Quality Assurance

Functional Testing

Software needs to be tested to ensure that it functions as required by the end-user. The software is fed with an input and the output is evaluated to check if it satisfies the functional requirements expected of it. Functional testing is done by evaluating each and every function that the software is supposed to perform one after the other.

Different types or stages of functional testing include smoke testing, regression testing, system integration testing, usability testing. Smoke testing is a kind of preliminary testing to check if the software is fit for further testing. Regression testing is done to ensure that the software performs as expected after incorporating a change into its previous version. System Integration testing is done to check the compatibility of the software with other applications.

Usability testing is concerned with how well the end user is finally able to use the system. The test is carried out on actual users. Popular functional testing tools available are Selenium, HP QTP, IBM RFT, and Cucumber. These tools offer different advantages for different use cases.

Automated Testing

Manual testing of critical business test cases consumes a lot of time and money. In software testing, the same test suite needs to be executed repeatedly. Once all the test cases in a test suite are manually tested, the test suite can be recorded and the software testing can be performed repeatedly as required. Automation testing helps to reduce the number of test cases to be tested manually.

Some test cases are not suitable for automated testing. These include those that have been newly designed and not tested manually at least once. Test cases whose functional requirements are not fixed and those that are executed for specific purposes cannot be automated.

A well planned out automation testing strategy leads to effective implementation. Figuring out the right automation tools, determining tasks that are within and beyond the scope of automation, scheduling of scripting and execution, preparation of the testbed are the elements of a successful automated testing strategy.

Performance Testing

Apart from ensuring that the software is functionally sound, its performance needs to be benchmarked against various parameters like scalability, reliability, response time and resource usage. TestLuas takes care of your Performance testing needs to ensure that the software performs reasonably well under the expected load.

Various kinds of performance testing are stress testing, soak testing, spike testing, configuration testing, isolation testing and internet testing. Load testing is the most basic form of performance testing. The behavior of a system is tested under a load. Stress testing is done to find the maximum load a system can withstand.

Soak testing tests the endurance of a software under a continuous load. Spike testing tests the system’s ability to handle sudden increases or decreases in the load. Configuration testing is more about how the system performs with alterations to its configuration than its performance under a given load.

Security Testing

Security testing of a software application is done to ensure that there are no loopholes or vulnerabilities that may lead to malfunction. After security testing the application is expected to deliver on various parameters like confidentiality, integrity, authentication, availability, authorization, and non-repudiation.

The different aspects of security testing are vulnerability scanning, security scanning, penetration testing, risk assessment, security auditing, posture assessment and ethical hacking. Typical test scenarios include ensuring the password is encrypted, checking cookies and session time, ensuring that invalid users are not allowed and so on.

Penetration testing involves checking a system’s resilience to attack from an external hacker. In Risk Assessment, risks are classified as low medium and high in order to recommend proper controls and measures. Ethical hacking is done intentionally on the authorization of the organization to expose vulnerabilities in the system.

Selenium Testing

Selenium is an open-source software-testing framework for web applications that can be used across various browsers. High level of experience and coding skills are required to implement Selenium Automation testing when compared to HP QTP and IBM RFT.

The Selenium suite comprises of Selenium Integrated Development Environment (IDE), Selenium Remote Control (RC), WebDriver and Selenium Grid. Selenium RC and WebDriver have been merged and offered as Selenium 2 with WebDriver as its core.

Of the four, Selenium IDE is the simplest tool which can be used for prototyping. Selenium Remote Control was the first automated web testing tool that allowed programming in Java C# PHP Python Perl and Ruby. WebDriver is an improved version of RC which directly communicates with the browser without relying on JavaScript.

DevOps Testing

With the advent of DevOps software engineering culture which promotes a synergy between software development and IT operations, software is no longer tested after development. The software is tested continuously and simultaneously with development. This process is based on a philosophy of problem prevention instead of problem detection.

This entails continuous testing of software by automating each and every step in the process. With the advent of the DevOps cycle, QA teams have to ensure that their test cases are automated. The test environments have to be standardized and their deployment on QA boxes should also be automated. In order to be properly aligned with the Continuous Integration cycle, all the pre-testing and post-testing tasks have to be automated.

When testing new features, the QA team can create test scripts and run the automation on interim builds until the code is good enough to be deployed. Executing tests in parallel reduces time-to-live. Before the code is deployed, critical bugs have to be fixed and passed through the chain of steps involved.

Test Data Management

Software applications must be tested against data that closely resembles the actual data that will be used. For this purpose, production data cannot be copied directly for testing owing to security and regulatory issues. Test data management utilizes data masking techniques to hide personally identifiable information from being visible to the development and testing teams. The data properties and formatting which are critical for testing are retained.

Also, different tests require different ways of test data generation. Test data can be derived from the examination of code in White Box testing. In the case of performance testing, since the goal is to check the speed of system response, it is advisable to use live data from customers. This data has to be anonymized.

For Black Box testing, system response has to be tested for different kinds of data sets. These include valid/invalid data, illegal data format, state transition test data, equivalence partition data, decision table data, decision table data, boundary condition data, use case test data and so on. Tools like GSapps can be used for automated test data generation for different use cases.

The Testing Center of Excellence

Testing centers of excellence coordinate and control the QA efforts of an organization in order to make the entire quality assurance process more efficient, transparent and optimized towards the goals of the organization than the goals of individual departments.

With a testing center of excellence, testing time can be reduced without compromise on quality, the QA process can be standardized and kept up to date with industry trends. Available resources can be used more efficiently. TCoE speeds up the time to market.

One of the main functions of a TCoE is to establish a governance protocol to enable smoother information flows across departments. Defining an implementation roadmap of the testing strategy helps in smoother execution. All these measures reduce costs for an organization.