The primary mission of information technology is to improve business processes and increase profits. Companies are constantly rethinking and struggling with how to use IT to a competitive advantage, reduce IT operating and maintenance costs, and reduce the total cost of ownership… all while attempting to deliver increased value.
Most of these problems can be traced to the same source: the struggle to make software work - without incurring unreasonable costs. Thus, it all seems to lead back to cost, which raises the question of why software development is so costly. Most people in the industry would agree that low IT productivity is the culprit here. But why are IT teams, with all their expertise and hard work, suffering from low productivity? The root cause of this low productivity can be traced to errors that result from mistakes made throughout the software development life cycle. These errors include everything from performance errors, to security errors, to misimplemented functionality, to errors that crash an entire system. They essentially stifle IT teams' ability to produce working software in a reasonable time and at reasonable costs. In fact, if you look at virtually any IT team, you will see that its team members spend about 80 percent of their time chasing and fixing bugs, and only about 20 percent of their time on tasks that deliver value and improve the business. This practice is far from productive.
The logical reaction, then, is to prevent errors in order to increase project productivity, but how can IT teams prevent errors? The answer lies in choosing the best testing tools available that will help your team be productive. However, while reading this article, it must be noted that not all tools are created equally. Simply testing your code is not enough. You must use only the tools and solutions that aim to prevent errors rather than simply detecting them.
In the case of Web services, testing tools and solutions, such as Parasoft's SOAtest, can increase your team's productivity by preventing errors early in development, and in doing so, improve quality and reliability, and accelerate time to market. The sooner you detect a problem, the easier it is to fix it, thereby leaving your team more time to code and be more productive. Therefore, you must employ a wide variety of tools and testing techniques that immediately and thoroughly exercise Web services and check their reliability. This article will explain issues specific to Web services and will illustrate how to choose the right testing tools that can increase productivity and ultimately ensure complete Web service functionality, interoperability, and security.
Learning from the Automobile Industry
Many other industries, such as the automobile industry, have also struggled with low quality, high costs, and low productivity as a result of human error. These industries recognized that although mistakes cannot be eliminated, they could, indeed, be controlled. Industries then modified their production lines to prevent as many errors as possible. By preventing scores of errors from ever entering the products, they addressed their most critical industry problems and were able to remain viable and productive industries.
The software industry still has not learned this lesson. Many people do not think that error prevention is even possible in the software industry; they believe that because each piece of software is different, the lessons learned from working on one piece of software cannot be applied to other pieces. Thus, instead of trying to prevent errors from entering software, the software industry tries to test errors out of software. In the case of Web services, we build a service, then we attempt to use testing to determine whether the service works and finally remove any errors that the testing process exposes. Throughout this process, we cross our fingers and hope that the most insidious and embarrassing problems will be identified before the release. However, a consideration of the number and impact of software errors suggests that this "quality through testing" approach is not yielding the desired results.
This belief that testing can create quality software systems is a fundamental problem in the software industry. We don't think of the whole process of building and deploying software in a way that would prevent errors because we don't believe that it can actually be done. Yet, this error prevention approach is not only possible; it's necessary, provided the right testing tools and solutions are utilized.
If the software industry is serious about reducing the error rate and resolving the issues that stem from errors, we can't afford to continue hoping that our current approach to testing will miraculously start yielding quality software. Instead, we need to follow in the footsteps of other industries and start preventing errors throughout the software development life cycle. Therefore testing, which is important for any development project, is even more crucial for Web services. Extensive testing of Web services, particularly those that are externally facing and business-critical, is essential to securing the enterprise from significant business risks. A down time of an hour can not only cost substantial losses in revenue but, more important, the perceived lack of quality and reliability of the company in general. Any mission-critical Web service must be strictly tested and verified as functioning correctly, 24 hours a day, seven days a week - no exceptions.
Common Web Service Testing Problems
There are many complexities specific to, and inherent in, Web services that complicate testing and lead to low productivity. However, before delving into specific technical issues, it would be wise to first examine the general testing inefficiencies that can occur in any Web service, and how the proper tools can prevent these problems from occurring. There are a number of testing inefficiencies that plague companies and cause severe business implications such as extending project timelines and increasing project costs. Moreover for each of these problems, viable testing tools and solutions are available, such as Parasoft SOAtest - an automated solution for testing Web services and increasing the productivity of your development team.
Inefficient Use of Developer Assets
Organizations continuously re-create the same test cases at different points of the development process. Developers create tests to ensure the functionality of their Web services, however these tests are not leveraged in the downstream process. This duplication of effort is not only inefficient, but also introduces an opportunity for errors to be injected.
The right testing tools can provide improved productivity and labor savings. With automated generation of test cases, testing tools can save significant time and resources, as opposed to the manual processes that may be currently employed.
Heterogeneous Testing Platforms
By re-creating test cases on different platforms, there is a significant risk of extending the time it takes to verify functionality. For example, testers who discover errors in one format may go back to the developers who then try to reproduce these errors in their own format. This rework loop is time consuming and inefficient.
Choose a uniform solution for Development, QA, and Performance teams. It is best that test cases be reused, combined, and extended across teams, thus providing seamless transfer of knowledge and test case data. Functional and unit test cases created by development and QA should be used by the performance team to generate scenarios for use in load and performance testing, thereby eliminating the need for extensive script writing and script maintenance. Such practices save time and improve accuracy of test creation/execution.
Development and Maintenance of Homegrown Tools
Some IT teams may create their own tools, such as client emulators, in-house in order to facilitate functional testing. At the same time, a load generation tool may be purchased that requires proprietary scripts to be written. The creation and use of such homegrown tools and scripts not only adds overhead to the project, but such tools are also impossible to maintain as Web service complexity and industry standards evolve and mature.
Choose a single tool that can automatically generate a suite of test cases using WSDL and HTTP traffic. In addition, the ability to leverage tests from unit testing through load testing allows more test cases to be generated - ensuring greater coverage and quality of the service while minimizing business risks of production failure or production-level error.
Incomplete Testing
The scope of testing provided by in-house applications is generally limited and does not cover all of the aspects needed to verify a Web service. Aspects such as security, interoperability, functionality, reliability, and availability are not verified due to these limitations. As a result, businesses face an exponential increase in financial risk.
For example, rather than testing a Web service directly at the code level, organizations may utilize some GUI-based client to consume the Web service. However, dependence on GUI-based testing of a Web service is limited and restricted to only the types of messages that the GUI-based client is built to generate. With most Web ser-vices, it is impossible to anticipate exactly what types of requests clients will send. Real-world partners and consumers of a Web service are certain to send different types of requests, negative inputs, and bad data to the Web service that the GUI-based client has not even considered. In addition, maintaining and expanding a GUI-based testing application would result in numerous and unnecessary productivity losses in order to perform only limited, indirect testing of a Web service. In order to completely and thoroughly test a Web service, you must be able to emulate many of the types of clients that might access the server, and verify that the server will behave as expected in relation to any type of client request.
The best testing tools increase the scope of testing by providing the flexibility to manipulate messages in order to directly and thoroughly test the Web service. Tools should be able to perform code-based testing of the Web service and isolate and test the data at the API and message layer of the service. By testing the API and services layer, developers can verify whether the Web service can handle a wide range of request types and parameters. By checking for the conditions and inputs that are not expected, you enable more thorough tests for what cannot be foreseen. By performing such testing at the unit and application level, you can quickly and easily identify and correct any weaknesses before security breaches have the opportunity to occur.
Summary
As seen throughout this article, there are countless opportunities for things to go wrong during Web services development - a slight mistake in any component or interface will cause problems that ripple throughout the system. Developers must ensure that each part of the system is reliable, and that all of these parts interact flawlessly and securely.
As organizations rely more heavily on Web services to drive their business processes, it is critical for Web services developers to have a proven solution to test the complex layers of Web services and to create an efficient and bulletproof testing process without being riddled with the common problems discussed earlier. The Parasoft Web Services Solution not only provides clear and practical guidelines for testing, but also provides a cohesive team workflow that makes the most efficient use of project assets across the organization. To learn more about Parasoft Web Services Solutions, or any of Parasoft's Automated Error Prevention Solutions, please visit www.parasoft.com/SOAtest_WSJ.