives. XML examine 1 = 1 or - as a valid string, but you must ensure that the chains and understand how these can be used for attacks in your web application and must be validated before being processed.

X Path Injection

X Path is a language for querying XML documents. It is very similar to SQL in purpose, but instead of consulting a database of tables and rows, using X Path can query an XML document for specific information by specifying the node, node-set, etc. An attacker can inject malicious X Path expression as part of a valid SOAP request, which can lead to unauthorized access of data. While using web services, try injecting XPAT very similar to SQL injection and are based on the validation of all data it receives.

Recursive and high attack payload

XML uses nesting to represent the complex relationship between the elements. When an element within another element, the inner element which is called nested. Nesting is often used to represent real world structures in a better way. However, an attacker can easily nest thousands of elements or attributes in an attempt to break the Web service. Since most XML based system attempts to load the entire document before processing, nesting or too large XML document can potentially break the web services. Especially if your application is using DOM (XML loaded into memory before accessing it), could be susceptible to this vulnerability.

These items are influenced by the book ( "How To Break Web Software" by Mike Andrews and James A. Whittaker) I recently read and you should be good reading for you if you need information on the implementation of web security testing.

Software testing techniques: detail view

For an IT organization, developing a software system that meets the needs of business clients is always a challenge. The company must ensure that the software system is delivered to clients is free of errors or defects and reaches the customer's needs as required. But this can only be ensured by the following test software and rigorous procedures for quality assurance.

Software testing is a process without which the life cycle of software development (SDLC) is incomplete. It is the process that identifies the accuracy, completeness and quality of programs developed during the SDLC. Software bugs and poorly tested code cost millions in damages and millions more in time and money to repair the defect. The organizations seek to develop software applications that must act in a manner that causes the least amount of surprises for the user. In short, it must be free of errors. New paradigms of software testing are being adopted and used in the software development process.

Due to this, the program testing field has emerged from the shadows in the world IT space & has claimed its rightful place in the IT market. Gone are the days when program testing was considered a poor cousin of program development. Today the global program testing market is estimated to be USD 13 billion dollars. & according to IDC, USD 1 billion dollars of the global market size was accounted by Indian companies. In this article, they talk about program testing techniques, trends that are coming up in this arena & also new program development paradigms.

Software Testing Techniques

Software testing is not just about facts and error correction, but also to emphasize customer needs and evidence that these requirements are met by the software solution / application. It is the most important functional phase in the SDLC as it shows all errors, defects and errors in the software developed. Without rectifying theses errors, known technically as "bugs", software development is not considered complete. Therefore, software testing becomes an important parameter to ensure the quality of the software product.

The ways they can be tested are broadly classified as manual testing and automated testing. Although these methods of control software can be more branched in different types of software testing techniques, such as white box testing, Black box testing, integration testing, unit testing, sanity testing, functional testing, system testing , load tests, etc, depending on the set of requirements and cases.

The manual testing of the program happens in several phases. Self-testing, which is done by developers themselves or by tiny development teams, should be restricted to build cycle itself and should be done while the program development is in the production stage. The program testing method gets initiated from the beginning of the project, where the aspects of the data java script: select All ()provided by the clients are examined by developers and programmers to find out the flaws and issues. They also contribute by providing their views on how to enhance the quality of the program.

Software Testing Network

Websites