We have all experienced the "thrill" of functional testing, going through requirements and then crafting test cases to ensure that the application behaves according to specifications. While this method has its place, it misses many classes of bugs, especially security bugs. For example, security bugs can manifest as extra functionality that may not violate requirements directly, but still expose catastrophic holes in software.
STARWEST 2003 - Software Testing Conference
Because testing, by some definitions, is ensuring that the observed results match the expected results, we often are highly dependent on the quality of the requirements when we test. Unfortunately, most software projects do not have sufficient requirements that pre-determine exactly what the results of all of the tests should be. So, what should testers do? In this talk, Richard Bender addresses the testing techniques you can use to improve the quality of requirements so that they are accurate, complete, unambiguous, and consistent.
Many smaller organizations are looking for ways to improve their testing processes and approaches. They do not need complex assessment reports, change task forces, extensive implementation of guidelines, or expensive training programs. Solutions for smaller organizations often involve gradually upgrading test awareness and test process performance. Even introducing a supporting template and providing a little coaching helps considerably.
Business-oriented metrics can bridge the gap between the activities your testing organization perform and the business value your testing produces. Claude Fenner presents real-world examples to motivate and show you how to successfully communicate the strategic value of what you do in your test organization. Learn how the Test Asset Trajectory metric shows testing's fit-to-business demand and whether or not your testing assets are healthy.
No one looks forward to load and stress testing a large database, but it is a critical task in the test process. Michele Rossi focuses on practical strategies to test software built for large database environments. Before designing your next database load and stress tests, find out what questions to ask and how to model realistic database activity. With the right test scripts and automated tools to create sufficient activity, you'll go a long way toward improving product quality under heavy database loads.
Great test managers wear many hats and must know how to balance the company's demands for returns against the need to build capacity and skills within their team-all without breaking a sweat. Test groups are often under-funded and test managers run themselves ragged trying to be all things to all people.
To be most effective, test managers must develop and use metrics to help manage the testing effort and make informed decisions about the software' quality. Although there is no one set of metrics that satisfies the needs of every test manager, there are certain things that all managers need to measure. Additionally, most important decisions should be supported by more than one metric. Rick Craig presents guidelines for you to build a set of metrics to track test status, measure test effectiveness, and predict product quality.
Before you start writing automated test scripts, you need an automation framework that matches your application and environment. Not surprisingly, Web applications at HotJobs, a Yahoo! Company are constantly changing and need a fast, flexible methodology for test automation. Clay Givens illustrates the importance of designing this flexibility into automated tests with an emphasis on modularity for speed.
It’s going live tonight! How can I test Web changes when I have only a few hours for testing? In this session, Greg Paskal presents the Minimal Essential Testing Strategy (METS) designed to aid in your rapidly changing Web environment. This creative technique will enhance your Web testing efforts, regardless of time constraints or type of application. Walk away with a starter strategy and ways to adapt this new process to your organization’s needs.
Often, the fast-paced development cycles of Web applications don't usually leave much room for testing. Thanks to the instant service pack phenomenon, we can update a Web application every day-so it's ok if things aren't perfect, right? That may be the case for functional bugs, but not security bugs. All an attacker needs is a very small window of opportunity to do damage. James Whittaker shows you how to identify these threats and demonstrates examples of attacks against them.