Development Testing

Development testing is an emerging category, including a set of processes and software, such as static analysis, designed to help developers, management, and the business easily find and fix quality and security problems early in the development cycle, as the code is being written, without impacting time to market, cost, or customer satisfaction.

Development testing augments traditional testing, including QA functional and performance testing and security audits, providing development teams with a quick and easy way to test their code for defects in a non-intrusive manner, so development stays focused on innovation, management gets visibility into problems early in the cycle to make better decisions, and the business continues to deliver high quality products to market for competitive advantage.

Software will continue to be complex, and the only way to effectively manage this complexity is to integrate testing into every phase of the lifecycle. Coverity is continuing on its path of transforming the testing market by solving a classic computing problem in a way that is easy for developers to adopt, which ultimately raises the strategic importance of development to the business. Theresa Lanowitz, founder of voke, inc.

Development Testing =

faster time to market + reduced cost + greater customer satisfaction and brand equity + increased visibility and traceability + improved cross team collaboration + less risk

Development Benefits
Finds hard-to-spot defects in code, provides guidance to help fix problems fast—without requiring subject-matter expertise, reduces the time spent on re-work and de-bugging, and enhances skills by showing developers where they are most susceptible to error.
Management Benefits
Increases visibility for better decision making, creates a predictable release process (on-schedule, on-budget), reduces costly support and production issues downstream, and provides consistent measurement of teams against common metrics to track improvement over time.
QA Benefits
Creates a more efficient QA testing process by receiving a higher quality build from the start, reduces wasted testing time due to buggy code, and focuses testing efforts on the problems that require their expertise.
Security Benefits
Creates a more efficient security audit process by eliminating a portion of security issues upfront, and helps focus testing and remediation efforts on the problems that require their expertise.

Today’s Software Reality

Software operates the products and services that we use and rely on in our daily lives. It many times is the competitive differentiation for the business. As software increases in size, complexity, and importance to the business, so does the business demands on development teams. Developers are increasingly accountable to deliver more innovation, under shorter development cycles, without negatively impacting quality. Compounding this complexity is today’s norm of geographically distributed teams and code coming in from third party teams. With so many moving parts, it’s difficult for management to get visibility across their internal and external supply chain. Without early warning into potential quality risks that could impact release schedules or create long term technical debt, it leaves little time to actually do something about it before the business or customers are impacted. This lack of visibility also creates downstream collaboration issues and process inefficiency. The QA and security audit process takes more time and effort, increasing the risk of software defects slipping into the field or into production. The business impact: costly recalls, downtime, field crashes, dissatisfied customers, and brand damage. The development impact: more time spent finding and fixing problems instead of focusing on innovation, which only leads to slower time to market, increased costs, and lost customer satisfaction. It’s a never-ending cycle.

Expanding Traditional Testing into Development

Software defects are nothing new, so why is it such a hard problem to solve? First, traditional approaches to testing, while effective testing methods, only get you so far. Traditional testing looks for the ‘expected’ problems—making sure the functionality and performance works as expected. Traditional testing also happens later in the cycle, many times after development. Because of organizational silos and conflicting priorities, it’s hard to get development to fix defects after development is complete. Second, technology adoption in development will be limited unless it’s effortless for the developer. If testing results aren’t presented to the developer in a way that’s actionable, relevant, and presented in their workflow, troubleshooting and fixing defects will slow down the entire process. Given the time to market pressure on development, defects will likely go unresolved, or go undetected altogether.

A new testing approach is needed. It’s time for testing to expand beyond its traditional definition and become integrated into every phase of the lifecycle, starting with the code itself in development. Development testing augments traditional testing to help quickly find and fix the unexpected, hard to spot, yet critical defects in the code itself, when it’s the most cost-effective to fix them.

Characteristics of an Enterprise Development Testing Solution

For development testing to be successful, the solution needs to remove barriers to developer adoption and scale to meet the needs of the enterprise. A development testing solutions requires:

  • Accuracy of Results

    If the results aren’t accurate, relevant, and actionable, developers will ignore the results. This includes a low false positive rate, clear information on where the defect exists in the code, what other streams and projects contain the same defect across shared code, and developer guidance on how to fix the defect.

  • Speed of Results

    If the results aren’t provided to the developer in a timely manner, it wastes development time. A development testing solution should give developers testing results quickly, in a matter of minutes or hours as part of a nightly build, instead of days or weeks, regardless of the size and complexity of the codebase.

  • Seamless Integration into the Existing Workflow

    Developer workflow: Development testing adoption will be limited if it does not fit into the developer workflow. Defect management should be quick and easy. This includes prioritizing defects based upon impact, filtering defect information to view only what’s relevant to them, collaborating with other developers, and accessing a rich knowledge base to understand how to fix the defect. Developers should be able to manage this process at their desktop, directly within the IDE, either before the code is checked-in or as a part of their build or Continuous Integration process.

    Management workflow: A development testing solution should also integrate into the manager’s workflow via policy management and code governance. This includes the ability for development management to set software policies and aggregate multiple development metrics to get continuous visibility into code quality, security, complexity, and developer efficiency, in a consistent manner across teams, projects, and suppliers.

    SDLC or Application Lifecycle Management (ALM) workflow: Development testing should seamlessly snap into the organization's existing software development process, connecting development testing to requirements, creating a common platform for information sharing, serving as a 'gate' for better collaboration between Development and QA, and providing release management with development-focused code quality and security KPIs to gain more confidence in release readiness. Creating visibility and traceability into development provides better visibility across the process and up to the business, and ultimately increases the strategic importance of development to the business.

  • Extensibility

    Most organizations deploy multiple code analysis tools to broaden testing coverage across a wider variety of languages, protocols, and standards. A development testing solution should serve as an open platform to let organizations integrate best of breed analysis engines into a common defect management workflow.

  • Enterprise Scalability

    To maximize adoption across teams of varying size and project complexity, a development testing solution should easily scale to test the largest codebases, expand to multiple teams across geographic locations, and provide centralized measurement of development teams and projects in a consistent manner.

Why Coverity

Coverity 5.5 is the industry's first developer friendly and enterprise ready development testing platform, empowering development organizations to adopt development testing as a seamless part of the development process.

Read More

  • We are embedded into the development process of over 1,100 companies—we understand how developers work
  • We have 100,000s of developers that have adopted Coverity as part of their daily workflow
  • We are the testing gate for over 11 billion products shipped in the market today, from mobile to medical devices
  • We were the industry pioneers in making static analysis commercially viable—from the Stanford Research Lab to 11 patents later

Connect