Basic Software Testing For Dummies

Aditi Technologies
Basic Concepts of Software Testing
Software Testing
Basic Concepts and Industry awareness
Page 1 of 62
Aditi Technologies
Table of Contents 1. Introduction.................................................................................... .............4 2. Types of Testing........................................................................................ ....4 2.1. White Box Testing...................................................................................4 2.2. Blac Box Testing....................................................................................4 2.!. "nit Testing........................................................................... .................# 2.!.1. Benefits ..................................................................................... ......# 2.!.2. $ncourages change ...........................................................................# 2.!.!. Si%plifies Integration ........................................................................# 2.!.4. &ocu%ents the code .........................................................................# 2.!.#. Separation of Interface fro% I%ple%entation .......................................' 2.!.'. (i%itations .................................................................................. .....' 2.4. Integration testing .................................................................................' 2.4.1. )urpose .................................................................................. .........' 2.#. )erfor%ance Testing................................................................................* 2.#.1. Technology ......................................................................................* 2.#.2. )erfor%ance specifications .................................................................* 2.#.!. Tas s to underta e ...........................................................................+ 2.'. Stress Testing .......................................................................... ..............+ 2.*. Security Testing......................................................................................, 2.*.1. Security Testing Techni-ues ..............................................................., 2.+. "sa.ility Testing.............................................................................. ........, 2.,. Sta.ility Testing....................................................................................1/ 2.1/. Acceptance Testing..............................................................................1/ 2.11. Installation Testing..............................................................................11 2.12. Alfa Testing............................................................................... ..........11 2.1!. Beta Testing............................................................................... .........11 2.14. )roduct Testing...................................................................................11 2.1#. Syste% Testing.............................................................................. ......12 2.1'. 0egression Testing...............................................................................12 2.1*. Co%pati.ility Testing............................................................................1! 2.1+. Test Cases1 Suits1 Scripts and Scenario...................................................1! 2.1,. &efect Trac ing...................................................................................14 2.2/. 2or%al 3erification...............................................................................14 2.2/.1. 3alidation and 3erification ..............................................................14 2.21. 2u44 Testing............................................................................. ...........1# 2.21.1. "ses .................................................................................. ..........1# 2.21.2. 2u44 testing %ethods .....................................................................1# 2.21.!. $5ent6dri5en fu44 ..........................................................................1' 2.21.4. Character6dri5en fu44 ....................................................................1' 2.21.#. &ata.ase fu44 ......................................................................... ......1' !. 7anual Testing...........................................................................................1* !.1. 2acts.................................................................................................. ..1* !.2. Software Crisis ........................................................................... ..........1* !.!. Software 7yths ....................................................................................1* !.!.1. 7anage%ent 7yths .........................................................................1* !.!.2. &e5elopers 7yths ...........................................................................1* !.!.!. Custo%er8s 7yth .............................................................................1+ !.!.4. What do we do9 ........................................................................ ......1+ !.4. Software :uality Assurance; ..................................................................1+ !.4.1. 3erification; ...................................................................................1+ !.4.2. 3alidation; .....................................................................................1+ !.#. Software (ife Cycle 7odels; ...................................................................1+
Page 2 of 62
Aditi Technologies
!.'. What %a es a good Software :A engineer9 .............................................1, !.*. Testing; ............................................................................................ ...1, !.*.1. Why Testing9 ............................................................................ ......1, !.+. Test (ife Cycle ............................................................................ ..........1, !.,. Testing Techni-ues ...............................................................................1, !.1/. Test )lan; ..........................................................................................2/ !.1/.1. Test Specification; .........................................................................2/ 4. Testing )rocedure.......................................................................................2/ 4.1. Bug Trac ing ............................................................................... .........21 #. Testing Tools and Software...........................................................................2! #.1. (oad and )erfor%ance Test Tools ............................................................2! #.2. <a5a test Tools......................................................................................2! #.!. (in Chec ing Tools...............................................................................2* #.4. )erl Testing Tools............................................................................. ......2+ #.#. We. 2unctional and 0egression Testing Tools............................................2, #.'. We. Site Security Test Tools...................................................................!! #.*. We. Site 7anage%ent Tools...................................................................!* #.+. =ther We. Testing Tools.........................................................................4# '. Testing 2A: .................................................................................. .............#1
Page 3 of 62
Aditi Technologies
1. Introduction
Testing is a process used to help identify the correctness1 co%pleteness and -uality of de5eloped co%puter software. With that in %ind1 testing can ne5er co%pletely esta.lish the correctness of co%puter software. In other words Testing is nothing .ut C0ITICIS7 or C=7)A0ISI=>. ?ere co%parison in the sense co%paring the actual 5alue with expected one. There are %any approaches to software testing1 .ut effecti5e testing of co%plex products is essentially a process of in5estigation1 not %erely a %atter of creating and following rote procedure. =ne definition of testing is @the process of -uestioning a product in order to e5aluate it@1 where the @-uestions@ are things the tester tries to do with the product1 and the product answers with its .eha5ior in reaction to the pro.ing of the tester. Although %ost of the intellectual processes of testing are nearly identical to that of re5iew or inspection1 the word testing is connoted to %ean the dyna%ic analysis of the productAputting the product through its paces. The -uality of the application can and nor%ally does 5ary widely fro% syste% to syste% .ut so%e of the co%%on -uality attri.utes include relia.ility1 sta.ility1 porta.ility1 %aintaina.ility and usa.ility.
Refer to the ISO standard ISO 9126 for a more complete list of attributes and criteria.
2. Types of Testing
2.1.White Box Testing
White .ox testing is also nown as glass .ox1 structural1 clear .ox and open .ox testing. This is a software testing techni-ue where.y explicit nowledge of the internal wor ings of the ite% .eing tested are used to select the test data. "nli e .lac .ox testing1 white .ox testing uses specific nowledge of progra%%ing code to exa%ine outputs. The test is accurate only if the tester nows what the progra% is supposed to do. ?e or she can then see if the progra% di5erges fro% its intended goal. White .ox testing does not account for errors caused .y o%ission1 and all 5isi.le code %ust also .e reada.le.
2.2.Black Box Testing

Testing of a function without nowing internal structure of the progra%. Blac 6.ox and white6.ox are test design %ethods. Blac 6.ox test design treats the syste% as a @.lac 6.ox@1 so it doesnBt explicitly use nowledge of the internal structure. Blac 6.ox test design is usually descri.ed as focusing on testing functional re-uire%ents. Synony%s for .lac 6.ox include; .eha5ioral1 functional1 opa-ue6.ox1 and closed6.ox. White6.ox test design allows one to pee inside the @.ox@1 and it focuses specifically on using internal nowledge of the software to guide the selection of test data. Synony%s for white6.ox include; structural1 glass6.ox and clear6.ox.
Page 4 of 62
Aditi Technologies
While .lac 6.ox and white6.ox are ter%s that are still in popular use1 %any people prefer the ter%s @.eha5ioral@ and @structural@. Beha5ioral test design is slightly different fro% .lac 6.ox test design .ecause the use of internal nowledge isnBt strictly for.idden1 .ut itBs still discouraged. In practice1 it hasnBt pro5en useful to use a single test design %ethod. =ne has to use a %ixture of different %ethods so that they arenBt hindered .y the li%itations of a particular one. So%e call this @gray6.ox@ or @translucent6.ox@ test design1 .ut others wish weBd stop tal ing a.out .oxes altogether. It is i%portant to understand that these %ethods are used during the test design phase1 and their influence is hard to see in the tests once theyBre i%ple%ented. >ote that any le5el of testing Cunit testing1 syste% testing1 etc.D can use any test design %ethods. "nit testing is usually associated with structural test design1 .ut this is .ecause testers usually donBt ha5e well6defined re-uire%ents at the unit le5el to 5alidate.
2.3.Unit Testing
In co%puter progra%%ing1 a unit test is a %ethod of testing the correctness of a particular %odule of source code. The idea is to write test cases for e5ery non6tri5ial function or %ethod in the %odule so that each test case is separate fro% the others if possi.le. This type of testing is %ostly done .y the de5elopers.
2.3.1.Benefits
The goal of unit testing is to isolate each part of the progra% and show that the indi5idual parts are correct. It pro5ides a written contract that the piece %ust satisfy. This isolated testing pro5ides four %ain .enefits;
2.3.2.Encourages change
"nit testing allows the progra%%er to re6factor code at a later date1 and %a e sure the %odule still wor s correctly Cregression testingD. This pro5ides the .enefit of encouraging progra%%ers to %a e changes to the code since it is easy for the progra%%er to chec if the piece is still wor ing properly.
2.3.3.Si
plifies Integration
"nit testing helps eli%inate uncertainty in the pieces the%sel5es and can .e used in a .otto%6up testing style approach. By testing the parts of a progra% first and then testing the su% of its parts will %a e integration testing easier.
2.3.!."ocu
ents the code
"nit testing pro5ides a sort of @li5ing docu%ent@ for the class .eing tested. Clients loo ing to learn how to use the class can loo at the unit tests to deter%ine how to use the class to fit their needs.
Page 5 of 62
Aditi Technologies
2.3.#.Separation of Interface fro
ple
entation
Because so%e classes %ay ha5e references to other classes1 testing a class can fre-uently spill o5er into testing another class. A co%%on exa%ple of this is classes that depend on a data.aseE in order to test the class1 the tester finds herself writing code that interacts with the data.ase. This is a %ista e1 .ecause a unit test should ne5er go outside of its own class .oundary. As a result1 the software de5eloper a.stracts an interface around the data.ase connection1 and then i%ple%ents that interface with their own 7oc =.Fect. This results in loosely coupled code1 thus %ini%i4ing dependencies in the syste%.
2.3.$.%i
itations
It is i%portant to reali4e that unit6testing will not catch e5ery error in the progra%. By definition1 it only tests the functionality of the units the%sel5es. Therefore1 it will not catch integration errors1 perfor%ance pro.le%s and any other syste%6wide issues. In addition1 it %ay not .e tri5ial to anticipate all special cases of input the progra% unit under study %ay recei5e in reality. "nit testing is only effecti5e if it is used in conFunction with other software testing acti5ities.
2.!.Integration testing
Integration Testing is the phase of software testing in which indi5idual software %odules are co%.ined and tested as a group. It follows unit testing and precedes syste% testing. ta es as its input %odules that ha5e .een chec ed out .y unit testing1 groups the% in larger aggregates1 applies tests defined in an Integration test plan to those aggregates1 and deli5ers as its output the integrated syste% ready for syste% testing.
2.!.1.&urpose
The purpose of Integration testing is to 5erify functional1 perfor%ance and relia.ility re-uire%ents placed on %aFor design ite%s. These @design ite%s@1 i.e. asse%.lages Cor groups of unitsD1 are exercised through their interfaces using Blac .ox testing1 success and error cases .eing si%ulated 5ia appropriate para%eter and data inputs. Si%ulated usage of shared data areas and inter6process co%%unication is testedE indi5idual su.syste%s are exercised through their input interface. All test cases are constructed to test that all co%ponents within asse%.lages interact correctly1 for exa%ple1 across procedure calls or process acti5ations. The o5erall idea is the @.uilding .loc @ approach in which 5erified asse%.lages are added to a 5erified .ase which is then used to support the Integration testing of further asse%.lages.
Page 6 of 62
Aditi Technologies
2.#.&erfor
ance Testing
In software engineering1 perfor%ance testing is testing that is perfor%ed to deter%ine how fast so%e aspect of a syste% perfor%s under a particular wor load. )erfor%ance testing can ser5e different purposes. It can de%onstrate that the syste% %eets perfor%ance criteria. It can co%pare two syste%s to find which perfor%s .etter. =r it can %easure what parts of the syste% or wor load cause the syste% to perfor% .adly. In the diagnostic case1 software engineers use tools such as profilers to %easure what parts of a de5ice or software contri.ute %ost to the poor perfor%ance or to esta.lish throughput le5els Cand thresholdsD for %aintained accepta.le response ti%e. In perfor%ance testing1 it is often crucial Cand often difficult to arrangeD for the test conditions to .e si%ilar to the expected actual use.
2.#.1.Technology
)erfor%ance testing technology e%ploys one or %ore )Cs to act as inFectors G each e%ulating the presence or nu%.ers of users and each running an auto%ated se-uence of interactions Crecorded as a script1 or as a series of scripts to e%ulate different types of user interactionD with the host whose perfor%ance is .eing tested. "sually1 a separate )C acts as a test conductor1 coordinating and gathering %etrics fro% each of the inFectors and collating perfor%ance data for reporting purposes. The usual se-uence is to ra%p up the load G starting with a s%all nu%.er of 5irtual users and increasing the nu%.er o5er a period to so%e %axi%u%. The test result shows how the perfor%ance 5aries with the load1 gi5en as nu%.er of users 5s. response ti%e. 3arious tools1 including Co%puware CorporationBs :ACenter )erfor%ance $dition1 are a5aila.le to perfor% such tests. Tools in this category usually execute a suite of tests which will e%ulate real users against the syste%. So%eti%es the results can re5eal oddities1 e.g.1 that while the a5erage response ti%e %ight .e accepta.le1 there are outliers of a few ey transactions that ta e considera.ly longer to co%plete G so%ething that %ight .e caused .y inefficient data.ase -ueries1 etc. )erfor%ance testing can .e co%.ined with stress testing1 in order to see what happens when an accepta.le load is exceeded Gdoes the syste% crash9 ?ow long does it ta e to reco5er if a large load is reduced9 &oes it fail in a way that causes collateral da%age9
2.#.2.&erfor
ance specifications
)erfor%ance testing is fre-uently not perfor%ed against a specification1 i.e. no one will ha5e expressed what the %axi%u% accepta.le response ti%e for a gi5en population of users is. ?owe5er1 perfor%ance testing is fre-uently used as part of the process of perfor%ance profile tuning. The idea is to identify the Hwea est lin I G there is ine5ita.ly a part of the syste% which1 if it is %ade to respond faster1 will result in the o5erall syste% running faster. It is so%eti%es a difficult tas to identify which part of the syste% represents this critical path1 and so%e test tools co%e pro5ided with Cor can ha5e add6ons that
Page 7 of 62
Aditi Technologies
pro5ideD instru%entation that runs on the ser5er and reports transaction ti%es1 data.ase access ti%es1 networ o5erhead1 etc. which can .e analy4ed together with the raw perfor%ance statistics. Without such instru%entation one %ight ha5e to ha5e so%eone crouched o5er Windows Tas 7anager at the ser5er to see how %uch C)" load the perfor%ance tests are generating. There is an apocryphal story of a co%pany that spent a large a%ount opti%i4ing their software without ha5ing perfor%ed a proper analysis of the pro.le%. They ended up rewriting the syste%8s Jidle loop81 where they had found the syste% spent %ost of its ti%e1 .ut e5en ha5ing the %ost efficient idle loop in the world o.5iously didn8t i%pro5e o5erall perfor%ance one iotaK )erfor%ance testing al%ost in5aria.ly identifies that it is parts of the software Crather than hardwareD that contri.ute %ost to delays in processing users8 re-uests. )erfor%ance testing can .e perfor%ed across the we.1 and e5en done in different parts of the country1 since it is nown that the response ti%es of the internet itself 5ary regionally. It can also .e done in6house1 although routers would then need to .e configured to introduce the lag what would typically occur on pu.lic networ s. It is always helpful to ha5e a state%ent of the li ely pea nu%.ers of users that %ight .e expected to use the syste% at pea ti%es. If there can also .e a state%ent of what constitutes the %axi%u% allowa.le ,# percentile response ti%e1 then an inFector configuration could .e used to test whether the proposed syste% %et that specification.
2.#.3.Tasks to undertake
Tas s to perfor% such a test would include; Analysis of the types of interaction that should .e e%ulated and the production of scripts to do those e%ulations &ecision whether to use internal or external resources to perfor% the tests. Set up of a configuration of inFectorsLcontroller Set up of the test configuration Cideally identical hardware to the production platfor%D1 router configuration1 -uiet networ Cwe don8t want results upset .y other usersD1 deploy%ent of ser5er instru%entation. 0unning the tests G pro.a.ly repeatedly in order to see whether any unaccounted for factor %ight affect the results. Analy4ing the results1 either passLfail1 or in5estigation of critical path and reco%%endation of correcti5e action.
2.$.Stress Testing
Stress Testing is a for% of testing that is used to deter%ine the sta.ility of a gi5en syste% or entity. It in5ol5es testing .eyond nor%al operational capacity1 often to a .rea ing point1 in order to o.ser5e the results. 2or exa%ple1 a we. ser5er %ay .e stress tested using scripts1 .ots1 and 5arious denial of ser5ice tools to o.ser5e the perfor%ance
Page 8 of 62
Aditi Technologies
of a we. site during pea loads. Stress testing a su.set of load testing. Also see testing1 software testing1 perfor%ance testing.
2.'.Security Testing
Application 5ulnera.ilities lea5e your syste% open to attac s1 &ownti%e1 &ata theft1 &ata corruption and application &eface%ent. Security within an application or we. ser5ice is crucial to a5oid such 5ulnera.ilities and new threats. While auto%ated tools can help to eli%inate %any generic security issues1 the detection of application 5ulnera.ilities re-uires independent e5aluation of your specific applicationBs features and functions .y experts. An external security 5ulnera.ility re5iew .y Third $ye Testing will gi5e you the .est possi.le confidence that your application is as secure as possi.le.
2.'.1.Security Testing Techni(ues

3ulnera.ility Scanning >etwor Scanning )assword Crac ing (og 3iews 3irus &etect )enetration Testing 2ile Integrity Chec ers War &ialing
2.).Usa*ility Testing
"sa.ility testing is a %eans for %easuring how well people can use so%e hu%an6%ade o.Fect Csuch as a we. page1 a co%puter interface1 a docu%ent1 or a de5iceD for its intended purpose1 i.e. usa.ility testing %easures the usa.ility of the o.Fect. "sa.ility testing focuses on a particular o.Fect or a s%all set of o.Fects1 whereas general hu%an6co%puter interaction studies atte%pt to for%ulate uni5ersal principles. If usa.ility testing unco5ers difficulties1 such as people ha5ing difficulty understanding instructions1 %anipulating parts1 or interpreting feed.ac 1 then de5elopers should i%pro5e the design and test it again. &uring usa.ility testing1 the ai% is to o.ser5e people using the product in as realistic a situation as possi.le1 to disco5er errors and areas of i%pro5e%ent. &esigners co%%only focus excessi5ely on creating designs that loo @cool@1 co%pro%ising usa.ility and functionality. This is often caused .y pressure fro% the people in charge1 forcing designers to de5elop syste%s .ased on %anage%ent expectations instead of peopleBs needs. A designersB pri%ary function should .e %ore than appearance1 including %a ing things wor with people. @Caution; si%ply gathering opinions is not usa.ility testing 66 you %ust arrange an experi%ent that %easures a su.FectBs a.ility to use your docu%ent.@
Page 9 of 62
Aditi Technologies
0ather than showing users a rough draft and as ing1 @&o you understand this9@1 usa.ility testing in5ol5es watching people trying to use so%ething for its intended purpose. 2or exa%ple1 when testing instructions for asse%.ling a toy1 the test su.Fects should .e gi5en the instructions and a .ox of parts. Instruction phrasing1 illustration -uality1 and the toyBs design all affect the asse%.ly process. Setting up a usa.ility test in5ol5es carefully creating a scenario1 or realistic situation1 wherein the person perfor%s a list of tas s using the product .eing tested while o.ser5ers watch and ta e notes. Se5eral other test instru%ents such as scripted instructions1 paper prototypes1 and pre6 and post6test -uestionnaires are also used to gather feed.ac on the product .eing tested. 2or exa%ple1 to test the attach%ent function of an e6%ail progra%1 a scenario would descri.e a situation where a person needs to send an e6%ail attach%ent1 and as hi% or her to underta e this tas . The ai% is to o.ser5e how people function in a realistic %anner1 so that de5elopers can see pro.le% areas1 and what people li e. The techni-ue popularly used to gather data during a usa.ility test is called a thin aloud protocol.
2.+.Sta*ility Testing
In software testing1 sta.ility testing is an atte%pt to deter%ine if an application will crash. In the phar%aceutical field1 it refers to a period of ti%e during which a %ulti6dose product retains its -uality after the container is opened.
2.1,.-cceptance Testing
"ser acceptance testing C"ATD is one of the final stages of a software proFect and will often occur .efore the custo%er accepts a new syste%. "sers of the syste% will perfor% these tests which1 ideally1 de5elopers ha5e deri5ed fro% the "ser 0e-uire%ents Specification1 to which the syste% should confor%. Test designers will draw up a for%al test plan and de5ise a range of se5erity le5els. The focus in this type of testing is less on si%ple pro.le%s Cspelling %ista es1 cos%etic pro.le%sD and show stoppers C%aFor pro.le%s li e the software crashing1 software will not run etc.D. &e5elopers should ha5e wor ed out these issues during unit testing and integration testing. 0ather1 the focus is on a final 5erification of the re-uired .usiness function and flow of the syste%. The test scripts will e%ulate real6world usage of the syste%. The idea is that if the software wor s as intended and without issues during a si%ulation of nor%al use1 it will wor Fust the sa%e in production. 0esults of these tests will allow .oth the custo%ers and the de5elopers to .e confident that the syste% will wor as intended.
Page 10 of 62
Aditi Technologies
2.11.Installation Testing
Installation testing Cin software engineeringD can si%ply .e defined as any testing that occurs outside of the de5elop%ent en5iron%ent. Such testing will fre-uently occur on the co%puter syste% the software product will e5entually .e installed on. Whilst the ideal installation %ight si%ply appear to .e to run a setup progra%1 the generation of that setup progra% itself and its efficacy in a 5ariety of %achine and operating syste% en5iron%ents can re-uire extensi5e testing .efore it can .e used with confidence. In distri.uted syste%s1 particularly where software is to .e released into an already li5e target en5iron%ent Csuch as an operational we. siteD installation Cor deploy%ent as it is so%eti%es calledD can in5ol5e data.ase sche%a changes as well as the installation of new software. &eploy%ent plans in such circu%stances %ay include .ac 6out procedures whose use is intended to roll the target en5iron%ent .ac in the e5ent that the deploy%ent is unsuccessful. Ideally1 the deploy%ent plan itself should .e tested in an en5iron%ent that is a replica of the li5e en5iron%ent. A factor that can increase the organi4ational re-uire%ents of such an exercise is the need to synchroni4e the data in the test deploy%ent en5iron%ent with that in the li5e en5iron%ent with %ini%u% disruption to li5e operation.
2.12.-lfa Testing
In software de5elop%ent1 testing is usually re-uired .efore release to the general pu.lic. In6house de5elopers often test the software in what is nown as BA()?AB testing which is often perfor%ed under a de.ugger or with hardware6assisted de.ugging to catch .ugs -uic ly. It can then .e handed o5er to testing staff for additional inspection in an en5iron%ent si%ilar to how it was intended to .e used. This techni-ue is nown as .lac .ox testing. This is often nown as the second stage of alpha testing.
2.13.Beta Testing
7any a ti%e1 the software is released to a li%ited audience who would finally for% the end users1 to use it L test it and co%e .ac with feed.ac or .ugs. This process helps in deter%ining whether the final software %eets its intended purpose and whether the end users would accept the sa%e. The product handed out as a Beta 0elease is not .ug free1 howe5er no serious or critical .ugs would exist. A .eta release is 5ery close to the final release.
2.1!.&roduct Testing
Software )roduct de5elop%ent co%panies face uni-ue challenges in testing. =nly suita.ly organi4ed and executed test process can contri.ute to the success of a software product.
Page 11 of 62
Aditi Technologies
)roduct testing experts design the test process to ta e ad5antage of the econo%ies of scope and scale that are present in a software product. These acti5ities are se-uenced and scheduled so that a test acti5ity occurs i%%ediately following the construction acti5ity whose output the test is intended to 5alidate.
2.1#.Syste
Testing
According to the I$$$ Standard Co%puter &ictionary1 Syste% testing is testing conducted on a co%plete1 integrated syste% to e5aluate the syste%Bs co%pliance with its specified re-uire%ents. Syste% testing falls within the scope of Blac .ox testing1 and as such1 should re-uire no nowledge of the inner design of the code or logic CI$$$. I$$$ Standard Co%puter &ictionary; A Co%pilation of I$$$ Standard Co%puter Mlossaries. >ew Nor 1 >N. 1,,/.D. Alpha testing and Beta testing are su.6categories of Syste% testing. As a rule1 Syste% testing ta es1 as its input1 all of the @integrated@ software co%ponents that ha5e successfully passed Integration testing and also the software syste% itself integrated with any applica.le hardware syste%CsD. The purpose of Integration testing is to detect any inconsistencies .etween the software units that are integrated together called asse%.lages or .etween any of the asse%.lages and hardware. Syste% testing is %ore of a li%iting type of testing1 where it see s to detect .oth defects within the @inter6asse%.lages@ and also the syste% as a whole.
2.1$..egression Testing
0egression Testing is typically carried out at the end of the de5elop%ent cycle. &uring this testing1 all .ug pre5iously identified and fixed is tested along with itBs i%pacted areas to confir% the fix and itBs i%pact if any. According to the I$$$ Standard Co%puter &ictionary1 0egression testing is testing conducted on a co%plete1 integrated syste% to e5aluate the syste%Bs co%pliance with its specified re-uire%ents. 0egression testing falls within the scope of Blac .ox testing1 and as such1 should re-uire no nowledge of the inner design of the code or logic CI$$$. I$$$ Standard Co%puter &ictionary; A Co%pilation of I$$$ Standard Co%puter Mlossaries. >ew Nor 1 >N. 1,,/.D. Alpha testing and Beta testing are su.6categories of 0egression testing. As a rule1 0egression testing ta es1 as its input1 all of the @integrated@ software co%ponents that ha5e successfully passed Integration testing and also the software 0egression itself integrated with any applica.le hardware 0egressionCsD. The purpose of Integration testing is to detect any inconsistencies .etween the software units that are integrated together called asse%.lages or .etween any of the asse%.lages and hardware. 0egression testing is %ore of a li%iting type of
Page 12 of 62
Aditi Technologies
testing1 where it see s to detect .oth defects within the @inter6asse%.lages@ and also the syste% as a whole.
2.1'./o
pati*ility Testing
=ne of the challenges of software de5elop%ent is ensuring that the application wor s properly on the different platfor%s and operating syste%s on the %ar et and also with the applications and de5ices in its en5iron%ent. Co%pati.ility testing ser5ice ai%s at locating application pro.le%s .y running the% in real en5iron%ents1 thus ensuring you that the application is co%pati.le with 5arious hardware1 operating syste% and .rowser 5ersions.
2.1).Test /ases0 Suits0 Scripts and Scenario

Blac .ox testers usually write test cases for the %aFority of their testing acti5ities. A test case is usually a single step1 and its expected result1 along with 5arious additional pieces of infor%ation. It can occasionally .e a series of steps .ut with one expected result or expected outco%e. The optional fields are a test case I&1 test step or order of execution nu%.er1 related re-uire%entCsD1 depth1 test category1 author1 and chec .oxes for whether the test is auto%ata.le and has .een auto%ated. (arger test cases %ay also contain prere-uisite states or steps1 and descriptions. A test case should also contain a place for the actual result. These steps can .e stored in a word processor docu%ent1 spreadsheet1 data.ase or other co%%on repository. In a data.ase syste%1 you %ay also .e a.le to see past test results and who generated the results and the syste% configuration used to generate those results. These past results would usually .e stored in a separate ta.le. The %ost co%%on ter% for a collection of test cases is a test suite. The test suite often also contains %ore detailed instructions or goals for each collection of test cases. It definitely contains a section where the tester identifies the syste% configuration used during testing. A group of test cases %ay also contain prere-uisite states or steps1 and descriptions of the following tests. Collections of test cases are so%eti%es incorrectly ter%ed a test plan. They %ay also .e called a test script1 or e5en a test scenario. 7ost white .ox tester write and use test scripts in unit1 syste%1 and regression testing. Test scripts should .e written for %odules with the highest ris of failure and the highest i%pact if the ris .eco%es an issue. 7ost co%panies that use auto%ated testing will call the code that is used their test scripts. A scenario test is a test .ased on a hypothetical story used to help a person thin through a co%plex pro.le% or syste%. They can .e as si%ple as a diagra% for a testing en5iron%ent or they could .e a description written in prose. The ideal scenario test has fi5e ey characteristics. It is CaD a story that is C.D %oti5ating1 CcD credi.le1 CdD co%plex1 and CeD easy to
Page 13 of 62
Aditi Technologies
e5aluate. They are usually different fro% test cases in that test cases are single steps and scenarios co5er a nu%.er of steps. Test suites and scenarios can .e used in concert for co%plete syste% tests. Scenario testing is si%ilar to1 .ut not the sa%e as session6.ased testing1 which is %ore closely related to exploratory testing1 .ut the two concepts can .e used in conFunction.
2.1+."efect Tracking
In engineering1 defect trac ing is the process of finding defects in a product1 C.y inspection1 testing1 or recording feed.ac fro% custo%ersD1 and trac ing the% to closure. &efect trac ing is i%portant in software engineering as co%plex software syste%s typically ha5e tens or hundreds of thousands of defects; %anaging1 e5aluating and prioriti4ing these defects is a difficult tas . &efect trac ing syste%s are co%puter data.ase syste%s that store defects and help people to %anage the%.
2.2,.1or
al 2erification
In the context of hardware and software syste%s1 for%al 5erification is the act of pro5ing or dispro5ing the correctness of a syste% with respect to a certain for%al specification or property1 using for%al %ethods. Syste% types that are considered in the literature for for%al 5erification include finite state %achines C2S7D1 la.eled transition syste%s C(TSD and their co%positions1 )etri nets1 ti%ed auto%ata and hy.rid auto%ata1 cryptographic protocols1 co%.inatorial circuits1 digital circuits with internal %e%ory1 and a.stractions of general software co%ponents. The properties to .e 5erified are often descri.ed in te%poral logics1 such as linear te%poral logic C(T(D or co%putational tree logic CCT(D. "sually for%al 5erification is carried out algorith%ically. The %ain approaches to i%ple%enting for%al 5erification include state space enu%eration1 sy%.olic state space enu%eration1 a.stract interpretation1 a.straction refine%ent1 process6 alge.raic %ethods1 and reasoning with the aid of auto%atic theore% pro5ers such as ?=( or Isa.elle.
2.2,.1.2alidation and 2erification

3erification is one aspect of testing a productBs fitness for purpose. 3alidation is the co%ple%entary aspect. =ften one refers to the o5erall chec ing process as 3 O 3. 3alidation; @Are we .uilding the right product9I i.e.1 does the product do what the user really re-uires. 3erification; @Are we .uilding the product right9I i.e.1 does the product confor% to the specifications.
Page 14 of 62
Aditi Technologies
The 5erification process consists of static and dyna%ic parts. $.g.1 for a software product one can inspect the source code CstaticD and run against specific test cases Cdyna%icD. 3alidation usually can only .e done dyna%ically1 i.e.1 the product is tested .y putting it through typical usages and atypical usages C@Can we .rea it9@D.
2.21.1u33 Testing
2u44 testing is a software testing techni-ue. The .asic idea is to attach the inputs of a progra% to a source of rando% data. If the progra% fails Cfor exa%ple1 .y crashing1 or .y failing in6.uilt code assertionsD1 then there are defects to correct. The great ad5antage of fu44 testing is that the test design is extre%ely si%ple1 and free of preconceptions a.out syste% .eha5ior.
2.21.1.Uses
2u44 testing is often used in large software de5elop%ent proFects that perfor% .lac .ox testing. These usually ha5e a .udget to de5elop test tools1 and fu44 testing is one of the techni-ues which offer a high .enefit to cost ratio. 2u44 testing is also used as a gross %easure%ent of a large software syste%Bs -uality. The ad5antage here is that the cost of generating the tests is relati5ely low. 2or exa%ple1 third party testers ha5e used fu44 testing to e5aluate the relati5e %erits of different operating syste%s and application progra%s. 2u44 testing is thought to enhance software security and software safety .ecause it often finds odd o5ersights and defects which hu%an testers would fail to find1 and e5en careful hu%an test designers would fail to create tests for. ?owe5er1 fu44 testing is not a su.stitute for exhausti5e testing or for%al %ethods; it can only pro5ide a rando% sa%ple of the syste%Bs .eha5ior1 and in %any cases passing a fu44 test %ay only de%onstrate that a piece of software handles exceptions without crashing1 rather than .eha5ing correctly. Thus1 fu44 testing can only .e regarded as a proxy for progra% correctness1 rather than a direct %easure1 with fu44 test failures actually .eing %ore useful as a .ug6finding tool than fu44 test passes as an assurance of -uality.
2.21.2.1u33 testing
ethods
As a practical %atter1 de5elopers need to reproduce errors in order to fix the%. 2or this reason1 al%ost all fu44 testing %a es a record of the data it %anufactures1 usually .efore applying it to the software1 so that if the co%puter fails dra%atically1 the test data is preser5ed. 7odern software has se5eral different types of inputs; $5ent dri5en inputs are usually fro% a graphical user interface1 or possi.ly fro% a %echanis% in an e%.edded syste%.
Page 15 of 62
Aditi Technologies
Character dri5en inputs are fro% files or data strea%s. &ata.ase inputs are fro% ta.ular data1 such as relational data.ases.
There are at least two different for%s of fu44 testing; 3alid fu44 atte%pts to assure that the rando% input is reasona.le1 or confor%s to actual production data. Si%ple fu44 usually uses a pseudo rando% nu%.er generator to pro5ide input. A co%.ined approach uses 5alid test data with so%e proportion of totally rando% input inFected. By using all of these techni-ues in co%.ination1 fu446generated rando%ness can test the un6designed .eha5ior surrounding a wider range of designed syste% states. 2u44 testing %ay use tools to si%ulate all of these do%ains.
2.21.3.E4ent5dri4en fu33
>or%ally this is pro5ided as a -ueue of data6structures. The -ueue is filled with data structures that ha5e rando% 5alues. The %ost co%%on pro.le% with an e5ent6dri5en progra% is that it will often si%ply use the data in the -ueue1 without e5en crude 5alidation. To succeed in a fu446tested en5iron%ent1 software %ust 5alidate all fields of e5ery -ueue entry1 decode e5ery possi.le .inary 5alue1 and then ignore i%possi.le re-uests. =ne of the %ore interesting issues with real6ti%e e5ent handling is that if error reporting is too 5er.ose1 si%ply pro5iding error status can cause resource pro.le%s or a crash. 0o.ust error detection syste%s will report only the %ost significant or %ost recent error o5er a period of ti%e.
2.21.!./haracter5dri4en fu33
>or%ally this is pro5ided as a strea% of rando% data. The classic source in ">IP is the rando% data generator. =ne co%%on pro.le% with a character dri5en progra% is a .uffer o5errun1 when the character data exceeds the a5aila.le .uffer space. This pro.le% tends to recur in e5ery instance in which a string or nu%.er is parsed fro% the data strea% and placed in a li%ited6si4e area. Another is that decode ta.les or logic %ay .e inco%plete1 not handling e5ery possi.le .inary 5alue.
2.21.#."ata*ase fu33
The standard data.ase sche%e is usually filled with fu44 that is rando% data of rando% si4es. So%e IT shops use software tools to %igrate and %anipulate such data.ases. =ften the sa%e sche%a descriptions can .e used to auto%atically generate fu44 data.ases.
Page 16 of 62
Aditi Technologies
&ata.ase fu44 is contro5ersial1 .ecause input and co%parison constraints reduce the in5alid data in a data.ase. ?owe5er1 often the data.ase is %ore tolerant of odd data than its client software1 and a general6purpose interface is a5aila.le to users. Since %aFor custo%er and enterprise %anage%ent software is starting to .e open6source1 data.ase6.ased security attac s are .eco%ing %ore credi.le. A co%%on pro.le% with fu44 data.ases is .uffer o5errun. A co%%on data dictionary1 with so%e for% of auto%ated enforce%ent is -uite helpful and entirely possi.le. To enforce this1 nor%ally all the data.ase clients need to .e reco%piled and retested at the sa%e ti%e. Another co%%on pro.le% is that data.ase clients %ay not understand the .inary possi.ilities of the data.ase field type1 or1 legacy software %ight ha5e .een ported to a new data.ase syste% with different possi.le .inary 5alues. A nor%al1 inexpensi5e solution is to ha5e each progra% 5alidate data.ase inputs in the sa%e fashion as user inputs. The nor%al way to achie5e this is to periodically @clean@ production data.ases with auto%ated 5erifiers.
3. 6anual Testing
3.1.1acts
In India itself1 Software industry growth has .een pheno%enal. IT field has enor%ously grown in the past #/ years. IT industry in India is expected to touch 1/1/// crores of which software share is dra%atically increasing.
3.2.Soft7are /risis
Software costLschedules are grossly inaccurate. Cost o5erruns of se5eral ti%es1 schedule slippage8s .y %onths1 or e5en years are co%%on. )roducti5ity of people has not ept pace with de%and. Added to it is the shortage of s illed people. )roducti5ity of people has not ept pace with de%and Added to it is the shortage of s illed people.
3.3.Soft7are 6yths
3.3.1.6anage

ent 6yths
Software 7anage%ent is different. Why change or approach to de5elop%ent9 We ha5e pro5ided the state6of6the6art hardware. )ro.le%s are technical If proFect is late1 add %ore engineers. We need .etter people.
3.3.2."e4elopers 6yths
We %ust start with fir% re-uire%ents
Page 17 of 62
Aditi Technologies
Why .other a.out Software $ngineering techni-ues1 I will go to ter%inal and code it. =nce coding is co%plete1 %y Fo. is done. ?ow can you %easure the -uality...it is so intangi.le.
3.3.3./usto

er8s 6yth
A general state%ent of o.Fecti5e is good enough to produce software. Anyway software is H2lex6wareI1 it can acco%%odate %y changing needs.
3.3.!.What do 7e do9
"se Software $ngineering techni-uesLprocesses. Institutionali4e the% and %a e the% as part of your de5elop%ent culture. Adopt :uality Assurance 2ra%ewor s ; IS=1 C77 Choose the one that %eets your re-uire%ents and adopt where necessary.
3.!.Soft7are :uality -ssurance;

The purpose of Software :uality Assurance is to pro5ide %anage%ent with appropriate 5isi.ility into the process .eing used .y the software proFect and of the products .eing .uilt. Software :uality Assurance in5ol5es re5iewing and auditing the software products and acti5ities to 5erify that they co%ply with the applica.le procedures and standards and pro5iding the software proFect and other appropriate %anagers with the results of these re5iews and audits.
3.!.1.2erification;
3erification typically in5ol5es re5iews and %eetings to e5aluate docu%ents1 plans1 code1 re-uire%ents1 and specifications. The deter%ination of consistency1 correctness O co%pleteness of a progra% at each stage.
3.!.2.2alidation;
3alidation typically in5ol5es actual testing and ta es place after 5erifications are co%pleted The deter%ination of correctness of a final progra% with respect to its re-uire%ents.
3.#.Soft7are %ife /ycle 6odels;

)rototyping 7odel Waterfall 7odel G Se-uential Spiral 7odel 3 7odel 6 Se-uential
Page 18 of 62
Aditi Technologies
3.$.What
akes a good Soft7are :- engineer9
The sa%e -ualities a good tester has are useful for a :A engineer. Additionally1 they %ust .e a.le to understand the entire software de5elop%ent process and how it can fit into the .usiness approach and goals of the organi4ation. Co%%unication s ills and the a.ility to understand 5arious sides of issues are i%portant. In organi4ations in the early stages of i%ple%enting :A processes1 patience and diplo%acy are especially needed. An a.ility to find pro.le%s as well as to see BwhatBs %issingB is i%portant for inspections and re5iews.
3.'.Testing;
An exa%ination of the .eha5ior of a progra% .y executing on sa%ple data sets. Testing co%prises of set of acti5ities to detect defects in a produced %aterial. To unearth O correct defects. To detect defects early O to reduce cost of defect fixing. To a5oid user detecting pro.le%s. To ensure that product wor s as users expected it to.
3.'.1.Why Testing9
To To To To unearth and correct defects. detect defects early and to reduce cost of defect fixing. ensure that product wor s as user expected it to. a5oid user detecting pro.le%s.
3.).Test %ife /ycle

Identify Test Candidates Test )lan &esign Test Cases $xecute Tests $5aluate 0esults &ocu%ent Test 0esults Casual AnalysisL )reparation of 3alidation 0eports 0egression Testing L 2ollow up on reported .ugs.
3.+.Testing Techni(ues
Blac Box Testing White Box Testing 0egression Testing
These principles O techni-ues can .e applied to any type of testing.
Page 19 of 62
Aditi Technologies
3.1,.Test &lan;
A Test )lan is a detailed proFect plan for testing1 co5ering the scope of testing1 the %ethodology to .e used1 the tas s to .e perfor%ed1 resources1 schedules1 ris s1 and dependencies. A Test )lan is de5eloped prior to the i%ple%entation of a proFect to pro5ide a well defined and understood proFect road%ap.
3.1,.1.Test Specification;
A Test Specification defines exactly what tests will .e perfor%ed and what their scope and o.Fecti5es will .e. A Test Specification is produced as the first step in i%ple%enting a Test )lan1 prior to the onset of %anual testing andLor auto%ated test suite de5elop%ent. It pro5ides a repeata.le1 co%prehensi5e definition of a testing ca%paign.
!. Testing &rocedure
The following are so%e of the steps to consider; =.tain re-uire%ents1 functional design1 and internal design specifications and other necessary docu%ents. =.tain .udget and schedule re-uire%ents. &eter%ine proFect6related personnel and their responsi.ilities1 reporting re-uire%ents1 re-uired standards and processes Csuch as release processes1 change processes1 etc.D Identify applicationBs higher6ris aspects1 set priorities1 and deter%ine scope and li%itations of tests. &eter%ine test approaches and %ethods 6 unit1 integration1 functional1 syste%1 load1 usa.ility tests1 etc. &eter%ine test en5iron%ent re-uire%ents Chardware1 software1 co%%unications1 etc.D &eter%ine test6ware re-uire%ents CrecordLplay.ac tools1 co5erage analy4ers1 test trac ing1 pro.le%L.ug trac ing1 etc.D &eter%ine test input data re-uire%ents Identify tas s1 those responsi.le for tas s1 and la.or re-uire%ents Set schedule esti%ates1 ti%elines1 %ilestones &eter%ine input e-ui5alence classes1 .oundary 5alue analyses1 error classes )repare test plan docu%ent and ha5e needed re5iewsLappro5als Write test cases ?a5e needed re5iewsLinspectionsLappro5als of test cases )repare test en5iron%ent and test6ware1 o.tain needed user %anualsLreference docu%entsLconfiguration guidesLinstallation guides1 set up test trac ing processes1 set up logging and archi5ing processes1 set up or o.tain test input data =.tain and install software releases )erfor% tests
Page 20 of 62
Aditi Technologies
$5aluate and report results Trac pro.le%sL.ugs and fixes 0etest as needed 7aintain and update test plans1 test cases1 test en5iron%ent1 and test ware through life cycle
!.1.Bug Tracking
What's a 'test case'? A test case is a docu%ent that descri.es an input1 action1 or e5ent and an expected response1 to deter%ine if a feature of an application is wor ing correctly. A test case should contain particulars such as test case identifier1 test case na%e1 o.Fecti5e1 test conditionsLsetup1 input data re-uire%ents1 steps1 and expected results. >ote that the process of de5eloping test cases can help find pro.le%s in the re-uire%ents or design of an application1 since it re-uires co%pletely thin ing through the operation of the application. 2or this reason1 itBs useful to prepare test cases early in the de5elop%ent cycle if possi.le.
What should be done after a bug is found? The .ug needs to .e co%%unicated and assigned to de5elopers that can fix it. After the pro.le% is resol5ed1 fixes should .e re6tested1 and deter%inations %ade regarding re-uire%ents for regression testing to chec that fixes didnBt create pro.le%s elsewhere. If a pro.le%6trac ing syste% is in place1 it should encapsulate these processes. A 5ariety of co%%ercial pro.le%6trac ingL%anage%ent software tools are a5aila.le Csee the BToolsB section for we. resources with listings of such toolsD. The following are ite%s to consider in the trac ing process; Co%plete infor%ation such that de5elopers can understand the .ug1 get an idea of itBs se5erity1 and reproduce it if necessary. Bug identifier Cnu%.er1 I&1 etc.D Current .ug status Ce.g.1 B0eleased for 0etestB1 B>ewB1 etc.D The application na%e or identifier and 5ersion The function1 %odule1 feature1 o.Fect1 screen1 etc. where the .ug occurred $n5iron%ent specifics1 syste%1 platfor%1 rele5ant hardware specifics Test case na%eLnu%.erLidentifier =ne6line .ug description 2ull .ug description &escription of steps needed to reproduce the .ug if not co5ered .y a test case or if the de5eloper doesnBt ha5e easy access to the test caseLtest scriptLtest tool >a%es andLor descriptions of fileLdataL%essagesLetc. used in test 2ile excerptsLerror %essagesLlog file excerptsLscreen shotsLtest tool logs that would .e helpful in finding the cause of the pro.le% Se5erity esti%ate Ca #6le5el range such as 16# or BcriticalB6to6BlowB is co%%on Was the .ug reproduci.le9 Tester na%e
Page 21 of 62
Aditi Technologies
Test date Bug reporting date >a%e of de5eloperLgroupLorgani4ation the pro.le% is assigned to &escription of pro.le% cause &escription of fix Code sectionLfileL%oduleLclassL%ethod that was fixed &ate of fix Application 5ersion that contains the fix Tester responsi.le for retest 0etest date 0etest results 0egression testing re-uire%ents Tester responsi.le for regression tests 0egression testing results A reporting or trac ing process should ena.le notification of appropriate personnel at 5arious stages. 2or instance1 testers need to now when retesting is needed1 de5elopers need to now when .ugs are found and how to get the needed infor%ation1 and reportingLsu%%ary capa.ilities are needed for %anagers.
Why does software have bugs? 7isco%%unication or no co%%unication 6 as to specifics of what an application should or shouldnBt do Cthe applicationBs re-uire%entsD. Software co%plexity 6 the co%plexity of current software applications can .e difficult to co%prehend for anyone without experience in %odern6day software de5elop%ent. Windows6type interfaces1 client6ser5er and distri.uted applications1 data co%%unications1 enor%ous relational data.ases1 and sheer si4e of applications ha5e all contri.uted to the exponential growth in softwareLsyste% co%plexity. And the use of o.Fect6 oriented techni-ues can co%plicate instead of si%plify a proFect unless it is well engineered. )rogra%%ing errors 6 progra%%ers1 li e anyone else1 can %a e %ista es. Changing re-uire%ents 6 the custo%er %ay not understand the effects of changes1 or %ay understand and re-uest the% anyway 6 redesign1 rescheduling of engineers1 effects on other proFects1 wor already co%pleted that %ay ha5e to .e redone or thrown out1 hardware re-uire%ents that %ay .e affected1 etc. If there are %any %inor changes or any %aFor changes1 nown and un nown dependencies a%ong parts of the proFect are li ely to interact and cause pro.le%s1 and the co%plexity of eeping trac of changes %ay result in errors. $nthusias% of engineering staff %ay .e affected. In so%e fast6changing .usiness en5iron%ents1 continuously %odified re-uire%ents %ay .e a fact of life. In this case1 %anage%ent %ust understand the resulting ris s1 and :A and test engineers %ust adapt and plan for continuous extensi5e testing to eep the ine5ita.le .ugs fro% running out of control. Ti%e pressures 6 scheduling of software proFects is difficult at .est1 often re-uiring a lot of guesswor . When deadlines loo% and the crunch co%es1 %ista es will .e %ade. $gos 6 people prefer to say things li e; o Bno pro.le%B
Page 22 of 62
Aditi Technologies
o Bpiece of ca eB o BI can whip that out in a few hoursB o Bit should .e easy to update that old codeB Instead of; o Bthat adds a lot of co%plexity and we could end up o %a ing a lot of %ista esB o Bwe ha5e no idea if we can do thatE weBll wing itB o BI canBt esti%ate how long it will ta e1 until I ta e a close loo at itB o Bwe canBt figure out what that old spaghetti code did in the first placeB If there are too %any unrealistic Bno pro.le%sB1 the result is .ugs. )oorly docu%ented code 6 itBs tough to %aintain and %odify code that is .adly written or poorly docu%entedE the result is .ugs. In %any organi4ations %anage%ent pro5ides no incenti5e for progra%%ers to docu%ent their code or write clear1 understanda.le code. In fact1 itBs usually the opposite; they get points %ostly for -uic ly turning out code1 and thereBs Fo. security if no.ody else can understand it CBif it was hard to write1 it should .e hard to readBD. Software de5elop%ent tools 6 5isual tools1 class li.raries1 co%pilers1 scripting tools1 etc. often introduce their own .ugs or are poorly docu%ented1 resulting in added .ugs.
#. Testing Tools and Soft7are

#.1.%oad and &erfor
AppPerfect DevSuite
ance Test Tools
#.2.<a4a test Tools

Java Development Tools <a5a co5erage1 %etrics1 profiler1 and clone detection tools fro% Se%antic &esigns. AppPerfect DevSuite Suite of testing1 tuning1 and %onitoring products for Fa5a de5elop%ent fro% App)erfect Corp. Includes; "nit Tester1 Code Analy4er1 <a5aL<2$$ )rofiler and other %odules. Introscope )erfor%ance %onitoring tool fro% Wily TechnologyE presents data in easy6to6use custo%i4a.le dash.oards which ena.le deep1 intuiti5e 5iews of interrelation .etween syste% co%ponents and application infrastructure. 7onitors applications as soon as installed no coding is needed. Included B(ea ?unterBidentifies potential %e%ory lea s. BTransaction TracerB can pro5ide detailed tracing of execution paths and co%ponent response ti%es for indi5idual transactions in production syste%s. GJTester <a5a unit1 regression1 and contract C.lac .oxD test tool fro% Tre.orSoft. $na.les test case and test script de5elop%ent without progra%%ing. Test pri5ate and protected functions1 and ser5er applicationBs %odules1 without i%ple%enting test clients1 regression testing for <A3A 37 upgrades. "seful for testing C=0BA1 07I1 and other ser5er technologies as well. M"I interface e%phasi4ing ease of use.
Page 23 of 62
Aditi Technologies
ftestJ!I 0ecordLplay.ac test tool fro% :uality 2irst Software for creation1 execution and %anage%ent of auto%ated <a5aLSwing application tests. Includes a natural user interface1 scripting capa.ilities1 and a co%ponent recognition algorith% that ta es into account a 5ariety of attri.utes. 0ecorded M"I ele%ents1 user actions and associated data are auto%atically integrated into an edita.le tree 5iew reflecting the hierarchical structure of the applicationBs M"I. $xtensi5e docu%entation. Cactus A si%ple open6source test fra%ewor for unit testing ser5er6side Fa5a code CSer5lets1 $<Bs1 Tag (i.s1 2ilters1 etc.D. Intent is to allow fine6grained continuous testing of all files %a ing up an application; source code .ut also %eta6data files Csuch as deploy%ent descriptors1 etcD through an in6container approach. It uses <"nit and extends it. Typically use within your I&$1 or fro% the co%%and line1 using Ant. 2ro% Apache Software 2oundation. J!nitPerf Allows perfor%ance testing to .e dyna%ically added to existing <"nit tests. $na.les -uic co%position of a perfor%ance test suite1 which can then .e run auto%atically and independent of other <"nit tests. Intended for use where there are perfor%anceLscala.ility re-uire%ents that need re6chec ing while refactoring code. By 7i e Clar LClar ware Consulting1 licensed under the BS& (icense. "Studio for Java <a5a code inspection tool fro% :A Syste%s allows auto%ation of a %aFor portion of code inspection process1 for early detection of software defects and auto%atic assess%ent of code -uality. Couples ad5anced static analysis capa.ilities to IS= ,12' -uality standard fra%ewor . Integrates with leading <a5a &e5elop%ent $n5iron%ents and platfor%s. Supports custo%i4ing existing rules and defining custo% rules. #oalog Code Coverage Code co5erage analy4er for <a5a applications fro% Qoalog SA0(. Includes; in6process or re%ote co5erage co%putation1 capa.ility of wor ing directly on <a5a %ethod .inaries Cno reco%pilationD1 predefined CP7(1 ?T7(1 (aTex1 CS31 T$PTD or custo% report generation1 and session %erging to allow co%pilation of o5erall results for distinct executions. Integrates with Ant and <"nit.
Abbot Java G!I Test $ramewor% Testing fra%ewor .y Ti%othy Wall pro5ides auto%ated e5ent generation and 5alidation of <a5a M"I co%ponents1 i%pro5ing upon the 5ery .asic functions pro5ided .y the Fa5a.awt.0o.ot class. CA..ot R @A Better BBotBD. The fra%ewor %ay .e in5o ed directly fro% <a5a code or accessed without progra%%ing through the use of scripts 5ia BCostelloB1 a script editorLrecorder. Suita.le for use .oth .y de5elopers for unit tests and :A for functional testing. 2ree 6 a5aila.le under the M>" (esser Meneral )u.lic (icense.
J!nit & $ramewor% to write repeatable 'ava unit tests A regression testing fra%ewor written .y $rich Ma%%a and Qent Bec . 2or use .y de5elopers i%ple%enting unit tests in <a5a. 2ree =pen Source Software released under the
Page 24 of 62
Aditi Technologies
IB7 )u.lic (icense and hosted on Source2orge. Site includes a large collection of extensions and docu%entation.
'fc!nit 2ra%ewor for de5eloping auto%ated testing of <a5a Swing6.ased applications at the "I layer Cas opposed to testing at lower layers1 for which <"nit %ay .e sufficientD. )ro5ides recording and play.ac capa.ilities. Also a5aila.le as plugins for <Builder and $clipse. 2ree =pen Source Software fro% Source2orge site.
Jemmy A <a5a li.rary that is used to create auto%ated tests for <a5a M"I applications. Contains %ethods to reproduce all user actions which can .e perfor%ed on SwingLAWT co%ponents Ci.e. .utton pushing1 text typing1 tree node expanding1 ...D. <e%%yTest is a progra% written in <a5a which uses the <e%%y A)I to test applicationsE it can .e used separately as well as together with the >etBeans I&$. JBenc( 2reeware <a5a .ench%ar ing fra%ewor to co%pare algorith%s1 5irtual %achines1 etc. for speed. A5aila.le as .inary distri.ution Cincluding docu%entationD1 source distri.ution1 or Far file. Clover Code co5erage tool for <a5a fro% Cen-ua. 2ully integrated plugin for >etBeans1 <Builder1 and other I&$Bs. Sea%less integration with proFects using Apache A>T. 3iew co5erage data in P7(1 ?T7(1 )&21 or 5ia a Swing M"I. TrueJ Source code audit and %etrics tool fro% BlueBay syste%s. 2ifty different audits and %etrics1 co%piler6style output1 integrates with a 5ariety of editorsLI&$Bs1 configura.le1 integrates with .uild tools for -uality gate and reporting1 highly scala.le. JCover <a5a code test co5erage analysis tool fro% Codewor (i%ited. Wor s with source or co%piled files. Mathers co5erage %easures of .ranches1 state%ents1 %ethods1 classes1 file1 pac age and produces reports in %ultiple for%ats. Co5erage difference co%parison .etween runs. Co5erage A)I pro5ided. re)iew <a5a source code 5isuali4ation tool fro% ?eadway Software. 0e5erse engineer and auto%atically lay out and 5iew code1 co%ponents1 and dependencies for <a5a1 C1 and CSS applications. Shows all dependencies1 at all le5els and .etween all le5elsE %ethod1 class1 pac age1 application. Panorama for Java 3isual en5iron%ent containing six integrated Fa5a tools fro% ISA1 Inc. <TS:A for =.Fect6 =riented software -uality %easure%entE <T&ocMen for <a5a code static analysisE <TStructure for <a5a code structure analysis and diagra%%ingE <T&iagra%%er for <a5a code logic analysis1 control flow analysis and diagra%%ingE <TTest for test co5erage analysis and test case %ini%i4ation1 etc.E and <T)lay.ac for M"I operation capture and auto%atic play.ac . Java Tool Suite from *an *ac(ine Systems
Page 25 of 62
Aditi Technologies
Includes <Style1 a <a5a source analy4er to generate code co%%ents and %etrics such as inheritance depth1 Cyclo%atic >u%.er1 ?alstead 7easures1 etcE <)retty refor%ats <a5a code according to specified optionsE <Co5er test co5erage analy4erE <3erify <a5a classLA)I testing tool uses an in5asi5e testing %odel allowing access to internals of <a5a o.Fects fro% within a test script and utili4es a proprietary == scripting languageE <7SAssert1 a tool and techni-ue for writing relia.le softwareE <$5ol5e1 an intelligent <a5a code e5olution analy4er that auto%atically analy4es %ultiple 5ersions of a <a5a progra% and shows how 5arious classes ha5e e5ol5ed across 5ersionsE can BreasonB a.out selecti5e need for regression testing <a5a classesE <Browser class .rowserE <SynTest1 a syntax testing tool that auto%atically .uilds a <a5a6.ased test data generator. PerformaSure (ow6o5erhead1 user6friendly perfor%ance diagnosis tool fro% :uest Software for distri.uted <2$$ applications. Traces and reconstructs execution path of end6user transactions across all co%ponents of a clustered %ulti6tieer <2$$ syste%1 to diagnose and resol5e perfor%ance .ottlenec s. ?undreds of easily6confugured run6ti%e1 =S1 and networ %etrics. JProbe Developer Suite Collection of <a5a de.ugging tools fro% :uest SoftwareE includes <)ro.e )rofiler and <)ro.e 7e%ory &e.ugger for finding perfor%ance .ottlenec s and %e%ory lea s1 ()ro.e Co5erage code co5erage tool1 and <)ro.e Threadaly4er for finding deadloc s1 stalls1 and race conditions. <)rofiler freeware 5ersion a5aila.le. #ra%atau *etrics for Java Software %etrics tool fro% )ower Software includes %ore than */ ==1 procedural1 co%plexity1 and si4e %etrics related to reusa.ility1 %aintaina.ility1 testa.ility1 and clarity. Includes Cyclo%atic Co%plexity1 $nhanced Cyclo%atic Co%plexity1 ?alstead Software Science %etrics1 (=C %etrics and 7==& %etrics. ?as online ad5isor for -uality i%pro5e%ent. +ptimi,eIt )rofiler1 thread de.ugger1 and code co5erage tool suite fro% Borland Cfor%erly fro% 37MearD. Jtest )araSoftBs <test is an integrated1 auto%atic unit testing and standards co%pliance tool for <a5a. It auto%atically generates and executes <"nit tests and chec s whether code follows 4// coding standards and can auto%atically correct for %any.
DevPartner Java -dition Co%puwareBs Cfor%erly >u7egaD de.uggingLproducti5ity tool to detect and diagnose <a5a .ugs and %e%ory and perfor%ance pro.le%sE thread and e5ent analysis1 co5erage analysis. Integrates with se5eral <a5a I&$Bs.
)Tune IntelBs perfor%ance tuning tool for applications running on Intel processorsE includes <a5a support. Includes suggestions for opti%i4ation techni-ues.
Sun.s Java Test Tools
Page 26 of 62
Aditi Technologies
As of 2e.ruary 41 2/// Sun discontinued accepting orders for these products. TCAT for Java )art of Software 0esearchBs TestWor s suite of test toolsE code co5erage analy4er and code analysis for <a5aE written in <a5a. C>ote; so%e other tools in these listings also handle testing1 %anage%ent1 or load testing of Fa5a applets1 ser5lets1 and applications1 or are planning to add such capa.ilities. Chec listed we. sites for current infor%ation.D
#.3.%ink /hecking Tools

/iSoftware 0in% )alidation !tility (in 5alidation toolE free 5ersion or low6cost pro 5ersion. SiteAnalysis ?osted ser5ice fro% We.%etrics1 used to test and 5alidate critical we.site co%ponents1 such as internal and external lin s1 do%ain na%es1 &>S ser5ers and SS( certificates. 0uns as often as e5ery hour1 or as infre-uent as once a wee . Ideal for dyna%ic sites re-uiring fre-uent lin chec ing. C(angeAgent (in chec ing and repair tool fro% $xpanda.le (anguage. Identifies orphan files and .ro en lin s when .rowsing filesE e%ploys a si%ple1 fa%iliar interface for %anaging filesE pre5iews files when fixing .ro en lin s and .efore orphan re%o5alE updates lin s to %o5ed and rena%ed filesE fixes .ro en lin s with an easy1 !6clic processE pro5ides %ultiple6le5el undoLredo for all operationsE replaces lin s .ut does not refor%at or restructure ?T7( code. 2or Windows. 0in% C(ec%er Pro (in chec tool fro% QyoSoftE can also produce a graphical site %ap of entire we. site. ?andles ?TT)1 ?TT)S1 and 2T) protocolsE se5eral report for%ats a5aila.le. 2or Windows platfor%s. 1eb 0in% )alidator (in chec er fro% 0$( Software chec s lin s for accuracy and a5aila.ility1 finds .ro en lin s or paths and lin s with syntactic errors. $xport to text1 ?T7(1 CS31 0T21 $xcel. 2reeware B0$( (in Chec er (iteB 5ersion a5aila.le for s%all sites. 2or Windows.
Site Audit (ow6cost on6the6we. lin 6chec ing ser5ice fro% Blosso% Software. 2enu.s 0in% Sleut( 2reeware lin chec er .y Til%an ?ausherrE supports SS( we.sitesE partial testing of ftp and gopher sitesE detects and reports redirected "0(E Site 7apE for Windows. 0in%alarm
Page 27 of 62
Aditi Technologies
(ow cost on6the6we. lin chec er fro% (in Auto%atically6scheduled reporting .y e6%ail. Alert 0in%runner (in chec Windows.
Alar% Inc.E free trial period a5aila.le.
tool fro% 3ia.le Software Alternati5esE e5aluation 5ersion a5aila.le. 2or
Info0in% (in chec er progra% fro% BiggByte SoftwareE can .e auto%atically scheduledE includes 2T) lin chec ingE %ultiple page list and site list capa.ilitiesE custo%i4a.le reportsE changed6lin chec ingE results can .e exported to data.ase. 2or Windows. &iscontinued1 .ut old 5ersions still a5aila.le as freeware. 0in%Scan $lectronic Software )u.lishing Co.Bs lin chec erLsite %apping toolE capa.ilities include auto%ated retesting of pro.le% lin s1 rando%i4ed order chec ingE can chec for .ad lin s due to specified pro.le%s such as ser5er6not6found1 unauthori4ed6access1 doc6not6found1 relocations1 ti%eouts. Includes capa.ilities for central %anage%ent of large %ultiple intranetLinternet sites. 0esults stored in data.ase1 allowing for custo%i4a.le -ueries and reports. 3alidates hyperlin s for all %aFor protocolsE ?T7( syntax error chec ing. 2or all ">IP fla5ors1 Windows1 7ac. CyberSpyder 0in% Test Shareware lin chec er .y A%an SoftwareE capa.ilities include specified "0( exclusions1 I&L)assword entries1 test resu%ption at interruption point1 page si4e analysis1 BwhatBs newB reporting. 2or Windows.
#.!.&erl Testing Tools

13C 0in% C(ec%er (in chec er )$0( source code1 5ia the WWW Consortiu% Cthe fol s who set we. standardsDE configura.le. ?andles one "0( at a ti%e. /T*0 TID4 2ree utility a5aila.le fro% Source2orget.netE originally .y &a5e 0aggett. 2or auto%atic fixing of ?T7( errors1 for%atting disorgani4ed editing1 and finding pro.le% ?T7( areas. A5aila.le as source code or .inaries. Big Brot(er 2reeware co%%and6line lin chec er for "nix1 Windows1 .y 2rancois )ottier. A5aila.le as source codeE .inary a5aiala.le for (inux. 0in%0int =pen source )erl progra% chec s localLre%ote ?T7( lin s. Includes cross referenced and hyperlin ed output reports1 a.ility to chec password6protected areas1 support for all standard ser5er6side i%age %aps1 reports of orphan files and files with %is%atching case1 reports "0(s changed since last chec ed1 support of proxy ser5ers for re%ote "0( chec ing. &istri.uted under Mnu Meneral )u.lic (icense. ?as not .een updated in recent years. *+*spider 7ulti6=wner 7aintenance SpiderE lin chec er. )$0( script for a we. spider for we. site %aintenanceE for ">IP and )$0(. "tili4es the ?TT) B?$A&B re-uest instead of the BM$TB re-uest so that it does not re-uire retrei5al of the entire ht%l page. This site contains an interesting discussion on the use of 7$TA tags. >ot updated in recent years.
Page 28 of 62
Aditi Technologies
/T*0c(e% for aw% or perl =ld .ut still useful ?T7( 2./ or !./ 5alidator progra%s for AWQ or )$0( .y ?. ChurchyardE site has %uch docu%entation and related info. >ot updated in recent years.
#.#.We* 1unctional and .egression Testing Tools

Ie!nit Ie"nit is an open6source si%ple fra%ewor to test logical .eha5iors of we. pages1 released under IB7Bs Co%%on )u.lic (icense. It helps users to create1 organi4e and execute functional unit tests. Includes a test runner with M"I interface. I%ple%ented in <a5aScript for the Windows P) platfor% with Internet $xplorer. "-ngine 1eb Test Studio We. functional test tool fro% Ad5ent>et. Scripting uses <ythonE records using page ele%ents controls sy%.olically rather than with raw screen coordinate. Secure recording on password fieldsE data6dri5en Test wi4ard to fetch script data fro% external sourceE pro5ision to add M"I1 &ata.ase and 2ile chec points and 5erify data.ase ta.les1 files1 page titles and ?T7( ele%ent properties. Supports eyword6dri5en testing1 .uilt6in exception handling and reporting facility. Wor s with a 5ariety of .rowsers and =SBs. 2ree and professional 5ersions a5aila.le. AppPerfect DevSuite Suite of testing1 tuning1 and %onitoring products fro% App)efect Corp. that includes a we. functional testing %odule. 0ecords .rowser interaction .y ele%ent instead of screen co6 ordinates. Supports handling dyna%ic content created .y <a5aScriptE supports AS)1 <S)1 ?T7(1 coo ies1 SS(. 2or Windows and 7SI$E integrates with a 5ariety of I&$Bs. JStudio Site1al%er Test tool fro% <arsch Software Studio allows captureLreplay recordingE fail definitions can .e specified for each step of the auto%ated wor flow 5ia <a5aScript. <a5aScriptBs &ocu%ent =.Fect 7odel ena.les full access to all docu%ent ele%ents. Test data fro% any data.ase or $xcel spreadsheet can .e %apped to enter 5alues auto%atically into ?T7( for% controls. ?T7(6.ased test result reports can .e generated. Shareware for WindowsL7SI$. Test Complete -nterprise Auto%ated test tool fro% Auto%ated:A Corp. includes we. functional testing capa.ilities. Wor s with Internet $xplorer. "-ngine Test tool fro% Ad5ent>et ena.les functional testing of We. sites and We.6.ased applications. 0ecord and play.ac capa.ilityE auto%atic recording of any We. .rowser e5ents and translates into an )ython edita.le scripts. Includes Script $ditor1 Application 7ap $ditor to 5iew and edit the %ap o.Fect properties. Supports %ultiple =SBs and .rowsers. acti1ate <a5a6.ased We. application testing en5iron%ent fro% Acti%ind Inc. Ad5anced fra%ewor for writing test scripts in <a5a Csi%ilar to open6source fra%ewor s li e ?ttp"nit1 ?t%l"nit etc. .ut with extended A)ID1 and Test Writing Assistant 6 We. .rowser plug6in %odule to assist the test writing process. 2reeware. #!*+ -ditor Toolset fro% Soft%orning (T& for creation and editing of we. %acros and auto%ated we. tests. Includes syntax6coloring editor with intellisense1 autoco%plete1 run6ti%e de.ugging features. 7acro recorder transfor%s any clic to a CU directi5e. )age o.Fects na5igator allows .rowsing of hierarchy of we. o.Fects in a page. $na.les creation of scenarios fro%
Page 29 of 62
Aditi Technologies
spreadsheetsE and loop1 retry on error1 ro.ust handling of page %odifications. Can export created .&(( and .$P$ files to ena.le running we. %acros on de%and and integration into other software fra%ewor s. 7ultilingual for Asian1 eastern and western $uropean languages. 1ebIn'ect =pen source tool in )$0( for auto%ated testing of we. applications and ser5ices. Can .e used to unit test any indi5idual co%ponent with an ?TT) interface C<S)1 AS)1 CMI1 )?)1 ser5lets1 ?T7( for%s1 etc.D or it can .e used to create a suite of ?TT) le5el functional or regression tests. Site Test Center 2unctional and perfor%ance test tool fro% Alliance Software $ngineering. ?as an P7(6 .ased scripting capa.ility to ena.le %odifying captured scripts or creating new scripts. "tili4es a distri.uted testing %odel and consists of three parts; STC Ad%inistrator1 STC 7aster and STC 7aster Ser5ice. '1eb!nit =pen source <a5a fra%ewor that facilitates creation of acceptance tests for we. applications. )ro5ides a high6le5el A)I for na5igating a we. application co%.ined with a set of assertions to 5erify the applicationBs correctness including na5igation 5ia lin s1 for% entry and su.%ission1 5alidation of ta.le contents1 and other typical .usiness we. application features. "tili4es ?ttp"nit .ehind the scenes. The si%ple na5igation %ethods and ready6to6use assertions allow for %ore rapid test creation than using only <"nit and ?ttp"nit. SimpleTest =pen source unit testing fra%ewor which ai%s to .e a co%plete )?) de5eloper test solution. Includes all of the typical functions that would .e expected fro% <"nit and the )?)"nit ports1 .ut also adds %oc o.FectsE has so%e <We."nit functionality as well. This includes we. page na5igation1 coo ie testing and for% su.%ission. 1inTas% 7acro recorder fro% Tas Ware1 auto%ates repetiti5e tas s for We. site testing Cand standard Windows applicationsD1 with its ?T7( o.Fects recognition. Includes capa.ility to expand scope of %acros .y editing and adding loops1 .ranching state%ents1 etc. C!//S co%%andsDE ensure ro.ustness of scripts with Synchroni4ation co%%ands. Includes a WinTas Scheduler. TestCase*a%er56unner Test case docu%ent dri5en functional test tool for we. applications fro% Agile We. &e5elop%ent. 7a er creates test case docu%ents1 and 0unner executes the test case docu%entE test case docu%ents are always synchroni4ed with the application. 2ree including source code. Canoo 1ebTest 2ree <a5a =pen Source tool for auto%atic functional testing of we. applications. P7(6 .ased test script code is edita.le with userBs preferred P7( editorE until recording capa.ilities are added1 scripts ha5e to .e de5eloped %anually. Can group tests into a testsuite that again can .e part of a .igger testsuite. Test results are reported in either plain text or P7( for%at for later presentation 5ia PS(T. Standard reporting PS(T stylesheets included1 and can .e adapted to any reporting style or re-uire%ents. TestSmit( 2unctionalL0egression test tool fro% :uality 2orge. Includes an Intelligent1 ?T7(L&=76 Aware and =.Fect 7ode 0ecording $ngine1 and a &ata6&ri5en1 Adapta.le and 7ulti6 Threaded )lay.ac $ngine. ?andles Applets1 2lash1 Acti5e6P controls1 ani%ated .it%aps1 etc. Controls are recorded as indi5idual o.Fects independent of screen positions or resolutionE play.ac windowLsi4e can .e different than in capture. Special 5alidation
Page 30 of 62
Aditi Technologies
points1 such as .it%ap or text %atching1 can .e inserted during a recording1 .ut all recorded ite%s are 5alidated and logged Bon the flyB. 2u44y %atching capa.ilities. $dita.le scripts can .e recorded in S%ithSript language or in <a5a1 CSS or CSSL72C. ,/6day e5aluation copy a5aila.le. TestAgent CaptureLplay.ac tool for user acceptance testing fro% Strenuus1 ((C. Qey features .esides captureLplay.ac include auto%atically detecting and capturing standard and custo% content errors. 0eports infor%ation needed to trou.leshoot pro.le%s. $na.les B)ersistent Acceptance TestingB that acti5ates tests each ti%e a we. application is used. *ITS7G!I "ni-ue test auto%ation tool fro% =%sphere ((CE has an intelligent state %achine engine that %a es real6ti%e decisions for na5igating through the M"I portion of an application. It can test thousands of test scenarios without use of any scripts. Allows creation of co%pletely new test scenarios without e5er ha5ing perfor%ed that test .efore1 all without changing tool1 testware architecture Co.Fect na%es1 screen na%es1 etcD1 or logic associated with the engine. Testers enter test data into a spreadsheet used to populate o.Fects that appear for the particular test scenario defined. Badboy Tool fro% Bradley Software to aid in .uilding and testing dyna%ic we. .ased applications. Co%.ines sophisticated captureLreplay a.ility with perfor%ance testing and regression features. 2ree for %ost usesE source code a5ala.le. SA*I2ree tool designed for :A engineers 6 BSi%ple Auto%ated 7odule 2or Internet $xplorerB. )erl %odule that allows a user to auto%ate use of I$ 5ia )erl scriptsE Written in Acti5e)erl1 allowing inheritance of all )erl functionality including regular expressions1 )erl d.i data.ase access1 %any )erl cpan li.rary functions. "ses I$Bs .uilt in C=7 o.Fect which pro5ides a reference to the &=7 for each .rowser window or fra%e. $asy de5elop%ent and %aintenance 6 no need to eep trac of M"I %aps for each window. 2or Windows. PA*I2ree open6source B)ython Auto%ated 7odule 2or Internet $xplorerB Allows control of an instance of 7SI$ and access to itBs %ethods though =($ auto%ation . "tili4es Collections1 7ethods1 $5ents and )roperties exposed .y the &?T7( =.Fect 7odel. PureTest 2ree tool fro% 7in- Software AB1 includes an ?TT) 0ecorder and We. Crawler. Create scenarios using the point and clic interface. Includes a scenario de.ugger including single step1 .rea points and response introspection. Supports ?TT)SLSS(1 dyna%ic We. applications1 data dri5en scenarios1 and parsing of response codes or parsing page content for expected or unexpected strings. Includes a Tas A)I for .uilding custo% test tas s. The We. Crawler is useful for 5erifying consistency of a static we. structure1 reporting 5arious %etrics1 .ro en lin s and the structure of the crawled we.. 7ulti6platfor% 6 written in <a5a. Sole8 We. application testing tool .uilt as a plug6in for the $clipse I&$ Can open1 extensi.le I&$D. 0ecords ?TT) %essages .y acting as a We. proxyE recorded sessions can .e sa5ed as P7( and reopened later. ?TT) re-uests and responses are fully displayed in order to inspect and custo%i4e their content. Allows the attach%ent of extraction or replace%ent rules to any ?TT) %essage content1 and assertions to responses in order to 5alidate a scenario during its play.ac . "A 1i,ard Auto%ated functional we. test tool fro% Seapine Software. Ad5anced o.Fect .inding reduces script changes when We.6.ased apps change. >ext6generation scripting language
Page 31 of 62
Aditi Technologies
eli%inates pro.le%s created .y syntax or other language errors. Includes capa.ility for auto%ated scripting1 allowing creation of %ore scripts in less ti%e. Supports unli%ited set of =&BC6co%pati.le data sources as well as 7S $xcel1 ta.Lco%%a deli%ited file for%ats1 and %ore. 2ree &e%o and Test Script a5aila.le. 2or Windows platfor%s. /TTP&1ebTest A )erl %odule which runs tests on re%ote "0(s or local We. files containing )erlL<S)L?T7(L<a5aScriptLetc.1 and generates a detailed test report. This %odule can .e used @as6is@ or its functionality can .e extended using plugins. )lugins can define test types and pro5ide additional report capa.ilities. This %odule co%es with a set of default plugins1 .ut can .e easily extended with third6party plugins. =pen6source proFect %aintained .y Ilya 7artyno5. /ttp!nit =pen source <a5a progra% for accessing we. sites without a .rowser1 fro% Source2orge.netL=pen Source &e5elop%ent >etwor 1 designed and i%ple%ented .y 0ussell Mold. Ideally suited for auto%ated unit testing of we. sites when co%.ined with a <a5a unit test fra%ewor such as <"nit. $%ulates the rele5ant portions of .rowser .eha5ior1 including for% su.%ission1 .asic http authentication1 coo ies and auto%atic page redirection1 and allows <a5a test code to exa%ine returned pages as text1 an P7( &=71 or containers of for%s1 ta.les1 and lin s. Includes Ser5let"nit to test ser5lets without a ser5let container. i+pus Internet *acros 7acro recorder utility fro% i=pus Inc. auto%ates repetitious aspects of we. site testing. 0ecords any co%.ination of .rowsing1 for% filling1 clic ing1 script testing and infor%ation gatheringE assists user during the recording with 5isual feed.ac . )ower users can %anually edit a recorded %acro. A co%%and line interface allows for easy integration with other test software. Wor s .y re%ote controlling the .rowser1 thus auto%atically supports ad5anced features such as SS(1 ?TT)60edirects and coo ies. Can handle data input fro% text files1 data.ases1 or P7(. Can extract we. data and sa5e as CS3 file or process the data 5ia a script. 2or Windows and 7SI$. *a8" 2ree open6source we. functional testing tool fro% Tigris.org1 written in <a5a. Wor s as a proxy ser5erE includes an ?TT) proxy recorder to auto%ate test script generation1 and a %echanis% for playing tests .ac fro% the M"I and co%%and line. <ython is used as the scripting language1 and <"nit is used as the testing li.rary. Test1eb Test tool fro% =riginal Software Mroup (td. utili4es a new approach to recordingLplay.ac of we. .rowser scripts. It analyses the underlying intentions of the script and executes it .y direct co%%unication with we. page ele%ents. IntelliScripting logic re%o5es the reliance on specific .rowser window si4es1 co%ponent location and %ouse %o5e%ents for accurate replay1 for easier script %aintenanceE supports hyperlin s targeted at new instances of .rowser. )lay.ac can run in .ac ground while other tas s are perfor%ed on the sa%e %achine. Compuware TestPartner Auto%ated software testing tool fro% Co%puware designed specifically to 5alidate Windows1 <a5a1 and we.6.ased applications. The BTest)artner 3isual >a5igatorB can create 5isual6.ased tests1 or 7S 3BA can .e used for custo%i4ed scripting. 1eb#ing We. site functional1 load1 and static analysis test suite fro% )araSoft. 7aps and tests all possi.le paths through a dyna%ic siteE can enforce o5er 2// ?T7(1 CSS1 <a5aScript1 #/+ co%pliance1 W7( and P?T7( coding standards or custo%i4ed standards. Allows creation of rules for auto%atic %onitoring of dyna%ic page content. Can run load tests .ased on the toolBs analysis of we. ser5er log files. 2or Windows1 (inux1 Solaris.
Page 32 of 62
Aditi Technologies
e)alid We. test tool fro% Software 0esearch1 Inc that uses a BTest $na.led We. BrowserB test engine that pro5ides .rowser6.ased client side -uality chec ing1 dyna%ic testing1 content 5alidation1 page perfor%ance tuning1 and we.ser5er load and capacity analysis. "tili4es %ultiple 5alidation %ethods. 6ational $unctional Tester IB7Bs Cfor%erly 0ationalBsD auto%ated tool for testing of <a5a1 .>$T1 and we.6.ased applications. $na.les data6dri5en testing1 choice of scripting languages and editors. 2or Windows and (inux. e&Test Suite Integrated functionalLregression test tool fro% $%pirix for we. applications and ser5ices and .>$T and <2$$ applicationsE includes site %onitoring and load testing capa.ilities1 and recordLplay.ac 1 scripting language1 test process %anage%ent capa.ilities. Includes full 3BA script de5elop%ent en5iron%ent and options such as Fa5ascript1 CSS1 etc. &=76 .ased testing and 5alidationE B&ata Ban Wi4ardB si%plifies creation of data6dri5en tests. $5aluation 5ersion a5aila.le. "uic%Test Pro 2unctionalLregression test tool fro% 7ercuryE includes support for testing We.1 <a5a1 $0)1 etc. 1inrunner 2unctionalLregression test tool fro% 7ercuryE includes support for testing We.1 <a5a1 $0)1 etc. Compuware.s "A6un :A0un for functionalLregression testing of we.1 <a5a1 and other applications. ?andles Acti5eP1 ?T7(1 &?T7(1 P7(1 <a5a .eans1 and %ore. Sil%Test 2unctional test tool fro% Segue for We.1 <a5a or traditional clientLser5er6.ased applications. 2eatures include; test creation and custo%i4ation1 test planning and %anage%ent1 direct data.ase access and 5alidation1 reco5ery syste% for unattended testing1 and I&$ for de5eloping1 editing1 co%piling1 running1 and de.ugging scripts1 test plans1 etc.
#.$.We* Site Security Test Tools

1atc(fire.s AppScan Tool suite fro% Watchfire auto%ates we. application security testing1 produces defect analyses1 and offers reco%%endations for fixing detected security flaws. Assess%ent %odule can .e used .y auditors and co%pliance officers to conduct co%prehensi5e audits1 and to 5alidate co%pliance with security re-uire%ents.
Codenomicon /TTP Test Tool Tool for disco5ering and eradicating security6related flaws in ?TT) i%ple%entations 5ia ro.ustness testing. Tool syste%atically generates 5ery large nu%.ers of protocol %essages containing exceptional ele%ents si%ulating %alicious attac s1 in order to induce co%ponent crashes1 hanging1 and denial6of6
Page 33 of 62
Aditi Technologies
ser5ice situations which %ay affect co%ponentLapplication security. C?TT) i%ple%entations %ay .e utili4ed in we. ser5ers1 .rowsers1 networ appliances1 proxies1 protocol analy4ers1 )&As and cell phones.D
Security*etrics Appliance Integrated software and hardware de5ice includes Intrusion &etection and )re5ention Syste%s and 3ulnera.ility Assess%ent. =perates as a (ayer 2 Bridge 6 no networ configuration needed. Auto%atically downloads latest I&S attac signatures1 5ulnera.ility assess%ent scripts and progra% enhance%ents nightly. 0ig(tning Console Security %anage%ent tool fro% Tena.le >etwor Security for %ultiple security and networ ad%inistrators across %ultiple organi4ations. Scheduled 5ulnera.ility scanning1 real6ti%e I&S e5ent analysis1 asset %anage%ent1 re%ediation %anage%ent of 5ulnera.ilities1 networ topology disco5ery and organi4ational executi5e reporting for hundreds of ad%inistrators 5ia easy6to6use we. interface.
SA6A BSecurity AuditorBs 0esearch AssistantB "nix6.ased security analysis tool fro% Ad5anced 0esearch Corp. Supports the 2BILSA>S Top 2/ ConsensusE re%ote self scan and A)I facilitiesE plug6in facility for third party appsE SA>SLISTS certified1 updated .i6%onthlyE C3$ standards supportE .ased on the SATA> %odel. 2reeware. Also a5aila.le is BTiger Analytical 0esearch AssistantB CTA0AD1 an upgrade to the TA7" BtigerB progra% 6 a set of scripts that scan a "nix syste% for security pro.le%s. "ualys $ree Security Scans Se5eral free security scan ser5ices fro% :ualys1 Inc. including SA>SL2BI Top 2/ 3ulnera.ilities Scan1 networ security scan1 and .rowser chec up tool. "ualys Guard =nline ser5ice that does re%ote networ security assess%entsE pro5ides proacti5e B7anaged 3ulnera.ility Assess%entB1 inside and outside the firewall.
Perimeter C(ec% Security7etrics B)eri%eter Chec B ser5ice analy4es external networ de5ices li e ser5ers1 we.sites1 firewalls1 routers1 and %ore for security 5ulnera.ilities which %ay lead to interrupted ser5ice1 data theft or syste% destruction. Includes instructions to help i%%ediately re%edy security pro.le%s. Can auto%atically schedule 5ulnera.ility assess%ent of designated I) addresses during low traffic ti%es. *acAnalysis
Page 34 of 62
Aditi Technologies
(ow cost >etwor Security audit tool fro% (agoon Software. )ro5ides detailed reports and 5ulnera.ility fix reco%%endations. 7acAnalysis data.ase is updated regularly with a @3ulnera.ility "pdate@ function to update data.ase of %ore than 1// new holes per %onth. 0uns on 7acintosh1 can audit ">IP1 7ac1 Win ser5ers STAT Scanner Tool fro% ?arris Corp. for security analysis of WindowsL">IPL(inux and other resources. "tili4es co%prehensi5e updata.ale 5ulnera.ility data.ases to auto%atically detect 5ulnera.ilities. Capa.ilities include; scan and analy4e an entire networ do%ain andLor a single %achine1 select or ignore specific 5ulnera.ilities 5ia configuration files1 analysis reports of 5ulnera.ilities with detailed infor%ation relating to the na%eLdescriptionLris le5el of each 5ulnera.ility1 eli%inate 5ulnera.ilities using reco%%ended solutions with lin s to related we.sites and nowledge6.ase articles1 correct 5ulnera.ilities across the networ with BAuto2ixB function1 retest corrected 5ulnera.ilities i%%ediately1 trac 5ulnera.ility trends 5ia analyses co%paring current and pre5ious assess%ents1 custo%i4a.le security reports for %anage%ent and technical personnel.
9essus Security Scanner 2ree1 open6source re%ote networ security auditing tool1 .y 0enaud &eraison1 .ased on Bne5er trust the 5ersion nu%.erB and Bne5er trust that a gi5en ser5ice is listening on the good portB. >essus is %ade up of two parts ; a ser5er and a clientE the ser5er CnessusdD %anages the Battac sB1 whereas the client is a frontend designed to collect the results. Includes %ore than 1/// tests in 2! 5ulnera.ility categories1 and >essus Attac Scripting (anguage. Wor s with a 5ariety of operating syste%s.
9et6econ >etwor 5ulnera.ility assess%ent scanner fro% Sy%antec. Scans syste%s and ser5ices on the networ and safely si%ulates co%%on intrusion or attac scenarios. "tili4es a root6cause and path6analysis engine to illustrate exact se-uence of steps ta en to unco5er 5ulnera.ilities1 ena.ling identification of exactly where to correct 5ulnera.ilities to enforce corporate security policies. (earns a.out networ as it scans1 adapting penetration strategy .ased on pre5ious results. Custo%i4a.le reporting. Can scan a 5ariety of operating syste%sE product runs on Windows.
Secure&*e Auto%ated security test scanning ser5ice fro% Broad.andreports.co% for indi5idual %achines. )ort scans1 denial6of6ser5ice chec s1 4# co%%on we. ser5er 5ulnera.ility chec s1 we. ser5er re-uests6per6second .ench%ar 1 and a wide 5ariety of other tests. (i%ited free or full licensed 5ersions a5aila.le.
SAI9T Security Ad%inistratorBs Integrated >etwor Tool 6 Security testing tool fro% SAI>T Corporation. An updated and enhanced 5ersion of the SATA> networ
Page 35 of 62
Aditi Technologies
security testing tool. "pdated regularlyE C3$ co%pati.le. Includes &oS testing1 reports specify se5erity le5els of pro.le%s. Single %achine or full networ scans. Also a5aila.le is BWe.SAI>TB self6guided scanning ser5ice1 and SAI>T.ox scanner appliance. 0uns on %any ">IP fla5ors.
9*ap 9etwor% *apper 2ree open source utility for networ exploration or security auditingE designed to rapidly scan large networ s or single hosts. "ses raw I) pac ets in no5el ways to deter%ine what hosts are a5aila.le on the networ 1 what ser5ices CportsD they are offering1 what operating syste% Cand =S 5ersionD they are running1 what type of pac et filtersLfirewalls are in use1 and %any other characteristics. 0uns on %ost fla5ors of ">IP as well as Windows.
bv&Control for Internet Security Secutiry scanning tool fro% Bind3iew1 includes capa.ilities for chec ing and re%ediation of security pro.le%s of ser5ers1 wor stations1 routers1 hu.s1 printers1 and any other de5ices with an I) address on a networ . Scans any de5ice on networ regardless of platfor%.
9etI" Security Analy,er 7ulti6platfor% 5ulnera.ility scanning and assess%ent product. Syste%s are analy4ed on de%and or at scheduled inter5als. Auto%atic update ser5ice allows updating with latest security tests. Includes a Software &e5eloperBs Qit to allow custo% security test additions. 2or WindowsLSolarisL(inux.
$oundstone 3ulnera.ility %anage%ent software tools fro% 7cAfeeL>etwor Associates can pro5ide co%prehensi5e enterprise 5ulnera.ility assess%ents1 re%ediation infor%ation1 etc. A5aila.le as a hardware appliance1 software product1 or %anaged ser5ice. CyberCop ASaP 7anaged 5ulnera.ility assess%ent ser5ice fro% 7cAfeeL>etwor Associates. 0e%otely e5aluates security of networ peri%eter1 &7V and externally 5isi.le assets. C-6IAS Security Arc(ive )urdue "ni5ersityBs BCenter for $ducation and 0esearch in Infor%ation Assurance and SecurityB siteE BhotlistB section includes extensi5e collection of lin s1 organi4ed .y su.Fect1 to hundreds of security infor%ation resources and tools1 intrusion detection resources1 electronic law1 pu.lications1 etc. Also includes an 2T) site
Page 36 of 62
Aditi Technologies
with a large collection of C%ostly olderD security6related utilities1 scanners1 intrusion detection tools1 etc. InternetScanner Tool fro% Internet Security Syste%s1 pro5ides auto%ated 5ulnera.ility assess%ent for %easuring online security ris s. )erfor%s scheduled and selecti5e pro.es of networ ser5ices1 ser5ers1 des tops1 operating syste%s1 routers1 firewalls1 etc. to unco5er and report syste%s 5ulnera.ilities that %ight .e open to attac . )ro5ides flexi.le ris %anage%ent reports1 prepares re%ediation ad5ice1 trend analyses and co%prehensi5e data sets to support policy enforce%ent. Si%ilar %anaged ser5ice also a5aila.le. Top :; Security Tools (isting of Btop *#B networ security tools fro% sur5ey .y Insecure.org. CIncludes 5arious types of security tools1 not Fust for testing.D
#.'.We* Site 6anage
ent Tools
CThis section includes products that contain; site 5ersion control tools1 co%.ined utilitiesLtools1 ser5er %anage%ent and opti%i4ation tools1 and authoringLpu.lishingLdeploy%ent tools that include significant site %anage%ent or testing capa.ilities.D
C+AST 1ebCentral Site %anage%ent tool fro% Coast Software1 Inc. for %onitoring co%pliance standards related to )ri5acy1 Infor%ation Assurance1 Accessi.ility1 and We. Mo5ernance. Capa.ilities include; high6le5el su%%ary reports1 site scores1 and trend analyses using intuiti5e .rowser6.ased reportsEroll6up of results fro% different .usiness units or glo.al We. sites for o5erall 5iews of site co%plianceE co%plete in5entory of We. sites and Co%parison In5entory 0eports to co%pare different 5ersions of a We. site. *a8amine #nowledge Platform Integrated site %anag%ent tool fro% 7axa%ine Inc.1 co%.ining site content1 structure and 5isitor traffic data into one searcha.le data .ase1 to ena.le detailed analysis of what is going on .ehind the scenes of We. operations. &es top product for %ultiple platfor%s1 and online ser5ice a5aila.le.
1ebC-+ Tool fro% 0adioco% (td. for %aintaining1 pro%oting1 analy4ing we. sites. (i%ited6 capa.ility free 5ersion also a5aila.le. Includes lin chec er1 WNSIWNM editor1 2)TLpu.lishing1 traffic analysis1 and site %onitoring capa.ilities.
*anage-ngine Applications *anager Site %anage%ent tool fro% Ad5ent>etE wor s with a 5ariety of we. ser5ers1 data.ase ser5ers1 ser5ice types1 and =SBs. 2ree and professional 5ersions a5aila.le. Sil%Central Performance *onitor
Page 37 of 62
Aditi Technologies
Tool fro% Segue Software1 Inc.1 acti5ely %onitors and e5aluates the health of a siteBs li5e applications utili4ing synthetic .usiness transactions. )assi5e %onitoring records real user sessions and relia.ly detects and logs all error situations encountered .y real6users. 0ecorded transactions can then .e analy4ed when production errors occur and fed .ac into Sil )erfor%er for real6world perfor%ance testing scenarios.
webSensor Integrated site %easure%ent and analysis tool fro% 7oniforce B3E Integrates perfor%ance and a5aila.ility data with site traffic data1 including ser5er errors1 response errors1 networ errors1 page a.orts1 response ti%es1 page si4es1 .andwidth usage. =ther capa.ilities include search engine opti%i4ationE clic path analysisE 5isitor seg%entationE real6ti%e executi5e dash .oard.
6ealiTea We. application %anage%ent solution that pro5ides detailed 5isi.ility into a5aila.ility and functionality issues to ena.le efficient pro.le% identification1 isolation1 and repair. Captures and %onitors real user sessions1 pro5iding context and correlation data for application failure analysis. Add6on capa.ilities include a B&ash.oardB to pro5ide real6ti%e1 custo%i4a.le 5iews of successLfailure rates for ey online .usiness processes and other critical %etrics1 and B0eal ScriptsB auto%atically generated fro% recorded user sessions for use in specified other load testing tools.
P6+G9+SIS Co%prehensi5e tool fro% Integrated 0esearch (td. for perfor%ance and a5aila.ility %onitoring1 networ %anage%ent1 and diagnosticsE suited to large syste%s. 6edDot C*S We. content %anag%ent syste% fro% 0ed&ot Solutions includes %odules such as S%art$ditE Asset 7anager to securely centrali4e i%agesE Site 7anager to create and %anage your we. siteE We. Co%pliance 7anager to %anage integrity and accessi.ility1 and %ore.
Cuevision 9etwor% *onitor 7onitoring tool fro% Cue5ision for %onitoring we.site1 ser5er1 ser5ices1 applications1 and networ E capa.ilities include notifications 5ia e%ail1 net send1 and popup1 restart apps and ser5ices1 etc. 2or Windows.
G$I 9etwor% Server *onitor Ser5er %anage%ent tool fro% M2I Software (td. chec s networ and ser5ers for failures and fixes the% auto%atically. Alerts 5ia e%ail1 pagers1 S7SE auto%atically re.oot ser5ers1 restart ser5ices1 run scripts1 etc. 2reeware 5ersion of M2I >etwor Ser5er 7onitor is also a5aila.leE includes %odules to chec ?TT) and IC7)Lping for chec ing a5aila.ility of ?TT) and ?TT)S sites.
1eb Site *onitoring
Page 38 of 62
Aditi Technologies
)erfor%ance 7onitoring 6 2ree open6source we.site perfor%ance %onitoring and upti%e notification application in )$0(1 fro% AllScoopE sends e%ail notification if site is slow or down.
ContentStudio $6catalog %anage%ent tool fro% TechniCon Syste%s with Win $xplorer6type interface with drag and drop functionalityE eli%inates need for progra%%ers and special production staff to %aintain catalogs. (egacy6to6We. Tools can @.ul 6load@ online catalog fro% legacy product data. Capa.ilities include defining intra6configuration rules1 such as option co%pati.ilities on a single productE spatial relationships .etween products1 etc.
$TP Assistant for 1ebmasters 2T) client fro% Byteway.co% for we. site updatingE additional features include %anual or custo%i4a.le auto%ated control1 lin 5erification1 ?T7( and MI2 opti%i4ation1 site cleanup1 drag6and6drop1 upload resu%ing1 scheduler1 and %ore. Test1-B *onitor We. site %onitoring tool fro% =riginal Software chec s # or %ore "0(Bs up to e5ery !/ seconds. 0ecei5e instant notification .y e%ail whene5er one of the sites is una5aila.le.
SpinPi%e 2lexi.le and scala.le content %anage%ent syste% fro% Sa55yBox Syste%s1 .ased on data.ase6dri5en1 te%plate6.ased dyna%ically6created content. Installer easily installs syste% on your ser5er1 high6le5el functions sa5e te%plate coding ti%eE WNSIWNM editor.
Constructioner We.site de5elop%ent software with integrated content %anage%ent syste% fro% Artware 7ulti%edia M%.?. &esignLad%inistrate data.ase connected )?) we. applications in co%.ination with indi5idual we.design. Includes; 0eady6to6use Bac office1 Content and Ta.le 7anage%ent CWNSIWNM6$ditorD1 "ser Ad%inistration1 7ultilingualis%1 &yna%ic 7enu1 7essage Board1 )?)6Code Insertion1 Statistical 0eports1 &ata.ase Bac up1 Search. All can .e integrated without writing code. Constructioner (ight $dition a5aila.le as 2reeware.
CrownPea% C*S Content %anage%ent ser5ice fro% Crown)ea Technology1 which hosts the %anage%ent syste% application and the clientBs ad%inistrati5e interfaces and pushes the final asse%.led pages to client We. ser5ers. )ro5ides co%plete software de5elopers en5iron%ent1 co%prehensi5e Co%%unications Mateway for in.ound and out.ound data1 and a ro.ust A)I.
1eb0ig(t ?T7( 5alidator and lin chec ing tool fro% Illu%it ((C. 2ree for use on s%all sites1 low cost for large sites. Wor s on %ultiple platfor%s.
Tonic
Page 39 of 62
Aditi Technologies
Suite of we. site %anage%entL%onitoringLtest tools fro% Tonic SoftwareE can %anage all co%ponents across co%plex We.6ena.led applications .y %easuring and %onitoring perfor%ance1 5erifying content and functional integrity1 load testing1 detecting1 reporting and fixing pro.le%s .efore users see the%.
Trellian InternetStudio Suite of we. site %anage%ent utilities fro% Trellian including site uploadLpu.lishing tools1 text editor1 ?T7( editor1 lin chec er1 site %apper1 spell chec er1 site spider1 i%age handling1 ?T7( encryptorLopti%i4er1 ?T7( 5alidator1 i%age %apper1 e6co%%erce site designerLgenerator. 2or Windows.
1atc(fire 1eb2* Content analysis tool fro% Watchfire analy4es sites for slow loading pages1 security1 searcha.ility1 .ro en lin s1 accessi.ility1 pri5acy co%pliance1 and we.site standards co%pliance.
Documentum $nterprise content %anage%ent product fro% $7C Corp. 6 capa.ilitesLsupport include scala.ility1 security1 .usiness process auto%ation1 glo.ali4ation1 P7(6content6.ased %ulti6 channel deli5ery1 support for %ore than #/ docu%ent for%ats1 integration with a 5ariety of ser5ers1 authoring tools1 etc.
Serena Collage Content %anage%ent tool fro% SerenaE .rowser6.ased1 scala.le content %anage%ent platfor% for content contri.utors distri.uted across an organi4ation. Wor s with content fro% any platfor% or application. $na.les colla.oration1 5ersion control1 acti5ity trac ing1 ad%inistration1 te%plates1 styles1 appro5al wor flow1 %ulti6lingual support1 %ore. 0uns with a 5ariety of platfor%s1 we. ser5ers1 and &B ser5ers.
$le81indow Tool fro% &igital Architects B.3.1 ena.les users to update their we. site 5ia e6%ail. "pdate news flashes1 notifications1 ad5ertise%ents1 product info1 stories1 prices1 and %ore. "se any e6%ail client capa.le of producing ?T7( to for%at your content or use ?T7( tags in a plain text e6%ail. $asy to install1 si%ply create an account and paste one line of Fa5ascript into your pages. Basic accounts are free.
Alc(emy -ye Syste% %anage%ent tool fro% Alche%y (a. continuously %onitors ser5er a5aila.ility and perfor%ance. Alerts .y cell phone1 pager1 e6%ail1 etc. Can auto%atically run external progra%s1 and log e5ents.
1eb;<< C*S
Page 40 of 62
Aditi Technologies
We. content %anage%ent and site %aintenance solution fro% We.#//. Add6on %odules allow capa.ilities such as WA)1 e6co%%erce1 pay%ent processing1 custo%er relationship %anage%ent1 and %ore.
/T*0 6ename Site 7igrationLBatch processing tool fro% $xpanda.le (anguage that enforces file na%ing con5entions Ccase1 length1 in5alid charsD1 rena%ing the files to %atch the con5ention1 then correcting the lin s to those files auto%atically. $li%inates pro.le%s encountered when %o5ing files .etween Windows1 7ac1 and ">IP syste%s and pu.lishing to C&60=7. 2or 7ac or Windows.
IP C(ec% Ser5er %onitoring tool fro% )aessler M%.?. Alerts we.%asters if a we.ser5er is not wor ing correctly .ecause the we. ser5ice is down1 CMI scripts return errors or the S:( ser5er is not reacha.le. It can constantly %onitor any nu%.er of ser5ers and ports. 2or Windows.
Stellent !niversal Content *anagement System Content %anage%ent tool fro% Stellent1 Inc. BStellent Content Ser5erB uses a we.6.ased repository1 where all content and content types are stored for %anage%ent1 reuse and access. $na.les ser5ices such as li.rary ser5ices1 security1 con5ersion ser5ices1 wor flow1 personali4ation1 indexLsearch1 replication and ad%inistration. =ther %odules pro5ide additional ser5ices such as; ser5ices for creating1 %anaging and pu.lishing We. content and supporting fro% one to thousands of We. sitesE ser5ices for capturing1 securing and sharing digital and paper6.ased docu%ents and reportsE and ser5ices for colla.orati5e en5iron%ents and for digital asset and records %anage%ent.
6(yt(my8 Content *anager We. content %anage%ent product fro% )ercussion SoftwareE .ased on nati5e P7( and PS( technologiesE content de5elop%ent1 pu.lishing1 5ersion control1 and custo%i4a.le wor flow. 7anages We. content1 docu%ents1 digital assets1 portals and scanned i%ages.
Content *anagement Server Windows .ased content %g%t tool fro% 7icrosoft Cfor%erly Bn0esolutionB fro% nCo%pass (a.sD. $nterprise we. content %anage%ent syste% that ena.les -uic ly and efficiently .uilding1 deploying1 and %aintaining highly dyna%ic we. sites. $na.les scheduling of content refreshes1 %anage%ent of wor flow1 trac ing of re5isions1 and indexing content .y %eans of a .rowser window or 5ia 7S Word.
Broadvision Suite of content and pu.lishing %anage%ent tools fro% Broad5ision Inc.E allows a distri.uted tea% of non6technical content experts to %anage e5ery aspect of site content1 including creation1 editing1 staging1 production1 and archi5ing.
Page 41 of 62
Aditi Technologies
/P +pen)iew Internet Services Internet ser5ices %onitoringL%anage%ent tool fro% ?)E integrates with other =pen3iew products to pro5ide a 5ariety of %anage%ent and %onitoring ser5ices and capa.ilities. $na.les end6user e%ulation of %aFor .usiness6critical applications as well as a single integrated 5iew of the co%plete Internet infrastructure. &esigned to help IT staff efficiently predict1 isolate1 diagnose and trou.leshoot pro.le% occurrences1 anticipate capacity shortfalls1 and %anage and report on ser5ice le5el agree%ents.
/T*0&#it 2ree1 full6featured editor fro% Cha%i.co% designed to help ?T7(1 P?T7( and P7( authors to edit1 for%at1 loo up help1 5alidate1 pre5iew and pu.lish we. pages. "ses a highly custo%i4a.le and extensi.le integrated de5elop%ent en5iron%ent while %aintaining full control o5er %ultiple file types including ?T7(1 P?T7(1 P7(1 CSS1 PS(1 <a5aScript1 )erl1 )ython1 0u.y1 <a5a1 and %uch %ore. 2inds errors and pro5ides suggestions on how to create standards co%pliant pages. Includes internal1 external1 ser5er6side and li5e pre5iew %odesE 2T) Wor space for uploading1 downloading and online editing of filesE and the a.ility to use hundreds of optional free add6ins through its open plugins interface. M"I support of W!CBs ?T7( TidyE sea%less integration with the CS$ ?T7( 3alidator. 3alidate P7( docu%ents using its &T& andLor chec for well6for%edness. =5er 4// free plugins a5aila.le for extending and custo%i4ing ?T7(6Qit. )ro plugins a5aila.le to paid registered users. IB* 1or%place 1eb Content *anagement IB7Bs we. content %anage%ent product for Internet1 intranet1 extranet and portal sitesE runs on .oth (otus &o%ino and IB7 We.Sphere. 1ebC(ec% Windows application that runs in .ac ground and periodically chec s a site for a5aila.ility and correctnessE searches for eywordsE pro5ides notification .y displaying a %essage or sending an e6%ail. 0e-uires 7SI$. 1S=$TP Pro 2T)Lwe. pu.lishing tool fro% IpswitchE %anage1 upload1 and update we.sitesE auto%atically resu%e interrupted transfersE support %ore than #/ host file syste%sE drag6 and6drop filesE for Windows. A>*onitor "tility fro% A1Tech for %onitoring a5aila.ility of we. ser5ers. Capa.ilities include notification .y e%ail and auto%atic re.oot of we. ser5er. 2or Windows.
1eb0og *anager In addition to logging capa.ilities1 chec s search engine place%ent including position1 page1 ran on page1 clic paths. $nhanced logging utili4ing custo% generated script uploaded to hostE includes Banti6caching technologyB ensuring %ore relia.le logging .y .loc ing caching of siteBs pages .y 5isitorBs .rowsersE BActi5e )rotect 7etaTagsB allowing only search engine spiders to see front6page %eta6tagsE BActi5e )rotect I%agesB to pre5ent other sites fro% @.orrowing@ i%agesE and BActi5e &eny AccessB to pre5ent particular I) addresses fro% accessing we. site. 2ro% 7onocle Solutions. 0e-uires ">IP1 )$0(1 SSI1 on we. ser5er and Windows client.
Page 42 of 62
Aditi Technologies
Agent1eb6an%ing 2reeware tool fro% AA&Soft to %onitor siteBs search engine position1 i%pro5e search engine ran s1 su.%it "0(Bs. Searches top engines for eywordsE can specify search depth. Also has eyword count for pages 5s co%petitorBs pagesE auto or %anual su.%it of "0(Bs to search engines1 %eta tag creator. 0e-uires 7SI$ and Windows.
1ebSite Director We.6content wor flow %anage%ent syste% with .rowser6.ased interface includes configura.le wor flow %anage%ent1 e6%ail su.%ission of we. content1 and e6%ail notificationsE allows defining and applying existing wor flow and appro5al rules to we. content %anage%ent process. 2or Windows1 ">IP.
- uali,er (oad .alancing ser5er appliance and site %anage%ent tool fro% Coyote )oint Syste%s. We. .ased interface for load .alancing ad%inistration1 ser5er failure detection1 real6ti%e ser5er %onitoring of ser5er response ti%e1 nu%.er of pending re-uests1 etc. 1ebTrends Analysis Suite We. site %anage%ent tool fro% >etI: includes log analysis1 lin analysis and -uality control1 content %anage%ent and site 5isuali4ation1 alerting1 %onitoring and reco5ery1 proxy ser5er traffic analysis and reporting. 2or Windows.
2*etal P7( de5elop%ent tool fro% Blast0adius for P7(6.ased we. site authoring and 5alidation. Includes a B&ata.ase I%port Wi4ardB1 and can auto%atically con5ert output to CA(S or ?T7( ta.le %odels or to P7(E 2or Windows.
!nicenter T9G w51eb *anagement +ption Site %anage%ent application fro% Co%puter Associates includes access and security control1 %onitoring1 logging1 %etrics1 ser5er %anage%ent1 networ %anage%ent. 2or 7S and >etscape we. ser5ers.
Interwoven Team Site We. de5elop%ent1 5ersion control1 access control1 and pu.lishing control toolE wor s with %any ser5ers1 =SBs1 and platfor%s.
*acromedia 1eb Publis(ing System 7acro%ediaBs co%plete1 scala.le we. content %anage%ent solution that ena.les colla.oration1 %anage%ent1 and pu.lishing to we.sites within a centrally controlled1 standards6.ased en5iron%ent. Supports %ultiple platfor%s and .rowsers.
Site5C
Page 43 of 62
Aditi Technologies
BSet6and6forgetB utility fro% 0o.o%agic SoftwareE for periodic ser5er %onitoring for we. ser5er connection pro.le%s1 lin pro.le%s. $6%ailLpager notifications1 logging capa.ilities. 2or Windows.
Power*apper 2ro% $lectru% 7ulti%ediaE for custo%i4a.le auto%ated site %apping1 ?T7( 5alidation1 lin chec ing. $5aluation copy a5aila.leE re-uires Windows and 7SI$.
SiteScope 7ercuryBs product for agentless site %onitoring and %aintenance. 0uns on ser5ers and %onitors ser5er perfor%ance1 lin s1 connections1 logs1 etc.E scheduled and on6de%and reportingE pro5ides notifications of pro.le%s. Includes pu.lished A)I for creating custo% %onitors. 7onitors %i%ic usersB end6to6end actions. 2or Windows or "nix.
/T*0 PowerTools ?T7( 5alidator1 glo.al search6and6replace. &ate sta%per1 spell chec er1 7eta %anager1 i%age tag chec er1 ?T7(6to6Text con5erter1 custo%i4a.le reports. (in chec er. 3alidates against 5arious ?T7( 5ersions1 .rowser extensionsE has updatea.le rule.ase. 2ro% Talico%. 2or Windows.
+penDeploy Interwo5enBs configura.le control syste% for deploying fro% de5elop%ent to production en5iron%ents. Includes auto%ated deploy%ent1 security1 and encryption capa.ilities. 2or Windows and "nix.
TeamSite Interwo5enBs colla.orati5e we. site production control1 ad%inistration1 and %anage%ent product for enterprise6wide internet and intranet proFects. Includes 5ersion control1 .rowser interface1 co%parison capa.ilitie1 file edit %erging1 5aria.le loc controls. Ser5er side co%pati.le with %any a5aila.le we. ser5ers.
Content *anagement Server 3ignette CorporationBs product for we. site colla.orati5e content1 pu.lishing1 %anage%ent1 and %aintenance. Support for %anaging content stored in data.ases1 P7( repositories1 and static files. Supports a wide 5ariety of we. attri.utes1 data.ases1 A)IBs1 and ser5ers.
*icrosoft $rontPage 7icrosoftBs we. site authoring and site %anage%ent toolE includes site %anage%ent capa.ilities1 lin chec ing1 etc.
/omeSite 7acro%eidaBs we. site proFect %anage%entLauthoringL5alidator toolE page in screen is 5alidated with results displayed .elowE error info is lin ed to error in ht%lE file uploadingE lin chec erE thu%.nail 5iewer. 2or Windows.
Page 44 of 62
Aditi Technologies
9et+b'ects $usion Site authoringL%anage%ent tool. 3isual site structure editor1 layout editor1 graphics %anage%ent1 stagingLpu.lishing control. 2or Windows.
#.).=ther We* Testing Tools

*orae "sa.ility test tool for we. sites and software1 fro% TechS%ith Corp. for auto%ated recording1 analy4ing and sharing of usa.ility data. Consists of ! co%ponents. A 0ecorder records and synchroni4es 5ideo and data1 creating a digital record of syste% acti5ity and user interaction. A 0e%ote 3iewer ena.les geographically dispersed o.ser5ers to watch usa.ility tests fro% any locationE it displays test userBs co%puter screen along with a picture6in6picture window displaying the test participantBs face and audioE 0e%ote 3iewer o.ser5ers can set %ar ers and add text notes. The 7anager co%ponent includes integrated editing functionality for asse%.ly of i%portant 5ideo clips to share with sta eholders. 6epro 7anual testing BhelperB tool that records des top 5ideo1 syste% operations in * different categories1 syste% resource usage1 and syste% configuration infor%ation. Allows user to sa5e and re5iew rele5ant infor%ation for .ug reports1 and co%press the result into a 5ery s%all file to replay1 upload to a .ug trac ing syste%1 and share with others. Instru%ents in %e%ory the target application at runti%e so no changes are re-uired to application under test. 2or Windows.
-8treme 1eb Analy,er We. site perfor%ance analysis tool .y &ale 2eiste for use in a de5elop%ent or controlled test en5iron%ent1 where networ traffic is captured o5er a (A>. The predicta.le networ perfor%ance of this en5iron%ent ena.les relia.le %odeling of trace data. 2reeE re-uires a syste% capa.le of running $thereal andLor Sniffer1 )erl1 and 7S $xcel for charting and %odeling.
!60?image7com Ser5ice fro% ?0$2 Tools to chec we. page appearance in different BrowserL=S co%.inations. 2or anyone interested in css1 we. standards and elastic designE can specify the screen widthCsD1 font %agnificationCsD and page positionCsD for the proofs. $nter "0( and recei5e .ac report with screenshots ta en in real ti%e on real hardware.
TestGen 2ree open6source we. test data generation progra% that allows de5elopers to -uic ly generate test data for their we.6ser5ices .efore pu.licly or internally releasing the we. ser5ice for production.
-ngine)iewer and SiteTimer 2ree .asic ser5ices; $ngine3iewer 6 reports on how a search engine %ay 5iew a we.page1 fro% how it .rea s down the ?T7(1 to which lin s it extracts1 how it interprets pageBs ro.ot exclusion rules and %ore. SiteTi%er ser5ice 6 2ind out how long it ta es 5arious
Page 45 of 62
Aditi Technologies
connection types to get a page1 chec exa%ine ser5erBs ?TT) headers1 %ore.
all the graphical lin s to ensure theyBre correct1
$iddler An ?TT) &e.ugging tool .y $ric (awrence. Acts as an ?TT) )roxy running on port ++++ of local )C. Any application which accepts an ?TT) )roxy can .e configured to run through 2iddler. (ogs all ?TT) traffic .etween .etween co%puter and the Internet1 and allows inspection of the ?TT) data1 set .rea points1 and @fiddle@ with inco%ing or outgoing data. &esigned to .e %uch si%pler than using >et7on or Achilles1 and includes a si%ple .ut powerful <Script.>$T e5ent6.ased scripting su.syste%. 2ree1 for Windows.
$6--ping 2ree ping software utility fro% Tools4e5er which will ping all your Windows6.ased ser5ers Cor any other I) addressD in freely6defina.le inter5als. Will send a popup when one of the ser5ers stops responding.
IP Traffic Test and *easure >etwor traffic si%ulation and test tool fro% =%nicor Corp. can generate TC)L"&) connections using different I) addressesE data creation or capture and replayE %anage and %onitor throughput1 loss1 and delay.
SetSim Pro >orthern We.sB free on6the6we. %eta tag chec erE includes additional search6engine6 related capa.ilities.
)isitor)ille Site traffic %onitoring tool fro% World 7ar et Watch Inc. that depicts we.site 5isitors as ani%ated characters in a 5irtual 5illageE users can watch their we. traffic as if theyBre watching a %o5ie.
$unnelIT 2ree utility fro% ByStor% Software helps strea%line test reporting and analysis .y gathering Windows platfor% en5iron%entLconfiguration infor%ation Crunning tas s1 loaded %odules1 5irtual %e%ory settings1 =S 5ersion1 co%ponent details1 processor infor%ation1 physical %e%ory infor%ation1 etc.D in s%all text files. A5aila.le as an executa.le intended to lea5e no footprint. 2ull6featured 5ersion Cnot freeD has configura.le reporting1 and also allows gathering TC)LI) AddressL>etwor Infor%ation1 >etwor Adaptor Infor%ation1 Ser5ices infor%ation1 Installed Software and Installed P) "pdates1 &ri5e 2ree SpaceLSi4eL"sed info1 etc.D. Also allows co%parisons a%ong results fro% %ultiple syste%s.
Sandra BSyste% A>alyser1 &iagnostic and 0eporting AssistantB utility fro% SiSoftware. )ro5ides large 5ariety of infor%ation a.out a Windows syste%Bs hardware and software. Includes C)"1 %ain.oard1 dri5es1 ports1 processes1 %odules1 ser5ices1 de5ice dri5ers1 =&BC sources1 %e%ory details1 en5iron%ent settings1 syste% file listings1 and %uch %ore. )ro5ides perfor%ance enhancing tips1 tune6up wi4ard1 file syste% and %e%ory .andwidth
Page 46 of 62
Aditi Technologies
.ench%ar ing1 %ore. 0eporting 5ia sa5eLprintLfaxLe%ail in text1 ht%l1 P7(1 etc. 2ree1 )rofessional1 and other 5ersions a5aila.le in %ultiple languages.
Pat( Application *anager Application 7onitoring and %anage%ent tool fro% Win%oore1 Inc. "ses pattern recognition technology to peer deep inside custo%i4ed or C=TS applications1 analogous to running an 70I scan. $na.les enhance%ent of :A1 testing1 and trou.leshooting with code co5erage capa.ilities.
6A*P Section #/+ and W!C Accessi.ility Muidelines tool fro% &e-ue Syste%s that auto%ates analysis and re%ediation of non6co%pliant we. functionality.
Browser Cam Ser5ice for we. de5elopers and testers that creates screen captures of we. pages loaded in any .rowser1 any 5ersion1 any operating syste%. Allows 5iewing of we. page appearance on Windows1 (inux1 7acintosh1 in %ost 5ersions of e5ery .rowser e5er released.
Dummynet 2lexi.le tool de5eloped .y (uigi 0i44o1 originally designed for testing networ ing protocols1 can .e used in testing to si%ulate -ueue and .andwidth li%itations1 delays1 pac et losses1 and %ultipath effects. Can .e used on userBs wor stations1 or on 2reeBS& %achines acting as routers or .ridges.
/TTP Interceptor A real6ti%e ?TT) protocol analysis and trou.leshooting tool fro% All?TT).co%. 3iew all headers and data that tra5el .etween your .rowser and the ser5er. Split6screen display and dual logs for re-uest and response data. Interceptor also allows changing of select re-uest headers on6the6fly1 such as @0eferrer@ and @"ser Agent@.
SpySmit( Si%ple .ut powerful diagnostic tool fro% :uality 2orgeE especially useful when testing we. sites and we.6.ased applications. It allows the user to pee inside I.$. Browser6.ased &ocu%ents Cincluding those without a B5iew sourceB co%%andD to extract precise infor%ation a.out the &=7 ele%ents in an ?T7( source. SpyS%ith can also spy on Windows o.Fects. 2or Windows. 2ree ,/6day trial.
Co&Advisor Tool fro% The 7easure%ent 2actory for testing -uality of protocol i%ple%entations. Co6 Ad5isor can test for protocol co%pati.ility1 co%pliance1 ro.ustness1 security1 and other -uality factors. Co6Ad5isorBs current focus is on ?TT) inter%ediaries such as firewalls1 filters1 caching proxies1 and P7( switches. =ther info; runs on 2reeBS& pac ages1 (inux 0)7s1 Windows Con6de%andDE a5aila.le as on6line ser5ice1 .inaries1 or source code.
Page 47 of 62
Aditi Technologies
Poc%etS+AP )ac et6capture tool .y Si%on 2ell1 with M"IE captures and displays pac et data .etween local client and specified we. ser5er. Can log captures to dis . 2or WindowsE .inaries and source a5aila.leE freeware. Also a5aila.le is )oc etP7(60)C and )oc et?TT).
TcpTrace Tool .y Si%on 2ell acts as a relay .etween client and ser5er for %onitoring pac et data. Wor s with all text6.ased I) protocols. 2or windowsE freeware.
Pro8yTrace Tool .y Si%on 2ell acts as a proxy ser5er to allow tracing of ?TT) dataE can .e used .y setting .rowser to use it as a proxy ser5er and then can %onitor all traffic to and fro% .rowser. 2reeware.
tcptrace Tool written .y Shawn =ster%ann for analysis of TC) du%pfiles1 such as those produced .y tcpdu%p1 snoop1 etherpee 1 ?) >et 7etrix1 or Win&u%p. Can produce 5arious types of output with info on each connection seen such as elapsed ti%e1 .ytes1 and seg%ents sent and recei5ed1 retrans%issions1 round trip ti%es1 window ad5ertise%ents1 throughput1 and 5arious graphs. A5aila.le for 5arious ">IP fla5ors1 for Windows1 and as source codeE freeware.
*ITs7comm Tool fro% =%sphere ((C for si%ulating 5irtually any software interface Cinternal or externalD. Allows testing without pitfalls associated with li5e connections to other syste%s CTC)LI)1 $thernet1 2T)1 etcD. Allows de5elopers to test down to the unit le5el .y si%ulating the internal software interfaces C%essage -ueues1 %ail.oxes1 etc.D Tool can learn what re-uestLresponse scenarios are .eing tested for future tests and can wor with any protocol1 any %essage definitions1 and any networ . Also a5aila.le; 7ITS.M"I
2*0 Conformance Test Suite P7( confor%ance test suites fro% W!C and >ISTE contains o5er 2/// test files and an associated test report Calso in P7(D. The test report contains .ac ground infor%ation on confor%ance testing for P7( as well as test descriptions for each of the test files. This is a set of %etrics for deter%ining confor%ance to the listed W!C P7( 0eco%%endation.
Certify Test auto%ation %anage%ent tool fro% Wor Soft1 Inc. 2or %anaging and de5eloping test cases and scripts1 and generating test scripts. 2or auto%ated testing of We.1 clientLser5er1 and %ainfra%e applications. 0uns on Windows platfor%s. /iSoftware Acc)erify Tool for testing site Accessi.ility O "sa.ility1 Searcha.ility1 )ri5acy and Intellectual )roperty policy 5erification1 =5erall Site :uality1 Custo% Chec s and Test Suites to %eet organi4ationBs standards. Can crawl a site and report errorsE can also progra%%atically fix %ost co%%on errors found. 0uns on Windows.
Page 48 of 62
Aditi Technologies
/iSoftware 1eb Site *onitor Tool allows user to %onitor your ser5er and send alerts1 allows %onitoring we. sites for changes or %isuse of your intellectual property in %etadata or in the presented docu%entE lin 5alidation.
1eb +ptimi,er We. page opti%i4ing tool fro% 3isionary Technologies intelligently co%presses we. pages to accelerate we. sites without changing siteBs appearance. 0e%o5es unnecessary infor%ation in ?T7(1 P7(1 P?T7(1 CSS1 and <a5ascript and includes MI2 and <)$M opti%i4er techni-ues.
/T*0?T2T Con5ersion utility that con5erts ?T7( as rendered in 7S Internet $xplorer into ASCII text while accurately preser5ing the layout of the text. Included with software are exa%ples of using the control fro% within 3isual Basic1 3isual CSS1 and ?T7(.
Team 6emote Debugger &e.ugging tool fro% Spline Technologies allows tracing of any nu%.er of code units of any ind C AS)1 7TS1 T6S:(1 C=7S1 Acti5eP $xe1 &((1 C=71 Thread1 C27( D1 written in any language C AS)1 3B1 3CSS1 &elphi1 T6S:(1 3<1 C27( D residing on %ultiple shared and dedicated ser5ers at the sa%e ti%e1 without e5er attaching to process. 0e%ote code can pass %essages and dialogs directly to your local %achine 5ia Tea% 0e%ote &e.ugger co%ponent1 and de5elopers can then de.ug their respecti5e code independently of one another no %atter if the code units reside on the sa%e ser5ers or on different ser5ers or on any co%.ination thereof.
Datatect Test data generator fro% Banner Software generates data to a flat file or =&BC6co%pliant data.aseE includes capa.ilities such as scripting support that allows user to write 3BScripts that %odify data to create P7( output1 data generation interface to Segue Sil Test1 capa.ility to read in existing data.ase ta.le structures to aid in data generation1 wide 5ariety of data types and capa.ilities for custo% data types. 2or Windows.
/ypertra% Suite of software protocol analy4ers fro% Trio%etric accurately calculates end6to6end download speeds for each transaction1 not Fust sa%plesE produces a range of configura.le reports that .rea s down info into networ and ser5er speeds1 errors1 co%parison to S(ABs1 perfor%ance for each ser5er1 client1 "0(1 ti%e period1 etc. 0uns on Solaris or (inux.
1ebBug &e.ugging tool fro% A%an Software for %onitoring ?TT) protocol sends and recei5esE handles ?TT) /.,L1./L1.1E allows for entry of custo% headers. 2reeware.
1eb*etrics
Page 49 of 62
Aditi Technologies
We. usa.ility testing and e5aluation tool suite fro% ".S. Mo5t. >IST. Source code a5aila.le. 2or ">IP1 Windows.
*6TG 7ulti 0outer Traffic Mrapher 6 free tool utili4ing S>7) to %onitoring traffic loads on networ lin sE generates reports as we. pages with MI2 graphics on in.ound and out.ound traffic. 2or ">IP1 Windows.
Page 50 of 62
Aditi Technologies
$. Testing 1-:
1. What is BSoftware :uality AssuranceB9 2. What is BSoftware TestingB9 3. What are so%e recent %aFor co%puter syste% failures caused .y software
.ugs9
4. Why is it often hard for %anage%ent to get serious a.out -uality assurance9 5. Why does software ha5e .ugs9 6. ?ow can new Software :A processes .e introduced in an existing organi4ation9 7. What is 5erification and 3alidation9 8. What is a Bwal throughB9 9. WhatBs an BinspectionB9 10. What inds of testing should .e considered9 11. What are # co%%on pro.le%s in the software de5elop%ent process9 12. What is software B-ualityB9 13. What is Bgood codeB9 14. What is Bgood designB9Top of the &ocu%ent 15. What is S$I9 C779 C77I9 IS=9 Will it help9 16. What is the Bsoftware life cycleB9 17. Will auto%ated testing tools %a e testing easier9
>7 1(at is .Software "uality Assurance.@ Software :A in5ol5es the entire software de5elop%ent )rocess 6 %onitoring and i%pro5ing the process1 %a ing sure that any agreed6upon standards and procedures are followed1 and ensuring that pro.le%s are found and dealt with. It is oriented to Bpre5entionB. CSee the Boo s section for a list of useful .oo s on Software :uality Assurance.D ?7 1(at is .Software Testing.@ Testing in5ol5es operation of a syste% or application under controlled conditions and e5aluating the results Ceg1 Bif the user is in interface A of the application while using hardware B1 and does C1 then & should happenBD. The controlled conditions should include .oth nor%al and a.nor%al conditions. Testing should intentionally atte%pt to %a e things go wrong to deter%ine if things happen when they shouldnBt or things donBt happen when they should. It is oriented to BdetectionB. =rgani4ations 5ary considera.ly in how they assign responsi.ility for :A and testing. So%eti%es theyBre the co%.ined responsi.ility of one group or indi5idual. Also co%%on are proFect tea%s that include a %ix of testers and de5elopers who wor closely together1 with o5erall :A processes %onitored .y proFect %anagers. It will depend on what .est fits an organi4ationBs si4e and .usiness structure. 37 1(at are some recent ma'or computer system failures caused software bugs@ by
Page 51 of 62
Aditi Technologies
7edia reports in <anuary of 2//# detailed se5ere pro.le%s with a W1*/ %illion high6profile ".S. go5ern%ent IT syste%s proFect. Software testing was one of the fi5e %aFor pro.le% areas according to a report of the co%%ission re5iewing the proFect. Studies were under way to deter%ine which1 if any1 portions of the proFect could .e sal5aged. In <uly 2//4 newspapers reported that a new go5ern%ent welfare %anage%ent syste% in Canada costing se5eral hundred %illion dollars was una.le to handle a si%ple .enefits rate increase after .eing put into li5e operation. 0eportedly the original contract allowed for only ' wee s of acceptance testing and the syste% was ne5er tested for its a.ility to handle a rate increase. 7illions of .an accounts were i%pacted .y errors due to installation of inade-uately tested software code in the transaction processing syste% of a %aFor >orth A%erican .an 1 according to %id62//4 news reports. Articles a.out the incident stated that it too two wee s to fix all the resulting errors1 that additional pro.le%s resulted when the incident drew a large nu%.er of e6%ail phishing attac s against the .an Bs custo%ers1 and that the total cost of the incident could exceed W1// %illion. A .ug in site %anage%ent software utili4ed .y co%panies with a significant percentage of worldwide we. traffic was reported in 7ay of 2//4. The .ug resulted in perfor%ance pro.le%s for %any of the sites si%ultaneously and re-uired disa.ling of the software until the .ug was fixed. According to news reports in April of 2//41 a software .ug was deter%ined to .e a %aFor contri.utor to the 2//! >ortheast .lac out1 the worst power syste% failure in >orth A%erican history. The failure in5ol5ed loss of electrical power to #/ %illion custo%ers1 forced shutdown of 1// power plants1 and econo%ic losses esti%ated at W' .illion. The .ug was reportedly in one utility co%panyBs 5endor6supplied power %onitoring and %anage%ent syste%1 which was una.le to correctly handle and report on an unusual confluence of initially locali4ed e5ents. The error was found and corrected after exa%ining %illions of lines of code. In early 2//41 news reports re5ealed the intentional use of a software .ug as a counter6espionage tool. According to the report1 in the early 1,+/Bs one nation surreptitiously allowed a hostile nationBs espionage ser5ice to steal a 5ersion of sophisticated industrial software that had intentionally6added flaws. This e5entually resulted in %aFor industrial disruption in the country that used the stolen flawed software. A %aFor ".S. retailer was reportedly hit with a large go5ern%ent fine in =cto.er of 2//! due to we. site errors that ena.led custo%ers to 5iew one anothersB online orders. >ews stories in the fall of 2//! stated that a %anufacturing co%pany recalled all their transportation products in order to fix a software pro.le% causing insta.ility in certain circu%stances. The co%pany found and reported the .ug itself and initiated the recall procedure in which a software upgrade fixed the pro.le%s. In <anuary of 2//1 newspapers reported that a %aFor $uropean railroad was hit .y the aftereffects of the N2Q .ug. The co%pany found that %any of their newer trains would not run due to their ina.ility to recogni4e the date B!1L12L2///BE the trains were started .y altering the control syste%Bs date settings. >ews reports in Septe%.er of 2/// told of a software 5endor settling a lawsuit with a large %ortgage lenderE the 5endor had reportedly deli5ered
Page 52 of 62
Aditi Technologies
an online %ortgage processing syste% that did not %eet specifications1 was deli5ered late1 and didnBt wor . In early 2///1 %aFor pro.le%s were reported with a new co%puter syste% in a large su.ur.an ".S. pu.lic school district with 1//1///S studentsE pro.le%s included 1/1/// erroneous report cards and students left stranded .y failed class registration syste%sE the districtBs CI= was fired. The school district decided to reinstate itBs original 2#6year old syste% for at least a year until the .ugs were wor ed out of the new syste% .y the software 5endors. In =cto.er of 1,,, the W12# %illion >ASA 7ars Cli%ate =r.iter spacecraft was .elie5ed to .e lost in space due to a si%ple data con5ersion error. It was deter%ined that spacecraft software used certain data in $nglish units that should ha5e .een in %etric units. A%ong other tas s1 the or.iter was to ser5e as a co%%unications relay for the 7ars )olar (ander %ission1 which failed for un nown reasons in &ece%.er 1,,,. Se5eral in5estigating panels were con5ened to deter%ine the process failures that allowed the error to go undetected. Bugs in software supporting a large co%%ercial high6speed data networ affected */1/// .usiness custo%ers o5er a period of + days in August of 1,,,. A%ong those affected was the electronic trading syste% of the largest ".S. futures exchange1 which was shut down for %ost of a wee as a result of the outages. <anuary 1,,+ news reports told of software pro.le%s at a %aFor ".S. teleco%%unications co%pany that resulted in no charges for long distance calls for a %onth for 4//1/// custo%ers. The pro.le% went undetected until custo%ers called up with -uestions a.out their .ills. uality
A7 1(y is it often (ard for management to get serious about assurance@
Sol5ing pro.le%s is a high65isi.ility processE pre5enting pro.le%s is low6 5isi.ility. This is illustrated .y an old para.le; In ancient China there was a fa%ily of healers1 one of who% was nown throughout the land and e%ployed as a physician to a great lord.
;7 1(y does software (ave bugs@ 7isco%%unication or no co%%unication 6 as to specifics of what an application should or shouldnBt do Cthe applicationBs re-uire%entsD. Software co%plexity 6 the co%plexity of current software applications can .e difficult to co%prehend for anyone without experience in %odern6day software de5elop%ent. 7ulti6tiered applications1 client6ser5er and distri.uted applications1 data co%%unications1 enor%ous relational data.ases1 and sheer si4e of applications ha5e all contri.uted to the exponential growth in softwareLsyste% co%plexity. )rogra%%ing errors 6 progra%%ers1 li e anyone else1 can %a e %ista es. Changing re-uire%ents Cwhether docu%ented or undocu%entedD 6 the end6 user %ay not understand the effects of changes1 or %ay understand and re-uest the% anyway 6 redesign1 rescheduling of engineers1 effects on other proFects1 wor already co%pleted that %ay ha5e to .e redone or thrown out1 hardware re-uire%ents that %ay .e affected1 etc. If there are %any %inor changes or any %aFor changes1 nown and un nown dependencies a%ong
Page 53 of 62
Aditi Technologies
parts of the proFect are li ely to interact and cause pro.le%s1 and the co%plexity of coordinating changes %ay result in errors. $nthusias% of engineering staff %ay .e affected. In so%e fast6changing .usiness en5iron%ents1 continuously %odified re-uire%ents %ay .e a fact of life. In this case1 %anage%ent %ust understand the resulting ris s1 and :A and test engineers %ust adapt and plan for continuous extensi5e testing to eep the ine5ita.le .ugs fro% running out of control 6 see BWhat can .e done if re-uire%ents are changing continuously9B in )art 2 of the 2A:. Also see infor%ation a.out BagileB approaches such as P)1 also in )art 2 of the 2A:. Ti%e pressures 6 scheduling of software proFects is difficult at .est1 often re-uiring a lot of guesswor . When deadlines loo% and the crunch co%es1 %ista es will .e %ade. egos 6 people prefer to say things li e; o Bno pro.le%B o Bpiece of ca eB o BI can whip that out in a few hoursB o Bit should .e easy to update that old codeB instead of; o Bthat adds a lot of co%plexity and we could end up %a ing a lot of %ista esB o Bwe ha5e no idea if we can do thatE weBll wing itB o BI canBt esti%ate how long it will ta e1 until I ta e a close loo at itB o Bwe canBt figure out what that old spaghetti code did in the first placeB If there are too %any unrealistic Bno pro.le%BsB1 the result is .ugs. )oorly docu%ented code 6 itBs tough to %aintain and %odify code that is .adly written or poorly docu%entedE the result is .ugs. In %any organi4ations %anage%ent pro5ides no incenti5e for progra%%ers to docu%ent their code or write clear1 understanda.le1 %aintaina.le code. In fact1 itBs usually the opposite; they get points %ostly for -uic ly turning out code1 and thereBs Fo. security if no.ody else can understand it CBif it was hard to write1 it should .e hard to readBD. Software de5elop%ent tools 6 5isual tools1 class li.raries1 co%pilers1 scripting tools1 etc. often introduce their own .ugs or are poorly docu%ented1 resulting in added .ugs.
B7 /ow can new Software "A processes be introduced in an e8isting organi,ation@ A lot depends on the si4e of the organi4ation and the ris s in5ol5ed. 2or large organi4ations with high6ris Cin ter%s of li5es or propertyD proFects1 serious %anage%ent .uy6in is re-uired and a for%ali4ed :A process is necessary. Where the ris is lower1 %anage%ent and organi4ational .uy6in and :A i%ple%entation %ay .e a slower1 step6at6a6ti%e process. :A processes should .e .alanced with producti5ity so as to eep .ureaucracy fro% getting out of hand. 2or s%all groups or proFects1 a %ore ad6hoc process %ay .e appropriate1 depending on the type of custo%ers and proFects. A lot will depend on tea% leads or %anagers1 feed.ac to de5elopers1 and ensuring ade-uate co%%unications a%ong custo%ers1 %anagers1 de5elopers1 and testers.
Page 54 of 62
Aditi Technologies
The %ost 5alue for effort will often .e in CaD re-uire%ents %anage%ent processes1 with a goal of clear1 co%plete1 testa.le re-uire%ent specifications e%.odied in re-uire%ents or design docu%entation1 or in BagileB6type en5iron%ents extensi5e continuous coordination with end6users1 C.D design inspections and code inspections1 and CcD post6%orte%sLretrospecti5es.
:7 1(at is verification and validation@ 3erification typically in5ol5es re5iews and %eetings to e5aluate docu%ents1 plans1 code1 re-uire%ents1 and specifications. This can .e done with chec lists1 issues lists1 wal throughs1 and inspection %eetings. 3alidation typically in5ol5es actual testing and ta es place after 5erifications are co%pleted. The ter% BI3 O 3B refers to Independent 3erification and 3alidation.
C7 1(at is a .wal%t(roug(.@ A Bwal throughB is an infor%al %eeting for e5aluation or infor%ational purposes. (ittle or no preparation is usually re-uired.
D7 1(at.s an .inspection.@ An inspection is %ore for%ali4ed than a Bwal throughB1 typically with !6+ people including a %oderator1 reader1 and a recorder to ta e notes. The su.Fect of the inspection is typically a docu%ent such as a re-uire%ents spec or a test plan1 and the purpose is to find pro.le%s and see whatBs %issing1 not to fix anything. Attendees should prepare for this type of %eeting .y reading thru the docu%entE %ost pro.le%s will .e found during this preparation. The result of the inspection %eeting should .e a written report.
><7 1(at %inds of testing s(ould be considered@ Blac .ox testing 6 not .ased on any nowledge of internal design or code. Tests are .ased on re-uire%ents and functionality. White .ox testing 6 .ased on nowledge of the internal logic of an applicationBs code. Tests are .ased on co5erage of code state%ents1 .ranches1 paths1 conditions. "nit testing 6 the %ost B%icroB scale of testingE to test particular functions or code %odules. Typically done .y the progra%%er and not .y testers1 as it re-uires detailed nowledge of the internal progra% design and code. >ot always easily done unless the application has a well6designed architecture with tight codeE %ay re-uire de5eloping test dri5er %odules or test harnesses. Incre%ental integration testing 6 continuous testing of an application as new functionality is addedE re-uires that 5arious aspects of an applicationBs functionality .e independent enough to wor separately .efore all parts of the progra% are co%pleted1 or that test dri5ers .e de5eloped as neededE done .y progra%%ers or .y testers. Integration testing 6 testing of co%.ined parts of an application to deter%ine if they function together correctly. The BpartsB can .e code
Page 55 of 62
Aditi Technologies
%odules1 indi5idual applications1 client and ser5er applications on a networ 1 etc. This type of testing is especially rele5ant to clientLser5er and distri.uted syste%s. 2unctional testing 6 .lac 6.ox type testing geared to functional re-uire%ents of an applicationE this type of testing should .e done .y testers. This doesnBt %ean that the progra%%ers shouldnBt chec that their code wor s .efore releasing it Cwhich of course applies to any stage of testing.D Syste% testing 6 .lac 6.ox type testing that is .ased on o5erall re-uire%ents specificationsE co5ers all co%.ined parts of a syste%. $nd6to6end testing 6 si%ilar to syste% testingE the B%acroB end of the test scaleE in5ol5es testing of a co%plete application en5iron%ent in a situation that %i%ics real6world use1 such as interacting with a data.ase1 using networ co%%unications1 or interacting with other hardware1 applications1 or syste%s if appropriate. Sanity testing or s%o e testing 6 typically an initial testing effort to deter%ine if a new software 5ersion is perfor%ing well enough to accept it for a %aFor testing effort. 2or exa%ple1 if the new software is crashing syste%s e5ery # %inutes1 .ogging down syste%s to a crawl1 or corrupting data.ases1 the software %ay not .e in a BsaneB enough condition to warrant further testing in its current state. 0egression testing 6 re6testing after fixes or %odifications of the software or its en5iron%ent. It can .e difficult to deter%ine how %uch re6testing is needed1 especially near the end of the de5elop%ent cycle. Auto%ated testing tools can .e especially useful for this type of testing. Acceptance testing 6 final testing .ased on specifications of the end6user or custo%er1 or .ased on use .y end6usersLcusto%ers o5er so%e li%ited period of ti%e. (oad testing 6 testing an application under hea5y loads1 such as testing of a we. site under a range of loads to deter%ine at what point the syste%Bs response ti%e degrades or fails. Stress testing 6 ter% often used interchangea.ly with BloadB and Bperfor%anceB testing. Also used to descri.e such tests as syste% functional testing while under unusually hea5y loads1 hea5y repetition of certain actions or inputs1 input of large nu%erical 5alues1 large co%plex -ueries to a data.ase syste%1 etc. )erfor%ance testing 6 ter% often used interchangea.ly with BstressB and BloadB testing. Ideally Bperfor%anceB testing Cand any other BtypeB of testingD is defined in re-uire%ents docu%entation or :A or Test )lans. "sa.ility testing 6 testing for Buser6friendlinessB. Clearly this is su.Fecti5e1 and will depend on the targeted end6user or custo%er. "ser inter5iews1 sur5eys1 5ideo recording of user sessions1 and other techni-ues can .e used. )rogra%%ers and testers are usually not appropriate as usa.ility testers. InstallLuninstall testing 6 testing of full1 partial1 or upgrade installLuninstall processes. 0eco5ery testing 6 testing how well a syste% reco5ers fro% crashes1 hardware failures1 or other catastrophic pro.le%s. 2ailo5er testing 6 typically used interchangea.ly with Breco5ery testingB Security testing 6 testing how well the syste% protects against unauthori4ed internal or external access1 willful da%age1 etcE %ay re-uire sophisticated testing techni-ues.
Page 56 of 62
Aditi Technologies
Co%pata.ility testing 6 testing how well software perfor%s in a particular hardwareLsoftwareLoperating syste%Lnetwor Letc. en5iron%ent. $xploratory testing 6 often ta en to %ean a creati5e1 infor%al software test that is not .ased on for%al test plans or test casesE testers %ay .e learning the software as they test it. Ad6hoc testing 6 si%ilar to exploratory testing1 .ut often ta en to %ean that the testers ha5e significant understanding of the software .efore testing it. Context6dri5en testing 6 testing dri5en .y an understanding of the en5iron%ent1 culture1 and intended use of software. 2or exa%ple1 the testing approach for life6critical %edical e-uip%ent software would .e co%pletely different than that for a low6cost co%puter ga%e. "ser acceptance testing 6 deter%ining if software is satisfactory to an end6 user or custo%er. Co%parison testing 6 co%paring software wea nesses and strengths to co%peting products. Alpha testing 6 testing of an application when de5elop%ent is nearing co%pletionE %inor design changes %ay still .e %ade as a result of such testing. Typically done .y end6users or others1 not .y progra%%ers or testers. Beta testing 6 testing when de5elop%ent and testing are essentially co%pleted and final .ugs and pro.le%s need to .e found .efore final release. Typically done .y end6users or others1 not .y progra%%ers or testers. 7utation testing 6 a %ethod for deter%ining if a set of test data or test cases is useful1 .y deli.erately introducing 5arious code changes CB.ugsBD and retesting with the original test dataLcases to deter%ine if the B.ugsB are detected. )roper i%ple%entation re-uires large co%putational resources.
>>7 1(at are ; common problems in t(e software development process@ Solid re-uire%ents 6 clear1 co%plete1 detailed1 cohesi5e1 attaina.le1 testa.le re-uire%ents that are agreed to .y all players. "se prototypes to help nail down re-uire%ents. In BagileB6type en5iron%ents1 continuous coordination with custo%ersLend6users is necessary. 0ealistic schedules 6 allow ade-uate ti%e for planning1 design1 testing1 .ug fixing1 re6testing1 changes1 and docu%entationE personnel should .e a.le to co%plete the proFect without .urning out. Ade-uate testing 6 start testing early on1 re6test after fixes or changes1 plan for ade-uate ti%e for testing and .ug6fixing. B$arlyB testing ideally includes unit testing .y de5elopers and .uilt6in testing and diagnostic capa.ilities. Stic to initial re-uire%ents as %uch as possi.le 6 .e prepared to defend against excessi5e changes and additions once de5elop%ent has .egun1 and .e prepared to explain conse-uences. If changes are necessary1 they should .e ade-uately reflected in related schedule changes. If possi.le1 wor closely with custo%ersLend6users to %anage expectations. This will pro5ide the% a higher co%fort le5el with their re-uire%ents decisions and %ini%i4e excessi5e changes later on. Co%%unication 6 re-uire wal throughs and inspections when appropriateE %a e extensi5e use of group co%%unication tools 6 e6%ail1 groupware1 networ ed .ug6trac ing tools and change %anage%ent tools1 intranet capa.ilities1 etc.E insure that infor%ationLdocu%entation is a5aila.le and up6
Page 57 of 62
Aditi Technologies
to6date 6 prefera.ly electronic1 not paperE pro%ote tea%wor and cooperationE use protoypes if possi.le to clarify custo%ersB expectations. >?7 1(at is software . uality.@ :uality software is reasona.ly .ug6free1 deli5ered on ti%e and within .udget1 %eets re-uire%ents andLor expectations1 and is %aintaina.le. ?owe5er1 -uality is o.5iously a su.Fecti5e ter%. It will depend on who the Bcusto%erB is and their o5erall influence in the sche%e of things. A wide6 angle 5iew of the Bcusto%ersB of a software de5elop%ent proFect %ight include end6users1 custo%er acceptance testers1 custo%er contract officers1 custo%er %anage%ent1 the de5elop%ent organi4ationBs. 7anage%entLaccountantsLtestersLsalespeople1 future software %aintenance engineers1 stoc holders1 %aga4ine colu%nists1 etc. $ach type of Bcusto%erB will ha5e their own slant on B-ualityB 6 the accounting depart%ent %ight define -uality in ter%s of profits while an end6user %ight define -uality as user6friendly and .ug6free.
>37 1(at is .good code.@ BMood codeB is code that wor s1 is .ug free1 and is reada.le and %aintaina.le. So%e organi4ations ha5e coding BstandardsB that all de5elopers are supposed to adhere to1 .ut e5eryone has different ideas a.out whatBs .est1 or what is too %any or too few rules. There are also 5arious theories and %etrics1 such as 7cCa.e Co%plexity %etrics. It should .e ept in %ind that excessi5e use of standards and rules can stifle producti5ity and creati5ity. B)eer re5iewsB1 B.uddy chec sB code analysis tools1 etc. can .e used to chec for pro.le%s and enforce standards. 2or C and CSS coding1 here are so%e typical ideas to consider in setting rulesLstandardsE these %ay or %ay not apply to a particular situation; 7ini%i4e or eli%inate use of glo.al 5aria.les. "se descripti5e function and %ethod na%es 6 use .oth upper and lower case1 a5oid a..re5iations1 use as %any characters as necessary to .e ade-uately descripti5e Cuse of %ore than 2/ characters is not out of lineDE .e consistent in na%ing con5entions. "se descripti5e 5aria.le na%es 6 use .oth upper and lower case1 a5oid a..re5iations1 use as %any characters as necessary to .e ade-uately descripti5e Cuse of %ore than 2/ characters is not out of lineDE .e consistent in na%ing con5entions. 2unction and %ethod si4es should .e %ini%i4edE less than 1// lines of code is good1 less than #/ lines is prefera.le. 2unction descriptions should .e clearly spelled out in co%%ents preceding a functionBs code. =rgani4e code for reada.ility. "se whitespace generously 6 5ertically and hori4ontally. $ach line of code should contain */ characters %ax. =ne code state%ent per line. Coding style should .e consistent throught a progra% Ceg1 use of .rac ets1 indentations1 na%ing con5entions1 etc.D
Page 58 of 62
Aditi Technologies
In adding co%%ents1 err on the side of too %any rather than too few co%%entsE a co%%on rule of thu%. is that there should .e at least as %any lines of co%%ents Cincluding header .loc sD as lines of code. >o %atter how s%all1 an application should include docu%entaion of the o5erall progra% function and flow Ce5en a few paragraphs is .etter than nothingDE or if possi.le a separate flow chart and detailed progra% docu%entation. 7a e extensi5e use of error handling procedures and status and error logging. 2or CSS1 to %ini%i4e co%plexity and increase %aintaina.ility1 a5oid too %any le5els of inheritance in class heirarchies Crelati5e to the si4e and co%plexity of the applicationD. 7ini%i4e use of %ultiple inheritance1 and %ini%i4e use of operator o5erloading Cnote that the <a5a progra%%ing language eli%inates %ultiple inheritance and operator o5erloading.D 2or CSS1 eep class %ethods s%all1 less than #/ lines of code per %ethod is prefera.le. 2or CSS1 %a e li.eral use of exception handlers.
>A7 1(at is .good design.@ B&esignB could refer to %any things1 .ut often refers to Bfunctional designB or Binternal designB. Mood internal design is indicated .y software code whose o5erall structure is clear1 understanda.le1 easily %odifia.le1 and %aintaina.leE is ro.ust with sufficient error6handling and status logging capa.ilityE and wor s correctly when i%ple%ented. Mood functional design is indicated .y an application whose functionality can .e traced .ac to custo%er and end6user re-uire%ents.2or progra%s that ha5e a user interface1 itBs often a good idea to assu%e that the end user will ha5e little co%puter nowledge and %ay not read a user %anual or e5en the on6line helpE so%e co%%on rules6of6thu%. include; The progra% should act in a way that least surprises the user It should always .e e5ident to the user what can .e done next and how to exit The progra% shouldnBt let the users do so%ething stupid without warning the%.
>;7 1(at is S-I@ C**@ C**I@ IS+@ I---@ A9SI@ 1ill it (elp@ S$I R BSoftware $ngineering InstituteB at Carnegie67ellon "ni5ersityE initiated .y the ".S. &efense &epart%ent to help i%pro5e software de5elop%ent processes. C77 R BCapa.ility 7aturity 7odelB1 now called the C77I CBCapa.ility 7aturity 7odel IntegrationBD1 de5eloped .y the S$I. ItBs a %odel of # le5els of process B%aturityB that deter%ine effecti5eness in deli5ering -uality software. It is geared to large organi4ations such as large ".S. &efense &epart%ent contractors. ?owe5er1 %any of the :A processes in5ol5ed are appropriate to any organi4ation1 and if reasona.ly applied can .e helpful. =rgani4ations can recei5e C77I ratings .y undergoing assess%ents .y -ualified auditors. (e5el 1 6 characteri4ed .y chaos1 periodic panics1 and heroic efforts re-uired .y indi5iduals to successfully co%plete proFects. 2ew if any processes in placeE successes %ay not .e repeata.le.
Page 59 of 62
Aditi Technologies
(e5el 2 6 software proFect trac ing1 re-uire%ents %anage%ent1 realistic planning1 and configuration %anage%ent processes are in placeE successful practices can .e repeated. (e5el ! 6 standard software de5elop%ent and %aintenance processes are integrated throughout an organi4ationE a Software $ngineering )rocess Mroup is is in place to o5ersee software processes1 and training progra%s are used to ensure understanding and co%pliance. (e5el 4 6 %etrics are used to trac producti5ity1 processes1 and products. )roFect perfor%ance is predicta.le1 and -uality is consistently high. (e5el # 6 the focus is on continuous process i%pro5e%ent. The i%pact of new processes and technologies can .e predicted and effecti5ely i%ple%ented when re-uired. )erspecti5e on C77 ratings; &uring 1,,*62//11 1/1+ organi4ations were assessed. =f those1 2*X were rated at (e5el 11 !,X at 21 2!X at !1 'X at 41 and #X at #. C2or ratings during the period 1,,26,'1 '2X were at (e5el 11 2!X at 21 1!X at !1 2X at 41 and /.4X at #.D The %edian si4e of organi4ations was 1// software engineeringL%aintenance personnelE !2X of organi4ations were ".S. federal contractors or agencies. 2or those rated at (e5el 11 the %ost pro.le%atical ey process area was in Software :uality Assurance. IS= R BInternational =rgani4ation for Standardi4ationB 6 The IS= ,//1;2/// standard Cwhich replaces the pre5ious standard of 1,,4D concerns -uality syste%s that are assessed .y outside auditors1 and it applies to %any inds of production and %anufacturing organi4ations1 not Fust software. It co5ers docu%entation1 design1 de5elop%ent1 production1 testing1 installation1 ser5icing1 and other processes. The full set of standards consists of; CaD:,//162/// 6 :uality 7anage%ent Syste%s; 0e-uire%entsE C.D:,///6 2/// 6 :uality 7anage%ent Syste%s; 2unda%entals and 3oca.ularyE CcD:,//462/// 6 :uality 7anage%ent Syste%s; Muidelines for )erfor%ance I%pro5e%ents. To .e IS= ,//1 certified1 a third6party auditor assesses an organi4ation1 and certification is typically good for a.out ! years1 after which a co%plete reassess%ent is re-uired. >ote that IS= certification does not necessarily indicate -uality products 6 it indicates only that docu%ented processes are followed. Also see http;LLwww.iso.chL for the latest infor%ation. In the ".S. the standards can .e purchased 5ia the AS: we. site at http;LLe6standards.as-.orgL I$$$ R BInstitute of $lectrical and $lectronics $ngineersB 6 a%ong other things1 creates standards such as BI$$$ Standard for Software Test &ocu%entationB CI$$$LA>SI Standard +2,D1 BI$$$ Standard of Software "nit Testing CI$$$LA>SI Standard 1//+D1 BI$$$ Standard for Software :uality Assurance )lansB CI$$$LA>SI Standard *!/D1 and others. A>SI R BA%erican >ational Standards InstituteB1 the pri%ary industrial standards .ody in the ".S.E pu.lishes so%e software6related standards in conFunction with the I$$$ and AS: CA%erican Society for :ualityD. =ther software de5elop%entLIT %anage%ent process assess%ent %ethods .esides C77I and IS= ,/// include S)IC$1 Trilliu%1 Tic IT1 Bootstrap1 ITI(1 7=21 and Co.iT.
>B7 1(at is t(e .software life cycle.@ The life cycle .egins when an application is first concei5ed and ends when it is no longer in use. It includes aspects such as initial concept1 re-uire%ents
Page 60 of 62
Aditi Technologies
analysis1 functional design1 internal design1 docu%entation planning1 test planning1 coding1 docu%ent preparation1 integration1 testing1 %aintenance1 updates1 retesting1 phase6out1 and other aspects. >:7 1ill automated testing tools ma%e testing easier@ )ossi.ly 2or s%all proFects1 the ti%e needed to learn and i%ple%ent the% %ay not .e worth it. 2or larger proFects1 or on6going long6ter% proFects they can .e 5alua.le. A co%%on type of auto%ated tool is the BrecordLplay.ac B type. 2or exa%ple1 a tester could clic through all co%.inations of %enu choices1 dialog .ox choices1 .uttons1 etc. in an application M"I and ha5e the% BrecordedB and the results logged .y a tool. The BrecordingB is typically in the for% of text .ased on a scripting language that is interpreta.le .y the testing tool. If new .uttons are added1 or so%e underlying code in the application is changed1 etc. the application %ight then .e retested .y Fust Bplaying .ac B the BrecordedB actions1 and co%paring the logging results to chec effects of the changes. The pro.le% with such tools is that if there are continual changes to the syste% .eing tested1 the BrecordingsB %ay ha5e to .e changed so %uch that it .eco%es 5ery ti%e6consu%ing to continuously update the scripts. Additionally1 interpretation and analysis of results Cscreens1 data1 logs1 etc.D can .e a difficult tas . >ote that there are recordLplay.ac tools for text6.ased interfaces also1 and for all types of platfor%s. Another co%%on type of approach for auto%ation of functional testing is Bdata6dri5enB or B eyword6dri5enB auto%ated testing1 in which the test dri5ers are separated fro% the data andLor actions utili4ed in testing Can BactionB would .e so%ething li e Benter a 5alue in a text .oxBD. Test dri5ers can .e in the for% of auto%ated test tools or custo%6written testing software. The data and actions can .e %ore easily %aintained 6 such as 5ia a spreadsheet 6 since they are separate fro% the test dri5ers. The test dri5ers BreadB the dataLaction infor%ation to perfor% specified tests. This approach can ena.le %ore efficient control1 de5elop%ent1 docu%entation1 and %aintenance of auto%ated testsLtest cases. =ther auto%ated tools can include; Code analy4ers 6 %onitor code co%plexity1 adherence to standards1 etc. Co5erage analy4ers 6 these tools chec which parts of the code ha5e .een exercised .y a test1 and %ay .e oriented to code state%ent co5erage1 condition co5erage1 path co5erage1 etc. 7e%ory analy4ers 6 such as .ounds6chec ers and lea detectors. (oadLperfor%ance test tools 6 for testing clientLser5er and we. applications under 5arious load le5els. We. test tools 6 to chec that lin s are 5alid1 ?T7( code usage is correct1 client6side and ser5er6side progra%s wor 1 a we. siteBs interactions are secure. =ther tools 6 for test case %anage%ent1 docu%entation %anage%ent1 .ug reporting1 and configuration %anage%ent.
Page 61 of 62
Aditi Technologies
This document is for internal purposes only. All contents of this document have been collated from various resources the primary bein!" http"##$$$.vyom$orld.com#testin!#. The same has then been revie$ed and restructured for better readin! and understandin!.
Page 62 of 62

Basic Software Testing For Dummies

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Basic Software Testing For Dummies

Uploaded by

Copyright:

Available Formats

Aditi Technologies

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

2.2.Black Box Testing

Basic Concepts of Software Testing

ents the code

Basic Concepts of Software Testing

2.3.#.Separation of Interface fro

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

2.'.1.Security Testing Techni(ues

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

2.1).Test /ases0 Suits0 Scripts and Scenario

Basic Concepts of Software Testing

2.2,.1.2alidation and 2erification

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

3.!.Soft7are :uality -ssurance;

3.#.Soft7are %ife /ycle 6odels;

Basic Concepts of Software Testing

akes a good Soft7are :- engineer9

3.).Test %ife /ycle

These principles O techni-ues can .e applied to any type of testing.

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

#. Testing Tools and Soft7are

ance Test Tools

#.2.<a4a test Tools

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Sun.s Java Test Tools

Basic Concepts of Software Testing

#.3.%ink /hecking Tools

Basic Concepts of Software Testing

Alar% Inc.E free trial period a5aila.le.

tool fro% 3ia.le Software Alternati5esE e5aluation 5ersion a5aila.le. 2or

#.!.&erl Testing Tools

Basic Concepts of Software Testing

#.#.We* 1unctional and .egression Testing Tools

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

#.$.We* Site Security Test Tools

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

Basic Concepts of Software Testing

#.'.We* Site 6anage

Basic Concepts of Software Testing

1eb Site *onitoring

Basic Concepts of Software Testing