Development Testing for Agile Environments



Similar documents
Coverity Services. World-class professional services, technical support and training from the Coverity development testing experts

Coverity White Paper. Managing Risk: Ensure Software Quality and Security Across the Automotive Supply Chain

Controlling Risk Through Software Code Governance

Coverity White Paper. Reduce Your Costs: Eliminate Critical Security Vulnerabilities with Development Testing

An introduction to the benefits of Application Lifecycle Management

Software Development In the Cloud Cloud management and ALM

Key Benefits of Microsoft Visual Studio Team System

Building Value with Continuous Integration

HP Application Lifecycle Management

Enhance visibility into and control over software projects IBM Rational change and release management software

Coverity White Paper. Effective Management of Static Analysis Vulnerabilities and Defects

Continuous???? Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

Serena Dimensions CM. Develop your enterprise applications collaboratively securely and efficiently SOLUTION BRIEF

Application Security Testing as a Foundation for Secure DevOps

Building Value with Continuous Integration

Minimizing code defects to improve software quality and lower development costs.

From Traditional Functional Testing to Enabling Continuous Quality in Mobile App Development

Software Configuration Management Best Practices

2015 IBM Continuous Engineering Open Labs Target to better LEARNING

Continuous Integration Comes to China.

What is Application Lifecycle Management? At lower costs Get a 30% return on investment guaranteed and save 15% on development costs

STEELCENTRAL APPINTERNALS

Supply Chain Management Build Connections

Lean Software Development and Kanban

Agile and lean methods for managing application development process

HP Fortify Software Security Center

Automation and Virtualization, the pillars of Continuous Testing

Life Cycle Management for Oracle Data Integrator 11 & 12. At lower cost Get a 30% return on investment guaranteed and save 15% on development costs

Modern IT Operations Management. Why a New Approach is Required, and How Boundary Delivers

Integrating Application Security into the Mobile Software Development Lifecycle. WhiteHat Security Paper

HP Fortify application security

Complementing Your Web Services Strategy with Verastream Host Integrator

IKAN ALM and Collabnet TeamForge

Continuous Delivery: Automating the Deployment Pipeline. Solution Brief

IBM Rational AppScan: Application security and risk management

Whitepaper: How to Add Security Requirements into Different Development Processes. Copyright 2013 SD Elements. All rights reserved.

Best Overall Use of Technology. Jaspersoft

Code Review Best Practices. With Adam Kolawa, Ph.D.

IBM Rational ClearCase, Version 8.0

Proactive Performance Management for Enterprise Databases

Simplifying development through activity-based change management

ALM/Quality Center. Software

Optimize Brand Asset Management with Enterprise Content Management

The Modern Service Desk: How Advanced Integration, Process Automation, and ITIL Support Enable ITSM Solutions That Deliver Business Confidence

Test Management Tools

Agile Metrics. It s Not All That Complicated

Detecting Critical Defects on the Developer s Desktop

HP ALM11 & MS VS/TFS2010

serena.com Best Practice for Parallel Development using Serena Dimensions

Orchestrated. Release Management. Gain insight and control, eliminate ineffective handoffs, and automate application deployments

HP Agile Manager What we do

Optimize Application Performance and Enhance the Customer Experience

Agile Development Overview

PRACTICAL USE CASES BPA-AS-A-SERVICE: The value of BPA

Benefits of Test Automation for Agile Testing

RELEASE HIGHLIGHTS INTRODUCING COLLABNET TEAMFORGE 8.2

Software Lifecycle Integration. A Quality Management Discipline

Leveraging Rational Team Concert's build capabilities for Continuous Integration

How Silk Central brings flexibility to agile development

How To Improve Your Software

DevOps. Jesse Pai Robert Monical 8/14/2015

How To Protect Your Data From Attack

APPLICATION MANAGEMENT SUITE FOR SIEBEL APPLICATIONS

Global Software Change Management for PVCS Version Manager

Software development for the on demand enterprise. Building your business with the IBM Software Development Platform

TESTING TRENDS IN 2016: A SURVEY OF SOFTWARE PROFESSIONALS

DEVOPS: INNOVATIVE ENGINEERING PRACTICES FOR CONTINUOUS SOFTWARE DELIVERY

Better Visibility into Change Management with Kinetic Calendar Abstract

Maximizing Cross-Platform Application Availability

JBoss. choice without compromise

Continuous Delivery. Anatomy of the Deployment Pipeline (Free Chapter) by Jez Humble and David Farley

Increasing frequency of releases to every week down from quarterly major releases

Introduction to Agile and Scrum

Successfully managing geographically distributed development

Unleash your intuition

Know the Difference. Unified Functional Testing (UFT) and Lean Functional Testing (LeanFT) from HP

Product Stack and Corporate Overview

Applying ITIL v3 Best Practices

Requirements-Based Testing: Encourage Collaboration Through Traceability

Harnessing the power of advanced analytics with IBM Netezza

Continuous Integration Processes and SCM To Support Test Automation

White Paper. Automating Your Code Review: Moving to a SaaS Model for Application Security

Application Lifecycle Management Using Visual Studio 2013 (SCRUM)

how can I deliver better services to my customers and grow revenue?

Symantec Control Compliance Suite. Overview

Your guide to building great apps. Upgrade your skills and update your tools to create the next great app

DevOps to Enterprise Agile

Make the Most of Big Data to Drive Innovation Through Reseach

What s new in the HP Functional Testing 11.5 suite Ronit Soen, product marketing John Jeremiah, product marketing

Seven Practical Steps to Delivering More Secure Software. January 2011

HP Application Security Center

Agile Software Factory: Bringing the reliability of a manufacturing line to software development

Transcription:

Development Testing for Agile Environments November 2011

The Pressure Is On More than ever before, companies are being asked to do things faster. They need to get products to market faster to remain competitive and capitalize on market opportunity. That time pressure is being felt across all phases of the software development lifecycle. Development teams need to deliver more innovation through software, and the time allotted for formal quality control is constantly shrinking. To deal with this pressure, companies are turning to Agile development methodologies for rapid iterative development cycles and the promise of improved efficiency and faster time to market. Agile: Not A Panacea The popular Agile development methodology, based on the Agile Manifesto 1 introduced in 2001, provides a way to achieve iterative and incremental development where requirements and solutions evolve through collaboration between self-organizing, cross-functional teams. However, Agile development is not a panacea. While it s designed to increase efficiency, it can also introduce risk as testing cycles get condensed and serious bugs may be overlooked. As the testing cycles are squeezed, more of the burden for code quality assurance is getting pushed into development. With the extra pressure on developers, they can t afford the time and effort required for manual testing. They need an automated approach for assuring the quality and security of their code. Code Assurance through Development Testing Development testing enables developers to assure the quality, security and safety of their code, during development, by using techniques for scalable and automated defect detection. As the code is compiled, it is analyzed for defects. Developers can then quickly address high severity issues without sacrificing time to market. Waiting for QA or Security teams to find defects later in the lifecycle can result in rework and expensive project delays. Defects in code that are detected during development are significantly faster and cheaper to fix than those found in QA and worse when found by the customers. For a development testing solution to be effective, it should provide developers with relevant, accurate and actionable information. For developers to adopt development testing it must seamlessly integrate into the existing software development process and be integrated into the IDE on their desktop and their continuous integration server, such as Jenkins. The Coverity Development Testing Platform Coverity is the market leader in development testing with over 1,100 customers and five billion lines of code tested. Coverity has served as the quality gate to the shipment of billions of products across a wide range of industries. Coverity enables organizations to establish quality, security and development efficiency thresholds in Coverity Integrity Control, test against those policies with the Coverity analysis engines, and provide organizations with visibility into the areas of risk in their project, team or even software supply chain. Coverity Integrity Control is specifically designed to help managers and executives increase their visibility and control over projects by viewing the performance against the established policies. Coverity s testing platform helps developers increase their productivity and the quality of their code by enabling them to quickly identify quality, security and safety defects in their code from within their IDE or as part of the continuous or central build system. It utilizes sophisticated algorithms to identify and triage high risk defects that could result in software crashes, security breaches or safety issues. It enables users to find hard to spot issues such as null reference pointers, memory leaks and potentially exploitable security flaws in the largest, most complex code bases. Coverity ships with a highly tuned version of FindBugs with no extra installation required. Now developers can manage Coverity and FindBugs-found defects from the Coverity centralized defect management console, Coverity Integrity Manager, in a common workflow. Developers are presented with accurate and actionable information about the severity of defects, potential impact and where they occur in the code. This detailed and intuitive information helps developers get to work quickly on resolving the most critical defects and keep the product schedule on track. Plus, developers can identify all of the places the defect exists in the code base across projects and products which saves valuable time. 1 Beck, Kent; et al. (2001). Manifesto for Agile Software Development. Agile Alliance. 2

Visibility and Control Through Coverity Integrity Control, managers and executives get visibility into the overall quality of internally developed code and thirdparty code across development sprints. Deciding when a project is ready for a release is a key principle in Agile. In Scrum, one of the most common frameworks for project management used in Agile software development, teams hold daily meetings to report progress and make decisions. Coverity Integrity Control provides rich data and metrics about the quality of each sprint. This information is critical when trying to balance the need for rapid time to market with the need for acceptable quality levels. Coverity Integrity Control 2.0 provides a graphical representation of project risk 3

Integrated Into the Software Development Lifecycle With so many extra pressures on developers today, they need solutions that will tie into their existing software development tools and processes. The Coverity Development Testing Platform integrates seamlessly with common development practices and market leading tools. Desktop Analysis Coverity enables developers to analyze their code in minutes, depending on the code size and complexity, and remediate any defects found from within the Eclipse or Visual Studio IDE on their desktop. Developers can view the defects, understand their severity and impact and link to the Common Weakness Enumeration, an industry-standard knowledge base, for additional information. Once the code has been analyzed on the desktop, the developer can check it into the continuous integration server or central build system where the analysis engine can evaluate the cumulative changes of the entire development team. To save time, developers can also choose to utilize incremental analysis which only analyzes the files which have been changed or those affected by the change instead of the entire code stream. By scanning the code from the desktop, developers are able to address security and quality issues immediately. Developers can test their code from within the Eclipse or Visual Studio IDE on their desktop 4

Continuous Integration One of the most common practices in Agile development is continuous integration (CI). It s been embraced by the majority of the Agile community because it enables a faster, automated central build process. By increasing the frequency of integration that CI provides, delivery teams improve their visibility of the overall quality of the software. Integration issues, build problems and code conflicts are surfaced more quickly allowing faster remediation. In order for a development testing solution to work in an agile environment, it is essential that the analysis is done as frequently as the source integration happens. The analysis needs to be automated, fast and scalable especially when the development team is large. Coverity Static Analysis is integrated with Jensen, which enables an automated continuous process for code assurance. The Coverity Plugin for Jenkins is available on the Jenkins site 5

Each time a central build is generated, Coverity can automatically test the code for high severity defects. Users have the flexibility to adjust the testing to conduct the most complete analysis or only identify the highest risk defects. Once defects are identified, they are published to a defect database for tracking and management. Developers can receive automatic notification so they can quickly begin the triage or inspection process and fix new defects. In addition, Coverity offers an extensible platform which enables it to easily be integrated to other continuous integration servers. Continuous Integration Regularly generates build. Developer Finds and fixes defects withing their IDE on desktop. Checks in code to CI server. Coverity Static Analysis Automatically tests code each time the build is generated. Coverity Integrity Manager Visibility into new defects, severity, potential impact and where they occur. The Nightly Build Coverity s parallel processing capabilities allows development teams to take advantage of the multi-core architectures that speed up the nightly build process. A major advantage of this capability is that organizations can analyze even the largest code bases as part of their nightly build process. During the nightly build, Coverity s testing platform analyzes the code for errors which may result from the integration or conflicts in the integrated code streams. Project administrators can review the overall code quality of the project, triage and assign defects which need resolution to the appropriate developer. Seamless Integration The Coverity Development Testing Platform easily integrates into existing development infrastructure including Hewlett Packard Application Lifecycle Management (HP ALM). By integrating Coverity development testing results into the HP ALM and HP Quality Center workflow, development and QA have a single platform and common workflow for collaboration through visibility into defects identified in development. With every code change, Coverity automatically tests the code for defects, surfaces them in HP ALM, and links them to the corresponding business requirement so development and QA know where to focus their efforts, reducing the risk of releasing defects into production without impacting time, cost or speed of deployment. This level of collaboration, defect traceability and visibility within the existing workflow is critical to Agile organizations trying to rapidly ship products to market while maintaining acceptable levels of quality. The Coverity Development Testing Platform also integrates with the most common components in the developer s environment including source control systems, bug tracking systems, IDEs and build systems. 6

Summary Companies have adopted Agile development methods to meet the demand for delivering more innovation faster to the market. Regardless of the development method, the cost of finding and fixing defects increases exponentially as software moves through the development cycle, from design and coding to release. Developers are acutely feeling the pressure and can no longer afford to wait until the end of a formal QA cycle or security audit to be informed of defects which need to be addressed. They need an automated solution for assuring the quality, safety and security of their software that keeps up with the rapid iterative development process. The Coverity Development Testing Platform enables developers to test early and often so they can assure code quality at each development sprint. By finding and addressing the most critical issues early, defects are cheaper and faster to fix. In addition, seamless integration with existing Agile development methodologies and tools helps maximize development productivity. For more information Find out how Coverity can help your organization improve the integrity of your software and enhance your Agile development initiatives. To learn more, contact your Coverity representative or visit us at www.coverity.com For More Information: www.coverity.com Email: info@coverity.com Coverity Inc. Headquarters 185 Berry Street, Suite 1600 San Francisco, CA 94107 USA U.S. Sales: (800) 873-8193 International Sales: +1 (415) 321-5237 Email: sales@coverity.com 2011 Coverity, Inc. All rights reserved. Coverity and the Coverity logo are trademarks or registered trademarks of Coverity, Inc. in the U.S. and other countries. All other company and product names are the property of their respective owners.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information