Testing Strategy for WEB Applications
Business Requirements
Web Application Testing
The usage of the World Wide Web for transaction processing is a recent phenomenon. To that extent web application testing is a relatively new area. Although web application testing does have a lot in common with client/server applications, there are unique considerations that affect the focus of testing strategy.
What to Test
All components of a Web application on both the client and server side should be completely tested. This may not be always possible given the varied target audience and platforms that a web applications addresses. In this case, the best approach is to examine the project’s requirements, set priorities based on risk analysis, and then determine where to focus testing efforts within budget and schedule constraints.
Requirements
Web applications are typically more graphics oriented than standard software applications, and this, along with multimedia functionality, will need to be considered in terms of requirements specifications for page layouts, appearance, site-specific standards etc. Database –driven applications will merit particular focus on performance requirements such as response times at various load levels and rate of error-free interactions per unit time.
Risk Analysis
Database driven web applications can involve complex interactions among Web browsers, operating systems, plug-in applications, communications protocols, Web servers, databases, applications server, security enhancements, and firewalls. Such complexity makes it impossible to test every possible dependency and everything that could go wrong with this site. Since the typical web application development project also will be on an aggressive schedule, the best testing approach will employ risk analysis to determine where to focus testing efforts.
Risk analysis should include considerations of how closely the test environment will match the real production environment. Will the test scenarios be able to closely mimic communications, hardware, clients, loads, data and so on? Other considerations in risk analysis include:
· Which functionality in the Web application is most critical to its purpose?
· Which is function is most likely to be the most frequently used or the sequence of steps to be most frequently performed?
· What type of areas could possible cause the most complaints or bad publicity?
· What parts of the application pose the maximum security risk?
Types of Testing
The following are the different types of testing that are used for various Web applications. These aspects should be considered while planning for Unit, integration and system testing wherever applicable. Existing testing related checklists/templates in QSD could be enhanced to address these additional requirements.
| S.No | Type of Testing | Description |
| 1. | Validation or Functional Testing | This is typically the core aspect of testing to determine that the Web application functions correctly as per the requirement specifications. |
| 2. | Unit and Integration Testing | Unit testing of code modules, objects or discreet applications functions is a standard part of testing any distributed application; integration testing may be needed to determine if various modules, interfaces and other applications work together properly. |
| 3. | HTML Validation | The need for this type of testing will be determined by the intended audience, the type of browser(s), use of standards such as JavaScripts, whether your site delivers pages based on browser type or target a common denominator, and how strictly you want to adhere to HTML standards. |
| 4. | Link Testing | This type of testing determines if your site’s links to internal and external Web pages are working. A Web site with many links to outside sites will need regularly scheduled link testing, because Web sites come and go and URL’s change. Sites with many internal links (such as enterprise wide Intranet, which may have thousands of internal links) may also require frequent link testing. |
| 5. | Usability Testing | Is your intended audience the general Internet public? In–house Intranet users? Computer experts? The intended audience will determine the “usability “ testing needs of the Web application. Additionally, such testing should take into account the current state of the Web and Web culture, because these will influence user expectations (for example, Web site navigation is expected to be extremely intuitive –Web users do not expect to read manuals or help files). |
| 6. | Load Testing | Will there be a large number of interactions per unit time on the Web site? If so you may want to perform testing under a range of loads to determine at what point your system’s response time degrades or fails. The hardware and software chosen for the application and the design could have an impact on the same. |
| 7. | Stress Testing | This refers to testing system functionality while the system is under unusually heavy or peak load; its similar to the validation testing mentioned previously but is carried out in a “high stress” environment. This requires that you make some predictions based on the expected load levels of the Web application. |
| 8. | Reliability and Recovery Testing | If 24 X 7 uninterrupted availability is required, and depending on how critical the Web site is to the business, simulation of different “emergency” situations may be required to ensure that the production system can handle it successfully. |
| 9. | Security Testing | If the site requires firewalls, encryption, user authentication, financial transactions or access to databases with sensitive data, there may be a need to test these and also test the site’s overall protection against unauthorized internal or external access. |
| 10. | Regression Testing | If the iterative approach is adopted for development, there is a continuous need to retest the application that was initially developed and the code that was reworked to accommodate changes and bug fixes. |
| 11. | Server Log / Report Testing | Web sites that use advertising and track site usage for marketing needs may need extensive testing to ensure the accuracy of the logging and reporting capabilities. |
Testing Requirements
Components of a Web Application
Unit Testing and Integration Testing
A unit is one component of a system. Integration testing refers to integrating different components together. If different developers are developing the different components such as front end, middle tier and back-end, each should be considered a unit and tested and integration testing would involve testing the interfaces between these components.
| | Front END | Middle Tier | Backend |
| FUNCTIONAL TESTING | Required in all cases, could also include random testing other than unit and integration testing | Required in all cases, could also include random testing other than unit and integration testing | Required in all cases, could also include random testing other than unit and integration testing |
| HTML VALIDATION | It might not be possible to carry out all possible validations of the client environments. Risk analysis should be done and based on this, what to test should be decided and tested | NA | NA |
| LINK TESTING | This is very essential on large web sites that encounter a lot of changes; to ensure that links are not outdated or inaccessible | NA | NA |
| USABILITY TESTING | This is required if any special set of users is targeted. Otherwise these inputs will occur as part of the first deployed iteration | NA | NA |
| LOAD TESTING | NA | Very essential when expecting number of hits > 200 per hour | Essential when database is suspect of handling large number of requests |
| STRESS TESTING | NA | Essential when reliability is important | Essential when reliability is important |
| RELIABILITY & RECOVERY TESTING | NA | Very essential when 24X7 up time is envisaged | NA |
| SECURITY TESTING | Can be used to check user authentication and authorization | Used to check firewall scenarios | Used to check access to database in a secure environment |
| REGRESSION TESTING | Necessary after the first iteration to ensure that the older functionality has not broken in the process of making changes or bug fixes | Necessary after the first iteration to ensure that the older functionality has not broken in the process of making changes or bug fixes | Necessary after the first iteration to ensure that the older functionality has not broken in the process of making changes or bug fixes |
Required Testing Tools
Mercury Interactive has come out with a suite of tools for testing Web applications, called Astra SiteTest. But this is still in its first release and not quite stable as yet. (Refer http://www.merc-int.com). The other tools that could be used are Mercury Interactive’s LoadRunner, SunTest Suite of testing tools (Refer http://www.suntest.com.), SilkTest from Segue (Refer http://www.segue.com.). Details of some other tools like parallel testing tool, Purify (for memory leakages) or RELACS are available in Tools repository on QD homepage.
Testing Process
For every application that is to be tested carry out the following steps.
Step 1: Test Planning
Prepare Test Plan
· Define test objectives
· Identify environmental needs
· Define the test tools, if any to be used
· Identify test team members
· Assess risks
· Define critical success factors
· Write test cases
· Determine sequence/integration procedure
· Define test stop and resume criteria, example if 20 errors are found or when all the test cases have been run through or if more than 3 show stopper defects are found etc.
· Define the number of test cycles to be carried out, example 2 complete test cycles must be carried out to certify the system.
· Review test plan
Step 2: Test Execution
Setup test environment
· Identify Test Server (Dedicated server would be good)
· Setup restorable Test Data
· Setup applicable test tools
Set up Configuration Mgmt process for test environmental assets such as
· Web applications
· Test data
· Test scripts
· System configuration files
Ensure that test environment accurately represents user platforms such as
· Browsers
· Operating systems
· Hardware
Do test execution & include the following:
· Unit Testing
· Integration testing
· System testing
· User acceptance testing
Step 3: Test Evaluation
Review test results
Define how defects are to be classified.
Setup criteria in place to prioritize /evaluate defects
| SDLC Phase | Test Plan Produced | Test Plan Executed |
| Analysis | System Test Plan | |
| Analysis | Regression Test Plan | |
| System Design | Integration Test Plan | |
| Detailed Design | Unit Test Plan | |
| Construction | | Unit Test Plan |
| Construction | | Integration Test Plan |
| Test | | System Test Plan |
| Production/Maintenance | | Regression test Plan |
No comments:
Post a Comment