News from the World of Software Development and QA — September 2016

It’s that time of the month where we take a look at a few of the interesting news stories September brought to the overall software development and QA world. If you are interested in checking out last month’s stories — including news about the growing outsourced testing market — simply click on this link. Hopefully, this month’s news digest provides some insight into your own programming and testing activities.

Microsoft deploying a Cloud-based Bug Detector

The growth of Cloud-based testing services has been previously noted in this blog. Microsoft continues to emphasize the Cloud as part of its business line; most notably in their Azure commercial Platform as a Service product. The company also is making available a Cloud-based automated bug detector, known as Project Springfield

Springfield is a Cloud-based “fuzz” testing system aimed at finding critical security bugs in applications. Redmond used the product internally for testing Windows, Office, and other Microsoft applications. A key component of the tool — known as SAGE — found nearly one-third of the critical security holes in Windows 7 before that operating system hit the market.

Project Springfield leverages AI routines to perform a host of “what if” tests on issues possibly causing an application to crash or to be hacked. The tool runs multiple times trying to hone it on what it feels are the most critical problems with an app.

Springfield runs on top of an Azure instance, offering the convenience of a Cloud-based application. In addition to SAGE, Microsoft includes a host of fuzz testing tools along with a dashboard and user interface making Springfield easy to use for those who aren’t security experts. It sounds like a tool worth exploring for many development shops.

Localization Bug hampers Videogame Release

Testing localization routines remains important for videogame developers offering their products on a worldwide scale. Last week, Atlus released a game for the Nintendo 3DS called Shin Megai Tensei IV: Apocalypse which contained text untranslated from the original Japanese language. According to the company, the QA testers were so good at the game; they didn’t encounter the situation where the Japanese text appeared on screen.

This speaks to the need to employ the right testing procedures to ensure full code coverage. Atlus doesn’t expect to fix the issue in the current, cartridge-based game, but the company is redoubling its efforts on localization testing for future releases.

CIOs need to champion the QA Role

This week, CIO Insight published a slideshow and article detailing how CIOs can influence the critical testing and QA functions at their organization. The slideshow content is based on a survey of CIOs made by HP and Capgemini/Sogeti.

Security concerns are the lead reason driving QA initiatives, followed closely by simply releasing higher quality software. CIOs of companies following Agile principles noted the need to involve QA engineers earlier in the SDLC — a point discussed earlier this year on this very blog. The study also reported more companies are performing load and performance testing on third-party Cloud-based services used in their applications.

The rest of the slideshow offered additional insights on the changing role of QA in the modern business world, especially considering the growth of IoT applications. The need for improved processes for testing mobile and multi-channel application was also expressed.

Keep coming back to the Betica Blog for additional insights and news about software development and quality assurance.

Quality Assurance for APIs with SOAtest

In the past we talked about the importance of an excellent set of tools to manage and perform the testing of APIs. A superior API testing tool needs to easily create test scripts, target multiple environments quickly, support most industry standards, and be platform agnostic. Other features like test automation and powerful command line support make the QA engineer’s life a bit easier.

SOAtest is an API testing tool earning many accolades in the industry. Let’s take a look at some of its features to see it makes sense to include it as part of your QA team’s testing arsenal.

A Closer Look at SOAtest

SOAtest, developed by Parasoft, provides end-to-end testing of APIs and any application that depends on an API as part of its backend. This includes Cloud-based applications, websites, mobile apps, and applications leveraging a service-based architecture. It performs a full range of testing: regression tests, integration tests, load tests, security tests, UI validation, and more.

Nearly all interfaces and messaging types are also supported, including REST, XML, JSON, and so on. You are even able to validate your own custom messaging formats using this tool. This flexibility and support for so many industry standards — SOAtest is platform agnostic as well — remains one of the reasons the software is so popular among QA engineers and software developers.

Forrester Research named SOAtest as one of its leaders in the research firm’s The Forrester Wave: Modern Application Functional Test Automation Tools study in 2015. Forrester called the product “a key player in the continuous delivery world allowing developers to promote low-risk, quality-release candidates in delivery pipelines.”

Making the QA Engineer’s Job Easier

Featuring an intuitive interface encapsulating powerful functionality, SOAtest allows QA engineers to accomplish more during their workday — something vital in development shops with a continuous delivery release schedule. Service virtualization and simple test data management allows for the speedy testing of enterprise solutions with multiple endpoints. Automated running of regression tests helps validate a release before it hits production.

Load and performance testing is especially important in this era of social media which requires fast and seamless scalability of web-based applications. SOAtest makes it easy to test APIs and API-based applications under different load scenarios — including multithreaded architectures. You are able to predefine service quality metrics for use when ensuring an application’s performance under a variety of loads.

SOAtest even provides support for web UI testing that also fosters collaboration between your technical team and business stakeholders. It can test interfaces across many different browsers — including mobile. Additionally, a lightweight runtime error detection facility can be embedded in your application with little to no performance hit.

In short, SOAtest’s wide range of testing functionality combined with its support for most industry standard interface and message types makes it worthy of further exploration at your development shop. We didn’t even go into detail about the tool’s security and development testing features. SOAtest truly is an API testing tool that can do a whole lot more.

Keep coming back to the Betica Blog for further insights on software development and testing as well as profiles of some of the best tools currently in use at shops all over the world.

Continuous Testing at the Speed of the Agile Modern Business

Relying on automation to execute whole test on large deployment, doesn’t mean the role of the QA engineer is going away. Learn why?

With more companies of all sizes embracing the Agile and DevOps methodologies, the speed of the software development lifecycle continues to increase. This reflects a competitive business world which operates all over the globe on a 24-7 basis. The days of the biannual release cycle appear to be obsolete.

Continuous deployment and other offshoots of Agile strive to make software enhancements a quick and painless process, so it stands to reason this “need for speed” would influence quality assurance. Enter continuous testing. We’ve mentioned this concept in a previous post, but this time out we’ll take a closer look at this emerging QA trend.

Preventing QA from becoming a Bottleneck

Companies embracing continuous delivery leverage automation to make various aspects of the SDLC faster. This includes automating builds, migrations, and other related tasks. While a need for manual software testing still exists, especially when it comes to validating usability and interfaces, companies are taking advantage of automated tests as part of a continuous testing model.

Continuous testing requires extra effort to be spent on developing these automated tests. This concept applies when it comes to determining whether or not to deploy the software into production after the test run is complete. Business stakeholders need to work closely with QA engineers to determine the criteria for a go/no go decision; factoring in performance, reliability, and security issues.

Additionally, many continuous testing programs involve QA personnel at the beginning of the lifecycle, with the hopes of validating design work before development takes place — the extra cost of handling bugs later in the SDLC still matters in this scenario. The scope of testing includes automated API tests, unit tests, as well as system and integration tests. Security and performance testing is also performed when relevant.

Managing the Continuous Testing Process

Relying on automation to execute a whole range of tests as part of a larger build and deployment process doesn’t mean the role of the QA engineer is going away. We mentioned earlier about the importance in properly developing automated tests able to determine whether or not to deploy a release. It is also vital to involve QA personnel in the management of the entire automated testing process, including performance monitoring and defect analysis.

Many QA tools and applications now include support for continuous testing that goes beyond simply automation. These typically provide a robust mechanism for authoring tests in addition to the real-time defect reporting and performance features needed to truly take advantage of CT.

Resources for Learning more about Continuous Testing

A wide range of eBooks and other material covering continuous testing are available if you are interested in learning more about this topic. SOASTA, known for their performance analytics software, offers an eBook on Continuous Testing in an Agile World. IT managers interested in the subject need to check out Parasoft’s book aimed at technology leaders.

In short, continuous testing needs to be considered by any organization hoping to truly take advantage of Agile or DevOps.

Keep tuned to the Betica Blog for further dispatches from the wide world of QA and software development.