This article is dedicated to telling you how good developing software can be. Austin Hastings describes many software development practices working together, some of which you don't have. If you like an idea you see here, implement it. After your first implementation steps, you can return here to find yet another idea to implement.
Warning: Registry keys may be hazardous to your program's health! Registry key entries in Windows applications-visible or hidden-are often neglected by testers. A registry key entry is a program feature just like any other application function and as such needs to be validated. Michael Stahl describes why registry keys should be accorded special attention during testing and proposes a strategy for mitigating risks posed by incorrect registry key entries. He suggests a test strategy, as well as coding standards for input value and type validation, default values, regeneration, and naming rules. Michael demonstrates the use of correct and incorrect registry keys in common commercial applications.
Open source software has come a long way in the past few years. However, for automated testing there still are not many ready-made solutions. Testers often must spend their time working on test cases rather than working on a test automation framework. Allen Hutchison describes the elements of an automated test framework and demonstrates a framework that you can quickly assemble from several open source software tools. He then explains how to put the pieces together with a scripting language such as Perl. Once you build the framework, you can improve and reuse it in future test projects. At the end of the presentation, Google will release the described framework as a new open source project that you can begin using immediately.
Test-driven development (TDD) is a new approach for software construction in which developers write automated unit tests before writing the code. These automated tests are always rerun after any codes changes. Proponents assert that TDD delivers software that is easier to maintain and of higher quality than using traditional development approaches. Based on experiences gained from real-world projects employing TDD, Peter Zimmerer shares his view of TDD's advantages and disadvantages and how the TDD concept can be extended to all levels of testing. Learn how to use TDD practices that support preventive testing throughout development and result in new levels of cooperation between developers and testers. Take away practical approaches and hints for introducing and practicing test-driven development in your organization.
Find out how teams transitioning to Agile practices must re-think their workflows and project metrics originally designed to handle many hundreds of defect reports that occur in typical testlast development cycles. Richard Leavitt discusses how a real-world implementation of key practices like early testing and continual integration-though not without bumps and bruises-lowered the number of open defect reports by an order of magnitude. These practices also can improve how the team communicates, reduce delays, and provide more direct measures of project status, feature progress, and release readiness.
To achieve the most effective test automation, you need to go beyond automated test case creation and implement automated environment setup. In tracking the testing time spent over several projects, the Clustering group Amit Mathur worked with found that more staff time was being spent on setup than on actual testing. He discusses and demonstrates the Environment Configuration System (ECS) his group developed to automatically set up test environments and trigger automated test execution. Find out how ECS has dramatically improved the ability to automate many more manual tests. ECS employs a scripting language (Perl) and libraries for environment setup and test cases. Based on interface specifications and dependency rules, ECS bundles environment setups and test cases for complex test scenarios. Learn how you can adapt the ECS approach for your applications and environment.
Are you striving for more quality than you really need? How would you know? "Good enough" quality does not mean "substandard" or "mediocre" but is actually an optimal and responsible economic principle we use everyday. Managing test lead for Quardev Laboratories, Jon Bach says because quality is expensive, the "good enough" framework provides the criteria to enhance decision-making about when to ship. He discusses the perils of quality-at-all-cost techniques and shares examples of software that features sufficient quality. Find out how testers and test managers can help project stakeholders know whether they are releasing software with too little quality or are unnecessarily striving for too much quality.
The Agile development movement has started to transform the software landscape. Since February 2001 when the Agile Manifesto was published, Agile development has gone past the early adopter phase and now is regularly in use by such mainstream organizations as CapitalOne, the Federal Reserve Bank, Microsoft, Sun Microsystems, and major development departments in other organizations. For Agile practices to take hold-and more importantly to be sustained-all of the dysfunctional behaviors that organizations have acquired over the past twenty years or more must be discarded-and that is not easy or fun. However, the overwhelming benefits and value of Agile development are there, and for organizations in which software is their lifeblood, the effort will be made.
At the rate Web vulnerabilities are being discovered and exploited, the security industry cannot afford to continue trying to keep up with patches and fixes. Cross-site scripting, SQL injection, command injection-attacks like these result from vulnerabilities in inadequately designed or written code, creating opportunities for attackers to threaten privacy and steal data. The only way to truly eliminate these vulnerabilities is to address them at their origin-in the source code itself. The critical sources of threats in an application come from coding errors, configuration issues, and design flaws. Using actual security failures, Daniel Hestad describes the dirty baker's dozen code-based vulnerabilities found in Web software. Learn to locate, understand, and eliminate these vulnerabilities before they present untold risks to your organization.
Lucille Parnes, Software Process Improvement Consultant
Change, ambiguity, and risk are key issues whether you are running a software project, managing a development team, or leading an entire organization. We learn it over and over again. It's not a matter of "if" change will happen-it's a matter of "when." When a crisis inevitably arrives, how do you respond? As Jerry Weinberg observed in The Secrets of Consulting, "It may look like a crisis, but it's only the end of an illusion." Andy Kaufman looks at key project illusions that threaten success as we lead projects and people in the realm of software development. Whether you're a project team member or a senior executive, Andy provides practical tips you can immediately apply in your organization.
Andy Kaufman, Institute for Leadership Excellence and Development