Articles

What the Next Standard of CM Will Look Like

When will the ultimate software configuration management (CM) standard emerge? Although Joe Farah suspects that it may never happen, he recommends the next standard: one that will be very well defined, highly flexible, and will cater to agile development, automation, CMMI, and more.

Joe Farah's picture Joe Farah
The Connection between Testing and CM

Testing is a complex discipline. There are various approaches, methodologies, strategies. So where is the connection with CM? As with development, requirements specifications, and other aspects of product development, the connection is on the management side. A software configuration management audit is really about demonstrating that you have test case coverage for your requirements and that the test cases have been successfully run against the target build.

Joe Farah's picture Joe Farah
Testing's Role in the Software Configuration Management Process

In this article, the authors cover how testing can support any SCM environment and how testing can be part of the SCM process. They outline at patterns, roles, automation, and the never-ending search for simplicity.

The Definition of "Done" in Software Development

Getting all of the necessary people together to define what "done" means in a software development project will be difficult. Facilitating such a task will probably be a challenge, but there is nothing like working in an organization that works like a well-oiled machine, where everyone knows what is expected of him or her and just naturally does it.

Alan S. Koch
How Audit Trails and Traceability Mitigate Risk

Traceability doesn't prevent errors and an audit trail does little to help me to recover from one. Does this mean they aren't valuable CM tools? On the contrary, audit trails and traceability are two of our most important CM tools for learning how to mitigate risk.

Alan S. Koch
Build a Model-Based Testing Framework for Dynamic Automation

The promises of faster, better, and cheaper testing through automation are rarely realized. Most test automation scripts simply repeat the same test steps every time. Join Ben Simo as he shares his answers to some thought-provoking questions: What if your automated tests were easier to create and maintain? What if your test automation could go where no manual tester had gone before? What if your test automation could actually create new tests? Ben says model-based testing can. With model-based testing, testers describe the behavior of the application under test and let computers generate and execute the tests. Instead of writing test cases, the tester can focus more on the application's behavior. A simple test generator then creates and executes tests based on the application's modeled behavior. When an application changes, the behavioral model is updated rather than manually changing all the test cases impacted by the change.

Ben Simo, Standard & Poor's
Keyword-Driven Test Automation Illuminated

Test Automation has come a long way in the last twenty years. During that time many of today's most popular test execution automation tools have come into use, and a variety of implementation methods have been tried and tested. Many successful organizations began their automation effort with a data-driven approach and enhanced their efforts into what is now called keyword-driven test automation. Many versions of the keyword-driven test execution concept have been implemented. Some are difficult to distinguish from their data-driven predecessors. So what is keyword-driven test automation? Mark Fewster provides an objective analysis of keyword-driven test automation by examining the various implementations, the advantages and disadvantages of each, and the benefits and pitfalls of this automation concept.

Mark Fewster, Grove Consultants
Testing Requirements: Ensuring Quality Before the Coding Begins

Software that performs well is useless if it ultimately fails to meet user needs and requirements. Requirements errors are the number one cause of software project failures, yet many organizations continue to create requirements specifications that are unclear, ambiguous, and incomplete. What's the problem? All too often, requirements quality gets lost in translation between business people who think in words and software architects and engineers who prefer visual models. Joe Marasco discusses practical approaches for testing requirements to verify that they are as complete, accurate, and precise as possible-a process that requires new, collaborative approaches to requirements definition, communication, and validation.

Joe Marasco, Ravenflow
Crucial Test Conversations

Many test managers feel that Development or Management or The Business does not understand or support the contributions of their test teams. You know what? They're probably right! However, once we accept that fact, we should ask: Why? Bob Galen believes that it is our inability and ineffectiveness at 360º communications, in other words, "selling" ourselves, our abilities and our contribution. We believe that our work should speak for itself or that everyone should inherently understand our worth. Wrong! We need to work hard to create crucial conversations in which we communicate our impact on the product and the organization. Bob shares with you specific techniques for improving the communication skills of test managers and testers so that others in your organization will better understand your role and contributions.

Robert Galen, RGCG, LLC
Testing Web Applications for Security Defects

Approximately three-fourths of today's successful system security breaches are perpetrated not through network or operating system security flaws but through customer-facing Web applications. How can you ensure that your organization is protected from holes that let hackers invade your systems? Only by thoroughly testing your Web applications for security defects and vulnerabilities. Michael Sutton describes the three basic security testing approaches available to testers-source code analysis, manual penetration testing, and automated penetration testing. Michael explains the key differences in these methods, the types of defects and vulnerabilities that each detects, and the advantages and disadvantages of each method. Learn how to get started in security testing and how to choose the best strategy for

  • Basic security vulnerabilities in Web applications
  • Skills needed in security testing
Michael Sutton, SPI Dynamics

Pages

StickyMinds is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.