Skip to main content


Showing posts from May, 2005

DuxQA™ Enterprise - Overview

DuxQA™ Enterprise - Overview: "DuxQA™ Enterprise is currently FREE ! Only services such as consultancy, training and maintenance are charged to clients. It is a flexible test planning and management tool, suitable for all types of functional testing, which provides transparency and accountability to professional testing teams. Its powerful quality assurance features also make it ideal for software certification. "

GenieTCMS: Test Case Management System

What is GenieTCMS ?

Our Test Case Management System (TCMS) is a tool for QA department to make it work more efficient. Depends on the level of integration with your test environment it can save you well 50% the time your group needs to complete a test.
TCMS targets two major areas where employee time can be efficiently utilized. First, is the preparation stage when QA engineer has to determine what set of test cases he/she has to run for this product / version / build / release / etc., locate all the scripts, locate all additional notes and memos. Second, is the after-test stage when QA engineer has to analyze the results, compare to what's expected and document any errors. This second phase can greatly improve productivity when your test scripts generate "feedback" that is loaded back to TCMS.


What is IETest?

IETest is a .NET library for testing web sites through Microsoft Internet Explorer. It enables you to automate Internet Explorer to the point where you can perform automated testing without any human attention required.

How to Report Bugs Effectively

How to Report Bugs Effectively: "How to Report Bugs Effectively

by Simon Tatham, professional and free-software programmer


Anybody who has written software for public use will probably have received at least one bad bug report. Reports that say nothing ('It doesn't work!'); reports that make no sense; reports that don't give enough information; reports that give wrong information. Reports of problems that turn out to be user error; reports of problems that turn out to be the fault of somebody else's program; reports of problems that turn out to be network failures.

There's a reason why technical support is seen as a horrible job to be in, and that reason is bad bug reports. However, not all bug reports are unpleasant: I maintain free software, when I'm not earning my living, and sometimes I receive wonderfully clear, helpful, informative bug reports.

In this essay I'll try to state clearly what makes a good bug report. Ideally I would …

How to Misuse Code Coverage

What is code coverage?
There are many different coverage measures. A simple one is to record which lines of code were executed. If a line has never been executed, it's a safe bet you didn't catch any bugs lurking in it. This type of coverage is usually called “statement coverage”.
In this paper, I'll use a somewhat more powerful type. Many commercial tools measure
some variant of this coverage; few measure anything more powerful. Different people use
different names for this type of coverage: "segment coverage", "multiple condition
coverage", "branch coverage" (arguably incorrectly), and so on. I'll use "multiple condition coverage". It measures whether each logical condition in the code has evaluated both true and false (in some execution of the program, not necessarily in the same one).

Data Flow Analysis Techniques for Test Data Selection

This paper examines a family of program test data selection
criteria derived from data flow analysis techniques similar to those
used in compiler optimization. It is argued that currently used path
selection criteria which examine only the control flow of a program
are inadequate. Our procedure associates with each point in a
program at which a variable is defined, those points at which the
value is used. Several related path criteria, which differ in the
number of these associations needed to adequately test the
program, are defined and compared.

Program testing is the most commonly used method for
demonstrating that a program actually accomplishes its intended
purpose. The testing procedure consists of selecting elements from
the program's input domain, executing the program on these test
cases, and comparing the actual output with the expected output
(in this discussion, we assume the existence of an "oracle", that is,
some method to correctly determine the expec…

Andy Oakley : 'The Compressed (zipped) Folder is invalid or corrupted'

Andy Oakley : 'The Compressed (zipped) Folder is invalid or corrupted': "'The Compressed (zipped) Folder is invalid or corrupted'

Some people have reported problems downloading releases from the Workspaces application; either they find a 0 byte file, or are presented with the message 'The Compressed (zipped) Folder is invalid or corrupted'. Either way, not fun.

From the list of late-breaking issues:
On downloading a release, the error message 'The Compressed (zipped) Folder is invalid or corrupted.' is shown
This corresponds to a known problem in the way Internet Explorer downloads compressed files. For more information, see KB 308090. As suggested in that article, this problem can be worked around by first saving the compressed folder to disk, and opening the release from the saved location.

So, the KB has background and the workaround is to save to disk. What if you never have that option? You may have (inadvertantly) configured your machine to a…

What is managed code?

Brad Abrams : What is managed code?: "What is managed code?

Managed code is code that has its execution managed by the .NET Framework Common Language Runtime. It refers to a contract of cooperation between natively executing code and the runtime. This contract specifies that at any point of execution, the runtime may stop an executing CPU and retrieve information specific to the current CPU instruction address. Information that must be query-able generally pertains to runtime state, such as register or stack memory contents.

The necessary information is encoded in an Intermediate Language (IL) and associated metadata, or symbolic information that describes all of the entry points and the constructs exposed in the IL (e.g., methods, properties) and their characteristics. The Common Language Infrastructure (CLI) Standard (which the CLR is the primary commercial implementation) describes how the information is to be encoded, and programming languages that target the runtime emit the…

Tough ASP.NET interview questions <

Tough ASP.NET interview questions < "Q24 - System.Array.CopyTo() - Deep copies an Array

Q26 - Boxing is an implicit conversion of a value type to the type object
int i = 123; // A value type
Object box = i // Boxing
Unboxing is an explicit conversion from the type object to a value type
int i = 123; // A value type
object box = i; // Boxing
int j = (int)box; // Unboxing

Q27 - String is Reference Type.
Value type - bool, byte, chat, decimal, double, enum , float, int, long, sbyte, short,strut, uint, ulong, ushort
Value types are stored in the Stack
Reference type - class, delegate, interface, object, string
Reference types are stored in the Heap

Comment by Harish — 5/11/2005 @ 9:07 am"

Microsoft Recruits for .Net Framework Compatibility Testing

Microsoft Recruits for .Net Framework Compatibility Testing: "Microsoft white paper: 'When the application is started up on the .Net Framework 1.0, 1.1 or 2.0, the CLR [Common Language Runtime] looks at the .Net Framework version recorded in the application and tries to run the application on the version of the .Net Framework that the application was compiled with. If that version is not installed on the machine, the CLR will attempt to start the application on the latest .Net Framework and CLR, for example, an application compiled for .Net Framework 1.0 running on a machine with only .Net Framework 1.1 will be rolled forward to run on the .Net Framework 1.1. Likewise, an application compiled for .Net Framework 1.1 running on a machine with only the .Net Framework 2.0 will be rolled forward to run on the .Net Framework 2.0.'"

Virtual PC 2004 Shortcuts

this is from Virtual PC 2004 Help
**Using the keyboard and mouse in a virtual machine**

Key combination Description
Host key+L Restores Virtual PC Console from a minimized state. Moves Virtual PC Console to the foreground.
Host key+I Installs Virtual Machine Additions.
Host key+ENTER Toggles a virtual machine between full-screen mode and window mode.
Host key+DELETE Sends CTRL+ALT+DELETE to the virtual machine operating system.
Host key+P Pauses or resumes the virtual machine, depending upon its current state.
Host key+R Resets the virtual machine.
Host key+F4 Closes the virtual machine.
Host key+C Copies the selected items.
Host key+V Pastes a copied item.
Host key+A Selects all.
Host key+E Opens the virtual machine settings.
Host key+DOWN ARROW Minimizes the virtual machine.
Host key+LEFT ARROW Switches to the previous virtual machine when running multiple virtual machines, unless you are using
full-screen mode.

From Email on Path Testing

"Paths" are a phenomenon of "computational models", in which (roughly speaking) real-world "objects" are represented by "nodes" (vertices) and the relationships between them by "links" (edges, arcs). A set of nodes and links constituting a computational model is a "graph". If the links have a preferred direction of traversal (from a "source node" to a "target node"), they are "directed links" and you have a "directed graph".

A finite state machine (as you asked about) is usually a "partially directed graph" (most transitions may be bi-directional, but some transitions may be irreversible) in which the nodes represent component or system states, and the links represent transitions between them. Control flow graphs and cause-effect graphs are always directed graphs; in the first, the nodes represent points at which flow of control is exercised other than by fall-through, and t…

What is a Windows Service and how does its lifecycle differ from a "standard" EXE?

13.What is a Windows Service and how does its lifecycle differ from a “standard” EXE?

Windows Service applications are long-running applications that are ideal for use in server environments. The applications do not have a user interface or produce any visual output; it is instead used by other programs or the system to perform operations. Any user messages are typically written to the Windows Event Log. Services can be automatically started when the computer is booted. This makes services ideal for use on a server or whenever you need long-running functionality that does not interfere with other users who are working on the same computer. They do not require a logged in user in order to execute and can run under the context of any user including the system. Windows Services are controlled through the Service Control Manager where they can be stopped, paused, and started as needed.

How does the lifecycle of Windows services differ from Standard EXE?

Windows services lifecycle is manag…

Automated Testing Basics

Automated Testing Basics

A lot of people have asked Greg and me about automated testing. This is an important subject for me since I feel like it's the most important part of my job. I'm a smart guy and I know a lot about software development, so it's clearly not the best use of my time to click on the same button looking for the same dialog box every single day. Part of smart testing is delegating those kinds of tasks away so I can spend my time on harder problems. And computers are a great place to delegate repetitive work.

That's really what automated testing is about. I try to get computers to do my job for me. One of the ways I describe my goal as a tester is to put myself out of a job - meaning that I automate my entire job. This is, of course, unachievable so I don't worry about losing my job. But it's a good vision. My short term goal is always to automate the parts of my job I find most annoying with the selfish idea of not having to do annoying stuff …

Remoting FAQ's

MumbaiUserGroup: "What distributed process frameworks outside .NET do you know?
Distributed Computing Environment/Remote Procedure Calls (DEC/RPC), Microsoft Distributed Component Object Model (DCOM), Common Object Request Broker Architecture (CORBA), and Java Remote Method Invocation (RMI).

What are possible implementations of distributed applications in .NET?
.NET Remoting and ASP.NET Web Services. If we talk about the Framework Class Library, noteworthy classes are in System.Runtime.Remoting and System.Web.Services.

When would you use .NET Remoting and when Web services?
Use remoting for more efficient exchange of information when you control both ends of the application. Use Web services for open-protocol-based information exchange when you are just a client or a server with the other end belonging to someone else.

What's a proxy of the server object in .NET Remoting?
It's a fake copy of the server object that resides on the client side and behaves as if it wa…


Microsoft Interview Questions: "
Interviewing at Microsoft

Over the years I've been collecting interview questions from Microsoft. I guess I started this hobby with the intent of working there some day, although I still have never interviewed there myself. However, I thought I'd give all of those young Microserf wanna-bes a leg up and publish my collection so far. I've actually known people to study for weeks for a Microsoft interview. Instead, kids this age should be out having a life. If you're one of those -- go outside! Catch some rays and chase that greenish monitor glow from your face!

If you've actually interviewed at Microsoft, please feel free to contribute your wacky Microsoft interview stories.
Scott Hanselman's 'Great .NET Developer' Questions

Tue, 2/22/05 12:30pm

Scott Hanselman has posted a set of questions that he thinks 'great' .NET developers should be able to answer in an interview. He even splits it up into various categ…


Avignon: "What is Avignon?
Avignon is an acceptance testing framework developed in-house at NOLA Computer Services. For programming teams that use the eXtreme Programming (XP) methodology, Avignon lets customers express acceptance tests in a non-ambiguous manner before development starts.

How does it work?
Avignon uses XML so that anyone can define their own language for expressing acceptance tests. Each XML tag has an associated Java class that performs the actions required for that part of the test.

What does it include?
Avignon consists of a JUnit test case that executes test scripts and a small set of prebuilt tag handlers. Out of the box, Avignon can manipulate databases and interact with Web pages through either an HttpUnit browser interface or through its own IE browser integration.

What else do you need?
To run Avignon you will also need a copy of:
# Java JRE version 1.3 or greater
# JUnit
# HTTPUnit
# JAXP (for pre-1.4 Java)
# Xalan (for pre-1.4 Java)

How is Avignon dist…

Software Testing Institute - Plan on Testing Success

Software Testing Institute - Plan on Testing Success: "A good test plan is the cornerstone of a successful testing implementation. While every testing effort may be unique, most test plans include a common content framework. This article presents the components that make up this framework, and serves as a guide to writing your own test plan.


This section establishes the scope and purpose of the test plan. This is where to describe the Fundamental aspects of the testing effort.

* Purpose - Describe why the test plan was developed--what the objectives are. This may include documenting test requirements, defining testing strategies, identifying resources, estimating schedules and project deliverables.

* Background - Explain any events that caused the test plan to be developed. This can include implementing improved processes, or the addition of new environments or functionality.

* Technical Architecture - diagram the components that make up the system under …

Improving Software Testability

Improving Software Testability


Many things go into the release of high quality software. The software needs to be well conceived, well designed, well coded, and well tested. If any of these criteria are ignored the production of a high quality software product will occur only by sheer luck, and probably not at all. However most development efforts strive to do more than ship high quality software - they strive to ship high quality software on time. So, this article focuses on how to efficiently achieve a well-tested software product.

There are many steps that the development team, the product manager, and testing team can take to improve the testability of the software, thereby making the best use of testing resources.

As an outsourced QA and test support services firm, ST Labs partners with developers of market-driven and corporate software to provide testing, consulting, and training services. As such, we typically don't test mission-critical or life-cr…

Not All .NET Enabled ERP Solutions Are Created Equal

Not All .NET Enabled ERP Solutions Are Created Equal
By: Joey Benadetti, President, SYSPRO USA, SYSPRO USA

Microsoft®'s .NET strategy confuses many users and vendors. But because of Microsoft's massive marketing campaign on NET's benefits, many vendors are calling their solutions “.NET enabled” even though their products fall short of fulfilling Microsoft's .NET parameters. An examination of .NET's underlying technology reveals the fallacy of many vendors’ claims.

Software Magazine - Building Secure Software: Can We Get There From Here?

Building Secure Software:
Can We Get There From Here?
by Jim Reavis

We are starting to awaken from our dreamlike lust for nifty new software and are finding that the dark side of this software we built is pretty scary stuff.

In one of my favorite movies, “The Matrix,” our protagonist Neo is given the option of taking the blue pill and returning to slumber in the machine-simulated world of the Matrix or taking the red pill and waking up to see the horribly scarred world as it really is. As an information security professional, this scene resonates with me because I feel that only now are my good friends on the software development side of the house starting to take the red pill en masse. You see, in the roaring 1990s, when it came to software it was all about features, time tomarket and getting online ASAP. We are starting to awaken from our dreamlike lust for nifty new software and are finding that the dark side of this software we built is pretty scary stuff.

As far as I can tell, we…

Software Magazine - Software Security Code Review: Getting it Right Before You Release

Software Security Code Review:
Getting it Right Before You Release
by Mark Curphey and David Raphael

Code reviews help in two ways: development teams determine how hackers might break their code, and they learn ways to build more robust applications

In the world of security there tends to be two camps; those that break things and those that build things. It is often said that people that are good at building things are not good at breaking things and vice versa. While this may or may not be true, it is certainly true to say that if you understand how people break things you can usually figure out how to build things better. Software security code reviews have two functions. They allow development teams to determine how malicious hackers might break their code and they also help development teams learn ways to build more robust software.

The majority of security testing has been and continues to be what is referred to as black box testing. The name describes a type of testing where the…

Tracking Down a Defect Management Tool:

Articles: "Tracking Down a Defect Management Tool:
How to Select the Right Defect Tracking Solution for Your Business

This article by LogiGear CEO Hung Q. Nguyen, author of the bestselling Testing Computer Software (Wiley, 2nd ed. 1999), offers sample evaluation forms, advice on defining business and technical requirements, and an example tool feature list to assist you in choosing a defect tracking system. Download PDF..."

Getting Information when there is no specification

• Whatever specs exist
• Software change memos that come with each new internal version of the program
• User manual draft (and previous version’s manual)
• Product literature
• Published style guide and UI standards
• Published standards (such as Clanguage)
• 3rd party product compatibility test suites
• Published regulations
• Internal memos (e.g. project mgr. to engineers, describing the feature definitions)
• Marketing presentations, selling the concept of the product to management
• Bug reports (responses to them)
• Reverse engineer the program.
• Interview people, such as
•development lead
•tech writer
•customer service
•subject matter experts
•project manager
• Look at header files, source code, database table definitions
• Specs and bug lists for all 3rd party tools that you use
• Prototypes, and lab notes on the prototypes
• Interview development staff from the last version.
• Look at customer call records from the previous version. What bugs were found in the field?
• Usability test results
• Beta…

.NET Security Toolkit Released 3/08/2005

The Foundstone S3i™ (Strategic Secure Software Initiative) .NET Security Toolkit is designed to help application developers and architects to build secure and reliable .NET software applications. The new toolkit is comprised of the Validator.NET, .NETMon and SecureUML template tools which help developers validate, debug and analyze vulnerabilities during the design and development of .NET applications.

Pitfalls of relying on/or looking only for "Expected" behavior in Testing

Testers should specify the expected result of every test, in advance?
This is another guidance from Myers (1979) that has had lasting influence. See, for example, ISEB's current syllabus for test practitioner certification at One fundamental problem with this idea is that it is misguided. Every test has many results. No one specifies them all. An "expected result" points the tester at one or a few of these results, but away from the others. For example, suppose we test a program that adds numbers. Give it 2+3 (the intended inputs) and get back 5 (the monitored output). This looks like a passing test, but suppose that the test took 6 hours, or that there was a memory leak, or that it erased a file on the hard disk. If all we compare against is the expected result (5), we won't notice these other bugs.

The problem of an observer (such as a tester) missi…