Thursday, January 29, 2009

What is the future of Software Testing?

Outsourcing was the main way a lot of testing gets done in 2008, but it wasn't always in that way. In the beginning, very little testing was outsourced. Testing was performed by people employed within the same organization that wrote the software. Developers and testers worked side by side to get the software written and tested.

For the last decades Software Testing industry experienced big changes as testing moves earlier in the process and becomes more important for whole cycle of development. Today, testing plays significant role in development process to ensure reliable quality and security of the product. Software testers and analysts are now key part of any product team. Outsourcing giants are deriving up to 10 per cent of revenue from software testing services and significantly growing each year.

However, there is a gap that exists in testing that deteriorates quality, productivity, and the general manageability of the entire development lifecycle. It is the gap between bug creation and bug detection. The larger the gap, the more time a bug stays in the system, and the longer bugs stay in the system the more expensive is to remove them. In the future testers should eliminate that gap by change the way they do testing.

In 2008 developers introduce a bug right before an accident just with a few concerted attempts made to find the bug until the binary is built. Inserting the bugs programmers allow them to feel free until far too late in the process where testers depend on late cycle bug finding. But Testing is too important to wait until the end of the development cycle to start it.

Recent announcements of the leading organizations ranging from Symantec to Microsoft about Top 25 programming errors that lead to security bugs emphasize an avoidance of those mistakes by programmers and computer science programs. All that proved once again that "Quality has to be everyone’s job".

So, what is the future of software testing? Will it be a testsourcing era, where test techniques move deeper and earlier in the development and testers will do work more similar to software design than software verification. Will Software Tester deal with structural bugs or business logic bugs? Dealing with business logic bugs means that Testers have to understand business logic itself, which means more interaction with customers and industries where software operates. In this case Testing not only moves earlier in software development cycle but involve itself with requirements and prototypes that it haven't done before.

As for the numbers there are some estimations of Indian companies indicated that global software testing business will reach $13Bl by 2010. But as Satyam scandal rocks outsourcing industry we may have different forecasts. As for the main trends in the industry there are suggestions that software testing in the future will look very different than it does today. The recent development of new emerging technologies such as SOA, web services and SaaS, alongside with agile approach in software development and increased emphasis on 4Rs will significantly change main trends in application testing.

In increasingly automated and "robot" driven engineering environment , the Testing professional will continue to be pivotal in the Software Engineering Lifecycle. Working in multi-disciplinary teams alongside with Subject Matter Experts, Business Analysts, Architects and End Users, they will continue to play the roles of: arbitrator, mediator, translator and negotiator between other parties, ensuring that their ideas are not only effectively specified and designed, but that the criteria required for effective quality and testing is captured and articulated into the models and tools, so that test are accurately generated by the "robots" to verify the design and validate the requirements.

In the future Testers will concentrate on adding value to the business and software development lifecycle and will operate in a new more important position where the combination of their structured process driven approach, creativity and ability to articulate quality and testing criteria into the models will be crucial in the success of Business implementation of technology.



Viva Testers ;)

Thursday, January 22, 2009

Top 25 Programming Errors for Software Testing

Recently experts from more than 30 US and international cyber security organizations announced the consensus list of the Top 25 programming errors that lead to security bugs and that enable cyber espionage and cyber crime. Most of these errors are not well understood and accepted by programmers; their avoidance is not widely taught by computer science programs; and their presence is frequently not tested by organizations developing software for sale.
The impact of these errors is a tremendous. Just two of them led to more than 1.5 million web site security breaches during 2008 - and those breaches infected the computers of people who visited those web sites, turning their computers into zombies.

Among people and organizations cooperated in the project there are respected security experts who come from leading organizations ranging from Symantec and Microsoft, to DHS's National Cyber Security Division, NSA's Information Assurance Division, the University of California at Davis and Purdue University. The initiative was managed by The MITRE and the SANS Institute, financial support came from the US Department of Homeland Security's National Cyber Security Division.

Despite there were some heated discussions the experts came quickly to agreement. "When facing a huge application portfolio that could contain many thousands of instances of over 700 different types of weaknesses, knowing where to start is a daunting task. Says Jeff Williams, Aspect Security CEO and The OWASP Foundation Chair, "Done right, stamping out the CWE Top 25 can not only make you significantly more secure but can cut your software development costs."

The Office of the Director of National Intelligence expressed its support saying, "We believe that integrity of hardware and software products is a critical element of cybersecurity. Creating more secure software is a fundamental aspect of system and network security, given that the federal government and the nation's critical infrastructure depend on commercial products for business operations. The Top 25 is an important component of an overall security initiative for our country. We applaud this effort and encourage the utility of this tool through other venues such as cyber education."

Software testing tools will use the Top 25 in their evaluations and provide scores for the level of secure coding in software being tested. In parallel with this announcement, on January 12, one of the leading software testing vendors is announcing that its software will be able to test for and report on the presence of a large fraction of the Top 25 Errors. Application development teams will use such testing software during the development process.



Prepared by TestLabs of Mirasoft Group

Based on SANS Publications

Wednesday, January 14, 2009

Main trends in test and measurement in 2009

 

The current economic crisis has already affected almost every industry around the globe including both IT and technology industry. Recently two technology giants Google and Lenovo announced of significant shortening of their contract (Google) and permanent employees. This global economic climate has changed the outsourcing behavior of many IT companies by placing additional constraints on their budgets and makes them seek to get more for less.


Given this tight economic conditions it's very reasonable to figure out how you can organize your IT more efficiently. For test engineers it can be translate into how to perform testing more cost-efficiently than ever before. Followed this uneasiness National Instruments (NI), a worldwide player in test and measurement recently identified main trends that will significantly improve the efficiency of test and measurement systems in 2009.  So here they are, software-defined instrumentation, parallel processing technologies and new methods for wireless and semiconductor test. As NI claims these trends will help engineers develop faster and more flexible automated test systems, while reducing their overall cost of test, companies from all industry segments will achieve significant benefits from applying these methods on board.


More and more engineers are using software-defined instrumentation along with the latest commercial technologies to achieve new levels of measurement performance and lower test costs by applying the latest technological advancements such as multicore processing and field-programmable gate arrays (FPGAs) in their test systems to meet the demands of new application areas such as wireless and protocol-aware test.



 

Prepared by TestLabs of Mirasoft Group Ukraine-based offshore IT service provider

Based on publications: National Instuments