The Agile development movement has started to transform the software landscape. Since February 2001 when the Agile Manifesto was published, Agile development has gone past the early adopter phase and now is regularly in use by such mainstream organizations as CapitalOne, the Federal Reserve Bank, Microsoft, Sun Microsystems, and major development departments in other organizations. For Agile practices to take hold-and more importantly to be sustained-all of the dysfunctional behaviors that organizations have acquired over the past twenty years or more must be discarded-and that is not easy or fun. However, the overwhelming benefits and value of Agile development are there, and for organizations in which software is their lifeblood, the effort will be made.
At the rate Web vulnerabilities are being discovered and exploited, the security industry cannot afford to continue trying to keep up with patches and fixes. Cross-site scripting, SQL injection, command injection-attacks like these result from vulnerabilities in inadequately designed or written code, creating opportunities for attackers to threaten privacy and steal data. The only way to truly eliminate these vulnerabilities is to address them at their origin-in the source code itself. The critical sources of threats in an application come from coding errors, configuration issues, and design flaws. Using actual security failures, Daniel Hestad describes the dirty baker's dozen code-based vulnerabilities found in Web software. Learn to locate, understand, and eliminate these vulnerabilities before they present untold risks to your organization.
Lucille Parnes, Software Process Improvement Consultant
Change, ambiguity, and risk are key issues whether you are running a software project, managing a development team, or leading an entire organization. We learn it over and over again. It's not a matter of "if" change will happen-it's a matter of "when." When a crisis inevitably arrives, how do you respond? As Jerry Weinberg observed in The Secrets of Consulting, "It may look like a crisis, but it's only the end of an illusion." Andy Kaufman looks at key project illusions that threaten success as we lead projects and people in the realm of software development. Whether you're a project team member or a senior executive, Andy provides practical tips you can immediately apply in your organization.
Andy Kaufman, Institute for Leadership Excellence and Development
All projects start with needs or requirements. How those requirements are documented and expressed has a tremendous affect on the rest of the project. The technique of expressing requirements as "user stories" is one of the most broadly applicable techniques introduced by eXtreme Programming (XP). However, user stories are a valuable approach on all time-constrained projects, not just those using XP. Although user stories originated in the Agile processes, they are useful even if you are not planning to employ Agile development. In this session, Mike Cohn will help you identify and write good user stories and understand the six attributes of all good stories. Explore how user role modeling can help when gathering the initial stories for a project.
You've heard of eXtreme Programming (XP) and perhaps Scrum. How about Crystal Clear, Adaptive Software Development, Dynamic Systems Development Method, Rational Unified Process for Agile Development, and Feature Driven Development? These are some of the many variations of Agile development methods. Join Jeff McKenna as he explores the many flavors of Agile development methods and explains the similarities and differences. Find out what aspects of Agile development can help your organization’s development team in its particular environment. If you are considering Agile development and need to decide in which direction to go, this session is for you. Although a one-hour session cannot provide all the information you will need, you can explore what is common-the philosophy, the values, the characteristics-and what is different-the methods, the coverage, the costs-about different Agile approaches.
According to the Object Management Group (OMG), the benefits of Model Driven Architecture (MDA) are significant to businesses and developers alike: reduced overall product life costs, faster development, better application quality, rapid deployment of new technology, and a higher ROI on new technology. In short, the hype is that MDA enables system integration strategies that are better, faster, and cheaper. However, the MDA approach represents a fundamental change in the way software is developed, and it revolutionizes how you allocate test resources and how you create system tests. Timothy Korson outlines the MDA process and then suggests ways to change quality assurance activities to mesh with the MDA development style. Take away a realistic view of the current state of MDA practices compared to the MDA promise and vision, offered by the OMG.
In addition to the efficiency improvements you expect from automated testing tools, you can-and should-expect them to provide valuable metrics to help manage your testing effort. By exploiting the programmability of automation tools, you can support the measurement and reporting aspects of your department. Learn how Jack Frank employs these tools with minimal effort to create test execution
status reports, coverage metrics, and other key management reports. Learn what measurement data your automation tool needs to log for later reporting. See examples of the operational reports his automation tools generate, including run/re-run/not run, pass/fail, percent complete, and percent of overall system tested. Take with you examples of senior management reports, including Jack's favorite, "My Bosses' Boss Test Status Report"-names will be changed to hide the guilty. Regardless of the
Test Driven Development (TDD) has emerged as a successful productivity technique for development teams. As a unit testing methodology, TDD prescribes a simple three-step process of (1) develop test, (2) write code, and (3) re-factor the code. In a question-and-answer tag-team
Think about it ... You are responsible for performance testing a system containing over 5 billion searchable documents to an active user base of 2.6 million users, and you are expected to deliver notification of sub-second changes in release response and certification of extremely high reliability and availability. Your n-tier architecture consists of numerous mainframes and large-scale UNIX
servers as well as Intel processor-based servers. The test environment architecture is distributed across large numbers of servers performing shared functions for a variety of products competing for test time and resources during aggressive release cycles. Because it is impractical and too costly to totally isolate systems at this scale, capacity and performance test engineers produce high quality
Since the publication of the test process improvement (TPI®) model in the 1990s, many organizations have used it to help establish and improve their test processes. By doing so, they have tested the hypothesis that improving test processes results in better insight into system
quality and a more repeatable and efficient test process. Over the past five years, Ruud Teunissen and his consultant colleagues have gathered many facts and figures about the results of test process improvement initiatives. Learn the details of what other companies have achieved from test process improvement using the model, including examples of a 50 percent reduction of live incidents caused by inaccurate testing and a 40 percent reduction of long-term testing costs. Build a case for process improvement, discover what the TPI® model can do for you, and find out how to manage expectations should you embrace the model.