This is the presentation we gave in 2009 during Agile Testing Days in Berlin. Even though it is already more than 2 years old, many things we said during the talk are very valid today. Some things did not change at all.
Improving Test Team Throughput via Architecture by Dustin WilliamsQA or the Highway
A lot of modern testing teams are built from people with some automation experience, developers, and people who think code is something used to open a safe. These diverse backgrounds bring a diverse set of ideas, but don’t always find optimal division of work. With some fairly small changes in automated test design, we can leverage the best skills of all team members to not only improve throughput, but to end up with a better overall product. These design principles help isolate truly challenging code problems and help separate the concerns of test structure and test execution. If your team has ever said (with sad faces) “We’re still automating that”, then come discover how tomorrow you can exclaim “That’s Done!”
Test Driven Development - a Practitioner’s PerspectiveMalinda Kapuruge
Guest lecture at Swinburne University of Technology, Melbourne. We introduced TDD concepts to students. We also did a live interactive demo with students to understand benefits of TDD.
Finally, we discussed benefits as well as pitfalls from a practitioner's point of view.
This workshop is designed specially for Queen Mary University of London alumni, in order to teach them TDD.
You will learn: What is TDD, Why and How.
If you want to learn more: https://github.com/MyPitit/TDD
Improving Test Team Throughput via Architecture by Dustin WilliamsQA or the Highway
A lot of modern testing teams are built from people with some automation experience, developers, and people who think code is something used to open a safe. These diverse backgrounds bring a diverse set of ideas, but don’t always find optimal division of work. With some fairly small changes in automated test design, we can leverage the best skills of all team members to not only improve throughput, but to end up with a better overall product. These design principles help isolate truly challenging code problems and help separate the concerns of test structure and test execution. If your team has ever said (with sad faces) “We’re still automating that”, then come discover how tomorrow you can exclaim “That’s Done!”
Test Driven Development - a Practitioner’s PerspectiveMalinda Kapuruge
Guest lecture at Swinburne University of Technology, Melbourne. We introduced TDD concepts to students. We also did a live interactive demo with students to understand benefits of TDD.
Finally, we discussed benefits as well as pitfalls from a practitioner's point of view.
This workshop is designed specially for Queen Mary University of London alumni, in order to teach them TDD.
You will learn: What is TDD, Why and How.
If you want to learn more: https://github.com/MyPitit/TDD
TDD vs. ATDD - What, Why, Which, When & WhereDaniel Davis
This is a slide deck for a discussion about Test Driven Development (TDD) and Acceptance Test Driven Development (ATDD) and starting to explore the differences between them. Get some insight into why we use them and the advantages and disadvantages of both, as well as, get a better understanding of which should be used where and when. By the end of the session you should be well along the path to TDD vs. ATDD enlightenment.
Test driven development (TDD), a software development method, helps build high quality applications faster. Life-cycle, usefulness, limitations and similar techniques of TDD have been presented in this slide deck.
Learn how Acceptance Test Driven Development (ATDD) provides the process for capturing detailed requirements as acceptance criteria and turn them into as test cases before development begins using Behavior Driven Development (BDD). The BDD approach and Gherkin format is the language used to create easy to understand and actionable scenarios that map from the functional level to the components and units. We will discuss the different approaches to TDD including a realistic approach leveraging BDD to a purest standpoint where TDD use the tests to drive the design of the application. Finally understand how the tools in Visual Studio and Team foundation Server to support BDD such as SpecFlow (Cucumber in .NET), Refactoring tools, and Test Cases in MTM.
A quick paced introduction to "Test Driven Development" (TDD) in an agile environment. The TDD philosophy states that you should develop your tests and then write code to make your tests pass and satisfy user requirements.
TDD vs. ATDD - What, Why, Which, When & WhereDaniel Davis
This is a slide deck for a discussion about Test Driven Development (TDD) and Acceptance Test Driven Development (ATDD) and starting to explore the differences between them. Get some insight into why we use them and the advantages and disadvantages of both, as well as, get a better understanding of which should be used where and when. By the end of the session you should be well along the path to TDD vs. ATDD enlightenment.
Test driven development (TDD), a software development method, helps build high quality applications faster. Life-cycle, usefulness, limitations and similar techniques of TDD have been presented in this slide deck.
Learn how Acceptance Test Driven Development (ATDD) provides the process for capturing detailed requirements as acceptance criteria and turn them into as test cases before development begins using Behavior Driven Development (BDD). The BDD approach and Gherkin format is the language used to create easy to understand and actionable scenarios that map from the functional level to the components and units. We will discuss the different approaches to TDD including a realistic approach leveraging BDD to a purest standpoint where TDD use the tests to drive the design of the application. Finally understand how the tools in Visual Studio and Team foundation Server to support BDD such as SpecFlow (Cucumber in .NET), Refactoring tools, and Test Cases in MTM.
A quick paced introduction to "Test Driven Development" (TDD) in an agile environment. The TDD philosophy states that you should develop your tests and then write code to make your tests pass and satisfy user requirements.
Parasoft delivers a complete framework to create, manage, and extract greater value from unit tests. We help you exercise and test an incomplete system—enabling you to identify problems when they are least difficult, costly, and time-consuming to fix. This reduces the length and cost of downstream processes such as debugging. Moreover, since all tests are written at the unit level, the test suite can be run independent of the complete system. This allows you to isolate code behavior changes, reduces setup complexities, and makes it practical to execute the test suite on a daily basis.
These slides supported the session I ran at The Mobile Academy London. The session was to introduce Agile and Lean practices. The session was based on principles which should have set the scene for the attendees to use in their workplaces or understand Agile some more. We discussed Scrum as an example framework and the value of inspect and adapt processes to support startups and enterprises.
I was considering to record myself speaking over these slides to give it more context. If you would be interested, let me know and if I get more that 5 requests, I'll do it.
Learn about the benefits of writing unit tests. You will spend less time fixing bugs and you will get a better design for your software. Some of the questions answered are:
Why should I, as a developer, write tests?
How can I improve the software design by writing tests?
How can I save time, by spending time writing tests?
When should I write unit tests and when should I write system tests?
Enter the mind of an Agile Developer, BSG shares with you how we do software development and how to embed agile methodologies into your development process.
Bringing Security Testing to Development: How to Enable Developers to Act as ...Achim D. Brucker
Security testing is an important part of any security development life-cycle (SDLC) and, thus, should be a part of any software development life-cycle.
We will present SAP's Security Testing Strategy that enables developers to find security vulnerabilities early by applying a variety of different security testing methods and tools. We explain the motivation behind it, how we enable global development teams to implement the strategy, across different SDLCs and report on our experiences.
Tom DeMarco states that “You can’t control what you can’t measure”, but how much can we change and control (with) what we measure? This talk investigates the opportunities and limits of data-driven software engineering, shows which opportunities lie ahead of us when we engage in mining and analyzing software engineering process data, but also highlights important factors that influence the success and adaptability of data-based improvement approaches.
What happens when a company either doesn’t fully empower the Security team, or have one at all? Stuff like Goto fail, Equifax, unsandboxed AVs and infinite other buzz, or yet to be buzzed, words describe failures of not adequately protecting customers or services they rely on. Having a solid security team enables a company to set a bar, ensure security exists within the design, insert tooling at various stages of the process and continuously iterate on such results. Working with the folks building the products to give them solutions instead of just problems allows one to scale, earn trust and most importantly be effective and actually ship.
There’s a whole security industry out there with folks wearing every which hat you can think of. They have influence and the ability to find a bug one day and disclose it the next, so companies must adapt both engineering practices and perspectives in order to ‘navigate the waters of reality’ and not just hope one doesn’t take a look at their product. Having processes in place that reduce attack surface, automate testing and set a minimum bar can reduce bugs therefore randomization for devs therefore cost of patching and create a culture where security makes more sense as it demonstratively solves problems.
Nvidia is evolving in this space. Focused on the role of product security, I’ll go through the various components of a security team and how they each interact and complement each other, commodity and niche tooling as well as how relationships across organizations can give one an edge in this area. This talk balances the perspective of security engineers working within a large company with the independent nature of how things work in the industry.
Attendees will walk away with a breadth of knowledge, an inside view of the technical workings, tooling and intricacies of finding and fixing bugs and finding balance within a product-first world.
Quality of software code for a given product shipped effectively translates not only to its functional quality but as well to its non functional aspects say security. Many of the issues in code can be addressed much before they reach SCM.
Understanding TDD - theory, practice, techniques and tips.Malinda Kapuruge
My talk at the Swinburne University on 09/10/2019. Presented to students as part of the series, Development Projects - Tools and Practices.
Level: Beginner
Overview of the QA/Testing process followed by input from the Synerzip team.
Stay tuned for our insightful upcoming webinars that you might be interested in at https://www.synerzip.com/webinars/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
2. • Test Consultancy at VIIQ.
• Agile Test Team leader at Philips CareServant.
• 10 years of experience in the Testing Field (7 years
V-Model, 3 years Agile).
• Some experience with coding.
• Bachelor degree in Information Technics.
• Married to Jeanne, has a dog (Sasha) and 2 cats.
Martijn Gelens
3. • Currently, Philips Software Engineering Services,
MiPlaza, Software Designer.
• Ph.D. in Computer Security from University of
Twente, Enschede, The Netherlands.
• M.Sc. in Software Engineering at Warsaw University
of Technology.
• 7 years of experience as an embedded software
developer (SterKom (Poland) and freelancer).
• Modelling Languages: my master thesis + one year
internship at Institute National des
Télécomunications (INT), Evry, Cedex, France.
• Agile, test-invected since one year.
• Married to Beata and also has two cats (Mufasa and
Ursus).
Marcin Czenko, Ph.D.
4. Wim van de Goor
• Agile Software Team Leader at Philips Software
Engineering Services, Philips MiPlaza.
• 8 years experience with eXtreme Programming.
• Agile mentor and Coach.
• Advised us on Agile Principles.
5. Contents
• Agile Testing
What Do we want to do?
• Constraints
What can we do?
• Agile Embedded Testing
How do we test?
• Conclusions
6. What do we want ?
• Prerequisites
• Test Strategy
• Acceptance Criteria
• Continuous Integration
• Testing
7. Prerequisites
• Testing is integrated in the team's Way of
Working.
• Acceptance Criteria are defined, discussed and
explored beforehand.
• Test Driven Development.
• Continuous Build and Integration.
• Testing is structured (specify, verify, report).
8. Test Strategy
• Product risks and mitigation.
• Tester-role.
• Definition of Done.
• Quality gates.
• Testing is structured (specify,
verify, report).
9. Test Strategy (cont.)
• Deliverables from outside (also HW).
• Issue procedure and attendees.
• Reporting (test reports, PMI, ...).
• Emergency scenarios.
15. Test Driven Development
• Means: “Write unit tests
before code”.
• Integrate with your
Continuous Integration
environment.
• Automate the Acceptance
Tests.
19. Light
• No cross-compilation required.
• Usually mainstream OS (Windows/Linux).
• Wide range of testing/mocking
frameworks available.
• Standard hardware - no or very limited
hardware level programming required.
• No dependence on a particular vendor
(supplier).
20. Heavy
• Small memory (no OS), limited performance,
limited debugging possibilities.
• Limited cross–compilers: often only C, and
Embedded (Extended) C++ available.
• Vendor specific.
• Difficult to find a testing/mocking framework.
• Custom hardware (ramp-up).
30. Development Board
• Selecting the right board can be
challenging (expensive ?).
• Chip selection driven by the availability
of the right board.
• The board selection driven by the
availability of the BSP and OS.
36. The effect on Agile
Principles
• Longer ramp-up time.
• Resistance to modify hardware
(introduces up-front design).
• Limited response to changes.
• Higher risk.
37. How to proceed ?
• Often we cannot remove queues &
batches in HW development (are we
going to be able doing so in any
predictable future ?).
• Reducing the queue size is also often not
an option.
• Is there a lean solution ?
45. Testing Framework (C)
• Many frameworks are simple ports of
the frameworks for PC-based
development.
• Increased stack consumption.
• Dynamic memory allocation.
46. CMock
• Easy to understand. Easy to customise.
Lightweight.
• Comes with Supporting Ruby-based
Mocking Framework.
• Ready For “Heavy Embedded” - tests
executed in batches.
47. Testing Frameworks (C++)
• Run-Time Type
Information
(RTTI).
• Exceptions.
• ISO C++ compiler
needed.
• Gnu or Microsoft
are preferred.
48. Testing Frameworks (C++)
• We could not find a framework that
compiles on GreenHills and WindRiver
C++ compilers (forget IAR Extended
Embedded C++).
• It was cheaper and more effective to
come with your own simple testing
frameworks.
49. yaffut
• Our choice for unit testing in C++.
• Just one header file.
• Not meant for embedded: needs RTTI,
and C++ exceptions.
• Easy to understand and customise. We
made an RTTI and Exception-free
version.
50. Mocking
• We did not succeed in using existing
frameworks. Our best candidate
GoogleMock does not even compile and
it is quite complex.
• Does it mean that no one is doing TDD
on embedded ? Probably not.
51. Mocking - way to go
• Think of your own framework.
• We needed three “evenings” to create
our own mocking framework.
54. Conclusions
• Agile in Heavy Embedded is a challenge: we cannot change it, but
we can understand it and try to reduce its impact on agile software
development.
• The tester should be experienced in working with hardware,
perhaps even more than a developer.
• There is no one way: what you can do depends on the constraints
you have (e.g. light to heavy).
• Hardware development is far from being lean - and there is not
that much we can change.
• Development and support tools are far behind the needs of the
agile teams.
• Let your agile testing framework grow with your code.
55. Conclusions
• Agile in Heavy Embedded is a challenge: we cannot change it, but
we can understand it and try to reduce its impact on agile software
development.
• The tester should be experienced in working with hardware,
perhaps even more than a developer.
• There is no one way: what you can do depends on the constraints
you have (e.g. light to heavy).
• Hardware development is far from being lean - and there is not
that much we can change.
• Development and support tools are far behind the needs of the
agile teams.
• Let your agile testing framework grow with your code.
Be agile.