Ask the Experts

Ask the Experts

• The role of software testers in requirements gathering

  Testers play an important role in determining requirements, according to expert Pete Walen. He explains how throughout the project lifecycle, testers must ask questions that can help generate the discussion needed to avoid problems down the line.  Continue Reading

• Integration testing: What are the challenges?

  Expert Pete Walen describes common problems with integration testing and offers insights into implementing it correctly, so that both internal and external users can benefit.  Continue Reading

• Exploring integration testing in the Agile development lifecycle

  Agile expert Lisa Crispin explores the various meanings and offers tips to testers on how to work integration testing into the Agile development lifecycle.  Continue Reading

• Generating code from software requirements: Is it possible?

  Software requirements, descriptions of features that will solve a problem, are not necessarily transferable into coding languages. Requirements management expert Scott Sehlhorst explains the nature of requirements and availability of tools that ...  Continue Reading

• Automation in your SDLC: Identifying vital ALM tools

  Process-centric tools and dashboards are among the ALM trends identified by expert Kevin Parker. Here he discusses how these trends are now indispensable to automation in the SDLC.  Continue Reading

• How traceability benefits the software development lifecycle

  Read expert Scott Sehlhorst’s explanation to learn how traceability of requirements improves visibility into building the right product as well as building the product right.  Continue Reading

• The end of an iteration: When is testing in Agile complete?

  Agile development expert Lisa Crispin explains how software testers can meet objectives with each iteration and seek support from team members such as programmers and DBAs.  Continue Reading

• The purpose of the Agile retrospective in Agile development

  In this expert response, Lisa Crispin explains various ways to conduct retrospectives, discussing what teams stand to gain from them and how they contribute to the ongoing improvements inherent in Agile development processes.  Continue Reading

• Participating in conferences and workshops: What will I learn?

  When attending classes, conference and workshops, attendees may have unrealistic expectations of what they will gain, or how they will learn useful information. Expert Peter Walen offers some tips on how to actively participate in the learning ...  Continue Reading

• Software testing during the build and release phase

  While perhaps no testing is absolutely required during the build and release phase of a project, according to expert Pete Walen, there are specific results that need to be reviewed. In this response he explains what to look for when supporting ...  Continue Reading

• Testing in Agile development: Separating developing and testing

  Each testing team has different needs, and each tester needs control over his or her own testing environment, according to expert Lisa Crispin. Read this response for insights into how to manage testing activities in Agile development.  Continue Reading

• Exploratory testing and regression testing in continuous integration

  Expert Lisa Crispin explains how and when to implement exploratory testing, automated regression testing and manual regression tests in an Agile development environment.  Continue Reading

• Security tools and application lifecycle management

  Security and security tools have become more necessary to the application lifecycle, according to recent research. In this response, expert John Overbaugh discusses why security tools are essential to ALM and explains how he sees security activities...  Continue Reading

• Data protection for non-sensitive and sensitive information

  Expert John Overbaugh defines security as confidentiality, integrity and availability of information across systems and applications. Read this response for an explanation of security concerns for all applications.  Continue Reading

• Change management and impact analysis: Reviewing requirements changes

  Expert Sue Burk explains the importance of gaining proper approval for requirements changes and offers suggestions for the most efficient ways to communicate between analysts, architects, developers and project managers.  Continue Reading

• APM tools: Applying automated testing earlier in the development lifecycle

  ALM expert Kevin Parker advocates for the use of application performance monitoring tools earlier in the development lifecycle, in concert with earlier automated testing. Read this response for his take on the uses of APM tools.  Continue Reading

• Types of performance testing for Web applications

  In this response, expert Pete Walen describes performance testing approaches that can steer your team in the right direction to enhance performance and avoid failures.  Continue Reading

• When tracking changes to test cases is necessary

  Is it necessary to track changes made to test cases? Expert Pete Walen explores this issue and offers some helpful advice.  Continue Reading

• Agile teams and software defect tracking: Is a DTS necessary?

  In this expert response, Lisa Crispin discusses the pros and cons of DTS and offers advice to teams on how to best manage their bug-free development approach.  Continue Reading

• Contract negotiation: Agile development and defining requirements up front

  In this response, expert Lisa Crispin explains how experienced Agile teams can negotiate contracts that satisfy customers while also ensuring all necessary development and testing activities are completed.  Continue Reading

• Eliciting and analyzing embedded systems requirements

  Read this expert response for Sue Burk's suggestions for what techniques developers can use in embedded systems requirements gathering and analysis.  Continue Reading

• How to overcome challenges with eliciting requirements for embedded systems

  In this response, expert Sue Burk describes the importance of the relationship between hardware and software in embedded systems, and how they must be able to communicate and collaborate with each other.  Continue Reading

• How to define security requirements and manage risk in software development

  Defining business security requirements is a collaborative effort, involving the participation of architects, business analysts and regulatory bodies. There is no black-and-white answer about achieving the best possible security for your software ...  Continue Reading

• How to overcome the top two challenges associated with getting requirements right

  Expert Sue Burk identifies the top challenges in accurately defining requirements as the challenge of involving the appropriate decision makers and subject matter experts in requirements development, and the struggle to meet the needs of both ...  Continue Reading

• Understanding the dependencies between requirements in a Scrum environment

  Prioritizing user stories for each iteration in a Scrum environment can be challenging if the project owner does not understand the dependencies between requirements. In this expert response, Lisa Crispin shares best practices for prioritizing user ...  Continue Reading

• Mapping software requirements to test cases

  Even though you must have at least one test case per requirement, it's possible not to have a one-to-one mapping between each requirement and test case. In this response, expert Sue Burk explains how it is important to trace the relationship between...  Continue Reading

• How user stories help to define software requirements

  User stories play an important role when defining requirements and they also contribute to living documentation during the software development process. In this expert response, Lisa Crispin offers key practices for ensuring that requirements align ...  Continue Reading

• Tracking changes to requirements in Agile development

  All development teams need to track requirements changes, but depending on the software development lifecycle and overall ALM process, the best approach to change tracking may not be the same across the board. In this response, expert Mike Jones ...  Continue Reading

• Security requirements for any Web application

  When verifying security on your Web application, there are some general considerations that everyone should check off the list. Expert John Overbaugh offers insight into application security standards and steps your team can take while developing ...  Continue Reading

• How to gain acceptance of organizational change

  Any organizational change can meet with internal resistance. In this response, SSQ Site Editor Yvette Francino offers advice on how to win buy-in from those affected through honest communication and continuous improvement.  Continue Reading

• Verifying user authentication and data encryption in your Web service

  Application security is a tricky aspect of development, and it’s usually best to rely on the professionals to authenticate users and encrypt data. However, there are steps development teams can take to validate that these processes are being ...  Continue Reading

• How to implement traceability into requirements management

  Traceability offers a number of benefits to the requirements management process and supports business goals, change propagation and change impact analysis. In this expert response, Sue Burk explains the many uses of traceability and provides tips on...  Continue Reading

• Test automation for your team: How to begin

  Initiating test automation on your project team may seem challenging, or even overwhelming. Fortunately, expert Karen Johnson has been through this process and has some insights into how to best begin. She offers some questions you can ask of your ...  Continue Reading

• How to begin the software requirements gathering process: Elicitation and analysis techniques

  The software requirements gathering process for a new agile development project can seem daunting at first. In this expert response, Sue Burk offers advice on how to begin using elicitation techniques and choosing analysis models that fit your ...  Continue Reading

• Performance testing of ERP applications: How to ensure Scrum teams have needed expertise

  Performance testing is a vital aspect of software development and ideally should occur throughout the development process. In this expert response, Lisa Crispin discusses how to best match performance testing expertise on the Scrum team with the ...  Continue Reading

• Application development for mobile phones: Testing across different devices

  New mobile phone models enter the market all the time, and it seems daunting to perform application testing on the various devices available. Expert Karen Johnson carefully examines the factors developers must consider and offers strategies on how ...  Continue Reading

• How to best manage user stories in your agile development projects

  User stories serve several important purposes for agile development teams. In this expert response, Sue Burk explains the full range of uses for user stories, discusses how to best document requirements details, and offers different approaches to ...  Continue Reading

• Functional requirements and nonfunctional requirements in software engineering explained

  Clearly defining both functional and nonfunctional requirements in software engineering projects is important from both a business perspective and a performance perspective. In this expert response, Sue Burk offers definitions and examples for both ...  Continue Reading

• Understanding functional and non-functional requirements in the software development lifecycle

  The premise that functional and non-functional requirements exist separately is a misconception. In this expert response, Robin Goldsmith explains the how these two types of specifications are inter-related and correlate with particular ...  Continue Reading

• Tools that generate test cases from software requirements

  In this expert response, requirements expert Robin Goldsmith gives examples of a variety of tools, including tools based on use cases, state analysis tools, and all pairs tools, which generate test cases from software requirements. He also explains ...  Continue Reading

• How to regression test Web-based applications

  Software test consultant John Overbaugh gives some helpful advice about regression testing Web-based applications. Overbaugh describes regression testing browser platforms and how to test for backwards compatibility.  Continue Reading

• Software database testing stored procedures

  Database testing can refer to any backend or data-related testing such as data migrations and data integrity. In this expert response, Karen Johnson talks about two practices that she's used for testing stored procedures (SP): code reviews and ...  Continue Reading

• Software retest, regression, smoke and sanity testing: What's the difference?

  Understanding the nuances between different types of test efforts can be a challenge. In this expert response, Karen Johnson explains what is meant by retesting, regression testing, smoke testing and sanity testing. Find out the purpose of these ...  Continue Reading

• What exactly is an ALM tool?

  Application lifecycle management expert Mike Jones explains the characteristics of tools for ALM. Jones talks about the concept of an ALM framework which is concerned with both the processes and the tools needed in the lifecycle, and clarifies some...  Continue Reading

• Types of software requirements: Business, functional, stakeholder, and 'real'

  Expert Robin Goldsmith explains the different ways that requirements are categorized, explaining the difference between 'whats' and 'hows.' Goldmith recommends what he refers to as 'real' business requirements driven down to detail and are always ...  Continue Reading

• Special considerations for testing applications using Right to Left languages (RTL)

  When testing user interface (UI) components of an application that uses a right to left language (RTL), there are special considerations. Software test expert Karen Johnson explains what to look for in dropdown fields, scrollbars, data entry fields,...  Continue Reading

• Using a traceability matrix to map requirements to test cases

  Expert Robin Goldsmith explains the use of a traceability matrix and the importance of level of detail in cross-referencing requirements to test cases. Goldsmith recommends higher level of detail in both requirements and tests in order to attain the...  Continue Reading

• What is the difference between code coverage and test coverage?

  Code coverage and test coverage metrics are both measurements that can be useful to assess the quality of your application code. Code coverage is a term to describe which application code is exercised when the application is running. Test coverage ...  Continue Reading

• Can security testing only happen in the production environment?

  Security test expert Kevin Beaver talks about the advantages and disadvantages of security testing in production environments. If production environments are off-limits, he makes recommendations for testing in staging or disaster recovery ...  Continue Reading

• How important are SQL skills for a tester?

  Karen Johnson explains the situations in which SQL skills are important for a software tester as well as times when the expertise is not required.  Continue Reading

• How do Agile teams handle changes to requirements?

  While changing requirements may pose a considerable threat with some development methodologies, agile development makes changes more manageable.  Continue Reading

• How to handle requirements creep

  Requirements expert Robin Goldsmith advises against freezing requirements to avoid creep. If proper work is done at gathering business requirements up front, creep should not be an issue.  Continue Reading

• Four tips for gathering requirements for the new Business Analyst

  Requirements expert Robin Goldsmith describes four techniques for the new business analyst to collect and analyze business requirements for your software product.  Continue Reading

• How to gather security requirements for software projects and what to look for

  There are a many things to focus on when defining security requirements for any software development effort. But the most prominent should be long term ones like input validation, URL manipulation and logic.  Continue Reading

• How to settle conflicting software requirements between users and stakeholders

  Choosing to ignore stakeholder needs during the requirements elicitation phase is a common problem in software development. Knowing how to cater to both stakeholders and users is the first step in delivering dead-on requirements.  Continue Reading

• Differences in Agile and traditional software project management

  In this expert response, some of the differences between project management in traditional environments and agile environments are explained. One of the biggest differences is the flexibility of scope changes that is welcomed in agile environments.  Continue Reading

• Defining a User Interface (UI) during the requirements phase: A mistake?

  Many teams are using the requirements phase to define the look and feel of the user interface (UI). According to an expert, this is a mistake and can cause the team to digress from its primary task of identifying true business requirements.  Continue Reading

• What does "change management" mean in software development and QA?

  Change management, sometimes called configuration management, has a few different meanings in the software development community, from team changes to code changes, explains expert Yvette Francino.  Continue Reading

• Explaining software security responsibilities to the staff, QA department and management

  One of the largest problems in software security is choosing to look the other way. Even with multiple regulation departments, many managers choose to look the other way on security issues, what can be done?  Continue Reading

• Who determines the appropriate severity or priority for a defect?

  There are often differences of opinion on the definition of severity or priority of a defect. The bottom line is determining when and if the defect will be fixed. Factors that need to be considered are customer urgency and time required to fix and ...  Continue Reading

• What are the pros and cons of centralizing a QA or software test team?

  Is it better to centralize a test team or have testers paired organizationally with developers? There can be advantages to either approach. This expert response examines some considerations and an alternative that will allow your quality team to ...  Continue Reading

• How do I create a test case based on requirements documents for user acceptance testing?

  Creating user acceptance tests out of basic software requirements documents can be a daunting task. Expert Mike Kelly points out logical approaches testers could try in this tip.  Continue Reading

• Functional vs non-functional requirements, what is the difference?

  Robin Goldsmith takes another stab at this question of functional vs non-functional requirements in this expert response. According to Goldsmith the difference lies in the applications need and what it is intended for.  Continue Reading

• How to write an SRS document for three different databases

   Continue Reading

• How to write a Software Requirements Specification (SRS) document

  Knowing how to write requirements documentation is crucial when developing and tracking the completion of software. Expert Robin Goldsmith goes over how to write SRS documents and how to distinguish them in this expert response.  Continue Reading

• Put a stop to software espionage by watermarking source code

  Having software code replicated or stolen is a major cause for concern in the industry, fortunately there are measures you can take to protect your software source code.  Continue Reading

• Data warehouse/BI performance testing tool recommendations

  Expert selects preferred performance testing tools for data warehouse/BI software testing needs.  Continue Reading

• Problems caused by skipping analysis stage of SDLC

  A requirements expert explains the possible pitfalls of skipping the analysis phase in the software life cycle development (SDLC).  Continue Reading

• Defining core software regression tests

  Regression testing is defined through software purpose addressed, the common key strategy is to automate the test phase. according to software testing expert John Overbaugh.  Continue Reading

• How to deliver software with an SDLC iterative model

  The phases of iterative SDLCs come together to build better software applications faster, as long as the team avoids some common development and planning mistakes.  Continue Reading

• Waterfall versus iterative development misconceptions

  Many programmers have an idea of what their finished product should look like but are confused on where to start and how to finish. Development expert describes differences and advantages in waterfall versus iterative software development.  Continue Reading

• Advice on how to enter the software technology field

  Wondering how to enter the software technology field and don't know where to start? Expert John Overbaugh points to promising career tracks and informative resources.  Continue Reading

• Differentiating between Functional and Nonfunctional Requirements

  Many of the difficulties encountered in defining requirements relate to the functional-nonfunctional distinction. As so often happens, some of those difficulties are things of which people are aware, largely realizing after-the-fact that ...  Continue Reading

• Where can software requirements vision-and-scope documents be found?

  Software requirement expert Robin Goldsmith discusses a vision-and-scope document example and other methods of determining project and requirements scope.  Continue Reading

• Test case preparation for a Web-based application

  Test case preparation is the setup work that prepares you to design and execute your tests. Learn what this preparation might entail for a Web-based app.  Continue Reading

• Writing a software requirements specification (SRS) for a portal app

  An SRS describes the requirements of a software product -- what it must do in order to function as expected. The standard format is identical regardless of the software's use.  Continue Reading

• What is system integration testing?

  What exactly is system integration testing? At what stage is it done? Do you need to prepare a separate integration test plan?  Continue Reading

• Is functional testing sufficient to determine code coverage?

  Functional testing, even with the addition of many types of input and user acceptance testing, is not the same as determining code coverage. Learn the difference between the two and why one does not replace the other.  Continue Reading

• What is test granularity?

  Test granularity is the level of detail at which your software tests and test cases address your project.  Continue Reading

• Does Microsoft offer an international testing certification?

  Learn about international testing certification organizations and where to get more information on software testing and QA certs.  Continue Reading

• What is test environment management?

  Test environment management is the process by which test machines (clients, servers, or both) are managed. Learn how to implement proper test environment management.  Continue Reading

• Who is responsible for integration testing, developer or tester?

  Responsibility for integration testing depends on the project and the company -- but ideally, the two roles will collaborate in this area.  Continue Reading

• Tools for performance testing a thick client using ODBC protocol

  What tools are available for performance testing on a thick client using ODBC? Are there any free open source tools?  Continue Reading

• Formulating test status reports based on daily status criteria

  A user requests help deriving the daily status criteria for the test execution of a software project, with status criteria including test execution criteria, test case failure rate and bug rate.  Continue Reading

• Test coverage matrix vs. traceability matrix

  What is the difference between a test coverage matrix and a traceability matrix?  Continue Reading

• How to determine test coverage in a software project

  Determining test coverage is best served with three measurable categories (mapping requirements to test cases, test case status and code coverage analysis), plus a fourth subjective category.  Continue Reading

• How to develop a checklist for unit, integration and system testing

  When taking IS development in-house, learn how to develop a checklist to make sure test environments are in place and people know what to do.  Continue Reading

• Is a requirements freeze in a software project a bad idea?

  Learn why imposing a requirements freeze in an application project is usually a misguided idea.  Continue Reading

• Designing test cases using Cause-Effect Graphing Technique

  The goal of cause-effect graphing is to reduce the number of test cases run. However, the time it takes to do such modeling limits its use in real-world situations.  Continue Reading

• How to conduct performance, stress, load testing without tools

  Rarely should you have to conduct performance, stress, and load testing without tools. If you do, here are six techniques to use.  Continue Reading

• Requirements elicitation: Workshops vs. apprentice-style analysis

  When eliciting requirements, workshops are one technique to consider, but you should also be open to other methods such as peer reviews and one-on-one interviews.  Continue Reading

• How testers can convince developers of software errors

  If a tester fully understands the software errors found and can show the impact of them, then he is more likely to get developers to fix them.  Continue Reading

• How to test an application's scalability, performance

  To determine if your application can scale, you want to look at performance testing factors such as response time, load, mean time to failure, and performance tuning.  Continue Reading

• Integration testing: Is it black box or white box testing?

  Integration testing of software systems can be black box or white box testing. Learn how each can be used in this Ask the Expert Q&A with testing expert Mike Kelly.  Continue Reading

• How to determine a software modeling technique

  Modeling can help you pull together the design of software. Expert Ken Willett explains this approach, as well as what to include in a software requirements specification.  Continue Reading

• How to prevent HTTP response splitting

  HTTP response splitting is a serious Web attack that can wreak havoc on your Web applications. Security expert Ramesh Nagappan explains how this attack works and what professionals can do to prevent this exploit.  Continue Reading

• Quality standards don't always mean fewer defects

  Are low defect rates more important than quality standards? Project management expert David Christiansen discusses when standards shouldn't be enforced and how managers can understand the distinction between quality standards and quality software.  Continue Reading

• Use cases and SRS for requirements gathering

  Before comparing use cases and software requirements specifications, you should know what each is. Requirements expert Robin Goldsmith explains how use cases and SRS work and how to use them for requirements engineering.  Continue Reading

• How to match the test environment to the production environment

  Testers often find a gulf between test results in a test environment and test results in a production environment. Testing expert John Overbaugh offers strategies for ensuring that test results in different environments match.  Continue Reading

• An approach to integration testing

  Integration testing can be thought of as the measurement of disagreements among parts of a system. Expert Mike Kelly explains how this approach to integration testing can be used.  Continue Reading