configuration management

Articles

How Audit Trails and Traceability Mitigate Risk

Traceability doesn't prevent errors and an audit trail does little to help me to recover from one. Does this mean they aren't valuable CM tools? On the contrary, audit trails and traceability are two of our most important CM tools for learning how to mitigate risk.

Alan S. Koch
Lean Development Principles for Branching and Merging

By reworking lean principles for the branching and merging arena, we're able to create automated builds and unit tests to increase effectiveness and improve quality in software configuration management. Individual developers and teams alike can benefit from this process-improving strategy.

Configuration Management Planning: What To Do Before you Start

Configuration management planning should not start as you put together your CM Plan. By then, you've already predisposed yourself to how your plan is going to play out.

Joe Farah's picture Joe Farah
Why It's Important for CM and Project Management to Work Together

One of the problems with Configuration Management (CM) and Project Management (PM) is that the tools and the data repositories for each are separate. As a result the processes are quite separate. The project manager takes a set of requirements and decomposes them into tasks, which are then prioritized, scheduled and assigned. The CM team creates configuration items and tries to tie the CIs back to the requirements so that they can be properly audited. When CM and PM work together they tend to enhance each others function, and eliminate potential overlap in the processes.

Joe Farah's picture Joe Farah
Allowing Project Management (PM) to Help Configuration Management (CM)

Is there a place for project management in the establishment of a configuration management (CM) infrastructure?  If so, then how much project management should be included?  A thin but strong layer of PM may be helpful to tie tasks together and keep
project team members in-sync with one another. 

Mario  Moreira's picture Mario Moreira
Build a Model-Based Testing Framework for Dynamic Automation

The promises of faster, better, and cheaper testing through automation are rarely realized. Most test automation scripts simply repeat the same test steps every time. Join Ben Simo as he shares his answers to some thought-provoking questions: What if your automated tests were easier to create and maintain? What if your test automation could go where no manual tester had gone before? What if your test automation could actually create new tests? Ben says model-based testing can. With model-based testing, testers describe the behavior of the application under test and let computers generate and execute the tests. Instead of writing test cases, the tester can focus more on the application's behavior. A simple test generator then creates and executes tests based on the application's modeled behavior. When an application changes, the behavioral model is updated rather than manually changing all the test cases impacted by the change.

Ben Simo, Standard & Poor's
Keyword-Driven Test Automation Illuminated

Test Automation has come a long way in the last twenty years. During that time many of today's most popular test execution automation tools have come into use, and a variety of implementation methods have been tried and tested. Many successful organizations began their automation effort with a data-driven approach and enhanced their efforts into what is now called keyword-driven test automation. Many versions of the keyword-driven test execution concept have been implemented. Some are difficult to distinguish from their data-driven predecessors. So what is keyword-driven test automation? Mark Fewster provides an objective analysis of keyword-driven test automation by examining the various implementations, the advantages and disadvantages of each, and the benefits and pitfalls of this automation concept.

Mark Fewster, Grove Consultants
Testing Requirements: Ensuring Quality Before the Coding Begins

Software that performs well is useless if it ultimately fails to meet user needs and requirements. Requirements errors are the number one cause of software project failures, yet many organizations continue to create requirements specifications that are unclear, ambiguous, and incomplete. What's the problem? All too often, requirements quality gets lost in translation between business people who think in words and software architects and engineers who prefer visual models. Joe Marasco discusses practical approaches for testing requirements to verify that they are as complete, accurate, and precise as possible-a process that requires new, collaborative approaches to requirements definition, communication, and validation.

Joe Marasco, Ravenflow
Crucial Test Conversations

Many test managers feel that Development or Management or The Business does not understand or support the contributions of their test teams. You know what? They're probably right! However, once we accept that fact, we should ask: Why? Bob Galen believes that it is our inability and ineffectiveness at 360º communications, in other words, "selling" ourselves, our abilities and our contribution. We believe that our work should speak for itself or that everyone should inherently understand our worth. Wrong! We need to work hard to create crucial conversations in which we communicate our impact on the product and the organization. Bob shares with you specific techniques for improving the communication skills of test managers and testers so that others in your organization will better understand your role and contributions.

Robert Galen, RGCG, LLC
Testing Web Applications for Security Defects

Approximately three-fourths of today's successful system security breaches are perpetrated not through network or operating system security flaws but through customer-facing Web applications. How can you ensure that your organization is protected from holes that let hackers invade your systems? Only by thoroughly testing your Web applications for security defects and vulnerabilities. Michael Sutton describes the three basic security testing approaches available to testers-source code analysis, manual penetration testing, and automated penetration testing. Michael explains the key differences in these methods, the types of defects and vulnerabilities that each detects, and the advantages and disadvantages of each method. Learn how to get started in security testing and how to choose the best strategy for

  • Basic security vulnerabilities in Web applications
  • Skills needed in security testing
Michael Sutton, SPI Dynamics

Pages

CMCrossroads is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.