Wednesday, 26 September 2012

Quality management

The specific definition, which does not aim to assure 'good quality' by the more general definition, but rather to ensure that an organization or product is consistent, can be considered to have four main components: quality planning, quality control, quality assurance and quality improvement. Quality management is focused not only on product/service quality, but also the means to achieve it. Quality management therefore uses quality assurance and control of processes as well as products to achieve more consistent quality.

Change Managment

Once requirements are finalized and frozen the work starts on any project. If after that customer wants to add or change requirements, it is called a "change request". Managing change requests is called change management.

Tuesday, 25 September 2012

Difference between Inspection and Audit

Inspection A formal evaluation technique in which software
requirements, design, or code are examined in detail by person or group
other than the author to detect faults, violations of development
standards, and other problems.
Audit - An independent examination of a work product or set of work
products to assess compliance with specifications, standards,
contractual agreements, or other criteria.

Saturday, 8 September 2012

How to Test Banking Applications

Banking applications are considered to be one of the most complex applications in today’s software development and testing industry. What makes Banking application so complex? What approach should be followed in order to test the complex workflows involved? In this article we will be highlighting different stages and techniques involved in testing Banking applications.
The characteristics of a Banking application are as follows:
  • Multi tier functionality to support thousands of concurrent user sessions
  • Large scale Integration , typically a banking application integrates with numerous other applications such as Bill Pay utility and Trading accounts
  • Complex Business workflows
  • Real Time and Batch processing
  • High rate of Transactions per seconds
  • Secure Transactions
  • Robust Reporting section to keep track of day to day transactions
  • Strong Auditing to troubleshoot customer issues
  • Massive storage system
  • Disaster Management.
The above listed ten points are the most important characteristics of a Banking application.
Banking applications have multiple tiers involved in performing an operation. For Example, a banking application may have:
  1. Web Server to interact with end users via Browser
  2. Middle Tier to validate the input and output for web server
  3. Data Base to store data and procedures
  4. Transaction Processor which could be a large capacity Mainframe or any other Legacy system to carry out Trillions of transactions per second.
If we talk about testing banking applications it requires an end to end testing methodology involving multiple software testing techniques to ensure:
  • Total  coverage of all banking workflows and Business Requirements
  • Functional aspect of the application
  • Security aspect of the application
  • Data Integrity
  • Concurrency
  • User Experience
Typical stages involved in testing Banking Applications are shown in below workflow which we will be discussing individually.

Testing Banking Applications

1) Requirement Gathering:

Requirement gathering phase involves documentation of requirements either as Functional Specifications or Use Cases. Requirements are gathered as per customer needs and documented by Banking Experts or Business Analyst. To write requirements on more than one subject experts are involved as banking itself has multiple sub domains and one full fledge banking application will be the integration of all. For Example: A banking application may have separate modules for Transfers, Credit Cards, Reports, Loan Accounts, Bill Payments, Trading Etc.

2) Requirement Review:

The deliverable of Requirement Gathering is reviewed by all the stakeholders such as QA Engineers, Development leads and Peer Business Analysts. They cross check that neither existing business workflows nor new workflows are violated.

3) Business Scenario Preparations:

In this stage QA Engineers derive Business Scenarios from the requirement documents (Functions Specs or Use Cases); Business Scenarios are derived in such a way that all Business Requirements are covered. Business Scenarios are high level scenarios without any detailed steps, further these Business Scenarios are reviewed by Business Analyst to ensure all of Business Requirements are met and its easier for BAs to review high level scenarios than reviewing low level detailed Test Cases.

4) Functional Testing:

In this stage functional testing is performed and the usual software testing activities are performed such as:
Test Case Preparation:
In this stage Test Cases are derived from Business Scenarios, one Business Scenario leads to several positive test cases and negative test cases. Generally tools used during this stage are Microsoft Excel, Test Director or Quality Center.
Test Case Review:
Reviews by peer QA Engineers
Test Case Execution:
Test Case Execution could be either manual or automatic involving tools like QC, QTP or any other.

5) Database Testing:

Banking Application involves complex transaction which are performed both at UI level and Database level, Therefore Database testing is as important as functional testing. Database in itself is an entirely separate layer hence it is carried out by database specialists and it uses techniques like
  • Data loading
  • Database Migration
  • Testing DB Schema and Data types
  • Rules Testing
  • Testing Stored Procedures and Functions
  • Testing Triggers
  • Data Integrity

6) Security Testing:

Security Testing is usually the last stage in the testing cycle as completing functional and non functional are entry criteria to commence Security testing. Security testing is one of the major stages in the entire Application testing cycle as this stage ensures that application complies with Federal and Industry standards. Security testing cycle makes sure the application does not have any web vulnerability which may expose sensitive data to an intruder or an attacker and complies with standards like OWASP.
In this stage the major task involves in the whole application scan which is carried out using tools like IBM Appscan or HP WebInspect (2 Most popular tools).
Once the Scan is complete the Scan Report is published out of which False Positives are filtered out and rest of the vulnerability are reported to Development team for fixing depending on the Severity.
Other Manual tools for Security Testing used are: Paros Proxy, Http Watch, Burp Suite, Fortify tools Etc.
Apart from the above stages there might be different stages involved like Integration Testing and Performance Testing.
In today’s scenario majority of Banking Projects are using: Agile/Scrum, RUP and Continuous Integration methodologies, and Tools packages like Microsoft’s VSTS and Rational Tools.
As we mentioned RUP above, RUP stands for Rational Unified Process, which is an iterative software development methodology introduced by IBM which comprises of four phases in which development and testing activities are carried out.
Four phases are:
i) Inception
ii) Collaboration
iii) Construction and
iv) Transition
RUP widely involves IBM Rational tools.
In this article we discussed how complex a Banking application could be and what are the typical phases involved in testing the application. Apart from that we also discussed current trends followed by IT industries including software development methodologies and tools.

Friday, 17 August 2012

Telecom Testing

Telecom testing is an automated, controlled method of verifying operation of your products before they go to market. Any product that connects to the PSTN (public switched telephone network) or a telecom switch (PBX) can be tested with a telephone line simulator, bulk call generator, or similar telecom test platform. Telecom testing is ideal for all telephony applications and equipment, including:

IVR systems
Switching systems
CTI applications
VoIP gateways
IADs
Why use a telecom testing solution?

A telecom test platform minimizes costs and simplifies engineering, QA, and production testing, as well as integration and pre-installation testing. A test solution can simulate telephony protocols and functions for:


Feature and performance testing
Load and stress testing
Bulk call generation
Quality of service testing
Equipment demos and product training

An automated telecom test solution provides comprehensive, consistent testing that can be customized for your specific application. In addition, thorough testing will provide peace-of-mind for you and guaranteed reliability for your customers.

Difference between mobile testing and web testing

Mobile Application Testing:
As Wireless Application Protocol (WAP) is used in mobile
phones for internet connections the browser tested here is
WAP BROWSER.

Testing is done to ensure that only wml languages are
accessed using wap browsers.And also there are automation
tools for checking mobile application testing. 
 
application is works as per the given
requirements.it is the basic definition of mobile
application testing.
  
to go more details:
                   testing each application in mobile like
phonebook, message, gallery, camera,games etc deeper to make
sure that all the requirements are meets. 
 
 
WEB TESTING:

For web application testing,the developed webpage is tested
in various browsers and OS and the protocol used here is IP.
 

Difference between Desktop Testing and Client-Server Testing

Desktop application runs on personal computers and work stations, so when you test the desktop application you are focusing on a specific environment. You will test complete application broadly in categories like GUI, functionality, Load, and backend i.e DB.
In client server application you have two different components to test. Application is loaded on server machine while the application exe on every client machine. You will test broadly in categories like, GUI on both sides, functionality, Load, client-server interaction, backend. This environment is mostly used in Intranet networks. You are aware of number of clients and servers and their locations in the test scenario.