What is the development style used in test driven development?

Several aspects, approaches and styles have been designed for carrying out the test driven development process. Adequate focus is kept on the writing of the code so that only the necessary code is produced that is required for passing the tests. Such an approach makes sure that the program designs are simple, clearer and cleaner. 

Popular aspects used in TDD

Below mentioned are few of the aspects that are quite popular among the programmers and developers using the test driven development methodology:

KISS:  

- It stands for 'Keep it Simple Stupid' and states that keeping some systems simple yields better outcomes rather than keeping them complex. 
- It defines simplicity as a key goal in the process of program designing and avoids unnecessary complexity. - Some examples of failure to follow Kiss are given by the function creep, scope creep and so on. 
- This principle of software programming was coined by Kelly Johnson.


YAGNI:  
- It stands for 'You Ain’t Gonna Need It'. 
-This though being one of the primary principles of the extreme programming is followed in the test driven development also.
- According to this principle, the functionalities should not be added until they are very much required.
- In other words, it says that the functionalities should be implemented only when they are actually needed and not merely by what one foresees. 
- This aspect has got a few drawbacks.
- The time required is obtained from the other processes like adding, testing, etc. 
- It calls for the need of debugging and documentation of the new features. 
- New features might impose certain constraints which can conflict with the working of a necessary feature in the future. 
- The program may experience the code bloat i.e., it may get bigger and complex and thus complicated. 
- A strict revision control is needed. 
- Addition of more and more features may cause snow ball effect leading to the creeping featurism.


Fake it till you make it:
- This aspect boosts the real confidence of the developers, thus preventing them from getting stuck in to their self fulfilling prophecies. 
- This technique can effectively combat the depression that most of the developers and programmers experience.

Tests are written to achieve the desired design of the software system or application whether is it advance or primitive. The code may pass all the tests being simpler as compared to the target pattern. This may sound odd at the first go but it eventually helps the developer to keep a sharp focus up on the important elements.

Whichever style is followed, there are two basic steps that should be compulsorily followed

1. First write the tests: 
It is required that the tests are written first before the functionality is actually implemented. This step is    known for having two benefits:
       (a)  It ensures that the application is worth testing i.e., it provides testability to the application. The application is considered to be tested via the outset by the developer and he/ she does not need to worry about testing later.
      (b) It ensures that every feature and functionality has a unique test developed for it so that the functionalities are tested as the executable specifications.


2. First fail the test cases: 
This step is carried out in order to ensure the correctness of the test and also its error detection ability. Once this is done, it becomes easy for the implementation of the functionality. This step is the essence of the test driven development. The following steps are constantly repeated:

(a)    Adding of tests cases that fail.

(b)   Writing ode to pass them.

(c)    Refactoring

The productivity is also enhanced following the above two steps. 

What are the requirements in a test driven development?

The test driven development is often abbreviated as “TDD” and has been recognised as one of the common development strategies that are quite popular among the developers and the programmers. 

What is a Test Driven Development?

- This development methodology involves the repetition of short typical development cycles.

- These development cycles are shorter in duration when compared to the usual development cycles of the other software development strategies.

- The developer first requires writing a failing automated test case defining a desired new function or an improvement in an already existing function. 

- A code is then written to pass the test and later it is subjected to refactorization to meet the acceptable standards. 

- Test driven development is often considered to be related to the extreme programming to some extent.

- But, now it is being considered as a development process of its own rules and objectives.

- The test driven development also serves to improve and debug the legacy code that has been developed using the other methodologies. 

No development methodology can be carried out further without requirements, this holds true for the test driven development also. This article emphasize on the requirements of the test driven development. 

Requirements in a Test Driven Development

- The whole methodology of test driven development is supported by a set of unit tests that are automated. 

- These automated test cases are written in order to define the requirements of a particular piece of the code. 

- Such unit tests first identify the requirements and then immediately write down the code for the identified requirements all by themselves. 

- Certain assertions i.e., the true and false values are also contained in those automated unit tests. 

- The code is continually evolved and re-factorized and then subjected to testing via the automated unit tests which are put up on an automated testing frame work such as xUnit.

- Such frame works facilitate the automatic execution of the unit tests.

- These small unit tests drive the development of a small fragment of the solution.

- These unit tests also serve a tested and canonical documentation for the usage of the program’s object. 

- In the test driven development, writing the test is given the first preference rather than writing the code first. - But, this approach is considered to be difficult by many of the software programmers and developers and even some resist the use of the test driven development methodology since for them it turns out for them as the upside down approach for development.

- The test driven development methodology takes in to consideration the fact that the test is the rightmost important thing and it is required that we make sure that the test passes. 

But what is to be done if the unit tests itself are wrong and do not suffice for providing adequate coverage to the code? 

- If it is the latter case i.e., if the tests are not able to provide enough coverage then there is one possibility that your unit tests are missing out some of the requirements of the code. 

- This often happens in the case of manual testing but not so when we use the automation techniques.

- Automated unit tests make sure that no requirement of the code is left uncovered.

- So, the quality of the unit tests defines the quality of the whole test driven development process also. 

Starting with the requirements is known as the top down approach and is more commonly followed than the bottom up approach. The requirements are treated as the executable tests which are clarified by the managers, stake holders and developers. 

What is meant by test driven development (TDD)?

Test driven development or TDD is another process in the league of the software development processes. The topic of the test driven development is in the spot light of this article. The test driven development follows from the idea of the repetition of a very short development cycles. 

Concepts of Test Driven Development (TDD)

- First of all a failing automated test case is written or created by the developer or tester which serves the purpose of defining a new function or a desired improvement. 
- Then a code to pass the above created test is also created by the developer. 
- This newly written code is then refactored in order to make it meet the acceptable standards.
- Kent Beck is credited with the discovery of the test driven development process in the year of 2003. 
- The test driven development was looked up as an encouragement for the simple designs and also as an inspiration for boosting up confidence levels.
- The test driven development has always been related to the concepts of the extreme programming which took its root in the year of 1999. 
- But, eventually it came up as an individual process with its own ways and rights. 
- The concepts of the test driven development are also employed by the programmers and developers as a measure for debugging the legacy code and improving it further. 
- The test driven development is driven by a series of automated unit tests that are created by the developer for defining the requirements of the code and then automatically produce the code for them. 
- These unit tests are comprised of assertions i.e., either true values or false values. 
- Successful passing of a test confirms the developer of the correctness of the code and that it can be further evolved and re-factored. 
- To run these automated test cases, the developers make use of the testing frame works.

Steps involved in Test Driven Development (TDD)

Addition of a Test: 
The development begins with the creation of test cases for all the features. These test cases are often expected to fail since they have been created before the implementation of those features. If these test cases do not fail then either the test case is having some defect or the proposed new feature is already in existence. Before writing the test case, the developer is supposed to fully understand the specifications and requirements of the feature using the user stories and use cases etc. This is what that makes the test driven development different from other development methodologies.


Execution of all tests in order to check the working of the new one: 
This step involves the validation of the test harness for its correct working. At this step this is also ensured that the new test is not passing without the requirement of some new code. The test itself is also tested in negative and the possibility that the newly added test will always pass out is reduced. The new test is also expected to fail because of the reason figured out.


Production of code: 
This step involves the creation of some code implementing which the code can only pass the test and does not incorporates any new functionality.


Execution of the automated tests and observing their success.


Re-factoring of code: 
This step involves the cleaning up of the code.


Repetition: 
The whole cycle is repeated for the improvement of the functionalities.

Many development styles have been developed for the test driven development like:

1. YAGNI (you ain’t gonna need it)
2. KISS (keep it simple stupid) etc.

TestLink is a Free, open source test case management tool? - Explain?

Testlink is a free open source test case management tool! It means that it can be freely redistributed and accessed. These kind of open source tools have been invented so to support the new environment created by the issues like:

                                            1.  Licensing

                            2.  Copyright

3                          3. Domain issues

4                          4.  Consumer issues

    

      

Concepts of Open Source Models

 -The open source models employ the concept of different agendas but concurrent with different approaches in  production. 

      - The whole open source concept works on the principle of the peer production.

      - Peer production means collaborating and bartering with the end documentation, source material, blue prints and product which are available for free to the public.

    - The source code of the testlink is made publicly available and the public is given full right for modifying, copying and redistributing it at no cost. 

   - It has evolved through the community operation which is comprised of many individual software programmers from large companies. 

       

What purposes are facilitated by Test Link?

       Testlink is an open source test management tool and provides the facilitation for purposes like:

1                                          1. Test specification

                                            2. Test planning

                                            3. Test reporting

                                            4. Tracking of the requirements

                                            5. Collaborating with the well known bug trackers

     

         

 Features of TestLink

      1.  Set urgent tests

            2.  Custom.css

            3.  Gives an option for creating new test cases and requirements.

            4.   Offers the possibility to do a quick DIFF of the 2 test case versions.

            5.   Fully supports the internet explorer 9 via ExtJS 3.4.0.

            6.  Direct links to each and every requirement can be generated.

            7.  Table ruler

            8.  The requirement versions are well supported by the internal links.

            9.  After editing the requirements and specifications, the tree can be refreshed.

          10.  The states of the tree can be stored and restored in a very reliable way.

          11.  Test result matrix facilitates the filtering by status.

          12.  Requirement revisioning.

          13.  Test case and new requirement comparison method.

          14.  PHPMAILER

          15.  Collapse and expand buttons for trees

          16.  Log messages for the history of the requirements.

          17.  MSSQL support

          18.  IE8 based event viewer

          19.  Query metrics

          20.  Improved minor usability

          21.  Improved tables via EXT- JS

          22.  Improved filters

    23. At the build level, test case execution assignment has been provided.

In spite of all such great features, currently there are two features lurking out:

               1. The debug messages interfere with the working of the reports.

               2. There are troubles going on with the updating of the test case executions. 

       

       

Benefits of TestLink

 

      1. Using the testlink, one can easily integrate one’s test scripts to get the results. 

     2. It is a test management tool that is completely independent and is very effective in managing testing cycle    in a short period of time. 

     3. It helps in cutting down the management, development and maintenance cost of your project, thus making the whole project quite affordable and feasible for you.

     4. It helps in simplifying and accelerating the whole testing process and reporting by:

                 -  Collecting and organizing all of your test cases in a dynamic way.

                 -  Tracking the metrics and the results in association with the test execution.

                 -  Capturing and reporting the details.

                 -  Customizing itself to fit your processes and requirements.

5. It overall assists you in conducting an efficient and thorough testing process and makes best use of the experience it has achieved over 100s of implementations for the clients around the world. 

6. The redistribution of this tool is governed by the GNU general public license.

How does penetration testing tool emphasize on web application security?

In this internet savvy world, web applications have become an important part of web utilization. Web applications provide a means to utilize or exploit the services offered by the web in a more meaningful manner. 

The earlier years saw less use of web applications, but now it is reaching new heights day by day with a great demand for improving the existing ones along with the introduction of new ones. With such a vast number of users, the application needs to maintain its security from the malicious attackers among these users and so adequate security measures have to be taken.

For this purpose, it is required that the security mechanism of the applications to be checked thoroughly for any vulnerabilities and security leaks via the penetration testing. Penetration testing is perhaps the best testing methodology when it comes to the testing the security different software system components like network security, data base security etc. 

There should be some testing methodology that could dig out all the potential vulnerabilities. Is there an answer? Yes there certainly is! The penetration testing! Perhaps many of us are familiar with this testing methodology. In this piece of writing we have discussed how the penetration testing tools emphasize up on the web application security. 

About Penetration Testing and its emphasis on Web Application Security

- Penetration testing is yet another testing methodology that has been adopted for testing the security of the  web applications against the malicious attacks.

- It provides a way to evaluate the security level of the web application by troubling the application with false simulated attacks as malicious attacks from the outside as well as inside attackers. 

- It also deals with the aliens, foreigners or outside attackers who do not have any authorized access to the computer system or network and inside attackers who do have that access.

- An active analysis is required to be carried out for the penetration testing which carries out an assessment of all the potential vulnerabilities of the web application that are merely a consequence of its poor security level as well as configuration level. 

- Apart from this the known and unknown flaws form both the hardware as well as software components of the application contribute to these vulnerabilities rather than only operational weaknesses.

- A proper active analysis is achieved only if it is carried out from the view point of a malicious attacker and involves the active exploitation of the recognized vulnerabilities.

- The web application security depends up on the effectiveness of the testing.

- The testing in turn is largely affected by the effectiveness of the tools that are employed in the testing.

- The tools indeed affect the web application security, since if the tools are reliable and efficient in searching for the vulnerabilities, obviously there will be more stringent checking of the security mechanisms. 

- The identification and recognition of the vulnerabilities is always the first step in penetration testing.

- A required number of penetration tests are then carried out on that particular system with the coupling of information with the active assessment of the risks associated with the computer system or network using the penetration testing tools. 

- A whole lot of effective tools are designed to reduce the affect of the identified potential vulnerabilities. 

- Penetration testing tools have been recognized as important component of the web application security audits. 

How does penetration testing tool emphasize on data base security?

Data base is one of the critical elements of a web application and very much crucial for its proper functioning. All of the sensitive information regarding the functioning of the application as well as the user data is stored in the data base. 

This data is of very much use to the attacker. The attackers can steal this data and use it to their advantage. Therefore, it becomes absolutely necessary that the data base of an application must be provided with adequate security coverage.

Penetration testing is one of the ways to ensure the data base security. Most of us are familiar with what actually is the penetration testing. In this piece of writing we have discussed how the penetration testing tools emphasize up on the data base security. 

About Penetration Testing and Database Security

- Penetration testing is yet another testing methodology that has been adopted for testing the security of a computer network or system against the malicious attacks.

- It is quite a decent measure to evaluate the security level of the computer network by bombarding the network with false simulated attacks as malicious attacks from the outside as well as inside attackers.

- Penetration testing is concerned with the security of the data base both from the aliens, foreigners or outside attackers who do not hold any authorized access to the computer system or network as well as the inside attackers who do have that access, but it is limited to a certain level. 

- The whole process of the penetration testing involves performing an active analysis using the penetration testing tools.

- This active analysis brings about an assessment of all the potential vulnerabilities of the whole data base system that are merely a consequence of the malfunctioning of the poor security level as well as configuration level of the application. 

- This active analysis is deemed to successful only if it has been carried out from the view point of a malicious attacker and is concerned about the active exploitation of the recognized vulnerabilities.

- The data base security depends up on the effectiveness of the testing which is in turn is affected by the effectiveness of the tools that are employed in the testing. 

- The tools indeed affect data base security, since the more effective are the tools, the more improvement will be there in the security mechanisms.

How Penetration Testing emphasize on Database Security?

- First step in the penetration testing of the data base is always the identification and recognition of the vulnerabilities and security leaks. 

- A number of penetration tests are then carried out on that particular application data base while simultaneously coupling the information with the active assessment of the risks and threats associated with the data base using the penetration testing tools.

- A whole lot of effective tools are designed to reduce the affect of these vulnerabilities.

- Penetration testing tools have been recognized as important component of the data base security audits.

- There are several other reasons why the penetration testing tools holds good for the data base security:

1. They provide assistance in the assessment of the measure of the operational and business impacts of the attacks on the data base system.
2. Successfully test the effectiveness of the security defenders in detecting and responding to the attacks.
3. Provide the evidence in support of the investments that need to be made in the security field of the data base.

How does penetration testing tool emphasize on security subsystem?

Security is one of the important contributing factors in the success of a software system or application. The security level of the software system or application also influences the security of the users that use that system or application. The higher the security of a system is, the more secure it is for use. 

Since security plays a very important role in the computer world, there has to be some strategy or testing methodology that could judge or assess the security levels and mechanisms of the software systems and applications.

Do we have any such testing methodology? Yes of course we have! The penetration testing! 

About Penetration Testing and Security Sub Systems

- This software testing methodology has the answers to all our security related issues.

- The security mechanism of a software system or application is comprised of many sub mechanisms or sub systems which are commonly addressed as security sub systems. 

- These security subsystems are security components that make up the whole security model of the system.

- These sub systems ensure that the applications are not able to access the resources without being authorized and authenticated.

- Furthermore, they keep a track of the security policies and user accounts of the system. 

- There is a sub system called LSA which is responsible for maintaining all the information and details about the local security of the system. 

- The interactive user authentication services are provided by the security sub systems.

- The tokens containing the user information regarding security privileges are also generated by these sub systems. 

- The audit settings and policies are also managed by the security sub systems. 

- The following aspects are identified by the sub systems:

1.       Domain

2.       Who an access the system?

3.       Who has what privileges?

4.       Security auditing to be performed

5.       Memory quota

How Penetration Testing tool emphasize on Security Sub Systems?

So for having better security at the surface, it is important that the security at the sub systems level should not be over looked. All these matters make the security sub systems very essential. 

Therefore, it is required that to improve the overall quality of the security mechanisms, these sub systems should be tested. 

- The penetration testing tools emphasize upon the security sub systems in the same way as they emphasize the network security.

- Penetration testing was first adopted for the testing of the security of a computer network or system against the malicious attacks.

- For providing a way to evaluate the security level of the computer network by bombarding the network with false simulated attacks as malicious attacks from the outside as well as inside attackers. 

- The whole process of the penetration testing is driven by an active analysis which involves an assessment of all the potential vulnerabilities of the security sub systems that are merely a consequence of its poor security level as well as configuration level. 

- Apart from this, the flaws form both the hardware as well as software components contribute to these vulnerabilities rather than only operational weaknesses. 

- The security at the sub system level depends up on the effectiveness of the testing. 

- And the testing in turn is affected by the effectiveness of the tools that have been employed in the testing. 

- The tools indeed affect the sub systems’ security, since if the tools are reliable and efficient in finding vulnerabilities, obviously there will be more improvement in the security mechanisms. 

- A whole lot of effective tools are designed to reduce the affect of these vulnerabilities.