Slashdot Mirror
How Do You Prove Software Testing Saves Money?
cdman52 writes "I work at a small software development company. We have one app that is used by a few hundred clients and was initially developed by a few undergrads about 10 years ago. The app is collection of about 25 developers preferences and ideas. Testing wasn't an initial concern since it was created as an internal application, I guess. Anyway, the app is now large and used frequently. Part of my duties are to fix bugs users find, I'm on a team with a few other people and at least once every 2-3 months I see some bug I fixed come back, and I can only assume it's because we don't have a formal test suite. The owner doesn't want to invest time or money in getting one set up, but I'm sure that in the long run it would save time and money. Can anyone offer suggestions for how to convince the owner that setting up a test suite is in his own best interest?"
I would say the most important thing to save money is a good design and programming guidelines for the application.
Test suites are obviously a good idea but it may end up as a tedious task if the application as poor or no real starting design and if everybody just did things their ways.
I have seen many applications that had grown larger than expected that typically cost 10 times more than it should to maintain, bug fix and implement change requests.
It is sometimes possible to fit existing code in a new clean design and that saves a lot of money if the application is going to be used for a long time.
Let's hope your application has proper design ! ;-)
Everything I write is lies, read between the lines.
Can anyone offer suggestions for how to convince the owner that setting up a test suite is in his own best interest?
Are you sure that it will be?
but I'm sure that in the long run it would save time and money
How much time and how much money?
What you need here is hard numbers to back up your opinion. Specifically, and I hate to say the word, but you need metrics.
- How much do these bugs cost (these are a mixruee of hard numbers (dev time, etc) and "fuzzy" numbers (customer relations and so forth)?
- How much is setting up this test suite going to cost? How much is it going to cost to use it?
- How effective do you think it will be (look at existing bugs.. would they have been caught)?
That last one is especially important. Testing is good, but it doesn't solve all problems and there are other options. Really take a good look at whether previous bugs would have been found in your proposed system.
Once you have this information, the math then becomes pretty simple.
If your program is modular-ish .. it might be possible to do a trial. This is probably a good idea anyway. There are different ways to do testing, some of which are incompatible with certain development mindsets. Best to find that out early on a small piece vice the entire code base.
But when you find out, let Steve Jobs know.
Charge him by the bug. You'll see how quick he'll make sure hes not paying to fix the same one twice.
You need to think very hard about exactly how any why this will save the business money. What do YOU think will be gained, for your software, from a technical standpoint?
Many people just think testing will make things better. But I have seen testing make things better, and I have also seen testing make software far harder to maintain and later to deliver.
What kinds of problems are you seeing that you think testing will solve? Do you see a lot of maintenance causing other errors? Do you want to do this in preparation for overhauling some part of the system?
You see bugs come back every 2-3 months, but is preventing that really worse than the overhead of maintaining and adhering to a test suite that all of the developers would have to do? That alone may not be enough of a reason to impose the overhead that testing can cause.
Since you are fixing bugs you have access to the codebase. Start a test framework yourself, of bugs you cover, and run it against the code day by day. See how often it catches issues, vs. how often you have to alter the tests because the code has changed in ways that are valid. Then you will have more real world metrics about problems solved vs. costs...
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Just start small, with "failing tests" for each new bug. Bug fixed, test passes. Keep expanding the test coverage.
http://stephan.sugarmotor.org
WHY do you have to prove software testing saves money? Even a cheap and nasty electrical appliance from China is tested despite there being a lot of motivation to cut corners and not do so. Why should software be any different?
Perhaps the app is just more important to you than it is to the company? First take your ego out of the equation, i guess, then make your case before the boss. Just sayin'. Also if you have a time sheet of how much time you've spent on this app so far it would be helpful in drumming up some numbers, plus a few scenarios where the failure of the app causes lost time for the company as a whole.
Starbucks, Harbuckle of Breath.
We've had to justify creating auto test suites where I work.
Over the last decade our product has grown from one code-base into three strands, each with separate customer foci, and we've had a healthy amount of staff turnover so that there are still brilliant, creative and skilled people working on it but some of the original knowledge has left us.
We found* numbers to justify that automated testing of existing features, applied later will protect against regressive changes. Even where there are complicated features which were not modular in design, or which lack good interfaces, the tests have saved us massive amounts of time testing by hand. The real win is hidden under something we didn't realise until later: creating the tests have forced us to really document what the features are and how they work**, sometimes from a unit-test level, sometimes at the interface level and sometimes in a top-to-bottom vertical slice. Once you have a record of what your software does, in a computer which is skilled at remembering exactly and repeating exactly what some former staff member told it a couple of years ago, you have a decent reason to be confident that your bug fixes won't cause more harm than good.
*: ballpark figures / educated guesses / made up.
**: We favour working code over comprehensive documentation, until our agile team is reassigned to other projects or leaves the company.
In small companies most of the time it is not really worth the money to invest time and money in test suites and engineers. It does not make sense to operate in such a manner and is very frustrating but the goal of the owner is just to make money. You can start charging him by the bug, but then the way you are describing this is a trivial software so he will find someone else who will work the old way.
With 25 developers, all it takes is one who doesn't merge correctly to cause old bugs to resurrect themselves.
The metrics is a good idea. This will allow the owner to see what it costs him to not have good QA. However, eventually, the conversation will float to how expensive will it be to have QA? Like any security situation, you will want to find the happy medium where the trade off in time/money balances the risk. Given you only have a few hundred users you might wish to experiment by adding QA incrementally. Also, you might find why those bugs are coming back? Poor documentation? Or are developers not maintaining up to date code bases? Process is just as important as QA when it comes to fixing bugs.
Have you fscked your local propeller head today?
How can you be so sure that it'll save money? If you need help to prove it, then it's likely that you don't know enough to make a significant change.
fixing bugs won't save him money unless your willing to recommend firing a few developers because it'll reduce workload. thank your lucky stars he's smart/kind enough to know this and say no rather then let you go to all this trouble then fire you because your not needed anymore.
QA can be contracted out for 20 dollars an hour in house, I would suggest you look into that. It is a full time job for anything but the smallest of code bases.
An Education is the Font of All Liberty
Start off easy, you must have test cases for the bugs you fix (so you'll know they're fixed and some sort of script or procedure you used for that testing. Just hack together a quick script on top to run them in succession as part of your regular duties fixing bugs.
Now, put them somewhere where other developers can access them. Mention it around the coffee pot.
That's not exactly comprehensive testing, but it's a start and should only take a few minutes. You could argue that you had to do it anyway as part of your regular duties, so it cost nothing. With any luck it'll catch on and prove itself useful.
It is not just that testing is needed, when bugs are found, they need to be fixed (security bugs with priority).
I have personally seen bugs that were not deemed 'need to fix' that went out with the following fallout (this is NOT a joke or embellishment):
1. possible loss of life - as in death of a real person
2. loss of revenue that was supposedly in the millions
3. death of company
4. loss of accounting revenue in the multiple thousands
I have been in the industry long enough to see these things. Per NDA, I cannot give details. But this is real and depending on the company and its politics, could happen in front of your eyes.
- SPT
...using CVS.
Don't thank God, thank a doctor!
If all you do to make the test suite is add one test each time a new bug is discovered, you'll probably find it doesn't take much longer than fixing the bug and retesting manually anyway, and over time you'll build up a reasonable suite. Yes, the benefits won't be instant, but you can do it without much outlay of time (or money) and therefore it's easier to justify to the product owner.
In case you haven't, you should read Robert C. Martin's book Working Effectively With Legacy Code, which is full of advice on just this kind of situation.
If the data is worth anything, you can always argument that software that has not been tested thoroughly can mess up the data and then the worth/value of the whole system collapses. Yes, there are backups, but will the backup schmea work if the software gradually corrupts the data? And will the customers suffer damage during the downtime that you try to debug/correct the bug (that will eventually occur) ?
Why are you asking for permission? Most programmers today know that there is no point in asking for permission when it is much easier to ask for forgiveness after the fact ... if they ever find out and care.
Just start in one corner, create test cases for exactly those bugs that you don't want to see again. Then add incrementally whenever you have a couple of minutes to spare.
Just do it!
WHY do you have to prove software testing saves money? Even a cheap and nasty electrical appliance from China is tested despite there being a lot of motivation to cut corners and not do so. Why should software be any different?
Rest assured that Chinese companies test their products precisely *because* it saves money. If it didn't, they wouldn't; they don't have a commitment to good quality for its own sake.
An untested product leads to high rates of return (lost money), customer dissatisfaction and brand name damage (HUGE loss of money in the medium to long term). Nobody puts up with bad products anymore. Software is one of the last kind of products where it's still somewhat accepted but people are quickly becoming intolerant to bugs nowadays.
Still, what is true of physical products (that extensive testing on top of proper design and good manufacturing practices) may not be true of software. I.e. the question is: is laborious and careful design and implementation with minimal testing more or less expensive than quicker, laxer design and coding and a strong test/correction feedback process? I'm not sure the answer is clear-cut. As a (former) programmer, I can see argument for both approaches.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
I don't have a solution to your problem, but I can tell you the shit only gets worse.
You're welcome. :)
Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
The better question to ask yourself is, "Why am I still working here?"
If I were working on that team, I would walk up to the owner and tell him straight out, "You hired me for my ability and experience in software development. It's my job to give you the most customer satisfying functionality for the money. You've seen my credentials. You've seen me work. Stop second guessing me and let me get on with my job." But my employers have historically hired me because of my experience in these kinds of areas.
Asking, "How do I prove to management that X practice is a good idea?" is precisely the wrong thing to be doing. Do you *know* the practice is good? Do you have experience implementing the practice? Do you know when it is appropriate and when it isn't? Do you know how to implement the practice in the particular circumstance you are in? If not, who on your team does? If nobody, who will pay for your learning experience in the probable case that it takes time to get things right?
I'm not telling you that you shouldn't be doing these things. But if the guy paying you is unsure of your ability to pull it off and you have no prior experience, I highly recommend relocating to a job where you can get the experience.
The problem is you need a software (bug control system) already setup to prove that it is important to have a testing framework.
But the calculation I would use goes something like this.
Needed
1. Number of bugs fixed.
2. Number of bugs returned.
3. Time added to original bug to fix additional requirements
4. Time to test properly.
Cost factor for bugs not tested properly (time to test)/(time added to original bugfix)
This would be your cost of not having a testing framework. Work this out over the period you would like to aggregate the testing framework cost.
Say there was 30 bugs that returned
If took you about 60 hours to fix those 30 bugs.
It would have taken you 20 hours to test the bug fixes properly.
You will get
(20/60)=0.3 (30 %) reduction in cost.
To calculate if it is worth the companies money to implement the testing framework.
0.3*(cost to fix returned bugs over 2 year period) if this value is less than the cost of the framework it is not necessary to setup the testing framework.
Honestly even on the simplest system it always works out cheaper to have a proper testing framework. But I understand your frustration to bring this concept under the eyes of the managers are quite difficult.
The easiest way is to try and calculate a factor of cost savings and bring it to their attention.
No QA?? Sadly, I see many slashdotters in similar situations. How unprofessional and arrogant have the bean counters become? I have been out of I.T. full time for many years but times were different earlier last decade. Any manager who refused to check the quality of the work used to be fired. Are you really managing if you wont even do basic QA?
Even fast food restaurant managers do QA and have district managers nail them on satisfaction and statistics of food ingredient use and statistical sampling.
Time to update your resume. From what you described it sounds like a cheap work environment if they have college interns writing critical software. Quality is free and any good manager knows this which saves money. Six sigma started out in software design before being a big hit on the factory floor.
http://saveie6.com/
how to convince the owner?
Replace the owner's default homepage with this Slashdot article.
Slashdot, fix the reply notifications... You won't get away with it...
Send the suits one of their cherished Excel sheets?
((downtime duration) * (customer's lost income per hour) * (customers))
+ ((bugfix duration) + (rollout duration)) * (hourly developer salary)
+ (overhead costs to appease angry customers)
As others are saying, if you can get hard numbers, get them. Nothing like actual evidence to back up your claim.
However, there's a more important reason for doing this which is harder to find solid evidence for -- the concept of "paying down your technical debt." Often, we hack software together relatively quickly, without fully testing, etc -- every time we do that, we're effectively borrowing against the future stability and maintainability of the product, or realistically, against our own debugging and refactoring time in the future.
Like all debt, it has interest -- the longer you let it fester, the worse of a mess it's going to be. So like all debt, it makes sense to pay it down when you can -- a little refactoring now can save a lot of headaches later.
So, it may be difficult to get hard numbers -- though again, those are better. But if you can't do that, sell it as an investment. Invest a little time right now at least putting the automated tests in place, and maybe start with just some regression testing. Twenty minutes writing a regression test will almost certainly save you an hour the first time that bug appears -- and those are pessimistic numbers (though also made up on the spot -- find your own actual facts!)
Don't thank God, thank a doctor!
I guess I'm missing something, but don't you test your bug fix when you write it?
You said that your bug fixes "come back", it sounds like you are cutting some code and sending it off without testing that you actually fixed the problem?
#!/usr/bin/perl -w
#####################
# File: money-test.pl
# Desc: Tests if Money is Saved.
#####################
use strict;
use FileHandle;
# This Should Save Money! /^Money/ );
sub saveMoney {
my $tout = new FileHandle( "> test-output.txt" ) or return 0;
$tout->print( "Money\n" );
$tout->close();
$tout->open( "< test-output.txt" ) or return 0;
die "Lost Money!" if ( <$tout> !~
return 1;
}
saveMoney() or die "Money not saved: $!\n";
print "Money Saved.\n";
How do you prove (automated) software testing saves money? Many factors are involved. A test suite and unit tests can cost a lot of time to set up. You may very well find your system wasn't designed to allow automated testing and would require refactoring to allow for automated testing. How much time would you spend on setting up a test suite? How much time would it save? (Keep in mind right now you may not be doing manual tests- there is added value to introducing such tests as well). One factor is how long does it takes to re-fix a bug if one comes back every two-three months- some bugs take a bit more, some a bit less, but I find handling two (unknown) bugs a day is typical. Another, more important factor to take in account is how much damage can potentially be done by bugs. Depending on your system this may range anywhere from lost entertainment value in a video game to a plane crashes in air control systems. That is to say, in some systems, automated testing simply matters more than in others.
Just do it and show him the tests running. It always impresses people to see a bunch of automated tests happening--it makes it more intuitive what the value is.
Anybody can understand how that can save valuable human tester time (particularly if that human is expensive and talented).
expandfairuse.org
There's this thing, called 'specialization'. You work for a small business somewhere in the Western world, so you probably have never heard of it.
Basically, the way it works is this. One person does one job. Another person does another. Everyone sort of agrees ahead of time what the jobs will be, and how they can interact in the most efficient and least obtrusive way. That way, you don't end up with five people on a 'team' spending all their time either in meetings or overwriting each other's work.
For instance, one person might fix bugs. Another person might test the software. Each person can 'specialize' in one relatively small area of 'special' knowledge and skills and not have to worry about everything his co-workers are doing. The person fixing bugs can know which bugs have been fixed, and spend time thinking about how the software should evolve in the future in order to fix or prevent other bugs. The person testing the software can spend his time creating automated tests, finding new bugs to be fixed, and double-checking the work of the people fixing the bugs.
Watch out, though! Because there's this other thing, of which you are probably well aware, called the 'pointy-haired boss'. Pointy-haired bosses don't like 'specialization' because they are fairly dim-witted and actually enjoy going to meetings and re-doing the same work over and over again. So, if you do decide to 'specialize' in your work, you should probably have a few websites lined up to browse and look like you're staying busy during all that extra free time you will soon have. Good luck!
"I assumed blithely that there were no elves out there in the darkness"
Calculate the statistics regarding the costs that fixing the bugs already takes in your outfit (such as hours taken, damage recovery costs caused by impacts of bugs etc.) and then calculate the capital costs for setting up the processes, procedures, assets etc. for properly testing software and estimate how many bugs it could have prevented by examining old data and working out what technique, process or procedure you're planning to implement would have caught said bug(s).
Get him to read anything written of/about Deming about what is wrong with current management I'd say.
The book "Dr. Deming: The American Who Taught the Japanese about Quality" by Rafael Aguayo is probably the easiest to grasp for most people (and is a book I would recommend to pick up and read in general anyways).
Still, what is true of physical products (that extensive testing on top of proper design and good manufacturing practices) may not be true of software. I.e. the question is: is laborious and careful design and implementation with minimal testing more or less expensive than quicker, laxer design and coding and a strong test/correction feedback process? I'm not sure the answer is clear-cut. As a (former) programmer, I can see argument for both approaches.
Didn't you just answer your own question: extensive testing on top of proper design and good manufacturing practices
For the first I'll just quote Knuth: "I have only proved it correct, not tried it." And if you send piles of shit to testing/QA and expect them to be the impenetrable barrier between you and the customer, you're equally deluded.
I've found that for anything that should last a while and be stable, there should be a test case. It's so easy to subtly break something. However, I've found writing a proper test suite that deals with databases, network communication+++ and not just the application itself is pretty hard.
Live today, because you never know what tomorrow brings
Because it is. Do you know the term "bananaware"? It's used internally by a huge German company. It means "letting the goods mature at the customer's (just as you do with bananas, picking them while green and letting them mature during transport and at the customer's shop)".
At the customer's shop, and at his expense, of course.
The core reason is that people got so used to crappy software that they don't even expect it to work "out of the box" anymore. It's also trivially easy today to replace broken software. No need to send it to the shop for replacement, we'll send you a patch via internet. You do have internet, right? You don't? How do you exist today?
Testing or no testing is only a matter of money. A product only has to be good enough to keep enough customers from throwing it back at the maker, or rather, as long as the cost from RMA process and customer complaints are lower than the cost for testing, no testing will occur.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
However you prove the need for a test suite, express it on a shiny powerpoint. That way, even if the people to whom you'll show it are techs, they'll be able to pass it to their PHB and have him understand just what's needed: allocated time slots for tests.
The owner doesn't want to invest time or money in getting one set up, but I'm sure that in the long run it would save time and money.
No, it will NEVER save money nor time. It will just improve quality.
Testing requires investment, and there is no ROI (Return On Investment) on it, except that the quality of the software improves, since you are able to avoid regression bugs.
In my company, we spent a lot of time (several man years) writing tests to strengthen our software, and I can assure you that this was very expensive, and I still believe that it was a waste of time and money (disclaimer: I worked onto writing the tests), since this could be done in a cheaper way.
In our case, we have a 7 years old project, and it was very difficult to write tests, since the code was not designed to be tested, and thus not easily testable.
Just putting the tests in place will probably require a large amount of time and effort.
If there is no development on your software, but only bugfixes, then it's better to use the cheaper approach of writing tests that fail, as somebody suggested above.
If the cost to write a single test is too expensive (in effort/time/money), you'll have to live with the current situation.
If there is still some development on the software, it's good practice to start adding tests on the NEW parts of the code.
Forget about the legacy code, it will require too much effort.
Can anyone offer suggestions for how to convince the owner that setting up a test suite is in his own best interest?
I actually had to write a paper on this subject for an SQA class I took. The result among other things was (as if we didn't know that already) that PHBs respond to numbers and little else (except maybe Blackberrys) and a scary percentage of them think software testing isn't worth doing beyond weeding out the worst of the bugs because it offers a low return of investment. To convince your PHB you have to gather metrics. How much does an error cost if that error makes it undetected into a marketed product? How much would do save if we caught it early by testing? How much of a reduction in the frequency of, say... buffer overflow or SQL injection bugs, etc... have you achieved by implementing software testing in some other project? If you don't have any SQA enabled projects to fall back on you can try to cite case studies or CS papers. Case studies are probably better since they are less theoretical and not loaded with a huge amount of statistics. Keep in mind that the level of SQA that is justifiable for projects varies according to their nature. If this is an internal product never used by external parties you can get away with much less SQA than if it is used by external customers. Metrics gathering is also a key component in pretty much everything else SQA related, root cause analysis, test coverage analysis, determining code coverage, deciding on where to focus tests... the list goes on and on.
I happen to read Slashdot at night when the sun rise in the US.
Now They are making a good move, somewhat like GOOGLE's targeted ads. Stories as per geographies.
Thanks slashdot.
Basically you have to develop a mathematical model of the costs of the current situation, and compare it with a mathematical model of the costs of using tests. As part of this you will have to produce a plan for introducing tests, with the costs for each step itemised. Use the best numbers available, but don't worry if some of those numbers are "best guess". Just don't try to hide the fact. Put both models in a spreadsheet and come up with a number for how long it will take to recoup the initial investment (break even). Don't forget to discount future cash flows. In MBA-speak this is known as a "business case".
You are lost in a twisty maze of little standards, all different.
One bug every 2-3 months. How long does it take to resolve that bug. An estimate of 4-6 bugs a year is not that severe of an issue and like the owner is better off without the extensive bug testing.
I think there might be something wrong with the problem analysis. You should consider why a bug does reappear. Wrong version in Production? Or as you stated not enough tested.
1) First of all, You have to make a inventory of all existing bugs in the application.
2) you need to describe the possible Workarounds. Here you can already start calculating the estimated cost of each incident provoked by a bug.
3) prioritize the bugs. The more urgent, the more they will cost the bussiness by not functionning and resolving time
4) Focus on some Quick wins. bugs who doesn't consume much time and money to solve.
5) Keep in mind that having a good Workaround is sometimes better
6) Make a bussiness plan. Explain the benefits versus the money lost (consider lost worktime as a los off money)would be cheaper to redesign the app.
Managers are willing to pay for improvement, but they have to be convinced. The only language they understand: MONEY.
Briefly you talk about the money you loose doing nothing, versus the Return on Investment (ROI) doing something.
Many have already mentioned that you need metrics if you want to prove that a test suite would be cost effective. You don't really say if that's to be automated and that's harder. You also don't say if the intent is module unit testing or integration testing or some other slice, nor do you say what technology the system is built around. 10 years probably would be VB6 and there was a unit testing framework a few years ago available but the tool-set is decidedly sparse AFAIK.
Anyway, the statement about bugs returning caught my eye. Perhaps they really are a regressive bug but take a close look at that idea. To illustrate suppose the complaint is that "a failure was not logged to the logging file". This could be *caused* by, among other things, a misconfiguration of the logging system, a missing logging statement within the code that handles the failure, a locked logging file which could not be written, use of a module that disabled logging, or which did not re-enable logging, and so on.
Since these are all discreet sources they really are different bugs. It's unlikely (disadvantageous actually) that one test would find re-emergence of all of these even though they result in the same basic problem.
The point I'm hoping to make is to be certain you really are identifying the same bug as haunting you not just similar bugs and be sure you can faithfully relate that to your stakeholders.
And if you can make that case then it should be a no-brainer that they'd *not* wish for their teams to spend time and their resources re-doing the same thing. At that point the question becomes "What's the best way to insure that we don't?"
Sometimes it comes down to better documentation of the modules being used or training of the people involved. It's very hard to quantify the cost of training folks to create useful tests that don't actually increase costs (a lot). Also hard is predicting the point of break-even where all the costs in training, tools, and coding (and testing) the tests have started to return enough that the net starts to be positive.
We often seek perfection but removal of all regressive bugs is probably not the best first step. Another clue I got was that these bugs are found late in the process. In any case, perhaps better defensive coding in the modules would make them more apparent or obvious, and found sooner or prevented from propagating in the development process or the system itself.
The question really is "Are they?".
How Do You Prove Software Testing Saves Money?
Generally, in short term testing doesn't save money. Though in long term, there are some benefits.
0. Software testing doesn't save money to the software developer itself - it generally saves money to the customer. Having software being tested, allows customers to cut the time and the effort in the critical phases of the larger project deployments. Some companies I know sell testing separately. You can buy their product and test the particular configuration yourself - or the ISV can do it for you. (Feature bloat is the main reason why the bogosity exists.)
1. Customer relationships. There is nothing worse than a minor design defect requiring coming up before (and causes delays of) deployment.
2. Long term software development generally builds on previous enhancements. If the enhancements were not tested properly beforehand, later development might come to the unpleasant surprise, when it would come to the light that the foundation for the new work wasn't as stable as people did tend to believe (or the foundation wasn't really satisfying the requirements it was presumed to). And it is a well known fact that software developers are poor at spotting problems in their own code. Testers having a different angle on the software complement well the development process.
Also, I would generally recommend to retrain software developers to be testers. Though not obvious to many, any effective testing requires knowledge of the source code. I had seen lots of wasted effort due to the fact that testers were not aware of the implementation peculiarities.
For smaller companies I would advise a simpler scheme: rotate primary focus of developers between coding and testing (and support). Idea is that developer should have enough time to learn particularities of each of the development phases and bring the new experience back into the other development phases.
and I can only assume it's because we don't have a formal test suite.
For internal applications, make sure that you have requirement specification. Testing is impossible if the expectations are not spelled out formally.
If you do not have a requirement specification, then try to create one before advocating for testing. It might turn out that the software has too many interested parties and finalizing requirements would prove impossible. Then testing might cause more harm than good, by breaking the unwritten unspoken balance. By becoming a tester you should be ready to make an enemy out of better half of the company.
All hope abandon ye who enter here.
once every 2-3 months I see some bug I fixed come back, and I can only assume it's because we don't have a formal test suite
No, it's because you didn't fix it. "Bug" is usually described as a set of symptoms. A very simple test can determine if the changes you made altered the behavior of a program that was recognized as a bug, however it's your responsibility to have understanding of a product that allows you to recognize and fix problems. Tests merely help to determine if some known aspect of product's behavior is unaltered (if tests could find bugs, products would never be released with them).
The owner doesn't want to invest time or money in getting one set up, but I'm sure that in the long run it would save time and money.
You are on a fixed salary, you idiot! No one spends money or saves money depending on what you do -- it all depends on what product does (and how poorly) because it affects sales. Unless you are asking them to buy some software (what would be a wrong approach), there is nothing he is supposed to do -- it's your job to implement everything you need to do your job properly.
Contrary to the popular belief, there indeed is no God.
What if you would just simply drop all money metrics and say that the pleased client who gets working product is happy customer and happy customer brings more customers in long run.
If the boss can not understand how valued for customer is that they are happy from the product they buy, he (or she) ain't good boss.
The company will go down when there comes competition whom gives better products. If you can not gain a monopoly or dominant market position or any other way to tie customers to your services and products. But that's it. No more new customers as what the company would get with happy customers.
"at least once every 2-3 months I see some bug I fixed come back, and I can only assume it's because we don't have a formal test suite"
I assume that what you really want is to improve the development process and reduce your frustration time. A shiny test suite seems to be the answer.
Hmmmm... before you go buying a test suite you have to understand that the business should drive what you do. Business cases are all about research, analysis and documentation:
1. Metrics: What is the value of the app? What is the cost of maintaining it? ie: How many person hours are spent on development and maintenance? How many bugs are fixed per period and what is the average cost? Can you create some metrics for code quality and code brittleness based on version release stats and fault stats? You should have a handle on all of these items. If you are not in a position to know then you might start by persuading your boss to do some research on these topics. If you have an experienced crew then you should be able to estimate at a high level what the important metrics are, even if there are no formal stats being tracked. What do these metrics reveal as hot spots?
2. Processes: What are your current development, maintenance, and release processes? How are bugs tracked? If there is no formal process then what is the informal process? How do things happen? Do other people have thoughts about the processes and issues? Document how things are done and what the known or perceived issues are. If bugs are being reintroduced because of bad process then document this. If you don't have good processes then software tools will just be anchors that help drag you to the bottom. The worst thing you can do is introduce a tool that only you know, which then becomes part of a hidden, informal process that only you know.
3. Analysis: What does the research into metrics and processes show? How do you compare against standards either from industry or from inside the company? If you can't find a comparison then how do things look versus where you would like to be? What is the low hanging fruit: the obvious things that would improve quality? Lack of formal bug tracking, change control, and other metric gathering may be the obvious place to start.
4. Make a plan to improve things. This means that there has to be a sequence of changes and for each change there must be details of what the change will improve and how to measure the improvement. Be clear on what the goals are. No airy-fairy stuff. Hard, documentable, measurable changes. At this point you may identify some software that would help, such as a test suite. Remember though, software tools are just that: tools. No sense using a hammer to push in screws. Simply creating a change control process with a regression test may get rid of a lot of issues with spending a dime on tools or hardware. Simply formalizing and adhering to strict development and release processes that utilize (free) version control and (free) bug tracking may cure many problems. Similarly, standardizing methods can go a long way to improving quality and reducing problems.
5. Buy in: at every step of the way, from initiating the research into the situation to creating an improvement plan, you need support from your boss and from your peers. If nobody wants to change then fuhgetaboutit.
The above may seem like a lot but it isn't really. The initial metrics gathering, analysis, and plan development should not require a huge effort, especially if you are a relatively small shop. Some of the numbers may be sourced as WAGs from subject matter experts but I prefer to use the term "heuristics" or educated WAGs ;->
Since you appear to have the time to spend on these support tasks, there would only be a saving (and one that would take a considerable time to realise and even longer to pay back) you could only really make a case if you can say that int he future your workload will increase to the point where another person will have to be hired to assist ot take over these tasks. That's the only solid, dollar cost you will have to offer. Even then it's going to be an uphill struggle as the zero-cost alternative is just to make you work harder for the same money.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
So you think American companies have a commitment to good quality for its own sake. Just out of curiosity, what do you drive?
If you mod me down the terrorists will have won
How do you prove software testing saves money? Not going to happen in this case. The place testing saves money is during development. Once the software is deployed, its too late.
This is a pretty much the same place I'm in with my current position. 10-15 year old application that just "grew" into its current state, generally without formal testing. The decision to introduce formal testing into the process was probably made to meet standards of external users in my case. However, as the Software QA analyst who ended up setting testing up, I quickly realized that it would be impossible to set up complete testing in any reasonable time frame. Instead, what needs to be done is to establish a basic framework for testing, and introduce some very high end tests that will run the application's key points. Then, every time a new version is generated, run the tests. Shouldn't take very long. If a bug fix is introduced (other than cosmetic), add a check for that specific item. Do not bother to check everything. As the old axiom goes, if it ain't broke, don't fix it.
âoeAny society that would give up a little liberty to gain a little security will deserve neither and lose both.
Civilization V was released with a ton of bugs, many of which were (are!) showstopping crashers, as long as you got to a few hundred turns. Add a trillion smaller, non-crasher bugs, and you have one of the buggiest releases of all time. And yet, between brick-and-mortar and Valve/Steam, they sold about a million units. That's about $50M in the bank.
Testing? What testing?
"The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
If you truly are working for a small software development company, cost may not be the issue. Frequently (I may even say universally) the issue facing the owners of small companies is not cost, or even profitability, but cash flow -- making sure that there is enough money coming in to make the next big expense coming up (frequently payroll). In small companies there typically aren't the cash reserves available to spend on unanticipated expenses or program delays. The boss may even agree with you that the overall cost would be reduced if software testing were introduced, but may not "want to invest the time and money" because the company does not have the cash available to make the investment.
For example, the software you're working on needs to ship by the end of January to receive payment from the customer by the end of February, so that payroll can be made in March. If bug-fixing stops in January for development of the bug-fixing program, the customer doesn't get his software until the end of February, so he doesn't pay until the end of March and so payroll is missed that month. Having fewer bugs in the long term has to be balanced by the need to stay in business until the "long term" is reached.
It's like anything else in finance: You have better options and get a better return on your investment if you invest $100,000 than if you invest $1,000, but if you don't have $100,000, it doesn't much matter -- you do what you can with the resources you have available. Similarly, you get a better return if you're able to invest your money for a year than if you must have it back in a week. (The guy who said "time is money" actually knew something.) This trade between cash flow and long-term efficiency (leading, one hopes, to profitability), i.e., knowing when and how much to invest, is the real art of business management.
The solution to your problem? IMHO, incremental investment. I agree with those above who suggest implementing tests for new bugs found. This should enable you to begin to work more efficiently over time, without substantially delaying current work, while collecting metrics (I know, I know...) that can help quantify the cost of the bug re-work. Once a substantial body of tested bugs has been collected, one can institute a formal testing program (preferably by including it in the next project, so that it is a planned expense) as a cost reduction, since by then it should speed up development work over the ad hoc method then in place.
You don't mention what this application is written in, but anything that was written ten years ago needs rewritten from the ground up. There are probably libraries and other much-improved functions that you could take advantage of now that didn't exist ten years ago.
See in this post comments, how people think that test is only unit tests. Testing must not be write by developers. Period. Reasons: developers are the bottleneck (about time) of the development process, they think that software as their chield, they are so much time over the software that they cannot see obvious defects, developers look for a defect how a negative point for his software (and we known that ANY software in the world, even the most simple one, has a lot of bugs), they have a lot of software know-how that average joe user do not have, so if you ask to a developer test your own software, you're wasting money. Sure, they must write and run unit testing, but this is the minor portion of testing. Testing starts when someone starts write requirements docs. Someone from testing team must read this document and check for ambiguities. At this moment, find some ambiguity, it's the most cheap testing. If you find a bug in the internal testing, it's more expensive then find it on doc. More expensive than that, is find a bug on user acceptance test. But, the really most expensive bug, is the one found in a running/deployed software: you have to take time to really understand the bug, put the analyst to re-design, programmer to fix, and testers to run it again. It's hard to find a excellent tester, cause he must really understand the application, it's good if he have a base background of develop (when automation is needed), he must understand how to write negative tests, he must have excellent communication skills (write and talk), etc And, the best documentation to start learn about testing, is the International Software Testing Qualifications Board syllabus: http://istqb.org/download/attachments/2326555/Foundation+Level+Syllabus+(2010).pdf The good thing about ISTQB: it's not related to any commercial company. And, testing is not about run an audit in the testing team. Testing team has the same objective that all the company: deliver a free bug software (free bug is impossible, but at least at an acceptable level).
Because some people and companies like to have a quality product.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Let it be, if it's the same bug, you'll fix it faster and go home earlier.
Nobody puts up with bad products anymore.
-- Ha, ha, ha. The U.S. market obviously demands plenty bad, nearly worthless crap, if one were to judge from what's on the market.
There are simple things like cast-iron hand-cranked meat grinders where the market is saturated with extremely poorly made chinese crap, with absolutely no alternatives. I know, I've tried to buy a new one -- ended up getting a used Porkert instead.
Another simple thing: portable DVD players. I've already had to fix two of them because they had liquids spilled on them. It's not a rare occurence -- they are often used by kids who either don't care or just forget themselves and get unlucky. While the manufacturing quality is perfectly acceptable, the design quality just sucks big time. The clearances between many parts seem randomly chosen, so that either things that rub on each other seize, or they rattle. An no, this isn't a molding issue, it's by design. Molding on the units I looked at was by the book. You can tell that many small cross-section plastic parts, prone to breakage, were designed by people who have no clue or no experience in mechanical design. There are plenty of changes that one could make that would not increase the material costs, but would make those devices much more rugged.
It seems that many U.S. companies that brand products imported from China have no engineering on the other side of the pond, just marketing and purchasing people.
A successful API design takes a mixture of software design and pedagogy.
Why don't you simply explain to him why YOU are so sure that it will save time and money, and what testing you have in mind that will do so. Assuming your certainty is based on strong evidence, he should find it convincing as well.
Software is one of the last kind of products where it's still somewhat accepted but people are quickly becoming intolerant to bugs nowadays.
in consumer devices perhaps, but that's a different area to most software. For most software sold, especially to business users, bugs are accepted as one of those things that happen. Now, really buggy software will eventually get replaced but in most cases the important thing is to have a good (or excellent) customer service that responds to, and fixes the bugs. If you have that, your customers will not care so much about bugs that they find. you just need to be responsive, and considerate in your communication with them. Once you have that in place, you'll often find that its an asset to you, the more bugs the customer finds, the more they feel loved. And customers like feeling that you care for their business - especially when its some executive/supervisor reporting them, and some grunt who has to actually use your PoS software. Its how the big names can make such poor enterprise software and still have it selling in billions of dollars a year in maintenance/support payments.
I think I might have just explained how buggy software is good for your business. I feel dirty.
100 people using software A 1hour per day;
software A has a new bug caused by lack of testing;
it takes 3 days to fix the bug; the result is: 100ppl * 1hour * 3days= 300hours;
lets say u pay ur staff 20$/h. so 300 * 20$ = 6.000$ per bug in software A.
now think about what would happen if the deadline was 2days.. that would realy be expensive.
btw: ppl hate bugs and they will hate sw A if it has bugs. if u hate A u dont want to work with A, and as u have to, u will do ur work much slower because ur in a bad mood.
Your question can never be answered definitively enough, especially to satisfy suits and bean-counters. As evidence I offer you the ONGOING tug-of-war over tech support: is it an expense to be minimized and avoided at all cost, or does it actually aid the bottom line by boosting goodwill, etc? Even after decades that question hasn't been answered, and customers often suffer because of it.
The question you ask is just as insoluble. You might as well be debating religion.
One of the worse things that can happen while fixing bugs, is introducing a new one in an unexpected part of the software hidden somewhere deep inside the code.
With a (big) set of automated tests, you can check everything is still working as expected and if a test fails, you know where to look. That is if you've made enough tests.
One problem I found in Scrum is refactoring. If at any point you want to change a piece of the code, you'll find you'll have to rewrite the tests as well.
Another thing is writing tests takes time. It will probably depend on the type of software you're writing, but I found it takes about the same amount of time it takes to write the new software.
You'll also see that you';; get faster over time. First of all because you'll have more experience writing good tests and second because a lot of test data and helper functions have been written already.
Then there is test-driven development. It's easier to run a test that specifically targets your new method, than starting up the application, loading the data, process the data and finally get to your breakpoint after a few minutes of calculations.
Privacy is terrorism.
Exactly. So why not test things properly and give it to them instead of the usual situation?
Testing to determine if something is fit for a purpose applies to pretty well everything apart from basket weaving and software.
If you're repeatedly seeing the same bugs come back that you've already fixed, it strongly suggests you have sloppy developers repeatedly merging old/outdated code back in to the current trunk over fixes.
It seems clear your real problem is around a lack of software process and/or version management so testing is after-the-fact in this case. you need to fix your development process first. Adding a formal test environment on a bad process is just putting expensive lipstick on a pig.
The first issue is that you have to convince people that their business practices are wrong. This is not easy, and often requires lying through your teeth with statistics. Testing costs time and money and slows down releases. _Foolish_ testing, with lots of business case meetings and Powerpoint slides and expensive test configurations that don't actually test anything but demoware, is even more expensive and wasteful. The testing needs to actually prevent support calls, save engineering time re-fixing the same bugs, prevent support calls, and especially _help sales_. Ideally, they also help prevent liability: look up the phrase "always mount a scratch monkey" for the canonical story of failing to test a change.
The second issue sounds like a basic source control issue. It sounds like developers or engineers are reverting fixes after you've made them and committed them, and this should _never_ happen. Switching to a better source control process sounds vital to your issues, and may solve a lot of your issues without expensive test suites. Which source control suits your local programming styles is your own choice, but having a central trunk or repository that changes, and logging of changes, is committed to might at least help you cover your backside the next time this happens.
One thing I haven't seen mentioned/asked - is it an actual bug, or is an area of ambiguity?
I once worked on a project with ambiguous requirements (there's a shocker), and at least two programmers had a different interpretation of what the requirements meant. Since they didn't write code that interacted directly, it didn't normally matter. But every few months there'd be a bit of a circus where their implementations would cause the software to behave poorly in a third area. And it would take a few days to get the Tech Director involved to require them to "play nice".
So - Is it a mis-implementation (a bug) or is it a result of ambiguous requirements? If the latter, then software testing won't help.
You have two choices: 1) Test now or 2) Fix the bugs later. Okay, technically you could blow them off entirely but you won't be in business much longer. But I digress. The choice between 1 or 2 could depend on your business model. If your company charges for maintenance releases then it's in the company's best interest to not fix them and wait until it's getting paid to fix them. This could also apply to the annual major release business model since you can blow off bug fixes until next year. If you subscribe to the older method of software releases, one could argue that releasing a bulletproof app boosts your perception in the marketplace. The tradeoff is taking forever to actually release a product.
These days it seems that major software companies have adopted the annual release model (with minimal real new features I might add). And more companies are sticking you for maintenance every year. And some companies are trending and would dearly love to run software over the net or in the cloud because then the customer never owns it but instead rents it in perpetuity which means the company is guaranteed a steady stream of income instead of getting a big spike after a major release and tapering off until the next one.
I think the only exception to stalling on bug fixes would be showstoppers. Bugs that really piss of the majority of your customers.
I work for a large bank. All software gets thoroughly tested. That is because were it not tested, customers would get unexpected results. And unexpected results could mean not being able to log in to Internet banking. Or the wrong authorisation code applied to a credit card transaction causing the wrong level of interest to be charged. Or even their address not being input as expected meaning it was hard to verify. These errors would cause the bank's customers to leave en-masse, and then there would be no business.
Depending on your tolerance for things going wrong, your tolerance for leaving it to chance also varies.
We have zero tolerance. So we test. Thoroughly.
The only way your boss is going to save money is by reducing head-count... (Increasing sales isn't his department.)
Just stick the word "Beta" at the end of the software version but sell it anyway. When bugs come back say "Thank you for your beta testing!" and then promise them some free, but useless addition to the software when it finally comes out of beta (which it never will.) It seems to work for everyone else out there, why not you?
In my experience, the answer is nothing. You've tried to convince him, and he can't see your point. Until the owner suffers a loss of revenue or reputation you're just annoying him, and frustrating yourself. The problem is that you said 'the owner'. If you were in a bigger pond, and you enjoyed corporate gamesmanship, you could spend a year or two, and present metrics up the chain. Now get off his lawn.
Just the washing instructions on life's rich tapestry
If you are catching shit when a bug happens and they refuse to set up formal testing get out of the job now.
If you aren't catching shit of any kind, then look at the bugs as helping you keep employed. If it annoys you, go find another job.
I've worked for similar cheapskates. They aren't likely to change.
The Economic Impacts of Inadequate Infrastructure for Software Testing finds an average ROI for software testing somewhere between about 100% and 1000%.
A couple things could happen:
1) Code related issues lead to critical failure. For a revenue generating system this can have immediate effects on the bottom line. For non-revenue systems this can affect how many support hours are burned fixing problems.
2) Financial impact from lawsuits or non-compliance can be costly. If a security bug or design flaw in your application leads to PCI non-compliance, you may find your cost of doing business with credit providers can rise dramatically.
Depending on how bad the code is, it might be more cost-effective to rewrite it from scratch (assuming you've got the resources to do it right this time).
What a comprehensive test suite can do for you is verify that each new release of the product meets specs (i.e. prevent regressions). But for the tests to have real value, you need to do it right:
1. If you don't have a comprehensive system specification, create one. The system specification should be written with an eye towards verification -- e.g. it needs to be decomposed into simple, easily testable requirements of the form "When A occurs, the system does B." Make sure you cover what the system is supposed to do under unexpected conditions as well (invalid inputs, network connectivity problems, etc.).
2. For each requirement in your system specification, develop a test (or tests) that verify it. The tests should preferably be as automated as possible, because if they require too much manual labor they will get blown off.
3. Create a written test procedure. The tests are worthless if people don't understand how to run them and interpret the results!
4. Keep the system specification, tests, and test procedures up-to-date as the system evolves.
If it sounds like a lot of work, that's because it is! I'm not saying you shouldn't have formal tests, but incorporating them after the fact -- especially if the system specification is incomplete (or even non-existent) -- is going to require a lot of effort. Without knowing the state of the existing code, the complexity of the system, the approximate cost of finding/fixing bugs in the field (is this a mission critical app that results in significant lost productivity when it breaks?), and a myriad of other factors, I don't think anyone can conclusively answer the question "Is it worth it?"
What you are dealing with is a situation where the company is using "bench time" where the programmer isn't producing revenue, or isn't doing the job that his salary is allocated against. To the company, bench time is basically free (yes, it does have a real cost, but it's a sunk cost, so it's perceived as being already paid for), and there isn't enough of it for a major project. So the application is updated by whoever is free, and the QA guy gets to test and bugfix when he is available. The situation sucks, but you are unlikely to get the owner to change his mind because once you turn maintaining the system into a major project, the owner may want to hire lower cost people to do the work or may even rather scrap the system and invest in something better.
If you want to discuss it with the owner, start the conversation with a simple question: is the system worth investing in? If the answer is yes, ask why more resources haven't been invested in the software. Sometimes business owners know the answer is yes, but have higher priorities - like revenue producing work so you can stay employed.
-- $G
there's no chance for real software testing and related money saving.
Maybe Computers will never be as intelligent as Humans.
For sure they won't ever become so stupid. [VR-1988]
In order to write tests, your app must be written in a test-friendly way first. For example, if it's a GUI with nested DB access, automated testing is impossible. GUI front-ends are hard if not impossible to test, depending on the technology. Logic with DB access is only testable if you can easily supply mock objects for your data source.
Given your code is testable, then just start to write tests as you fix bugs. Consider writing the tests part of writing code. It's part of your job. If you don't write tests, you are not doing your job right. So no need to get permission from anybody. You should need to get permission for omitting tests!!!
Ask Intel how much F0 0F cost them. While in college, we had someone in a seminar class discuss how Intel had an engineer who didn't update the floating point division test code when they modified the FDIV instruction and POOF! there goes $500 million (iirc).
Seems to me that if you are seeing bugs come back after they've been fixed, that you don't have a good repository for the source code. I would start there. That's cheaper.
I read Slashdot for the headlines, because the headlines, unlike the articles, are usually original and never duplicated
This is an fight I've had to win many times over the last ten years. The most effective way to do that is to sell better software testing to the lead developer, and this is especially true in a small company that's owned by the person who started it -- they almost always defer to the lead programmer on everything he does. (If the owner is the lead developer, then you need to convince the rest of the team.)
The best way I've found to convince a good developer that testing is useful is to help them experience that sense of relief that we've all had when testing turns up a nasty bug, had it gotten out in the wild, would have caused us to spend days trying to reproduce and track down. That gut feeling -- "Whoa, we never would have found that, and it would have been a nightmare if it got out!" -- has helped me convince more developers to completely embrace unit testing, test-driven development, and working with a good QA team than anything else.
Building Better Software
I work in a small Accounting company with it's own accounting web (php, javascript) based accounting app. It's used by 30 client companies but most of them are big names in Slovenia.
As a php programmer working for them i could sum up the development and maintainenc of the application like this:
No version management (no git, svn etc), no testing, no coding guidelines, 8 year old code with totaly new code, No OPP, mostly just copy/paste (i've seen basic functions on 30+ places in the code), HTML&CSS not even HTML4 (invoice for printing is wrapped with a ), works only in Firefox 2.0, the code loads all the objects (thousands lines of code, php and javascript) into $Session ($_SESSION['something'] -> new Something();), half of the code is in Slovenian, half in english ... etc etc etc.
It's basically just a pile of ~300k lines of code nobody understands how it works, when it works.. sometimes.
O and all the programers are students from the local collage and are payed 4,5€/h (about the same as a maid, waitresses are paid more, lot more). (One beer = 2,5€)
So ye, i feel your pain, i tried to implement GIT but our boss couldn't understand it so we're not using it :) ... i suggested selenimum(testing) and he didn't what to hear it.
1) Write a simple cost-benefit calculation.
Estimate the cost of your test suite and estimate the cost of your current bug-fixing. Business folks aren't mugs when it comes to profit and loss calculations.
2) Don't pre-judge the outcome.
You _may_ be wrong. You may find that the cost of building the test suite is more than the cost of the bug fixing
3) Guesstimate the cost of business reputation and lost sales caused by customers finding bugs.
Ask someone in sales to help you with this. (No, don't believe Scott Adam's view of marketing people. They may not be engineers but they know the value of a lost customer).
4) Briefly justify all your guesstimates
You're don't know any of the numbers really but you can outline the reasoning they are based on and let the owner replace your reasoning & estimates with his own.
5) Let him convince himself.
the owner may have some hard-to-express reason why he doesn't buy it, and that reason my be simple short term cashflow. If so, redo your calc taking his point on board (e.g. do a 1-month profit/loss not a 1 year) and pass it back. You're responsible for doing the best you can, he's responsible for making sure there's money to pay salaries.
But at the end of the day, don't complain at someone who's paying you to fix bugs in a sluggish economy. At least he's keeping you in work for the year.
Writing a comprehensive test suite that did all of that would be an enormous undertaking. Writing a single automated test dealing with network comm or with a database interaction, however, is not a huge task, although it does take more time than manually testing for the existence of some bug you are in the middle of fixing. If you only automate a small fraction of the bugs you manually test for, however, those automated tests will grow in their usefulness over time, as some of the bugs they test for will resurface in the future and be found immediately thanks to the test script. This usefulness can be observed by teammates and managers and inspire imitation. At developers meetings, the next time a bug resurfaces in one of your colleagues work, a manager might even ask "Wouldn't you have found that faster if you had written an automated test for it like Steve over there has been doing for his work? Maybe you should spend some time with Steve so he can show you how to write automated tests."
You're looking at this as a hardware vs. software issue I think. Crap electronics get basic tests like 'are the battery leads connected' and 'does it turn on'. Same as the bug fix or patch is tested. OK, it worked, get it out there. So what you're talking about is already being done, basic testing.
OP is talking about setting up an entire QA process that tests every possible case that can be thought of. This is not basic 'it works' testing, this is full-on 'let no part be unbroken' quality assurance. Sell that idea to the chinese and see how far it goes.
Have two or three critical bugs split into production and crash the system, and you will enjoy this piece of theatre:
Manager: What happened???
Programmer: There's a bug.
M: Why?
P: This artifact wasn't tested.
M: Why not?
P: Because you said it was too expensive.
M: ??!!
Perhaps I'm trolling, perhaps I'm not.
This a thousand times!
Also lets look at it this way. If it is say costing the secretary a half days work and she makes 25k a year. The owner is not out much and a few people are a bit annoyed. But it will cost 4 devs, 2 QA's people full time for 2 months solid to go rework plus possible new hardware and retraining. Then the half day inconvenience every 2-3 months is cheaper.
Now if it say takes out the business every 2-3 months then it is worth looking at. You will need to make some graphs in excel and show *WHEN* the ROI is. Even given that you may not be able to do it just to like what the parent here is say. There may not be the cash flow to even hire those other 5 people...
For example, the software you're working on needs to ship by the end of January to receive payment from the customer by the end of February, so that payroll can be made in March. If bug-fixing stops in January for development of the bug-fixing program, the customer doesn't get his software until the end of February, so he doesn't pay until the end of March and so payroll is missed that month. Having fewer bugs in the long term has to be balanced by the need to stay in business until the "long term" is reached.
I like OpenBSD's way of doing things: fixed release shedules. They spend 'x' months integrating new code, and then 'y' months testing it. (Often x = y.)
Similarly for Joel Spolsky's company (to take one documented example), they get a list of features that people want (people = developers, marketing folks, customers) and rank them. They start coding things up from the top of the list and work their way down completing as many features (which may include 'internal' things like "refactor the parser") until a cut-off date. After a certain point new features stop going in and the focus goes to QA and testing (which also happens in parallel with coding).
At the end of it you have a set of new features but also a fairly predictable schedule. If a feature isn't ready in that time it will have to wait for the next cycle (which is six months later in OpenBSD's case).
If you base releases on features, then you can hold up a release (and revenue) for an inordinate amount of time just for one or two things when you've already got a decent product ready to go. (This is what caused FreeBSD issues in with their 5.0 release—they tried to do too much.)
The issue you are having does not sound like it will be solved by better testing. All you are doing is fixing mistakes which is basically rework.
You need to increase the quality of the code.
This is where your biggest cost savings are made as poor quality leads to higher costs.
http://en.wikipedia.org/wiki/W._Edwards_Deming W. Edwards Deming - Famous for helping the Japanese rebuild there industrys during the 1950's.
What is your version control system and how are you using it? Your build system? As someone else mentioned, what are your rules for commenting and documenting bug fixes? Perhaps you can eliminate many of these regressions by improving your process (not that regression testing is a bad idea if you can justify the cost).
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
The Guy with the Gold (who makes the Rules) _never_ wants to spend an hour or a cent on something he can't bill for. But you still need to control the code you're stuck with or keep rolling the same rock uphill every day.
You probably also can't say rigorously what this app is _supposed_ to do -- only what it's done for the people who've complained that it doesn't anymore. So rewriting it from a real design is improbable, as well as impractical. Attack it as part of your workflow: every time you have to fix something, capture the problem you're fixing as a test case. It doesn't have to be elegant, or 100% automated; just a set of vectors to validate "correct" (what it done did before) behavior. This should, at least, minimize regression. Don't make any test too elaborate, or you won't want to run it, and that's a waste.
Even a well-structured SW product costs 10% to design, develop, document, and release, and 90% to maintain, over its life-cycle. And there has never been a well-structured one, only attempts, and mostly miserable failures. Do what you can, and watch out for Murphy!
If you did your job right the first time, had proper use cases, had proper documentation, understood the requirements, met with people that used the tool, spent a few hours testing the application...well.....you guessed it, it would have worked the first time.
Why should your boss spend money because of your lack of programming and debugging abilities? Use your head before you post stupid stuff on slashdot.
Dude, you just made the cardinal mistake of dealing with bosses - you told him what you were doing! Just do it already. When you're done, show him what you did. He'll think it was cool.
Proud neuron in the Slashdot hivemind since 2002.
You need to sit down and work out how much the lack of a testing framework is costing you right now. Which means you need to figure out a way to estimate how many bugs you're seeing (should be easy enough - you do at least have bug tracking?), how many are silly little bugs that keep on re-cropping-up and how many wouldn't exist (or would have been squashed once and for all a long time ago) with a proper test suite.
Then you work out how much they're costing. Every person costs money - in salary, benefits etc. So you work out how many man-hours are wasted re-fixing these bugs, encountering them in the first place when they shouldn't exist any more.
Another question that significantly impacts cost: how do your clients feel about it? Do your clients use the quality of it as a gauge to estimate what your other products are like? What sort of an advert is that for your company? Much of this you may have to fudge unless you have access to sales figures.
This lot gives you an idea of how much the product is costing you in terms of lost revenue that you could potentially get back.
Then you work out how many man-hours will be taken in developing a proper test suite. Will you want to buy a commercial product for some of this or will you roll your own? How much would the commercial product cost? Bear in mind that every hour spent on the suite is an hour not spent on something else, so if your company is running a reasonably tight ship (who isn't these days?), something will have to give.
Once you've got all those numbers added up, you have a good idea of how much it'll cost to get that revenue back. Bear in mind you won't get 100% of it back - you may never see more than a fraction back - so if the cost to fix is more than - or even in the same ballpark as the lost revenue - you'll be unlikely to get it back and so you can't make the business case. This is something you'll have to accept from the moment you start to do the arithmetic - it may never add up, and if it doesn't - you were mistaken. Put it behind you and worry about something else.
Maybe you should assume your fix wasn't correct? It's kinda presumptuous to jump to the conclusion that some other problem must be happening when it's your work coming back to you as insufficient.
It's a good rule to exhaust the possibility that you fucked up first.
BDD/TDD
Start now, today on your next piece of code you need to write. Make it a goal to not put out any further code without a test harness that BUILDS the code for you. Treat legacy code as a black box. This won't help you today. But it will help you in six months.
"It's not stealing if you don't get caught!"
Sorry, but if an application wasn't designed with testing in mind, *especially* when it's had a bunch of developers doing whatever they want, to cover it with testing it's faster to write it from scratch (this will include re-designing the database). I've seen no exceptions. If you can't justify a complete rewrite, you can't in good conscience justify adding tests in general.
If you do test, don't cheap out and just say "NUnit" - all the free products have really crappy interfaces. BUY something. If you're a Microsoft shop, go with the built-in testing features.
I miss a "Most useful comment ever" button to click on. But this is /. so consider yourself happy if you achieve "+4 funny".
Sheesh. I search for posts tagged "funny" and... nothing. I'm closing this window now.
Every time you have to fix a bug, write a regression test first, make sure the test demonstrates the bug, then fix the bug and verify that the test passes. Every time you add new functionality, write unit tests and an integration test. Over time you'll get that test suite.
Big lawsuits seems to motivate management!
Roll out your untested software and see the OT your IT staff works to fix the bugs you didnt find at all because you didnt test your product.
Is this article real?
Testing should be viewed like insurance. You spend money on insurance (testing) to avoid unexpected costs to the company. You need to look at the cost of bugs to determine if the insurance is worth it -- and how much insurance is needed.
I've written Selenium and jsUnit test suites and unit test frameworks in the past. All I can say is that when designed correctly, these unit test save deployment headaches. When an app evolves with new features and/or the modification of existing features, unit testing is a must in order to catch bugs before you head for production. Does it save money? well, yes, because, once a piece of software is in production, the people who depend on it are using it. Introducing new bugs because of bad software implementation will disrupt the app, causing hours of user time. That is money saved. But even in development phase, good unit testing are a solid way of ensuring your code is robust. It really becomes vital as you work with a large amount of developers.
And I mean bugs, not bug reports. Make them hard to spot, innocent-looking in the source code and erratic. When everybody is at their wits' end, wave your magic wand and produce the test suite that nails them.
Unless you have a really good manager, all the evidence in the world won't convince him or her. If, on the other hand, you can at least talk to cost/benefit ratio and the manager will *listen*, have them think about this: can you build, test and package your code for distribution to your users with one button press (or the equivalent)? If it takes you more than 15 minutes after applying a bugfix to get it tested and packaged, you will almost certainly save money by automating, and this includes testing. I say *almost* because this is where the cost/benefit ratio comes in: how much will it cost to "fix" things? How often do you have to make changes?
I know the OP posted some of this already, but there's no simple answer and they need to do the thinking; the above is merely how I would think about it. The manager, if they are doing their job, will listen to cost/benefit ratio analyses; no manager wants to get fired for not pursuing something that will cut costs or raise profits.
Nathan's blog
If I were to try and find out if software testing is worth, think of the following questions to ask:
Recurring bugs?
how long does it take to fix? (programmer time)
how much productivity was lost because of it? (user time)
Did the bug fix initiate a cascade of other fixes in other modules?
Did the recurring bug fix cause database changes?
New Bugs?
Same questions, but, with the added, how did it get introduced?
Now, Software testing, should be done first and foremost based on establish scenarios which the feature you are coding is design to perform..
This means that once a programmer has implemented new code, there should be a set of X scenarios, which accomplishes specific tasks, which the app should be run against in order to see if the new feature will behave accordingly and existing features are not impaired.
That is software testing 101.
Selenium framework do this type of testing.
If you need to know that you aren't mucking with your existing code, then you need actual unit testing, jUnit, jsUnit, etc..
Bad code practices tend to be hard to unit test thoroughly.
when code is well designed, the unit test code is easy to write
\ The heavy cost of designing unit test, is when you must refactor your existing code base for unit testability.
Still, for the most part, "software testing" as usability/goal oriented tests, that should always be done.
For the most part, the question is how to implement this?
Depending on the complexity of the application, I would recommend that tests are designed around the more heavily used features first, then the areas where bugs are found. There should be no areas untested, but prioritizing the work helps greatly.
The same way you prove anything saves money: you sit down and work out the figures. Estimate how much money (Largely staff salaries, but don't forget to estimate how much business you're losing because of buggy software) is spent in fixing things. Estimate how much of that would be saved if you test your software properly. Estimate how much the testing will cost (don't forget to include testing hardware and also delay to release time). If A > B, then it saves you money. If you have a convincing analysis and you work for rational bosses (always a concern), you should be able to talk them into it.
Honestly, you may never be able to convince a budget pusher that testing will save money. What they see is a financial constraint that they may not be able to get around. As a coder, however, you can make YOURSELF more valuable by learning test methodology as a way of life. It has changed the way I think and code. My code is cleaner. I now deliver finished and stable product much faster.
First, let's look at the types of testing you may encounter. The most important, and easiest to introduce, is unit testing. Unit testing effects your approach to building clean, reusable modules. The second is regression testing, which is basically just the practice of keeping all your unit tests and running them ALL every time you add a new module or change an existing one. This keeps your bug fixes or functionality from "regressing". The next, if needed, is stress testing. This is important if you have an app that deals with a lot of data or a lot of user traffic. It helps you determine is there might be an issue with the chosen platform, database engine, even your network "pipes" clogging traffic. The last, and hardest to implement, is UI testing. That route usually requires a set of libraries that compile into your app. There aren't a lot of good ones out there, but the are some new stars rising in the field.
Let's get to the most important one now, unit testing. Unit testing, for a lot of languages can be implemented free and incrementally, which is how I started. If you are running C#, look into NUnit or even Microsoft's testing suite, built into pro versions of VS 2005 or greater. If C++, look at CppUnit. For Java, there is JUnit. If you are using SmallTalk (not very likely) there is the granddaddy of unit testing, SUnit, from which the rest derived. Even Flex and Flash from Adobe has FlexUnit. These are all free (or included in the development tools.) There are other projects out there for other languages but you'll have to research that yourself.
If you have never done unit testing get a book or three on Test Driven Development. It's a pretty large bite to chew, but give it time. This is more about improving your career than fixing a single problem. The basic idea is that, when you start solving a programming problem, break it down into small chunks and write a set of tests that will prove the code for each small chunk. Keep your classes small and focused. This will improve not only testability, but reusability, and inheritability (if those are even words). Don't tie UI code directly to the functionality behind it. This improves testability, but it also makes it easier to change out UI components when a wrong UI decision is corrected. For instance, if you program in a progress bar but the customer wanted a fuel gauge look, the functional code can service the different looks without changing.
Even with unit tested code you will still find bugs. The trick here is to make sure that 1) the classes are small and focused (mentioned earlier), 2) the class (and relevant unit tests) are well documented so that there is no guessing as to why you did what you did, and 3) the unit tests are well organized. When you run into a bug, sometimes just because of bad data in the real world, build a new test that duplicates the condition and fails (throws an error or somesuch), then modify the class(es) to handle the condition. Run that test again to make sure it worked. Then, lastly, run the full suite of tests that you built to see if you brake anything else with your change. This last test (regression testing) is the magic that makes unit testing shine.
I know that this post doesn't directly answer your question, but sometimes, a little understanding goes a long way to helping you ask the right question instead of guessing. Currently, I write about twice as much code as I used to. Half of it is unit tests (maybe more). The quality of my code, however, has greatly improved. I am also able to deliver cleaner code faster. Just like project management, where, if done right, you
Dave Nicolette gives a great talk called Manager's Introduction to Test-Driven Development in which he explains to non-technical people why software tests matter. You might want to skip the TDD-with-Excel example at the beginning and start with Dave's points about technical debt. Good luck.
Before hand.
1) Do you have a ticket/incident system? How many high/critical defects are reported?
You can argue, "We spend 3600 hours a year dealing with these defects- many of which are duplicate reports. " Arguing potential savings is tricky-- how can you prove testing will reduce defects? You need to find a study showing that having a QA department reduces defects to production by "X%". Then you could apply that X% to the 3600 hours and say "We would save 540 hours a year of time and that would cost us $30,000 at $60 per hour"-- so there is your testing budget and a reasonable justification.
2) Have you lost any business? You can argue, "We lost $1 million in revenues (about $100k in profits) because of the lack of testing"
---
There are two kinds of testing
Regression testing- Did we break something. Using a tool like Mercury, or doing it manually, you restore data, run the test steps (automatically or manually) and then compare the database changes to those made prior to the change. Any changes must be explained by some new feature or change or it is a defect.
QA testing- i.e. hostile testing. Most programmers test "ideal path". Good QA tries to break your code and catches errors before a clueless user catches them.
---
Just remember, perfect is the enemy of good. You shoot for perfection, it will never see production. At my company- after we put in QA, it cost us about 2 weeks on a formerly 1 day process. Add on SOX-- and it went to 4 weeks for a formerly 1 day process. A lot of defects and enhancements no longer made financial sense to make unless they were bundled with others to justify the 4 week overhead. (in the end, they got it up to 47 days to make a 1 line change-- at that point they declared the old software obsolete and paid a huge amount of money to have new software developed (without any change control or SOX until it hit production).
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
I asked the same question on stack overflow and got some good responses:
http://stackoverflow.com/questions/432512/how-to-convince-management-that-qa-is-important
Of course, there is no silver bullet. It really comes down to you being able to convince them with your charisma and charm (+1 charisma is big bonus). These things rarely show up on the bottom line. If they do, it's 6 months down the road and management will just attribute it to some new rock-star salesman.
Sorry to be a downer, but that's the life of an engineer.
6th Street Radio @ddombrowsky
http://courses.cs.vt.edu/cs3604/lib/Therac_25/Therac_1.html
durrrrrrrrrrrrrrrrrrrrrrrrr no.
You get a better return if you invest your money for a microsecond than if you invest it for a milisecond, and you get much, much better returns if you invest a million than if you invest a thousand.
The fix is to work for smarter people.
If you were blocking sigs, you wouldn't have to read this.
Your best bet is to simply add tests for each thing you fix. Don't bother with wider testing. But do add a new test every time you break something (for the thing you broke) when fixing another bug.
And if you are adding tests make sure they are for run automatically after changes to the code base so that they are always run shortly after changes are submitted (I'm assuming it's under source control, if not get that sorted first).
There's a business game in which people who want to something X way demand that the people who want to do it Y way provide a business case. What's the business case for continuing to develop code without a test suite?
Do you comment your code? Why? was there a business case developed for that?
Did the electricians install circuit breakers in your building? Why? Did anyone sit down and figure out if this was cost effective? Of course not, because circuit breakers are best practice.
Sure, quantify costs and benefits when you can and when the task is large enough to justify it. But when then costs and benefits are not rigorously defined, it's innappropriate to give the status quo a free pass.
-Dave
I've been working for a company which does a lot of Test Driven Development (TDD), but quite honestly, we don't develop new products all that often. We have legacy products (10 years old on average) that we work on day in and day out which in some cases are abhorrent. However, we don't try to fix the world by taking a year or two off to add comprehensive tests to the company's products, we just test anything we add or modify. Slowly but surely, you will add value to your products and the stuff you're complaining about will start to happen less often.
I would submit that you don't need to ask for permission to do this. YOU are the developer and it is YOUR mandate and responsibility to produce quality software. YOU know how best to do this, so just do it, and build it into the cost of your estimates. At first, while you get used to it, things may slow a little (not as much as you might worry about). However, once you get rolling in practice we see that things don't take any less time than they did before, and eventually some things will take less time than before. Did i just say that right? In fact I did. The difference is that the same old bugs for the same old reasons simply don't occur anymore. We just have fewer bugs coming in against our products. We KNOW that once we fix something it will stay fixed tomorrow, next release, next year, and for all of time until the spec changes (don't be deluded into thinking it won't...). We have tests that say so and will not let the build pass if at any point that feature no longer behaves as it should. In practice, whenever we add tests to legacy code that we just happen to be modifying, we aren't surprised to find out that it doesn't work the way the specifications say that it should work.
Testing isn't there to speed you up. It's there to not slow you down (among many other wonderful benefits). It's there so that you can say that you *KNOW* that your product works in certain ways. It can be hard to start writing tests, but someone above mentioned a book "Working Effectively With Legacy Code" (Michael C. Feathers), which is an excellent resource to get you started. Here are some others:
- Test Driven Development: By Example (Kent Beck)
- Clean Code: A Handbook of Agile Software Craftsmanship (Robert C. Martin)
- Refactoring: Improving the Design of Existing Code (Martin Fowler et al)
You don't *have* to adopt TDD as a daily life routine to reap the benefits. Some of these books and other reference it as an excellent tool to enable you to write better tests and better code, which i think is true. However, these books also teach you how to tackle existing code and to get it under control by writing tests for it. You're doing yourself and your products, and your employer a disservice if you don't write tests for the code you write, even if your employer cannot see the benefit. I'm sure surgeons could get stuff done a lot faster and cheaper if they took some shortcuts and didn't bother to sterilize their equipment, but they know better than to do that. You should know better as a developer than to just hack something together and run it by some visual inspection of limited "use cases" and then think that you've done your job properly. Your code may not work at all, and you won't even know it until a customer tells you so.
In a small company, testing is just waste of time. If you cannot trust your co-workers in a small company enough that they do not break the code, then you will have bigger problems than just lack of testing. Testing is for situations where your programmers are idiots, and you don't trust them enough to keep the code working. It's always a bad situation in small organisation. In large organisation testing is necessary. But below some treshold, once you know everyone involved, testing gives nothing new to your process.
It's programmers responsibility to ensure their code works perfectly in all situations. If a programmer cannot check that all execution paths are actually working, it'll take large amount of work for other people to find the paths and manually test every one of them.
My alternative to testing in small organisation is to teach people to write code correctly. Assuming you're in bad situation where you cannot trust your programmers already -- obviously trust needs to be deserved -- once you start finding errors in the field, the programmer will obviously lose the trust for short period of time.
"Part of my duties are to fix bugs users find, I'm on a team with a few other people and at least once every 2-3 months I see some bug I fixed come back, and I can only assume it's because we don't have a formal test suite"
Why do you assume it's due to a lack of a formal test suite? Why can't it be inadequate communications between team members? (Programmer 'A' fixes a bug, programmer 'B' puts it back while 'fixing' or 'restoring' a different feature.) Why can't it be inadequate commenting? (A bug keeps recurring because nobody quite understands why/how a chunk of code works and keep 'fixing' it.)
Etc... etc...
That you 'assume' it's due to the lack of testing implies to me that you haven't looked very deeply at the whole process and have latched onto 'testing' as some form of a magic wand.
If the bug keeps coming back, then buddy, you didn't fix it. 'Fixed' means, 'not broken'. If it comes back, then the situation that causes it is ongoing and recurring. Damage control is not the same as making sure it doesn't happen again. You need to fix the bug. And what do you mean by 'undergrads'. Do you have a PhD? And what were they undergrads in: business? Accounting? Some other has-no-business-touching-the-innards-of-a-computer discipline? For that matter, what are your qualifications? How is it that the bug keeps coming back even though you describe it as 'Fixed'? Do you have any business touching the innards of a computer?
What bullshit. Perhaps the question you should ask is, "How can I determine whether setting up a test suite is in his best interest?" But if you insist on pursuing an answer to your original question, you might want to dedicate some time to other questions, like figuring out how to convince people that humans and dinosaurs roamed the earth together, or that people's astrological signs play an important role in determining their personalities, or that ingesting colloidal silver is a solution to a wide range of health problems.
You are part of the problem.
Judging from the evidence (Windows on damn near every PC sold), it's not somewhat expected, it's demanded. Microsoft has made a very successful business by defining 'beta testing' to mean 'ship it and see how many people sue us'.
united states nuclear device terrorist bioweapon encryption cocaine korea syria iran iraq columbia cuba
to be fired after spending lots of the companies money, while failing to solve any of the issues you have just described.
As others have pointed out, your question's premise is inherently flawed because you are begging the question. Any proposed answer could be considered a self-fulfilling prophecy. Here's a more logical way to think about how to get to a cost-effective test suite.
Creating an automated test suite after-the-fact is difficult for a number of reasons, primarily because a well tuned and effective test suite requires constant feedback to determine what works and what doesn't. You can't get that unless you have adopted a "pay as you go" model where your test feedback influences your codebase and vice versa.
By Michael Feathers' definition, a legacy codebase is one without a test suite. I highly recommend you take a look at his book on the topic. http://www.amazon.com/Working-Effectively-Legacy-Michael-Feathers/dp/0131177052/
If you're interested in the most effective way to maintain your legacy code base, you'll build in the appropriate level of testing (including supporting code, infrastructure, etc.) and force yourself to refactor the parts of it that need to be refactored to support testablity. It will drive out the tests for you that do provide value, and steer you away from lines of thought that do not help you catch regressions or drive refactoring. It gets you to "pay as you go." Not only will this provide you the best argument for management to give you time to write tests, it is the most professionally responsible one as well.
Speaking of professionalism, have a look at Bob Martin's arguments for software craftsmanship and the ethical responsibility software developers have to produce quality work. This might help form your opinion on when and why software quality is important to professional responsibility. There are more to ethics than just the bottom line.
Most version control systems have a function to keep track of who did what. Use it to find the idiot and educate it in the error of its ways. If repeated education fails, terminate the idiot or promote it to a non-coding position, depending on corporate culture.
Perhaps if fixed bugs periodically re-appear in the product then the revision control system is broken? Software testing is important (regression testing seems especially needed in this case) but so is revision conrol.
Testing doesn't "save" money any more or less than "training" saves money. They both cost the company money.
Without either, however, you are less likely to receive future revenue because your software will garner the reputation of being bad (because it wasn't tested) and being hard to use (because there is no training).
There's always the old adage that you've got to spend money to make money. I think that holds true in this case.
I'm frequently amused at such great test procedures that catch things like my 12 cup coffee resevoir on my 10 cup coffee pot. I love me some 2 cups of over filled coffee in the mornings!
And how about the "testing" that goes into ovens/ranges/microwaves? It's as if those things get a pass when it comes to usability. Shit, those things can blow your house up and kill your entire family if not used correctly, but they have the lowest UI standards (tied with cars!) on the market.
As one of my design expert coworkers frequently says--it doesn't cost any more money to design something to work correctly, but it does cost more to fix a bad design. Example, my 12 cup coffee maker with a 10 cup pot. It wouldn't have cost any less money to limit the resevoir to 10 cups.
My company makes software for the government. It's amazing at how high the government's tolerance level is for crap.
Software testing is an entire profession including having its own graduate programs, but there are lots of resources to help you get started from books and online, just poke around.
There are books just about testing (TCS), books about integrating testing into a development methodology(Agile and Scrum include testing), and plenty of books on specific testing technologies (JUnit, Cucumber, ...). Most modern languages/toolkits include at least some support for basic software testing (unit or functional) such as Perl, Python, Ruby or have it readily available such as JUnit for Java, NUnit for C#. For testing web applications go look at Selenium, a great package of tools for web testing that includes browser plugins.
And *plug* I've had great experiences with the online resources including low-cost online classes available from the AST, at http://www.associationforsoftwaretesting.org/ The BBST courses are very informative and quite challenging. */plug*
hth,
adric
<script>alert("I never liked JavaScript, really; it just seemed a bad idea.");</script>
1) Track the amount of time it takes to create and execute a set of tests. (A few days' worth, not a few weeks' worth) 2) Measure how many bugs were identified. 3) Do a quick calculation: what was the approximate amount of time spent? What was the approximate value of finding those bugs then vs. in production (or a later stage of testing)? It is fine to use rough estimates here, but make your assumptions explicit. The findings will be useful to a manager making a decision about where to spend money; where to devote limited resources. My advice is to put your faith in hard data, not "HiPPO's" / the "Highest Paid Person's Opinion." Amazon took that approach when it came to their automatic recommendations of products for users; it worked pretty well for them. For more on the HiPPO point, see, e.g., http://hexawise.wordpress.com/2009/08/18/learning-using-controlled-experiments-for-software-solutions/ Also, at the risk of stating the obvious, not all kinds of testing will deliver equal benefits. Good test design (the approach you take to identifying which software tests to execute when), will have a huge impact vs. poor test design approaches. The URL above has information on that point too. - Justin Hunter
In the real world, the longer you let someone hold your money, the better return you get. (Note the increasing coupon with increasing maturity.) This isn't some kind of academic use of the Law of Compound Interest, or some Wall Street quant's way of finding a microsecond's inequality in the market (which is, of course, the exception that proves the rule; it's called an "inequality" precisely because it's an unusual situation in which the short-term return is unexpectedly high).
Also, I did say that "[y]ou have better options and get a better return on your investment if you invest $100,000 than if you invest $1,000." It's even more true if you invest a million -- assuming you have one, of course, which is the subject under discussion.
This is the most eloquent explanation I have read on Slashdot for money a moon.
Well done, sir.
Another idea that I just don't see all that often: continuous product improvement. One doesn't have to spend the money and effort on coming up with a completely new piece of crap that does exactly what a previous model did or didn't do. Too many consumer products are fire and forget. Once the production run is done, it's done. And I'm not even talking about the electronics. Simple things like strollers: they seem to absolutely have to introduce 'new models', where some design flaws surface every couple of product generations. Like if the design teams had amnesia or something.
A successful API design takes a mixture of software design and pedagogy.
One method of test design that I have personally seen work much better than standard manual methods of determining what tests to execute is pairwise and combinatorial test design. In my view, not nearly enough developers or software testers know about it. Here are some good articles about it here: http://www.combinatorialtesting.com/clear-introductions-1 This article, published in IEEE Computer, describes this test design approach and the results of a ten project study that showed this test design selection method found more than twice as many defects per tester hour as traditional, manual test case design methods. http://app.hexawise.com/Combinatorial-Softwar-Testing-Case-Studies-IEEE-Computer-Kuhn-Kacker-Lei-Hunter.pdf - Justin Hunter
I like that development method, too, but it does move the variable from "ship date" to "customer features". Often, as Spolsky promotes, it's a good way of doing things, since the features are not promised in advance. Sometimes, however, projects start with an agreement on just what the features are to be, and it's difficult some time later to make the unilateral decision to delay them to later releases. Without, of course, affecting payment schedules and company cash flow....
I have seen variants in which a company has two development teams, "June" and "December". Team June starts its project every 1 July, and ships every 30 June. Team December starts its project every 1 January, and ships every 31 December. If a team runs into a development snag that threatens to delay it past its due date, the feature or technology is excised from the project and placed with the following team, which then has an additional six months to work the problem. This works well for both hardware and software development (frequent new product introductions, snazzy features that work when introduced, etc.), if one has the cash to simultaneously fund two development teams.
Merci pour vos commentaires, et toutes mes excuses pour mon mauvaise connaissance de la langue française.
All the developer has to do is keep the pass rate at 100%, which is only overhead when they reintroduce a bug or rework the design
Or the test is making an assumption that is invalid in relation to some new code change, so instead of just fixing one bug you fix two. That happens even when you aren't re-working, just repairing.
That's why I advised him to try maintaining a small test suite first to see if it catches bugs more frequently than you have to maintain the tests.
There's also the overhead for same test suites of keeping fully in sync with what goes in the main build, when you add new files etc.
Way cheaper than waiting for someone to find the bug later on.
Actually that part is free.
And if it's a bug they guy has seen before, the developer can fix it very quickly. That's really low cost too.
It's hard to find where it pays off to spend a ton of effort building a formal test suite when all that might just happen anyway...
"There is more worth loving than we have strength to love." - Brian Jay Stanley
If you can't convince your boss to spend the time and money to write tests for old working code, just start writing tests for any new code you write.
When you fix a bug, write a test for it.
When you add a feature write a test suite for it.
Your tests will also incidentally test old code near the new code, and your coverage will increase surprisingly quickly.
I had a team of 6 developers doing this over ~400,000 LOC over the course of about 18 months and got 60% code coverage over the product.
Never trust a man in a blue trench coat, Never drive a car when you're dead
Testing is about making a quality product and it does cost money. However tech is littered with million and billion dollar companies that are worth pennies with what they once were because of poor quality. Gateway had great branding, a good business model but couldn't build a quality box (Dell slowly ran them over). Netscape owned most of the browser market and but just doesn't exist anymore. It's possible to coast for awhile with bad quality, but that doesn't last.
I currently have a problem where I'm doing development AND testing because the "testers" we have are useless. A good tester is worth their weight in gold. Good testers will save your company money for sure - bad ones will just be expensive.
I guess the same can be said for programmers.
If you tell them that it will "save the money" and they get idiots as testers -- everything will fall apart.
You can't measure that w/ metrics -- but I can tell you that is what I've learned from being in this industry for the past 15 years.
One thing you might want to look at is why are those bugs coming back? Did you miss something when you fixed it, or is it a regression (that is did another bug fix break it?) Unit tests will help with the later. Even without permission you can write unit tests as you fix new bugs. As far as the former goes, as long as your customers aren't complaining, your boss is probably right. You refix a bug every couple of months? If your users don't seem to mind, the cost of setting up a formal test suite is probably more than the cost of you fixing a bug every few months.
If he always fixes bugs and provides support 'gratis', then sure, it might be in his best interests. But that's not a requirement of the market and not something most companies do. Look at Microsoft. If you get Windows w/your computer and have a Windows problem, MS will charge you either per-incident or per-hour, depending on customer type on type of service you choose. MS shrugs off responsibility and costs for support by saying that any support for the over 90% of windows copies that come on OEM machines is supposed to come from your machine manufacturer.
Dell -- charges hundreds of dollars for software (i.e. MS Windows) incidents. You can buy single or multi packs but they aren't cheap.
Last company I worked for -- I was told by my manager NOT to fix any bugs -- (I was marked down on a review for fixing some while I was working on the code for other reasons). Bugs were only to be fixed when they were reported by a support-paying customer. If I fixed them in my spare time -- I was hurting the maintenance-team's support revenues.
You see, in most software companies, support is treated as its own profit and loss center. They only way it can make money is by getting customers to pay support and pay for the bug fixes. If there are too few bugs to fix, (or too customers reporting bugs), it can mean layoffs and cost jobs.
So your idea of creating a test suite, while it might have been a good idea in the 70's and early 80's. after Reagan's "every man for themselves, every department for themselves, corporate profit before all else (including employees and customers)" philosophy was adopted into the culture (with support of repealed worker and customer protections) in the early 80's, making quality software just wasn't profitable and didn't make sense in the business market.
So.... You want quality SW? You might consider working for a place where quality is required as part of the final product (usually due to financial or other incentives) such as, perhaps, the medical market (where bugs might cost lives and mean large lawsuits), or places that are not simply motivated by next quarter's financial results (maybe government funded?)...
Recurring bugs usually means that you're failing to properly manage source code commits. Testing is just another way to discover when you've screwed that up. You should have a process that informs developers where they should pull their code from and how they can go about pushing their changes back into the code base without undoing someone else's work. Of course, even if you pulled from the right source, your changes can break things, so you still should be testing. I agree with what's been said above about slowly building up an automated test suite. Just bake it into your development. If the recurring bugs are genuinely due to poorly engineered products, then, well... You're in a tough spot. You can spend a lot of time polishing a turd, but there's only so much shine you're going to get out of it.
Hey, even Apple don't bother testing their iPhone alarm software so good luck convincing your owner!
The problem is not that testing is bad, but that the break even point for test suites is rather elusive.
A general rule of thumb is that you will write ten lines of code for every line of code under test. While writing test suite code does proceed faster than the main code, it still can take long enough to sink a project.
My particular experience involved writing a test suite for just a dozen or so requirements. The test cases written took just 4 hours. Learning how to create a makefile with the broken emake system (another rant...) took more than 8. Writing the test suite framework took about 180 to 200 hours.
In retrospect, the test suite took far more time to develop than the code which it tested. More importantly, even though adding test cases is now trivial, it will likely never be done in the lifetime of the software, as the firm has a policy against writing reusable code. Worse still, the entire feature set would have taken less time to test manually than it took to write the test suite.
The takeaway? It takes a *very* large project to make a test suite worthwhile. Typically, you need a project so large that miscommunication between groups of programmers is a very likely source of bugs. A small software shop will typically not produce software of the complexity or importance to justify the expense of a test suite. (Aviation and other safety applications excluded, of course.)
My gut feeling, based solely on my experience, is that the break-even point for writing a test suite is when you expect to produce greater than 250k of new code on a project, or are maintaining a codebase of greater than 10M lines of code and expect to add more than 50k lines per quarter. At this level, you can probably dedicate a programmer or two to doing nothing but writing the test suite.
The society for a thought-free internet welcomes you.
Wouldn't it be faster to just make the numbers up?
I wish I were kidding.
You want the truthiness? You can't handle the truthiness!
Fingers can get tired, one can forget certain tests. An automated tester can save your fingers, and do every test one can conceive; including the ones that your clients have created. These reasons are enough for one to save time and money with. And programmers like myself can go home knowing that most the bugs will be accounted for.