Software Reality

Another chapter in the bag, thankfully. Just one more to go (about algorithm testing)... But in the meantime, here's how the integration testing chapter starts:

Automated integration testing is a pig, but it’s an important pig. And it’s important for precisely the reasons why it’s so difficult.

The wider the scope of your automated test – i.e. the wider the chasm that your integration testing pig has to fly across (rather like the one in the above photo) – the more problems you’ll encounter; but these are also “real-world” problems that will be faced by your code, both during development and when it’s released. So an integration test that breaks – and they will break frequently, e.g. when a dependent system has changed unexpectedly – isn’t just a drag, it’s providing an early warning that the system is about to break “for real”. Think of an integration test as your network canary.

Integration tests are also important, and worth the pain of setting them up and keeping them working, because without them, you’ve just got unit tests. By themselves, unit tests are too myopic; they don’t assert that a complete operation works, from the point when a user clicks “Go” through the complete operation, to the results displayed on the user’s screen. An end-to-end test confirms that all the pieces fit together as expected. Integration is potentially problematic in any project – which is why it’s so important to test.

====

One of the themes in this chapter is that you can use a conceptual design (i.e. robustness diagram - a picture of a use case, showing controllers, entities and boundary objects) to identify what kinds of tests to write - e.g. a controller "talking" to an entity class suggests that you'd write a normal unit test; a controller talking to an external system interface suggests that you'd write a "controller-level" integration test; a controller talking to another controller suggests that you'd write an "algorithm-level" unit test; and so on.

It's kind of a systematic approach to driving tests from your design...

Two new chapters fresh up on the Apress alpha books page:

Chapter 5 "Detailed Design and Unit Testing"

In DDT we make the distinction between unit testing - testing at the atomic level - and controller testing - testing at the molecular level. Chapter 5 shows how to drive "atomic-level" unit tests from a detailed UML design, identifying test cases and scenarios from key points in the design.

Chapter 6 "Conceptual Design and Controller Testing"

A conceptual design is the first foray into the design of a system, having produced use cases to describe the user/system interaction. The system behaviour is captured in "controllers" (logical software functions). Later, each controller will become one or more "real" functions/methods on your classes; but having identified these high-level functions at a conceptual level, why not write tests at this level as well? That's what controller testing is all about - it gives you more "bang for your buck", as you need to write fewer tests but they give you essentially the same feedback as micro-grained unit tests.

Whereas a unit test may be "concerned" with one software method, a controller test operates on a small group of closely related methods that together perform a useful function.

So many projects suffer from "over the fence syndrome": that is, the business analysts put together a specification (if you're lucky) and throw it over the fence to the developers. The developers code up the system and throw it over the next fence along to the testers. The testers sign off on the developed system, maybe even referring back to the original requirements spec, and then the system gets released - thrown over the really big wall (with the barbed wire at the top) to the customer waiting outside. That's not the way to operate.

In theory, the sort of project I've just described ticks the boxes of "failsafe development": there are requirements specs, analysts, even a team of testers and a release process. So what could possibly go wrong?

The problem is that in this kind of setup, no-one talks to each other. Each department regards itself as a separate entity, with delineated delivery gateways between them. Throw a document into the portal, and it emerges at some other point in the universe, like an alien tablet covered in arcane inscriptions that will take thousands of years for linguistic experts to decipher. Naturally, requirements are going to be misinterpreted. The "sign-off" from the testers will be pretty meaningless, as they were never closely involved in the requirements process: so their understanding of the true business requirements will be superficial at best.

Really effective testers will question the requirements and spot loopholes in business logic. And you'll be eternally grateful to them when they prevent a project from being released into production with faulty requirements. But the testers don't stand a chance of doing this if they're not closely involved with developing the requirement tests.

Let the testers "own" the requirement tests (i.e. be responsible for their development and maintenance). The customer and your business analysts build the requirements up; the testers write tests to knock them down again.

Another way to think of the business tests suite is that it's an independent audit created by a testing organization to show that the system created by the developers does what the customer intended. If the developers are left to manage the testing themselves, then you end up with the Green Bar of Shangri-La syndrome: the system tells us there's a green bar, so everything's okay man... This is why it's vital to have a separate team - the QA testers, who are answerable to the business, not to the developers - verifying the software. And if the testers are involved early enough, they will also verify the requirements themselves.

DDT Chapter 8 (Requirements Testing) is now up on the Apress Alpha Books page...

Counting backwards (as we appear to be writing the book in reverse), the next chapter - Chapter 8, Acceptance Testing - is now up on the Apress Alpha Books page.

We've divided acceptance testing into two areas - business requirements (the subject of Chapter 8), and behavioral requirements (the subject of Chapter 7, which we've just completed and should be up on the Alpha Books page soon).

So Chapter 8 is really Acceptance Testing Part II (or Part I, depending which way around you look at it...)

We think QA testing teams should be very happy with Chapter 8, as it demonstrates an automated method of turning business requirements into test reports and checklists. The chapter shows how to generate customer-facing (and tester-facing) business requirement tests from the requirements in your analysis model, how to organise those tests, and how to generate a test plan document from them. This process supports an independent Quality Assurance organisation, providing a level of assurance that the customer's requirements have been met, beyond the development team asserting that "all our unit tests light up green."

"Design Driven Testing", which I'm co-authoring with Doug Rosenberg, is due for release by Apress later this year.

It's a little unsettling to see chapters available so soon after writing them. But definitely a good thing.

Three chapters are available in Apress' Alpha Books programme so far... we've just submitted another two chapters for technical review, so these should land on the Alpha Book page pretty soon.

We've changed the chapters around a bit in the last few weeks. Here's the current line-up:

Part I - DDT vs TDD

1. Somebody Has it Backwards
2. Hello World Using TDD (implementing a "Login" story with TDD)
3. Hello World Using DDT (implement a "Login" story/use case with DDT)

Part II - A Walk Backwards Through the Mapplet 2.0 Project

(In this part of the book, we walk backwards through a real-life DDT project being run at ESRI Professional Services in Redlands, California. Our story begins with the completed product - code, tests, UI - and ends at the beginning, with the initial set of requirements. We demonstrate how tests were used to provide feedback at each stage of the project. The project's actually going on right now, and we're documenting its progress - meaning we're effectively writing this set of chapters backwards...)

4. Code and Finished Product
5. Detailed Design and Unit Testing
6. Preliminary Design and Behavioural Testing
7. Use Cases and Acceptance Testing
8. Test Cases and Requirements

Part III - Advanced DDT

9. Unit Testing Don'ts (Testing antipatterns)
10. Unit Testing Design "TODOs" (how to write "test-conscious" code)
11. How to write Enterprise Architect Test Case transform templates
12. When Designing for Testability is Taken Too Far

The book's also now visible on Amazon - which makes me think that I should probably get on and finish it now...

A culture of 100% test coverage has grown up around TDD. Code quality “measuring” tools such as Clover are used as a pugil stick to beat developers over the head with, if their code doesn’t measure up to an arbitrary set of metrics: and one of these is a measure of how much product code is covered by unit tests.

(Clover does have some pretty awesome features by the way, such as test optimization; but institutionalising test coverage as a measure of code quality isn’t one of them).

TDD itself can become a highly elaborate, labour-intensive way of creating code. It’s not uncommon to end up with far more test code (which the customer never gets to see, and which arguably doesn’t really “do” anything) than product code, which is what the customer is really paying for. Yes, the customer is also paying to have product code of a sufficient quality, and that’s what TDD addresses. But there has to be a better way of improving code quality with tests: a way that doesn’t soak up developers’ time and turn the tests into the main software deliverable, in the developers’ minds.

There are three main shortcomings to TDD:

1. It’s too time-consuming
2. You end up with too much test code, with code paths duplicated by different tests
3. The final amount of test code and product code that you see is disproportionate to the amount of refactoring/evolutionary design that went on to get there

To sum these three issues up: TDD is Too Damn Difficult; it takes too much effort to produce a bit of “production code” result.

Not using TDD – just writing tests after you’ve written some code – also has problems, in particular the aimlessness of this approach. It’s difficult to know when you’re done writing enough tests – in practice there won’t be enough time to hit 100% coverage, so the team must stop at some arbitrary timeboxed stage somewhere along the road. Most dissatisfying.

So here’s the idea. These shortcomings can all be addressed by first doing a small amount of structured up-front analysis and design, and identifying which parts of the code you’ll gain the most benefit from testing. We call this approach Design Driven Testing or DDT (the linked tutorial illustrates how to use an add-in for Enterprise Architect to automate much of DDT).

Take this sequence diagram, an overview of the code path for a hotel search (click the image for the full-size version):