Академический Документы
Профессиональный Документы
Культура Документы
www.TestingCircus.com
* Testing Circus salutes
Apart from the assistant editors, we are surrounded by our core group members and other tech and publicity guys. We will also Few months back when I wanted to have few publish about them in next issues to come. helping hands and asked people to join me as assistant editors, these seven guys extended In other news, we have included a special their support. section of articles on tools, utilities and views in collaboration with Tool Journal. Riyaj Shaikh, Selim Mia, Ashik Elahi, Tool Journal team has promised to provide Gagan Talwar, Asif Iquebal Sarkar, Ajay quality and suitable content for us regularly Sharma and Brian Osman worked with me which I am sure would benefit our readers. to make Testing Circus a world class monthly testing magazine. We have also started a new column Book Worms Corner from this month. Thanks to After one year of our publication, five of our James Bach and Pradeep Soundararajan for assistant editors have still agreed to put their recommending books to our tester readers. effort for Testing Circus and they are committed to make this magazine a useful Thanks to readers who sent birthday wishes magazine for software testers. to us after we published our September issue. We could not print all the messages but your Testing Circus is expanding and we will wishes have delighted us. Thanks again. need more passionate testers to continue our bright journey in years to come. We will be - Ajoy Kumar Singha joined by many bright minds but these are Editor-in-Chief the guys whose help we would never forget. http://twitter.com/ajoysingha In this issue we have included their brief editor@testingcircus.com
Write to us at editor@testingcircus.com
www.TestingCircus.com October 2011 -2-
Testing Circus
In this issue
Volume 2 - Issue 10 - October 2011
Editorial Letter to the Editor Fake Training programs... Interview with Lanette Creamer Promoting Software Testing in Your Organization Book Worms Corner Crack The Code! Testers at Twitter Requirements are The Source of All Project Evil The death of Quality Test Events for November On a lighter note You Want It When? (Part 2) Heroes of Testing Circus QTP Code Corner Software Testing News **Testing Corner www.TestingCircus.com Tools Journal October 2011 Jaijeet Pandey Bernice Niel Ruhland Jason Buksh Trish Khoo Rob van Steenbergen WoBo Blindu Eusebiu Fake Software Tester Ajoy Kumar Singha
2 4 5 7 11 14 15 16 19 22 26 29 30 33 38 40 45
-3-
ditor he E to t etter L
Congratulations Testing Circus team for completing one year. You guys are really putting good effort to update how things are going around in the Testing World. I have started reading Testing Circus magazine two months back when it which was posted in our company intranet. I found the articles really useful and never missed any issues after that. This is really helpful for those who people are involved in testing as well as for the new comers coming into the testing world. One thing I would like you to suggest is apart from the regular pages, could you include articles about mobile application testing and the tools used? Regards, Sijin Kumar S.
-----------------------------------------My best wishes for your magazine to complete one successful year. This is the best magazine of the testing magazines I have seen. All new ideas, news section and sections giving us inspirations to learn more. Thanks for this. This magazine is important for both fresher and experienced testers. Bhupal Bisht
-----------------------------------------You people ROCK!! guys. All The Best and Happy Birthday. Bharath S.
Write to us at
editor@testingcircus.com
www.TestingCircus.com October 2011 -4-
1 Part
Anyway, this month, our training departments sent us a circular. They were reaching out to us to understand what are the various soft skills that a tester 1) Un-learning would need, so that they can include it in their train- Ever wonder why most of us don't learn a lot? It's ing program. because we belong to the category of "Iknowitall" and refuse to learn. If only we had a training program to Here's my top 5
www.TestingCircus.com
October 2011
-5-
help us un-learn what we already know, would it not area. The old man sitting next to you in the company bus might be a Senior VP, after all. The person that speed up our learning as well? you have lunch with at the client location might be another project manager who might be thinking 2) Curiosity Can you teach anyone curiosity? For most of those, about whether they need to give you your next the concept of gravity was initiated by the thought of project or not. Can a training program be designed to Curiosity in Sir Isaac Newton's mind. Would not improve your "networking" quotience? Can a trainthere be better testers if we could teach them curiosi- ing program be designed so that you get better netty? Would it be possible to teach someone about working skills and start networking more and more? "Curiosity as a soft skill" and how it can be implemented to do a deep dive into the product to flush And you know what happened... none of them hapout bugs? Can someone teach me to be more "inquis- pened. My email remains in the archives of the training department. They are still having their soft-skills itive"? focused on how to eat a pizza, theoretical skills of negotiation, etc. So sad! What do you think? Do you 3) Eye for Detail Well, being a tester, one very good quality that we think if these programs make any kind of sense? need to imbibe is to have an "eye for detail". For example, you would need to look at all parts of the A fake Testers Diary was first published in screen to flush out that small bitmap image which Testing Circus January issue. New Readers are does not fit into the screen; you might want to look encouraged to read our old issues at closer for the JavaScript error messages that keep appearing out of nowhere; you would need to look www.testingcircus.com to understand the more closely at audio-visual synchronization if you journey of a fake software tester. are involved in testing multimedia products. Would it be possible to have a training program that grades Keep reading future issues of Testing Circus to me on my current level of "eye for detailing" and that know more!!! Do you have anything to say about which helps me in improving it? fake testing practices? 4) Identify mis-guides Well, there are so many guides and mentors available in this world. But how will you know if it you are being misguided? How will you identify if you are being mis-mentored? Can a training program be designed so that I can identify when I am being mis-guided and I can stop myself?
Write to us. faketester@testingcircus.com By the way, have you seen the blog on fake software testing? Here it is http://fakesoftwaretester.blogspot.com Editor
A platform for software testers to collaborate, test various kinds of software, foster hope, gain 5) The importance of networking peer recognition, and be of value to the Networking is very important. Why? Well, would community.
that not be your network of people that you turn to when you hit a road-blocker? The person sitting right next to you in your cab may be a whiz kid in your
www.TestingCircus.com
Lanette Creamer
Lanette Creamer likes testing software even more than Diet Coke and cats. After working for a decade at Adobe, including leading coordinated testing across products on the Creative Suites, Lanette jumped into consulting, working independently as Spark Quality LLC. Throughout her career, Lanette has evangelized advancement of real-time human thought above process solutions in software quality. Testing should be customized, using a context appropriate balance of automation, and tool assisted creative black box techniques to get effective coverage. Deeply passionate about collaboration, she believes it is a powerful solution when facing complex technical challenges. Lanette is an active participant in the testing community and a writer in her well known TestyRedhead blog, on Twitter, and occasionally in industry magazines and technical papers.
Feature
with the idea that if I hated software testing after six months, I would have finished my contract and could look for other work. The first week of software testing at Adobe was terrible. I worked through scripted test cases in a matrix until I was bored out of my mind. I was very close to wanting to quit before my career ever started. Then that very afternoon, when I had nothing left to loose but that temporary job, I deviated from the script. A few minutes later, I found my first bug. It was literally like a light switched on in my brain, and Ive enjoyed testing and creatively running tests ever since. I still cover scripted test cases from time to time, but now I am sure to add as much variance as possible while still covering the core objective. 3. You started Spark Quality LLC. How different it is working in a company like Adobe and working independently in own organization? Owning a business is time consuming. As a software tester, we already wear many hats. We are sometimes
www.TestingCircus.com
October 2011
-7-
the developer of automation, the ambassador between the user and the developer, and at times the quality police. Im used to switching roles, but never before have I had to negotiate contracts, purchase insurance, be a full accountant, and even a collections agency and marketing firm. There is so much to do that it cuts in to the time I have to test. Those who have never tried to be independent may not understand the costs involved. I am insured, licensed, and I have signed contracts. Still so much has to be negotiated outside of contracts. There is one single reason that I love working for Spark Quality LLC, and that is that my focus is on doing great testing, and I adore not writing SMART goals, or dealing with company initiatives that have little to do with creating great software for end users. As a company of one, I have a single goal. That is to deliver great work that makes my clients happy, and earn enough to stay in business so that I can continue to do so. I would love to one day provide a wonderful place for another tester to work. A place with a learning culture where testing is appreciated, and silly initiatives and painful review processes dont happen. Unfortunately, in the current economy, many larger companies have become less humane. I feel extremely blessed to be a small business working with other small businesses to exist outside of the Wall Street world of big finance, big secrets, shareholder meetings, and corporate boards to impress. It is wonderful for this small fish to swim in a small but clean pond. It may seem unimportant to those are used to working with a brand name company. I want to do great testing work on software and see the results of my testing. I get to see the changes as they happen, and hear back from end users. That is the beauty of working for a small company. It is also the risk, because if I mess up, there is a CEO calling me, and there is no one to blame but me. 4. What is suggestion to those who want to go independent like you did by forming own company? I would suggest that they learn some basics of business, such as contract negotiation, taxes, and make sure that they have enough capital so that they can survive. Id also recommend not starting work for yourself unless/until you have a client to work for. I worked for a consulting company that I liked
very much before I started my own company. I was very happy with Sogeti. The reason that I went independent was that I had an opportunity to work for a client, but only if I signed with them directly. That would have been the wrong thing to do when I was working for someone else, so I decided to become my own company. 5. Where do you see Software Testing in next five years? I see some exciting trends! First, there are a few companies that have clean coding practices, continous integration, and are testing in production and in the cloud. Everyone else, and I mean the vast majority, still need help to get there! I see large companies feeling as if theyve solved these problems, so theyre done. Not so fast! Weve got some seriously legacy shops who havent upgraded in ages. In my dearest dreams we have no more large computer labs for testing. We have glorious perfect cloud labs that we all can access and I no longer have to manually click through ANY OS installs. For testing, I can get any operating system with my tools, all of the browsers, and I can start that up instantly. I dont mean the version of instant the cloud means where you take 10 minutes and connect through a remote server. I mean NOW, like 10 seconds or less later. That is the instant I want. Also testing is going to mean security and performance testing too. No more niche specialists who do just this. Tools that work for the majority of web solutions out there, and only the major platforms need specialists. Everyone else will have the platform baselines and validate that we arent slowing anything down either over time, with load, or with errors. When the platforms we test on have known performance, what we are really testing for is our variation from it compared to the competition. By that I mean that some large companies have unfortunately gone in a direction that has demotivated and disenfranchised their employees. For many years, companies enjoyed employees who had near religious furvor and loyalty. Those companies who showed their long term employees that the loyalty was one sided have started quite a bidding war for talent. The companies who are going to invest in their employees long term and take care
www.TestingCircus.com
October 2011
-8-
of them are going to be able to out perform those that behave dismissively. The difference between a high performing team and a more moderate team is how much the people LOVE the job. If they really love it, it shows. That love needs trust and loyalty. It is earned with years of good treatment. Bad management for just one year is enough to destroy it. It takes more years of progress to get back to neutral. 6. What qualities will you look for in a candidate when you want to recruit someone for software testing job? Its been awhile since Ive had the joy of recruiting someone to work with me. Instead, Ill tell you about the folks Ive given referrals to for testing jobs this year. The number one thing these 6 people have in common despite their different backgrounds, races, genders, age, interests, and experience is that I trust them. If any one of these people were to tell you that they tested something, Id bet my job that they did. They are serious and professional about testing. The second thing is that they are wonderful to work with. I know that they will be a great team member, and they are willing to do whatever it takes to get the job done. There are always some tasks that we may rather not do, but part of testing is powering through, asking for help, and finding a way to solve difficult technical issues. It takes someone who has the strength to keep trying when things are difficult because you are counting on them. The other quality they have in common is initiative. I wont recommend a tester who will sit around and await directions. I like to work with someone who will start testing if the documentation isnt ready. Ask questions. Make their own meetings. There are so few testers now compared to 5 years ago that no one has time to drag along dead weight. The testers who can make it long term have learned that it is their job to figure out how to test well. 7. Tell us about your association with testing community. I enjoy staying in touch with other testers. For a community that is so diverse, I always find myself surprised that we are facing many of the same issues. The way testers solve problems in one area can help me when applied to a totally different set of circumstances. Im also enjoying learning new tools
as they come out, and trying to see how I can get more testing done in the time I have.
www.TestingCircus.com
October 2011
-9-
OTHERS FROM DIFFERENT ARE WE We have an extreme competitive edge over others. We understand where your costs are burnt. We....
HOW WE HIRE TESTERS? We want to make Moolya Testing a dream company for aspiring good testers. We have...
FOUNDING TEAM We earlier wrote this section under heading "management" and then thought that would ...
http://moolya.com
www.TestingCircus.com
October 2011
- 10 -
Feature
www.TestingCircus.com
October 2011
- 11 -
www.TestingCircus.com
October 2011
- 12 -
The mind map could also be a list or Visio drawing or some other visual drawing.
This will be the scope you will discuss in your meeting or interviews.
During the session During the session or interviews, keep a list of quality attributes on your desk and when the risks are mentioned, just check if all quality attributes have at least one risk mentioned. If, for example, the quality attribute usability has no risk mentioned, you should ask the group if usability is something where risk would occur. A good quality attribute list Ive learned from the Rapid Software Testing course I went to: CRUSSPIC STMPL Capability, Reliability, Usability, Security, Scalability, Performance, Installability, Compatibility, Supportability, Testability, Maintainability, Portability, and Localizability
Rob van Steenbergen is an independent software test consultant from The Netherlands. In the last 5 years he has been involved in infrastructure projects and is now working at Leaseweb. He is working in agile projects, infrastructural and software products, coaching new testers and helping with setting up and improving the testprocesses for this company. For more information visit www.chickenwings.nl Rob can be reached at http://twitter.com/rvansteenbergen E-mail: rob@chickenwings.nl
Risks have a chance of failure and height of damage At the highest level a risk has a chance of failure and a height of damage as I explained in the previous part. The technical people (developers, designers, testers) often can estimate the chance of failure. The damage for the business is better estimated by the business people (sales, support, and management etc).
www.TestingCircus.com
October 2011
- 13 -
WoBo
Book Recommendations From The Masters & What They Have To Say About It
JAMES BACH 1) Introduction to General Systems Thinking, by Gerald M. Weinberg This is a book about how not to be fooled by systems. It's a deep book. It's not easy to read. But if you study it, you will know what it means to think like a tester. 2) The Pig That Wants to Be Eaten: 100 Experiments for the Armchair Philosopher, Julian Baggini This is a book about thinking deeply. But it's presented in a wonderful accessible way. Each chapter is just a few pages long, and presents an interesting puzzle. PRADEEP SOUNDARARAJAN 1) Jonathan Livingston Seagull I have started to use this book as my pre consulting must read to all clients. 2) Perfect Software & Other Illusions About Testing This book has made me go through a see-saw ride of my understanding of testing and my respect for someone instantly raises when I hear that they have read this book. www.TestingCircus.com October 2011 - 14 -
Eusebiu
What is the maximum number of balls of diameter 1 that can fill a cube of 10x10x10 in size?
Blindu Eusebiu is a tester for more than 5 years. He is currently hosting European Weekend Testing. He considers himself a context-driven follower and he is a fan of exploratory testing. He tweets as @testalways. You can find more interactive testing puzzles on his website http://www.testalways.com Send your answers to
testalways@testingcircus.com
www.TestingCircus.com
October 2011
- 15 -
Alex Kell
Quality Assurance Architect, gamer, father. XBL/PSN - Kellk http://www.managetotest.com 555 Following 576 Followers 37 Listed http://twitter.com/Wiggly
Christopher Chartier
Software tester/developer for many years. Now dedicated to software testing as a science and sometimes an art. http://www.chrischartier.info 269 Following 163 Followers 8 Listed http://twitter.com/ChartierMcpe
BugCam
The Easiest Way to Add Video to Your Bug Reports! http://www.getbugcam.com http://blog.getbugcam.com 1956 Following 1296 Followers 12 Listed http://twitter.com/GetBugCam
http://Twitter.com/TestingCircus
www.TestingCircus.com October 2011 - 16 -
i ng Test
y db dite e nd ed a sting. nd fou are te ng i w test n soft are so w t soft subjec on s ine ariou gaz ma ishes v ly bl nth mo ine pu a z is aga cus Cir The m com s. a. ting Tes singh gCircu y n o @aj //Testi g : in s http ollow s ircu F er ngC 339 ollow sti F /Te 742 sted om i er.c 46 L //twitt : http
cus Cir
llo Fo
u w
tT sa
ter it w
rcus gCi
www.TestingCircus.com
October 2011
- 17 -
Well not all evils but most project evils. Today I wear my Technical Project Manager hat and Im going to propose the source of most IT project ills. This is particularly relevant for Greenfield IT projects. Im also going to touch on why it is impossible to test everything. Background I came across a question on a forum and someone had asked how many test cases were necessary. Someone responded saying aiming for 100% coverage of the requirements would be good. Now 100% coverage (to me) should mean that have exhausted every possible outcome a system can produce. Requirements coverage is very different and means something else entirely it also tends to lead to a false sense of security. There are coverage tools available (e.g. Requisite Pro)so you can link Test Cases to requirements. If you link all the Test Cases to the requirements then hey presto, you can report 100% coverage. It became quickly apparent to me that just because you had a test case for each requirement didnt mean you had 100% coverage. What it meant is that you had written a test case for that requirement but actually the coverage largely depends on the knowledge and skill of the person testing it. In reality you need several test cases to cover a single requirement and in reality no one has time to exhaustively write and test all the possible outcomes. Lets take a hypothetical situation:
Now lets take an abstract view on the problem. The reason it is impossible to test everything became apparent after I recalled a university lecture: I had opted for a mathematics module and was being subjected to a series of classes teaching Z notation. For those of you fortunate enough not to go through these lectures it was a way of defining and specifying requirements in a mathematical notation. The requirements specification ended up looking like hieroglyphics. I asked my Project X has 10 business requirements professor (Brian Burrows) why this horrible series of 1. Each of these business requirements can be lectures was happening. He said something that stuck with me If you cannot decompose and define a system decomposed into 10 functional specs mathematically you cant fully understand it and it is
www.TestingCircus.com
October 2011
- 19 -
impossible to prove. Wow, I understood. He was saying that unless we could define the requirements rigorously (and the only way to do this is through mathematics) then it was impossible to derive the exact behavior of the system and test all possible outcomes. This is why Z notation came about it was a mathematical way of defining the requirements of the system. So the takeaway here is If you cant define a requirement mathematically you dont fully understand it and you cant test it. (Theory over). Back in the real world, this never happens requirements are never specified using Z notation. Click here for an example of Z notation. Now I think in reality requirements are imprecise fundamentally because English is imprecise. What people mean and what people specify are two different things. It is practically impossible to define something perfectly in English even if you know what it is you are trying to define. Also in the real world the majority of people do not speak mathematics, they speak English. Herein the problem lies. Many IT stakeholders think they know what they want but actually have difficultly expressing and defining what they want. What they think and what they say can be two different things. IT systems that havent been built are an abstract concept to them, so this compounds the problem.
will be prone to different interpretations. When asking users to specify requirements they will make an imprecise description, something imprecise will be built and testing will be fundamentally based on this series of events. This can be exacerbated as there are many layers of interpretation between initial definition and coding. So I arrive at the following conclusion: If it is impossible to state the system requirements precisely how can we possibly test all of the possible outcomes? The answer is we cant. The imprecise nature of requirements also could go some way to explaining the following: 1. Constantly modifying requirements 2. New requirements entering the system 3. Incorrect or badly built systems the system doesnt do what we wanted it to 4. Badly delivered systems that do not meet the customer expectations but meet specifications 5. Failure of large IT projects 6. Defects when the system goes live 7. Failure of a large number of Waterfall development projects (months/years before delivery to end users)
8. .. the list goes on Lets take an example that everyone knows lets say a motor car. Lets say you wanted a Ford Focus and you I find that the majority of issues within projects can usually be traced back to the requirements. Hence the specified the requirement: title Requirements are the source of all project evil. So whats the answer? We cant just throw away stakeRequirement Attempt Result ins holder requirements but if we accept that requireLorry, Bus, JCB Digger, ments are likely to be stated imprecisely we can then [1] Wheels and motorized Couch, Steam roller gear the project methodology around this and enable [2] 4 wheels, motorized and Jeep, Electric Car, Bus, better delivery. carries 4 people Mini Van This for me is where SCRUM is a step in the right [3] 4 wheels, motorized, 4 direction One of the major strengths of SCRUM is the Car (of a 1940 variety) people only, petrol way it fundamentally attempts to force regular deliveries. Stakeholders cloudy requirements become less [4] 4 wheels, motorized, 4 cloudy and more solid as they see the product being people only, petrol, boot, .. delivered. Validation knowledge is transferred beenclosed, capable of 60 mph tween stakeholders and the delivery team by forcing Even with the last requirement there are still a multi- regular education (and vice versa) between builds. tude of machines and cars that will fit the bill. Now the Dumb Prototyping of screens with stakeholders in the above example may seem like an exaggeration but requirements stage is also another way to help firm up what it is attempting to illustrate is that that even when requirements as are Requirement Reviews. I will talk stakeholders know what they want the requirements about more ways to make a project successful in anoth-
www.TestingCircus.com
October 2011
- 20 -
er article. Imprecise requirements have an enormous impact on a project man days and project durations are affected exponentially. The people it affects most are the people at the end of the IT project food chain testers (testing timeframes squeezed) and users (attempting to make a system they dont like work). More time needs to be spent getting requirements correct and validating understanding. Key takeaways: 1. The language in which initial requirements are specified is imprecise. 2. Regular engagement between end users and application delivery will result is fewer project evils 3. If we accept requirements are defined imprecisely we can plan accordingly and deliver a better product Im surprised at how many IT projects attempt to follow a process mindlessly without attempting to understand the thought principles behind them (such as Agile). This I attribute to unqualified and bad management (link to future article here). So thats my proposition as to why it is impossible to test everything it also outlines a fundamental root cause which gives rise to many issues within projects. I hope you have enjoyed.
Jason has had over 2 0 years expe rience in the IT industry. His formative years were spent cutting his teeth on the Vic20, then 6502 on the BBC MicroComputer. Its fair to say he has always had a passion for technology. He has successfully conducted performance testing for a diverse client base ranging from CFD Trading, investment banking, online gambling companies and travel companies. What is striking is that each of his clients have all have different issues which can be solved by a core common approach. Jason aims to share his experiences, thoughts and approaches. His Blog can be found on www.perftesting.co.uk
Watch out Tools Journal Testing Corner in this issue 10 Free and Open Source Tools For Security Testing -
SpiraTest - What Makes It Complete Test Management Solution? 6 Best Practices To Embrace Agile Testing -
www.TestingCircus.com
October 2011
- 21 -
www.TestingCircus.com
October 2011
- 22 -
theyre not going to die today. And the quality of life they have in the meantime can be made a lot better. I nodded. I guess thats true. Once you accept mortality, medicines not that hard. Its actually quite rewarding. Perhaps we need a mentality shift, and a different way of seeing our role. If we see ourselves as the cure for bad software, then were going to be repeatedly disappointed. I emailed my friend James Martin for his perspective, and he offered this one: How about working to make something better? What if all any of us did, regardless of job title, was try as hard as we could to make the best stuff possible, accepting the fact that even the best of us has only a fragile grasp of what it takes to make something that another person will be delighted by. Personally, it helps me to think that my whole job description is to make things better. That way I can solve problems using whatever tools feel right for the task at hand and I dont feel constrained by someone elses opinion of who I should be and what I should do. As usual, the people setting the standards for our profession do so without knowing our context. But we can set our own standards for ourselves and play by our own rules. I like to think that you and I did that last year. I still think of what we did at Campaign Monitor as my best work. If quality is dead, what are we doing here? If we are adding value, what is it and how do we measure it?
Trish Khoo manages the test team at Campaign Monitor (http://www.campaignmonitor.com/), a small company in Sydney with a strong global presence. Trish began her career as a commercial web applications developer in Brisbane and then moved to Sydney to become a .NET developer at Microsoft. After discovering an affinity for testing, Trish moved into a consultancy role as a tester for the Microsoft Solutions Development Centre, where she specialised in test automation solutions. After several very different test management roles, Trish eventually joined the crew at Campaign Monitor. She has been there for almost three years now. Trish regularly writes about software and testing on her blog (http://trishkhoo.com) and talks about testing on her podcast Testcast (http://testcast.net/), with co-host Bruce McLeod. She also writes articles for The Testing Planet (http://www.thetestingplanet.com/) and Testing online Circus (http://testingcircus.com/) publications. Recently, Trish spoke about test approaches at the STANZ conference in Melbourne. She encourages a more active testing community in Sydney by organising Sydney Tester Meetups (http://www.meetup.com/Sydney-Testers/).
www.TestingCircus.com
October 2011
- 23 -
We need people from all over the world. Become a Testing Circus Representative (TCR)
www.TestingCircus.com
October 2011
- 24 -
Testing Circus is subscribed and read by software testers in 74 countries. We are growing every month.
***Advertisement rate starting $25/per month. Write to us at ads@testingcircus.com for a detailed media and advertisement kit. www.TestingCircus.com October 2011 - 25 -
www.TestingCircus.com
October 2011
- 26 -
www.TestingCircus.com
October 2011
- 27 -
www.TestingCircus.com
October 2011
- 28 -
On a lighter note
Power of i
www.TestingCircus.com
extended hours at a point in the project where time much fresher testing team and can improve mois of the essence but before hitting a critical point rale! where all nighters are required. Take Care of Yourself When testers need to work late, determine what Intense testing can cause a tester to spend hours in support they may require from developers and front of a computer without taking breaks which other employees to ensure that problems are re- can lead to burnout and computer injuries. It is solved to reduce downtime. Talk personally to important to take small breaks away from the comemployees who are on call to ensure they under- puter. A short walk or stretching can get the blood stand the importance of their role and their contri- flowing and loosen up tight muscles. Test teams bution to meeting the deadline. Nothing is more are known to get through late nights with sugary frustrating than working late without the proper pops, cookies, and candies. This is not a time to support or the ability to see progress. skip meals no matter how tight the timeline. Eat healthy meals and try to get your proper amount Consult your Human Resource representative or of sleep. the employee who can authorize reimbursement for dinner expenses. It is important that testers are Aggressive timelines can increase stress levels and taken care of in terms of healthy dinners, beverag- tension between team members. Taking care of es, and snacks. you can help manage these emotions. When the stress level starts to rise, use whatever works to help you cope such as a stress ball or a quick walk. If tension rises between team members, one method to reduce problems is to take a small break before continuing the conversation. Proper posture is also important to reduce back and neck injuries. This is not a time to spend hours slumped over a computer. Make sure your work station is set up to reduce neck, shoulder, and hand injuries from repetitive movement. Periodically looking away from the computer screen and blinking can help reduce eye strain.
Diminishing Returns The long hours can take a toll on a testing team including fatigue which can result in missing bugs and introducing errors in test setup and evaluation. Look for different ways to test such as switching from executing test cases to spending time performing exploratory testing. Before escalating problems to the development team, have another tester check the results or at least review with the developer before submitting a written problem. These conversations can go a long way in fostering a healthy working relationship between testers and developers when timelines are short and the stress level tends to increase. If possible, take a night off from working late or at least not staying as late to give the team some down-time. A break from testing can result in a
Celebrate Your Accomplishment! Once the deadline has been met, reward yourself with a celebration! Whether you go to your favorite restaurant or buy yourself a gift make sure you do something special. October 2011 - 31 -
www.TestingCircus.com
Thank those who had a significant role in supporting the testing team as everyone likes to have their contribution acknowledged and be sure to communicate to their manager how they supported the deadline. This is good for morale and can help foster support for future projects. The Test Manager and Test Lead should thank the testing team for their dedication to making the deadline. It is important to recognize their contribution, dedication, and hours worked. Do not take the testing team for granted or you will lose them! Conclusion Working extended hours is a part of a testing team life; however fluid planning and good communication between testers and developers can ensure the appropriate bugs are fixed to ensure testing continues. Understanding when to work late nights is important to balance both time constraints and ensuring progress is made. Addressing diminishing returns will help reduce false positive bug reports and missing real bugs. Testers need to take care of themselves from nutrition, sleep, proper posture, and computer set-up to reduce burn-out and injuries. Once the deadline is met, celebrate with something special; thank the testing team; and the employees who supported them meeting the deadline.
Bernice Niel Ruhland is a Software Testing Manager with more than 20-years experience in testing strategies and execution, developing testing frameworks, performing data validation, and financial programming. She devotes many hours to reading testing approaches adopted by other testers to challenge her own testing skills and approaches. When not exploring the testing world, Bernice enjoys cooking and spending time with her husband living a health-conscious lifestyle. The opinions of this article are her own and not reflective of the company she is employed. Bernice enjoys interacting with other testing professionals. Apart from other activities Bernice regularly contributes to Testing Circus Magazine. Bernice can be reached at: http://www.linkedin.com/in/bernicenielruhland & http://twitter.com/bruhland2000.
Testing Circus wishes its Indian Readers a very happy and prosperous Diwali!!
www.TestingCircus.com October 2011 - 32 -
Small efforts can create big revolution. Testing Circus is a magazine of small efforts of passionate individuals. Here we introduce to you our Assistant Editors who help us bring out the magazine month after month with their small and passionate effort. We would like to thank these five passionate testers who have been helping us in our publication. We are proud they are with us as our Assistant Editors. ~Ajoy Kumar Singha Founder and Editor-in-Chief
Becoming a software test engineer was never a part of his plan. It just happened and he is glad that it happened. Exploring new technologies and finding issues and finding security holes in software always had been his passion. And now he is getting paid to do that. Known as , he is very passionate about software testing, is a quick leaner. Ashik never fails to ask both right and wrong questions. Ashik has tried his hands to test many web applications, mobile applications, data warehouse project within his short span of career. Ashik is now working at IMS as Test Engineer. He blogs at http:// scornik.blogspot.com Ashik can be reached at ashik.elahi@testingcircus.com and http://twitter.com/ashik_elahi
www.TestingCircus.com
October 2011
- 33 -
is a tester and he is working to help grow the testing community in New Zealand. Early this year, he founded KWST with James Bach as faciliator. It was an awesome peer conference as it brought together 17 test leaders in New Zealand to discuss and debate and build a leadership community. He has been in testing about 13 years and has worked in a number of different envionements. Currently he is a test manager on a project whereby they are using session based testing tracked on a 'kanban' wall. Brian often writes posts his thoughts in his blog http://bjosman.wordpress.com
www.TestingCircus.com
October 2011
- 34 -
is a tester by choice. He dislikes test cases and loves exploratory testing. Asif is currently working at CMC Limited, Bhubaneswar. He is sceptical when it comes to using tools. Personally likes WATIR and believes that the best tool is the human brain. Asif has been contributing to Testing Circus as Assistant Editor. Asif can be reached at asarkar@testingcircus.com or you can follow him at http://twitter.com/Asif_Iquebal
www.TestingCircus.com
October 2011
- 35 -
www.TestingCircus.com
October 2011
- 36 -
Testing Circus
Are you missing our discussions on facebook? Join Testing Circus Fan Club. Get updates and messages directly on your wall.
http://www.facebook.com/TestingCircus
www.TestingCircus.com
October 2011
- 37 -
i Test
ng
e us R Circ
ar ul
t ea
ur
Use of SetToProperty : At run time properties of Object can be changed and you can use the single object for various operations. For example: Add Web in QTP repository, change the innertext property at run time and click on different objects like Images and News Steps: Navigate to Google Home Page Add object Web in repository
www.TestingCircus.com
October 2011
- 38 -
Notice the line # 3,8,13 and 18. Have a look at more such code snippets in
http://jaijeetpandey.blogspot.com
Jaijeet Pandey has over 5 and half years of experience in Application Development, Maintenance and Testing. From more than last 4 years he is involved in automation testing with QTP and Load Runner tools. He is associated with various testing initiatives in NCR region of India. He teaches QTP on weekends. Jaijeet writes his blog at http://jaijeetpandey.blogspot.com He is currently employed with Birlasoft, Noida. He can be reached at http://twitter.com/jaijeetpandey
www.TestingCircus.com
October 2011
- 39 -
Vanakam Madurai, This report would give you a short summary about the Bug deBug Conference which happened in Madurai. Software Industries Development Association (SIDA, http://www.sidatn.org ) is an initiative by the IT Companies of south Tamilnadu which is working towards bringing in IT success stories from the southern districts. SIDA was very enthusiastic to bring together likeminded people from the testing community of Madurai and let the students know about the testing field. This made the core team of RIA-RUI Society (www.ria-rui.org) travel to Madurai and organize the Bug deBug conference there. With the support of SIDA Bug deBug happened in Madurai on September 17 2011 at MADITSSIA. The core team was there two days before the event and getting the logistics ready for the D-day. The event started with a huge turn up from the students community. There were around 400 participants who showed their interest for this conference. The event started with a welcome note by Sathish from RIA-RUI Society and he welcomed all the participants, organizers, people representing MADITSSIA and SIDA and partners of Bug deBug Madurai. He also took this opportunity to let the people know how Bug deBug was born for the testing community. He briefed about the success of Bug deBug Chennai edition. This was followed by a speech from the vice president of MADITSSIA, Mr.Sermapandiyan who was overwhelmed by the number of students who showed their interest to attend this conference. He was welcomed by a great applause when he started his speech in tamil. Mr.Sermapandiyan thanked
*News in Hindi Script.
www.TestingCircus.com
October 2011
- 40 -
Yeshwanth and RIA-RUI Society for conducting such a conference in Madurai and helping the students community in their career. Yeshwanth took over from the dias and introduced SIDA and thanked Bug deBug team and participants for making this event a huge success. The technical sessions had a great line up of speakers like Jayapradeep Jiothis, Suresh Srinivasan, Rajeev Anand, Pradeep Soundararajan, Ganapathi Manthiram and Dhanasekar who presented on the topics such as trends and Opportunities in software testing, Test Coverage, Automation Benefits and its future, debunking some myths about software testing, Achieving 5Es in Mobile Testing and A journey of a context driven tester. Networking during the tea and lunch breaks was a different learning for Madurai participants. The event stressed the importance of meeting the rite people and sharing their thoughts and networking effectively. The most favorite session of all Bug deBug participants, the Q&A Session with speakers, gave a chance to all participants to understand about the industry and get their doubts clarified regarding recession and project outsourcing. The event ended by thanking our speakers and partners of the event with a memento from RIA-RUI Society and of course the participants who went back looking forward for more such events to happen in Madurai. Some of the feedbacks from Bug deBug Madurai participants. - Your sessions were simply superb. We gained a lot of informations and we enjoyed a lot. - M.R. Pandi Kumari - Thanks for given such an opportunity to attend this conference. It was really knowledgeable. - T. Divya - You did a good job. And we need more conference like this. Thank you for such - T. Karthika - After a long time, I had a chance to attend a extraordinary conference, with a good hospitality and excellent speakers, I would expect a national conference from you the next - N.M. Janani - Continue your journey and face new crowd and make them as innovative as possible - B. Jemail More feedbacks about the event can be seen in www.bug-de-bug.com Bug deBug Madurai editions presentations can be viewed at http://www.bug-de-bug.com/archive/madurai-2011/ and informations on our upcoming events can be seen here http://www.bug-de-bug.com/.
www.TestingCircus.com
October 2011
- 41 -
RIA-RUI Society would like to thank its partners for their support for Bug deBug Madurai.
Online Partners who helped us increase the reach of this event to every corner,
Ping us if you would like to partner with Bug deBugs upcoming events or if you would like to apply for RIA-RUI Membership. Catch us here http://www.bug-de-bug.com/contact/ Like our facebook page http://www.facebook.com/BugdeBug to get more informations on what Bug deBug is up to. (Reported by Bharath Raghavan, Chennai)
Show your love for Testing Circus. Send your testing team's or individual photo to us. We will publish the photos here.
Manpreet Kaur,
Worked as QA Analyst in Plavaga Software Solutions Pvt Ltd, Bangalore.
minipillar
Testing Circus
October 20111
Vol 2 - Issue 10
Your time is limited, so dont waste it living someone elses life. Dont be trapped by dogma - which is living with the results of other peoples thinking. Dont let the noise of others opinions drown out your own inner voice. And most important, have the courage to follow your heart and intuition. They somehow already know what you truly want to become. Everything else is secondary.
www.TestingCircus.com
October 2011
- 44 -
Whats Inside?
[Tool Watch] : 10 Free & Open Source Tools For Security Testing [Tool Review] : SpiraTest Product Review [Testing Views]: Agile Testing Challenges
About Us: A start up journal and aspiring social community with an aim to gain and distribute knowledge on software tools and concepts in Testing, Agile, Cloud, Mobile and Enterprise Integration. http://www.toolsjournal.com With over 500 products listed with quality articles, product owner interviews, we are moving swiftly to launch product editorial/user reivews, commuity module in next 2 months.
Give Away
a. Register on our website www.toolsjournal.com b. Leave a comment on here with your toolsjournal user id TO WIN SeaGate External HDD USB 2.0, 7200 rpm 8MB Cache worth $60 absolutely free By 30th October, 2011
* A valid email id should be provided and voucher will be sent to the email id provided.
Connect With Us
@toolsjournal
www.toolsjournal.com www.facebook.com/toolsjournal
www.TestingCircus.com
October 2011
- 45 -
Watcher
Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as operational configuration issues. Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance auditing. It looks for issues related to mashups, user-controlled payloads (potential XSS), cookies, comments, HTTP headers, SSL, Flash, Silverlight, referrer leaks, information disclosure, Unicode, and more.
Wapiti
Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the WebPages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like fuzzier, injecting payloads to see if a script is vulnerable. Capable of handling following. Wapiti supports Database Injection, XSS Injection, LDAP Injection, Command Execution detection, CRLF Injection and many others.
www.TestingCircus.com
October 2011
- 46 -
WebSecurify
Websecurify is an integrated web security testing environment, which can be used to identify web vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The platform is designed to perform automated as well as manual vulnerability tests and it is constantly improved and fine-tuned by a team of world class web application security penetration testers and the feedback from an active open source community. WebSecurify supports SQL Injection, Local and Remote File Include, Cross Site Scripting/Request Forgery, Information Disclosure Problems, Session Security Problems to name a few among many others.
Nikto2
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Skipfish
Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments. SQL, PHP, Command, XML/XPath Injection along with String/Integer vulnerabilities, Directory/File intrusions, Script/CSS vulnerabilities, Password/MIME types vulnerabilities, SSL/HTTP/HTML Forms related vulnerabilities, Failed Website Resource vulnerabilities are few of the vulnerabilities to mention that Skipfish can address among other host of features.
Ettercap
Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many features for network and host analysis. It supports Linux, Mac, Windows, Solaris platforms with easy installation.
www.TestingCircus.com
October 2011
- 47 -
Flawfinder
FlawndersearchesthroughC/C++sourcecodelookingforpotential securityaws.FlawnderisdesignedinPythonandproducesalistof hits (potential security aws), sorted by risk; the riskiest hits are shownrst.Therisklevelisshowninsidesquarebracketsandvaries from 0, very little risk, to 5, great risk. This risk level depends not only on the function, but on the values of the parameters of the function. For example, constant strings are often less risky than fully variable strings in many contexts, and in those contexts the hit will have a lower risk level.
Honeyd
Honeyd is a small daemon that creates virtual hosts on a network. The hosts can be configured to run arbitrary services, and their personality can be adapted so that they appear to be running certain operating systems. Honeyd enables a single host to claim multiple addresses. Honeyd improves cyber security by providing mechanisms for threat detection and assessment. It also deters adversaries by hiding real systems in the middle of virtual systems.
Wireshark
Wireshark, formerly known as Ethereal, is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Wireshark supports Multi-platform and runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others. Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility.
BFBTester
BFBTester is good for doing quick, proactive security checks of binary programs. BFBTester will perform checks of single and multiple argument command line overflows and environment variable overflows. It can also watch for temp file creation activity to alert the user of any programs using unsafe temp file names.
SpiraTest is a one pack solution for Test Management requirements founded by Inflectra, a privately held company. The product comes with a good combination of requirements and release management, overall test case and test management including incident, bug tracking and change management. The product also comes with support to risk and issue management with a powerful dashboard as an information radiator making software test lifecycle productive and efficient. What makes it different is the workflow support for all the test management entities along with very powerful test execution interface as the product core. Relationship between various test management entities like requirements, releases, iterations, test cases, test sets, defects, incidents and risks is very intuitive. It may take some time for an initial understanding of user experience, however once you work through it; it is a sensibly designed product. SpiraTest is a very good tool for small to medium project/programme landscape. Combined with other products in the suite like SpiraPlan, SpiraTeam it could be useful ALM solution. Dashboards My Page is a personalised dashboard of the person who is logged in. This contains all of users searches, assigned incidents, requirements etc. On single click user could easily navigate or retrieve relevant information
Project Dashboard gives all relevant information associated with a specific project. This one screen could be used in the status or progress meeting and keep meetings short.
Requirements and Release Management Crate Releases and iterations with just few clicks and associate requirements that should go into the
www.TestingCircus.com
October 2011
- 49 -
release. Relevant documents can be uploaded and associated to various artefacts such as requirements, test cases and others.
Ability to indent and outdent Requirements to form a parent child relationship or form a hierarchy. Useful features to perform Inline edit of requirements via a single click. Powerful filters to customize your views along with Colour coded classification of requirements based on criticality. Workflow for requirement to pass through various stages like Requested, Evaluated, Rejected, Accepted, In Progress, Completed and more.
Create hierarchical Test Cases which can be associated with Project, Release, Requirement and or Test Sets.
www.TestingCircus.com
October 2011
- 50 -
Build reusable Test Sets reducing effort in future. Each Test Case has a collection of Test Steps. During Test execution if any of the steps fail, an incident could be raised and linked to test step. Test cases can be grouped into a Test set e.g. Functional, Regression and others on the fly which can be assigned to Tester or Automation hosts. There is complete traceability between Requirement, Test Case and Incident. Test runs are archived, so any previously executed Test run could be viewed to check if recent changes have introduced any failures.
Incident Management
Incidents can be created, assigned, Tracked, linked to a step in test case. Workflow of incidents can be customized (for e.g. New->Assigned->Developed->fixed) and updated from the Administration screen. Incident types (Bug, Change request, Enhancement etc.) can be created. Each incident type can have its own specific workflow. [Very useful feature] Each incident can be traced back to requirement giving a clear idea of importance of incident.
www.TestingCircus.com
October 2011
- 51 -
Reports can be exported in various formats like pdfs, Microsoft word, Excel etc.
Administration There are Rich administrative features in SpiraTest which includes Customizable fields, Customizable workflows and others.
Administration screens for Project, users, Incidents, Notifications, Documents, General settings and Integrations.
www.TestingCircus.com
October 2011
- 52 -
Integrations
Apart from having its own suite of products, SpiraTest integrates with variety of software for Test Automation, Requirements and Defect tracking systems. Following is a quick overview:
Observations
SpiraTest
based on the above analysis of features is an end to end solution for T e s t Management. UI looks like there are so many features than needed. There is a bit of learning curve to use all the features effectively. Once user gets familiar with the features SpiraTest can be easily and effectively used.
www.TestingCircus.com
October 2011
- 53 -
Traditional structured testing has always focused on writing test scripts, reviewing test scripts and executing scripts in a sequence and hence always ended in expected behaviors. However the demands of agile based delivery means a simultaneous learning, test design and test execution which is termed "Exploratory Testing". With exploratory testing, testers always look for emergent behaviors that could not have been predicted otherwise. Exploratory Testing consists of following
A very limited documentation on requirements and more reliance on collaborative meetings to brainstorm should we term "Stories" An accepted view that code delivery will be incomplete by the time testers start their testing Changes accepted right until the last minute and at times even middle of development
Learn, Design, Execute tests simultaneously Look for Emergent Behaviors that expose value to stakeholders Explore the system by running high level tests, take outputs from these tests and device yet more powerful tests
www.TestingCircus.com
October 2011
- 54 -
Test a part of system, if not many bugs found either test other part of system or change test techniques to test the same part
V - VALUABLE E - ESITMATABLE
S - SMALL Ask not "Does application meets these T - TESTABLE requirements?" instead ask "What happens Demand Test Driven And Continuous Integration if i do this?"
The very important aspect of an agile development or testing is "Test Driven Development" and The traditional development and testing always "Continuous Integration". relied on robust documentation as proofs, a divided project team in terms of stakeholders, developers and testers and focus on just a specific Test-driven development (TDD) requires area as per the persons role. The success of any developers to create automated unit tests that agile implementation or the scrum framework itself define code requirements (immediately) before is standing on five core values. writing the code itself. The tests Embrace The 5 Values
contain assertions that are either true or false. Passing the tests confirms correct behavior as developers evolve and re-factor the code.
Continuous Integration is small pieces of effort to integrate source code at very regular intervals Respect within a day by the development team with a view The teams are expected to be focused on their tasks to avoid complexity of integration at the end, and are committed to their completion. They are ensure good quality of code and reduce time taken quite open and honest in their thoughts and to deliver it. expressions, have courage to challenge themselves and the others, having the respect for one another at the same time. While these qualities are required Testers have a great role to play in terms of not just for testers and for every member of team, demanding TDD/CI at every stage of development a test member definitely stands on the thin line to ensure a quality deliverable comes out of ensuring quality of requirements, code and testing development. Test team has to help generate an itself often or should I say always with little time. automation framework that could be integrated into TDD and CI process to reduce the complexity Stories Should Be Right "INVESTment" of development and testing process. Unlike before test team are expected to play their part right from the start of project driving the requirements process, helping and challenging Regression Tests Are The KEY Test Artifacts development teams in terms of estimates and other The ability to accept change at any given point areas. It is absolutely necessary that team as whole within agile delivery mandates a finite set of tests come up with requirements or user stories that that can test the whole system in principle at any adhere to following principles and are right given time. If you examine carefully without investment for right value in return. proper requirements documentation, test plans and
I - INVEST N - NEGOTIABLE
with nature of testing being exploratory "Regression Tests" are the way to go to provide www.TestingCircus.com October 2011 - 55 -
confidence to self, business and the team to say an area of system being delivered is enough tested within the aggressive sprint schedule. Most of the agile teams embraced regression as an opted strategy for testing and when executed on a continuous basis without failures definitely provides product stability. Regression tests provide a basis to take decisions like below which otherwise would be hard to answer using manual testing in a two weeks iteration and as stated before an acceptance view of incomplete code.
Pradeep Soundararajan Michael Talks Nishant Verma Varada Sharma Rob van Steenbergen Jaijeet Pandey .. . .. .
They have decided to write for us.
Is the code ready to be merged? Is the product ready to be released? Has this change broken previously working? something
Automation, Automation and More Automation Its an established fact that automation is the only way to generate testing capacity to do a complete test of a release or a shippable code on a regular basis across any standard iteration. With less available testing time, have an ability to accept changes at anytime; needing to drive the team in terms of TDD I guess the only way to be able to fulfill such a responsibility is to generate time on the long run by automating tests as much as possible and as early as possible. Automation helps
Watch out for Testing Circus November issue. Happy Learning! www.TestingCircus.com
Accelerate Velocity of Agile Teams (Agile demands speed) Consistency in Testing (Across Environments and Various Stakeholders) Identify Issues Early On With less effort across any build
A sufficient amount of governance should definitely be in place for test automation and regression to ensure teams dont end up having a complex and voluminous tests to be run every time on the long run.
www.TestingCircus.com
October 2011
- 56 -
u b s c r i be To S li ck H e re C
Testing Circus
www.testingcircus.com
Still relying on reading Testing Circus from tweets & facebook updates? Subscribe just with your email id and get the magazine delivered to your email every month, free!
October 2011 - 57 -
www.TestingCircus.com