Hitting the right notes in QA
August 15, 2009 —
(Page 1 of 6)
If the software development process weren’t buoyed by testing and quality assurance metrics, there would be a great deal of guesswork taking place.
It would be like a symphony orchestra getting up on a stage without a single sheet of music and trying to play Bach or Beethoven.
Only with software, the symphony is getting more complex each year. With a constantly evolving software development process that includes different IDEs, systems integrations and a seemingly endless stream of new features, it can be difficult to maintain a sense of the values behind metrics.
According to multiple testing and quality assurance software providers, good metrics should provide adequate information on a defect’s effect on the overall costs of producing the software or the likelihood of the application failing. Good metrics should also offer an idea of how compliant a developer is with industry standards or how secure a developer’s code is.
Bill Curtis, senior vice president and chief scientist for application management company Cast Software, agreed that one of the most important metrics of an application’s health in the long term is the percentage of defects detected before a developer gets to test.
“That’s the best prediction of long-term improvement in the quality of your software. Defects cost much less to fix in the design and coding phase than in testing, and the earlier defects are found, the cheaper they are to fix,” he said.
Chris Wysopal, cofounder and CTO of Veracode, said that while things like authorization problems can certainly be tested for in the final build or when an application is deployed, the cost to fix those problems is very expensive.
“The best time to look for authorization problems is at design time,” Wysopal said. “At that time, you can do threat modeling, which is inspection more than testing. Then you have defects that show up when you’re writing the code, like buffer overflow, and that could be found by static analysis at code design time.”
Threat modeling is the process of assessing and describing what attacks a piece of software is vulnerable to in order to eradicate potential threats.
Related Search Term(s): QA
Share this link: http://sdt.bz/33688
Most Read
Latest News
Resources
SAP unveils SAP HANA platform innovations for Big Data and spatial processing
Features include smart data access and expanded cloud deployment options
|
|
|
Alteryx raises $12 million to put Big Data analytics in the hands of all business analysts
Quest founder's firm, Toba Capital, selects Alteryx as its first analytics investment
|
|
|
Google I/O kicks off
Developers get new APIs and tools, and the Go language hits version 1.1
|
|
|
Jelastic launches new version of its Java and PHP hosting platform
Jelastic today announced the launch of a new version of its ultra-scalable cloud hosting platform
|
Telerik adds back-end services to Icenium mobile tool suite
Icenium Everlive makes the suite a complete app development platform, the company says
|
|
|
CollabNet fuses CloudForge, TeamForge
New pricing structure and integration gives developers an enterprise-grade choice for dist...
|
|
|
Eclipse release train for Kepler arrives June 26
New version of Eclipse includes Stardust for business process management, and Orion 3.0 fo...
|
|
|
Google I/O kicks off
Developers get new APIs and tools, and the Go language hits version 1.1
|
IDC MarketScape: Worldwide Cloud Testing and ASQ SaaS
Demand for solutions to test applications on the cloud and for the cloud is rising signifi...
|
|
|
Get to Know the Database Decision Factors
What should you look for when choosing a relational database system? This informative arti...
|
|
|
Exploring the Database Forest
Today’s database technology landscape is more dynamic and varied than ever before. What’s...
|
|
|
Data Management Resource Guide
Today’s data is generated by more than just applications. Data is generated by trillions o...
|