Test Design


Security Testing: What Fresh Hell Is This?

Testing an application or code for security vulnerabilities is downright difficult—sometimes almost impossible. That is why Linda Hayes, a QA expert, is always searching for new tools that can help her test like a security expert. Linda discusses some of the challenges developers, QA analysts, and testers face when trying to ensure that software is secure. She also offers some solutions that simplify security testing.

Linda Hayes's picture Linda Hayes
Hidden Messages

A defect management system contains data such as how many defects have been raised, the priority and severity of individual defects, and even who is raising them. This information is regularly used by program and test management to guide decision making. In this article, Dan Minkin proves that an experienced test manager can gather useful information by looking at more than just the defect management system's data.

Dan Minkin
table differentiate analysis results from design results How Early Interface Analysis Reduces Risk

Analyzing a project's interface requirements often starts late and focuses--sometimes exclusively—on creating a snazzy user interface. But failing to conduct interface analysis in a early increases the risk of project delays, overruns, and even failure. In this column, Mary Gorman makes the case for investing in interface analysis by explaining what it is and how it reduces the risk in software projects.

Mary Gorman's picture Mary Gorman
The Case for Cooperation between White-Box and Black-Box Test Tools

Although white box and black box testing both produce good results, they are more reliable when done together. Bryan Sullivan lists the strengths and weaknesses of each testing approach and how gray box" testing should be in your testing strategy.

Bryan Sullivan's picture Bryan Sullivan
Testing is Essential to Agile SCM

Rather than being an afterthought for SCM, an appropriate testing strategy is what enables an SCM in an agile environment. To be more agile, you need to avoid the silo-based perspective of development, SCM, and testing being three different disciplines. Instead, think about how the processes in one part of your development ecosystem affects what you can do in the others.

table for test execution Planning the Endgame

What can a test manager do when a project manager says, "Test faster!" or tries to cut the amount of testing to meet a project release date? Fiona Charles says that you can argue for the time and resources you need by incorporating the endgame into your estimations. In this week's column, Fiona details how to structure a winning argument by paying close attention to all the activities that occur during testing.

Fiona Charles's picture Fiona Charles
Changing the QA Mindset for Rich Internet Applications

Today's Rich Internet Applications (RIAs) bear about as much resemblance to the early Web sites of the 1990s as today's cars bear to a Model T. While the principle may be the same, the underlying technology is radically different. While safety testing for automobiles has improved significantly in the past hundred years, though, Web-application testing remains stuck in a 1990s mindset. In this week's column, Bryan Sullivan explains that QA must change its testing approach in order to maintain the security of the code.

Bryan Sullivan's picture Bryan Sullivan
What Not to Test When It's Not Your Code

This article is a continuation of a previous write-up on "What to Test When It's Not Your Code." As mentioned previously, test strategies should be radically different and flexible when it comes to testing code delivered by any vendor external to an organization. Similarly, the rationale behind deciding what does not need to be tested or what is given the lowest testing priority for external software products should be radically different from the rationale practiced for in-house software products. The reason for the differences has a lot to do with the risk posed by the third-party application on the daily operations of the organization. Also, the credibility of the vendors can play a major role when deciding what takes a lower priority in testing.

Ipsita Chatterjee
A Game Plan for Rapid Test Planning

Rapid test planning is a process of cultivating test ideas within minutes, rather than days. It's opposed to rigorous test planning, which may strive to document every test possibility. The mission is to get testing on the road now, finding critical things to test, and getting important information to stakeholders quickly. In this article, Jon Bach explains how easy it can be to tackle a rapid test plan once you've got a strategy in mind.

Jon Bach's picture Jon Bach
Looks Do Matter

In a previous article published on this site, "Testing the Bold and the Beautiful" (May 2001), the author received many thoughtful comments and questions about the importance of aesthetics in software. This paper was inspired in part from those questions. It clarifies the difference between aesthetic testing and usability testing. The paper makes the business case for "beauty testing" and argues that an ugly UI can undermine the bottom line. It offers methods and a survey-template for successful aesthetic testing. The paper concludes with a list of "Facts and Myths, Dos and Don'ts."

Yogita Sahoo's picture Yogita Sahoo


StickyMinds is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.