1

Quality Tactics Session 9, Part 1

Steve Chenoweth

Phone: Office (812) 877-8974

Cell (937) 657-3885

Email: chenowet@rose-hulman.edu

Comic version of soccer tactics – from a disgruntled fan.

http://nowthatisfunny.blogspot.com/2007/04/football-tactics.html

2

Acknowledgements

Some of the material in these slides is

taken from Software Architecture in

Practice, 3rd edition by Bass, Clements

and Kazman. Ch 5 - 12.

3

Outline

How to achieve all the attributes Bass

introduces in –

Availability

Interoperability

Performance

Testability

We expand here on the ones in red!

The other 3 – see the following slide

presentations for tonight.

Modifiability

Security

Usability

4

Availability

Try one of these 3 Strategies:

Fault detection

Fault recovery

Fault prevention

And, we have a separate slide set on

this tonight, too…

Interoperability

Locate

Discover Service

Manage Interfaces

Orchestrate

Tailor Interface

5

Interoperability Challenges

Every implementation is standard

But every one wants to be open to special

features!

And standards

evolve

And some

standards are

bad

6

Right – CNN’s latest news reduction tactic – “Is

this a good thing or a bad thing?” Picture from

http://www.businessinsider.com/cnn-asks-the-

wire-is-wikileaks-good-or-bad-2010-11.

Interoperability, cntd

The Telecom Strategy

Calling grandma - How do you make

one of these talk to one of those?

7

?

Interoperability, cntd

Solution – “Half call model”

Basic Idea:

Niceties:

8

Caller

Protocol (100 varieties)

Callee

Protocol (100 varieties)

Common

Protocol

From The Basics of Telecommunications, by Stephan S. Jones.

Interoperability, cntd

States Are Important?

Much of the Internet used to be “stateless” – IP

and HTTP

You issue an http request to a server

It responds

Next time, the server has no idea you are the same

requestor

Some real-time systems work this way.

There’s no time to set-up sessions.

A single message contains everything.

But…

9

Interoperability, cntd

States Are Important!

But most things can’t work this way.

TCP, Telnet, FTP, …

Require initiation and termination of “sessions”

• The “handshake” to get started is complex.

• Resources get reserved.

Both sides have to know “what’s next”

• And share error handling

In OO software design, usually this amounts to filling-

in the right stuff for methods in an interface.

With REST, for example, you have to use HTTP

methods GET, POST, PUT and DELETE to execute

different operations.

10

Interoperability, cntd

11

Modifiability

Try one of these 3 Strategies:

Localize changes

Prevent ripple effects

Defer binding time

See next slides for details on each

We have a whole separate course

addressing this – CSSE 575.

12

Localize Changes

Maintain semantic coherence

abstract common services

Anticipate expected changes

Generalize module

Limit possible options

Modifiability, cntd

13

Prevent Ripple Effects

Hide information

Maintain existing interfaces

Restrict communication paths

Use an intermediary

Ripple in action. From

http://www.crystalinks.com/rippleffect.html

Modifiability, cntd

14

Defer Binding Time

Runtime registration

Configuration files

Polymorphism

Component replacement

Adherence to defined protocols

Modifiability, cntd

15

Performance

Try one of these 3 Strategies:

Resource demand

Resource management

Resource arbitration

Tonight’s next set of slides has more

details on each of these

16

Security

Try one of these 3 Strategies:

Resisting attacks

Detecting attacks

Recovering from an attack

See next slides for details on each

And, we have a separate elective

course addressing this – CSSE 542.

17

Resisting Attacks

Authenticate users

Authorize users

Maintain data confidentiality

Maintain integrity

Limit exposure

Limit access

Security, cntd

18

Detecting and Recovering

Intrusion detection system -

anomalous patterns

Restoration - see availability tactics

Identification - maintain audit trail

Security, cntd

19

Testability

Strategies:

Manage Input/Output Record/playback

Separate interface from implementation

Specialize access

Internal monitoring Built-in monitors

And, our required CSSE 576 expands on how to build this into a system.

Right – Typical tool for

reading out error codes

logged by your car’s

computer, to help analyze its

problems. From

http://niceparts.blogspot.co

m/2007_12_01_archive.html

.

What’s Bass say about this QA?

Problem – Testing needs to be more efficient & effective

It consumes a high percentage of software development time & effort

The heuristic is “half”

Goal – Allow easier testing when an increment of software development is completed.

Motivation – The overall arch of the system, and of its testing methods, can help make testing easier

Scenarios – What you need to develop, to see what’s important in your system.

What is Testability “about”?

What are some good tactics?

Testability, cntd

20

Bass’s testability scenarios

Source: Unit developer Increment integrator

System verifier

Client acceptance tester

System user

Stimulus: Analysis, architecture, design, class, subsystem integration completed; system delivered

Artifact: Piece of design, piece of code, complete application

Environment: At design time, at development time, at compile time, at deployment time

Response: Provides access to state values; provides computed values; prepares test environment

Response Measures: (examples) Percent executable statements executed

Probability of failure if fault exists

Time to perform tests

Length of longest dependency chain in a test

Length of time to prepare test environment

Testability, cntd

21

Example scenario

Source: Unit tester

Stimulus: Performs unit test

Artifact: Component of the system

Environment: At the completion of the component

Response: Component has interface for controlling behavior, and output of the component is observable

Response Measure: Path coverage of 85% is achieved within 3 hours

Testability, cntd

22

Testability situations

It’s a development-time attribute:

Probability of fault discovery

Need to control

components

Need to observe

component failure

Right: Ren & Stimpy tell why people

ignore system testability. From web

site sctest.cse.ucsc.edu/ .

Testability, cntd

23

Tactics to achieve testability

Manage Input/Output

Record/playback

Separate interface from implementation

Specialize access

Internal monitoring

Built-in monitors

Generally, the goal is to automate as

much testing as you can – why?

Testability, cntd

24

Examples - 1

Test harness – like the stimulator you might have done for performance Automates some aspect of testing

But, for finding errors, the test cases need to be more complete (unless performance / reliability are what you’re testing!)

Can be for internal classes, etc., as well as external – See next slide

Give this itself an “architecture” with options, different modes, etc.

Testability, cntd

25

Examples – 1, cntd

Typical test harness:

In MVC, replace the “View” with a stimulator

that fires test cases at the rest of the system:

Replace with

stimulator, for

testing

Testability, cntd

26

Examples – 1, cntd

How about stimulating the GUI?

A slightly harder trick, replacing the human with

the mouse and keyboard.

How do we test

the GUI itself?

(Or the whole

System!?)

See list of open source tools at http://en.wikipedia.org/wiki/List_of_GUI_testing_tools

Testability, cntd

27

Examples - 2

Built-in monitors – the system itself

is “instrumented” to provide test

results.

Usually, this can be turned on/off so it

doesn’t interfere with normal

operations.

May have multiple special modes.

The “heart” of white-box testing!

Testability, cntd

28

Industrial strength tools

Good example – IBM’s Rational

PurifyPlus*

Shows code coverage

Analyzes memory problems (e.g., buffer

overflow, leaks)

Identifies performance issues like

bottlenecks

Runs on Linux, Unix, Windows

What do you use?

*See http://www-01.ibm.com/software/awdtools/purify/?cn=agus_rtnlrp-

20100514&cm=k&csr=google&cr=rational_purify&ct=AGRAK605&ck=rational

_purify&mkwid=s28L9ro6h_5281300654_432dt32930&cmp=109HG

Testability, cntd

29

30

Usability

Strategies:

Design time Separate UI from rest of system

Runtime Support user initiative

• Cancel, Undo

Support system initiative

• User/System/Task models

Tonight there’s a separate set of slides has more details on each of these

See also your Interaction Design book from CSSE 571! (Rogers, Sharp and Preece, now in its 3rd edition)