What is quality assurance?

Quality assurance (QA) means the whole processes of verifying whether a product or service meet specific requirements and client expectations. It helps and defines goals regarding manufactured product design. (techopedia, 2015)Definition of QA?Quality assurance (QA) is the process of verifying whether a product meets required specifications and customer expectations. QA is a process-driven approach that facilitates and defines goals regarding product design, development and production. QA's primary goal is tracking and resolving deficiencies prior to product release. (techopedia, 2015)What is software quality assurance?

Software quality assurance (SQA) is a procedure that guarantees that created programming meets and confirms to characterized or institutionalized quality particulars. SQA is a progressing procedure inside of the software development life cycle (SDLC) that routinely checks the created programming to guarantee it meets craved quality measures. (techopedia, 2015)SQA experts are people who screen each period of the product improvement handle in order to guarantee outline quality, verifying that the product sticks to the benchmarks set by the advancement organization. (sokanu, 2015)Now and again programming quality affirmation specialists are mistaken for SA which is a mix-up. SQA test parts of the product at diverse phases of improvement, while a product quality confirmation architect administers the whole advancement process, which incorporates programming testing, from beginning to end. The money related achievement of the product item is to a great extent due to some degree to the nature of the item and in addition the item's capacity to hit the business on time. Both are the obligation of the product quality affirmation engineer. (sokanu, 2015)Importance of SQA

SQ is one of the vital parts of a product advancement organization. Programming quality confirmation begins from the earliest starting point of a venture, right from the investigation stage. SQA is characterized as an all-around arranged and methodical way to deal with assess the nature of programming. It checks the adherence to programming item gauges, procedures, and methodology. SQA incorporates the efficient procedure of guaranteeing that guidelines and systems are built up and are taken after all through the product improvement life cycle and test cycle too. The consistence of the based with settled upon models and methodology is assessed through procedure checking, item assessment, venture administration and so on. (Frankk., 2015)

The real reason of including SQA during the time spent programming item improvement is to verify that the last item constructed is according to the necessity determination and follow the gauges. (Frankk., 2015)SQA encompasses various activities, such as: (Frankk., 2015)1) Requirement analysis and definition2) Design architecture and description3) Coding and logic analysis4) Change and configuration management5) Testing and standard compliance6) Release management and Release ControlDifferent activities of Quality Assurance are the following:(Frankk., 2015)1. Maintaining the quality of the project as per the specifications and business requirements.2. Defect Prevention. And formal methods for other defect prevention techniques.3. Defect Reduction4. Inspection, formal and informal reviews: Direct fault detection and removal without executing the project scenario.5. Testing the project for Failure observation and bug removal.6. Risk identification.7. Defect tracking techniques and methods8. Software fault tolerance.9. Concluding Remarks and maintaining reports.

Types of Testing Performance testing (search softwarequality techtarge, 2015)Performance testing is the process of determining the speed or effectiveness of a computer,network,softwareprogram or device. This process can involve quantitative tests done in a lab, such as measuring theresponse timeor the number ofMIPS(millions of instructions per second) at which a system functions. Qualitative attributes such as reliability,scalabilityandinteroperabilitymay also be evaluated. Performance testing is often done in conjunction withstress testing. Performance testing can verify that a system meets the specifications claimed by its manufacturer or vendor. The process can compare two or more devices or programs in terms of parameters such as speed,data transfer rate,bandwidth,throughput, efficiency or reliability.Performance testing can also be used as a diagnostic aid in locating communications bottlenecks. Often a system will work much better if a problem is resolved at a single point or in a single component. For example, even the fastest computer will function poorly on today's Web if the connection occurs at only 40 to 50Kbps(kilobits per second).Performance Testing Considerations: (exforsys, 2015)You will need to consider two important things when you are conducting a performance test. The first thing to consider is the load related to the http connections and the concurrent users. The next consideration is the response time of the software, whether it is acceptable or not. Once you go past these activities, it is possible to increase the system tasks of the application that eventually help you to see for possible bottlenecks.Let us take the example of an internet application to consider multiple levels where such errors can occur:At the application level: Obviously, the first level is the application level. By using profilers, you can detect where the inefficiencies are.At the database level: This is the second level that you need to test. You can use query to optimizers and many specific profilers in this level.At the operating system level: You can use different types of utilities to perform the test. These utilities may include such resources as the vmstat, the iostat, and the top, while hardware resources will include the memory, the CPU, and the disk. You can even use kernel-monitoring program at this level.At the network level: This is the last level. You can use packet sniffers like the network-protocol analysis tools and the tcp dump at this level.

Types: (qualitykios, 2015) (automation-consultant, 2015)

Load TestingA test to measure the performance of a system under a specified level of load.Stress TestingA test in which the load on a system is progressively increased until performance degrades below a specified level. The test finds the maximum load the system can support.Volume TestingA test in which the volume of data in the system is set to a realistic or pre-agreed level. The performance of a system on an empty database is normally better than that on a database with a realistic volume of data.Soak or Stability TestingA soak or stability test measures the system's stability over time by placing it under load for an extended period. This type of test can expose such problems as memory leaks.Custom TestingNot all IT systems follow the most common topologies or lend themselves neatly to the above types of test. Automation Consultants has experience in producing custom performance tests and the necessary software utilities for this.Performance Modelling And PredictionIt can sometimes be far cheaper to create a model of an IT system and predict its performance instead of performance testing it. This is most often the case when some aspects of a system with known performance are to be changed.

Security Testing: (istqbexamcertification, 2015) It is a type of non-functional testing. Security testing is basically a type ofsoftware testingthats done to check whether the application or the product is secured or not. It checks to see if the application is vulnerable to attacks, if anyone hack the system or login to the application without any authorization. It is a process to determine that an information system protects data and maintains functionality as intended. The security testing is performed to check whether there is any information leakage in the sense by encrypting the application or using wide range of softwares and hardwares and firewall etc. Software security is about making software behave in the presence of a malicious attack. The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, availability, authorization and non-repudiation.

Objectives of Security Testing: (Saurabh, 2010)To ensure that adequate attention is provided to identify the security risks,To ensure that a realistic mechanism to define & enforce access to the system is in place,To ensure that sufficient expertise exists to perform adequate security testing,To conduct reasonable tests to confirm the proper functioning of the implemented security measures.Types: (guru99, 2015)

Vulnerability Scanning: This is done through automated software to scan a system against known vulnerability signatures. Security Scanning:It involves identifying network and system weaknesses, and later provides solutions for reducing these risks. This scanning can be performed for both Manual and Automated scanning. Penetration testing: This kind of testing simulates an attack from malicious hacker. This testing involves analysis of a particular system to check for potential vulnerabilities to an external hacking attempt. Risk Assessment: This testing involves analysis of security risks observed in the organization. Risks are classified as Low, Medium and High. This testing recommends controls and measures to reduce the risk. Security Auditing:This is internal inspection of Applications and Operating systems for security flaws. Audit can also be done via line by line inspection of code Ethical hacking:It's hacking an Organization Software systems. Unlike malicious hackers, who steal for their own gains, the intent is to expose security flaws inthe system. Posture Assessment:This combines Security scanning, Ethical Hacking and Risk Assessments to show an overall security posture of an organization.

Dynamic Testing: (Rouse, 2012)

Dynamic testing is a method of assessing the feasibility of a software program by giving input and examining output (I/O). The dynamic method requires that the code be compiled and run. The alternative method ofsoftware testing,static testing, does not involve program execution but an examination of the code and associated documents.Types of dynamic testing includeunit testing,integration testing. Unit testing: (searchsoftwarequality.techtarget, 2015)Unit testing is asoftwaredevelopment process in which the smallest testable parts of an application, called units, are individually and independently scrutinized for proper operation. Unit testing is often automated but it can also be done manually. This testing mode is a component ofExtreme Programming(XP), a pragmatic method of software development that takes a meticulous approach to building a product by means of continual testing and revision.Integration testing: (searchsoftwarequality.techtarget, 2015)Integration testing, also known as integration and testing (I&T), is asoftware development process which program units are combined and tested as groups in multiple ways. In this context, a unit is defined as the smallest testable part of an application. Integration testing can expose problems with theinterfaces among program components before trouble occurs in real-world program execution. Integration testing is a component ofExtreme Programming(XP), a pragmatic method of software development that takes a meticulous approach to building a product by means of continual testing and revision.

Static Testing: (istqbexamcertification, 2015) Static testing is the testing of the software work products manually, or with a set of tools, but they arenot executed. It starts early in the Life cycle and so it is done during the verification process. It does not need computer as the testing of program is done without executing the program. For example: reviewing, walk through, inspection, etc.