Quality is the most crucial part of any back-end system.
We consider quality from the developer’s point of view. Therefore, for effective quality assurance process, we apply the best tools and technologies, and also our own developments. Automatization, Agile, DevOps, CI — everything to assure the client’s trust in the functionality, safety, and reliability of its system.
Software Quality – is a software level which has the required combination of properties, approved in the project documentation.
Quality Control – QC is a set of actions performed on a product during the development process, to obtain data about its current state in the sections: «product readiness for release,» «compliance with fixed requirements,» «compliance with the declared level of product quality.»
ISO 9000 determines quality control (QC) as part of quality direction, centered on meeting the specifications for estimating the number of errors (if any) in the product. Quality control is aimed at evaluating the developed product (draft document, development system, etc.) and an indicator of compliance with customer needs. It guarantees that the deployed products pass tests for QC and determines how well it is designed and created. Its intention is to search for faults and implement their correction. Thus, testing is an integral part of quality control.
ISO 9000 defines quality assurance (QA) of software as part of a quality process, oriented on creating the confidence that the requirements for eliminating errors will be met.
The aim of QA is to guarantee that product will meet the desired expectations of quality. It includes processes/activities aimed at ensuring the quality of product development at each of its stages.
These actions, as a rule, precede the development of the product and continue as long as the process is in a state of development. The QA itself is responsible for developing and implementing processes and standards to enhance the development life cycle, and to assure that these processes are performed.
The focus of QA is a prevention of defects at all stages of its implementation and its continuous improvement. While QA is an active function, QC is, by contrast, passive. Examples of quality assurance activities include the setting of standards and processes, quality control, and selection of tools.
SDK.finance QA team performs such functions as:
Implementing an organizational policy on quality, existing standards, and procedures
Assistance with quality assurance training and project QC plans
Verification of the project procedures’ conformity to quality plans
Constant inspections of project products and procedures, as well as regular assessments for top management
Escalation of the situation when there are deviations from the guidelines or standards
Software Testing – is one of the QC techniques that includes the duties of Test Management, Test Execution, Test Analysis, and Test Design.
SDK.finance regularly conducts testing of software.
We use the following test types:
- Functional testing
- Automation Test
- Load testing
- Optimizing Performance
- Integration testing
- UI Testing
- Security testing
- Mobile testing
- Localization testing
Creating dedicated testing centers
The metrics obtained with their help characterize different parameters: program speed, consumed resources (RAM, processor load, etc.), compliance with coding standards, number of issues per line of code, and much more. Test all required parameters.
SDK.finance adheres to these software quality criteria during the development process:
Compliance of the software product with the requirements of the project documentation. Testing to see if all the declared functions are handled correctly
System stability. Stability is defined as the ability of the product to function correctly under long-term use with the expected load volume
Productivity. The productivity of a software product should be understood as the speed of execution of the basic functional operations of the product
Supported Platforms (configuration). Basic functional tests are performed on all supported platforms
It’s worth mentioning that software QC is carried out at all stages of the Project life cycle. This ensures the maximum quality of the developed code and, as a result, the final software product.
All testing procedures are based on quality assurance policy. A high-quality QA team is testing all system processes. We use an Arquillian platform to test the functions of the project at the stage of its project deploy. For passive code analysis, we use UpSource and FindBugs from IntelliJ Idea. The SonarQube and Lapse+ tools are used for active code analysis. These tools are recommended by OWASP community.
Automated testing code coverage of SDK.finance solution is 60%. All operations are stable and executed;
- Integration tests;
- Functional tests;
- Security tests. At SDK.finance Open Web Application Security Project (“OWASP”) recommendation for source code security practice is implemented:
- Source code security and quality control on the fly SonarQube, UpSource, Lapse+. (read more about security here)
- External penetration tests with OWASP ZAP
- Application Firewalls (depends on Environment)
- VPN for cross-servers communications
- Strong SSL – for data encryption of network sessions for public services
- Arquillian and JUnit tests – for source code quality verification
- Database encryption mechanism
Read more about SDK.finance Technolgy here.