Custom Search

Friday, December 25, 2009

Software Testing Levels

Test Level 1 : Unit Testing

In programming, unit testing is a software design and development method where the programmer to verify that the units of source code are working properly. A unit is the smallest testable part of an application. In the programming of a unit of May an individual program, function, procedure, etc, while in object-oriented programming, the smallest unit is a method, which belongs to May in a base / super class abstract class or derived / child class.
Ideally, each test case is independent of others; Double objects like stubs, mock objects or false and the test harness can be used to assist testing a module in isolation. Unit testing is usually done by software developers to ensure that the code of other developers have written meets software requirements and behaves as the developer intended.

Benefits
The objective of the test is to isolate each part of the program and show that the parts are correct. A unit test provides a strict, a written contract that the piece of code must satisfy. Accordingly, it offers several advantages. Unit testing problems early in the development cycle.
* Unit testing allows the programmer to Refactor code at a later date, and make sure the module still works correctly (ie regression testing). The procedure is to write test cases for all functions and methods so that whenever a change causes a fault, it can be quickly identified and corrected.
* Readily available, unit tests make it easy for the programmer to check whether a piece of code works properly. Good product unit test design test cases that cover all paths of the unit carefully the conditions for a loop.
* In continuous unit testing environments, through the practice of maintaining inherent maintenance, unit tests will continue to accurately reflect the use of executable code from the face of change. According to the development practices in place and unit test coverage, the second of accuracy can be maintained.
* It helps eliminate uncertainty in the units themselves and can be used in a bottom-up testing style approach. By testing the parts of a program first, then testing the sum of its parts, integration testing is much easier.
* A widely debated question is in assessing the need for manual integration. While developing a hierarchy of unit tests in May appears to have achieved integration testing, which is a false sense of confidence since integration testing evaluates many other goals that can only be proved by the human factor. Some argue that a sufficient variety of test automation systems, integration of man by a group test is unnecessary. In fact, the real need ultimately depends on the characteristics of the product under development and its uses. In addition, the manual of the man or the test will depend largely on the availability of resources.
* It provides a way of life of the system documentation. Developers who want to know what functionality is provided by a unit and how the user can view the unit tests to gain a basic understanding of the unity of the API.
* Unit test cases embody characteristics that are essential to the success of the unit. These characteristics can indicate appropriate / inappropriate to use a unit as well as negative behaviors that must be trapped by the device. A unit test in itself, the essential characteristics of these documents, although many software development environments do not rely solely on the code of the document produced in development.
* On the other hand, documentation ordinary story is more sensitive to the drift of the implementation of the program and will become outdated (eg design changes, feature creep, relaxed practices for keeping documents up-to -date).
Limitations of tests
Tests can not be taken for each error in the program - it is impossible to evaluate all execution paths, for all but the most trivial programs. The same is true for unit testing. Furthermore, by definition, the unit tests that test the functionality of the units themselves. Therefore, it will not catch integration errors, or larger system-level errors (such as functions performed in multiple units, or non-functional testing areas such as performance). Unit testing is more effective when used in conjunction with other test software. Like all forms of software testing, unit testing can not show the presence of errors, it can not demonstrate the absence of errors.
Software testing is a combinatorial problem. For example, each boolean decision statement requires at least two tests: one with a result of the "real" and the other with a score of "false". Accordingly, for each line of code written, programmers often need 3 to 5 lines of test code.
To obtain the benefits of unit testing, a sense of discipline is needed throughout the software development process. It is essential to keep careful records, not only tests have been performed, but also of all the changes that were made to the source code of this unit or any other in the software. Using a version control system is essential. If a newer version of the unit is not a test it had previously adopted, the version control software can provide a list of changes to source code (if any) that have been applied to the unit since that time.
It is also essential to implement a sustainable process to ensure that the test failures are reviewed daily and processed immediately. If such a process is not implemented and ingrained into the team, the application will evolve in sync with the unit test suite - more and more false positives and reduce the effectiveness of the test suite.


Test Level 2 : Integration Testing

"Integration test" (sometimes called Integration and Testing, abbreviated I & T) is the phase of software testing in various software modules that are combined and tested as a group. It follows unit testing and precedes the test system.

Tests of integration as input modules that have been unit tested, groups larger aggregates, applies tests defined in a test plan for integration of these aggregates, and delivers its output data ready for integrated system testing.

Purpose
The purpose of integration is to verify the functional tests, performance and reliability on the major design requirements of the articles. These "design objects", ie sets (or groups of units) shall be exercised through their black box using test interfaces, success and error cases simulated by appropriate parameter and data entry. Simulation of the use of shared data and areas of inter-process communication is tested and subsystems are exercised through their input interface. Test cases are constructed to verify that all components within assemblages interact correctly, for example through procedure calls or process activations, and this is done after the test individual modules, that is to say the unit tests.

The general idea is a "building block" in the check assemblies that are added to a basic check, which is then used to support the integration of new test assemblies.

Some types of integration tests are big bang, top-down and bottom-up.

Big Bang
In this approach, all or most of the developed modules are combined to form a software system or a significant part of the system and then used for integration tests. The Big Bang is very effective method to save time in the integration testing process. However, if the test cases and their results are not properly registered, the whole process of integration will be more complex and prevent the May testing team to achieve the goal of integration.

A type of "Big Bang" integration tests is called usage model testing. Usage type of test can be used in software and hardware integration. The basis of this type of integration is to launch the user tests, as the workload of the user included in similar environments. By testing in this way, the environment is the test, while the individual components are proofed indirectly through their use. Usage type of test has a optimistic approach to the test, because it expects to have some problems with individual components. The strategy relies heavily on the developers of individual components to the test unit for their products. The objective of this strategy is to avoid repeating the tests carried out by developers, and instead of flesh on the problems caused by the interaction of components in the environment. For integration tests, the tests use type can be more efficient and provides better test coverage focused more traditional functional testing. To be more efficient and accurate, care must be used in the definition of the user, as the workload to create realistic scenarios in the exercise of the environment. This gives the integrated environment works as expected for the target audience.


Bottom Up and Top Down
There are two types of integration.

1. Bottom Up

2. Top Down.


Bottom-Up Testing: An approach to integration testing where the lowest level components are tested first, and then used to facilitate testing of components at a higher level. The process is repeated until the element at the top of the hierarchy is tested.

All low or low-level modules, procedures or functions are integrated and tested. After the integration of lower level tests integrated modules, the next level of modules will be trained and can be used for integration tests. This approach is useful only when all or most of the modules of the same level of development loans. This method also allows to determine the levels of software and it is easier to report the progress of testing as a percentage.

Top Down is the procedure where the top integrated modules are tested and part of module testing, step by step, until the end of the relationship with the module. The main advantage of the database is easy to find bugs. Top to bottom, it is easy to find the missing link branch.

Limitations
Any condition not specified in integration tests, apart from the confirmation of the execution of the design items are usually not tested.



Testing Level 3 : System testing


System testing of software or hardware testing is performed on an integrated system to verify and assess the system with its requirements. System testing falls within the scope of black box testing, and as such, should require no knowledge of the interior design of the code or logic.

In general, the test system has, as its entry, all the "integrated" software components that have successfully passed the integration tests and the software itself incorporated into any applicable hardware system (s). Test system is a limiting type of testing, it seeks to detect defects both within the inter-assemblages "and also in the system as a whole.

System testing is performed throughout the system as part of a functional specification (s) (FRS) and / or a System Requirement Specification (SRS). Test system is a phase of inquiry, where the emphasis is to have almost a destructive attitude and test not only the design but also the behavior and believed the same expectations. It is also intended to test and beyond the limits defined in the hardware / software specification (s). Test system includes load testing and stress testing. Once the load testing and stress tests are completed successfully, the next level of Alpha or Beta Testing Testing will proceed.

Types of system testing

The following examples are the different types of tests that should be considered during the system test:

  • GUI software testing
  • Usability testing
  • Benchmarks
  • Compatibility tests
  • Error handling test
  • Load test
  • Volume test
  • Stress tests
  • Help for usability testing
  • Testing for safety
  • Scalability tests
  • Capacity test
  • Sanity testing
  • Smoke tests
  • Test
  • Ad hoc tests
  • Regression testing
  • Reliability testing
  • Recovery test
  • Test facility
  • Maintenance Test
  • Accessibility tests


Tsting Level 4 : System Integration Test


System Integration Test (SIT) in the context of systems and software

engineering, is a testing process that exercises a software system coexistence with others. The integration of the system has multiple test systems that have made the system tests, tests for entry and their necessary interaction. After this process, the Deliverables are submitted to acceptance testing.

System integration testing (SIT) is a testing phase occurs after the unit tests and

prior to testing user acceptance (UAT).

Some of the Features of SIT:
System Integration Test (SIT) is the testing of the subsystems as a whole, to ensure that they function as a system.
The test should be guided by the requirement of the specification and system integration (SI) of the engineer's knowledge that the system should do.
No requirement to define the specifications of a system fully, they will always be gaps in what the requirement of the specification says and what is expected of a system.
This is where the experience of the engineer SI comes into play, because he / she carries out his work they need to keep your eyes open for any defects or problems. If the engineer must be aware that defects will be present, which there is through informal testing, ie the operating system and see what happens.
The SIT should ensure that the system meets the requirements of the specification of the formal and any implied or "common sense" requirements are met.
S.I.T. should also take place in different environments, for example, different temperatures. This should not be anything fancy, for example, a full environmental tests, but can be as little as possible of the airflow down, or a little, by turning the laboratory or thermostat down a little, it is amazing how small changes in the environment can affect the performance of a system.



Testing Level 5 : Acceptance Testing


In engineering and its various subdisciplines, acceptance testing is black-box testing of a system (eg software, lots of manufacture of mechanical parts, or batches of chemical products) prior to its delivery. In others, it is known that functional testing, black box testing, release acceptance, testing, quality assurance, application testing, confidence testing, testing, validation, testing of acceptance or factory.

In software development, acceptance testing by the supplier of the system is often distinguished from acceptance testing by the customer (the user or the client) before accepting the transfer of ownership. In such environments, the trials to acceptance by the customer is known as the test user acceptance (UAT). This is also known as end-user testing, the site (acceptance) test or field (acceptance) testing.

Overview
Acceptance testing generally involves running a series of tests on the completed system. Each test, known as cases, exercises a state of operation of the user's environment or feature of the system and will result in a pass or fail boolean outcome. There is generally no degrees of success or failure. The test environment is usually designed to be identical or as close as possible, provided the user to the environment, including such extremes. These test cases must each be accompanied by test case input data or a formal description of operational activities (or both) to achieve, to thoroughly exercise the specific case and a description of the results.

Acceptance Tests / Criterion (in Agile Software Development) are usually created by customers and expressed in a business language. These are high-level tests to test the compliance of a story or user stories "played" during any sprint / iteration. These tests are created preferably through collaboration between customers, business analysts, testers and developers, but business customers (product owners) are the primary owners of these tests. When the user passes the stories of their acceptance criteria, business owners can be sure that the developers are progressing in the right direction on how the application was intended to work and it is therefore essential that These tests include tests of logic, and interface elements of validation (if required).

Acceptance of test cards are perfectly created during sprint planning and iteration planning meeting, before the development so that developers have a clear idea of what to develop. Sometimes (because of poor planning) tests in May of multiple stories (that are not implemented in the same sprint) and there are different ways to test them during the sprint. A popular technique is to mock external interfaces or data to mimick other stories that could not be played during an iteration (as these stories May were relatively lower priority). A history of the user is not considered complete until the acceptance tests have passed.

Process
Following acceptance test is directed against the entry of data or by using a test script to direct acceptance testers. Then, the results are compared with the results. If there is a good match for all cases, the test suite is said to pass. If not, the system May be either accepted or rejected in conditions previously agreed between the developer and builder.

The aim is to give confidence that the system of record of meeting the needs of both authors and users. The acceptance phase May also act as a gateway to the quality, where no quality defects to be detected in May uncovered.

A main goal of acceptance testing is that, once successfully completed, and provided that certain other (contract) are met acceptance criteria, the authors then sign on the system as satisfying the contract ( prior agreement between developer and manufacturer), and deliver final payment.

Types of acceptance testing
The types of acceptance testing are

Acceptance testing by the user
This May include acceptance testing at the factory, ie the testing facility by users before the plant is moved to its own site, after which the site acceptance testing be performed in May by users on the site.
Operational acceptance testing
Also known as operational readiness test, it is the de facto control to a system to ensure that processes and procedures are in place to allow the system to be used and maintained. This May include controls to safeguard the facilities, procedures for disaster recovery, training for end users, maintenance procedures and safety procedures.
Contract and regulation acceptance testing
Contract acceptance testing, a system is tested against the criteria for acceptance as a contract, before the system is accepted. In regulation acceptance testing, a system is tested to ensure it meets governmental, legal and safety standards.
Alpha and beta test
Alpha testing is carried out at site developers, and testing of the operating system by the staff before it is delivered to external customers. Beta testing is done to clients sites, and testing by a group of customers who use the system to their own sites and feedback before the system is handed over to other customers. This is often called the "field testing".




Friday, September 4, 2009

Software QA and Testing Frequently-Asked-Questions

What makes a good Software Test engineer?
A good test engineer has a 'test to break' attitude, an ability to take the point of view of the customer, a strong desire for quality, and an attention to detail. Tact and diplomacy are useful in maintaining a cooperative relationship with developers, and an ability to communicate with both technical (developers) and non-technical (customers, management) people is useful. Previous software development experience can be helpful as it provides a deeper understanding of the software development process, gives the tester an appreciation for the developers' point of view, and reduce the learning curve in automated test tool programming. Judgement skills are needed to assess high-risk or critical areas of an application on which to focus testing efforts when time is limited.

What makes a good Software QA engineer?
The same qualities a good tester has are useful for a QA engineer. Additionally, they must be able to understand the entire software development process and how it can fit into the business approach and goals of the organization. Communication skills and the ability to understand various sides of issues are important. In organizations in the early stages of implementing QA processes, patience and diplomacy are especially needed. An ability to find problems as well as to see 'what's missing' is important for inspections and reviews.

What makes a good QA or Test manager?
A good QA, test, or QA/Test(combined) manager should:

  • be familiar with the software development process
  • be able to maintain enthusiasm of their team and promote a positive atmosphere, despite what is a somewhat 'negative' process (e.g., looking for or preventing problems)
  • be able to promote teamwork to increase productivity
  • be able to promote cooperation between software, test, and QA engineers
  • have the diplomatic skills needed to promote improvements in QA processes
  • have the ability to withstand pressures and say 'no' to other managers when quality is insufficient or QA processes are not being adhered to
  • have people judgement skills for hiring and keeping skilled personnel
  • be able to communicate with technical and non-technical people, engineers, managers, and customers.
  • be able to run meetings and keep them focused

What's the role of documentation in QA?
Generally, the larger the team/organization, the more useful it will be to stress documentation, in order to manage and communicate more efficiently. (Note that documentation may be electronic, not necessarily in printable form, and may be embedded in code comments, may be embodied in well-written test cases, user stories, etc.) QA practices may be documented to enhance their repeatability. Specifications, designs, business rules, configurations, code changes, test plans, test cases, bug reports, user manuals, etc. may be documented in some form. There would ideally be a system for easily finding and obtaining information and determining what documentation will have a particular piece of information. Change management for documentation can be used where appropriate. For agile software projects, it should be kept in mind that one of the agile values is "Working software over comprehensive documentation", which does not mean 'no' documentation. Agile projects tend to stress the short term view of project needs; documentation often becomes more important in a project's long-term context.

What's the big deal about 'requirements'?
One of the most reliable methods of ensuring problems, or failure, in a large, complex software project is to have poorly documented requirements specifications. (Note that requirements documentation can be electronic, not necessarily in the form of printable documents, and may be embedded in code comments, may be embodied in well-written test cases, etc.) Requirements are the details describing an application's externally-perceived functionality and properties. Requirements should be clear, complete, reasonably detailed, cohesive, attainable, and testable. A non-testable requirement would be, for example, 'user-friendly' (too subjective). A more testable requirement would be something like 'the user must enter their previously-assigned password to access the application'. Determining and organizing requirements details in a useful and efficient way can be a difficult effort; different methods are available depending on the particular project. Many books are available that describe various approaches to this task. (See the section's 'Software Requirements Engineering' category for books on Software Requirements.)

Care should be taken to involve ALL of a project's significant 'customers' in the requirements process. 'Customers' could be in-house personnel or outside personnel, and could include end-users, customer acceptance testers, customer contract officers, customer management, future software maintenance engineers, salespeople, etc. Anyone who could later derail the project if their expectations aren't met should be included if possible.

Organizations vary considerably in their handling of requirements specifications. Often the requirements are spelled out in a document with statements such as 'The product shall.....'. 'Design' specifications should not be confused with 'requirements'; design specifications are ideally traceable back to the requirements.

In some organizations requirements may end up in high level project plans, functional specification documents, in design documents, or in other documents at various levels of detail. No matter what they are called, some type of documentation with detailed requirements will be needed by testers in order to properly plan and execute tests. Without such documentation, there will be no clear-cut way to determine if a software application is performing correctly.

'Agile' approaches use methods requiring close interaction and cooperation between programmers and customers/end-users to iteratively develop requirements, user stories, etc. In the XP 'test first' approach developers create automated unit testing code before the application code, and these automated unit tests essentially embody the requirements.

What steps are needed to develop and run software tests?
The following are some of the steps to consider:

  • Obtain requirements, functional design, and internal design specifications, user stories, and other available/necessary information
  • Obtain budget and schedule requirements
  • Determine project-related personnel and their responsibilities, reporting requirements, required standards and processes (such as release processes, change processes, etc.)
  • Determine project context, relative to the existing quality culture of the product/organization/business, and how it might impact testing scope, aproaches, and methods.
  • Identify application's higher-risk and mor important aspects, set priorities, and determine scope and limitations of tests.
  • Determine test approaches and methods - unit, integration, functional, system, security, load, usability tests, etc.
  • Determine test environment requirements (hardware, software, configuration, versions, communications, etc.)
  • Determine testware requirements (automation tools, coverage analyzers, test tracking, problem/bug tracking, etc.)
  • Determine test input data requirements
  • Identify tasks, those responsible for tasks, and labor requirements
  • Set schedule estimates, timelines, milestones
  • Determine, where apprapriate, input equivalence classes, boundary value analyses, error classes
  • Prepare test plan document(s) and have needed reviews/approvals
  • Write test cases
  • Have needed reviews/inspections/approvals of test cases
  • Prepare test environment and testware, obtain needed user manuals/reference documents/configuration guides/installation guides, set up test tracking processes, set up logging and archiving processes, set up or obtain test input data
  • Obtain and install software releases
  • Perform tests
  • Evaluate and report results
  • Track problems/bugs and fixes
  • Retest as needed
  • Maintain and update test plans, test cases, test environment, and testware through life cycle

What's a 'test plan'?
A software project test plan is a document that describes the objectives, scope, approach, and focus of a software testing effort. The process of preparing a test plan is a useful way to think through the efforts needed to validate the acceptability of a software product. The completed document will help people outside the test group understand the 'why' and 'how' of product validation. It should be thorough enough to be useful but not so thorough that no one outside the test group will read it. The following are some of the items that might be included in a test plan, depending on the particular project:

  • Title
  • Identification of software including version/release numbers
  • Revision history of document including authors, dates, approvals
  • Table of Contents
  • Purpose of document, intended audience
  • Objective of testing effort
  • Software product overview
  • Relevant related document list, such as requirements, design documents, other test plans, etc.
  • Relevant standards or legal requirements
  • Traceability requirements
  • Relevant naming conventions and identifier conventions
  • Overall software project organization and personnel/contact-info/responsibilties
  • Test organization and personnel/contact-info/responsibilities
  • Assumptions and dependencies
  • Project risk analysis
  • Testing priorities and focus
  • Scope and limitations of testing
  • Test outline - a decomposition of the test approach by test type, feature, functionality, process, system, module, etc. as applicable
  • Outline of data input equivalence classes, boundary value analysis, error classes
  • Test environment - hardware, operating systems, other required software, data configurations, interfaces to other systems
  • Test environment validity analysis - differences between the test and production systems and their impact on test validity.
  • Test environment setup and configuration issues
  • Software migration processes
  • Software CM processes
  • Test data setup requirements
  • Database setup requirements
  • Outline of system-logging/error-logging/other capabilities, and tools such as screen capture software, that will be used to help describe and report bugs
  • Discussion of any specialized software or hardware tools that will be used by testers to help track the cause or source of bugs
  • Test automation - justification and overview
  • Test tools to be used, including versions, patches, etc.
  • Test script/test code maintenance processes and version control
  • Problem tracking and resolution - tools and processes
  • Project test metrics to be used
  • Reporting requirements and testing deliverables
  • Software entrance and exit criteria
  • Initial sanity testing period and criteria
  • Test suspension and restart criteria
  • Personnel allocation
  • Personnel pre-training needs
  • Test site/location
  • Outside test organizations to be utilized and their purpose, responsibilties, deliverables, contact persons, and coordination issues
  • Relevant proprietary, classified, security, and licensing issues.
  • Open issues
  • Appendix - glossary, acronyms, etc.

What's a 'test case'?
A test case describes an input, action, or event and an expected response, to determine if a feature of a software application is working correctly. A test case may contain particulars such as test case identifier, test case name, objective, test conditions/setup, input data requirements, steps, and expected results. The level of detail may vary significantly depending on the organization and project context.

Note that the process of developing test cases can help find problems in the requirements or design of an application, since it requires completely thinking through the operation of the application. For this reason, it's useful to prepare test cases early in the development cycle if possible.

What should be done after a bug is found?
The bug needs to be communicated and assigned to developers that can fix it. After the problem is resolved, fixes should be re-tested, and determinations made regarding requirements for regression testing to check that fixes didn't create problems elsewhere. If a problem-tracking system is in place, it should encapsulate these processes. A variety of commercial problem-tracking/management software tools are available (see the section for web resources with listings of such tools). The following are items to consider in the tracking process:

  • Complete information such that developers can understand the bug, get an idea of it's severity, and reproduce it if necessary.
  • Bug identifier (number, ID, etc.)
  • Current bug status (e.g., 'Released for Retest', 'New', etc.)
  • The application name or identifier and version
  • The function, module, feature, object, screen, etc. where the bug occurred
  • Environment specifics, system, platform, relevant hardware specifics
  • Test case name/number/identifier
  • One-line bug description
  • Full bug description
  • Description of steps needed to reproduce the bug if not covered by a test case or if the developer doesn't have easy access to the test case/test script/test tool
  • Names and/or descriptions of file/data/messages/etc. used in test
  • File excerpts/error messages/log file excerpts/screen shots/test tool logs that would be helpful in finding the cause of the problem
  • Severity estimate (a 5-level range such as 1-5 or 'critical'-to-'low' is common)
  • Was the bug reproducible?
  • Tester name
  • Test date
  • Bug reporting date
  • Name of developer/group/organization the problem is assigned to
  • Description of problem cause
  • Description of fix
  • Code section/file/module/class/method that was fixed
  • Date of fix
  • Application version that contains the fix
  • Tester responsible for retest
  • Retest date
  • Retest results
  • Regression testing requirements
  • Tester responsible for regression tests
  • Regression testing results
A reporting or tracking process should enable notification of appropriate personnel at various stages. For instance, testers need to know when retesting is needed, developers need to know when bugs are found and how to get the needed information, and reporting/summary capabilities are needed for managers.

What is 'configuration management'?
Configuration management covers the processes used to control, coordinate, and track: code, requirements, documentation, problems, change requests, designs, tools/compilers/libraries/patches, changes made to them, and who makes the changes. (See the section for web resources with listings of configuration management tools. Also see the section's 'Configuration Management' category for useful books with more information.)

What if the software is so buggy it can't really be tested at all?
The best bet in this situation is for the testers to go through the process of reporting whatever bugs or blocking-type problems initially show up, with the focus being on critical bugs. Since this type of problem can severely affect schedules, and indicates deeper problems in the software development process (such as insufficient unit testing or insufficient integration testing, poor design, improper build or release procedures, etc.) managers should be notified, and provided with some documentation as evidence of the problem.

How can it be known when to stop testing?
This can be difficult to determine. Most modern software applications are so complex, and run in such an interdependent environment, that complete testing can never be done. Common factors in deciding when to stop are:

  • Deadlines (release deadlines, testing deadlines, etc.)
  • Test cases completed with certain percentage passed
  • Test budget depleted
  • Coverage of code/functionality/requirements reaches a specified point
  • Bug rate falls below a certain level
  • Beta or alpha testing period ends

What if there isn't enough time for thorough testing?
Use risk analysis, along with discussion with project stakeholders, to determine where testing should be focused.
Since it's rarely possible to test every possible aspect of an application, every possible combination of events, every dependency, or everything that could go wrong, risk analysis is appropriate to most software development projects. This requires judgement skills, common sense, and experience. (If warranted, formal methods are also available.) Considerations can include:

  • Which functionality is most important to the project's intended purpose?
  • Which functionality is most visible to the user?
  • Which functionality has the largest safety impact?
  • Which functionality has the largest financial impact on users?
  • Which aspects of the application are most important to the customer?
  • Which aspects of the application can be tested early in the development cycle?
  • Which parts of the code are most complex, and thus most subject to errors?
  • Which parts of the application were developed in rush or panic mode?
  • Which aspects of similar/related previous projects caused problems?
  • Which aspects of similar/related previous projects had large maintenance expenses?
  • Which parts of the requirements and design are unclear or poorly thought out?
  • What do the developers think are the highest-risk aspects of the application?
  • What kinds of problems would cause the worst publicity?
  • What kinds of problems would cause the most customer service complaints?
  • What kinds of tests could easily cover multiple functionalities?
  • Which tests will have the best high-risk-coverage to time-required ratio?

What if the project isn't big enough to justify extensive testing?
Consider the impact of project errors, not the size of the project. However, if extensive testing is still not justified, risk analysis is again needed and the same considerations as described previously in apply. The tester might then do ad hoc testing, or write up a limited test plan based on the risk analysis.

How does a client/server environment affect testing?
Client/server applications can be quite complex due to the multiple dependencies among clients, data communications, hardware, and servers, especially in multi-tier systems. Thus testing requirements can be extensive. When time is limited (as it usually is) the focus should be on integration and system testing. Additionally, load/stress/performance testing may be useful in determining client/server application limitations and capabilities. There are commercial tools to assist with such testing. (See the section for web resources with listings that include these kinds of test tools.)

How can World Wide Web sites be tested?
Web sites are essentially client/server applications - with web servers and 'browser' clients. Consideration should be given to the interactions between html pages, web services, encrypted communications, Internet connections, firewalls, applications that run in web pages (such as javascript, flash, other plug-in applications), the wide variety of applications that could run on the server side, etc. Additionally, there are a wide variety of servers and browsers, various versions of each, small but sometimes significant differences between them, variations in connection speeds, rapidly changing technologies, and multiple standards and protocols. The end result is that testing for web sites can become a major ongoing effort. Other considerations might include:

  • What are the expected loads on the server (e.g., number of hits per unit time?), and what kind of performance is required under such loads (such as web server response time, database query response times). What kinds of tools will be needed for performance testing (such as web load testing tools, other tools already in house that can be adapted, load generation appliances, etc.)?
  • Who is the target audience? What kind and version of browsers will they be using, and how extensively should testing be for these variations? What kind of connection speeds will they by using? Are they intra- organization (thus with likely high connection speeds and similar browsers) or Internet-wide (thus with a wide variety of connection speeds and browser types)?
  • What kind of performance is expected on the client side (e.g., how fast should pages appear, how fast should flash, applets, etc. load and run)?
  • Will down time for server and content maintenance/upgrades be allowed? how much?
  • What kinds of security (firewalls, encryption, passwords, functionality, etc.) will be required and what is it expected to do? How can it be tested?
  • What internationilization/localization/language requirements are there, and how are they to be verified?
  • How reliable are the site's Internet connections required to be? And how does that affect backup system or redundant connection requirements and testing?
  • What processes will be required to manage updates to the web site's content, and what are the requirements for maintaining, tracking, and controlling page content, graphics, links, etc.?
  • Which HTML and related specification will be adhered to? How strictly? What variations will be allowed for targeted browsers?
  • Will there be any standards or requirements for page appearance and/or graphics throughout a site or parts of a site?
  • Will there be any development practices/standards utilized for web page components and identifiers, which can significantly impact test automation.
  • How will internal and external links be validated and updated? how often?
  • Can testing be done on the production system, or will a separate test system be required? How are browser caching, variations in browser option settings, connection variabilities, and real-world internet 'traffic congestion' problems to be accounted for in testing?
  • How extensive or customized are the server logging and reporting requirements; are they considered an integral part of the system and do they require testing?
  • How are flash, applets, javascripts, ActiveX components, etc. to be maintained, tracked, controlled, and tested?
Some sources of site security information include the Usenet newsgroup 'comp.security.announce' and links concerning web site security in the

Hundreds of web site test tools are available and more than 420 of them are listed in the .

How is testing affected by object-oriented designs?
Well-engineered object-oriented design can make it easier to trace from code to internal design to functional design to requirements. While there will be little affect on black box testing (where an understanding of the internal design of the application is unnecessary), white-box testing can be oriented to the application's objects. If the application was well-designed this can simplify test design.

What is Extreme Programming and what's it got to do with testing?
Extreme Programming (XP) is a software development approach for small teams on risk-prone projects with unstable requirements. It was created by Kent Beck who described the approach in his book 'Extreme Programming Explained' (See the ). Testing ('extreme testing') is a core aspect of Extreme Programming. Programmers are expected to write unit and functional test code first - before writing the application code. Test code is under source control along with the rest of the code. Customers are expected to be an integral part of the project team and to help develope scenarios for acceptance/black box testing. Acceptance tests are preferably automated, and are modified and rerun for each of the frequent development iterations. QA and test personnel are also required to be an integral part of the project team. Detailed requirements documentation is not used, and frequent re-scheduling, re-estimating, and re-prioritizing is expected. For more info on XP and other 'agile' software development approaches (Scrum, Crystal, etc.) see the resource listings in the section.

Thursday, September 3, 2009

Test Partner

TestPartner - Introduction

IT managers charged with ensuring application quality are confronted with a number of critical business challenges:

  • Verify that applications function as expected and fulfill business requirements

  • Test multiple heterogeneous application technologies

  • Meet ever-more-rapid release schedules

  • Achieve the right balance between risk and quality.

If that weren't enough, IT struggles with limited resources, hard deadlines that squeeze testing cycles and late-breaking requirement changes.

In the face of these business demands, TestPartner's functional testing capabilities accelerate testing and enable successful application delivery outcomes on-time, at a lower cost, with higher quality than ever before. TestPartner achieves these results through a tiered approach to testing that enables developers, quality experts, and non-technical application users to collaborate and test more in the time available.

TestPartner's visual, contextual approach to capturing business processes empowers non-technical application users to participate in the testing process. At the same time, TestPartner provides expert testers and software developers with access to Visual Basic for Applications, allowing them to solve even the most complex testing challenges. This flexibility and focus on usability allows quality teams to produce positive results even with minimal training.

TestPartner enables IT to:



  1. Leverage non-technical as well as experienced testers to test applications more thoroughly in the time available

  2. Collaborate throughout the software development lifecycle, resulting in higher team efficiency and greater project effectiveness

  3. Automate regression testing to quicken acceptance of application patches, service packs, and other regular updates

  4. Clearly and unambiguously document test results, accelerating the identification and resolution of application issues

  5. Understand the results of testing, enabling confident delivery of applications that meet requirements and provide the expected business value

  6. Use test results to facilitate test maintenance, providing improved return on the test automation investment
  7. Build quality into applications earlier in the life cycle, leading to lower development and maintenance costs

  8. Accelerate quality efforts for a broad range of technology platforms, including Web, .NET, Java, SAP, Oracle and many other distributed Windows-based applications.

TestPartner's value is further enhanced through its tight integration with Compuware's Test Management solution, which improves application delivery by providing IT with the ability to more effectively assess and balance risk, cost, and schedule. TestPartner is also an integral component within Quality Management, which provides IT with the ability to control, measure, manage and continuously improve the delivery of higher quality applications. Quality Management's reporting and real-time insight into project quality status results in informed quality decisions, and allows IT to deploy applications with greater confidence.


TestPartner - Product Preview

Automated, repeatable testing with TestPartner TestPartner is an automated testing tool that accelerates functional testing and facilitates the delivery of business-critical applications.

With TestPartner, you can more rapidly validate applications before going live, verify that application updates don't introduce regressions or even test nightly builds with automated smoke tests. TestPartner offers a storyboard-based visual approach to testing that lets application users confidently capture test scenarios. VBA scripting is available to enable advanced users to meet even the most demanding test cases. You build test assets earlier in the development life cycle, test more thoroughly and deploy applications with confidence.

TestPartner's broad environment support means that enterprises with heterogeneous environments can be confident about easily validating Microsoft, Java, web, SAP, Oracle and many other distributed technologies with speed and consistency.


TestPartner - Build tests without programming

Unlike testing tools that require users to understand a programming language, TestPartner's Visual Navigator makes testing accessible to even novice users, allowing virtually anyone to be immediately productive.


TestPartner - Build tests without programming

Unlike testing tools that require users to understand a programming language, TestPartner's Visual Navigator makes testing accessible to even novice users, allowing virtually anyone to be immediately productive.

Within the Visual Navigator, you access panes that provide a preview of each screen being tested, the pertinent test steps for each and a storyboard view that ties it all together. As each step is selected, the corresponding control within the screen preview is highlighted, which clearly defines the automation context.
Additionally, each test step has related properties that can be modified by the user or even populated via a data file to facilitate fully data-driven testing. Ultimately, this approach allows application users—who are intimately familiar with the application under test, but often lack the technical expertise to use automated testing tools—to comfortably and confidently capture business transactions, verify the proper functionality is tested and assist in updating the test when inaccuracies are found or the application changes.


TestPartner - Modify and customize tests

In addition to capturing a screenshot of each application window, which is displayed within the screen preview pane,

TestPartner records detailed information about the controls and properties for each screen. This means you can easily augment or modify an existing test based upon the information already captured.

For example, you can:



  • insert new steps directly from the screen preview (or the application under test)

  • modify existing tests to perform different or additional steps
  • change the action performed (e.g., replace single-click with a double-click) or the data being input

  • add verifications that weren't inserted during the initial record session

  • do all of this without having to re-record against the original application.

This "offline editing" capability is especially valuable for modern "workflow-driven" applications

, where you might spend several minutes or more simply returning to the point where you can capture additional data or record new actions. With TestPartner, as long as the underlying application data hasn't changed, you achieve higher productivity by simply going right to the pertinent screen and making changes and additions as needed.


TestPartner - Understand and document tests and results unambiguously

TestPartner removes abstraction to give users a better understanding of what the test should automate and the actual results. You no longer have to guess. You can see exactly what each step intends to automate.


Similarly, when a test exposes an application problem, the visual test results are much more efficient and effective in leading to a positive identification and resolution. You no longer have to struggle for hours to reproduce issues live.

Additionally, tests can be printed to provide external documents for manual testing, user documentation and training, or archived for process compliance and auditing. Similarly, test results can be printed to provide reports that can be reviewed at meetings, aid with troubleshooting or provide evidence supporting process compliance.


TestPartner - Build in test "intelligence" with logic designers

To test applications thoroughly, it's important to do more than simply record and playback.

TestPartner comes with built-in wizards and logic designers that make it easy to build and execute sophisticated test cases.

These wizards and logic designers are instantly accessible through the Logic Toolbox or via right-click menus. Users can successfully fulfill even complex test cases by adding logic that allows:

  1. quick creation of data-driven tests

  2. testing for the presence of text, images, properties, etc.

  3. steps to occur only when specific conditions are met

  4. creation and use of variable data

  5. repetition of test steps

  6. testing and verification of actual and expected results

  7. synchronization of the test with the application being tested

  8. automatic error handling

  9. and more.

TestPartner - Accelerate test maintenance

One of the biggest challenges with automated testing is maintaining the test assets over time.

When the application changes, the test cases that correspond to that functionality need to be updated. TestPartner simplifies this effort in two ways.

First, you can view results with the Visual Navigator, TestPartner's built-in screen preview that shows both the original test screen and the screen that was captured at playback, allowing you to identify critical changes in the application immediately.

Second, TestPartner's one-click Update Screen feature allows application changes to be instantly captured into the visual test. For example, if you determined that a new field was added to an existing screen within the application under test, you could select the Update Screen to capture the new screen definition (along with associated properties) without having to re-record the test. By enabling you to spend less time on test maintenance and more time on testing the application thoroughly, TestPartner improves your return on investment.


TestPartner - VBA scripting

TestPartner's visual tests provide an approach to testing that requires no programming experience, and offers more advanced capabilities for expert users via Microsoft Visual Basic for Applications.


The availability of VBA-based tests means expert users can work at whatever level is best suited for a given project or test—use an entirely visual approach, integrate VBA routines with visual tests to enable customization and complex text cases, or work entirely with VBA.


TestPartner's VBA and visual testing features are designed to work closely in conjunction, so testers can call VBA routines at any point within a visual test, passing and returning data as necessary to fulfill the test case.VBA's rich feature-set, which includes broad debugging capabilities and Microsoft auto-completing IntelliSense™, makes users more efficient and productive than with proprietary programming languages or other feature-poor development environments.


TestPartner - VBA scripting

TestPartner's visual tests provide an approach to testing that requires no programming experience, and offers more advanced capabilities for expert users via Microsoft Visual Basic for Applications.


The availability of VBA-based tests means expert users can work at whatever level is best suited for a given project or test—use an entirely visual approach, integrate VBA routines with visual tests to enable customization and complex text cases, or work entirely with VBA.


TestPartner's VBA and visual testing features are designed to work closely in conjunction, so testers can call VBA routines at any point within a visual test, passing and returning data as necessary to fulfill the test case.VBA's rich feature-set, which includes broad debugging capabilities and Microsoft auto-completing IntelliSense™, makes users more efficient and productive than with proprietary programming languages or other feature-poor development environments.


TestPartner - Collaborate to communicate and operate more effectively

As test teams get increasingly distributed and incorporate application users, testers and developers, clear and effective communication becomes increasingly important.

To that end, TestPartner includes a team-oriented collaboration feature that allows users to flag and describe particular items of interest within a test or test result, and assign to another user as applicable. This allows work scenarios where, for example:

  1. An application user successfully captures a business process, and then flags and assigns it to a quality expert for inclusion within the test framework.

  2. A member of the quality team reproduces a defect, flags the point at which the problem occurs and assigns it to a developer for investigation.

  3. The test result appears to show a change in the application under test. A member of the quality team assigns the result to an application user to verify whether this is the expected behavior.

TestPartner Program

Transition Networks's Test Partner Program is a new kind of product testing program.

The Test Partner Program consists of our Technical Support staff and select Transition customers working together to insure that product supportability is designed into every Transition product. We do this by providing our Test Partner Program participants with final releases of products, and then working closely with the Test Partner to find ways to enhance/improve the product.

Through Test Partners, Transition is able to isolate and resolve a problem, or define and determine the scope of a new feature or function, resulting in a win-win situation for Transition, our resellers and our customers.

Test Partners are not expected to execute a laborious product acceptance test plan. We recognize that a Test Partner's resources may be limited. Test Partners can test the product any way they want to. The challenge is simple - break it if you can. We promise that all problems reported by a Test Partner will be Priority #1!

Our Technical Support Department qualifies potential Test Partners on the basis of robustness of their networks, client count, eagerness to participate in the program, and the networking expertise of the Test Partner's technical contact person. Most importantly, the Test Partner must possess a "partner", rather than a "customer" mentality.

Transition's Test Partner Program requirements are few, but important. Participants must:

  1. provide a diagram of their network illustrating backbones, device and client count.

  2. capture a performance baseline before installation so that a comparison can be made.

  3. give this testing a reasonable amount of priority.

  4. provide as much detail as practical when reporting problems.

  5. allow Transition's Marketing Department an interview so that the prestige of their opinion can be shared.

Events

Events are unscheduled occurrences or conditions to which you want the target application to respond in a specified manner. Test Partner supports two categories of events: Wait and Whenever.

A Wait event tells Test Partner to wait for a specified occurrence before proceeding. Wait events are useful in situations where you cannot anticipate the amount of time a response will take. An example of a Wait event would be waiting for a system login prompt. When your script is running against a network-based application that requires the user

to log in, the amount of time it takes for the login prompt to display may vary. To account for this variance, you can insert a Wait event that instructs your script to wait for the login prompt before proceeding to type a username and password.

A Whenever event tells Test Partner to watch for a specific occurrence and, if it occurs, perform a special set of steps. Whenever events are useful for trapping unexpected error conditions during a test run. For example, you can include events in your scripts to recognize when the connection to the server has been interrupted by a communications error or a network system message has been received, so that the script can report or work around the problem. In a script, Test Partner automatically inserts the Script_Whenever function by default to handle the whenever event. If a whenever event is inserted into a module, shared module, or class module, you must customize the whenever event handler code. Test Partner supports the following types of Events:

i) Bitmap Event:--

A bitmap event detects the presence, absence, or state of a graphic in a window.

ii) Date/Time Event:--

date/Time events enable you to define a date or time condition. Test Partner recognizes the event by monitoring the internal clock of the computer on which it and the target application are running.

iii) Key Event:--

Watch for the entry of a particular keystroke combination by the user. You can use key events to:

  • Build your own “hotkeys” to make Test Partner perform an action whenever the hotkey is used.
  • Interrupt a script to take manual control of the target application.
  • Pause a script until a particular key is used.
  • Prevent certain keys from being entered.
iv) Menu Events:--

Watch for when a particular menu item is selected by the user.

v) Mouse Events:--

Watch for when one of the mouse buttons is clicked or released in a certain window.

vi) Screen Events:--

A screen event detects the presence or absence of text in a window. The most common use of screen events is to synchronize with host-based applications and to detect error messages.

vii) Window Events:--

A window event detects an action on a window; for example, its creation, destruction, movement, or its existence.

Data Driven Test:--

The Test Partner Active Data Test Creation wizard provides a non-programmatic way to create data-driven tests. Such tests are useful for testing form-based applications. Using the wizard, you can record a test, choose the fields you want to include in your data file, then populate the data file itself using a data table.

To create a data test

1. From the Script menu, choose Create Data Test. The Data Test wizard appears.
2. Read the instructions and click Next.
3. Follow the instructions in the Data Layout Assistant for the three steps necessary to define the scope of the test.
4. Enter a name for the Data Table.
5. Exclude any fields you do not want to include in the test by unchecking the Use checkbox and click Next.
6. Read the instructions and click Finish.


TestPartner shows the Data Table, which includes a column for each field you defined and one row of data. The data table also includes a column labelled Results Script, to specify a script to be run after the data driven test.


To modify the data table.

1. If you have just recorded a new data test and the data table is open, proceed to step 3.


2. To modify an existing data test, select Modify Data Table on the Script menu and choose the data table you want to change.


3. To add rows and populate the table with test data, right-click on the empty row labelled END ( or any other row) and select Insert on the context menu. Test Partner inserts a new row above the selected row.


4. Enter test data into the cells of the new row.


5. Alternatively, right-click the empty row and choose Import. You can import data from a tab-delimited text (.TXT) or comma-delimited (.CSV) file to populate the cells of the data table. If you select the END row in the table, TestPartner will add multiple rows if needed to accommodate the data.


6. To delete rows from the table, right-click the row and choose Delete. To delete multiple rows, press the Ctrl or Shift (for contiguous rows) key while selecting rows to delete.


7. To launch another script from the data test, insert the name of the script in the Results Script field in the table at any point(s) at which you want to run the script.


8. When you have finished editing the data table, click Save and Close to exit.




Friday, August 14, 2009

Costly Software Bugs


Software Bugs Cost U.S. Economy $59.6 Billion Annually, RTI Study Finds
Research Triangle Park, NC -- Software bugs are costly both to software producers and users.
Extrapolating from estimates of the costs in several software-intensive industries, bugs may be
costing the U.S. economy $59.5 billion a year; about 0.6 percent of gross domestic product, says a
study conducted by RTI for the U.S. Department of Commerce's National Institute of Standards and
Technology (NIST).

"More than half of the costs are borne by software users, and the remainder by software developers
and vendors," NIST said in summarizing the findings. "More than a third of these costs … could be
eliminated by an improved testing infrastructure that enables earlier and more effective identification
and removal of software defects."


History's Worst Software Bugs

What seems certain is that bugs are here to stay. Here, in chronological order, is the Wired News list
of the 10 worst software bugs of all time … so far.

July 28, 1962 -- Mariner I space probe. A bug in the flight software for the Mariner 1 causes the
rocket to divert from its intended path on launch. Mission control destroys the rocket over the
Atlantic Ocean. The investigation into the accident discovers that a formula written on paper in
pencil was improperly transcribed into computer code, causing the computer to miscalculate the
rocket's trajectory.

1982 -- Soviet gas pipeline. Operatives working for the Central Intelligence Agency allegedly (.pdf)
plant a bug in a Canadian computer system purchased to control the trans-Siberian gas pipeline.
The Soviets had obtained the system as part of a wide-ranging effort to covertly purchase or steal
sensitive U.S. technology. The CIA reportedly found out about the program and decided to make it
backfire with equipment that would pass Soviet inspection and then fail once in operation. The
resulting event is reportedly the largest non-nuclear explosion in the planet's history.

1985-1987 -- Therac-25 medical accelerator. A radiation therapy device malfunctions and delivers
lethal radiation doses at several medical facilities. Based upon a previous design, the Therac-25 was
an "improved" therapy system that could deliver two different kinds of radiation: either a low-power
electron beam (beta particles) or X-rays. The Therac-25's X-rays were generated by smashing high-
power electrons into a metal target positioned between the electron gun and the patient. A second
"improvement" was the replacement of the older Therac-20's electromechanical safety interlocks with
software control, a decision made because software was perceived to be more reliable.

What engineers didn't know was that both the 20 and the 25 were built upon an operating system
that had been kludged together by a programmer with no formal training. Because of a subtle bug
called a "race condition," a quick-fingered typist could accidentally configure the Therac-25 so the
electron beam would fire in high-power mode but with the metal X-ray target out of position.
At least five patients die; others are seriously injured.



1988 -- Buffer overflow in Berkeley Unix finger daemon. The first internet worm (the so-called
Morris Worm) infects between 2,000 and 6,000 computers in less than a day by taking advantage
of a buffer overflow. The specific code is a function in the standard input/output library routine called
gets() designed to get a line of text over the network. Unfortunately, gets() has no provision to limit
its input, and an overly large input allows the worm to take over any machine to which it can connect.

Programmers respond by attempting to stamp out the gets() function in working code, but they
refuse to remove it from the C programming language's standard input/output library, where it remains
to this day.

1988-1996 -- Kerberos Random Number Generator. The authors of the Kerberos security system
neglect to properly "seed" the program's random number generator with a truly random seed. As a
result, for eight years it is possible to trivially break into any computer that relies on Kerberos for
authentication. It is unknown if this bug was ever actually exploited.

January 15, 1990 -- AT&T Network Outage. A bug in a new release of the software that controls
AT&T's #4ESS long distance switches causes these mammoth computers to crash when they receive
a specific message from one of their neighboring machines -- a message that the neighbors send out
when they recover from a crash.

One day a switch in New York crashes and reboots, causing its neighboring switches to crash, then
their neighbors' neighbors, and so on. Soon, 114 switches are crashing and rebooting every six
seconds, leaving an estimated 60 thousand people without long distance service for nine hours. The
fix: engineers load the previous software release.

1993 -- Intel Pentium floating point divide. A silicon error causes Intel's highly promoted Pentium
chip to make mistakes when dividing floating-point numbers that occur within a specific range. For
example, dividing 4195835.0/3145727.0 yields 1.33374 instead of 1.33382, an error of 0.006 percent.
Although the bug affects few users, it becomes a public relations nightmare. With an estimated 3
million to 5 million defective chips in circulation, at first Intel only offers to replace Pentium chips for
consumers who can prove that they need high accuracy; eventually the company relents and agrees
to replace the chips for anyone who complains. The bug ultimately costs Intel $475 million.


1995/1996 -- The Ping of Death. A lack of sanity checks and error handling in the IP fragmentation
reassembly code makes it possible to crash a wide variety of operating systems by sending a
malformed "ping" packet from anywhere on the internet. Most obviously affected are computers
running Windows, which lock up and display the so-called "blue screen of death" when they receive
these packets. But the attack also affects many Macintosh and Unix systems as well.

June 4, 1996 -- Ariane 5 Flight 501. Working code for the Ariane 4 rocket is reused in the Ariane 5,
but the Ariane 5's faster engines trigger a bug in an arithmetic routine inside the rocket's flight
computer. The error is in the code that converts a 64-bit floating-point number to a 16-bit signed
integer. The faster engines cause the 64-bit numbers to be larger in the Ariane 5 than in the Ariane
4, triggering an overflow condition that results in the flight computer crashing.

First Flight 501's backup computer crashes, followed 0.05 seconds later by a crash of the primary
computer. As a result of these crashed computers, the rocket's primary processor overpowers the
rocket's engines and causes the rocket to disintegrate 40 seconds after launch.

November 2000 -- National Cancer Institute, Panama City. In a series of accidents, therapy
planning software created by Multidata Systems International, a U.S. firm, miscalculates the proper
dosage of radiation for patients undergoing radiation therapy.

Multidata's software allows a radiation therapist to draw on a computer screen the placement of
metal shields called "blocks" designed to protect healthy tissue from the radiation. But the software
will only allow technicians to use four shielding blocks, and the Panamanian doctors wish to use five.

The doctors discover that they can trick the software by drawing all five blocks as a single large
block with a hole in the middle. What the doctors don't realize is that the Multidata software gives
different answers in this configuration depending on how the hole is drawn: draw it in one direction
and the correct dose is calculated, draw in another direction and the software recommends twice
the necessary exposure.

At least eight patients die, while another 20 receive overdoses likely to cause significant health
problems. The physicians, who were legally required to double-check the computer's calculations
by hand, are indicted for murder.