Archive for the ‘software quality’ Category
Monday, July 4th, 2011 by Rex Black
As long-time listeners–or even brand new listeners, for that matter–of the RBCS webinars know, we use Citrix’s GoToWebinar service for our free monthly webinars. Now, I’ve been fairly satisfied with GoToWebinar. I’ve used one or two of the competing services, and been less happy with those. Of course, webinar listeners (and readers of this blog) might remember I chided Citrix back in May for the ungraceful way the system handles audio drop-outs by the presenter.
So, during the June webinar, webinar attendee Keith Stobie reported an inability to see the presentation using Internet Explorer 9. He said that Chrome (not sure which version) worked just fine. I reported the problem to Citrix on Wednesday of last week. Five days later, I receive the following reply, quoted in its entirety (minus the links provided at the end):
Thank you for contacting Citrix Online Global Customer Support,
Dear Rex Black,
IE 9 has not been tested with any of our products as of yet. we will try to help fix any issues the best we can, but cannot guarantee anything. Hopefully we should get this done as soon as possible.
If you have any additional questions or need further clarification regarding this matter, please feel free to reply directly to this email. For any other product inquiries or technical assistance, please visit us at our Support Centers listed at the bottom of this email. Our Support Centers include Self Help files and our Global Customer Support Contact Information.
Thank you,
Richard Carrel | Global Customer Support
So, I appreciate the reply, though I have to say that five days isn’t quick turnaround for a customer complaint about a browser-based service that’s incompatible with a major vendor’s browser.
More surprising to me is the admission that Citrix hadn’t tested IE9. I don’t keep up with the browser wars, so I’m not sure what share of the browsing action IE9 has, but I’m pretty sure that Microsoft’s IE family of browsers remains at least one of the 800 pound gorillas in the room.
Putting myself in the position of the Director of Quality or VP of Testing or whatever the head-testing-honcho’s title is at Citrix, I understand that there are constraints on compatibility testing. I wouldn’t bother to test four-year-old versions of Opera, for example. But come on, not testing IE9? If I were in charge of testing for any SaaS provider, compatibility would be one of my top quality risks, and testing browser/OS/malware configuration combinations would receive a fair amount of time, money, and attention. Of course, functionality, reliability, performance, and security would also be high on the list of risk categories, too.
Here’s some free consulting advice to my fellow test professionals who work at Citrix: Spend a little time getting ramped up on how to do quality risk analysis and risk based testing. You can find lots of free resources on our web site, especially in the articles and the Digital Library. You’ll notice that compatibility is one of the quality risk categories included in our free quality risk checklist. If you need more help, let me know, as we can provide a one-week risk based testing bootstrapping service that will get you headed in the right direction.
Morale of the story: If you are in charge of testing at any SaaS vendor, and you’re not testing for compatibility, it’s only a matter of time before someone writes a blog post like this one about your product and the degree to which you aren’t testing it.
Tags: software compatibility, software testing
Posted in best practices, risk based testing, software quality, software testing, test coverage | No Comments »
Monday, May 30th, 2011 by Rex Black
I almost titled this blog post, “Why Maintenance Testing Is Good (and Why Pair Networks Should Do More of It),” but decided it was the confluence of events that was the real story here.
Last week was a week for RBCs to get hit with a bunch of costs of external failure, foisted on us by various vendors and service providers. First, we had the problem with the dying audio driver during the Q&A session of our metrics webinar (see here for details). Next, and literally just as I was finishing the blog post describing that reliability bug, the consequences of an apparently-not-well-tested upgrade by Pair Networks (hosts of our website) hit our entire site like a grenade.
At first, rbcs-us.com was completely taken out by the upgrade. With some heroic efforts by our web team, we got most of the site back up and running within a couple hours. However, the store was damaged more severely, due to database hooks apparently. The store is still down, and won’t be back up for a few days. The irony of this situation is that, while we intend to send store discount codes to people inconvenienced by the webinar audio crash, there’s no point doing that until the store is back up. Compounding costs of external failure.
If you’re thinking, “Well, ho-hum, these things happen,” consider this mind-experiment. Imagine Ford Motor Company released an upgrade to engine control software and sent it to all of their dealers to install in cars during their next scheduled maintenance. Imagine that this software caused thousands of cars to stop working completely, and to only be partly repairable with minor efforts, with complete restoration of function requiring a major service. Who do you think would be paying for the service? The customer? Or Ford?
The answer, of course, is Ford. Software and software services, however, remains among the few businesses that are allowed to transfer their costs of external failure, which is a cost-of-quality way of saying “deliver crap products and services to their customers without having to face the consequences.” This isn’t the first time I’ve made this point on this blog (see here), and I’m guessing it won’t be the last.
Anyway, a big Bronx cheer out to Pair Networks for their failure to properly test this update before putting it out there, and an even bigger Bronx cheer out to Pair Networks for their utter failure to even bother to contact us (or presumably anyone else) to express regret for the cost and inconvenience inflicted by their negligence.
P.S. For those of you unfamiliar with the phrase, dictionary.com defines “Bronx cheer” as “a loud, abrasive, spluttering noise made with the lips and tongue to express contempt.”
Posted in software quality, software test management, software testing | No Comments »
Friday, May 27th, 2011 by Rex Black
As the 300 or so people who attended yesterday’s metric webinar know, we had an audio problem about ten minutes into the question and answer session. This failure resulted in me talking to a dead microphone for a minute or two before I realized the problem and fixed it.
The symptom of the bug was two-fold. The red light on the front of the Blue Yeti microphone I was using turned off (i.e., went from illuminated red to uniluminated), indicating a complete loss of power to the microphone. In addtion, naturally enough, the audio display on the GoToWebinar console (which is tucked away toward the bottom of the console, unfortunately) showed no audio and no one talking.
To resolve the problem, I unplugged the USB cable from the PC, then plugged it back in. After resetting the audio configuration on the GoToWebinar console to use the Yeti mike (as GoToWebinar had defaulted back to the Windows default audio), we were back in business. I suspect if I had noticed immediately I could have restored audio within 1 to 2 minutes.
The main culprit is, I suspect, a reliability problem either in Windows XP’s USB drivers or in the audio drivers themselves. I favor the USB drivers as the cause, because the Yeti appeared to have been completely powered down. The failure was abrupt, and cleared itself immediately once I disconnected and re-connected the cable. If the audio drivers had failed, I would expect that clearing the problem would have taken more work. Perhaps someone with a greater understanding of Microsoft’s XP USB drivers could comment on my hypothesis.
I also would suggest to the Citrix people that their user interface is not entirely blameless in this glitch. Surely, if a webinar is active, someone should be speaking. GoToWebinar is very good about warning the presenter when they have disabled screen sharing; e.g., by changing the focus to an application other than the application being shared. Why not have a red warning that comes up saying, “The webinar is in progress, but no audio is currently detected”? Obviously, some pauses, say for a few seconds, are not a problem, but in this case the audio was down for a total of four minutes. Also, depending on the way in which the failure of the microphone manifested itself to the GoToWebinar software–e.g., did the selected and active audio device abruptly disappear from the list of available audio devices?–perhaps GoToWebinar could have put up a warning that the active audio device has become unavaiable. I’m not sure what, but I know I could have used a much more urgent heads-up than the fairly passive indicator that GoToWebinar gave me.
In general, I have been very pleased with GoToWebinar and GoToMeeting–and yes, I have used the major competitors–but this failure to warn the presenter when the audio stops is a signficant usability/ error handling bug, in my opinion. I’d be much less inclined to recommend GoToWebinar as a webinar hosting tool now, after having this experience. If anyone from Citrix is reading, I’d be happy to discuss this with you. Same for you guys from Microsoft, regarding my assertion about the reason for the mike failure.
For those of you who were victims of this glitch and spent four minutes listening to dead air, you’ll be receiving a discount code applicable to any product or service in our store. Other than that little incident, I enjoyed the webinar and everyone’s great participation. The recorded webinar (of the evening presentation, that went without a hitch) will be posted in the next few days.
Tags: software reliability, software usability
Posted in software quality, software testing | No Comments »
Thursday, May 5th, 2011 by Rex Black
I’m running an ISTQB Advanced Test Analyst course this week in DC. This course includes a hands-on set of exercises based on a realistic requirements specification. This allows people to transfer the techniques immediately to real-world projects when they return from training, because they have already done so in the class.
In this particular class, we use a requirements specification based on a real project. This requirements specification was originally written by a senior programmer–not a business analyst or requirements engineer–on the project. I anonymized the requirements and reorganized them, for use in the training course, but other than that did not change their quality or coverage.
We did a review exercise today. People did 30 minutes of preparation, followed by a 30 minute walkthrough. We found over 20 defects, some of which had multiple manifestations in the requirements specification. We concluded that, in a real world situation, the document would need revision to repair these defects, which would cause significant changes, and thus would necessitate a re-review. Basically, this means that these requirements were not an adequate basis for further development or for creation of test cases.
Interestingly enough, one of the attendees, an experienced, professional tester, remarked, “These are the best requirements I’ve ever seen.” Only one participant said she typically sees better requirement specifications.
So, is this the best we can do, in this industry? We must make do with requirements written by people with no real qualifications to do so? We must proceed with development and testing using fundamentally flawed requirements as a basis?
I’d be interested in your thoughts. How do requirements affect you and your testing? Do you receive adequate requirements? If so, why do you think you do? If not, what do you think you don’t?
Posted in software quality, software testing | 5 Comments »
Tuesday, April 12th, 2011 by Rex Black
The US space shuttle program is coming to an end this year. In the next three months, the last two shuttle missions will occur. The retiring shuttles will be sent to museums, as discussed here: http://bit.ly/fwAVIk
NASA’s shuttle program has been a triumph of human engineering, but it has not been without tragedy. Two shuttles–and, more importantly, two crews of astronauts–were lost due to catastrophic failures. The Challenger was destroyed by an O-ring failure on launch, while the Columbia disintegrated on re-entry due to ice damage to its shields which occured on launch but did not cause shuttle failure until re-entry.
As a US citizen and as a human being, I am proud of the accomplishments of the shuttle program, but also I was greatly saddened by these two shuttle failures. As a software engineer, I feel a sense of poignant pride that the complex software systems that controlled the many shuttle missions never resulted in a loss of life, a loss of mission, or a loss of a shuttle. As I’ve said before (http://www.rbcs-us.com/software-testing-resources/148), we know how to build quality software; we just don’t always do it.
Posted in software quality, software testing | No Comments »
Monday, February 14th, 2011 by Rex Black
One of the topics I find very interesting and useful for our clients is the proper use of metrics. We do a lot of metrics-related engagements, and in fact just this morning I’ll be talking with a client about some US$ 100 million in defect-related waste that we’ve found in their software development process. I’ve written a lot on the topic, including in my books and in various articles.
Regular blog reader Gianni Pucciani asks an interesting metrics question in an e-mail:
The question is: how can you give a bonus to your test team, to motivate it, based on 90% of bugs found before the release to production date? How can you know that you found 90% of the bugs at the time you release the software?
Gianni is referring to a metric called defect detection effectiveness or defect detection percentage. This is a metric I’ve discussed quite a bit in my books, especially Managing the Testing Process.
Defect detection effectiveness is a very useful metric for measuring the effectiveness of a test process at defect detection. Most testing processes have defect detection as a primary objective, and we certainly should have effectiveness and efficiency metrics for objectives.
That said, it is a retrospective metric that can only be calculated some time after a release, if you intend to calculate it on a release-by-release basis. (Some of our clients calculate it on an annual basis, aggregating all their projects together, which also works.) It’s typical to wait 90 days after a release to calculate defect detection effectiveness, though you really should verify what time period is required to have say 80% or more of the field-reported defects.
I could go on for days about this metric, but, since it’s a blog and since Gianni asked a specific question, I’ll address the other point he brought up, which is the use of this metric for bonuses. Defect detection effectiveness is a process metric, which is not the same as a metric of individual or collective performance. Many things are required to enable good defect detection effectiveness, including good testers, and many things can reduce defect detection effectiveness, some of which are beyond the control of testers. I’d encourage a web search on the string “Deming red bead black bead experiment” for a discussion on the risks of rewarding or punishing based on metrics that might not be entirely in the individuals’ control.
In addition, while defect detection is typically a primary objective of testing, it’s not the only objective, and defect detection effectiveness is only an effectivness metric. It doesn’t measure the efficiency or the elegance with which the test team detects defects. A test process should have a fully articulated set of objectives, with effectiveness, efficiency, and (ideally) elegance metrics for each objective, rather than a single unidimensional metric by which it is measured.
For further information on defect detection effectiveness, I’d refer people to my book Managing the Testing Process, 3e. My colleague Capers Jones also contributed an article to our web site on a couple related defect metrics that readers might find interesting.
Posted in software quality, software test management, software test metrics, software testing | 2 Comments »
Monday, February 7th, 2011 by Rex Black
Reader Gianni Pucciani has another good question about the Advanced Software Testing: Volume 2 book. Specifically, he’s concerned with question 2 from Chapter 8:
Which of the following is a best practice for retrospective meetings that will lead to process improvement?
A. Ensuring management commitment to implement improvements
B. Allowing retrospective participants’ to rely exclusively on subjective assessment
C. Requiring that every project include a retrospective meeting in its closure activities
D. Prohibiting any management staff from attending the retrospective meeting
Gianni writes, “I had marked A, but also C. Where is the mistake? I have a feeling on it, but I would like you to confirm. Is C not correct because it is an organizational best practice, and not a best practice for retrospective meetings. A logic trick basically  , is that correct?”
Actually, Gianni, the reason C is not correct is because merely having retrospectives does not guarantee process improvements. In fact, I’ve encountered a few situations were organizations were good about having retrospectives, but not so good about management commitment, and thus no improvements occurred.
Tags: retrospectives, software testing
Posted in best practices, software quality, software testing | 3 Comments »
Friday, February 4th, 2011 by Rex Black
The Financial Times today featured an article on how a software bug–abysmally handled–in a financial application cost the company US$ 242,000,000:
http://www.ft.com/cms/s/0/5e1ba340-2feb-11e0-a7c6-00144feabdc0.html#axzz1D2IDiwLs
Because I don’t know how long that link will live, here’s the summary.
Axa Rosenberg Group had some quantitative analysis software that it used to service its clients accounts. Axa Rosenberg Group manages money for other people, and the software is an internal application, albeit one they touted as a key differentiator, apparently–and indeed it did turn out to be, though not in a happy way.
The software had a bug that disabled a key risk-management component of the software, which was released to production in 2007. Apparently management found out about the bug in November 2009. However, rather than fix the problem, they tried to cover up the reasons for the poor performance of their funds.
Over one third of their customers were affected by the bug.
A wee bit of analysis from yours truly: I have clients in the financial world, and I know how hard it can be to test these kinds of applications. When a calculation is wrong, it can be wrong in a way that is beyond the ability of a human tester to detect. However, Axa Rosenberg Group’s handling of the bug after they found out about it is truly a textbook illustration of how not to handle a software quality problem.
Tags: cost of bugs, cost of poor quality, cost of quality
Posted in risk based testing, software quality, software test management, software test metrics, software testing | No Comments »
Saturday, December 11th, 2010 by Rex Black
I’ve made some comments, both on this blog and in various speechs/webinars/courses, about Agile development processes and how they affect testing. However, I haven’t addressed the entire set of Agile principles at once. I haven’t seen others who I would call “Agile agnostics” do so either. (By ”Agile agnostics” I mean those who do not cast themselves as proponents for or opponents of Agile.) So, in this post, I make some test-centric observations about the Agile principles from the Agile manifesto. These observations are based on my experiences working on Agile projects and working with Agile teams.
- “Our highest priority is to satisfy the customer through early and continuous delivery of valuable software.” Like any iterative lifecycle, Agile breaks the development work to be done into iterations. Each iteration should create a collection of features that are potentially valuable to customers. I say “potentially” because not all iterations do result in the delivery of features to customers, but, when practiced properly, each iteration’s features could be delivered to customers; i.e., each iteration is sufficiently complete and of sufficient quality. This focus on regularly assuring quality (in the most holistic meaning of the term “quality assurance”) is helpful to the test team.
- “Welcome changing requirements, even late in development. Agile processes harness change for the customer’s competitive advantage.” As a practical matter, this principle is one of the most challenging for testing, because there is a point in each iteration at which changes become highly disruptive in terms of complete testing of the change and the associated possible regressions. Balancing quality and agility in the face of desired changes is important.
- “Deliver working software frequently, from a couple of weeks to a couple of months, with a preference to the shorter timescale.” Most Agile teams and projects seem to have settled on iterations of between two to four weeks. At the end of each iteration, as mentioned above, the software should work and be potentially deliverable to customers. This principle is challenging to testers, because of the short timeframes for test preparation and execution, but it also provides the benefit of limiting the number of features delivered for testing at any one time. Short iterations also help to contain the number of bugs that could accumulate in the code prior to test execution, a distinct advantage to the test team.
- “Business people and developers must work together daily throughout the project.” This principle, while laudable in theory, is difficult. Often, surrogates represent the users or customers, and business people are too busy to participate daily. In addition, the absence of the word “testers” from the list above can create challenges. However, accessibility of the business stakeholders to the project team is certainly helpful to the testers, and good Agile practices can make it easier for test teams to resolve questions about expected behavior.
- “Build projects around motivated individuals. Give them the environment and support they need, and trust them to get the job done.” This principle simply re-states what is called “theory Y management.” Simply put, the theory is that people are essential self-motivated and want to get work done. Tom DeMarco and Tim Lister, in their books on management, are probably the leading current proponents of theory Y management in the software engineering discipline. From a testing point of view, to the extent that individuals are motiviated not simply to produce large volumes of features, but to produce quality features, this principle supports the testing process when realized.
- “The most efficient and effective method of conveying information to and within a development team is face-to-face conversation.” Certainly, no one can argue with the idea that excessive documentation can reduce the efficiency of a project. However, this principle can pose some challenges for the test team if the face-to-face conversations happen when testers are not in a room, thus leaving them disconnected from decisions about how the system should work, what features it should contain, etc. The use of brief daily meetings to re-synchronize the team can help manage this challenge, but it’s essential that these meetings expand to become so long that they become simply a different form of inefficiency. It’s also important that Agile teams remember that “less documentation” does not mean “no documentation;” essential documentation, including for testing, must still be prepared.
- “Working software is the primary measure of progress.” While this principle is also laudable from a testing point of view—most testers would accept that working software speaks for itself—this principle is sometimes stretched to the point that smart metrics, including metrics of quality and testing progress, are abandoned. Good practices in terms of testing and quality metrics, measurement and management apply in Agile projects as with any other project, though the specific forms of the metrics tend to differ from the metrics used on sequential lifecycles.
- “Agile processes promote sustainable development. The sponsors, developers, and users should be able to maintain a constant pace indefinitely.” Working a normal workweek, without overtime, weekends, excessive pressure or stress, is certainly a desirable goal. In some cases, I’ve seen Agile teams avoid the “death march” behaviors that arise at the end of some projects when large feature backlogs and enormous numbers of bugs overwhelm the teams. However, I’ve seen plenty of situations where overtime is a regular feature at the end of every iteration, and where this burden falls disproportionate on testers. This principle remains under-fulfilled in practice, to the detriment of testers.
- “Continuous attention to technical excellence and good design enhances agility.” Music to the testers’ ears, indeed. Of course, some programmers find it hard to make the transition from big chunks of development work, done on rushed schedules (with the concomitant quality compromises) to the smaller chunks of work, done carefully, that are proposed by this principle. I hope to see better realization of this principle on actual projects as software engineering professionals internalize the practice of Agile development.
- “Simplicity—the art of maximizing the amount of work not done—is essential.” As testers, this principle is also a joy to hear, and to see. Simplicity implies a small set of high-quality, working features, the opposite of the untestable, complex, sprawling applications that are so hard to cover in any reasonable sense. Again, though, this is a major mental shift for many software engineering professionals, and this principle is under-realized in practice.
- “The best architectures, requirements, and designs emerge from self-organizing teams.” As with the theory Y management topic discussed earlier, this is an assertion about the nature of human psychology and capabilities that is beyond the scope of this book. However, I have observed that Agile processes don’t always scale smoothly to large, complex, and especially distributed projects and teams. I have also seen and heard of instances where the reality of “emergent design” and “emergent architecture” was considerably less satisfactory than this principle might lead us to expect; the cliché about “painting oneself into a corner” can apply. With complex applications, testers should watch carefully for problems with performance, maintainability, and reliability, because these can reflect fundamental design and architecture problems that are difficult to fix after too many iterations have gone by.
- “At regular intervals, the team reflects on how to become more effective, then tunes and adjusts its behavior accordingly.” Of course, project retrospectives are hardly an Agile innovation, but all testers would agree that such periodic reflection is a great idea. Testers should encourage the actualization of this principle, and ensure that becoming more effective at producing quality is part of the agenda.
These observations are reflections on a work-in-progress. Software engineering teams are still learning how to apply Agile approaches. Agile approaches have not (yet?) been successfully applied to all types of projects or products. Some tester challenges remain to be surmounted with respect to Agile development. However, Agile methodologies are starting to show promising results in terms of both development efficiency and quality of the delivered code.
So, what do you think about Agile methodologies and testing? I’d be happy to discuss this topic with interested readers of this blog.
Tags: agile development, agile testing, software testing
Posted in best practices, software quality, software testing, test automation | 4 Comments »
Tuesday, November 30th, 2010 by Rex Black
Fresh off my diatribe just a couple weeks ago about how McAfee had a bug that serendipitously made a credit card charge in their favor, here’s another “bug from the trenches.” Now, Cisco enjoys a good reputation for the quality of their products, but the packaging doesn’t exactly inspire confidence. Can you spot the error?
 Does Packaging Quality Matter? Yes The point of this post is not to yank Cisco’s chain–though I am surprised to see such a large, serious organization making such an obvious and silly mistake–but to reinforce an important point. Product quality includes the whole product, and that includes the package. I’ve done some consulting for systems and consumer electronics makers, and most of them include testing of the “out of box experience”.
Cisco, did your OBE testers miss this one? I’d be happy to post a comment from Cisco explaining how this kind of obvious bug snuck past.
Tags: packaging, software quality
Posted in risk based testing, software quality, software testing, test coverage | 4 Comments »
|
Rex Black is President of RBCS (
