Testing-Circus-Vol5-Edition09-September-2014
Testing-Circus-Vol5-Edition09-September-2014
Testing-Circus-Vol5-Edition09-September-2014
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Volume 5 - Edition 9 - <strong>September</strong> <strong>2014</strong><br />
<strong>Testing</strong> <strong>Circus</strong><br />
4th<br />
Anniversary<br />
Edition<br />
Monthly Magazine<br />
on<br />
Software <strong>Testing</strong><br />
Interview with<br />
Paul Holland<br />
www.<strong>Testing</strong><strong>Circus</strong>.com
<strong>Testing</strong> <strong>Circus</strong><br />
<strong>September</strong> 2010 - <strong>September</strong> <strong>2014</strong><br />
4 Years X 12 Editions = 48 th Edition
4 th Anniversary<br />
Special Edition<br />
Volume 5 - Edition 9 - <strong>September</strong> <strong>2014</strong><br />
<strong>Testing</strong> <strong>Circus</strong><br />
Topic Author Page #<br />
Interview with Paul Holland Jay Philips 7<br />
The Power of Ignorance Patrick Prill 12<br />
How Skilled are You in Menial Jobs Anuj Magazine 15<br />
Reification Error in Software <strong>Testing</strong> Jari Laakso 18<br />
I am a Mobile Software Tester Jean Ann Harrison 20<br />
<strong>Testing</strong> The Test Reports Parimala Hariprasad 23<br />
Modularizing the Test Case Design Llyr Wyn Jones 26<br />
From A Tester to A Development Team Mate Nimesh Patel 29<br />
Story of Security <strong>Testing</strong>, Myth Busters and More Santhosh Tuppad 34<br />
CAST <strong>2014</strong> - The Best <strong>Testing</strong> Conference Simon ‘Peter’ Schrijver 36<br />
CAST <strong>2014</strong> - Conference Just Took Place and I Wasn’t There! Teri Charles 38<br />
Stop ISO 29119 - An Important Message to Testers ISST Board 40<br />
Test Events Around the World TestEvents.com 43<br />
Book Review - Book Worms Corner WoBo 44<br />
A Fake Tester’s Diary - Part 45 Fake Software Tester 46<br />
Testers to Follow in Twitter <strong>Testing</strong> <strong>Circus</strong> Team 48<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 04 -
Topic Author Page #<br />
Security <strong>Testing</strong> Tips - Part 21 Santhosh Tuppad 50<br />
Tool To Detect And Remove Security Vulnerabilities Tools Journal 52<br />
Managing Change in a Test Cycle Tools Journal 53<br />
Real Device Metrics Under Load Now Available Tools Journal 54<br />
<strong>Testing</strong> <strong>Circus</strong> is Four Years Old Mike Talks 57<br />
*On the Cover Page - Paul Holland<br />
<strong>Testing</strong> <strong>Circus</strong> Team<br />
Founder & Editor – Ajoy Kumar Singha<br />
Team -<br />
• Srinivas Kadiyala<br />
• Dwarika Dhish Mishra<br />
• Pankaj Sharma<br />
• Bharati Singha<br />
• Chanderkant Saini<br />
• Jaijeet Pandey<br />
Editorial Enquiries: editor@testingcircus.com<br />
Ads and Promotions: ads@testingcircus.com<br />
Article Submision: article@testingcircus.com<br />
<strong>Testing</strong> <strong>Circus</strong> India<br />
Chaturbhuj Niwas, 1 st Floor,<br />
Sector 17C, Shukrali,<br />
Gurgaon - 122001<br />
India.<br />
© Copyright 2010-<strong>2014</strong>. ALL RIGHTS RESERVED. Any<br />
unauthorized reprint or use of articles from this magazine<br />
is prohibited. No part of this magazine may be reproduced<br />
or transmitted in any form or by any means, electronic or<br />
mechanical, including photocopying, recording, or by any<br />
information storage and retrieval system without express<br />
written permission from the author / publisher.<br />
Edition Number : 48 (since <strong>September</strong> 2010)<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 05 -
From the Keyboard of Editor<br />
ISO 29119. Testers, this is something you should be aware of. A standard for<br />
software testing will definitely change the way you test. The so called<br />
‘internationally agreed’ standard is far from being agreed with people having a<br />
difference of opinion. I urge you to read a piece on this proposed standard by ISST<br />
published in this edition. There is a petition on ISO 29119. If you care for your<br />
profession, educate yourself and sign the petition. I already signed the petition.<br />
Don’t suffer from ‘Not my job’ syndrome.<br />
This is our 48th edition and this marks the completion of 4 years of this tiny<br />
magazine. It is a happy moment for all of us who volunteer for <strong>Testing</strong> <strong>Circus</strong>.<br />
Someone asked me if we were going to celebrate it in a big way on our 4th<br />
anniversary. For us, every edition is a celebration because there are lots of effort that<br />
go behind every edition and without our volunteers, no edition would be published.<br />
This month we have included articles on a variety of topics. There are two special<br />
experience notes from CAST <strong>2014</strong>. You will also enjoy Paul Holland’s interview in<br />
this edition. Do read Fake Tester’s Diary entry on ‘Not my job’ syndrome. Thanks<br />
to Mike Talks who shared his experience with <strong>Testing</strong> <strong>Circus</strong> to mark our 4th<br />
anniversary.<br />
More in the next edition. Stay tuned.<br />
Happy testing!<br />
- Ajoy Kumar Singha<br />
@<strong>Testing</strong><strong>Circus</strong> // @AjoySingha<br />
Feedback please! editor@testingcircus.com<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 06 -
PAUL HOLLAND<br />
Organization: Doran Jones<br />
Current Role/Designation: Managing Director, Head of the <strong>Testing</strong> Practice<br />
Location: New York, NY<br />
Interview with Testers<br />
Paul is Managing Director of the Doran Jones <strong>Testing</strong> Practice and is a<br />
principal trainer for the Per Scholas STEP classes. Paul had previously<br />
been working at Alcatel-Lucent (formerly Newbridge) from 1995<br />
through 2012. During that time he worked primarily as a test manager<br />
in the DSL group, and on test automation of ATM switches - focusing<br />
on Switched Services, Cell Relay line cards, and Frame Relay line<br />
cards. Paul is one of just three instructors worldwide of the Rapid<br />
Software <strong>Testing</strong> course and he specializes in adapting testing<br />
methodologies to be more effective and efficient.<br />
* Interviewed by Jay Philips<br />
1. Tell us about your journey to becoming a software<br />
tester. How did it start and how this has been so far?<br />
Was it planned or by accident?<br />
I was in the third year of four years working on my<br />
Computer Science degree at Carleton University<br />
when I realized that I did not want to write code for<br />
a living. The thrill of creating a piece of software was<br />
not surpassed by the repetitive nature of the coding.<br />
When I graduated I looked for a job in IT but not one<br />
that required coding. I worked for 3.5 years as an<br />
Application Engineer at Xerox. This was not a testing<br />
role but I had to perform a lot of troubleshooting of<br />
customer issues and I found that I was really good at<br />
that. After a brief five year diversion where I joined<br />
the Canadian Military as a pilot and flew Sea King<br />
helicopters, I returned to Ottawa and got a job as a<br />
tester at Newbridge Networks. I didn’t really seek<br />
out a software testing job – it was really what was<br />
available that I thought I could do well. That was in<br />
1995. So, I guess, it was a little by accident or perhaps<br />
a better description is I started in software testing by<br />
taking the opportunity as it was presented to me.<br />
2. When did you realize your passion was software<br />
testing?<br />
The first five years I was a test automation designer.<br />
I enjoyed the combination of some coding with a big<br />
emphasis on finding bugs. In 2000 I realized that I<br />
had not ever received any formal training on being a<br />
software tester and I received permission to find<br />
some training. I found Ross Collard who ended up<br />
being an extreme influence in my testing career. He<br />
introduced me to the Context Driven <strong>Testing</strong><br />
community and invited me to attend the first<br />
Workshop on Performance and Reliability (WOPR)<br />
in New York in 2003. It was probably during WOPR<br />
that I realized that I had a passion for software testing<br />
– after I was exposed to other people who are very<br />
passionate (James Bach, Rob Sabourin, Scott Barber).<br />
3. Do you regret being associated with software<br />
testing today? Given a chance would you move from<br />
testing to any other field in IT?<br />
Not at all. I love what I do and I currently have no<br />
interest in moving away from testing.<br />
4. You are a member of the context-driven school of<br />
software testing. How does that school differ from<br />
others?<br />
The CDT community self identifies itself as a school<br />
while most other testers are unaware of testing<br />
schools let alone being able to identify themselves<br />
with a particular school. The Context Driven School<br />
approaches each testing problem by analyzing the<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 07 -
PAUL HOLLAND<br />
specific details (product/feature, people involved,<br />
complexity, time, business needs, plus a lot of other<br />
variables) and then adopt their testing strategy to fit<br />
the situation. There is the factory school which reads<br />
specifications, writes scripts and then executes those<br />
scripts over and over again. The Agile school thinks<br />
that dedicated testers are not required and that<br />
testing can be done by designers – and primarily with<br />
automation. There are other schools but I’m not sure<br />
if it’s worth listing them here.<br />
5. You teach the course Rapid Software <strong>Testing</strong><br />
(RST). What are some key items that people would<br />
learn from taking the course?<br />
RST is a methodology. An approach to testing that<br />
can be applied in any testing context. We cover the<br />
Heuristic Test Strategy Model (HTSM) – an approach<br />
to testing that is far more diverse than reading<br />
requirements and thinking of scripts that will show<br />
the requirements are working. We also cover testing<br />
vs. checking, modeling, oracles (how you know there<br />
is a problem/issue), critical thinking, exploratory<br />
testing, telling your testing story, plus other topics<br />
which depend on the class and the instructor. James<br />
Bach, Michael Bolton and I all teach the same course<br />
but the course experience is very different from each<br />
of us. We incorporate our own stories, our own<br />
approach to the exercises and the material. I know of<br />
one person who took the course three times – once<br />
from each of us – and he said it was like taking three<br />
different courses despite the underlying material<br />
being the same.<br />
6. According to you, what is lacking in today’s<br />
commercialized training industry, especially in<br />
software training?<br />
The commoditization of the craft of software testing<br />
is my main concern. Organizations like the ISTQB<br />
and the ISO 29119 standards are marketing that all<br />
you need is a procedure to follow to be able to be an<br />
expert software tester. There is a real threat to the<br />
profession of software testing coming from the ISO<br />
29119 “standard”. It emphasizes documentation and<br />
planning over actual testing. We have seen massive<br />
failures caused by companies that follow this<br />
approach (e.g.: healthcare.gov). If companies adopt<br />
ISO 29119 then the creative and effective testing<br />
required to find good bugs will be eliminated and<br />
replaced with a well-documented series of scripts<br />
that will leave huge holes in the coverage. There is a<br />
petition started by the International Society for<br />
Software <strong>Testing</strong> (ISST) to stop the ISO standard by<br />
showing that there is no “standard” at all as there is<br />
significant and sustained opposition to it. Please, I<br />
encourage everyone interested in the software testing<br />
profession to sign the petition located here:<br />
http://www.ipetitions.com/petition/stop29119<br />
7. What is your next big idea?<br />
Right now I am working at Doran Jones in New York<br />
City as Managing Director, Head of <strong>Testing</strong> Practice.<br />
With our partner, Per Scholas, we are training long<br />
term unemployed and under privileged people to<br />
become software testers (using a program that<br />
includes 8 days of training on the RST material and<br />
its implementation) plus 6 weeks of other technology<br />
training. We will be opening our office in the south<br />
Bronx this fall and be employing over 100 of those<br />
students. One of our goals is to bring testing jobs<br />
back the USA that have been outsourced to offshore<br />
companies. We will be providing a higher quality of<br />
testing and also helping employ wonderful people<br />
who want a career in software testing. All the testers<br />
will be under the supervision of experienced team<br />
leads and managers who are familiar with Context<br />
Driven <strong>Testing</strong>. We have a few clients already and<br />
the feedback has been excellent.<br />
8. What qualities will you look for in a candidate<br />
when you want to recruit someone for software<br />
testing job?<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 08 -
PAUL HOLLAND<br />
I look for someone who can think critically, selfeducate,<br />
solve problems and communicate well.<br />
Their domain expertise is also important but<br />
definitely less important than the other skills I just<br />
listed. I am far more inclined to hire someone new to<br />
software testing than someone who has been doing<br />
bad testing for years. I find it much harder to un-train<br />
bad habits than start with someone fresh and instil<br />
good testing practices from scratch. I am very<br />
pleased when I have true CDT testers apply to work<br />
for me - people who are students of software testing<br />
and have found CDT on their own. They tend to have<br />
the skills I’m looking for in a tester.<br />
9. Do you have any advice for our readers on what to<br />
look for/out when applying for a software testing<br />
job?<br />
If you are a passionate test professional and you want<br />
to feel valued and enjoy your job then you want to<br />
look for a job that allows you to think while you are<br />
testing. If the job involves the creation and execution<br />
of test scripts then I would recommend looking<br />
elsewhere. If you will have no time to actually test the<br />
product (instead of “checking” the product with<br />
scripts) then you will likely become bored with your<br />
job fairly quickly.<br />
When applying for a testing job, you should<br />
emphasize your diverse testing approach, how you<br />
have improved your skills (reading blogs, attending<br />
conferences, following thought leaders on Twitter,<br />
reading books, etc.), show some examples of your<br />
work (bug reports, test reports, etc.), and show your<br />
critical thinking/problem solving abilities (using<br />
examples from your previous experiences). If I<br />
interviewed someone who showed me those<br />
qualities then I would be far more likely to consider<br />
them for the job.<br />
10. You talk about harmful metrics. What are some<br />
of the harmful metrics and why do you think they are<br />
harmful?<br />
Most software testing metrics are “bad”. I have my<br />
favorites which are typically the ones that are very<br />
commonly used without much thought. Metrics like<br />
“% pass rate” and even the “number of bugs” are<br />
frequently used to make decisions about the state of<br />
the software but are, at best, the start of discussion<br />
points. The primary reason that I started talking<br />
about bad metrics at conferences was that important<br />
ship/no-ship decisions were being made based on<br />
metrics when the metrics themselves can be VERY<br />
misleading. For example, I have two very similar<br />
projects that are a week away from a major release.<br />
Project ONE has a 99% pass rate (and we won’t talk<br />
about the ambiguity of what it means to “pass” a test)<br />
and only one known issue which is a critical bug.<br />
Meanwhile, Project TWO has an 80% pass rate and 10<br />
critical bugs and about 20 minor bugs. So my<br />
question is: “Which project is in better shape?”<br />
The obvious answer is Project ONE but that is why<br />
metrics are dangerous and misleading. Here is the<br />
testing story: Project ONE has only one critical bug<br />
but that bug is one that corrupts user data and it<br />
happens fairly regularly. The design team has been<br />
working on this bug for weeks and has absolutely no<br />
idea about the root cause of the issue nor any idea on<br />
how long it will take to fix it. They are not even sure<br />
if they can fix it without a complete rewrite of the<br />
system. Project TWO has 10 critical issues but the<br />
design team is very close to fixing all of them (it turns<br />
out that they all had the same root cause which has<br />
been shown by preliminary testing of the fix) and<br />
their low pass rate is caused by minor issues which<br />
likely won’t impact the customers’ experience too<br />
much. Well, now it is clear that Project TWO is<br />
MUCH better off. So, the metrics in this example<br />
aren’t just meaningless but they are potentially<br />
harmful because they may cause the management to<br />
make poor decisions. If the metrics may be lying to us<br />
then why use them at all? Let’s drop the metrics and<br />
start telling stories.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 09 -
PAUL HOLLAND<br />
11. What will you suggest to people who want to join<br />
IT industry as software testers?<br />
Show your passion. Join the CDT community. We are<br />
a very inclusive group and we welcome new comers<br />
with open arms. Follow CDT testers on Twitter and<br />
read their blogs and articles. Don’t just accept that<br />
testing by looking at requirements and writing<br />
scripts is what testing is all about. Read books, attend<br />
conferences (especially CAST and Let’s Test), find<br />
and attend local tester meet-ups and never stop<br />
learning.<br />
12. Name few people you would like to thank, people<br />
who helped you directly or indirectly in your career<br />
as a software testing professional.<br />
Wow, it would be very hard to only name a few. My<br />
biggest thanks has to go to Ross Collard. He is the<br />
one who first showed me that software testing is far<br />
more than scripting. James Bach and Michael Bolton<br />
have mentored me over the past 10 years and have<br />
welcomed me as an instructor of RST which has<br />
definitely been a wonderful boost to my career. Keith<br />
Klain, my current boss, is helping change the<br />
software testing industry. It was his ideas, drive and<br />
leadership that made the Doran Jones/Per Scholas<br />
partnership possible and I thank him for allowing me<br />
to join him on this journey. There are many other<br />
wonderful people who have helped and inspired me<br />
throughout my career: Rob Sabourin, Scott Barber,<br />
Eric Proegler, Cem Kaner, John Hazel, Martin Hynie,<br />
Gerry Weinberg, Fiona Charles, and Dan Downing to<br />
name just a few.<br />
________<br />
Blog - http://testingthoughts.com/<br />
Twitter ID - @PaulHolland_TWN<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 10 -
http://www.testmile.com
Ignorance is the driving force for a Curious Tester<br />
The Power<br />
Of<br />
Ignorance<br />
- Patrick Prill<br />
I was thinking a lot lately and also writing about the<br />
benefit of model thinking in testing, when I recently<br />
zapped across several science documentaries on TV.<br />
And maybe it’s exactly those things that revolve around<br />
my head, they showed me clearly some important parallels<br />
between the world of science and testing. Together<br />
with the combination of my first experience of a Weekend<br />
<strong>Testing</strong> America session a couple of weeks ago<br />
about “Deep <strong>Testing</strong>” and a TED talk from Stuart Firestein<br />
about the pursuit of ignorance combined a lot of<br />
loose ends in my thinking and created a new dimension<br />
of ignorance for me.<br />
Ignorance in this article means the positive definition,<br />
the conscious lack of knowledge, the known and unknown<br />
unknown. Not the dismissive variant: wilful<br />
stupidity.<br />
Parallels between <strong>Testing</strong> and Science<br />
Professor Firestein brought in his TED talk an example<br />
from his course “cellular and molecular neuroscience”.<br />
There’s a big textbook (1.414 pages & 7.7 pounds) about<br />
the topic that he uses, and his students might get the<br />
impression that everything about the topic is already<br />
known and is in this book. But Firestein says, that when<br />
he is talking with his colleagues about the same matter,<br />
they don’t talk about what they already know, they talk<br />
about the things they don’t know.<br />
When you now draw the parallel to testing, this might<br />
also be true for a test or project manager or even a rookie<br />
tester looking at a long list of test cases. They might get<br />
the idea, that everything in the software is known and<br />
covered with the existing test cases. When you report<br />
metrics on test cases and test coverage the “customer”<br />
even might believe that he is safe with that, because all<br />
is known. In the meanwhile you and your colleagues<br />
still discuss with developers about scenarios “what happens<br />
when”.<br />
<strong>Testing</strong> is also using the scientific method to define and<br />
execute experiments (tests), to create and prove models<br />
about software and conduct further experiments to verify<br />
and refine those models. <strong>Testing</strong> is all about collecting<br />
more and more information about the software<br />
under test.<br />
One part of your job is to describe that the software<br />
works as intended. So show and tell what you have<br />
done to check and verify that the software is doing what<br />
the architects and the customers want. Show what you<br />
have done to proof the opposite. The other part, the big<br />
one, is to tell what you have not done. What questions<br />
do you still want to find answers for? Tell, why you<br />
have not done it. Inform the stakeholders of the remaining<br />
risks. Let them decide what to do about it.<br />
Don’t waste your time. If you “check” around the<br />
known areas, executing the same test cases over and<br />
over again, you don’t learn many new things and don’t<br />
get new insights. If you really have to do those tasks<br />
often, try to automate them, and get them out of your<br />
way. Already during automation you will learn more<br />
things about the software you are testing than you knew<br />
before and sometimes than you ever wanted to know.<br />
Good testers seek for more information than only conformance<br />
with specifications. <strong>Testing</strong> begins where the<br />
facts run out.<br />
Measuring ignorance<br />
Don’t get me wrong, it’s not possible to measure ignorance,<br />
because it’s infinite.<br />
Michael Bolton gave me the basic idea behind this in the<br />
weekend testing session about “Deep testing”. “How<br />
can you show/measure how deep you are?” was my<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 12 -
question. He said, that the length of your mind map nodes is an indicator of how deep you came compared to other<br />
areas of your model. There won’t be an absolute measurement to it.<br />
The depth of testing is also about the pursuit of ignorance. You answer more and more questions, and gain new<br />
facts and information. On the other hand, not a topic in the weekend testing discussion though, you gain awareness<br />
of your ignorance and add new questions about the known unknown to your model. Depending on your experience<br />
and your skills, you might run out of test ideas in your deep testing sooner or later. But do you also run out of<br />
questions? If you realize that this shows you the border between knowledge and ignorance, you can start asking<br />
questions on each end of your information, what is beyond there. And you can start learning, what you need to<br />
answer those questions.<br />
I like the idea behind Firestein’s model that knowledge and ignorance are like the ripples on a pond. Between the<br />
center and the outmost ripple lies your knowledge, and beyond that wave lies your ignorance. The perimeter of the<br />
wave describes your known ignorance. So the more knowledge you gain, the bigger the circle gets, the more your<br />
known ignorance grows.<br />
Image: The growth of your ignorance<br />
Models in <strong>Testing</strong> – Puzzle or Iceberg?<br />
Mathematician George E. P. Box wrote “Essentially, all models are wrong, but some are useful.”<br />
Scientists create models to explain a certain topic and to support their theories. As a tester you should do the same.<br />
Unconsciously you definitely do that in your head. To benefit from that already existing model, you should be<br />
conscious about that fact and write it down. If you want to know a bit more about that, read my blog.<br />
Your model won’t be all-embracing, but if you can’t tell the manager which information are missing, yours and his<br />
picture of the state of the testing are not complete. Firestein brings some examples in his talk that we tend to<br />
describe those situations as tip of the iceberg, or the missing piece to the puzzle. The problem is, that those examples<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 13 -
describe things that are manageable (from the tip you<br />
see, you can estimate the size of the iceberg) or there is<br />
a definite solution coming with the puzzle. But for science<br />
and also for complex software that is not true. You<br />
don’t know how big it really is, or what the picture will<br />
look like once the puzzle is getting bigger.<br />
In a project resources are limited (time, people, money,<br />
etc.). So you have per definition not the slightest chance<br />
to complete the picture. But with the knowledge about<br />
your ignorance you can ask the right questions. You<br />
should come to an agreement in the project what levels<br />
of knowledge and ignorance are enough, to see as much<br />
of the picture as you need to know, to enable some well<br />
informed decisions and keep the remaining risk as low<br />
as possible under the given circumstances.<br />
IDT – Ignorance Driven <strong>Testing</strong><br />
Scientists and good testers share a common thought, “I<br />
am wondering what happens if…” That is one example<br />
that describes your curiosity to reveal more of your<br />
ignorance. See all of your testing, the use of new techniques<br />
and tools, discussions, and approaches as new<br />
experiments to find out new things about the software<br />
you are testing, to get more answers and information to<br />
enrich your model and uncover new questions and<br />
areas of ignorance.<br />
When you put your knowledge in a model it helps you<br />
explain what you know and it can help to show you,<br />
what you don’t know. And this is exactly what you<br />
should also tell to your stakeholders. An important part<br />
in a test report is, what are the unknowns? So that the<br />
stakeholders can decide if it’s worth the extra time to<br />
discover those areas or if the picture is complete enough<br />
to take the risk.<br />
Ignorance and Precision<br />
With the knowledge you gain, you are also able to ask<br />
more and better questions about what you don’t know.<br />
You gain precision in your knowledge about the known<br />
unknown. This will help you to plan your next steps, the<br />
next experiments and tests. This will also help you, to<br />
find areas you might want to improve and new things<br />
to learn, like techniques and tools.<br />
Conclusion – You can only win!<br />
The idea behind the power of ignorance is hard to describe<br />
in short words. With the knowledge you gain<br />
about a subject, you also get unanswered questions of<br />
the beyond, the beneath or above. The more knowledge<br />
you gain, the more precise you can ask your questions.<br />
On your journey to get answers you will gain knowledge<br />
and you will gain ignorance. Philosopher Immanuel<br />
Kant said in his “Principle of Question<br />
Propagation” “New knowledge brings new questions.”<br />
Learn to see what you don’t know. Testers use ignorance<br />
to plan their testing, to identify what should be<br />
done, what the next steps are, where to concentrate your<br />
energy, and to improve themselves.<br />
Please allow me to adapt a quote by one word from<br />
Stuart Firestein at the end that can be found on his<br />
website.<br />
Ignorance, all of what we don’t know, and even what<br />
we don’t know we don’t know, is the driving force of<br />
testing.<br />
Patrick Prill has over 10 years of experience in software testing. After four and half years as a tester he<br />
became test manager, coordinating the work of ~50 people for another 5 years in a big test project.<br />
His new job as test lead for a software and consulting company for the automotive industry brought him<br />
back to a smaller test team and the hands-on experience of testing software again. This experience and<br />
following the discussions and articles of the context-driven testing community relighted his fire for<br />
testing and bug hunting.<br />
Patrick is living outside of Munich, Germany and is a proud husband and father of a wonderful<br />
daughter. In the little spare time he is a wood turner. Partrick tweets at @testpappy.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 14 -
Your effectiveness often depends upon your skill in performing seemingly menial jobs.<br />
How Skilled Are<br />
You in Performing<br />
Seemingly Menial<br />
Jobs?<br />
- Anuj Magazine<br />
skills around ensuring successful execution of the<br />
projects.<br />
There is a certain fanciness about mentioning<br />
Innovation as one of the competencies that would take<br />
your organization to glorious heights in future. These<br />
days it has become almost fashionable to talk about<br />
Innovation as only saving grace for the organizations.<br />
Innovation will almost ways list as areas of<br />
improvement in most of the performance appraisal and<br />
career planning forms.<br />
I think all this buzz around Innovation is largely<br />
justified given what the companies like Apple, Google<br />
and many others has done in the past. As much as the<br />
focus on Innovation is important, the hype often comes<br />
at the expense of demeaning the importance of precise<br />
I talked about visionary organizations like Apple and<br />
Google but while these organizations were breaking<br />
paths with products highlighting discontinuous<br />
innovation, emerging economies like China and India<br />
are silently gaining the mind share of the people all<br />
around the world with its work primarily around<br />
focused on supremely delivering on items. Did these<br />
countries innovate as well as their western<br />
counterparts? Certainly not but what they mastered was<br />
the art of executing well even if they were working on a<br />
product as general as a table cloth or a general<br />
decoration item or anything else (after all, everything<br />
around looks to be "Made in China").<br />
This example kind of gives us an idea that great careers<br />
could be built on the premise of Execution excellence<br />
even if the Innovation quotient of a person is somewhat<br />
reasonable (not great!). After all, not everyone can be a<br />
Steve Jobs or a Bill Gates! If Innovation is a sought-after<br />
skill in today's world, Execution excellence is a<br />
mandatory one.<br />
Before I seem like making less sense, let me explain<br />
what I mean by Execution excellence.<br />
Simply put - organizations make big plans promising<br />
bigger, grand results. The results remain just a promise<br />
on paper till someone goes in the field, makes his or her<br />
hands dirty and executes on the plan. Excellence in<br />
execution takes us closer to realizing those lavish plans.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 15 -
This list can go on and on but the key questions are - do<br />
we really give adequate importance to seemingly petty<br />
jobs? Can we do these jobs/tasks better than they are<br />
being currently done?<br />
Further in this article, I am sharing some of the thoughts<br />
around handling such tasks that has helped me create<br />
the right frame of mind to handle such tasks<br />
Though execution of the projects is important, it<br />
increasingly amazes me to see that many people find the<br />
execution boring. Especially the part of execution where<br />
one has to go through those chores repeatedly, again<br />
and again in an almost monotonous manner. Let me<br />
give some examples here -<br />
1. One of the projects that I was involved in testing, at a<br />
crucial release stage, required a tester to do the<br />
installation of the product almost countless times (more<br />
than 100) in different platform to debug an issue. To put<br />
it in other words, a tester needing to setup OS (5-6<br />
supported), setup browser (again 5-6 versions), install<br />
the third party products, install the application under<br />
test and wait for the error. Though this was a routine job<br />
but was important to ensure a seamless customer<br />
experience.<br />
2. Another example, in an efficient functioning of any<br />
team, the regular housekeeping activities like managing<br />
of hardware, inventory, information etc. is important<br />
but at the same time routine and monotonous.<br />
3. Sending a weekly report when nothing significant has<br />
happened can be considered as boring and needless<br />
when it still serves important status needs of the<br />
recipients.<br />
4. For a manager, meeting his team regularly may be a<br />
routine affair and if not done may lead him to be quite<br />
out of sync.<br />
5. Again, a tester going about executing the tests that<br />
have passed in the past just to ensure that nothing has<br />
regressed in the product (after all, not all testing can<br />
lead to bugs!).<br />
Understanding the role, bigger picture:<br />
Harsha Bhogle in his<br />
book- "The Winning<br />
Way" talks about an<br />
interesting instance<br />
related to the game of<br />
Cricket -<br />
Unable to work out a way<br />
to get Tendulkar out,<br />
Naseer Hussain (in 2002<br />
series), decided to<br />
frustrate him by bowling<br />
a largely negative outside<br />
the leg stump line. The man assigned to do the job was Ashley<br />
Giles, a workman like spinner who kept things tight. For the<br />
next 11 overs, he bowled the outside of leg stump to<br />
Tendulkar, a tactic that drew much criticism. But it did keep<br />
Tendulkar quiet and ended up frustrating him. "If you cant<br />
bowl him out, bore him out.", the critics said, but as Hussain<br />
suggested afterwards, it was a better option than Tendulkar<br />
getting a century! It was a boring job for Giles to do and the<br />
key lay in the Captain's communication of its importance. If<br />
a player knows his role and implements it well, a seemingly<br />
small role can become important.<br />
It is thus important to understand the bigger picture the<br />
task is helping achieve. Every job on the earth has its<br />
own dull moments and more often the difference<br />
between "just" successful and "greatly" successful lies in<br />
how one handles those dull moments. It is also critical<br />
to understand one's role in handling petty tasks. As in<br />
this example, Giles knew the line he had to bowl and not<br />
try anything else. Role clarity comes with effective<br />
communication not only on Leader's part but also the<br />
follower's part. A follower can always ask right<br />
questions to understand/clarify what is expected of him.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 16 -
Being a true team player:<br />
Rahul Dravid in Harsha Bhogle's book- "The Winning<br />
Way" talks about his view -<br />
I have noticed that good team players view success very<br />
differently from the rest. They are motivated without really<br />
worrying about the credit. That’s not always easy. Anyone<br />
who has fielded at Short leg, knows what a Thankless job it is,<br />
besides being risky. You put your body on the line, have to<br />
work damn hard and may have nothing to show for it. When<br />
given that position, there are those who are reluctant to put in<br />
the hard work, hoping that will be made to field in another<br />
position the next time around, and there are others who give<br />
it their best and actually become specialists.<br />
Situations like diving or fielding, in which you put your body<br />
at risk, or where you are required to play a role outside your<br />
core-competence areas demand more work from a player and<br />
therefore require you to put the team before self. The funny<br />
thing is that you cannot hide your attitude from the team<br />
mates. If you're selfish, you will be found out in no time at all.<br />
But if you are a Team-player, the team will know and<br />
appreciate that as well.<br />
True team player attitude calls for helping team deal<br />
with difficult (and also monotonous) tasks by setting an<br />
example. Handling petty tasks often require more<br />
patience and situational awareness than many of the<br />
other tasks. The way these tasks are handled often<br />
brings about the Leaders in people.<br />
Having a Strong Professional value system:<br />
Subroto Bagchi in his<br />
book - "The<br />
Professional" in one of<br />
the chapters makes a<br />
mention on how he<br />
had been able to do<br />
justice to his writing<br />
talents along with<br />
handling a high profile<br />
job. He has 3 books<br />
and multiple columns<br />
to his credit, he says -<br />
...One point I want to<br />
make is importance of<br />
taking every assignment<br />
seriously. Whether I<br />
wrote a column or an invited occasional newspaper piece or<br />
for that matter a book, I gave it all I had. To me, my writing<br />
commitments were no different from a purely professional<br />
commitment at work. This called for many personal sacrifices<br />
because it was always like having two jobs.<br />
Though his point is not exactly about handling<br />
monotonous task but many things that he talks about<br />
here are applicable to the context e.g. "Treating every<br />
assignment seriously", "I gave it all I had",<br />
"Professional commitment, these are all valid metaphors<br />
for handling the dull, monotonous work. And if these<br />
are kept in mind, I believe every task will get the<br />
importance it deserves. So, having a strong Professional<br />
value system helps deal with any challenging or dull<br />
professional situation.<br />
After all, no amount of Innovation can really help us<br />
completely get rid of seemingly boring jobs. So why not<br />
embrace it and give your best shot!<br />
Can you call yourself as an expert of handling menial<br />
jobs?<br />
Anuj Magazine is a software testing and general management professional at Citrix Inc. Anuj likes to<br />
explore new avenues/sciences and their intersections with software engineering and has contributed to<br />
a good deal of work in this area. He regularly share his knowledge and experiences as a conference<br />
speaker and writes frequently on diverse topics like software testing, management, sports, and handwriting<br />
analysis. Anuj tweets at @anujmagazine.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 17 -
Reification Error<br />
in Software<br />
<strong>Testing</strong><br />
“Reification generally refers to making something real,<br />
bringing something into being, or making something<br />
concrete.” (Wikipedia)<br />
“Reification (fallacy), the fallacy of treating an<br />
abstraction as if it were a real thing.” (Wikipedia)<br />
In software testing, abstractions are often believed to be<br />
concrete things. In this article, I present a few examples<br />
of typical reification errors and problems around them.<br />
Reification itself is not a bad thing, but due to reification<br />
fallacy, stakeholders and clients often believe software<br />
testing is about pressing buttons and clicking with the<br />
mouse, and that testers should produce tangible work<br />
products. In reality, essentially, the testing happens in<br />
our minds and the inputs we give to the system are a<br />
small part of the actual testing process.<br />
I find that reification fallacy is not often enough talked<br />
about. Sure, different kind of resistance to metrics exists,<br />
but reification doesn’t seem to be a topic many testers<br />
are talking about. I believe partial reason for this might<br />
be the lack of knowing the term, thus I decided to write<br />
a bit about it. I know many testers have troubles<br />
expressing their frustration with metrics, so I hope the<br />
writing will help also them.<br />
- Jari Mikael Laakso<br />
really want to know that they believe the number would<br />
describe.<br />
From my experience, a person who asks test case counts<br />
will most likely also say “we need at least one test case<br />
per requirement”. Just that test cases, requirements, and<br />
coverage are not concrete things. What if I write three<br />
test cases per each requirement (or desirement, like Scott<br />
Barber likes to say)? Will quality and coverage get three<br />
times higher? Well, are those test cases and<br />
requirements of identical value…?<br />
Having three test cases is not necessarily better than<br />
having one, or even none. It doesn’t mean we have<br />
improved coverage. It doesn’t mean quality of the<br />
testing is any higher; and definitely it doesn’t mean the<br />
quality of the product is directly related to these counts.<br />
A test case is someone’s idea about testing a product.<br />
How do you quantify an idea?<br />
Quality can’t be counted, just like Klout can’t measure<br />
my influence. Quality, Klout, and influence are not<br />
things. Quality is, in fact, a special case as many people<br />
seem to also claim one can build it in. James Bach wrote<br />
about this myth 5 years ago. I urge testers to read it and<br />
think about the nature of quality.<br />
When abstract ideas become, in our minds, concrete<br />
things, we might believe counting them makes sense.<br />
This leads to thinking that abstract concepts can be<br />
located and measured. For example, I was recently<br />
requested to count how many test cases a project has. I<br />
asked for a reason and received an answer along the<br />
lines of “we want to know the test coverage”. I didn’t<br />
reply with a number, but explained some of my<br />
concerns and continued by asking what is it that they<br />
I’ve often seen bugs counted for various reasons.<br />
Management might say one critical bug doesn’t stop a<br />
live release, but once they are informed the bug<br />
prevents users from logging in, they might reconsider<br />
their rule of thumb. And then again, there can be several<br />
reasons to deploy live something that has a dozen<br />
critical bugs. A bug is a relationship as is quality.<br />
Thing-ifying and counting bugs is a classic example of<br />
reification fallacy.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 18 -
Time and again I hear how a manager (or other client of<br />
testing) wants to see various kinds of metrics based on<br />
counting bugs or for instance test cases. Since these are<br />
ideas, instead of concrete things, counting them is a<br />
reification error. However, instead of only telling the<br />
stakeholder “you are making a reification error”, it’s<br />
good to learn to explain your testing. Engage people in<br />
discussions. Learn to ask questions to find out what you<br />
are needed for. Find ways to give them the information<br />
they want to know.<br />
Once you get your stakeholders out from thing-ifying<br />
testing and starting to see it as a performance of an<br />
intelligent human being, you will notice you have won<br />
a big battle and can focus on more meaningful things in<br />
your work. Instead of trying to meet foolish numeric<br />
goals, which are based on errors in thinking, you can<br />
focus more of your time to provide your stakeholders<br />
information about the perceived quality of the product.<br />
Because reification fallacy causes a lot of harm to our<br />
software testing industry, we should talk more about it.<br />
We should keep our colleagues informed of it. It’s a long<br />
time since I’ve seen “lines of code” metrics for<br />
programmers; which is very good. Programmers didn’t<br />
pull this off yet completely, nor has it been an easy fight,<br />
but from my viewpoint, they are taking the winning<br />
side.<br />
I like to be a winner and I like to help others become<br />
winners, too. This one we can win by spreading<br />
knowledge and challenging assumptions. Even if<br />
something is in your issue/task/bug tracker, it doesn’t<br />
make it a concrete thing. Keep reminding people of that<br />
and give them alternative options of discussion and<br />
decision making. When people fall to the reification<br />
fallacy, help them get out from it.<br />
Jari Laakso is a software testing professional who constantly strives to become better. He likes to talk and<br />
write about software testing, which has enabled him to connect with hundreds and hundreds of testers<br />
all around the world. His pursuit of deeper understanding of testing requires, in his opinion, studying<br />
various sciences, including linguistics and semantics. Jari has spent about a decade in testing, out of<br />
which most on software side. Since 2007, he has worked in different managerial positions, but always<br />
tried to keep up with his hands-on testing skills. In addition to this, he is a proud father of one.<br />
Jari tweets at @jarilaakso.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 19 -
Am I a Hardware<br />
Tester, a Software<br />
Tester? No I'm a<br />
Mobile Software<br />
Tester!<br />
- Jean Ann Harrison<br />
Anyone who has attended one of my presentations or<br />
heard one of my webinars knows how I stress the idea<br />
of incorporating various hardware and operating<br />
system conditions to see how the software is affected.<br />
Now there are exceptions where changing up these<br />
conditions will not have much of an effect or any at all<br />
with regards to mobile web application and mobile<br />
website testing projects. I often use the terminology of<br />
“<strong>Testing</strong> Beyond the GUI” and entitled one article with<br />
this title which contain some specific examples of such<br />
tests to consider. With that said, however, I thought this<br />
article would tackle some other examples of a mobile<br />
tester might want to consider to add as part of their<br />
regression suite.<br />
There are testers who absolutely do not consider testing<br />
hardware or OS conditions as a necessary part of a<br />
mobile tester’s repertoire. “You’re wasting your time”<br />
or “It’s not our job, we only test the software” and other<br />
such comments have been told to me. And yet, what<br />
many of these naysayers are responding to, is based on<br />
one type of mobile testing project. Usually it’s the<br />
mobile web application which doesn’t have such a<br />
strong dependency of the actual device like mobile<br />
hybrid and mobile native apps do. However, there is<br />
still some dependency on the device with mobile web<br />
apps. These mobile testers are not considering mobile<br />
software is a part of an entire system where software,<br />
operating systems and hardware all have to work<br />
together for the complete user experience. These mobile<br />
testers do not consider the hardware and operating<br />
system conditions have a direct impact on software<br />
behavior.<br />
So let’s consider some specific examples of how<br />
hardware and Operating System conditions affect<br />
software behavior. Notifications are something we take<br />
for granted when using our devices. Does your<br />
software app use notifications? Did you consider<br />
testing the notification action beyond of the positive test<br />
case? Did you ask “What if ….?” Notifications are<br />
functions where the mobile app engages with the<br />
operating system and the hardware to display that<br />
notification visually, audio or both.<br />
Why don’t we explore a few what ifs further? Set up:<br />
Your mobile hybrid app sends both a visual and audio<br />
notification to a device once the app receives data from<br />
another source. That data is packaged in a particular<br />
protocol and the notification is to use both visual and<br />
audio indications. What tests would you start beyond<br />
the idea of sending data packed per the protocol and<br />
witness the device behavior? Keep in mind some<br />
devices have both visual and audio indications, some<br />
devices have visual indications only from the operating<br />
system level while other devices display LED lights<br />
visual on the case of the device. Not all devices are<br />
equal. So testing on the actual device becomes<br />
important for this type of test.<br />
Side note: There are companies who offer virtual access<br />
services to various devices where you can rent time to<br />
conduct your tests. Some examples of mobile device<br />
testing providers: Perfecto Mobile, Device Anywhere,<br />
Keynote as well as other options. Do your research<br />
before providing a budget to build your own test lab. I<br />
personally do not advocate one company over another.<br />
You will need to do your research to find which<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 20 -
company works best for your mobile app and testing<br />
approach.<br />
Checking the notification functionality involves<br />
reviewing whether or not the software receives a<br />
message and reads the protocol to accept the message.<br />
The software then generates a notification to the<br />
operating system to display that notification, however it<br />
was designed to be displayed. Now, the test case ideas:<br />
1. End to end positive functional test<br />
2. Timing/Response: How soon does the software<br />
receive the message to display the notification and how<br />
long the actual display occurs?<br />
3. Interruptions: Software receives the message to<br />
send another message to the Operating System to<br />
display the notification but before the message is sent to<br />
the OS, a phone call occurs. Does the notification still get<br />
displayed or does the phone function need to end the<br />
call? What if your device receives another notification<br />
sent to the OS but the notification message to the OS was<br />
sent after your mobile apps, but the 2nd notification was<br />
displayed? Your notification was never received or<br />
displayed until much later or perhaps if another<br />
notification needed to be sent?<br />
4. Display of Notification: With a low battery, does<br />
the notification display function change at all? If the<br />
display is supposed to be both audio and visual, is only<br />
one type of notification displaying the notification?<br />
What if the device is very hot from use or charging of the<br />
battery, or both, the notification behavior changes?<br />
5. Resources: Your device’s storage is almost full.<br />
Does the software’s notification messages generate the<br />
display of the notification? What if you have several<br />
notification messages needed to generate the display?<br />
How does your application handle the lack of<br />
resources? What’s the limit the App needs before<br />
problems of notification arises?<br />
Now we can see these topics are all related specifically<br />
to mobile testing because the notification function itself<br />
is primarily a mobile function and the app under test.<br />
Would a hardware tester test how software behaves<br />
based on resources? Software affects the hardware and<br />
vice versa but when it comes to understanding software<br />
behavior, the mobile software tester has to be a talented<br />
test designer. Why? Because rarely are the<br />
requirements written with consideration to hardware<br />
and operating system limitations. We don’t know what<br />
we don’t know. Mobile testers need to be a bit like<br />
Christopher Columbus; not respected for the<br />
complexity of the testing, the test design are given no<br />
time to complete their exploring. Changing up various<br />
hardware and OS conditions can help to flush out more<br />
information of the software behavior. And this is why<br />
I advocate to not just rely on automation and emulators.<br />
There is a need for testing directly on devices, manual<br />
testing, include the hardware & operating system<br />
conditions which can reveal buried treasure of bugs.<br />
Jean Ann Harrison has been in the Software <strong>Testing</strong> and Quality Assurance field for over 15 years<br />
including 7 years working within a Regulatory Environment and 8 years performing mobile software<br />
testing. Her niche is system integration testing with focus multi-tiered system environments involving<br />
client/server, web application, and standalone software applications. Mobile software testing includes<br />
mobile native apps, mobile hybrid apps, mobile web applications and mobile websites. Jean Ann is a<br />
consistent speaker at many software testing conferences, a Weekend <strong>Testing</strong> Americas facilitator as well<br />
as making guest appearances. She is currently a columnist in Software Magazine as well as conducting<br />
webinars on mobile software testing and writing for various publications. She is always looking to gain<br />
inspiration from fellow testers throughout the software testing community and continues to combine her<br />
practical experiences with interacting on software quality and testing forums, attending training classes<br />
and remaining active on social media sites. In her free time, Jean Ann enjoys watching and participating<br />
in various sports and in particular is a former competitive figure skater and working to gain back her<br />
skills to compete once again. Jean Ann loves participating in the fine arts including oil painting,<br />
attending symphonies, opera, music concerts and Broadway caliber theatre. Jean tweets @JA_Harrison<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 21 -
KEEP CALM<br />
AND<br />
POST TESTING JOBS<br />
@<br />
<strong>Testing</strong><strong>Circus</strong><br />
Submit #testing jobs for free and hire great testers who care about testing.<br />
http://www.testingcircus.com/submit-jobs/<br />
Current <strong>Testing</strong> Opportunities<br />
http://www.testingcircus.com/jobs/<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 22 -
<strong>Testing</strong> The<br />
Test Reports<br />
- Parimala Hariprasad<br />
I was one of the judges on STWC World Cup Asia Team.<br />
I had the privilege to review bug reports and test reports<br />
of several teams. I was appalled at the quality of test<br />
reports from several teams. Some were a copy paste of<br />
all the bug reports, some talked about task breakup, and<br />
few others had all information that was useless to<br />
stakeholders who could make decisions based on the<br />
test report. Hence, the need for this article.<br />
What is a Test Report?<br />
A Test Report is a story – about the product, about<br />
testing and how well / how poorly testing was<br />
performed. Test Report is a window of information to<br />
stakeholders. It is critical that test reports are presented<br />
well enough for them to make suitable decisions. In this<br />
article, I would like to highlight important components<br />
of a test report and what sets a test report apart from the<br />
run of the mill reports I described at the beginning.<br />
Components of a Good Test Report<br />
Overview<br />
Summary – brief summary of what the report contains<br />
along with all sections (No, this is not same as Table of<br />
Contents)<br />
Mission<br />
What do you plan to accomplish through testing? Find<br />
bugs? Identify risks? Clear blockers? Provide<br />
information to stakeholders? Which stakeholders?<br />
Answering these questions will help you understand<br />
why you set out testing in first place.<br />
Context<br />
What is the context in which the product/project is<br />
tested? What are the Assumptions? What are the real<br />
world conditions?<br />
Test Coverage<br />
- Coverage<br />
Tell stories of how testing was done. What types of<br />
coverage were accomplished, techniques applied, tools<br />
used, results found and so forth<br />
- Feature Coverage<br />
Mindmap based visual tool that lists out all the<br />
features that are tested. Features that are not<br />
tested, blocked or paused will have<br />
corresponding interpretations.<br />
-Platform Coverage (Test Environment)<br />
Test environments include hardware, software,<br />
application specific configurations, device<br />
settings in case of mobile devices, list of<br />
tools/technologies/languages used and so forth.<br />
The coverage can be broken into below subcategories:<br />
- OS Coverage<br />
Operating systems that are covered<br />
during testing<br />
- Browser Coverage<br />
Browsers that are used for testing<br />
- Device Coverage<br />
Mobile devices with different<br />
manufacturers, device models, device<br />
sizes, screen resolutions, network<br />
carriers that are covered during testing<br />
- Data Coverage<br />
Data dependencies handled as part of<br />
one time test data setup or for ongoing<br />
testing<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 23 -
- <strong>Testing</strong> Techniques used<br />
Highlight different test techniques used to<br />
perform different tests. This can be showcased in<br />
a mindmap for better visibility<br />
<strong>Testing</strong> Status<br />
A summary of testing status and test results for all tests<br />
done is an important aspect of test reporting [No, this is<br />
not a count of Pass vs Fail]. This contains a detailed<br />
story about the overall health of each and every feature<br />
in the product/project. This also contains a summary of<br />
what was tested, to what extent testing was done, what<br />
kind of bugs were found, what risks do they bring and<br />
how it might impact users. <strong>Testing</strong> status must keep<br />
target stakeholders in mind and present status that will<br />
highlight potential risks and problems which will help<br />
them make key decisions.<br />
Risks<br />
Why did you choose to perform some tests over others?<br />
How did you prioritize? It is important to say why you<br />
covered tests and how critical they were. Highlight<br />
which tests were not performed and how they might<br />
contribute to the overall risk of the product also needs<br />
highlighting in this section. Identifying a list of<br />
problems in the product beforehand, planning tests to<br />
mitigate these risks using a mitigation plan to reveal<br />
these risks is highly beneficial.<br />
● Stakeholders – Who does it affect?<br />
● Who are the stakeholders?<br />
References<br />
This section includes all the reference documents,<br />
detailed test reports, detailed bug reports and related<br />
summary documents on the product that might be of<br />
further interest to stakeholders.<br />
What Story Do You Intend To Sell?<br />
Test Report is a sneak preview into what testers think<br />
about the state of the product. It is an opportunity to<br />
alert stakeholders about current risks in the product<br />
contrary to the idea of risks they may have. It talks about<br />
about how things can get better if tester’s information<br />
was used effectively. It helps stakeholders make critical<br />
decisions based on the progress made during testing.<br />
A good test report is a window of opportunity. What<br />
does your test report look like?<br />
Parimala Hariprasad spent her youth studying people and philosophy. By the time she got to work, she<br />
was able to put those learnings to help create skilled testers. She has worked as a tester for over 11 years<br />
in domains like CRM, Security, e-Commerce and Healthcare. Her expertise lies in test coaching, test<br />
delivery excellence and creating great teams which ultimately fired her because the teams became<br />
self-sufficient. She has experienced the transition from Web to Mobile and emphasizes the need for<br />
Design Thinking in testing. She frequently rants on her blog, Curious Tester<br />
(http://curioustester.blogspot.com). She tweets at @CuriousTester and can be found on Linked In at<br />
http://in.linkedin.com/in/parimalahariprasad. She currently serves as Delivery Director at PASS<br />
Technologies AG.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 24 -
Advertise in <strong>Testing</strong> <strong>Circus</strong><br />
$50<br />
<strong>Testing</strong> <strong>Circus</strong><br />
- Read by real testers,<br />
Not automation bots.<br />
We are offering huge discounts for 12 months regular ad booking.<br />
***Advertisement rate starting $50/per month.<br />
http://www.testingcircus.com/advertise<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 25 -
Modularizing<br />
Test Case<br />
Design Using<br />
Flowcharts<br />
- Llyr Wyn Jones<br />
Test Case Design<br />
When building test cases, and the corresponding data, it<br />
is a common practice to work out the design steps for<br />
each one, and for each design step, the corresponding<br />
test conditions. This is mostly done using Excel spreadsheets,<br />
and a great deal of copying and pasting is required<br />
to make sure all of the test cases have the correct<br />
data conditions. This is, as you can imagine, an extremely<br />
tedious and error-prone process; one wonders: surely<br />
there is a better way to achieve this?<br />
The good news is: yes, there is! However, before we<br />
delve into the solution, we must touch on a related<br />
problem with existing test case creation techniques: the<br />
lack of intelligent de-duplication methods. This may<br />
seem to be an unrelated subject, but it turns out that<br />
removing redundancy in test cases is key to being able<br />
to duplicate work quickly.<br />
A test case can easily be thought of as a path – a sequence<br />
of blocks separated by arrows (the arrows indicating<br />
the direction of travel). For example,<br />
Enter username à Enter password à Click OK à Log<br />
in successful<br />
is an example of a test case for a log in dialog, starting at<br />
‘Enter username’ and finishing with ‘Log in successful’.<br />
Another test case could look like:<br />
Enter username à Click OK à Log in unsuccessful<br />
(this could be testing the requirement that a password<br />
must be non-empty, for instance). Notice that two of the<br />
design steps are common to both test cases. In an Excel<br />
spreadsheet, one would create the design steps for the<br />
first test case, then copy and paste the relevant details<br />
for the second test case. This may not be too bad for two<br />
test cases, but when there are, as is typical, hundreds of<br />
test cases (with tens of different data conditions) it becomes<br />
prone to error: errors that are not straightforward<br />
to spot.<br />
This is where flowcharting really comes to the fore: in<br />
the flowcharting paradigm, design steps are linked together<br />
to form a flowchart, and test cases are then merely<br />
paths through that flowchart.<br />
Let us put the above example into a flowchart, with the<br />
corresponding data conditions):<br />
For brevity, we ignore the expected results (i.e. login<br />
successful/failed) for now. Notice that we have two<br />
paths through our flowchart:<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 26 -
Enter username (‘JohnS’) à Enter password (‘abc’) à Click OK<br />
Enter username (‘JohnS’) à Click OK<br />
Also, notice how both ‘Enter username’ and ‘Click OK’ are only defined once in the flowchart – since both paths go<br />
through them, it is possible to only define them once. If it isn’t possible to define them once (there are certain<br />
technical reasons why this can’t always be done), a related concept called ‘Cloning’ is possible: this serves the<br />
purpose of establishing that two blocks are identical, and that changes made to one will be reflected in the other.<br />
Now, defining the test data for ‘Enter username’ will only need to occur once: that is, in the design phase in the<br />
flowchart itself. Building the test cases will automatically inherit all the necessary test conditions from the blocks in<br />
the design. This is what we mean by inheritance: the test cases inherit the properties of their individual design steps<br />
– it means that the majority of the work only has to be done on the design steps: the test cases then take care of<br />
themselves. Perhaps an easier way of thinking about this is by considering the flowchart as a form of ‘template’,<br />
where all the design steps are associated with test conditions, and, when the test cases are built, they are built using<br />
details from the template.<br />
In many respects, it is very similar to the existing cut-and-paste method used for Excel spreadsheets, and you may<br />
be wondering what the difference is, beyond this being an automated cut-and-paste operation. The key differentiator<br />
is what happens when test cases are changed after they have been created.<br />
Change Impact Analysis and Inheritance<br />
We have already seen that test cases inherit the test conditions from the flowchart design, but we haven’t quite seen<br />
the full power of that capability. Being able to design test cases without worrying about the test conditions for each<br />
test case – leaving that to the template to fulfil – is merely a fraction of the consequence. To get the most out of the<br />
flowcharting paradigm is to consider how it handles changes, both for individual test conditions and the structure<br />
of the overall flow.<br />
Let’s examine the former first, by revisiting the example above. Let’s suppose that the test conditions have been<br />
changed to:<br />
Since the test cases are merely paths through the flow,<br />
they inherit the test conditions from their design steps.<br />
In particular, they also inherit the changes in the test<br />
conditions. The test cases will now look like:<br />
Enter username (‘PeterB’) à Enter password (‘123’) à<br />
Click OK<br />
Enter username (‘PeterB’) à Click OK<br />
Again, the impact on two test cases is not particularly<br />
big, but the true value lies when you have hundreds of<br />
test cases: the process of going through every single test<br />
case, making sure that all the test conditions have been<br />
changed correctly, is an extremely tedious process, and<br />
is far more prone to errors than the copy-and-paste<br />
process used to build the test cases in the first place.<br />
Using this methodology, the changes are automatic, and<br />
are guaranteed to be correct by the principle of inheritance!<br />
So far, so simple, and we have not even leveraged the<br />
true power of the flowchart for the purposes of change<br />
impact analysis. This comes when the flowchart’s structure<br />
has been changed. Let us assume that the above test<br />
cases have been executed, and a tester realizes that the password field has not been blanked out (i.e. the user can<br />
actually see the password he/she just typed in). This is contrary to most log-in screens, so the business analyst then<br />
decides to put in an extra block just after ‘Enter password’:<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 27 -
This is where the flowchart paradigm really comes into<br />
play, as the flowchart determines which design steps<br />
are related to one another – in this case, the change<br />
means that whenever ‘Enter password’ appears in a test<br />
case, it must now be followed with ‘Make sure password<br />
is blanked’.<br />
The test cases will now look like:<br />
Enter username (‘PeterB’) à Enter password (‘123’) à<br />
Make sure password is blanked à Click OK<br />
Enter username (‘PeterB’) à Click OK<br />
The only test case which has changed is the first one,<br />
since the second one never went down the ‘Enter password’<br />
route.<br />
Conclusion<br />
In our experiences in the field, we’ve discovered that,<br />
using the flowcharting paradigm, great savings can be<br />
made by using the principle of inheritance to derive test<br />
cases from a flowchart design. The greatest of savings<br />
are made during the change impact analysis procedure:<br />
instead of spending hours going through test cases to<br />
find those that have changed then making sure that they<br />
are correct, it is far more cost-efficient to let the flowchart<br />
determine where the changes are, and fixing the<br />
‘broken’ test cases accordingly.<br />
About the Author<br />
Llyr Wyn Jones is a Senior Programmer at Grid-Tools, the leading Test Data Management Company. He<br />
has invented, developed and implemented new software solutions for multiple worldwide clients. He<br />
tweets at @gridtools.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 28 -
From A Tester<br />
to A<br />
Development<br />
Team Mate<br />
- Nimesh Patel<br />
A few years into my career as a Professional Software<br />
Tester, I had been working at a company with some<br />
great people in a nice, outgoing, dynamic environment<br />
as a software tester on the test team - a team of about 6<br />
people. I enjoyed what I did and even back then, I was<br />
a tester who was always looking to learn new things and<br />
make myself a better, more skilled tester. One day, my<br />
manager at the time approached me about an<br />
opportunity he had recommended me for - it was an<br />
opportunity to be a part of the Research & Development<br />
team at the company as the software tester. I had built<br />
a good reputation on the team I had started on and<br />
amongst some of the other teams and individuals at the<br />
company. He also believed that I needed a new<br />
challenge at the company, and I believed that as well.<br />
As it turned out, it was an excellent challenge for me.<br />
He mentioned that I would be learning a lot, things that<br />
would really enhance my technical knowledge as a<br />
software tester and that it would only help my career, an<br />
assessment I agreed with as well. I took a few days to<br />
think it over, after which I made the decision to accept<br />
the opportunity to join the R&D team. At the time I<br />
knew it was a decision that would eventually be great<br />
for my career and towards my goal be being a better,<br />
more technical, and a more skilled tester. Little did I<br />
know then what I know now, that my decision to join<br />
the team would have a tremendous positive impact on<br />
my career as a professional software tester. I was under<br />
a lot of pressure (most of it from myself), and the<br />
learning curve I faced was steep. Things didn’t go<br />
smoothly right off the bat, it was actually quite rough in<br />
the beginning, but as I continuously put in the work and<br />
effort, things got smoother and from there, things went<br />
great.<br />
Joining a team of developers<br />
They were now my team & I was a part of theirs...<br />
Now for the first time in my career, I was a member of a<br />
team with no other software testers on it. Instead, the<br />
members of my team were primarily composed of<br />
developers, a scrum master, and a product owner (we<br />
worked within an Agile Scrum software development<br />
framework). This was a big adjustment for me. I had<br />
never worked on a team surrounded by people who<br />
weren’t software testers. I no longer had a test manager<br />
(or a test coordinator) presenting my test results and<br />
findings to stakeholders, I was doing it myself. On the<br />
same account, if a development manager or lead wasn’t<br />
in favor of information I had found, I no longer had a<br />
test manager to “shield” me in this type of situation.<br />
The “safety net” of being around and on a team full of<br />
testers, was gone. This was one of the best things to<br />
happen, it allowed me to grow as a tester and as a<br />
professional. There was a lot more responsibility on my<br />
plate now, but I saw it as a lot more opportunity.<br />
I wanted to show & prove to them that I was there to<br />
make them look good...<br />
The developers I was now working with, my new team<br />
members, had never directly worked with me before. It<br />
seemed that they weren’t yet sure if I was going to be an<br />
obstacle for them or if I was going to contribute to the<br />
team. I wasn’t there to cause chaos for the developers,<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 29 -
nor to waste their time having them read through tons<br />
of bug reports I had logged into the bug tracking tool. I<br />
wasn’t there to point out and glorify bugs I discovered<br />
due to coding. I wasn’t there to slow things down or get<br />
in the way of deadlines. I was there to make them look<br />
good - but it wasn’t enough for me to just say that to<br />
myself, or even say it to them. I had to show them and<br />
prove it to them. Over the course of a few months (and<br />
tons of work and effort) I did, but it took a lot time and<br />
a lot of learning.<br />
Worked with them, and took the time to learn<br />
I showed them that not only was I willing to work with<br />
them, but that I genuinely wanted to work with them<br />
and that I wanted to learn. I had a lot of energy and was<br />
really up to that task and I wanted them to see that. I<br />
spoke to the technical lead on the team and got his<br />
feedback about how I could approach the different<br />
developers and how I could become a valuable and<br />
contributing member of the team. He offered his<br />
insights, after which I thought about his<br />
recommendations and how I was going to go about<br />
putting my plan into action.<br />
I wanted to learn more about the different components<br />
that made up the system that the team built from the<br />
ground up and continued to do development & testing<br />
work on. I asked the developers questions about the<br />
different components and how they were all integrated<br />
together, the data and information flows, and in which<br />
ways they were independent from and dependent on<br />
each other. When the developers took time to explain<br />
these things to me, I always made sure to take notes. I<br />
informed them that I would be taking notes so that I<br />
could review them later to better understand and so that<br />
I wouldn’t need to ask them the same questions again. I<br />
made it a point to review the notes towards the end of<br />
the day, or even on my way home which sometimes<br />
prompted me to ask further clarifying questions. One<br />
thing I found extremely useful when they explained<br />
things to me using the whiteboard, was to draw out the<br />
diagrams of components, flows, and business logic, and<br />
other important information. I always made sure to<br />
re-draw the contents of the whiteboard or even take a<br />
picture of it. This was one of the most useful techniques<br />
that helped me the most when I first joined the team, to<br />
be able to understand the technicalities and interactions<br />
between the different system components. It enabled<br />
me to ask better questions about the implications and<br />
risks of the development work being done. I was able to<br />
think of potential problems or things nobody had yet<br />
thought of within the system when discussing the<br />
development & testing efforts of new features. I was<br />
able to design my tests better, and do more effective<br />
testing because of the knowledge I obtained regarding<br />
the components, and the information and data flows<br />
between them. As a result, I was able to focus my<br />
testing and coverage, which enabled me to provide<br />
more valuable information from the testing I was doing,<br />
in the available time I had to test.<br />
A lot of times when I was providing information about<br />
the behaviors I was seeing during my testing, the<br />
developers would access the Linux server to check<br />
system and error logs to get more information on what<br />
was happening. I took a lot interest in this as I was<br />
curious and wanted to see how they were further<br />
investigating what I was telling them from my testing.<br />
One day, one of the developers asked me if I had an SSH<br />
client on my machine and the accesses to log into the<br />
server myself. I was able to install an SSH client and get<br />
information on the accesses and permissions I would<br />
need to log into the server. Once I had what I needed,<br />
the developer took some time and explained the<br />
directory structures to me, and where some of the logs<br />
and files were located. They showed me commands I<br />
could use and how to use specific search commands to<br />
follow, and apply filters on for specific keywords I was<br />
looking for within the log files. I wrote down the<br />
directory structures and the different Linux commands<br />
they were using. It took me some time to get more<br />
comfortable navigating the different directories and<br />
using the different commands, but as I used them more<br />
regularly, and was able to find the information I was<br />
looking for, logging into the server to further investigate<br />
during testing, become one of my favorite skills to use<br />
from my arsenal. I was able to quickly and better<br />
investigate the causes of some of the behaviors I was<br />
seeing, and provide this detailed level of information<br />
back to the developers, who in turn were able to use the<br />
detailed information and quickly correct pieces of the<br />
code, or components where the problems originated<br />
from. The understanding of the Linux server logs, in the<br />
context of our system allowed me to further investigate<br />
during testing and allowed the developers to focus on<br />
their development and less time investigating causes of<br />
some bugs and troubleshooting abnormal behaviors.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 30 -
Paired <strong>Testing</strong><br />
My team and I worked in an open space concept, and in<br />
an open communication style atmosphere. As the<br />
developers and I got to know each other better, and got<br />
to know each other’s working styles better, they<br />
occasionally asked me to log into their local machines so<br />
that we could do some testing on new development<br />
items or bug fixes before they would commit their code<br />
and deploy to our development and test environments.<br />
I enjoyed this activity, it allowed for quick feedback and<br />
also saved us time instead of having to deploy, test, fix,<br />
re-deploy and test again later.<br />
Other times, while testing and continuously providing<br />
quick, regular feedback (this was how we worked) the<br />
developers would come over to my desk, and we would<br />
test new features, existing features, and potentially<br />
impacted features together. This allowed us to look at<br />
the application or features we were testing from<br />
different perspectives and helped us identify and find<br />
bugs or the particular types of information we were<br />
looking for depending on our testing focus at the time.<br />
It was also fun and productive as one persons thought<br />
process often led to great test ideas from the other.<br />
There was one developer in particular whom I tested<br />
with, at his machine without the use of any UI or tool,<br />
but rather by looking at his code. This was actually one<br />
of his ideas (an awesome idea), and it allowed me to<br />
contribute to the development efforts in an entirely new<br />
way. We would chat about what the code was meant to<br />
do and for which feature we were developing and<br />
testing, and we would go through the different code<br />
statements, conditions and branches and work together<br />
to think about which logic was covered, where and<br />
which cases were accounted for in the code, and work<br />
together to brainstorm and identify cases which possibly<br />
were not covered. This was an entirely new way for me<br />
(at the time) to be able to use my testing mindset and<br />
perspective to work together with a developer.<br />
How I said things<br />
Early on in my career, I often saw some (a small number)<br />
software testers approaching and informing developers<br />
that they had found some bugs in the application, in a<br />
tone and with a facial expression reminiscent of a smirk,<br />
as if they were bragging and shoving the fact that they<br />
found bugs due to coding, in the face of developers. I<br />
never quite understood this, nor grasped the concept.<br />
Furthermore, I remember seeing the faces and reactions<br />
of the developers and understood the animosity<br />
between developers and testers in some companies on<br />
some teams. I knew just from witnessing this, which I<br />
never wanted to be one of these testers (and for the<br />
record, the vast majority of the testers I’ve worked with<br />
did not do this). I paid extra attention to the words I<br />
used, how I used them, and the tone in which I used<br />
them.<br />
I never walked up to any of the developers with a smirk<br />
on my face and said something along the lines of “Hey<br />
I’ve found some bugs in the application and broke your<br />
code”. I respected software and developers way too<br />
much. I considered the working and communication<br />
style on our team (open communication with a focus on<br />
quick and regular feedback) so that when I found bugs<br />
or something not working “correctly” I would always<br />
try to find as much information I could supporting the<br />
behavior I was seeing regarding the bug and its extent.<br />
I made it a point to always tell the developers I was<br />
working with, in an informal way, and offering for<br />
them to come take a look at my observations at my<br />
machine. Depending on what the behavior was that I<br />
was observing, and in which component it was likely<br />
taking place in, I often asked the developers if they had<br />
committed and deployed the code for that specific<br />
component or feature yet. I also learned the check in,<br />
check out and deployment process and system we<br />
used, therefore I would also go check myself at times.<br />
The point was, I was always communicating in an open<br />
manner and in a non-threatening tone. I focused on<br />
communicating in a helpful manner, for example, “Hey<br />
can we look into this a little further because something<br />
doesn’t seem right”.<br />
I also learned when to bring things up. We worked in<br />
an Agile Scrum development framework, therefore I<br />
made sure I was always explicit (yet respectful) in my<br />
updates. If there was an issue I had discovered that<br />
would require some additional time (more time than<br />
usual) for the developer to come to my machine so that<br />
I could show them my findings, along with supporting<br />
information from my investigation, I would mention it<br />
in the morning stand up and ask a timeframe in the day<br />
that we (together) could look into it further. I think this<br />
showed the team that I wasn’t just finding bugs,<br />
reporting them and cleaning my hands of them - but<br />
that I wanted take the time to show them, and work<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 31 -
with them to resolve them. If there was a discussion I<br />
had with a developer the previous day, and I was still<br />
unsure of the outcome of the discussion because it still<br />
somewhat contradicted my understanding, I would<br />
bring it up at the morning stand up (so that it could be<br />
brought to the attention of the correct people to be taken<br />
offline). I would explain my initial understanding and<br />
where the contradiction still remained based on what<br />
was discussed. This helped with transparency and for<br />
the whole team to chime in, and open up the discussion<br />
to determine if we were indeed all on the same page with<br />
the same understanding. In some cases we discovered<br />
that understanding on some things weren’t completely<br />
unanimous. Most importantly, it didn’t attempt to put<br />
anybody on blast. The approach I used in my<br />
communication with the team helped me become a<br />
welcome member of the team, and be recognized as<br />
contributing member and team player.<br />
Got to know them...<br />
Just as I was extremely passionate about Software<br />
<strong>Testing</strong> and was always looking to enhance my skills, the<br />
developers on my team were equally passionate about<br />
Development. Over time, the understanding of being<br />
truly passionate about one’s craft allowed us to have an<br />
even better understanding and respect for what the other<br />
did.<br />
What they believed in and practiced as Developers<br />
Some of the things I spoke about to the developers on my<br />
team were their backgrounds as developers, where their<br />
interest in software and development stemmed from,<br />
how they got started and what they believed in and<br />
practiced as professional developers. It was interesting<br />
to hear the types of systems that they had helped<br />
develop before they had started working at the company<br />
we worked at, what types of industries they had worked<br />
in, what coding related work they did on their own time,<br />
and how they were increasing their knowledge and skill<br />
level. I had numerous discussions with them about their<br />
thoughts on information technology and software, this<br />
made for great and very insightful conversations. What<br />
made the conversations even more interesting was the<br />
fact that my discussions with each of the developers was<br />
different with each individual given the fact that their<br />
interests, backgrounds, coding they did outside of work<br />
were unique. Over time this led to a friendship between<br />
myself and each of the developers, unique friendships<br />
(that exist to this day even though we don’t work<br />
together anymore).<br />
Going out for lunches<br />
From time to time I also went out to lunch with the<br />
developers on my team, often on a one to one basis.<br />
This allowed us to informally chat about the projects,<br />
the user stories and features we were working on,<br />
different partners we were working with and how that<br />
was going, as well as technical implications and<br />
decisions. This gave us a chance to brainstorm about<br />
the aforementioned topics and get into deep<br />
discussions about them. If the lunch was with the<br />
technical leads on the team, they always made sure to<br />
ask about my feedback for testing matters, and again<br />
that led to great informal discussions regarding testing<br />
matters in the context of our team. Over time working<br />
with the team, and the manner in which I did, focusing<br />
on integrating myself as a valuable and contributing<br />
member of the team and taking the time to get to know<br />
the developers, helped me build credibility (within the<br />
team) and build a great trust level amongst the<br />
members of the team - all of which helped us run like a<br />
well oiled machine and at the same time, having fun<br />
learning from each other and working together.<br />
Final Thoughts<br />
As I mentioned at the beginning of this article, I knew<br />
this would be a great opportunity for me to accept, but<br />
little did I know how great the opportunity would<br />
actually turn out to be, considering the amazing impact<br />
it ended up having for me as a professional and as a<br />
software tester. The things I learned, both on the<br />
technical and software side, as well engaging with and<br />
working on a team with individuals who were not just<br />
software testers, was superb. The experience was<br />
invaluable - to this day one of the greatest work<br />
experiences of my career so far.<br />
I have worked at different companies and on different<br />
projects with different teams and different developers<br />
under different conditions. At my current place of<br />
employment, I work very closely on projects with both<br />
software testers and developers, and have a great<br />
working rapport with both my fellow software testers<br />
and with the developers. I use many of the things I<br />
learned and applied in my experiences, on a daily basis,<br />
and encourage other testers on my team to do the same<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 32 -
(I try to tell different testers in different ways as<br />
everybody has their own style). At my current place of<br />
employment the efforts have led to a cooperative,<br />
productive, and fun working environment. My efforts<br />
have also been recognized by others. I’ve been told by<br />
my managers that the developers on the projects I work<br />
on enjoy working with me, given my testing skill, and<br />
how I engage them throughout the projects we work on<br />
together.<br />
Working well with talented teams composed of<br />
individuals in different roles, focused on different<br />
activities is extremely important as companies are<br />
slowly starting to realize that testing isn’t something<br />
that should be done alone, or after development is<br />
complete, but rather that testing is actually an<br />
important and valuable activity that goes hand in hand<br />
with development. As this becomes more common, it<br />
will be important for software testers to evolve and<br />
learn to enhance their skills and how they work with<br />
other members of the team - and I don’t mean just other<br />
software testers.<br />
About the Author<br />
Nimesh Patel is an experienced, passionate and skilled Software <strong>Testing</strong> Professional based in Montreal,<br />
Canada with 9 years of experience in Software <strong>Testing</strong> and Quality. He is a strong believer of the context<br />
driven testing approach and applies it in his testing, while continuously learning and improving his skill<br />
set by applying the skills, concepts and ideas driven by the approach. As a hands-on Software Tester,<br />
Nimesh is actively involved in the testing efforts of all the projects he’s involved with and regularly<br />
collaborates with both team members and project stakeholders. He has tested different types of software<br />
applications with different testing missions and his specialties include testing web, mobile, insurance,<br />
financial and SOA based software applications. Nimesh is also an organizer for Montreal Insights Into<br />
Software <strong>Testing</strong> - a Software <strong>Testing</strong> peer conference & workshop held annually in Montreal, Canada.<br />
Nimesh tweets at @QualityCaptain.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 33 -
Story of<br />
Security <strong>Testing</strong>,<br />
Myth Busters<br />
& More<br />
- Santhosh Tuppad<br />
I often hear people asking me, “Santhosh, coach me on<br />
security testing / hacking” and my response has been,<br />
“Demonstrate some things to me so that I can invest my<br />
time on coaching you” and most of them have not come<br />
back to me. Now, it is lack of interest or passion, I do not<br />
know and not interested to know. My gut-feeling says<br />
that, it is the passion one carries for hacking instead of<br />
learning it to get a better job or earn more based on the<br />
myths that the industry has. I started to hack when I was<br />
16 and it was not a course that I went for, but interest.<br />
And today, I feel that to learn security testing; one need<br />
to have interest without any other expectations like<br />
money, better job offer or any other thing.<br />
I am not a traditional type of ethical hacker, but to me it<br />
is like growing in slum of hacking world where I did not<br />
use any techniques, but learned in a unique way<br />
because hacking was so interesting to me that I used to<br />
dream about hacking credentials or hacking web<br />
applications. I have never feared anything while<br />
learning to hack. If I had fear and was educated about<br />
the cyber laws, may be I wouldn’t have learned it so<br />
well like I do now because at the teenage may be I<br />
would have got scared and left my learning. It was good<br />
that I did not choose any mentor at that time because he<br />
/ she would have told me about cyber laws and my<br />
learning path may have changed unfortunately. I am<br />
happy that I did not have a mentor or coach and I<br />
learned it in my own style. Nowadays, it is very<br />
fashionable to say, “I have a mentor or I am being<br />
coached by so and so person from the industry”; well I<br />
have something different to say here, “Not necessarily<br />
you need a coach / mentor, what you need is a GENE to<br />
learn it and a HEART to beat for hacking”.<br />
Scientists in History Never Had Certifications<br />
Now, let us speak about certifications in Ethical Hacking<br />
or Security <strong>Testing</strong>. People started telling me to do<br />
certification in ethical hacking and I said, “I know more<br />
than what a certification guy can do, In fact, my skills<br />
are nowhere comparable to the person who is certified<br />
ethical hacker. I respect skills over certificates. Many<br />
organizations look for certified ethical hackers who may<br />
just know the surface of hacking and not in depth<br />
knowledge about software security. Now, black-hat<br />
hackers compared to most of the certified ethical<br />
hackers know much more about attacks, techniques and<br />
keep on exploring while certified folks may just keep<br />
doing the same things when they are on project. Now,<br />
this is a BIG problem that information security industry<br />
is facing. It is like, “Hackers are born and they are not<br />
made”. By saying this, I am emphasizing on passion<br />
element that needs to exist in a person to learn hacking<br />
/ security testing.<br />
Tools Are Never Enough<br />
Many people ask me these kinds of questions which<br />
kind of doesn’t make sense to me, “Which tool should I<br />
use to crack the password? Which tool will help me to<br />
get Wi-Fi password? Which tool will help me hack<br />
Gmail, Facebook, Yahoo?” and many other questions. In<br />
my security testing workshops as well, people do not<br />
want to listen to listen to the different stories which<br />
helps them to get the mind-set of hacker, they are so<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 34 -
wanting to start using tools like ready-to-eat food. They<br />
like straight forward answers and not really exploration.<br />
I recommend that people need to first get the mind-set<br />
and then skill-sets can be acquired. Or else you may<br />
learn 100 tools, but you still do not know how to use<br />
them because you are not getting ideas. Like McLuhan<br />
says, “A fool with a tool is still a fool” would be apt for<br />
such people.<br />
OWASP Top 10 Attacks Are Not Sufficient<br />
OWASP Top 10 attacks are major attacks that happen in<br />
most parts of the world compared to other variants of<br />
attacks. It doesn’t mean that, security testers need to stop<br />
at these OWASP top 10 attacks. And again in OWASP<br />
top 10 attacks, there are different combinations which<br />
need to be covered and again testers fall in to the trap of<br />
not testing them. <strong>Testing</strong> itself is exploratory and<br />
security testing being one of the quality criteria has to be<br />
exploratory! What OWASP gives is guidelines and<br />
cheat-sheets which are powerful, but going beyond them<br />
is what makes a great security tester who is competing<br />
with black-hat hackers.<br />
Understanding How Computer Works is The Key<br />
It is added value to your skills if you understand the<br />
hardware and software part of your computer. Hacking<br />
is not only with respect to software, but understanding<br />
how your keyboard works or your hardware works<br />
could help in hacking software. Example: I learned about<br />
“How keyboard works?” to understand better about<br />
keyloggers where they record each and every keystroke<br />
from your keyboard (And this is one way how someone<br />
can install a keylogger on your computer and they can<br />
keep receiving the logs of your activity including your<br />
passwords because it is basically recording every<br />
keystroke as password is typed using keyboard. Explore<br />
more!). I would like to mention about the source which I<br />
find interesting, http://howstuffworks.com/<br />
Taking The Learning Forward<br />
As hacking or security testing flows in my blood along<br />
with other quality criteria of software testing, I<br />
consistently practice by thinking, reading, conversing<br />
with people, delivering workshops and lot more! It is<br />
very easy that you may feel you are exhausted with<br />
ideas, well that’s the beautiful state to be in. When you<br />
feel ideas are exhausted, that’s where black-hat hackers<br />
make progress in thinking better. You can do better too,<br />
do not give up!<br />
This is more of mind-set related article which is one of<br />
the critical skills required for a hacker. Stories help reveal<br />
a lot and this is my story which you may use it for your<br />
learning. Remember this, “You got to be a black-hat<br />
hacker to be a better white-hat hacker”<br />
About the Author<br />
Santhosh Tuppad is the Founder at Test Insane Software <strong>Testing</strong> Services. He is known for his testing<br />
skills around the globe. Santhosh Tuppad has 5 years of experience in software testing industry. He has<br />
won several testing competitions and people die to work with him. He believes in technical skill-set and<br />
has been a hacker since 16 while he fell in love with computers at the age of 12. He is a die-hard fan of<br />
his heart and always follows it come what may. He blogs on Software <strong>Testing</strong> at http://tuppad.com/ and<br />
has also been a contributor for several software testing magazines on the web. He has been speaker at<br />
various conferences and also contributes to the software testing community by coaching testers on<br />
security testing for free.His personal passion include driving, fitness, off-roading & more. Follow him on<br />
Twitter @santhoshst<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 35 -
CAST <strong>2014</strong><br />
- The Best <strong>Testing</strong><br />
Conference I Have<br />
Ever Been To<br />
- Simon ‘Peter’ Schrijver<br />
This years CAST conference in New York was awesome,<br />
even epic. It was perhaps the best conference ever I have<br />
been to. The three previous CAST I have been to (Seattle,<br />
San Jose and Madison) were great. Most other<br />
conferences I have been to are too commercial and<br />
related to certification institutions. This is not at CAST.<br />
As a tester you can speak freely and share your<br />
experiences with others. You can talk to everybody.<br />
To show you how open a conferrence such as CAST can<br />
be I show you some selfies I made with some of the<br />
participants. I categorized them a bit to give more<br />
context to my story.<br />
First the organizers of the conference; Bernie Berger,<br />
Anna Royzman, Keith Klain and Paul Holland. All well<br />
known in our community.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 36 -
What is also possible at CAST, is you can to talk some of<br />
the great voices of our test community. People like Fiona<br />
Charles, Anne-Marie Charret, Seline Delesi, Matt<br />
Heuser, Ben Simo, Matt Barcomb, Michael Larsen, John<br />
Stevenson, James Christie, Doug Hoffman, Michael<br />
Bolton and James Bach. You come with you story or<br />
experience and they will give you feedback. They can<br />
guide you to reference material they have themself or<br />
they guide you to sources of material that will benefit<br />
your work as a tester.<br />
I was this year selected as a facilitator for the talks and<br />
even a keynote. I had the privilege to facilitate the talk<br />
of Ale Moreiros, Jean Paul Varwijk, Huib Schoots,<br />
Parimala Hariprasad, Jay Philips and Jean-Ann<br />
Harrison, Ben Simo, Richard Bradshaw and Justin<br />
Rohrman.<br />
But what this conference also makes interesting is you<br />
meet old friends from previous CAST conferences and<br />
even other conferences. People like Alex Bantz, Helena<br />
Jeret-Mäe, Tony Bruce, Martin Hyne, Curtis Pettit, Peter<br />
Walen, IlariHenrik Aegerter, Jason Coutu, Lars Sjödahl,<br />
Stephen Blower, Markus Gärtner, Iain McCowatt,<br />
Thomas Vaniotis, Christine Wiederman, Perze Ababa,<br />
Claire Moss, Henrik Andersson, Erik Davis, Maria<br />
Kedemo, Ben Kelly, Eric Proegler and Griffin Jones.<br />
You also meet new people to which you talk to during<br />
the conference or you only know via twitter. Some new<br />
friends I made are Josh Meier, Rachelle Below, Nathalie<br />
Bennet, Katrina Clokie, Kate Falanga, Mike Lyles,<br />
Damian Synadinos, Shak Schiff, Nithin Shenoy, Smita<br />
Mishra.<br />
One special person I have to mention is the masterfacilitator<br />
and a good friend of mine, Rich Robinson. He<br />
did a fantastic job this year making sure that all the<br />
speakers felt comfortable by assigning them good and<br />
helpful facilitators.<br />
The CAST conference is sometimes a reunion, because I<br />
meet people who find CAST the most important<br />
conference and spent their limited budget to be at<br />
CAST. I heard even that some persons pay the<br />
conference out of their own pocket. When I determine<br />
my conference budget and time, I first plan CAST. After<br />
that comes the rest. I even went that far that I was away<br />
during my wedding anniversary and even my own<br />
birthday.<br />
CAST also organizes activities which are organized in<br />
the evening, when the regular daily activities are<br />
finished. People also join together and have diner with<br />
eachother. Some of them also organize LeanCoffee, at<br />
7:00 AM in the morning. Talking about test subjects<br />
which have the interest of the group. We even have a<br />
Test Retreat organized by Matt Heuser on the Saturday<br />
before the start of the CAST conference. It is not related<br />
to CAST but and extra 1 day conference you can attend<br />
and make your stay a bit longer.<br />
This years CAST conference had for me two topics that<br />
resonated with me for a while. It is the keynote of Trish<br />
Khoo where the subject 'a tester must learn to code'<br />
came into the discussion. This topic really has the<br />
attention of the test community. Big new-age companies<br />
like Google and Facebook say they don’t test of have no<br />
test team, but if you read between the lines, test<br />
activities are still going on over there.<br />
Further the talk of Richard Bradshaw about the subject<br />
of Test Automation is not replacing people, is not faster<br />
testing or not more time for exploratory test. The goal of<br />
test automation is to support your test and not replace<br />
your manual test.<br />
The three days were very energetic. A lot of<br />
conversations. CAST stands for the fact that they truly<br />
put the CONFER in the conference. See ya at CAST2015.<br />
About the Author<br />
Simon ‘Peter' Schrijver is a very experienced all-round tester, who has worked since 1997 as tester, test<br />
coordinator and test manager. He has several years of experience using SBTM as a test approach. Since<br />
2005, Simon works as an independent consultant. He visits annually several conferences to keep his<br />
knowledge up to date and where necessary, broaden/deepen his knowledge with (self-)training.<br />
Simon is also an active member of TestNet and (co-founder) of the Dutch Exploratory Workshop on<br />
<strong>Testing</strong> (DEWT). In these communities of enthusiastic testers, he is active with peers and discuss with<br />
them about the testing profession to keep up to date and improve them selves. He tweets at<br />
@SimonSaysNoMore<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 37 -
The CAST <strong>2014</strong><br />
Conference Just<br />
Took Place and I<br />
Wasn’t There!<br />
- Teri Charles<br />
I so wanted to be at CAST (Conference for the<br />
Association for Software Testers) this year, but it wasn’t<br />
meant to be. Like so many other testers around the<br />
world, I was not physically there, but was at home<br />
wishing I was. But thanks to CAST and some great work<br />
on their part, those of us who weren’t present had a<br />
chance to<br />
experience the<br />
excitement of one<br />
of the best testing<br />
conferences on the<br />
planet. A live<br />
stream was setup<br />
to show the<br />
keynotes, several<br />
other sessions (but<br />
not all of course,<br />
gotta get yourself<br />
there!), and a<br />
nightly recap with<br />
different guests<br />
each night. And I<br />
for one could not<br />
be more grateful to CAST for doing this! Here’s what it’s<br />
like to participate in CAST without actually being there.<br />
Things got started early Tuesday morning in my time<br />
zone (Mountain), the first day of the two day conference<br />
sessions. I signed on to the webCAST, really not sure<br />
what to expect. How does this work? Would I really be<br />
able to see or hear anything? Would there be a good<br />
connection? Would I be able to time bathroom breaks?!<br />
As I waited for things to start, a very cool thing began to<br />
happen. Other testers from all across the world in many<br />
different time zones began to pop into the chat section<br />
that was setup on the streaming site (uStream). People<br />
started to tentatively type out things like “testing, 1, 2,<br />
3” to see if the chat was working and several of us<br />
started saying hello to each other and connecting with<br />
one another. I felt excited that I was going to be able to<br />
share this experience with other testers, even though we<br />
weren’t physically<br />
in the same room<br />
or at the<br />
conference. Not<br />
being in New York<br />
at the conference, I<br />
immediately found<br />
some comfort that I<br />
would at least be<br />
able to participate<br />
in this way. And<br />
then just like that,<br />
the webCAST came<br />
on, the audio and<br />
video were<br />
excellent, and the<br />
conference began!<br />
First, announcements and introductions were made. But<br />
wait…what were these commercials that began to pop<br />
up? If you were participating in the webCAST, you<br />
know what I mean. The product that was used for the<br />
stream is free for users, but that means commercials will<br />
come on (which really is a small price to pay), and yes,<br />
that means right in the middle of someone’s session. But<br />
the chat session lit up with many of the testers letting<br />
others know about which browsers to use for ad<br />
blockers or to let them know they could subscribe to the<br />
product for $3.99 a month and then cancel as soon as the<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 38 -
conference was over (which is what I did). Things were<br />
back on track and commercial free!<br />
For the next two days, I watched almost every minute of<br />
the live stream. Some sessions I watched on my laptop,<br />
and some I watched on my flatscreen TV using my iPad<br />
connected to my Apple TV. Fancy! It was wonderful to<br />
actually get to see and listen to people that I have been<br />
following on Twitter, reading their articles and blog<br />
posts, chatting on Skype, and participating on things like<br />
Weekend <strong>Testing</strong>. These are some of the best testers in<br />
the world, and it was a treat to have the opportunity to<br />
see, listen and learn from them on subjects such as:<br />
thinking of testing as a ‘performance culture’, testing<br />
standards, adding value in agile, exploratory testing and<br />
NASA, adventures with the buggy HealthCare.gov site,<br />
test automation, adding ‘art’ to STEM (STEAM), and<br />
much much more. And there was also the unexpected<br />
treat of watching people I recognized walking past the<br />
cameras!<br />
But being that we’re in the social media age, we also had<br />
Twitter to give us all another way to be involved. Many<br />
attendees that were at the conference were tweeting<br />
excellent highlights from the sessions that were not live<br />
streaming, so those of us online were able to hear what<br />
was being presented in those sessions. And those of us<br />
online were also tweeting our thoughts and feelings on<br />
the sessions we were able to watch, which the CAST<br />
attendees enjoyed as well. And to add to the cool factor,<br />
during the question/answer portion at the end of each<br />
streamed session, those of us online were able to tweet<br />
questions using the “Tweet Printer” to whomever was<br />
speaking and listen to it asked and answered live! From<br />
our mouths to their ears!<br />
It’s not my intention to slight anyone’s session because<br />
they were all fantastic, but I have to say, my favorite was<br />
Ben Simo’s session on his experience with the<br />
HealthCare.gov site. Ben’s story is riveting and as I<br />
tweeted after watching his session, this was a master<br />
class in testing. Ben started out like so many others in<br />
the United States looking for health insurance for a<br />
family member, but he very quickly saw (like so many<br />
others!) how horribly buggy the site was. Ben couldn’t<br />
help himself and his tester hat came on. He not only<br />
kept finding things, he blogged about it. You can only<br />
imagine how excited the government was about that! I<br />
plan to watch this several more times and take notes to<br />
learn from him and improve my own testing. And I also<br />
plan on suggesting to other testers to watch this when<br />
they want a great example of exploratory testing. This<br />
session along all of the CAST <strong>2014</strong> videos can be seen at<br />
https://www.youtube.com/playlist?list=PLQB4l9iafcel<br />
XpJnK6IyDsoFeEb1icqrl<br />
Last but certainly not least, one of my favorite parts of<br />
the webCAST was the nightly recap. Benjamin Yaroch<br />
and Dee Ann Pizzica did an amazing and very<br />
entertaining job talking about that day’s sessions as<br />
well as interviewing several of the conference speakers<br />
such as Alessandra Moreira, Ben Simo, Karen Johnson,<br />
James Christie, and others. It was a very nice informal<br />
way for those of us not at the conference to get a deeper<br />
experience of how these testers thought. It was very<br />
interesting listening to them “just talk” about whatever<br />
was on their minds as the conference attendees mingled<br />
behind them.<br />
Yes, actually physically attending the CAST conference<br />
would be the best experience, but if you are unable to<br />
go, watching the webCAST is a great way to<br />
participate. I am determined to go to a CAST<br />
conference in the future, but the live stream gave me a<br />
glimpse of what the experience must be like which I<br />
can’t thank CAST enough for. And I cannot wait to be<br />
there!<br />
About the Author<br />
Teri Charles has been a Software Tester for over 10 years. She is a Context Driven Tester, organizer of<br />
the Boulder QA Meetup, BBST Foundations graduate, Rapid Software <strong>Testing</strong> (RST) class with James<br />
Bach, a Per Scholas mentor, and a volunteer/instructor with GDIBoulder. Teri's blog can be found at<br />
bouldertester.blogspot.com and she regularly tweets at @booksrg8.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 39 -
ISO 29119<br />
An Important Message to Testers<br />
Last year the International Organization for Standardization released the first three parts of the ISO/IEC/IEEE 29119<br />
Software <strong>Testing</strong>. Two further parts are due to be issued during <strong>2014</strong> and 2015.<br />
ISO 29119 is marketed as an "internationally agreed standard". This term may give the impression that the standard<br />
has been agreed by the testing community and enjoys broad support. Intentionally or otherwise, this is an implicit<br />
claim that the standard represents the testing profession as a whole. This may encourage politicians and regulators<br />
to mandate the use of 29119 in certain industries, on the belief that the matter of "how-to-test" has been settled. It<br />
may spur organisations into adoption, assuming that, when they implement the standard, they are making use of<br />
the best the testing profession has to offer. It might encourage some buyers of software to mandate the work that<br />
they commission has been tested in accordance with the standard. And if you believe the above is simply fanciful<br />
speculation, you need look no further than ISO 9000 for an example of how a standard was adopted by more than<br />
a million companies due to such political intervention and market coercion.<br />
Given the potential ramifications of such a claim, how do ISO ensure that there is international agreement? Their<br />
standards are drafted by a committee composed of individuals from various countries. These drafts are reviewed<br />
by numerous other committees organised by national member organisations. This review process is meant to<br />
ensure that standards are the product of consensus, or at least, a consensus amongst those who participated.<br />
But does such a process support the claim of representing testing as a whole? Of representing YOU? No.<br />
"Internationally agreed" means nothing of the sort; it means that a relatively small group of people, from various<br />
parts of the world, have come to some agreement as to how THEY view software testing despite what YOU might<br />
think. If you are on the outside, your view doesn't count. If you are on the inside, you get a say - at least until you<br />
disagree.<br />
Yet ISO, or at least some of its claims, seem to aspire to something more. ISO define the consensus that they seek as<br />
"general agreement, characterized by the absence of sustained opposition to substantial issues by any important<br />
part of the concerned interests”.<br />
We are testers. We are deeply concerned about the state of testing today, and deeply concerned about how it<br />
develops in the future. We oppose this standard, on the grounds that standardising a highly variable creative<br />
activity is fundamentally flawed, that doing so will increase the cost and drive down the value of testing, and that<br />
standardisation will inevitably stifle the development of our craft. We oppose this standard on the basis that there<br />
is no general agreement. For these reasons we have started a petition calling on ISO withdraw those parts of the<br />
standard that have already been issued, and suspend publication of the remaining parts.<br />
Many testers stand in opposition. Our petition has already been signed by more people than there are members of<br />
the ISO working group who drafted the standard. Many more are ignoring ISO 29119, not because they accept it,<br />
but because they hope that it will not affect them. This cannot be taken as tacit consent.<br />
Will ISO listen? Or will they choose to ignore those who oppose? The answer will turn on whether they consider<br />
the dissenters to be an "important part" of the testing profession.<br />
Do you oppose this standard? Do you want your voice to be heard? Or are you willing to be deemed unimportant<br />
by ISO?<br />
To find out more, links to articles discussing ISO 29119 can be found here:<br />
http://www.commonsensetesting.org/stop29119/<br />
Please support the #stop29119 movement. You can do so by signing the here:<br />
http://www.ipetitions.com/petition/stop29119/<br />
- Henke, Iain, Ilari, Johan<br />
The Board of the International Society for Software <strong>Testing</strong><br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 40 -
Have something to say about #testing?<br />
Consider submitting your testing article to us.<br />
Reach out to thousands of real testers worldwide.<br />
Future Edition Themes -<br />
● <strong>Testing</strong> in Cloud - (Last date of submission - 20 th <strong>September</strong>)<br />
Our Recent Contributors -<br />
Write to us - article@testingcircus.com<br />
www.testingcircus.com
Still relying on<br />
reading<br />
<strong>Testing</strong> <strong>Circus</strong><br />
from tweets<br />
& facebook<br />
updates?<br />
To Subscribe<br />
Click Here<br />
<strong>Testing</strong> <strong>Circus</strong><br />
www.testingcircus.com<br />
Subscribe<br />
just with your<br />
email id and<br />
get the<br />
magazine<br />
delivered to<br />
your email<br />
every month,<br />
free!<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 42 -
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 43 -
Book Reviews<br />
BOOK<br />
WORM’S<br />
CORNER<br />
This is our anniversary edition. And hence, reviewing a book that’s<br />
responsible for this anniversary. A book responsible for anniversary?<br />
Yes. You read it right. The book inspired this entire column and started<br />
it all for me. “<strong>Testing</strong> Computer Software” by Cem Kaner. This was the<br />
1st book that I read on Software testing. Lucky me. The book got me<br />
hooked and was followed by many other books.<br />
I would request the reader to read this with an open mind. As a person<br />
with 30+ years of testing experience quoted, “a mind is like a parachute;<br />
it works when open”. Though this book is on testing, it does not look<br />
like it was a book written for only Software testers. What works is that<br />
this book gives you a good idea of how software testing was done in the<br />
Mid-80s and early-90s too. That will help you understand how Software<br />
testing evolved with time.<br />
If you have your own preconceived notions about testing, then this<br />
book will not work for you. It gives the author’s perspective of Software<br />
<strong>Testing</strong>.<br />
There will be a lot of concepts and definitions; my request to you is to<br />
understand the concepts and definitions and not assume those definitions<br />
are used worldwide. If you are from the ISO/SEI process schools,<br />
you may feel short-charged due to the lack those process-school recommendations,<br />
but I would still encourage you to give it a read and finish this book. You will emerge that much stronger<br />
since you will know what the process-schools don’t talk about. That will help you merge the best of both worlds and<br />
implement them in your projects ---- that’s where I think this book would help you.<br />
This book has multiple editions; instead of trying to read the latest edition, I would request you to find and get your<br />
hands on the 1st edition. Having been published in the late 80s, this book was then a bible of sorts to the testers when<br />
Software <strong>Testing</strong> was not as big as it was today. Getting your hands on this edition would mean you can read and<br />
appreciate the content which was edited out or added in the later editions.<br />
At the end of the book, you would be left wondering if you’d be a better student of Software <strong>Testing</strong> if the author had<br />
taught you Software <strong>Testing</strong>!!! Buy it here.<br />
Love,<br />
WoBo<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 44 -
Become our fan -<br />
https://twitter.com/_sahi<br />
http://www.facebook.com/sahi.software<br />
Request a free demo by sending us an email at support@sahi.co.in<br />
http://www.sahi.co.in
A Fake Tester’s Diary<br />
http://www.testingcircus.com/category/a-fake-testers-diary/<br />
Part 45<br />
Not My Job<br />
ISO 29119 --- The latest big thing. One set of people are<br />
supporting it. A second set of people are opposing it. I<br />
have tremendous respect for both sets of people since<br />
they are having an opinion and are willing to voice<br />
their opinions to support or oppose 29119 (as they see<br />
fit). However, there exists a third set of people who are<br />
indifferent and do not offer<br />
an opinion. They seem to<br />
say --- “It’s not my job”.<br />
Those are the set of people<br />
that I am worried about. If<br />
you are reading this diary<br />
entry, then I believe that<br />
you belong to either the 1st<br />
or 2nd set of people. My<br />
request to you is to find<br />
out at least 5 members<br />
from the 3rd set and ask<br />
them for an opinion and<br />
request them to express<br />
their opinion. ISO 29119<br />
can potentially change the<br />
world of Software <strong>Testing</strong>.<br />
Please have a healthy<br />
debate to be or not to be.<br />
Don’t be indifferent.<br />
In the anniversary edition,<br />
thought it would be good<br />
to write about why I have<br />
a job. What am I supposed to prevent? Am I expected<br />
to find bugs or prevent bugs? I don’t have the answers<br />
to all of this. But I what I know is that I am expected to<br />
prevent some of the below disasters.<br />
Mars Orbiter story<br />
A 125$m budget Mars Orbiter. The project had<br />
engineers working from around the world. These<br />
engineers did not effectively communicate with each<br />
other. Some of them were working in the metric<br />
system while others were working in the US imperial<br />
system. Their inability to communicate with each<br />
other ultimately caused crash of the orbiter into the<br />
Martian atmosphere.<br />
The Comet Jetliner Crash<br />
later.<br />
The trains of France in <strong>2014</strong><br />
Comet Jetliners had two<br />
windows blown in midflight.<br />
This was caused due<br />
to square windows in the<br />
flight. Metal fatigue<br />
caused cracks in the<br />
window edges; due to this,<br />
pressurized cabins<br />
exploded.<br />
The Millennium Bridge<br />
problem<br />
The 1st pedestrian bridge<br />
opened in 2000. It closed<br />
within 2 days. A wobble<br />
was identified under the<br />
visitor’s footsteps. This<br />
was caused by human<br />
tendency to match foot<br />
steps to the span sway to<br />
keep balance, magnifying<br />
lateral movements. This<br />
was fixed and reopened<br />
France inaugurated a new fleet of trains in <strong>2014</strong>. After<br />
the trains were launched, they found that the trains<br />
were too big to fit into the stations. Someone forgot to<br />
do a “reality check” and they are now trying to trim<br />
back the rail platforms. The lack of coordination<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 46 -
etween the 2 state rail bodies of France caused this<br />
“mind-boggling” and “tragically comical” disaster.<br />
On the flip side, below is a story where a disaster was<br />
averted by an undergraduate student.<br />
Citi Group Center in New York<br />
When Citi Group’s New York headquarters was built<br />
in 1978, at a late stage, an undergraduate student<br />
identified that there was a design flaw. He identified<br />
that the architect did not account for wind loads when<br />
the wind blew from a specific direction against the<br />
corners. This meant that the building could effectively<br />
blow over in windy conditions. The architect listened<br />
to the student and modified the design to fortify the<br />
building. The building still stands.<br />
Keep Calm and Be Indifferent NOT<br />
Now, these all these projects would have people with<br />
varying designations; disasters could have been<br />
prevented if someone had not said “NOT MY JOB”.<br />
The undergraduate student working for the Citi group<br />
building could have done the same; but he took the<br />
problem up to the desk of the Chief architect. Saying<br />
“Not My Job” causes “Indifference”; this<br />
“indifference” across levels can kill the product that<br />
you are building. Please stop being INDIFFIRENT<br />
TODAY. Participate in key decisions within your<br />
projects and outside too; ISO 29119 --- to be or not to<br />
be, take a stand.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 47 -
#Testers2Follow<br />
Henrik Andersson<br />
Just another crazy tester trying to make it in the world.<br />
https://twitter.com/henkeandersson<br />
Erik Brickarp<br />
Passionate software tester and psychology hobbyist.<br />
https://twitter.com/Brickuz<br />
Jean-Paul Varwijk<br />
Passionate about software testing.<br />
#ContextDriven #DEWT #MiagiDo<br />
https://twitter.com/Arborosa<br />
House of Test<br />
House of Test is a company filled with passionate, context-driven<br />
testers. Based in Lund, Sweden, with local branches in Copenhagen,<br />
Gothenburg and Linköping.<br />
https://twitter.com/houseoftest<br />
http://Twitter.com/<strong>Testing</strong><strong>Circus</strong><br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 48 -
<strong>Testing</strong> <strong>Circus</strong><br />
<strong>Testing</strong> <strong>Circus</strong> is a world’s leading English language magazine for software testers<br />
and test enthusiasts. Monthly editions since <strong>September</strong> 2010. #testing<br />
Follow us at https://twitter.com/<strong>Testing</strong><strong>Circus</strong><br />
#Follow Us On Twitter<br />
https://Twitter.com/<strong>Testing</strong><strong>Circus</strong><br />
Over 100 testers to follow at Twitter - http://www.testingcircus.com/testers-in-twitter<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 49 -
Security <strong>Testing</strong> Tips<br />
Kick-Start Https / SSL <strong>Testing</strong><br />
Part 21<br />
- Santhosh Tuppad<br />
Often people love web applications with SSL. Even<br />
Google spiders love websites with HTTPS / SSL certificate.<br />
To help you understand better, SSL is nothing<br />
but HTTPS that you see while browsing some of the<br />
web application. Most of the testers does only one test<br />
for SSL and that is if HTTPS is visible in URL address<br />
bar or not. Well, that’s really cranky in<br />
my opinion as you need just pair of eyes<br />
in order to check it.<br />
Where do we use SSL?<br />
SSL or HTTPS need to be used for the<br />
web-pages where sensitive information<br />
exists. Example: Login form needs to be<br />
sent over the wire in encrypted form<br />
and HTTPS does it. If you enable<br />
HTTPS for static pages which are public,<br />
then it may slow down the performance, you don’t<br />
need HTTPS for displaying the public web-pages like<br />
contact us, about us etc.<br />
Some of the pages where you need to use HTTPS?<br />
Change Password<br />
Registration Form<br />
My Profile<br />
Any web-pages which are private to logged in users<br />
session<br />
Note: It is not only for web-pages, it could be for your<br />
client-server applications where data needs to be encrypted<br />
and the protocol used is HTTPS.<br />
1. HTTPS should be enforced when tried to use<br />
HTTP for web-pages where the data needs to<br />
be transferred is confidential & needs encryption<br />
2. Check for SSL certificate is from the trusted<br />
vendor<br />
3. Check for SSL certificate consistency in different<br />
web browsers<br />
4. Test for the BEAST attack where hackers or<br />
attackers may be able to decrypt the encryption.<br />
5. Check if HTTP Strict Transport Security<br />
is enabled for your server.<br />
Now, this is sufficient to start with SSL<br />
<strong>Testing</strong>. Advanced learning is the next<br />
step!<br />
Quick tips for learning more about SSL<br />
1. Try installing the self-signed certificate<br />
for your blog or website<br />
2. Buy a certificate and try installing on<br />
your own. For learning purpose, even you may<br />
want to use Trial certificate license.<br />
3. Understand your server, IP address, Port,<br />
Hostname, Issuer, Validation Type (Example:<br />
Domain Validation), Signature, Public Key etc.<br />
These are some of the terminologies that help<br />
you to understand SSL certificates better. Once<br />
you understand what these do, you may want<br />
to brainstorm or associate test for every entity.<br />
I am going to stop here as anything more than this may<br />
be overflow or a bouncer for you. Last, but not least; it<br />
would be great if you get into network level learning<br />
and protocols level learning along with Cryptography!<br />
Finally, SSL is not a fool-proof solution. Security is like<br />
adding layers and you never get to know till someone<br />
exploits it.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 50 -
www.TalentPlusPlus.com<br />
?<br />
www.TalentPlusPlus.com<br />
Confused what to do with your career?<br />
We can HELP<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 51 -
Is Contrast.Net the Tool To Detect And<br />
Remove Security Vulnerabilities?<br />
New threats<br />
emerge every<br />
day for<br />
challenging<br />
a p p l i c a t i o n<br />
s e c u r i t y .<br />
P a y P a l ,<br />
Linked In and<br />
other major<br />
websites have been hacked. While there is Open Web<br />
Application Security Project (OWASP) there are quite<br />
a few new tools emerging to improve security of<br />
application. Contrast Security has launched new tool<br />
for .Net Web Applications to continually self-test for<br />
vulnerabilities.<br />
One of the recent reports suggests that a typical web<br />
application has over 22 serious, undetected security<br />
issues and can cost over $5,000 per vulnerability to find<br />
and fix. Since many large enterprises have hundreds of<br />
web applications, the total cost of securing all of their<br />
application can easily run into millions of dollars.<br />
Top 10 security vulnerabilities listed on OWASP:<br />
1. Injection (Sqli -> SQL Injection)<br />
2. Broken Authentication & Session Management<br />
3. XSS (Cross Site Scripting)<br />
4. Insecure Direct Object Reference<br />
5. Security Misconfiguration<br />
6. Missing Function Level Access Control<br />
7. Cross Site Request Forgery (CSRF Or XSRF)<br />
8. Using Components with known Vulnerabilities<br />
9. Unvalidated Redirect & Forwards<br />
Once installed on IIS servers, Contrast for .NET<br />
analyzes applications built using Microsoft.Net<br />
framework for dangerous security vulnerabilities<br />
during development, testing and operations including<br />
those running on Azure Cloud service.<br />
Key features of Contrast .Net are:<br />
Real-Time Vulnerability Detection:<br />
Contrast instantly identifies the OWASP Top Ten and<br />
many other dangerous security issues introduced in<br />
custom code, libraries and run-time configuration<br />
automatically with no expertise or effort required.<br />
Actionable Code-Level Pinpointing and Expert<br />
Guidance:<br />
Developers get stack and data flow traces, library<br />
inventories, and instant validation capabilities speed<br />
remediation, which helps in pinpointing the problems.<br />
Highly context sensitive expert code-level guidance<br />
educates developers about secure coding practices.<br />
Automatically generated WAF (Web Application<br />
Firewall) rules enable Dev/Ops and test personnel to<br />
patch any issues that make it to production.<br />
Continually updated cloud intelligence assures that<br />
only the latest and most secure libraries are used.<br />
Portfolio-Class Scalability:<br />
Executive-level portfolio views deliver management<br />
visibility of organizations entire application security<br />
posture in real-time and across the software delivery<br />
lifecycle.<br />
Agile Speed and Automation:<br />
Scriptable silent installers, automated updates and a<br />
REST API and reporting enable Contrast to passively<br />
integrate into virtually any development and<br />
deployment process, continually discovering<br />
vulnerabilities no matter how frequently application<br />
code changes.<br />
Instant Compliance Reporting:<br />
Because Contrast operates continuously, it can generate<br />
always accurate PCI DSS, HIPAA, DISA AppSec STIG,<br />
and other compliance-ready reports whenever needed<br />
in seconds.<br />
Easy and Secure: SaaS or On-Premises Deployment:<br />
In the time it takes to read this page, you can register,<br />
run and discover application security issues<br />
using Contrast’s SaaS service. It's that easy. An onpremises<br />
deployment option is available as a part of<br />
Contrast Enterprise. Both options scale to any number<br />
of servers and applications with little additional effort.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com August <strong>2014</strong> - 52 -
Managing Change In A Test Cycle<br />
Q u a l i t y<br />
a s s u r a n c e<br />
teams need to<br />
be prepared for<br />
sudden changes<br />
that might<br />
occur during<br />
the production<br />
process.<br />
Accounting for changing development expectations<br />
and software market conditions has become a fairly<br />
common occurrence for developers and quality<br />
assurance professionals. When stakeholders and upper<br />
management first outline the requirements of a given<br />
software project, some development teams make the<br />
mistake of taking those guidelines as gospel.<br />
To be sure, initial requirements are crucial to the<br />
development process, giving team members clear goals<br />
for completing a project. However, today's marketplace<br />
can be capricious, fluctuating significantly in a short<br />
period of time.<br />
User feedback that is received later in the production<br />
cycle may contradict earlier goals. This lack of<br />
predictability has required QA management to plan for<br />
the unexpected and put together a test team capable of<br />
rolling with the punches and effectively addressing<br />
whatever new challenges may emerge.<br />
Embracing change has been a hallmark of agile<br />
development since the approach first emerged.<br />
Although many organizations still adhere to what is<br />
essentially a waterfall structure of development, agile<br />
processes are often incorporated in some capacity.<br />
A strictly linear approach to development and testing<br />
is no longer sustainable, as these rigid processes will<br />
impede a QA team's ability to account for new<br />
requirements and expectations. These shifting demands<br />
could come from the market, consumers or company<br />
executives, sometimes requiring production members<br />
to react swiftly in order to stay on track with their<br />
release schedules.<br />
Writing for the Software QA and <strong>Testing</strong> Resource<br />
Center, quality assurance expert Rick Hower suggested<br />
that team leaders directly consult with upper<br />
management regarding the possibly of production<br />
changes occurring during a project's lifecycle. If<br />
particular development shifts can be predicted ahead<br />
of time, QA teams and developers will be better<br />
prepared to address those changes without severely<br />
impacting the release schedule.<br />
The need for communication<br />
An agile approach to quality assurance can ease the<br />
burden placed on software testers by better integrating<br />
their efforts with the development process from the<br />
outset. This way, if and when a requirement change<br />
arises, developers and testers can work as a cohesive<br />
unit to address the ensuing software issues. Forrester<br />
analyst Diego Lo Giudice explained that revisions to<br />
the production plan can have far-reaching effects,<br />
requiring greater communication capabilities across the<br />
organization.<br />
"The huge change of testing has an impact on all of the<br />
testing tools categories: from test management tools to<br />
functional and non-functional automation testing to<br />
performance and load testing to security and test data<br />
management tools and, finally, to the newcomers'<br />
services virtualization for software testing tools," Lo<br />
Giudice wrote. "More than ever there is a need for a<br />
constant flow of information among [business<br />
analysts], developers and testers."<br />
In a white paper studying the challenges facing agile<br />
software developments, Rex Black Consulting Services<br />
agreed that facilitating communications between<br />
disparate production roles and management positions<br />
was essential to optimal quality assurance.<br />
A high-quality test management system can<br />
substantially help these efforts by providing a single<br />
interface to provide real-time updates and store test<br />
tools. This way, team members can be kept apprised of<br />
any new developments that could affect the<br />
production. In addition, proven automated test scripts<br />
can be saved and made available through the testing<br />
dashboard, meaning QA teams will not need to start<br />
from scratch just because the parameters of a project<br />
have been suddenly altered.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 53 -
Real Device Metrics Under Load Now<br />
Available By Partnership Between<br />
Neotys And Perfecto Mobile<br />
<strong>Testing</strong> for smartphone apps is always challenging given the variety of smartphones, different OS and screens.<br />
They part of business gear as well for business people on the move. It is challenging to develop apps which could<br />
perform well.<br />
Based on one of the recent surveys, about 52% of the apps fail due to poor performance issues.<br />
Other reasons of failure of apps are also:<br />
• Insufficient device coverage<br />
• Spending less time on testing the app<br />
• Lack of user experience due to bad user interface<br />
It is only correct to say that though the functionality of app is really good, if performance is bad or user experience<br />
is bad, app is bound to fail. One of the solutions mentioned in the whitepaper by perfecto mobile is as follows:<br />
Neotys has<br />
partnered with<br />
Perfecto mobile to<br />
help improve the<br />
performance of the<br />
apps. The new<br />
i n t e g r a t i o n<br />
between Neotys’<br />
NeoLoad load and<br />
p e r f o r m a n c e<br />
testing solution for Web and mobile applications and Perfecto Mobile’s MobileCloud Platform enables<br />
organizations to understand the complete end user experience of their mobile users before releasing their<br />
applications into production.<br />
The 100% SaaS-based platform, MobileCould from Perfecto Mobile enables users to access real smartphones and<br />
tablets, as well as emulators, globally and across carriers. Neoload provides features users need to carry out load<br />
tests and analyse the results with easy to use interface.<br />
Partnership between Neotys and Perfecto Mobile helps users or test teams to get real device metrics (CPU,<br />
memory, battery, etc.) correlated in real time with results from a full load of virtual users for measurement of<br />
the complete end user experience. Testers can now determine exactly what performance an end user is<br />
experiencing on the device side while the application is under load.<br />
“Faster time to market, better software quality and higher productivity are important to all software teams, but<br />
it’s even more crucial for mobile app teams because customers are giving them one chance to get the user<br />
experience right,” said Gerald Labie, CEO, Neotys USA. “The combination of our two solutions is huge for our<br />
customers. The ability to pinpoint performance problems, whether they are on the device side or the application’s<br />
back end, earlier in the software development process allows teams to make changes before they become costly<br />
issues in production.”<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 54 -
Are you missing what others are<br />
sharing on our<br />
page?<br />
http://www.facebook.com/<strong>Testing</strong><strong>Circus</strong><br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 55 -
Article<br />
Submission<br />
Guidelines<br />
Do you have something to share with the<br />
testing world? We can make your voice<br />
heard to testers.<br />
http://www.testingcircus.com/article-submission-guidelines<br />
Article submission guidelines –<br />
● Subject of article can be based on any area of Software <strong>Testing</strong>. If you want to publish your article on<br />
theme based subject please read our announcement of monthly theme published in our site. Article<br />
can be submitted without any theme based subject.<br />
● There is no minimum and maximum length of article. If you feel the article is lengthy, please divide<br />
the article into logically separated parts so that we can print them in a monthly series.<br />
● Give a meaningful title to the article. If you want a sub-title as well , then add that in a different line.<br />
● Add images/pictures if necessary. If you are using any image/picture which is not yours own work,<br />
please include the source. Take care of copyrighted materials. Images need to sent separately with the<br />
article.<br />
● Send us the article in MS word (doc/docx) format only. Pdf files are not accepted.<br />
● Write a short write up on the author(s). Usually 7/8 liners in 3rd person descriptive language.<br />
● Include photograph of author(s). Preferred in high resolution .jpeg/.png format. Ideal size would be<br />
50mmX 50mm.<br />
● You can send your article any time. Since we publish every month, your article can be included in any<br />
month. There is no such thing called as a dead line.<br />
● Send in your article to article@testingcircus.com with a subject line “Article for <strong>Testing</strong> <strong>Circus</strong> –<br />
Author Name – Title of the article”<br />
● If you think you can write a column in <strong>Testing</strong> <strong>Circus</strong> for at least 6 months, please submit 3 articles in<br />
advance. We are open to any idea that may improve the user experience of <strong>Testing</strong> <strong>Circus</strong>.<br />
● We will publish the articles in our website a week after the pdf magazine is published.<br />
We need articles on<br />
<strong>Testing</strong> in Cloud<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 56 -
4 Years, 48 Editions, <strong>September</strong> 2010 to <strong>September</strong> <strong>2014</strong><br />
<strong>Testing</strong> <strong>Circus</strong><br />
is Four Years<br />
Old?<br />
How time flies. <strong>Testing</strong> <strong>Circus</strong> has been a fun addition<br />
to my life ever since. I’ll let you into a little secret, I’m<br />
not the world’s greatest reader. I have a good deal of<br />
textbooks at home, and I make slow progress through<br />
them.<br />
<strong>Testing</strong> <strong>Circus</strong> has allowed me to get an<br />
exposure to different aspects and ideas<br />
within testing that I’d not normally have<br />
been exposed to. Often it would be a<br />
launch pad to an area I’d not heard of<br />
before (Cloud computing, mobile applications,<br />
agile testing have all grown in this time), but<br />
on reading one article it’d spark an<br />
interest, and just enough knowledge to<br />
start looking for more. When I took my<br />
first steps into test management in 2011, I found many<br />
articles, especially Bernice Ruhland’s frequent series<br />
invaluable, often backing up my experiences.<br />
Having come from the defense industry prior to 2010,<br />
we were not renowned for going outside of work and<br />
talking a lot about what we did – typically men in black<br />
would appear to have a quiet word with you if you did!<br />
And so most of my mentors and people I talked testing<br />
with were a small insular group within defense<br />
applications.<br />
Through <strong>Testing</strong> <strong>Circus</strong>, I started to learn of the world<br />
wide network of testers out there on the Internet, and<br />
introduced me to Twitter and Twitter handles. Trying<br />
to fit talking about testing into 140 characters was<br />
definitely a challenge.<br />
But this was the right magazine at the right time. I<br />
found myself at work writing an “onboarding to<br />
testing” document for my latest company, the kind I’d<br />
written at every company so far. And I felt “wouldn’t it<br />
be nice to share some of this stuff” – out of<br />
it my blog, now at 150 entries was born,<br />
and the passion to write about testing.<br />
we do.<br />
- Mike Talks<br />
Because I was writing in my spare time,<br />
and because really to get someone to read<br />
about testing outside of hours, you need<br />
an incentive. Hence I’ve always tried to<br />
have a sense of fun in my writing, over<br />
writing academic pieces. Looking for the<br />
fun that we know is at the heart of what we<br />
do on those days we get a thrill out of what<br />
It was only natural I’d end up submitting to some of the<br />
testing magazines. <strong>Testing</strong> <strong>Circus</strong> was the first<br />
magazine to publish one of my pieces, and over the<br />
years I’ve found them really helpful and supportive. I<br />
know I’ve managed to find my own voice in testing<br />
thanks to this magazine and its support.<br />
Looking forward to the future, I hope that there are<br />
readers out there who feel it’s time for them to take a<br />
gamble and start writing. The test community is a<br />
diverse group, and we get stronger with every tester<br />
who manages to find their voice.<br />
And so looking ahead, I look forward to reading YOUR<br />
articles – find your voice and submit!<br />
Mike Talks works as a Test Manager in Wellington, but has appreciated plugging into the larger test<br />
community through <strong>Testing</strong> <strong>Circus</strong> and <strong>Testing</strong> Trapeze. Mike tweets at @TestSheepNZ.<br />
www.<strong>Testing</strong><strong>Circus</strong>.com <strong>September</strong> <strong>2014</strong> - 57 -
SEEKING CONTRIBUTORS<br />
Write to us<br />
editor@testingcircus.com<br />
http://www.testingcircus.com/article-submission-guidelines/