While in the previous article, we delved into some functional testing types(Unit, Integration, and Regression Testing), in this one, we will talk about Non Functional testing and some of the tools we use to achieve its implementation.
You may ask yourself what is the scope of this type of testing? As the name implies, Non-Functional testing is performed to assess and verify the non-functional requirements of the system under test. The application's security, performance, portability, and usability, alongside other non-functional characteristics, should be scrutinized to meet the business expectations associated with the software product.
One conclusion you'll probably reach before the end of this article, and what I'm also trying to get through, is that Non-functional testing sadly gets much less attention than it deserves. Most times the costs of including Non-functional testing procedures in your software development lifecycle are much lower than costs provoked by a serious security breach, data leak, or even just the extra server time, extra storage space or lower battery life caused by low optimisation or overall poor performance.
I've chosen to start with Security testing because more often than not, it's overlooked during the development process. There are a lot of resources allocated towards a software project, front-end and back-end developers, QA, Dev Ops, Managers, Scrum Masters, etc. Rarely would one see the presence of a penetration tester or a security engineer. Only when a malicious entity breaks into the system, then and only then resources are put in place for this very important process.
According to OWASP®, security testing can be split according to the types of vulnerability being tested:
One of the tools used in the Security Industry is OWASP® Zed Attack Proxy. ZAP is a security tool, designed for use against web applications and its scope is detecting vulnerabilities and security risks.
Nowadays, when designing a modern web app, development teams can expect its system to be under heavy loads, perhaps even hundreds of thousands of concurrent users. Performance Testing is the process that verifies that an app can support an adequate number of client-server transactions, promptly, and without impeding the user experience. 53% of mobile site visits are abandoned if pages take longer than 3 seconds to load. A further 2-second delay resulted in abandonment rates of up to 87%.
During performance testing, we follow some Key Performance indicators. Using the information gathered from these quantifiable metrics we can determine if the test is successfull or not. In the case of test failure, the development team can identify areas of poor performance and fix or improve on them. Some of these KPIs are:
As most things in engineering, the rabbit hole goes much much deeper and we barely scratched the surface - but what I wanted to point out through this article is that while often overlooked, Non-Functional testing is and should be a core part of the software development lifecycle. Human nature makes us not see the value in preventive measures until we've bumped our heads a few times. People building software, whether they're entrepreneurs or engineers, don't always love to invest in things which have an unquantifiable value. That's the case with NFT as well, more often than not people regret not taking it seriously after it's too late. It is a great preventive measure to apply and avoid pitfalls and potential disasters. As an interesting read, take a look at the list of Biggest Data Breaches in US History to see some really disastrous consequences that having a security vulnerability may produce. Performing Non-functional testing and taking it seriously, in the long run, saves money, time and frustration. I hope this brings some light onto a somewhat overlooked subject in smaller or mid-sized software projects.
Rebranding is a powerful tool for businesses to stay relevant in the ever-changing market. Take a look at how we managed to get an awesome fresh image in 2023.
Accessibility is a wide ranging topic which can get overwhelming quite quickly at first glance. This article aims to provide a modern, comprehensive introduction to Web Accessibility as a whole, and give you a few pointers on where to look next.