Rapid Software Testing course with James Bach

In November 2017 I attended the Rapid Software Testing course held by James Bach. Now, this course has been renamed as Rapid Software Testing Explored.

When I was on the train, going to the training, I imagined what I would have written about the course in those days. But I did not do that. After the training, I decided not to write about it and wait for a good period of time, to see how it will influence me in real life. I think this is the most important thing in the end.

I think that the time to write about this course has arrived. I hope you will find it useful.

Premises

There were some things preceding the training which, I believe, are very important and worth mentioning:

– I knew about the work of James Bach and Michael Bolton. Before going to the training I have fully read their entire blogs, and also the book “Lessons Learned in Software Testing: A Context-Driven Approach” written by James Bach;

– I knew about the work of Jerry Weinberg and have read a dozen of his books, especially the book “Perfect Software: And Other Illusions about Testing” ;

– For 2 years, before going to this training, I tried to understand the testing envisioned by Jerry Weinberg, James Bach, Michael Bolton, Cem Kaner;

– I was a software developer and team lead;

– Going to this training involved also  personal money/cost contribution. I mention this because I am strongly influenced here by the “skin in the game” concept of Nicholas Taleb;

– I have read the rst.pdf file, which was the course support material..twice;

– I have searched the internet for testimonials regarding this course with enough details, but I did not found a lot of them.

Feelings

I remember the strange feeling I had when I entered the class room. James Bach was there at his desk, but I did not dare to say anything. I can say that I was overwhelmed. It was unreal for me to be there.

After the first 2 hours of course, I realized that I knew so little about testing…

Details about course

I will try to write about this course via 3 dimensions:

-structure: the flow of the course in those 3 days;

-key words: it’s interesting to describe a training via some keywords used in the course, which can be enumerated coherently in a minute or so. I think it can have a good impact;

-pearls of wisdom: these are insights from the training, words used by James Bach. You will see that each of the texts is within quotes and preceded and followed by “….”. This is because the text has a context(story, experience, people, time, history, feelings, exercise, place). Some of those phrases took even an hour or 30 minutes to be described by James Bach for us. So there is a risk, for the reader, not to decipher the real meaning/lesson/message, but I put them there in the hope that it will convince/entice you to go at his, and Michael’s, training and find out more;

Structure

The course was centered around exercises, experiments and interesting surprises. These exercises were not easy at all, it was hard stuff(even if at the beginning, sometimes, for us it felt easy, we found out that it needs to be analysed first and we needed to ask for more information). I saw damn good testers being tricked. But James warned us.

Since these exercises and challenges were hard, he spoke to us about mistakes, about his mistakes. He told us that we should not be scared of them and that we should learn from them.

These exercises were inspired from real life difficult situations that James Bach experienced.

Each exercise was followed by a lesson/message. This was the beauty. If someone would have told me in advance the same lesson, I would have not understood it as I should – I am sure of that 100%. But you know why? Because we struggled with it, because it had put us in a delicate situation…try to imagine social pressure or a hostile environment, it is not enough to read about it, you have to live it.

The explanations were full of metaphors, so the message can be easily understood.

The interaction with James was via the Socratic method.

James intention was to make us learn more rapidly the things he learned in a much slower way.

Although I have read in advance the pdf which  accompanied the course, I realized that I have missed A LOT of insights…

Key words

Initially, I was overwhelmed by all the details from the course and I did not knew how to describe it in a short and coherent way. But, shortly after, I realized that I can use some words used in the training. So here they are:

context based risk analysis, compatibility regression testing, sanity check, test strategy, business risk, normalization analysis(from therapy), leader and its attitude toward tester, thinking outside the box, parenting, biases, process of thinking, pattern(s) recognition, efficiency and relative efficiency, sense making, common sense questioning, interview for hiring, diminishing returns principle, fallacies, design tests, cope with complexity and uncertainty, scepticism, risk mitigation, quality, agile, think negatively, tacit test procedures, normalized test sessions, cognitive science, social dynamics, psychology, social skills, qualitative methods, social pressure, functional blindness, hostile environment, data types bugs, boundary testing, heuristics, perimeter assumptions, defocusing technique, factoring, randomness, heuristic test strategy model, professionalism in software testing, hazop, inattentional blindness, audit testing, penetration testing, anchoring bias, mental testing models, adversarial images(from AI) , statistical correlation, product coverage outline, oracles, lifeboat argument, explainability/confusion oracle, person whose opinion matters oracle, defocusing, diffusion limited aggregation, deep testing, exploratory and scripted testing.

Pearl’s of wisdom

As I have already said, it is important to mention that these phrases do not have context around them. This is intentional. It is an invitation, if you like or find it problematic or… to dig more, even to go to the course. So:

-“… Sanity checking means shallow test coverage not deep test coverage. For the purposes of identifying insanities. You are looking for, not just something that is a little bit wrong, you are looking for something that is totally broken. If it’s totally broken I want to know about it …”

-“… All testing problems have a context, and if you know that context you will be able to make a sensible decision about what to do next. And if you don’t know the critical context variables then you will suggest a ridiculous answer …”

-“…. Rapid Software Testing isn’t rapid because you are typing faster than other people. It’s about thinking: Do I really need to do this? Why do I need to do this? What things can I set aside? And what things do I really need to do?  …”

-“… What a good leader should say, knowing how delicate and emotional testing is: I want to know if there is a problem. Don’t worry about the ship date. We will slip it if you say we need to. That is not your concern. What your concern should be: Can I find problems in this?. Let me worry about …”

-“… When you teach a tester how to test you are teaching that person to see something, to see things that you have never seen before …”

-“… Testing is an exploration and experimentation  process …”

-“… A paradox of RST is that: RST tells you that you should do the right thing. Don’t do anything unnecessary, that will save you time. But how do you know what the right thing is? First you’re gonna have to do wrong things to find out what the right thing is…So the paradox is that in order to get rapid you usually have to start slow to climb the learning curve…”

-“… Testing is an intellectual activity …”

-“… Never say:I tested it and it works. That is always an untrue statement. The truth is you tested it and you haven’t seen it fail yet…I tested it and I know it can work… “

-“…Testing is not about assessing that the product is good enough, it’s about finding problems ….”

-“…Counting tests is pointless ….”

-“…Rapid Software Testing methodology which is a mindset and skillset, but it is not a set of rules, it’s not a set of templates….”

-“… New novice testers don’t need lists. They need experience. How do you give them experience? Sit with them down and test with them …”

-“… Here is what you never do: you never derive tests from requirements, just don’t say that…”

-“… It is not possible to write down a test …”

How it helped me

This course helped me realize/do a lot of things:

– I will do everything I can to have trainings with the best in the industry. With those people who create concepts. If this means paying from my own money, so be it. I prefer to wait a year or two, but to learn from the best out there;

– Online trainings are important and have their place, but they can never ever substitute a live training held by one of the top of the top of trainers;

– At least once per year I would do the Rapid Software Testing Applied training;

– As a programmer, this professional testing dimension influenced me a lot. I can no longer define myself as only a software developer and ignore the tester part in me;

– I understood how and why so much money is lost in IT with superficial testing and the “automation” trend which now is being marketed ;

– I understood how to be a better mentor;

– It helped me by giving me force to write about testing and to defend it;

– I realized that, now, in IT, a lot of concepts currently used are not understood: testing, agile, scrum, OOP, architecture…

– I was able to help/coordonate a student, an experienced developer, for a masters degree in IT regarding testing. It was the first time such a subject was presented in university and it really impressed. I was glad that, finally, the real face of testing was presented in an institution which prepares students for the IT industry. I hope that in the future I will be able to teach a course on testing, but I am not yet prepared, I need help. I think that if testing, the real one, would be taught in University it would help even more the spreading of what real testing is, which in the end will help the industry as well as the people in it.

Conclusion

I liked this training a lot. I never would have thought that it would influence me so much.

How testers can provide value for developers

On the Rapid Software Testing slack Channel(1), one month ago, an interesting  question was put by David Högberg:

Here is an interesting story and question from my friend in another Slack-group:

(translated from Swedish)

”Today was the last day of a sprint in one of the teams I coach at….

A backend developer has been very productive this sprint, he has pulled in more tickets than planned and finished those. Instead of pulling in another ticket on the last day he took the initiative to work on the unit test coverage and integration test coverage in our most important repository.

Now we have 100% code coverage for both unit and integration (API) and a branch coverage above 90%.

Besides this he always tests his own code, with both wide and deep understanding of the requirements. He always ask for feedback regarding his own testing, wants critical code reviews and practises risk-based exploratory testing.

This is what QA-coaches and testers will have to work with in the future. How do we create value for these future developers?”

….What are your thoughts regarding my friend’s question? How can testers provide value to developers who deeply care about code quality and at the same time are good at testing themselves?” (2)

The point raised by David Högberg is important and should not be ignored. Also, I saw that some testers were somehow speechless regarding this, like there was nothing to say/do/challenge/help.

There are lots of things testers can do. Testers must/can challenge things and there is a lot to challenge. So, for example:

1. The fact that what the developer does are unit checks , integration checks not tests.(3)

2. He said that he reached 100% code coverage for unit checks and integration checks. Actually code coverage is a measure and number for programers only. This is because it helps the developer to see areas not covered at all, not how well that area of code is covered. So, this number should not be exposed to management, because you can have 100% code coverage without code actually being covered. From the moment when you hear that code coverage number is exposed, there might be trouble – I know it sounds strange, but for me is a sign of exaggerated confidence. Maybe I am wrong, but for me is a heuristic for looking with care, because of the things which can’t be articulated in simple boolean confirmation statements.

I have to say that each time when I discuss with managers I try to do my best to convince them to ignore the code coverage number and the fact that it means nothing.

By the way, when I have the occasion I ask programers this simple question: So you are so confident with the unit checks?  If the answer yes, then I ask: Good, are you ready to bet you salary for 3 months that I’ll not find any problems? Usually, I perceive hesitation.

A good technique to verify the actual lines/conditions, in terms of coverage, is mutation checking(4). Even with this technique, I have in my mind the difference between testing and checking! (3)

3. As a tester you can help the developer with the sampling, the data she/he is choosing. And, as you know, this is not a skill which can be learned in a day or two. Sampling at the unit and at the integration level is important and I saw a lot of times unit checks and integration checks which repeat themselves.

I do not mention that testers, need to know very well about cognitive biases, critical thinking.

4. The developer said that he/she made unit checks? Perfect. Challenge that. Take a look at this brilliant article by James Coplien: Why Most Unit Testing is Waste . You’ll notice that this article is not so easy to digest, is deep – it speaks about the theory of information, also it does not follow the current dominant thinking about unit tests. I’m sure it will help you to make that developer think. Maybe negative reactions can take place, but is OK, we want fruitful disagreements.

5. The developer said he/she is doing TDD? TDD does not help at big architecture and OOP. It helps, maybe, at the micro level, but for sure not macro. This means architecture, OOP is fully exposed in a big and nasty ways. Maybe integration checks can help to see that the parts are fitting together, but are not helping to see that they are ok built. What this means? Well… nasty things are hidden at the integration boundaries. Developers don’t do OOP, but Class Oriented Programming. OOP would mean to reflect the mental model of users, which this does not happen. All the work is split between a lot of classes and functions. I think you can imagine the dangers.

Regarding TDD, I noticed that some persons begun to make some research about it and it is interesting: A Comparative Case Study on the Impact of Test-Driven Development on Program Design and Test Coverage or Does Test-Driven Development Improve the Program Code? Alarming Results from a Comparative Case Study

By the way, I also liked this post: TDD is dead. Long live testing

So, please, go and see the research, I doubt a lot of programmers do that…

6. Unit checks and integration checks is also code, this means that is prone affected by things like: bugs, maintenance, design, analysis, architecture.

7. I love the article of Max Boisot with the patterns(5). For example: for 10 dots there are 45 possible links and 3.5 trillion possible patterns. I’m sure in applications there are more than 10 connected dots. Is not possible for a developer, no matter how smart he/she is, to be sure he/she covered all the possible patterns and also to be aware which pattern is more important than other(s).

8. Regarding “A backend developer has been very productive this sprint, he has pulled in more tickets than planned and finished those.” Maybe I’m interpreting this in a wrong way, but sorry… I’m not interested in the productivity of the developer. This is a very nasty stuff. For me is important that the team and the whole work to be ok. When I read productivity of individual, I begun to doubt the good functioning of the team and this is bloody dangerous. Is like measuring tester for the bugs introduced, sorry, but no. Were there any other members actually working on stuff? If yes, why he did not took care to help finish that?  – I’m deducing this from the text, maybe I’m wrong. In Scrum the team works on a single PBI at a time.

Still the list is short. I would have added about cognitive dissonance, of how the team structure affects the code structure, but you got the idea…

Conclusion: So how testers might create value for these kind of developers? I think that when a tester will put this question then is a good sign because learning/helping continues.


(1) Michael Bolton, “RST Slack Channel”, https://www.developsense.com/blog/2017/10/rst-slack-channel/

(2) Text used with permission, thx David Högberg

(3) James Bach, Michael Bolton,”Testing and Checking Refined”, https://www.satisfice.com/blog/archives/856

(4) Robert C. Martin, “Mutation Testing”, https://blog.cleancoder.com/uncle-bob/2016/06/10/MutationTesting.html

(5) “The problem of connecting the dots”, https://sensing-ontologies.com/the-problem-of-connecting-the-dots/

Round Earth Test Strategy and earthquakes

Recently, James Bach published a nice analogy/model regarding test strategy, named “Round Earth Test Strategy“(1)

Early in 2018, in January, James Bach was kind enough to share this analogy on a special channel RST( this channel was created especially for RST alumni; it’s an active and very very very useful group to be in – another very good reason to take RST class(2)).

I liked it. But, in that moment, and days/months after, I felt that I still miss some aha moments, about those things, which confirm in a way that a certain subject is internalized in myself somehow.

Museum

In the image of this blog post is the Natural History Museum in London. It was here where I had the aha moments I knew I was missing. Suddenly, in my head, I remembered James Bach’s round earth model. In there is a section named “Volcanoes and Earthquakes”. When I began to read what was written, I was amazed how the things described there can be used as an analogy, as James thought, for testing, but maybe also for problems/risks/bugs/tools/approaches from the IT field:

● “Earthquakes can happen without warning, causing death and destruction on a massive scale. When they strike we feel a sudden, violent shaking of the ground, but they are caused by slowly moving plates on Earth surface. As these plates move, pressure builds up until it finally gives away”(3) → In reading this text I remembered bugs. How certain bugs can create a lot of mess (urgent calls, staying late in the night, missing important moments). How those bugs appear suddenly, without notice. But what stroke me is the fact of slowness and violence of earthquakes.

Slowness in:

– how functionality is written → It’s not like the functionality is developed instantly. There are meetings, mails, writing code, searching through code, testing, etc.

– execution of the program –  managed memory leak, usually, takes time to be observed. But when it reaches a critical point, entire system crashes not only the programs.

The idea of moving plates made me think of integration testing.

● “Preparing for the worst; living with earthquakes: Scientists can’t predict exactly where and when an earthquake will strike but they know roughly which area around the world are at risk. It is vital for the people living in these areas to prepare for what may come and know what to do when it does. Without adequate preparation, earthquakes can cause huge suffering and destruction”(3) → It describes perfectly the role of testers and why they are searching for the worst, why they should think negatively. Testers, like these scientists, should understand that they cannot predict and also can’t be sure that the software is ok (just a black swan among thousands and thousands of white swans was enough to proof that there were not just white swans). Although they can’t predict or prove the correctness of a software program, they will use models to identify possible areas with problems guided by risks (For example, by looking at the source control metadata, weak areas within the source code can be discovered. ). Since we’re talking about people, the risks also have a psychological and sociological dimension. It is sure, problems will occur and maybe we should guide our testing also by the possible suffering we create, for the ones using our software.

● “Impact scale: There are different ways of measuring earthquakes. Unlike Richter scale, which measures magnitude of the shaking, the Mercalli scale measures the amount of damage caused – the loss of life and the damage of buildings. Generally speaking, the higher earthquake magnitude the greater the devastation, especially when it strikes near populated areas. But you also have to factor the in depth of the earthquake, and how well people have prepared. A big earthquake can have a low Mercalli value if it happens deep underground or if buildings have been properly supported”(3) → When I saw measuring, I recalled the nonsense in counting the test cases – which is very susceptible to the reification error and this is very, very dangerous. But we have something which tries to avoid the reification error and is based on events/activities: it is called Session Based Test Management.

But there is more, the fact that a big earthquake can have a low Mercalli, made me think about complexity and the fact that the relation between cause and effect is not linear. Populated areas also indicates complexity, because social systems are inherently complex. This means, for testing, that the approach is more informal (it’s about trying/probing, then make sense of it, then respond/report the possible problems which might occur), not a formal one – when thinking of testing, and more specifically the checking dimension,  maybe here mutation checking makes sense.

There is also another implicit dimension here, which is the place where the earthquake happened. Even if it is a small earthquake but it happens in the ocean, it can generate a tsunami. If I relate this to testing, it makes me think of the different coverage areas like structure, platform, function, operations, data, time, interfaces(9), hazard.(thx Ionut Albescu)

● “Danger after the quake: The  danger doesn’t stop once the ground has stop shaking. Fires, landslides and even liquefaction can all cause damage and loss of life…Scientists and engineers have developed ways to deal with these dangers through defenses, warning systems and building design. But even with the best plans in place some communities can still be caught off guard”(3) → How many developers, testers, scrum masters,… think that maybe a person will be fired because he/she is not working fast enough with our software product? How will a developer sleep at night when his/her code caused, even indirectly a death, or a bankruptcy? There are consequences, but a lot of people don’t get the fact that they must assume also unintended consequences, which were triggered by what their product does. How will they deal with that?

They have developed defences, but it’s interesting that they speak about them with terms like: tools (4), models(5). We, in IT, use a lot the word  “automation”…

When they speak about plans it’s very serious because it’s about people’s lives. They are not using some tools/techniques  as a plan, they are guided by the reality of the situation. What a test plan means, for a lot of people: automation at the unit level, integration and maybe acceptance(BDD). And they add exploratory, although they are not able to articulate what it means and how to show/do it in a professional way → this is not a test plan.

What if aftershock are the equivalent of hotfixes? And we have a flow like this:

1. A bug appears

2.A quick hotfix is made, but in a hurry

3. As a result, that hotfix can cause undesired problems(maybe inadvertently), because of the chaos created by the initial bug.

The last sentence made me think at the japanese word “hansei”. Because even though those scientists built/are building, defense and warning mechanisms(kaizen), the things can still go wrong and this is sadness/regret.(6)

● “After the earthquake, responding to disaster: earthquakes and tsunamis can destroy home and buildings, transforming lives. The hours and days  that follow the disastrous events can be vital for saving anyone who has been trapped as a result….As people come to terms with the destruction they can start with the process of building resilience – changing the way they live and act to deal with the risk of an earthquake in the future. This can leave them better prepared for future earthquakes“(3) → The keyword here is resilience, but a lot of IT people want robustness. We, in IT, have chosen the wrong metaphor. Rapid Software Testing(a Context Driven methodology) is fully aware of that, that’s why it’s so different from “Factory Style” testing(7), because it sees the context as an ecology, not as a factory(8).

Conclusion: Read James Bach’s post, then read the text from the museum again. I hope you will find it as useful as it was for me.


(1) James Bach, “Round Earth Test Strategy”, http://www.satisfice.com/blog/archives/4947

(2) https://rapid-software-testing.com/

(3) London Natural History Museum, Earth Galleries, text used with permission under license Non-Commercial Government Licence, Copyright © The Trustees of the Natural History Museum, London

(4) “Tectonic hazards/Earthquake engineering“, https://en.m.wikiversity.org/wiki/Tectonic_hazards/Earthquake_engineering

(5) “Improving defence against earthquakes and tsunamis”, https://www.ucl.ac.uk/news/2017/mar/improving-defence-against-earthquakes-and-tsunamis

(6) James Coplien, Interview, www.infoq.com – in this interview he explained scrum and these 2 japanese words, among other things – I can’t find the text, as link, but I have it as text, tough, in my personal archive.

(7) James Bach, Michael Bolton, “RST Appendices”, http://www.satisfice.com/rst-appendices.pdf – pages 3-6

(8) Alicia Juarrero, “Safe-Fail, NOT Fail-Safe”, https://vimeo.com/95646156

(9) James Bach, Michael Bolton, SFDIPOT, http://www.satisfice.com/rst.pdf

Testers, testing, automation, tool(s), continuous integration

Automation for a tester (a good one) should not be guided by the Continuous Integration(CI). I expect that tester to do the job regardless if he/she will use some tools. To do/use whatever ingenious tool( or approach with tool) he/she considers fit, and not to be limited by CI and Continuous Delivery(CD). For that tester, when he/she  thinks about automation (actually “tools” is the right word), he/she should not have in mind only gherkin/ranorex/ui automation….In fact, when the tester will notice that these kind of tools are promoted/enforced he/she should be skeptical. Yes, if the tester can make use of them because it’s applicable, then why not, but they should not be caught in a trap with these tools and see nothing else beyond them.

Regarding CI and “automated testing”(checking is the right word not testing, semantics matter(1)), just to be clear, they are useful but they are not “the path, the way and the truth”.

Let’s do a small exercise: Can you imagine a situation in your product/project where 12 things are related? By 12 I mean persons, requirements, things in source code. Regarding a person, from anthropology, we know that he/she has multiple identities and he/she shifts between them(2). If we have 12 dots, this means the number of possible links is 12(12-1)/2=66. But the number of possible patterns is: 2 at the power of 66=4,700 quadrillion patterns(3). At this level, we no longer speak about deduction, induction, but abduction.  Now think again at CI with the automated checks and number of test cases written and executed…something is not ok, right? Somehow I begin to see the cons of blindly believing in CI/CD.


(1) James Bach, Michael Bolton, “Testing and Checking Refined, https://www.satisfice.com/blog/archives/856

(2) Dave Snowden, “The landscape of management: Creating the context for understanding social complexity”, https://www.researchgate.net/publication/228449006_The_landscape_of_management_Creating_the_context_for_understanding_social_complexity

(3)”The problem of connecting the dots”, https://sensing-ontologies.com/the-problem-of-connecting-the-dots/

About testers owning the requirements or the product

In a way this blog post is related with the previous two( see here and here), regarding the problem of testers being underrated.

It’s related because a solution to the problem of unrated testers, is, for some, to encourage the idea that testers should own the requirements. But there’s more to this, it’s not enough for them to encourage the owning of requirements/product, but also the following two ideas are being enforced:

– to present the idea of “automation testing” as a holy grail of testing. And that this “automation testing” is a byproduct of Continuous Integration or Continuous Delivery(no, I am not against CI or CD, just to be clear);

– testers to be the right hand of Product Owner’s(PO) or a extension of the PO’s role.

So is this ok? I think not, I think there are some flaws in how things are being associated. Flaws which show a lack of understanding regarding what testing is.

The testers should not own the requirements. If they own the requirements they have to be the BA or PO or… . Testers must find relevant information regarding requirements, information that if it is not known at the proper time, will be problematic for the product/project/delivery/team. If the tester wants to own the requirements, then he/she is no longer a tester but a BA/PO/…The tester has that special mindset that is different from all team members, he/she must always be thinking where negative/unwanted/bad things can happen. If he/she owns the requirements then he/she will try to protect them; when actually the tester has to dissect and analyze them from all the angles, to challenge their status quo.

Just think about basic stuff regarding security testing, and the mindset to do it. The tester must use all models/techniques available to knock down/find bad stuff, not to own a thing which will never be complete. Why? Because “We always know more than we can say, and we will always say more than we can write down”(1) -And you want to limit the tester to owning the requirements? I hope not.

A tester has the same importance as a BA, PO, Programmer, PM, Team Lead,UX,etc. The tester must be the bridge between useful information and all members/colleagues/clients,  which need that information.

The testers do not drive the delivery, they are, as James Bach says, “light of the car in the night” – this is the correct metaphor – but this means those lights do not own the car….

I think (I could be wrong), a lot of testers want to be the gatekeeper because of a bad self image, but also of the bad image testing/testers have nowadays. I understand where that bad image is coming from, when their work is reduced to test cases, number of test cases and automation of test cases.


(1) Dave Snowden, “Rendering Knowledge”, http://cognitive-edge.com/blog/rendering-knowledge/

On the idea of testers being underrated – Part 2

In the first part Marius expressed his opinion regarding this subject, below I try to articulate my thoughts.

I came across the topic on linkedin, and I couldn’t resist to not comment on it. I personally don’t experience that people from other departments that work with me would underrate me as a tester (or maybe I just haven’t noticed yet), but I see it happening to other testers a lot. I want to discuss two main points that I kept thinking of as I was reading the original article(1) and that might have a lot in common with why that is happening.
 
I. The „test automation“ fallacy
Most of us testers often use the wrong terminology when we talk about the opportunities for using automation – especially when using it for build confirmation purposes.

In that case the tester often designs and encodes a suite of checks that he runs after each new build, to see if the results of the suite changed since the last time the suite had been run.
In certain situations, this is often an efficient way of how to save time. However, we can’t talk about that as „test automation“. Why not? This goes all the way down to the question „what is a test?“.

There are many definitions of testing. Since I believe testing is best thought of as a skilled social activity, I prefer the definition offered by James Bach and Michael Bolton. They define a test as an „instance of testing“, where testing stands for „the process of evaluating a product by learning about it through exploration and experimentation, which includes to some degree: questioning, study, modeling, observation, inference, etc.“(2)

So how do I myself approach the encoding of an automated check?

1. At first I have to get to know the product I’m testing; I have to learn about the product – for that I use exploration, studying, questioning, modeling, observation, inference, etc. I can’t set up a machine to do it for me.

2. Then I have to make some decisions about the tradeoffs:

a. Which features of the product are crucial to do regression testing on?
b. What specific checks will be valuable to automate for those features?
c. What tools will I use for the automation?

3. Next, I have to design and encode the check.

4. I have to tell the computer what the words „pass“ and „fail“ mean; I have to think of an oracle, which is self verifying – that means, that I will have to think of what is the anticipated result of the check and include it to the code (this is often called an assertion), so that the computer will be able to tell, if the check passed.

But that’s not all yet, is it? If the check fails, it doesn’t automatically have to mean that there’s a bug in the product – and not even that the feature, which I wrote the check for in the product has changed – maybe just the environment is down. Or the tool is badly configured. Or there’s a bug in my automation – so if I see a check fail, I have to go back to it and make sense of what had really happened. Machines by themselves can’t do that either.

The „it’s all just semantics“ argument

You can see that there’s a lot of human interaction happening while creating automation checks. If we talk about this complex activity as „test automation“, it leads to the belief that testing can be automated – especially by the managers who are not skilled in testing and want to save money where possible. Why would they appreciate testers if we project the illusion of replaceability?
Why wouldn’t they think that they can replace humans with machinery if all that testers do is talking about new ways of using „test automation“ or performing „automated testing“?
Testers like Michael Bolton and James Bach came up with the idea of using much more suitable term “checking”(2) years ago, yet most people in the testing industry still cling to the test automation nonsense. They choose to dismiss the difference between checking and testing with the argument that it’s just semantics and it’s not really that important – but it hurts us testers the most.

II. The obsession with bad certifications

A lot of testers fall into the ISTQB/TMap/<whatever else> certification trap: “I’m certified, therefore I’m a professional tester!”. They might get the feeling that since they already accomplished to get a piece of paper that certifies that they passed a bad exam, they don’t have to invest their resources to further education anymore.

The number one problem that I have with these certifications is that they don’t teach testers how to test. They teach testers to memorize a book and then pick 1 from 4 options as an answer on the exam. And you have to get only 65% of the answers right to pass it anyway. 😊 (3)

I’m talking mainly about ISTQB CTFL here; how can a tester with that certification be taken seriously, if it takes what – a day? – to memorize the “right” answers to the questions, which you know beforehand?

If you compare ISTQB CTFL certification to a different engineering certification such as Offensive Security Certified Professional (OSCP) (4) it’s like night and day. I see OSCP as the kind of certification that actually might be useful if you really feel the urge to measure the depth of skill of an individual with a certification; the student goes through 24 hour challenge in an unfamiliar lab environment to do actual tasks related to security and must show off his skills while doing that.
You might say that it’s silly to compare the advanced OSCP to the most basic ISTQB exam – but even the most basic programming certifications are from a large part built on examples of code that the students have to understand to be able to pass the exam, not on memorizing a book about programming theory. But nobody does ANY actual testing in ISTQB’s CTFL – yet people still buy their expensive courses and pay for the exams.

[Sidenote: I met people who took the ISTQB courses (not just the CTFL, but also the advanced level test manager course) and shared with me that all they did there was listening to the instructor reading the syllabus with two or three examples and it was a complete waste of money and time. I don’t understand how they (ISTQB) can charge money for this.

On the other hand, I also met people, who claimed they enjoyed the course only because their instructor was more open-minded and left out bunch of the syllabus nonsense, which he replaced with some useful examples. Good for those people – they managed to got at least some value out of it, but still – would you want to support such organization when they clearly don’t care about your experience with the courses, as long as you buy them?]

Some testers do their exams just because they think there’s no other option than bad factory school courses. That’s not true. It is not „a certification“ in the ISTQB sense of the word, but there are four awesome courses in a series called Black Box Software Testing (BBST) by Cem Kaner and they are as close to teaching real testing as you might currently get.(5)

Conclusion
Of course there’s more to the topic than just these two points. But even when considering just these two, I really can’t blame people outside of the testing space that they treat some of us testers like second class citizens at work. When we are done with taking ridiculous certifications (and then bragging about passing it on social media sites) and we stop talking about testing as the next-to-be-replaced-with-machinery department, then we can stand a chance of not being underrated.

[Thanks to Michael Bolton and James Bach for their helpful reviews.]


(1) Claire Goss, “ Testers – Is it our own fault we are Underrated?!”,  http://www.exactest.ie/blog-testers-underrated.html

(2) James Bach, “Testing and Checking Refined“, https://www.satisfice.com/blog/archives/856

(3) “CTFL2018”, https://www.istqb.org/about-as/faqs.html?view=category&id=79

(4) “Offensive Security Certified Professional”, https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/

(5) “About the Black Box Software Testing Courses”, https://www.associationforsoftwaretesting.org/courses/

About the idea that testers are underrated – Part 1

In a previous blog post I spoke about me being incapable to defend testing and testers.. What stroke me when I wrote that blog post was a discussion I had with a prospect. This prospect clearly expressed that testers, if they would have been in the project, should have been paid much less than developers with same experience. For example a senior tester should not be paid the same as a senior developer, actually it should be half of the price paid for a senior developer.

What was even harder for me was that my colleagues somehow agreed. In those moments, shortly  after the discussion with the prospect concentrated on other subjects, images of all testers from the firm flashed in front of my eyes. When I ran those images through my mind, there were a few dozen of testers, I realized that they also do not see testing as I see it. For me, testing is Context Driven Testing(via Rapid Software Testing(1), Black Box Software Testing(2)), for them it is more like Factory Style testing(3).

It’s time to speak/act about testing the proper way (and by testing I mean the testing envisioned by Jerry Weinberg, Cem Kaner, James Bach, Michael Bolton… – this line of direction). It’s becoming really embarrassing how such an important discipline is being trivialized in such a ugly/unprofessional/shameful/disgraceful manner in our industry.

The main issue here is not about “underselling”/”underrating”(4), these  things are effects. It’s about under-appreciation of the craft of testing. Seriously, what expectation should that tester have about being appreciated when the tester sees himself/herself as a manual/automation tester or qa automation tester and so on? I saw in interviews that testers are asked about how they write a test case, if they know jira/redmine/…, and if they know waterfall/agile/.. methodologies. Seriously?! And we wonder why testing is badly seen? I saw testers who encourage these kind of interviews( well, despite the fact that they label themselves as testers, for me they are not). The sad part is that managers believe this nonsense and are paying for it and they will be fooled again that “test automation” can solve/replace everything. Actually, if a tester is defined by writing test cases, knowing jira/redmine and knowing some agile/waterfall, no wonder,  all can say that their work can be automated or underrated.

Are testers to blame for this?  For sure they should do more to defend their craft.  It’s time for testers to know what professionalism in testing really is(5).

Also, it’s time for the Agile community to understand that testing, the real one, is very different: http://www.developsense.com/presentations/2017-09-TestingIsTestingAgileIsContext.pdf (careful, it’s a long document – not just a list of platitudes. It’s serious stuff . No fooling around.). After reading this document and thinking of that kind of tester and testing described there, for sure  the words “underrated” and “underselling” will not popup in anyone’s head anymore in regards to testing and testers. They will say, probably, something like: “wow, what I saw till now regarding testing was a bad comedy” or “I lost money in a stupid way”.

I am a developer trying to make a sense of what real testing is. I was glad to see a public feedback about this topic from a Context Driven Tester, Klára Jánová. In part 2 of this post is her feedback regarding the subject discussed here.


(1) James Bach, Michael Bolton, “Rapid Software Testing”, https://rapid-software-testing.com/

(2) Cem Kaner, “Black Box Software Testing course”, http://www.testingeducation.org/BBST/

(3) James Bach, Michael Bolton, “RST Appendices”, http://www.satisfice.com/rst-appendices.pdf (pages 3 to 7)

(4) Claire Goss, “Testers – Is it our own fault we are Underrated?!” http://www.exactest.ie/blog-testers-underrated.html

(5) Robert C. Martin, “Sapient Testing: The “Professionalism” meme”, https://sites.google.com/site/unclebobconsultingllc/home/articles/sapient-testing-the-professionalism-meme

Why would you automate, in testing, anything?

If with the word “everything” it was, for me, like an exacerbation regarding automation well with the word “anything” is something else.

Initially I thought that “anything” word is problematic because it seemed like absolute word which ignores  context. But actually – I had to stay and think about it for 2 months – it might open the perspective of making sense of the multi-ontologies. It invites to dig more. Is like putting under the question why bother to try to automate something and because of this, in a way, it points into a direction to take context into consideration. Context which is situational, relational, temporal, …

Why would you automate, in testing, everything?

A bit of context:  I was trying to answer a question Michael Bolton put on the Rapid Software Testing Slack chat group, the question was “Why would you automate anything?”. Yes, it was the word “anything” not the word “everything”. In trying to respond to the original question I answered also to the question from the title of this post. In my head was a mixture of those two different words, strange…

Below are several reasons I spot it about why is this desire to automate, well to automate everything :

– some managers does not have a clue what professional testing is ( by professional testing I mean Rapid Software Testing a Context Driven Methodology). The managers still think of it in manufacturing terms(” automate as much as we can”). And because of this then they want a way to speed up things. They see testing as tangible stuff. When I say management, I’m not referring only at the first level, but at all levels in an IT company;

– some testers who are not aware of their profession. Is a trend now with (using) tools, who encourage this. It seems the marketing promoting the tools is doing a good job. And novices (we should not confuse years worked with years of experience) think this is the way. Then with the help of uninformed management we arrive at the desire to automate everything. Somehow these testers are not aware of the misinformation they are doing, is not an  intentional thing;

– some testers who see the trend( the dominant thinking)  and for their personal advantage go on this path. They don’t care about the interest of the project. This is sick and a unprofessional behaviour which I witnessed several times;

– some programmers who are ignorant of what a tester really does. They think, because of their arrogance, that are too smart to need a tester or to respect him/her. For me this enters in the unprofessionalism behaviour;

– some programmers with good intentions seeing the benefit in automation but trying to make a general rule without having other thoughts. For sure these are not senior/advanced developers. I say this because a real senior/advanced developer knows the plethora of the possible problems and they shut up and think, holistically, before speaking/making a decision;

– a teacher/mentor/manager making their people to think about what it means to automate everything. I can extend here the idea that a tester/programer might do this do investigate/search/discover more about this topic.

Incapable to defend real testing

I am a developer, also a Team Lead. I remember now the moment when I realized that if I’m a better developer is also because of the help of a good testers. Initially it was like a cognitive dissonance: how come a good tester help me be a better developer? Even stranger for me was that when I realised this, I was deep involved (still deep involved) with TDD, unit tests and Automated Acceptance Testing.

There are devs who think that if they do tdd/unit tests everything will be ok and testers will do “some clicks”. Or even worse, the testers, for those devs, should check all the nonsense made by a developer, because that developer will not test. So strange. So a developer should not experiment, learn, explore, investigate, find relevant information from his/her own work.

I am sad. I was unable today to defend the real craft of testing (Rapid Software Testing). In a way, I felt that I was not able to defend those testers who contributed to  make me better professional. So strange feeling.

Then I begun to think more. Now is a lot of talk regarding “manual” testing and “automated” testing.

Note: I told to a marketing person that she is doing “manual” marketing. And this sound so strange almost like offending. I told her about testing and “manual” testing and she understood. Still I can’t forget that it almost sound offending.

Why do they say “manual” testing? Maybe because a tester should just verify a specification, no matter the form of that specification – wait, I am wrong, is a user story with acceptance criteria, of course. Since is a clear specification, it is imagined, I think, that they can also write what they will test – some will say they write the test…. Hmmm…So, if they can write it down this means they don’t need a tester with experience – may be temporary – , a junior should be enough because anyway acceptance criteria are done by the Product Owner. But if a junior can do it, then … wait we can automate those steps, yes, yes via UI. So, hmm, why not get rid also of the junior tester, because we have the automation which is the ultimate goal actually. A click of a button and that’s it. For sure that automation code will be developed not by experienced developers like it would be the production code, no, no we have “automation” testers.

So why a tester should matter so much when actually he/she is only doing some of the shallow testing a developer must do? Shallow and clear steps which can be done by anyone.

So, I imagine that’s why – briefly described – some testers are being called manual and automated.

If testers spend time on shallow bugs they will not have time to see for deeper ones. Such deep that neither a dev can’t see it.

But what do those testers that I was not capable to defend? They, although they might not phrase it like this: investigate, doubts, searching for information, pose questions, questions everything, do more than confirm acceptance criteria, they challenge the actual criteria, they make definition of done/ready relative when all the other thinks are clear and absolute, are able to begin testing without specifications if needed, be able to show the multidimensionality of a problem/specification/story, use any tools which can help them (not just selenium or…), they will not answer to different problems with same answer because they are aware of context, support developers, …. please see here for a much longer list: http://www.developsense.com/blog/2017/04/deeper-testing-2-automating-the-testing/

 

Sorry colleagues testers :(.