Month: December 2017

Roles & Responsibilities in a Software Testing Team

Posted on by tbsupadminnxtbackendacc

Software testing is an essential part of the software development life cycle (SDLC). Playing a significant role in defining the success rate of a particular product, owing to the same reason the software testing team plays a crucial role even after the product’s development is completed
Therefore, it is important to ensure that this software testing team includes a perfect mix of talented as well as capable professionals who are also domain experts.
Being experts in the problem domain make it easier for them to create such test scripts that make it easier to identify the problem in the product.
software testing team
While every company follows a different structure of the testing team, there are a few members who are common in every structure and fulfill the expectations of the team. This includes:
1. QA Leader:
QA Leader is the most important member of the testing team. While it is extremely crucial for him/her to have a clear understanding of the testing process or methodology. It is also essential for him/her to be familiar with the varied test-program concerns such as test environment and data management, trouble reporting and resolution, etc.

The Main Roles and Responsibilities handled by the QA leader are:

  • Acts as a point of contact for inter and intra departmental interaction
  • Represents the software testing team as well as enables customer relationship
  • Deciding the test budget and schedule
  • Identifying the testing activities for other team members like testers or test engineers
  • Planning the entire testing process
  • Checking the availability of the resources to execute testing activities
  • Identifying if the process of testing is going in sync with the software development
  • Preparing the status report of testing activities
  • Sharing updates on testing with the project manager
  • Planning pre and post-test meetings

Salary of A QA leads leading IT booming countries

  • India – Rs. 659000 – 1230000 / year
  • USA – $50,000 – $ 104,000 / year
  • Singapore –  S$ 3000- S$ 6,000
  • Canada – CA$65,000 – CA$97,000
  • Hong Kong – HK$58,000

2. Test Lead
With a clear understanding about the applications business area and its requirements, a test lead is a person who is also familiar with the varied test-program issues such as test data management, test design, and test development.
His/her expertise in numerous technical skills such as programming languages, database technologies, and computer operating systems also enable him/her to deliver the best at his/her job.
The Major Role and Responsibilities of a Test Lead include the following:

  • Technical expertise related to the test program and approach.
  • Provides support for customer interface, staff planning, and supervision, as well as progress status reporting.
  • Validating the quality of the testing requirements such as testability, test design, and script, test automation, etc.
  • Staying updated about the latest test approaches and tools
  • Assisting the software testing team to be aware of the latest trends in the world of software testing.
  • Arranging walk-through for test design and procedure.
  • Implementing the test process.
  • Ensuring that test-product documentation is complete.

Salary of Test leads in IT booming countries

  • India – Rs. 549,000 – Rs. 1525,000
  • USA – $73,000 – $92000
  • Singapore – S$103,000
  • Canada – CA$42,000- CA$105,000

3. Test Engineer
The role of a test engineer is to determine the best way to create a process that can enable one to test a particular product in the best possible manner.
Test engineers can have different expertise based on which they are assigned a role in a company.
Some of the common test engineers working in an organization are as mentioned below:

Know More: 21 Best Programming Movies Software Testers must watch

a) Usability Test Engineer
These engineers are highly proficient in designing test suites as well as have a clear understanding of the usability issues. With excellent interpersonal skills, they are also skilled in test facilitation. Some of their common job roles include:

  • Designing the usability testing scenarios
  • Administering the process of usability testing
  • Developing test-product documentation
  • Participating in test-procedure walk-through

  b) Manual Test Engineer
With a clear understanding of the Graphical User Interface (GUI) design and its standards, manual test engineers are highly proficient in designing test suites and various testing techniques. Some of the major responsibilities of these engineers include:

  • Using associated test data to design and develop test procedures and cases
  • Manually executing the test procedures
  • Attending test-procedure walk-through
  • Following the required set standards


  c) Automated Test Engineer
 Also known as Automater/developer, these engineers also have a good understanding of the GUI design and software testing. They can also be relied upon for designing the effective test suites as well as efficiently working with test tools. Some of the common roles handled by them are:

  • Designing and developing test procedures on the basis of requirements
  • Following rest-design standards
  • Attending test procedure walk-throughs
  • Executing the tests and preparing reports for the same.

Salary of Test Engineers in IT Booming Countries

  • India – Rs. 284,000 – Rs. 799,000
  • USA – $ 71,000 – $ 107,000
  • Singapore – S$46,000 – S$75,000
  • Canada – CA$49,000 – CA$85,000

4. Network Test Engineer
With a high level of proficiency and expertise in a variety of technical skills such as programming languages, database technologies, and computer operating systems, network test engineers are good at product evaluation and integration skills.
Their Major Roles at an Organization include:

  • Performing network, database, and middle-ware testing
  • Developing load and stress test designs, cases and procedures
  • Implementing the performance monitoring tools on an ongoing basis
  • Conducting load and stress test procedures

Salary of Network Test Engineers in IT booming countries

  • India Rs. 477,000 – Rs. 946,000
  • USA – $56,000 – $91,000
  • Singapore – S$39,000 – S$52,000
  • Canada – CA$58,000

5. Test Library and Configuration Specialist:
 This job role requires one to have a network, database, and system administration skills along with expertise in technical skills including programming languages, database technologies, and computer operating systems. Their major job roles include the following:

  • Managing the test-script change
  • Maintaining test-script version control
  • Upholding test-script reuse library
  • Creating test builds, wherever required

6. Tester
Having a sound knowledge about various concepts involved in test designing and execution methodologies, a software tester is the one who is able to interact efficiently with the development team. His/her major roles as a part of software testing team includes:

  • Designing the testing scenarios for usability testing
  • Analyzing the testing results and submitting the report to the development team
  • Creating test designs, processes, cases and test-product documentation
  • Conducting testing as per the set standards and procedures
  • Ensure that the testing is carried out as per the defined standards and procedures

Salary of Testers in IT booming countries

  • India RS. 184,000 – Rs. 782,000
  • USA – $39,000 – $87,000
  • SingaporeS$31,000 – S$69,000
  • Canada – CA$36,000 – CA$81,000


 Conclusion
While it is crucial for every member of the testing team to fulfill his/her job responsibilities diligently, it is also important to ensure that the software testing team is properly structured and has well-defined responsibilities. Making testing a fun task instead of a serious job responsibility.

Recommended For You: What is Automation Testing? Techniques, Best Practices, Tools, and Advantages.

Penetration Testing Tutorial: Stages, Types, Methods & Tools

Posted on by tbsupadminnxtbackendacc

Penetration testing or also known as pen testing is the process of simulating real attacks on systems or networks to access the risks associated with potential security breaches. During pen test, testers not only discover vulnerabilities but also exploit them.
app testing
Pen testing is mainly attempting to breach any application systems, protocol interface etc. to uncover vulnerabilities, such as codes that are susceptible to attacks. Penetration testing which is generally ethical hacking is a necessary in-demand skill for testing an organization’s defense systems.
Why do we need to perform Pen Testing:

  • To uncover the critical vulnerabilities within your network systems
  • It can provide an overview of an organization’s exploitable vulnerabilities and include recommendations on how you can optimize the protection levels
  • Reveal problems that were not known
  • Prevent business interruptions, loss and protect brand image
  • Find both known and unknown hardware/software flaws which can be identified and fixed using automated tools
  • Assess and validate the efficacy of an organization’s defensive mechanisms

Stages of Penetration Testing:
As penetration testing is very much technical and complicated, it needs to be split into different stages. Lets take a brief look:
1)  Planning & Setting your Goal: In this phase, you define the scope and goal of the test to be carried out including, addressing the system on which the test is performed and finalising the steps for the test. You need to also understand and gain knowledge about the network, domains and the server to identify how the target works on potential vulnerabilities.
mobile app
2) Scanning Phase: During this phase, it becomes clear to the tester that how the target app will respond to the intrusion attempts. This is basically done in 2 ways:

  1. Static Analysis: Inspect an app’s code to see how it performs in a running state
  2. Dynamic Analysis: Provides a real-time view of how an app performs

3) Selection of Proper Pen-testing tools: Choosing the right tool, requires mere intelligence, a little bit of luck and lot of patience. Rather than just going for quality and checking whether it fits to your job, its essential to note that it doesn’t contain any sort of malware or codes that could in-turn hack the tester.
There are plenty of tools available online for free but note to double check as most of them may contain malware and mostly undocumented back doors. But the best pen testers always go for their own written codes and tools as they don’t trust on free sources.
Eg: Nmap, Aircrack-ng, Wifiphisher, Burp Suite, OWASP ZAP etc.
4) Gaining Access: This stage is basically about using web apps like SQL injections, cross-site scripting, back doors etc. to uncover the target vulnerabilities. Once the vulnerabilities are found, testers try to solve them by intercepting traffic, escalating privileges or by stealing data.
5) Maintaining the Access: In this stage, the pen tester tests whether the vulnerability can be used to achieve a persistent presence in the exploited system. This is done to imitate the advanced persistent threats that remain for months or even years in a system to steal the most sensitive data from an organization.
6) Analysing the System: The results like the number of vulnerabilities exploited, the intensity of the sensitive data that could have been accessed and the total time the pen tester could spend within a network system without being detected is checked and documented.
Types of Penetration Testing
The type of penetration testing generally depends upon the scope of the goal to be attained or the testing is simulated against the employee, internal resources or external sources. On the basis of this, penetration testing is mainly of 3 types:

  • Black Box Testing: In this case, the tester needs to collect all information regarding the system before he/she starts working
  • White Box Testing: Here, the pen tester is provided with almost all details regarding the system such as IP addresses, source codes, OS details etc.
  • Grey Box Testing: In this, the tester is provided with partial knowledge about the system

Penetration Testing Methods
By analysing different methods of attacks that might affect an organization, there might be different methods of penetration testing:
1) External Testing: This targets the assets of an organization that is visible on the internet. So the main aim is to gain access and also extra valuable data.
2) Internal Testing: Here, the tester with the access to an app behind its firewall is simulated by an attack by the malicious insider.
3) Blind Testing: In this case, the pen tester is only given the name of the organization, so that the system security personal gets a real-time look at how actual app assault happens.
4) Double Blind Testing: In this type of attack, the security personal within the organization would have no idea regarding the assault same as like it happens in real attempted breaches.
5) Targeted Testing: In this testing, the pen tester and the security personal both work together regarding the vulnerabilities. This is quite a valuable method as it offers instant suggestions from the hackers point of view.
Penetration Testing Tools
Penetration testing is the process which is undertaken by testers to find vulnerabilities in your systems before the attackers intrude in. The different pen test tools can be broken down into major categories like:
1) Port Scanners: Tools in this category typically gather information and personal data about a specific target from a remote environment.
2) Vulnerability Scanner: These tools are used to find if there is any known vulnerabilities in the targeted system.  This is again subdivided to:

  • Host-based
  • Network based

3)  Application Scanner: These type of tools checks in for any type of weakness within the web-application (eg: Ecommerce apps)
Below we have listed a few tools that can be used for simple assessments or even complex tasks in which some are got for free and some require licence payments.
1) Aircrack-ng: This is a full suite of wireless assessment tool that covers attacking(cracking WAP & WEP) and packet capture.
2) SQLmap: This is an automated SQL injection and database tool common and widely used in platforms -MSSQL, MySQL, Access, PostgreSQL, SQLite etc.
3) THC-Hydra: It is generally known to be a network login cracker that supports several services and it isn’t very complex to handle.
4) Metaspoilt: One of the most popular and advanced framework that is based on the concept of ‘exploit’ that is you pass on a code that cause breaches and enter the system.
 5) Nessus vulnerability scanner: This is one of the most commonly used pen tool worldwide to identify vulnerabilities, malware that attackers use against your system and even policy violating configurations.
 6) WireShark: Also known as Ethereal, this is a network analysis tool that captures packet in real time and displays the results in human readable format codes.
automation testing
 Conclusion
As high-profile data breaches continue to dominate the headlines, the attitude of enterprises towards cyber security have also started shifting. As a result, there is an increased focus on detection and remediation strategies today. But, sophisticated security strategies only work out if the process, technology and people put in their inputs together to test and identify whether there is any weaknesses left open.

Top 13 Myths Surrounding Software Testing

Posted on by tbsupadminnxtbackendacc

Software testing is a process of executing a program to identify/detect bugs in a software program. The process involves testing a program to verify that it meets the set business standards and requirements. While it is true that software testing forms to be the most crucial step in ensuring the delivery of superb quality product, the process is also surrounded by a number of myths.
app testing
Although these myths may not directly impact the process of software testing, it is important to debunk these myths so that each member of a particular software development team is aware about its benefits and importance.
Read on as we debunk the 13 common myths that are associated with the process of software testing:
Myth #1: Testing is an expensive process
 Reality: This holds true only in situations when it is tried that the cost of a particular product is reduced by avoiding this process. But, it is important to understand that saving the cost in such an inappropriate way can lead to higher cost later due to high maintenance or rectification costs. Moreover, it can also lead to the development of an improper product design, poor product performance, etc.
Myth #2: It is a time-consuming process
 Reality: Testing a product during its development phase is never a time-consuming process. It rather, saves the time of entire team by early diagnosis and fixing the errors at earlier stages of development.
Myth #3: Testing is possible only on completely developed products
 Reality: While this holds true that the process of testing depends on the product’s source code, but the testing team can always review its requirements as well as develop the test cases even without the developed code. Moreover, breaking the entire development cycle of a large product (iterative approach) can help in reducing the dependency of testing of the final product.
Myth #4: Complete Testing is Possible
Reality: Thinking that complete testing of a product is possible is a common misconception. This is because the testing team can test numerous paths during the software development life cycle but there can still remain certain aspects that can only be tested once the project is completed and deployed.
Myth #5: There are no bugs in a tested product.
 Reality: There can never be a surety or guarantee that a particular software product is free from errors or bugs. This is because a software product is always at a risk of having some or the other form of errors even if it has been tested by an experienced tester with excellent testing skills.
Myth #6: Testers are to be blamed for missing bugs.
 Reality: Even though it’s is true that an inappropriate testing strategy may result in missing out on bugs, it is unfair to put the entire blame on the testing team. Such mistakes commonly occur due to uncertain changes in time, cost and requirements of the team.
Myth #7: Quality of the product is the testing team’s responsibility
 Reality: Ensuring optimum quality of the product is not entirely the testing team’s responsibility. The role of testers is to detect bugs and let the stakeholders know about them. It is, then, their responsibility to get those rectified and ensure that the product is not released in the market without fixing these errors.
Myth #8: Using test automation wherever possible helps reduce the testing time
 Reality: It is undoubtedly true that test automation saves time but saying that it can be used at any stage of SDLC is incorrect. Test automation should be started only when the product has been tested manually and is stable. Using it even when the requirements keep on changing is not correct.
Myth #9: Testing a software product does not require expertise
 Reality: While the professionals in the IT sector are well-aware about the intricacies involved in software testing, there are many others who believe testing to be an easy job. They believe that testing does not require any specialized skills and can be conducted even by a layman. It is important for them to think about the criticality of the situation when a software crashes and there is a need to identify bugs.
Myth #10: Testers only responsibility is to find bugs
 Reality: Identifying the bugs is not the only responsibility of testers. As compared to the developers who are specific component experts, testers are the one who are aware about the overall functioning of the software, the way in which one module is dependent on the other, etc.
mobile app
Myth #11: Developers do not test a product
 Reality: It is untrue to say that developers are only responsible for writing the code. Testing the product is the testing team’s responsibility. As contrary to this belief, developers are the one who conduct unit and integration testing on the product and ensure that the product is able to deliver optimum performance before it is handed over to the testing team for thorough testing.
Myth #12: Software testing is a mundane job
 Reality: This statement holds true only if a tester is performing his/her job incorrectly. In reality, software testing is an information gathering job that is done to find answers to such questions about the software that no one has ever asked. And to find the answers, software testers need to study, explore, observe and analyze the product thoroughly which, in turn, makes it an interesting job.
Myth #13: Software testing implies clicking randomly
 Reality: Considering testing to be a job that involves clicking randomly on the UI and tracking the results generated in a document is not appropriate. This is because testing is actually a well-defined approach that is followed to identify all possible bugs in the program. And clicking randomly cannot identify the bugs and errors appropriately.
Conclusion
The method of software testing has moved on and we all live in an era of frequently changing technology. Rather than avoiding the process of testing, we should focus on the increasing complexity of the apps which can further generate errors within a software.

What is V-model and W-model in Software Testing

Posted on by tbsupadminnxtbackendacc

V model and W model are two of the most important models that are followed in the process of software testing. V Model, also known as Verification and Validation Model, is similar to waterfall model that follows a sequential path of execution of processes. Waterfall model is a linear sequential design approach in which the progress flows in one direction.
On the other hand, W model is a sequential approach to test a product and can be done only once the development of the product is complete with no modifications required to be done in between.
This type of testing is most suitable for short-term projects as medical applications.

There are a number of other ways in which the two models are different from each other. Read on to know and understand the difference between the two models in detail.

V-Model

Devised by the late Paul Rook in 1980s, V-model was developed with an aim to improve the efficiency and effectiveness of software development. The model was accepted both in Europe and Asia as an alternative to waterfall model.
v model and w model
V-model is a step-by-step process in which the next phase begins only after the completion of the present phase. The steps in this process do not move in a linear way. Instead, the steps in this process are bent upwards. When this model is compared with the waterfall model, there are larger chances of emphasizing on products testing.
If this model is used to test a product, there is an assurance that the final product developed will be of high quality.

Phases of V-Model

The phases of V-model includes verification, coding, and validation that are further divided into different stages.

1) Verification phase:

The verification phase of V-model includes business requirement analysis, system design, architectural design, and module design.

  1. Business requirement analysis is the stage of having a detailed communication with the customer so that it gets easier to understand and comprehend his/her exact requirements. It is beneficial to complete acceptance test design planning at this stage.
  2. System design stage involves understanding and detailing out the entire hardware and communication setup for the product being developed. System test design can also be planned at this stage.
  3. Architectural design stage involves understanding the technical and financial feasibility of the product before it is actually developed. The focus is to understand the data transfer that will take place between internal and external modules.
  4. Module design stage focuses on designing a detailed plan for the internal modules of the system. Also known as low-level design (LLD), it is important to ensure that the design is compatible with other modules in system architecture and other external systems.
2) Coding Phase:

During this phase, the actual coding of the system modules is taken up. On the basis of system and architectural requirements of the program, the best suitable programming language is selected using which the coding is done at par with the coding guidelines and standards. The code is then reviewed and optimized to ensure the delivery of best performing product.

3) Validation phase:

 During this phase, the product undergoes various forms of testing.

  1. Unit testing is conducted at an early stage so that the bugs are eliminated at the starting stages of product development.
  2. Integration testing is done to check whether there is a valid and proper communication within the internal modules of the system.
  3. System testing enables the testing of the entire system and to ensure if the internal modules communicate effectively with the external systems.
  4. Acceptance testing is done to test a product in the user’s environment and to check if it’s compatible with the other systems available in the environment.

Advantages and Disadvantages of V model

Advantages of the V model
  • Simple and easy
  • Systematic
  • East to track
  • Testing starts from requirement phase itself
  • All the Functional Areas can be covered
  • Instructions and recommendations included
  • Detailed explanations of problems
  • Defects can be found at an early stage
  • Works well for small projects
Disadvantages of the V model
  • Not flexible
  • Regular updates required if changes in the project are required
  • Can’t be used in complex projects
  • No scope for risk management and mitigation
  • One the project is over its end

When to use the V model?

  • Mostly used in the smaller level project with budget constraints
  • Can be used when the testing time is less
  • When you have enough senior and experienced testers
  • Optimum for projects which will not have any changes in between the project

W-Model

Introduced by Paul Herzlich, W-model signifies the one-to-one relationship that exists between the documents and test activities.
v model and w model
Using this model helps in ensuring that the testing of the product begins from the very first day of the product’s development.
This model is known to deal with the problems that could not be resolved using V-model.

Phases of W-Model

Using W-model helps in ensuring that each phase of the product development is verified and validated. W-model can be divided into a number of stages that includes:

  • Building test plan and test strategy to ensure that the product delivered is tested rigorously before delivery.
  • Identifying the scenario for the product.
  • Preparing the test cases using specification and design documents.
  • Reviewing the test cases and sharing an update on the basis of review comments.
  • The product is then sent for testing using various testing methodologies such as unit testing, integration testing and specification-based testing, etc.
  • Once the product is tested rigorously, it, then, undergoes regression test cycles and user acceptance testing.

Know More: 11 Differences between verification and validation in Software Testing

Advantages and Disadvantages of V model

Advantages of the W model
  • Testing can run in parallel with development process
  • No division between constructive and destructive tasks
  • Often Developer is responsible for removing defects
Disadvantages of the W model
  • Complex to implement
  • Resource allocation might not be sufficient in most of the cases
  • Testing have equal weightage as many activities in the development process

When to use the W model?

  • When there are much more activities to do
  • Performed when the V model is not enough
  • Can be implemented Technical design, architecture and functionality comes to the picture

Conclusion

While it is true that the V model is an effective way to test and reveal results for dynamic test cycles, W models are more effective and help one get a broader view of testing.

The connection that exists between various stages of testing is much clear with W Model.
One must choose wisely as the game is not about choosing a v model and w model but delivering an optimum quality product.

Explain the Heuristic Test Strategy Model

Posted on by tbsupadminnxtbackendacc

Heuristic test strategy model is the set of patterns that are used to design a test strategy for a particular product. To be used predominantly by professional testers with an aim of self learning, a heuristic model particularly includes a project environment with numerous testing techniques that help in identifying the product’s quality criteria and product elements.

Some of the key areas of heuristic model are as mentioned below:

  1. Project environment is a set of resources and limitations related to the project that may impact the entire process of testing.
  2. Product elements are the elements or specific areas of a product that the testers intend to test. The aim behind this is to include all relevant and important areas that require attention.
  3. Quality criteria are the specific rules, ethics and sources that assists testers in identifying if a product has some issues or not.
  4. Test techniques are the methods used to create tests for a product. These involve analysis and study of project’s environment, product elements and quality criteria.
  5. Perceived quality is the result attained after conducting tests on a product. This involves applying of various testing methods, which enables one to reach a conclusion about the product’s quality.

Common Testing Techniques
Since heuristic is an observation-based model that evolves over time, there are a few other techniques that can be applied universally in every sphere. These include the following:

  1. Function testing

This type of testing is used to identify the functions performed by a particular product. It involves testing each component of the program to validate its functions and sub functions.

  1. Domain testing

To conduct this type of testing, the user decides on the type of data to be tested for different functions along with several other aspects such as typical values, invalid values, convenient values, etc.

  1. Stress testing

 This type of testing aims at testing the product’s functionality under different stress situations. The conditions selected can be varied such as complex data structure, high load, long test runs and low memory conditions.

  1. Flow testing

Conducted to check the entire flow of the program, flow testing is based on establishing connection between activities.

  1. Scenario testing

This type of testing is done to check the product on the basis of all the possible situations and circumstances. Conducting this helps in identifying the way in which a product would respond in different situations.

  1. Claims testing

 This testing is done to verify the various claims made about the product in magazines, advertisements or any other place.

  1. User testing

Conducting this type of testing helps in determining the ways in which a user interacts with the system. The aim behind this type of testing is to be at the users place and test the product from his/her perspective.

  1. Risk testing

This type of testing is used to check the way in which a product responds in a particular circumstance or situation. Designing of appropriates test cases based on the issues identified is an important part of this type of testing. The best test cases can be prepared after seeking help from past test reports, design documentation, etc.
automation testing

  1. Automatic Checking

This type of testing enables one to conduct automated testing of a product. It is important to ensure that the tool selected for automated testing enables one to partially automate test coverage, use automatic test data generators, etc.
Things to consider before conduction heuristic testing
It is important to keep certain key factors in mind before conduction this form of testing. Some of these include:

  • The purpose of the project as interpreted by the user as well as the tester
  • Information needed to conduct the test should be precise and concise
  • Relationship between tester and developer
  • The team members who will be conducting or supporting the test
  • The sequence and duration of product events

Selecting product elements
While performing a test, it is important to ensure that all the unique and important aspects of the product are taken in focus so that there is no bug that is missed. Some of the product elements that are important while conducting a test are:

  • Structure of the final product
  • Functionality delivered by the product
  • The data used by the product and to be used while testing the product
  • Interfaces that are used to access the product/system
  • Identifying the ways in which product will be used
  • Defining quality criteria such as reliability, usability and scalability

Conclusion
Testing a product involves a lot of challenges. Therefore, it is important to have well-defined strategies that can enable one to deal with such challenges and situations. Since heuristic model is one such strategy, implementing some new rules and focusing on developing some better products can enable one to deliver much-better products.