Companies Seek to Shorten
QA Time"> The gaming business demands continual creation of new customer experiences, with relentless attention to maximum uptime at minimum cost: "A majority of what we do to drive revenue has technology behind it," said Station Casinos Vice President and CIO Marshall Andrew, in Las Vegas. "Were trying to shorten the life cycle, get through the QA process, get the products out where they can help us generate revenue," Andrew said. "Were looking for products and services and skill sets that let us meet market demands in a more timely manner."Andrew is particularly aware of the current high ratio of QA time to development time. "If it takes, for example, six months of programming time, it usually takes three months of QA time, with 50 percent of the programming time for QA. Were trying to shorten that QA time without sacrificing quality by using tools that shorten the QAand during the QA process, pinpoint areas of deficiency that we can feed back to the programmer so that they dont take days or hours to find the problem," he said.Andrew described one recent example in which a customer-facing system had been "crashing every day" with substantial revenue impact. By applying Identify Softwares AppSight Black Box technology and also working with Microsoft technical personnel, he said, "we drilled down into some of the scenarios that would have taken us weeks and weeks to find without these tools. I was a little skeptical, but Im a firm believer now." Microsoft, of Redmond, Wash., was represented in the discussion by Sam Guckenheimer, group product planner for Microsoft Visual Studio Team System and Microsoft Solutions Framework. Guckenheimer emphasized the need for an end-to-end process view in addressing application quality goals. It begins, he said, with design: "Weve asked what an architect would do to see, at design time, if an application is designed correctly and properly takes into account things like security violations." Development managers need to recognize, Guckenheimer said, that most developers are not and will not be security experts and that automatic analysis of potential security issues therefore needs to be incorporated into tools and processes in a pervasive way. "We try to inspect the code automatically for security, and weve made our internal tools available in Visual Studio Team System to highlight practices in code that might lead to problems downstream," he said. Guckenheimer and others were quick to add that the quality process needs to be a closed feedback loop, no matter how much investment is made in good tools and practices before application deployment. Some issues will arise only in the deployment environment, but Identify Software Vice President Lori Wizdo expressed concern that customers may wrongly define quality in terms of whats produced by developers rather than whats experienced by users. "The dynamic problems that youll encounter in production are going to be impacted by environmental factors, by system resources, by configuration issues, by any number of stresses that couldnt be tested for," Wizdo said. "The current thinking is that you can [address application quality during testing], but its a life-cycle issue." Click here to read about Red Hats support for three new application development stacks on its Red Hat Network. Microsofts Guckenheimer said the company hopes to address that in two ways. "We generate unit tests against code and track code coverage so that the whole team can see what has and hasnt been exercised," he said. "We take the testing that is doneload testing, running 1,000 simulated users against the applicationand make that approachable and affordable to the developer to do that early on." Guckenheimer said he also hopes that developers will apply virtualization technology to narrow the gap between lab and production environments: "We let you have test labs in virtual machines so you can have, somewhere on a server hard disk, a file that you open up thats a virtual machine image that matches production and gets you out of the not on my machine problem." Significant downstream delays would thereby be reduced, Guckenheimer said. "At design time, you have a sort of validation early on as to whether the way youre building a distributed system will run. It takes a lot of time out of the staging process of What ports do I need to open? Do we need to change the authentication on this server?these issues that arent really coding but where every blind man has a different leg of the elephant," he said. Broader availability of better-integrated tools requires a re-examination of developer and tester roles, said André Pino, chief marketing officer at Segue Software. "A lot of the quality issues that still remain are the result of quality activities being done in isolation. Youve got developers doing unit testing, youve got testers doing UI [user interface] testing and functional testing, performance people doing performance testing. The problem is, you cant compartmentalize quality assurance because its impacted by too many people and too many activities." Pinos Segue colleague McLeod agreed, saying, "As developers do more testing, testers perhaps need to be more focused on users instead of merely validating requirements." Next Page: Managers should remember user needs.