10
Test Tools and Test Automation
Test automation is often perceived as “the” solution to facilitate and accelerate the execution of application tests, including for systems-of-systems. This vision must be modulated according to the objectives of each of the stakeholders on the system-of-systems.
We will define a test tool as a product to help the execution of one or more test activities. So, we will talk about tools that will help in test design, static test tools and dynamic test tools.
Like any testing activity, automation must demonstrate added value to justify its implementation. This value can be seen in the short term or in the longer term.
10.1. Objectives of test automation
Test automation is often seen only as a way to run more dynamic tests in a shorter amount of time, or “automatically” find more defects, or even reduce the cost of testing. It is illusory and unrealistic.
Having good goals is critical if we hope to achieve those goals. It is surprising how many test automation investment decisions are made without clearly defined goals or with vague justifications. It is important to make a distinction between our goals for testing (e.g. find as many defects as possible, reduce risk) and the goals we can achieve with dynamic test automation.
Realistic goals for test automation include:
– ensure the early detection of defects, from the drafting of requirements and codes, for example, by implementing static code analysis tools and TDD- or ATDD-type techniques;
– provide evidence of the coverage of the requirements by one or more tests according to their level of criticality, so as to provide confirmation of the correct implementation of the requirements;
– increase the coverage of environment configurations (e.g. browsers, OS, etc.) by automatically rerunning the same tests on different systems. This objective is similar to requirement coverage;
– reduce the duration of test campaigns (e.g. system tests and acceptance tests) by allowing concurrent and simultaneous execution of automated test campaigns;
– reduce test design times, by testing based on keywords (or action words) by designing tests in parallel with code development;
– automatically generate data and/or test environments and allow the execution of tests in each of these environments;
– etc.
Other frequent objectives are a reduction in the costs and delays of the project as a whole, including configuration or version management and the management of anomalies, even the follow-up of improvements, the taking of measures and the generation of reports or dashboards.
10.1.1. Find more defects
A frequent goal of test automation is to find more defects. However, finding more defects is not enough: we must find these defects as early as possible, close to the moment when these defects were introduced and find the most important defects in priority. Early detection will give more time to correct these defects and will prevent erroneous information (requirements, user stories, codes, etc.) from propagating in the design and testing phases. We understand that it is important to be close to the code, or even before, and we will have to implement static analysis tools or tools to perform TDD, ATDD or BDD. All these techniques are close to the code.
We may also find more defects by running tests other than those designed and run by the test team, by increasing the coverage of dynamic tests, or by running tests automatically on sets of data or combinations of data that it is not reasonable to run manually (e.g. cover all the combination of equivalence partitions and limit values, even paths, automatically after running a few tests manually).
Test automation, especially when we think of (non)regression testing, only allows us to identify the differences between the current functioning and the expected functioning of the application. These differences often come from unanticipated side effects or from mistakes made by developers during corrections. The rate of defects introduced in these cases is relatively low, varying from 5% according to Jones (2007) to 9.8% according to Ed Allen and Brian Newman. It may be useful to put these percentages in relation to the detection rate of exploratory tests (58.2%), and scripted manual tests find 24% (the remaining 8.5% would be incorrectly corrected defects).
10.1.2. Automating dynamic tests
The goals of test automation in systems-of-systems must be properly identified before any automation is considered. It seems obvious to say, but often automation activities are seen only from the small end of the telescope, only for a single application and then abandoned after having made heavy investments due to lack of added value or return on investment (ROI). So, let’s take a look at the potential goals:
– Set up a level of abstraction, allowing testers to stay focused on testing – functional or not – and separately set up a second level of abstraction to facilitate the development, maintainability and structuring of elements related to automated tests (for example, test scripts, test data, etc.).
– Cover – through automated testing – end-to-end actions on the system-of-systems, regardless of the components, products or systems involved. It will therefore be necessary to provide mechanisms for synchronizing data exchanges, launching and verifying batches and other batch processing.
– Guarantee coverage of all components, products or systems and traceability to each requirement or user story. This should be related to the planned and implemented architectures.
– Allow us to replay (non)regression tests at each iteration (sprint) and at each level. This implies that SETUP and TEARDOWN activities must be anticipated, verified and validated, and that the necessary manual activities must be reduced to a strict minimum, or even completely eliminated.
– Be flexible enough so that the tests can be played – or not – depending on the components, products or systems currently connected in the referenced environment. This may involve the use of a supervisor or scheduler who can launch the test tool(s) on each environment, component, product or system.
– The scheduler or supervisor and each of the test tools must be able to perform consistent reporting and identify components, products or systems that are not responding or not responding correctly.
– Be associated with each version of components, products or systems, in order to be updated simultaneously with the evolutions of these components, products or systems. This is to avoid the increase of a technical debt on the automated tests.
– Automated test execution should work regardless of the environments and systems involved. This may involve a need for configuration of the supervisor or the scheduler, to cover each of the components, products or systems.
– The reporting provided by the supervisor or the scheduler and each of the tools must be understandable and easy to interpret.
10.1.3. Find all regressions
Each new iteration and each new version may include new anomalies – in modified components, products or systems – or reveal anomalies that were not visible in earlier versions. It may therefore be reasonable to ensure that all functional tests – including end-to-end – performed on previous versions continue to work correctly. This is called the (non)regression test. Any functional (and dynamic) test that was developed and executed on a previous version should continue to work, taking into account the evolutions made since this version.
This involves identifying all changes that may justify testing again:
– functional or technical evolutions of the components, products or systems to be tested;
– evolution of operating systems, databases and other systems used by the components, products or systems to be tested;
– evolution of database schemas, interfaces between other systems and components, products or systems to be tested;
– refactoring or modification of the application code of the components, products or systems to be tested;
– evolution of commercial applications (ERP, CRM, etc.) integrated with our components, products or systems;
– evolution of the content of the data used (e.g. addition of new types of values).
It is obvious that failures will be found in production, so any production anomaly should be analyzed and reproduced. In case of possibility of reproduction, it will be necessary to create one or more tests, allowing us to detect the anomaly and to include them in the subsequent regression test campaigns. If the failure cannot be reproduced with the test environment (e.g. problem with an exotic hardware configuration), it may be necessary to modify the documentation to include limitations on these environments.
10.1.4. Run test campaigns faster
Test automation allows faster test execution and thus reduces the duration of test campaigns. This objective must take into account:
– the effort required to maintain existing automation scripts (for regression testing) as well as that required to write new automated test scripts (for features to be tested in the upcoming campaign);
– the needs for traceability from and to the requirements or user stories, quality characteristics, conditions and functional test cases, etc., including the needs for deleting test cases that have become useless;
– the dependence of these automated cases on human actions; the objective is to eliminate the need for human actions and to allow tests to be run completely autonomously, for example, at night or outside normal business hours;
– the needs for reporting and analysis of execution logs, so as not to lose the benefits of automation in the analysis;
– verification of the ability of test cases to correctly identify failures, and thus avoid false positives and false negatives.
The execution of campaigns must be designed from the coding and not only from the delivery of the software system. Testing activities that can be automated are:
– static code analyses;
– execution of TDD- and ATDD-type unit tests.
10.2. Test tool challenges
The use of testing tools allows us to automate a number of repetitive tasks, to provide coverage information – structural and functional – on the software under test. Some activities can reap many benefits from automation, while others cannot. The choice of activities to automate is made by measuring the investments to be made and the expected benefits.
The tooling and automation of tests must be considered on the whole project and not only on one part to the exclusion of the others.
10.2.1. Positioning test automation
Most test automation tools require the components to be tested to be available in order to be referenced. In the case of software testing, this implies that the software is available and functional before we start recording the tests. As this moment is after the design of the code and close to the delivery of the software in the following stages, the time that can be devoted to automation (recording, adaptation and then execution) is relatively short.
One solution would be to prepare test automation in parallel with code design. Such a solution would make it possible to parallelize the development activities of the automated tests, at the risk of having to modify these automated tests if the interfaces and components used for the tests are modified.
Another solution could be to implement tests driven by keywords (or action words) and to implement a high-level framework, allowing us to reproduce the business (functional) behavior of the system to be tested.
10.2.2. Test process analysis
Automation makes certain processes faster – and sometimes more efficient. If our testing processes are chaotic, automation will only serve to automate the chaos. So, we must make sure that our processes are already optimized – through metrics – and identify those that will bring us the most value with automation.
Note that the added value can be measured in time saved (e.g. reducing the duration of test campaigns), improved coverage or reduced risk, and not only in monetary gains.
To analyze our processes, we can use external reference methods (e.g. TMMI) or internal reference methods (e.g. CTP developed by Rex Black).
10.2.3. Test tool integration
In a system-of-systems, different organizations use different methods and tools. The integration of tools ensures:
– end-to-end traceability of requirements to test cases and proof of execution;
– end-to-end automation of the activities of each level of testing;
– monitoring of anomalies and their resolution;
– the design of a reporting adapted to each level of test of the system-of-systems.
A complete integration between the various tools used (on the same level or between the levels) often implies the adaptation of the tools and/or the design of interfaces between these tools, even the design of new tools or frameworks, making it possible to direct various tools and to share information between these tools. In the context of testing with mobile devices (e.g. tablets, smartphones, etc.), the use of emulators or simulators adds an additional level of complexity. It is not guaranteed that the simulator or emulator reproduces exactly all the operations of the device.
Integrating tools includes the need to deal for these tools with the aspects of maintainability, updates, data conversion, acquisition of these tools and migrations from one tool to another and finally the disposal of the tool when it was replaced. In the event of disposal, it will be necessary to consider access to the data generated by this tool, for the purposes of proof and traceability. On the one hand, it will be necessary to remove the tests that have become useless; on the other hand, it will be necessary to ensure that the planned functionalities are correctly replaced and then verified and validated by other test cases.
10.2.4. Qualification of tools
In systems-of-systems involving the safety or security of people (safety-critical) such as aeronautics, test tools are subject to qualification criteria before they can be used (see DO-330/ED-215). These criteria depend on the criticality of the software to be tested and the impacts of these tools (e.g. addition or non-defect detection). The criteria depend on what the tool produces:
– Criteria #1: tool whose product is part of the aircraft software and therefore which could insert a fault. We could take as an example JUnit-type tools used in the TDD development framework and therefore the addition of instructions that could slow down the process.
– Criteria #2: tools that automate the verification process and may not detect a defect (false negative), and whose deliverables are used to justify the elimination or verification (1) of verification processes other than those automated by the tool or (2) development processes that may impact aircraft software.
– Criterion #3: tools which, in the context of their intended use, could not detect a defect (false negative).
The DO-178 and DO-330 standards offer examples for these criteria and make it possible to demonstrate the need for qualification of these tools to ensure that we can really have confidence in the results provided by these tools. DO-330 offers TQL (Tool Qualification Level) depending on the level of the tested software.
| Software level | Criteria | ||
| 1 | 2 | 3 | |
| A catastrophic | TQL-1 | TQL-4 | TQL-5 |
| B hazardous/dangerous | TQL-2 | TQL-4 | TQL-5 |
| C major | TQL-3 | TQL-5 | TQL-5 |
| D minor | TQL-4 | TQL-5 | TQL-5 |
We recommend reading these standards to identify whether certain aspects are – or are not – applicable in your system-of-systems.
10.2.5. Synchronizing test cases
Some tests, such as those that require interactions between two or more actors, require synchronization between test cases. For example, a communication system must ensure that the messages received are not duplicated or that there are no missing messages in the exchange sequences. It will therefore be necessary to synchronize the internal clocks of the different stations, to plan waiting times or to direct the launch of test cases on the various injectors from a single coordination station.
Another aspect to take into account concerns the management of execution sequences with the launch of different test scenarios according to the results of previous scenarios. The execution of synchronized scenarios – simultaneous – or in sequence must make it possible to ensure traceability of the coverage of the requirements (or user stories), as well as a coverage of both the components and the test techniques that are planned and used according to the level of criticality.
10.2.6. Managing test data
The test cases may have to execute actions on several workstations, and these various workstations – test sub-scenarios – can access the same data. It will therefore be necessary to manage concurrent access to the same data, with management of write or modification rights that will need to be validated.
The test data used during the test campaigns can be of different nature: we could have data processed in volumes (e.g. lists of transactions or customers) just as we can have data which represents punctual data transmitted (e.g. Internet of Things and real-time monitoring) or data allowing the progress of a process or an object to be monitored (e.g. parts or volume of product manufactured, real-time monitoring of the positioning of an equipment). To execute the campaigns correctly, it will be necessary to ensure that the data is present and consistent, on the one hand, and that the expected results are available (to validate the execution results).
In some cases – for example, monitoring and control – the absence of transmitted data must be identified and raised as an alert. The duration of absence will vary according to the needs (e.g. in a hospital, the absence of pulse or breathing must be identified and escalated without delay).
It will therefore be necessary for testers, both when testing systems and when testing systems-of-systems, to ensure that the required data is present.
10.2.7. Managing reporting (level of trust in test tools)
The execution of test campaigns – and tests in general – does not produce any value if the results are not transmitted so that decisions can be made: for example, correction of defects, decision to move on to the next step, etc.
It is therefore important to plan a reporting adapted to the questions asked by the stakeholders. Often, the information reported by the test tools focuses on the execution of test cases, without considering the coverage of functional needs (requirements, epics, features and user stories, etc.). This data may be useful for a test manager but does not meet the needs of other stakeholders. If we want our interlocutors – the stakeholders who use the results of the execution of the test campaigns – to be interested in our deliverables, it is necessary to address their concerns (e.g. functionalities OK or unavailable; level of coverage reached, etc.). These answers often come from tools or processes, and we must ensure that the values reported are reliable. It is easy to forget to add a check in a test and consider that test “passing” if it runs correctly. One way to do this is to use fault injection where we introduce known faults into the code and ensure that the process and tools identify the faults we have introduced. If one or more defects are not detected, this implies that the process – and therefore the products tested – is not reliable and must be improved. Of course, we will need to make sure that the faults introduced are properly removed.
10.3. What to automate?
The choice of activities to automate is the responsibility of the test manager. Since automation always requires a significant effort (therefore an investment), it is necessary to ensure that this effort will bring short-term value, and that this value will last throughout the life of the application.
If the choice of value is a financial objective, it will be necessary to measure the expenses and the point of equilibrium and the level of ROI that can be obtained.
If the reason for automating is to reduce the duration of test campaigns, or to ensure a defined level of quality (e.g. zero defects or six sigma), these objectives will have to be related to the costs and efforts necessary to reach them. In all cases, it will be necessary to take into account:
– scope – code or functionalities – to automate and how to measure it;
– objectives – including the test techniques to be implemented by the automated tests – and their applicability;
– maintainability and readability of the tests, knowing that these tests will have to be executed and maintained for several years.
It will also be necessary to measure if the elements considered are reached:
– choice of activities to automate (easily automatable activities, difficult to automate activities, traceability, measurements, statistics);
– measurement of investment, profitability.
Whatever choices we make, we will have to worry about false negatives, those anomalies that are not detected by the tests – automated or not – but which can appear in production. The use of a tooled solution always leads to confidence – sometimes misplaced – in this solution.
10.4. Test tooling
Whatever the development activities, tools can help with reviews and testing. Questions to address will focus on the benefits these tools can bring and the constraints they will impose. In the framework of systems-of-systems, these questions are to be dealt with in the long term and not only in the short term.
We recommend starting with an identification of the testing processes currently in place and the expected benefits. Ideally, we need at least the following tools:
– A requirement management tool, allowing them to be tracked from the contract to the delivery and maintenance of systems-of-systems in production. An open source tool is a possible short-term solution, but it seems more realistic to select a tool supported by a large customer base.
– A configuration management tool to manage software components as well as hardware components, here also a market tool, supported by a large customer base. This will make it easier to find qualified and experienced personnel.
Tooling chaotic processes is not useful and only serves to automate the chaos. We will therefore need to ensure beforehand that our processes are correctly defined and implemented, with means (metrics and periodic measurements) to ensure that they are correctly implemented. We are therefore talking here about a quality assurance policy (not to be confused with a testing policy).
Next, we need to identify the process or processes that can benefit from automation. This involves mastering our test processes, identifying the main phases where defects are introduced (often in the definition of requirements, in the architecture and the code) in order to determine the types of tools that will be most suitable, discovering these flaws. One thing to consider is that it’s best to find defects as early as possible and that means using those testing tools (if they exist) as early as possible in the design and development cycle. Another element is the expected time savings during the test execution phases (e.g. by parallelizing test activities or by executing them at night on several environments).
Another point to consider is the survivability of tools and artifacts created with these tools. When we decide to buy and implement a tool, the cost of the tool is an element to consider, but represents only a fraction – relatively small – of the total cost of ownership (TCO): we will also have to take into account the workload to design the test scripts, the test data associated with them, to maintain the tools and to run them, without forgetting to manage them in configuration, etc. Some tools have evolved over time, even if their publishers have been taken over by competitors. Other tools, mainly open source tools, have been abandoned (e.g. Open STA) or heavily modified during changes in the development teams (e.g. evolution from Selenium to Selenium 3), which makes all of them obsolete, or parts of the investments made. In addition to the survival of the tools and their editors, it is also necessary to take into account the artifacts (test scripts and test data) produced and used by these tools. If their organization is flawed, if their implementation is not documented, if these automated tests are too closely linked with user interfaces and have a strong coupling, they will quickly become obsolete and the investment made will have been wasted.
10.4.1. Selecting tools
The selection of tools must be carried out within the framework of the complete verification and validation of the system under development, so as to simultaneously avoid the introduction of faults, detect faults early and provide useful information to the project management. As the actors using the tools are not only limited to testers but also include developers, managers, as well as customers/product owners and the hierarchy, it is necessary to have a general vision in order to avoid an unnecessary workload or redundant activities.
Following an evaluation of the test processes to define the processes that will benefit the most from automation, the use of a technique such as GQM (Goal– Question–Metric) will make it possible to refine the objectives, to pose the good questions and to define the metrics that will have to be measured, as well as to set objectives (targets) to be achieved.
A first study – for example, via the publication of an RFP (Request for Proposal) – makes it possible to define a subset of products that will meet all or part of the requirements and needs. It is important to ensure that the tools work in our environments (they still work on the pre-sales consultant workstation). The points of attention here are:
– correctly identify the short- and long-term objectives that must be achieved with the use of tools;
– ensure that the test tools are compatible with other development tools and frameworks that are currently used by our teams (or that will be used in the future);
– check that the tools envisaged work on all the environments, materials and browsers for which the developments are carried out;
– qualify editors and suppliers to ensure their sustainability. Indeed, we will have to make sure that we have support for the entire life of the system. The choice of an open source solution may in this case be unwise.
The second phase, comparing the tools within the framework of our choice, aims to compare the tools pre-selected in the first phase in order to identify the one that will best meet the needs. It will therefore be necessary to have defined the metrics that we will be looking at (planned during the phase of defining the objectives to be achieved). During a tool comparison phase, the tools will be applied to a project representative of the company’s needs. At the end of this comparison phase, the choice of tool(s) is made. During this phase, we will need to focus on:
– selecting one or more tools that will correctly cover the objectives defined in the previous phase;
– selecting a pilot project that is representative of the problems that the tools will have to deal with. Choosing a pilot project that is too simple will not allow us to be sure of the tool’s ability to handle all cases;
– defining KPIs allowing impartial comparisons of tools.
The third phase consists of validating, on a pilot project (therefore not crucial for the organization), the operation of the tools selected in the previous phase; this involves, among other things:
– the installation and implementation of tools on the project environment;
– the modification – if necessary – of the processes and procedures for creating data and test cases, the applicable naming rules, the organization of directories and campaigns, etc.;
– the definition of metrics and means of measurement to ensure that the benefits (and costs) of the tools are measured;
– the use of tools, the backup of deliverables and of results.
At the end of this pilot project, it is necessary to provide feedback and ensure that the expected benefits with the tools are greater than the costs of these tools. From this moment, it is possible to begin to gradually generalize the use of the selected tools, by offering appropriate training and ensuring that the participants of the pilot project can act as coaches for the new teams.
10.4.2. Computing the return on investment (ROI)
Following the product comparison phase and at the end of the pilot project, the calculation of the ROI and the break-even point will be carried out. Things to consider will include:
– the initial cost of purchasing and installing the tool (or tools);
– staff training costs, whether staff assigned to the pilot project, or the design of specific training for the organization (post-pilot projects);
– the costs of tool management, annual license, user management and tool maintenance;
– the costs related to the design of the components supported by the tool (campaigns, sprints, anomalies, scripts, etc.), their configuration management, their maintenance;
– costs and execution times of test campaigns (per iteration, sprint and functionality);
– time and cost savings related to automated execution versus manual test execution.
10.4.3. Avoiding abandonment of tools and automation
A common concern is the abandonment of automation activities on a project. These abandonments have various causes, but result in a significant financial and technical loss for the organizations. Let us look at some of these causes:
– A cessation of investment in the project given the achievement of delivery milestones, for example, delivery to the customer or the cessation – temporary or permanent – of project financing. In this case, the people assigned to the test automation project are reassigned to other projects, which results in a loss of knowledge about the tools and the automation.
– A change in organization or priorities due to failure to achieve the initial automation objectives. This is mainly due to a poor identification of the constraints related to the introduction of tools or to objectives that are not (or not easily) achievable.
– A modification of the interfaces of the product to be tested without modification or adaptation of the automated test scripts. Test automation involves thinking about the maintenance of these tests, and therefore planning a test automation load when modifying the application to be tested.
– Failure to consider developments in test automation tools. Indeed, tools evolve, change and may no longer be supported by their development teams. This is especially true of “open source” tools that depend on teams of volunteers. Some tools like OpenSTA are no longer supported, and others like Selenium have evolved significantly between two versions.
When an automation effort is stopped, a resumption of this effort often requires a reassessment of the objectives, a new definition of the strategies, and sometimes the selection of new tools.
10.5. Automated testing strategies
Implementing automated tests can have various objectives:
– reduce the duration of test campaigns;
– reduce the costs of test campaigns;
– increase the detection of defects before going into production;
– reduce manual testing burden;
– increase coverage by testing requirements and codes;
– ensure identical test reproducibility – or increasing – for each version.
For test automation to be effective, the test strategy must define the objectives and the means to achieve them, in accordance with a higher-level test strategy.
In addition, this automation strategy must take into account:
– the design load of automated tests on existing functionalities (the backlog to be covered) and under design (new functionalities);
– automated test maintenance costs (e.g. to process user interface or operational changes);
– the modularity of the tests so that each test has a specific objective and is not dependent on other tests;
– the ability to run in various environments with as little complexity as possible;
– the use of specific datasets, which may vary depending on the environment, including the aspects of parameterization and sequencing of the tests between them;
– the needs for reporting and managing anomalies identified during automated tests;
– the use of virtual machines to reduce hardware investments.
10.6. Test automation challenge for SoS
In more than 50% of cases, test automation does not achieve the desired gains and cost reduction objectives. Some of our customers – and customers of our partners – have told us of thousands or even hundreds of thousands of dollars spent on test automation without targets being met. There are therefore a significant number of challenges to overcome when deciding to automate tests.
It is often impossible to fully automate system-of-systems testing, especially when physical HMIs (buttons, valves, switches, etc.) that must be manipulated by humans are involved. Automation should then be considered by subsystem or by SIE (Software-Intensive Equipment), to reduce the scope and complexity of automated tests. Acceptance of test results pertaining to one equipment, one subsystem or one system should be carried out without any residual risks remaining. This involves both functional verification and validation, as well as covering all non-functional requirements and validating them.
10.6.1. Mastering test automation
Test automation is only of interest if it is effective and efficient (profitable) and properly mastered. If the testing processes – manual – are not mastered, if the tests are chaotic, the use of one – or several – tools will only automate this chaos.
Test automation activities require additional actions compared to manual testing:
– in the context of sequential developments, the tests are based on the same requirements as the developments that they will verify and validate. They will therefore have to follow the manual activities of analysis, design and implementation of tests;
– in the context of Agile developments, the use of automated test tools is necessary – even mandatory – via the TDD, the ATDD and the BDD and this in addition to the analysis, design and implementation activities of test cases – nominal and exception – covering user stories;
– in the context of systems-of-systems with several levels of integration, it will be necessary to combine Agile and sequential test methods, identify which tests to execute at which level – to avoid redoing tests already carried out elsewhere – and then automate this which is the most useful.
In any case, it will be necessary to understand the origins of the defects – their root causes – and the ability of the tests to detect these defects. This will enable development process improvement (through root cause analysis and implementation of continuous improvements) and testing improvement (through the creation of targeted automated tests to identify defects to identify regression potential future).
Potential gains from implementing automated testing include:
– reduced automated test execution load because testers can be assigned to other tasks while automated tests are running;
– reducing automated test execution times because automated tests can run outside of normal tester working hours;
– reduction of the need for hardware and test environments to execute automated tests because these tests – if carried out after working hours – can use the workstations of the testers, or virtualized environments;
– control of the maintenance of automated tests which can be more expensive than for manual tests.
Designing automated tests brings several challenges, including:
– the different organizational models according to automators and tools, even according to individuals and their understanding of test automation (e.g. API tests, keyword-driven tests (KDT));
– the need to have several tools, each identifying different types of anomalies, different targets – applications, languages, etc. – and of course to have confidence in the quality of the tools. Testing tools are also prone to software flaws;
– the need to interface the tools with each other to link automated tests of one type with tests of another type or another environment. This may require monitoring tools or schedulers;
– the confidence that can be had in the test results of the lower levels;
– the maintainability of tests designed by others;
– monitoring of reporting and anomalies, etc.
One of the major challenges with test automation is the dropout rate of automation efforts after projects are initially set up. It is common for the release (delivery) of a software system to lead to a reduction in the size of the development and test teams, and therefore of the people in charge of test automation; However, it is at this moment that the benefits of automation can be the most important if this automation covers all the functional and technical areas of the system: it will indeed make it possible to verify the absence of regressions during future evolutions and corrections.
10.6.2. Preparing test automation
Developing automation requires seeing when and where automated testing can be introduced into the development cycle. This therefore implies close collaboration with the development teams.
The implementation of TDD implies that developers understand how to correctly test, in addition to the proper functioning of the application (or the feature or the user story), the non-passing cases, the cases at the limits of the partitions of equivalences, etc.
Similarly, the developed code must be maintainable, to limit future maintenance costs. Automated code analysis tools make it possible to control the quality of the code, from the moment the code is introduced into the repository.
In the case of automated functional tests, it is necessary – as in the case of manual tests – to ensure that the three phases are present: SETUP, RUN and TEARDOWN.
10.6.3. Defect injection/fault seeding
Defect injection is the introduction into the software of known quality level, and which is analyzed by an automated testing process, of known defects that the testing process is supposed to identify and filter.
It might seem incongruous to talk about the injection of defects in a work where the objective is to find the most defects as quickly as possible. However, since the implementation of automated tests aims to automatically find defects of various types, by limiting manual efforts, it is necessary to ensure that these automated mechanisms correctly identify defects, so that we can really have confidence in test machines. Otherwise, we will get a false sense of security.
The principle is simple: we have to set up a process – totally or partially automated – to find faults in the code. How can we be sure of the effectiveness of this process? By introducing faults that we control and ensuring that these faults are detected. If some of these defects are not identified, it shows failures in the process, therefore a need for improvement of this process.
This technique can be compared to vaccination in human beings. It makes it possible to validate that the body’s defense processes – here the verification/validation processes of the software being designed – work correctly and are capable of detecting pathologies (types of defects) previously identified.
10.7. Typology of test tools and their specific challenges
If we group the types of test tools according to their use, we can identify generic problems related to the use of tools and specific challenges for each of them.
First, what goals do we want to achieve by using tools, how can we determine whether the goal has – or has not – been met (which requires metrics), and how can we ensure that the measured information correctly represents the status of the project?
Second, how are we going to measure the ROI of using the tools? How are we going to ensure that the use of these tools will be sustainable over time and will not generate a workload that bears little relation to the expected benefits? Finally, as systems-of-systems involve many co-processors, how can we integrate different tools, each measuring different and possibly fragmented information, to have a clear and accurate vision of the progress of the system-of-systems?
According to Jones and Bonsignour (2012), the four most common causes of disputes between software vendors and their customers are: poor quality control, poor change management, incorrect estimates and inaccurate tracking systems. Each of these causes can be adequately reduced or eliminated using tools.
Among the types of tools, we have:
– tools that will help manage test projects, associated risks and reporting to various stakeholders;
– tools to manage requirements or user stories and ensure their traceability to test execution results during test campaigns;
– tools in charge of managing anomalies and which will be able to follow them from their detection until the end of their treatment, including by linking these anomalies to the components developed and to the development phases, to allow statistics and continuous improvement actions;
– configuration management tools to master all components, test cases, requirements or user stories, expected and obtained test data, parameterization data, environments, etc. related to the versions developed and to be tested;
– and other tools that we develop below.
10.7.1. Static test tools versus dynamic test tools
We have identified that static analysis and review activities make it possible to identify defects even before compiling the code. These static activities are effective and very efficient. The automation of dynamic tests often requires that the target of these tests (the developed and integrated applications) be of a sufficient level of quality and therefore these activities cannot really start in parallel with the development activities, unless they include the design – by the testers – of a model of the application to be tested. When the application to be tested is available, the fields of the model are mapped and replaced by the fields of the application, thus allowing the tests to be run on the target.
As far as static test support tools are concerned, we have:
– tools to manage workflows within the framework of reviews, in order to correctly manage the defects or questions identified during the reviews (and their corrections or answers), as well as their merging into a single document, then the management of the signature circuit;
– static analysis tools to identify the quality and complexity of documents or code (e.g. measurement of cyclomatic complexity, identification of non-compliance with coding rules, etc.).
As far as dynamic testing tools are concerned, we have:
– test execution tools, often including functionality for capturing user actions and programming; these tools may or may not be very sophisticated and apply to user interfaces, or focus on APIs;
– monitoring tools that can identify which instructions (or parts of the program) the dynamic tests have already covered, so as to allow the design of test cases specially targeted towards the parts not yet covered;
– tools focusing on the analysis of non-functional characteristics (security, memory leaks, performance, etc.) to provide information on these characteristics and sub-characteristics.
The groupings of tools proposed above are not exhaustive.
10.7.2. Data-driven testing (DDT)
Data-driven testing – or tests directed by data – is a method where we will record, on one side, a series of functional actions and, on the other side, the input data and the expected results of these functional actions on the input data. This makes it possible to cover a combination of important input data and therefore to implement the techniques of equivalence partitions and limit value analysis, without requiring too much workload. Input values and expected results can be stored in an Excel table or CSV file. The automation tool is used to record the functional activities, and then the automation script is modified to use the input variables from the file. At the end of the execution of the test script, the results obtained are compared with the expected results and the results (pass/fail + anomaly reference) are stored. Subsequent input values are read, and the test is rerun with the new values.
This approach makes it possible to cover a large volume of data combinations, with a reduced investment. It will be necessary to design scripts and data files to cover each functional area. This solution allows a simple and fast reuse of scripts for a reduced investment.
10.7.3. Keyword-driven testing (KDT)
Keyword-driven testing, sometimes called action word-driven testing, was proposed by Hans Buwalda in Buwalda et al. (2002). It is an extension of the concept of DDT in that each functional aspect (each recorded and variabilized test script) is referenced separately and can be called by another script. We can thus define a test script that calls other test scripts and executes the data that is passed as a parameter. This removes the tight coupling between automated tests and the interfaces they use to test the system.
Test files include only instructions (keywords), input data and expected results, as well as actions to perform if the result is “pass” or “fail”. This allows functional testers to define sequences of actions (instruction, input data, expected data) in an Excel or CSV file, without having to consider the scripting language of the test tool used. The decoupling obtained through the KDT makes it possible to keep business scenarios stable and to only must change the lower layers of automated tests: the scripts. The level of business coverage therefore remains guaranteed.
A small KDT execution engine therefore only has to read an instruction line from the Excel or CSV file and execute it, that is, identify the script associated with the instruction, replace the variables by the input data, run the script, compare the obtained data with the expected data and note the results.
A major advantage of this solution, in addition to saving time and efficiency, is that it makes the tests independent of the automation tools used. As the functional aspects evolve less quickly than the test tools, this solution allows scripts to be reused with another test tool. Some testing tools and frameworks are starting to offer KDT.
10.7.4. Model-based testing (MBT)
Testers design their tests based on requirements, specifications or their understanding of how the product under test should perform. It is a modeling of the behavior of the system – functional or non-functional – according to their vision and their understanding of the requirements. MBT formalizes this design method by using formal modeling languages to design the model from which the test cases will be defined.
MBT is the application of model-based design to testing. Test cases derived from models generally describe functional tests, but can also include other types of tests (e.g. security, performance, etc.). These tests derived from the analysis of models are mainly abstract tests often focusing on the nominal behaviors of the element to be tested. The testers will have, on the basis of these abstract test cases – test conditions – to associate with the element to be tested the real test cases which will include input data, references to real objects and actions on the developed components.
The representation of a model is often useful to allow testers to interface with users and business representatives. Such models are often also used by development and architecture teams to identify the objects to be developed, the classes, attributes and methods to be designed. The testers could be tempted to reuse the models developed by the designers and would then apply themselves to verifying that the designers have correctly translated the model. This is not what is requested, because there is no guarantee that the model initially developed correctly represents the needs of the users. Since models are often partial and simplified representations of the developed product, nominal behaviors will be identified while exceptional cases and error handling will frequently be forgotten.
Model-based testing obliges testers to learn other languages such as UML, B or Z, and to share this knowledge with users and customers to obtain from them the validation of the model from which will be deduced – manually or automatically – the test cases.
10.8. Automated regression testing
Regression tests, sometimes called non-regression tests (NRT), are often considered the only ones justifying automation, since their purpose is to be rerun identically after each modification of the element in order to identify new possible side effects, regressions. This reuse of the same tests increases the profitability of the investments made in that they are created once and re-executed – automatically – many times. It should, however, be noted that any modification of the interfaces will require a modification of these tests. It will therefore be necessary to plan a maintenance budget for automated tests, whether they are regression tests or not; otherwise, the investments will be quickly lost. For example, a client had automated several dozen test cases at the cost of an investment of several hundred thousand euros. As new versions were released – one per month – some test cases no longer executed correctly. Finally, after two years of evolution, only 20% of the test cases were still working. So, 80% of the investment had been lost.
The objective of the regression tests being to ensure the absence of regression (side effect), it is therefore necessary to identify all the differences in the behavior of the element between the previous version and the current version. That is, old faults must be found again in the current version – unless they have been marked as fixed – because an unintended fault fix could be the result of a regression.
10.8.1. Regression tests in builds
An important moment for a realization team is the saving of the changes and the launch of the build which checks if the changes are correctly implemented. This is therefore a privileged moment to run regression tests, automated or not.
As the developers and designers act in a particular environment (the development environment) and as interactions can take place between the developments carried out by each of the actors, the development environment is not the most suitable for carrying out tests of regression. It will therefore be necessary, during builds, to allow the execution of regression tests in a more representative environment, without impacting the environments of the functional testers in charge of the integration test levels or the system test levels.
The moment of the build – especially if we want to do many builds daily – can be well chosen to perform other actions than regression tests: static analyses of the code could identify potential defects early.
10.8.2. Regression tests when environments change
The software execution environment includes both the other programs with which the software under test interfaces and the operating systems, databases, etc., necessary for the proper functioning of the software within the system-of-systems. If one or more of these elements is modified, the introduction of side effects – regressions – is possible. It is therefore necessary to ensure, through regression testing, that such regressions are identified and corrected. The same consideration applies when moving from one environment to another (e.g. moving from Windows 7 to Windows 10, moving from a 16-bit system to a 64-bit system, etc.).
During the first Ariane 5 flight (flight 501), the programs from the Ariane 4 system were reused. This was later justified by almost a hundred successful flights. Ariane 4 systems ran on 16-bit, and Ariane 5 systems ran on 64-bit. During calculations, a 16-bit digital zone recognized as “high value” was interpreted as a valid 64-bit value, leading to incorrect positioning of the thrusters and the loss of the machine. It is likely that running automated regression tests (during this environment change) could have identified this issue.
10.8.3. Prevalidation regression tests, sanity checks and smoke tests
At the start of the test campaign, it is important to ensure that the application to be tested is of adequate quality and will allow sufficient testing effort without having to stop too quickly. If the application under test does not run correctly, back and forth between test teams and development teams will occur, which will delay test execution. One way to ensure a sufficient level of quality is to carry out “smoke test”-type tests. These tests originated in electronics where, once the components were soldered onto the board, if plugging the board into power generated smoke (one or more components were electrically damaged), the board – in our case the application to test – was not of good quality.
Smoke tests should cover, in a light way, all areas of the application to be tested, all its modules and all its functionalities. An analysis of the results of these tests makes it possible to identify the classes, modules or functionalities which statistically have a higher percentage of failures. This will make it possible, on the one hand, to focus the tests (application of the principle of aggregation of defects) and, on the other hand, to check the general behavior of the application. Such a subset of tests can be automated since the execution of these tests will have to be performed many times.
“Health checks” or “sanity checks” are similar in principle to “smoke tests”, but are often limited to a subset of functional test cases to ensure the proper functioning of the main functionalities without which the app is irrelevant. Their automation is therefore justified.
10.8.4. What to automate?
One of the very frequently asked questions concerns the target of the automation and what it should be about. Like everything – and as Alice’s Cheshire Cat said – it depends on what we want to achieve. Among the different objectives, we have the following:
– identify the most failures;
– test faster;
– cover more combinations of values;
– be more efficient and less dependent on human actors.
However, it is necessary to remember that automation has associated costs and burdens, and that certain activities – requiring intuition and human intelligence – are difficult to automate or cannot be automated. For example:
– analyze the requirements or the user stories to find the combinations of actions that must be tested as well as the values to be selected. This involves analytical and intuitive skills as well as the ability to select the most appropriate test techniques;
– analyze the results obtained and ensure that they correspond to the expected results, even – optionally – create test oracles. This requires the ability to combine test techniques and select the combinations most likely to find failures;
– program test scripts and give them the ability to be variabilized to allow for DDT and KDT. This involves the identification of variables and test data, as well as programming skills;
– maintain the test scripts so that they remain in phase with the evolutions of the software and systems that they test, throughout the life of these. Without this constant maintenance, scripts will become obsolete and their value will rapidly diminish;
– design reports focused on the needs of the stakeholders and identify the necessary metrics as well as the frequency of measurement, and synthesize this information to give a realistic idea of the progress of the project, both at the level of the system under test and at the system-of-systems level.
A significant workload will therefore remain for human testers, and test automation will only add to this workload.
It is therefore important to define where automation saves time, effort or money, and to take a long-term view that involves more than just delivering the software or system. Indeed, especially in systems-of-systems, the durations of use being long, the needs for maintenance and evolutions justify a long-term vision. This analysis of potential gains should take place from the genesis of the project and focus on the early search for defects, rather than a late search often linked to the execution of functional tests during system test levels.
10.8.4.1. Automation of static tests
Static tests, whether they relate to requirements or other development deliverables, make it possible to detect defects early. Their automation therefore allows for increased effectiveness and efficiency – as well as profitability. The inclusion of automated static tests in the realization process is a recommended solution.
10.8.4.2. Automation of unit tests
Since unit tests can detect defects early in the creation of code, it is important to include such tests in the development process. So, techniques such as TDD can improve the quality of the software produced. It should be remembered, however, that the quality of these unit tests will impact the quality of the code.
10.8.4.3. Automation of functional tests
Functional test automation is often what is envisioned when automated testing is mentioned. In a system-of-systems, the functional testing of individual elements (software, components, software-predominant equipment, subsystems and systems) must be separated from the functional testing of the system-of-systems as a whole.
The choice to automate functional tests will depend on the profitability – effectiveness and efficiency are to be considered – of the automation, whether in the short or long term. Since the requirements are mostly functional level, automating functional testing is usually justified. In many cases the automation of functional tests, via KDB-type test frameworks, allowed time savings and measurable savings. The automation of aspects of traceability and reporting also brought significant and measurable gains here.
One element to consider is the obligation to ensure that the gains obtained by the implementation of automated tests are real and measurable.
10.8.4.4. Automation of technical tests
Technical tests (e.g. performance tests and security tests) should be carried out periodically – frequency to be defined according to the risks identified on the system and the system-of-systems – in order to identify the impacts of changes as soon as possible. The automation of these tests allows the execution of technical test campaigns at a frequency commensurate with the risks. It may be necessary, here too, to take into account the maintenance costs of these technical tests.
10.8.5. Test frameworks
A test framework is a set of rules that can be used to manage tests. In this book, we will consider that a framework is an overlay – or a set of overlays – which is positioned above automated test tools (generally a replay capture tool) and whose purpose is to separate the concepts business of purely IT aspects. The objective is to decorrelate the “business” functioning – often stable – from the user interfaces which are variable. Testing frameworks are often used to do DDT (Data-Driven Testing) or KDT (Keyword-Driven Testing).
Let’s take an example: in a bank we have business actions such as “add a customer”, “open an account”, “make a transfer”, etc. In general, the data to be entered for each of these actions is fixed and will not vary from one version of an application to another. The principle of KDT is that the KDT engine for application 1 will be developed based on the automation tool applicable to the application (here: C/R Tool 1). It is possible to map the screens and define the variables of interest on each of the screens. Similarly, it is possible to define, for each of the variables, the combinations of variables that may have to be used (thanks to the test techniques defined in Volume 1, Chapter 9). We can therefore define in a spreadsheet, for each action (keyword) to be performed, the variables to be used and assign them to the variables of the selected screen. The keyword engine can then provide the automation tool with information on the screen to use, the variables to use, the actions to perform and the expected results. Depending on the result, the next action to perform is reading and processing the next line (e.g. Nxt), skipping one or more lines (e.g. skip) or performing a series of actions (e.g. create an anomaly in case of expected result different from the obtained result).
We can use the same concept to cover several different applications and several different automation tools, so we could issue test case execution orders from one application to another (as long as the framework is compatible between the various systems.
Figure 10.1 Multi-applications test framework
Some languages and frameworks directly allow this type of operation to be designed (e.g. Robot Framework in PHP), and some commercial tools offer this method of developing automated test cases. It is of course possible to define – name – the fields of a screen even before the screen is available and to map the fields of the screen with the fields created by the developers. This solution makes it easier to identify missing (or additional) fields that will need to be processed before running the automated tests.
Such test frameworks could send orders from one application to another in a system-of-systems automatically and thus enable test suites that would automatically test important aspects such as identifying regressions.
10.8.6. E2E test cases
Testing a system-of-systems from end to end (hence the acronym E2E) generally involves ensuring that the test environments of the various systems are correctly connected and interfaced, that the settings are synchronized between systems and that consistent functional test cases are defined, with valid test data. Often, it is impossible to fully test a system-of-systems because certain aspects cannot be properly reproduced in test environments. For example, it is not possible to reproduce on Earth a functioning without gravity, such as behavior in space.
Test automation is generally considered on a system-by-system basis, as each system is tested separately, but verification and validation of system-of-systems behavior should also be considered. How to do?
A solution may be to carry out pilot tests in conditions close to reality, as is the case in the air (flight tests), in space (e.g. landing test of boosters for certain rockets), in the naval sector (sea trial campaign) or in other fields (nuclear, railway, automobile, etc.). These tests – with measurements of numerous parameters – allow an analysis of the recovered parameters and a comparison of these parameters with the anticipated values of these parameters. So, automation here will focus on the means of measurement and their analysis.
For software-intensive equipment, we may consider simulators to replace specific components. We will therefore be led to consider these simulators as stoppers in the context of system integration tests. If the systems – replaced by caps or simulators – evolve, the caps and simulators will have to evolve at the same time.
In the context of end-to-end testing of a system-of-systems, we will have to ensure the coordination of tests between the various systems. If a testing framework is used that allows communication between the various systems under test, end-to-end test automation should be facilitated. However, consider a higher layer that can handle synchronization and reporting at the system-of-systems level.
Since the various components of a system-of-systems are developed by different companies, it is likely that the issue tracking tools used will be different and the rules for naming or numbering issues will vary. Therefore, traceability must be put in place between the references of anomalies at the level of the system-of-systems and the same anomalies at the level of each of the other systems or components.
10.8.7. Automated test case maintenance or not?
As mentioned on several occasions, tests, automated or not, often have a life span at least equal to the life span of the software, component or system to be tested. It will be necessary to ensure that the evolutions of the software, component or system during its existence are considered and reflected in the tests, therefore maintaining these tests. This will ensure that all the evolutions will be correctly tested and that the functionalities which will disappear will be correctly removed from the list of tests to be carried out.
This synchronization between tests and developments will require the presence of a test team to:
– Analyze the impacts of requirement modifications, which will be facilitated by a tooled follow-up of the requirements and the traceability from the requirements to the developments, to the tests and their execution results. A configuration management tool will ensure the identification of developed elements, including test cases, test data and execution results. An analysis of the impacts of these modifications on the other components will make it possible to identify the full scope of the interventions to be considered.
– Design the new test cases, applicable to the new functionalities, and ensure full coverage – nominal behaviors and exceptional behaviors – of the functionalities, according to the new requirements. It will also be necessary to update the reports produced in order to take these new test cases into account.
– Define and implement new test cases – as well as test data – to ensure both requirements coverage and structure coverage (e.g. code, interfaces and messages, etc.), so as to adequately cover the scope of intervention identified during the analysis mentioned above.
– Identify test cases – and the data they use – that are no longer applicable (e.g. feature removed) and update product reports to reflect the removal of these test cases. Of course, it will be necessary to update the aspects of traceability from and to the requirements and the elements developed (which should also be modified).
– Create automated test scripts or update the identified automated test cases in order to reflect – in the test automation tools – the developments mentioned in the previous points (addition, modification or deletion of tests, adaptation of reports).
These activities are necessary and not carrying them out will expose the projects to the creation of technical debt which will accumulate quickly over time and will be difficult to reduce.
10.9. Reporting
Reporting allows the test manager to obtain information and pass it on to the various stakeholders on the project. Most of the tools provide more or less useful reporting information, based on the components that these tools process and measure, that is, test cases. However, this information may not meet the needs of stakeholders, and it is up to the test manager to identify and report relevant information.
The reporting aspect is the only way for stakeholders to understand the progress of the tests and it is crucial that they can identify the elements that matter to them. Too often, we have seen test managers sending out a statistic generated by a test management tool to all stakeholders on a weekly basis with the accompanying message “please find attached the test progress status for this week”. These statistics showed the test cases executed successfully or not, the number of defects identified and fixed, etc., without associating this information with the requirements, the components to be tested or any level of criticality. The impacts on the project were not estimated, nor the level of quality of the development, even less a percentage of coverage of the needs of the users or the identification of the C2C (cost to complete: cost remaining to be spent to complete the creation of the element) or C@C (cost at completion: estimated total cost at the end of the creation of the element). It is therefore easy to understand that this information was of very limited value.
10.9.1. Automated reporting for the test manager
It is interesting for the test manager and for the test teams to have a real-time visualization of the progress of the tests on the various environments and for each of the characteristics – functional or not – being tested. This can be done by developing a small tool which, from the various tools used (test manager, test execution tracking, defect management, configuration management, requirements management, etc.), will extract information that can be aggregated and integrated in order to provide summary information for team members. This type of reporting, displayed on large screens visible to team members (and by management), shows everyone the level of progress of application testing.
Using a spreadsheet facilitates the extraction of data, and their use, independently of the tools used. This makes it possible to integrate information from different tools, without changing the reporting provided.