In my previous blog post, I talked a bit about standards. Specifically to do with certification and how they’re not necessarily a guarantee of excellence.
At Scott Logic, we aim to do excellent testing of the applications that we develop. How we go about this will be contextually driven.
Here are the Seven Basic Principles of the Context-Driven School
The value of any practice depends on its context.
There are good practices in context, but there are no best practices.
People, working together, are the most important part of any project's context.
Projects unfold over time in ways that are often not predictable.
The product is a solution. If the problem isn't solved, the product doesn't work.
Good software testing is a challenging intellectual process.
Only through judgment and skill, exercised cooperatively throughout the entire project, are we able to do the right things at the right times to effectively test our products.
Within our Agile project teams, this means testing will be done within the context of the application developed.
Testing an HTML5 trading application will differ from testing a charting API which will differ again from testing an iPad app that provides a view for financial reports.
Different technology stacks, different functional requirements, different developers, will all provide different contextual inputs that drives the testing process.
But different standards, or different ways of doing things, does not mean incompatibility. Some we use concurrently. Take the metric and imperial systems. Different standards, different outcomes.
Testing in space in a metric system is likely a much more pleasant experience, but one could also argue that it’d much more fun testing in imperial space.
These two standards also point to how difficult it can be to adopt new practices when one becomes entrenched. Think how you measure your own height, or how you measure speed, which do you use and why?
The Web is built on standards which the World Wide Web Consortium(W3C) represents. It's a free and open standard. A web for all.
The social value of the Web is that it enables human communication, commerce, and opportunities to share knowledge. One of W3C's primary goals is to make these benefits available to all people, whatever their hardware, software, network infrastructure, native language, culture, geographical location, or physical or mental ability.Whilst it is not always strictly adhered to, these open standards of web design aid compatibility, concensus and discussion when building software for the Web.
From this was born the Open Web Application Security Project (OWASP) which helps define security standards when building web applications.
The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.
OWASP also has a testing guide. It's long. Very long. 224 pages long, but it's an excellent example of promoting a way to test. It isn't defined as a standard, but as a guide. And it's practical, accessible and free. It has further value in that contributions are from practitioners and experts.
If testing needs standards, it is the kind illustrated by OWASP. Ones that both practitioners and companies can view and contribute to.
Not ones that are opaque. Not ones defined by the ISO/IEC/IEEE 29119 Software Testing Standard